last executing test programs: 1m36.388483153s ago: executing program 0 (id=1355): unshare$auto(0x40000080) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000001c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8`Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\x99_\xf88\x84[\xde\x1e\xea\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959\xe0\x87\xfc\r-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\xc1h\xc8Zs5\x9ee\xdcD\xa7\xeb\xdcI0\x86f$\xa7\xd2\xb9ZGz\xf7\x17/\xe3$\xcc\xea\xcd\xd0', 0x100000a3db) (async, rerun: 64) listen$auto(0x3, 0x81) (rerun: 64) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0x8000) (async) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) (async) madvise$auto(0x0, 0x2003f2, 0x15) (async) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000040)="257f5ddb6b97ecc2364e5b0ae4ae6d4ef00f268761b86c52bc490c0c3d518b2168c3db4c1e6e460bf0dd4f02a4b7fb46e354a9dc8a404ce4d49e082a68597d39d3ec6424d12149ed59325025fc6dceb517e779a84e31968324bf5b6986680f51e04e38881514f0b5665f8f3cb6cc784cca18fda3af358f989b8563208173f12e18ae996ae598eb1bb35832717bb416a0b289d89f8c4d1610f1cacec779f472fc0268d977975bcc62c72152f4", 0xac) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/dfscache\x00', 0x101000, 0x0) pread64$auto(r1, 0x0, 0x8, 0x75e8) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto(r2, 0x80045430, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r3) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x1c9180, 0x0) r4 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) ioctl$auto_RTC_SET_TIME(r4, 0x4024700a, &(0x7f0000000180)={0x19, 0x7, 0x8, 0x4, 0x5, 0xfd, 0x1ff, 0xfffffffc, 0x77d}) (async) write$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffffff, 0x0, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) write$auto(r5, &(0x7f0000000100)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x0e\xfa{\x15\x1d\x11\x85o\xf1g\xb7\xb3\xdd\\\xfdG\xa9\x16R\xa4\xe9\xd1\xf4S\x94\xe1\x9c\x88\x1b\xe6.\x11\xa3\xe1\xddi\xb66\xaa\xa3\xc7iB\xc84\x11\xac\xfd\x1a*\xd4a\xfe\x05\x96\x0ec\x12\xea\xd5K\xea\xda\xa3\xfa\xc3\xedr\x17\xa5\x1c\x88{v\xb8\bj\x84\xd8g\x05r\xe7n\x7f^\x9d\xc7V\x92\xb9Z.Uc*K', 0x81) (async) futex$auto(&(0x7f0000000080)=0x1, 0x6, 0x1, 0x0, 0x0, 0xfffffffa) (async, rerun: 32) write$auto(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x2) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) 1m35.455838893s ago: executing program 0 (id=1360): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20020, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000004c0)={{@raw=0x5, 0xffffff7d, 0xa, 0xfffffffc, "50ddcc2d0a7b79ca0e62e667b5000000000000000000000000000000000100ffffffffffffffe700", @raw=0x3}, 0x1, @integer64=@value=[0x1, 0x9, 0x6b92, 0x6, 0xfffffffffffffffe, 0x7fffffff, 0x1, 0x5, 0xc, 0xffffffffffffff30, 0x6, 0x2000000002, 0x8, 0x7c1, 0x8000, 0x8, 0x2, 0x2, 0xca1, 0xfffffffffffffffc, 0xffffffff00000001, 0x2, 0xffff, 0x6, 0x6, 0xc, 0x4, 0x93, 0xaa, 0x4, 0x2, 0x9, 0x7, 0x8003, 0x749, 0x3, 0x4, 0x7, 0x1, 0x3, 0x9186, 0x1000000003, 0x1, 0x1, 0x8, 0x6, 0xfffffffffffffffc, 0x3, 0x4, 0x7fff, 0xc5ec, 0x1, 0xaa7, 0x0, 0xfffffffffffff41f, 0x6, 0x8000000e36c, 0x22e, 0x9, 0x10000000, 0xaca7, 0xf3c, 0x9660, 0x9], "bee8fd3b16a97731269aff7312ae1a01006266a3bde1f332e1078696becfd044280e7fb7719d4362b09d9f6cb070bad3af7185ae1e691c585914c0b11dd65468fb68dfc32254d8ed55c8d806a2ef4bba7bc65cd90676ce6dec79ff2f44034ad55049ff128dd27f04ac14d8dbaffacc77596ca0dffa00"}) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) timer_create$auto(0x9, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x81, 0x0) ioctl$auto_USB_RAW_IOCTL_VBUS_DRAW(r1, 0x4004550a, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) socket(0x29, 0x5, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/kcm\x00', 0x480, 0x0) fanotify_init$auto(0x8, 0x80) socket(0x29, 0x5, 0x0) pread64$auto(r2, 0x0, 0xa87, 0x200009) r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0) ioctl$auto_BLKPG2(r3, 0x1269, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0\x00', 0x200, 0x0) 1m34.790896126s ago: executing program 0 (id=1362): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x2) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/034/001\x00', 0x201, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x6, 0xffffefff) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f00000001c0)="ec2fdacad620") socket(0xa, 0x2, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x161401, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/nr_anon\x00', 0x0, 0x0) socket(0x2b, 0x1, 0x0) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000240), 0x3a5301, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4004, 0x8, 0x7, 0x0) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@llc={0x1a, 0x0, 0xfa, 0x2, 0x1, 0xfd, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x8) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getsockopt$auto(r2, 0x84, 0x6, 0x0, &(0x7f0000000000)=0x9000c) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TCFLSH2(r1, 0xc0384707, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 1m34.394891587s ago: executing program 0 (id=1364): ioctl$auto(0xffffffffffffffff, 0x4b3d, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_START_POLL(r0, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x70, r1, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x4}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x6}, @NFC_ATTR_LLC_SDP={0x49, 0x13, 0x0, 0x1, [@typed={0x8, 0x70, 0x0, 0x0, @fd}, @generic="559f08416f5515baeb1e04a46e1c492f948549ddee31150dadbd26d4d7c41af925dcc58c2b47f8dad40f565d88897826704e9243ef9793877c726e0d4b"]}]}, 0x70}, 0x1, 0x0, 0x0, 0x880}, 0x8004) sysfs$auto(0x2, 0x100000000000027, 0x0) fsopen$auto(0x0, 0x1) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x0, 0x8, 0xa, 0x3, 0x81, 0xffffffff, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x80000001, 0xb0, 0x9, 0x20000800001, 0xffffffff, 0x5, 0x7, 0x6, 0x7, 0x0, 0xffffffee, 0x2a17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x6]}, 0x8, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0xc090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0xffffffff, 0x0) ioctl$auto(0x3, 0x5411, 0x10000000000402) 1m33.76963857s ago: executing program 0 (id=1369): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) close_range$auto(0x2, r0, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk\x00', 0xda25b84c77eeb07c, 0x0) fanotify_init$auto(0x65, 0x2) socket(0x22, 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth1_macvtap/ioam6_id_wide\x00', 0x169002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 1m32.808463582s ago: executing program 0 (id=1374): ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000140)={"57f475c61457e99f769f5235b668e09caf9941b9b26b2fb80cf70643d6ff9594", 0x3ff, 0x23, 0xc12d, 0xd5e9, 0x401}) r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) lsm_get_self_attr$auto(0x3, &(0x7f00000001c0)={0x9, 0x3, 0x7, 0x58, "da24d50bd46d6f28a01ccf4792c437411f0eb1cbc02f4d238b188bca0ff3f41475db13e6ee21f688abcfd72e77a6b569d6741ced92551c1f5f5de84faa8b3504570b4c74abfdd8feb3dd30adbdd4c0ddb347bc51984e71fa"}, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x6, 0x240) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10000, 0x0, 0x9, 0x0, 0x1000, 0xb}, 0x800008}, 0x5, 0x20000000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop7\x00', 0x14fa02, 0x0) sendfile$auto(r0, r2, 0x0, 0x6003) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000000)=ANY=[], 0x14}}, 0x40000) fcntl$auto(0x3, 0x4, 0xa553) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x80000e9e, 0xffffffffffff7adc, 0xd, 0xfffffffffffffffb, 0x1b8, 0x2c2, 0x800002017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x24, 0x100000005]}, 0x0, 0x0) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) setsockopt$auto(r0, 0x0, 0x60, 0x0, 0x6f7250c4) r5 = socket(0x10, 0x2, 0x0) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120079ed7afb0577d813a9ef9b57e0101b277c8b93c7599a3ef33fec310e7a429d2561acca140020c065506d65c5f037f5a4a21739a260fbf4dc9e15fa7e40def81cb2fcfa92ed70344e299ddcf91f2bdf16ace9757d3b805621798d324878d60972c54f0d5f33c8562d578df52a2ccfe6e62fb4d67403583c0c2a82bd10ab23fa7b6bc899abfd5085bc049c"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="e73625bd6000fddbdf250b000010abb17920d5616c885ebd38c16978b4b65bf706e9cc9745eef68bd1f108f56f922e51c1ea66d85b99"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0) 1m31.931421213s ago: executing program 32 (id=1374): ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000140)={"57f475c61457e99f769f5235b668e09caf9941b9b26b2fb80cf70643d6ff9594", 0x3ff, 0x23, 0xc12d, 0xd5e9, 0x401}) r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) lsm_get_self_attr$auto(0x3, &(0x7f00000001c0)={0x9, 0x3, 0x7, 0x58, "da24d50bd46d6f28a01ccf4792c437411f0eb1cbc02f4d238b188bca0ff3f41475db13e6ee21f688abcfd72e77a6b569d6741ced92551c1f5f5de84faa8b3504570b4c74abfdd8feb3dd30adbdd4c0ddb347bc51984e71fa"}, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x6, 0x240) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10000, 0x0, 0x9, 0x0, 0x1000, 0xb}, 0x800008}, 0x5, 0x20000000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop7\x00', 0x14fa02, 0x0) sendfile$auto(r0, r2, 0x0, 0x6003) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000000)=ANY=[], 0x14}}, 0x40000) fcntl$auto(0x3, 0x4, 0xa553) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x80000e9e, 0xffffffffffff7adc, 0xd, 0xfffffffffffffffb, 0x1b8, 0x2c2, 0x800002017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x24, 0x100000005]}, 0x0, 0x0) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) setsockopt$auto(r0, 0x0, 0x60, 0x0, 0x6f7250c4) r5 = socket(0x10, 0x2, 0x0) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120079ed7afb0577d813a9ef9b57e0101b277c8b93c7599a3ef33fec310e7a429d2561acca140020c065506d65c5f037f5a4a21739a260fbf4dc9e15fa7e40def81cb2fcfa92ed70344e299ddcf91f2bdf16ace9757d3b805621798d324878d60972c54f0d5f33c8562d578df52a2ccfe6e62fb4d67403583c0c2a82bd10ab23fa7b6bc899abfd5085bc049c"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="e73625bd6000fddbdf250b000010abb17920d5616c885ebd38c16978b4b65bf706e9cc9745eef68bd1f108f56f922e51c1ea66d85b99"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0) 10.697854897s ago: executing program 3 (id=1555): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timer_create$auto_CLOCK_REALTIME(0x0, 0x0, &(0x7f0000001580)=0xffffffff) 7.880626941s ago: executing program 3 (id=1560): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timer_create$auto_CLOCK_REALTIME(0x20000000000000, 0x0, 0x0) 5.936744655s ago: executing program 1 (id=1567): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x10000000008000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000) r1 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_IOCTL_GET_NUM_DEVICES(r1, 0x40046104, &(0x7f0000000080)=0x207f) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_RESERVE_MEM(r2, 0x1, 0x49, &(0x7f0000000100)='eth\xff\n\xf8\xb7\xa9N~\xab\x1d70\xfctK\xbd]\x8e\x8f@\xa6+', 0x200062b) r3 = socket(0x11, 0x80003, 0x300) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000001c0)='/\x00', &(0x7f0000000400)={0x0, 0x10}, 0x0, 0x1001) setsockopt$auto(r3, 0x107, 0x12, 0x0, 0x4) r4 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r4, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={&(0x7f0000000200)='L', 0x101}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x7, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptybc\x00', 0x80380, 0x0) ioctl$auto_TIOCVHANGUP2(r5, 0x5437, 0x0) read$auto(r0, 0x0, 0x80000000) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x88800, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, 0x0, 0x341, 0x0) truncate$auto(0x0, 0x6) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) 5.44779333s ago: executing program 3 (id=1569): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timer_create$auto_CLOCK_REALTIME(0x0, 0x0, &(0x7f0000001580)=0xffffffff) 5.042702429s ago: executing program 4 (id=1572): socket(0x11, 0xa, 0x300) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000500)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) rt_tgsigqueueinfo$auto(r0, r1, 0x8, &(0x7f0000000080)={@_si_pad}) lstat$auto(0x0, &(0x7f0000000180)={0x6, 0x43, 0x8, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0xd7, 0x7, 0x8004, 0x5, 0x5, 0x7, 0x4, 0x61, 0x103}) r2 = socket$nl_generic(0x10, 0x3, 0x10) semtimedop$auto(0x1, &(0x7f0000000100)={0x0, 0x100, 0xfff3}, 0x5, &(0x7f0000000140)={0x0, 0x3}) ioctl$sock_SIOCGIFINDEX(r2, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 4.501443134s ago: executing program 1 (id=1573): r0 = timerfd_create$auto(0xfffff001, 0x400) mmap$auto(0x7ff, 0x2020009, 0xffffffffffffffff, 0x15, r0, 0x7ffc) r1 = socket(0x9, 0xa, 0x5) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f00000000c0), r1) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="130036bd7000fbdbdf250200000008000300", @ANYRES32=r4, @ANYBLOB='\b\x00a'], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) setsockopt$auto(r1, 0x6, 0x20, 0x0, 0x21) 4.310219355s ago: executing program 4 (id=1574): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d}) ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x4e0f42, 0x0) mmap$auto(0x5, 0xc, 0x4, 0x200000eb0, 0x401, 0x505cf82a) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = open(&(0x7f00000001c0)=':,\x00', 0x595002, 0x408) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r2 = socket(0x10, 0x2, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000000)="c80d1b5d399b71", 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x401, 0x0, 0x0, 0x8}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x5, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r3 = open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) copy_file_range$auto(r3, 0x0, r3, &(0x7f0000000080)=0xeb2f, 0xfffffffffffffffe, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'team_slave_1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r6], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) syz_genetlink_get_family_id$auto_tipcv2(0x0, r2) write$auto(r1, 0x0, 0xfffffdf1) 3.946253119s ago: executing program 1 (id=1576): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) r0 = socket(0x2, 0x2, 0x1) connect$auto(r0, 0x0, 0x55) r1 = pidfd_open$auto(0x0, 0xbf) bpf$auto(0xfffff001, &(0x7f0000000000)=@bpf_attr_3={0xa332, 0x2, 0x7, 0x3, 0xfffffbff, 0x2, 0x1, 0x4, 0x7, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x8, 0x81, 0xb03, 0x40000000000, 0x3ff, 0x7, @attach_prog_fd, 0x2, 0x630, 0x57d, 0x9, 0x8, 0xffffffffffffffff, r1}, 0xa3) r2 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r2, &(0x7f0000000180)={{&(0x7f0000000040), 0xc8b, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x8000005}, 0x3b8b, 0xa) 3.819209977s ago: executing program 2 (id=1577): r0 = openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x40040, 0x0) read$auto_rfcomm_sock_debugfs_fops_(r0, &(0x7f0000000040)=""/117, 0x75) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) kcmp$auto(0x1, 0x1, 0x0, 0x100000004, 0x100000001) read$auto_rng_chrdev_ops_core(r1, &(0x7f0000000040)=""/4096, 0xfffffe82) 3.532755593s ago: executing program 1 (id=1578): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timer_create$auto_CLOCK_REALTIME(0x200000000000000, 0x0, 0x0) 3.305765943s ago: executing program 3 (id=1579): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d6) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, &(0x7f0000004440)) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = io_uring_setup$auto(0x800, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x16e) setsockopt$auto(r1, 0x40005, 0x3e, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @multicast2}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a7, 0x7fffffc) r2 = open(0x0, 0x20000, 0x1f8) mmap$auto(0x0, 0x3, 0x4000000000df, 0x537, 0x401, 0x80008000) move_pages$auto(0x0, 0x1001, 0x0, 0x0, 0x0, 0x0) r3 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(0xffffffffffffffff, 0x3, r3) rseq$auto(&(0x7f0000000040)={0xe, 0x401, 0x5, 0x6, 0xffffffff, 0xfffffff8, "e9c319b0e46ba24c919df8cfc5057879da75fe88f56ea8ac762dfc9e255de2875a2e8fd5851384bef0d029a9f723cf3ba03c120339c0646acb55793558cef1f60ec80e264b49d3f8f7e9588b6e98cd036729d188f4ed"}, 0x8000, 0x0, 0x6) execveat$auto(r2, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x11000) close_range$auto(0x2, r3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x84) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r4, 0xc0305710, &(0x7f00000000c0)={0x1, 0xaa, 0x1, 0x1, 0x5, "e7227115127a1e8f00"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) 3.19516643s ago: executing program 2 (id=1580): r0 = inotify_init1$auto(0x8) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xa8, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x2}, @NL80211_ATTR_FRAME_MATCH={0x8c, 0x5b, "d64e17296d74762dbc22ee4a5623e8c7a455624971c708452aef584507650fe6f8533c336403044bfdb64f8e890f5979cc2b786a3752e2caa985b7a257ceaee7fb79f0053d6d50c0e8a8788b3ec8388fc6cf2c74a855e65a5f55658008adef0d9b020fa0a987a5e52979b62f6cc6fe9b5df79c1ac8fae9147e6c2c58a075f49942d4dc380778dd98"}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4044}, 0x4008001) (async) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000001c0), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000e00)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000200)={0xba0, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@HWSIM_ATTR_FREQ={0x8, 0x13, 0x7f}, @HWSIM_ATTR_ADDR_RECEIVER={0xe0, 0x1, "df719072900c1ca109fb16aeaacc2a00aea86f38ff64c3db3c01cf204ddc02b07d152b19df5338d4ed96f7b02787f3b86141aadb312df3873d0208e6e52d722944215f4532427b70e8943dffd9d375fd5f663888b6e9044e1c14dd18802d8692c0c6bb2b7ee4f732b0b5e28b9e2dd8a59374a0a9e9545104e4f1f655e3deb492ff8efb1098419214b22711485bb90a13c12df8125b347e64ca44919af0a0f37202965751ef0e939b2b03506d2fdf5e7e6ec6434e04526af9b12769b3ea2fbf1d9a1abb998eb173a5bd06db289bfbb567b8ff37a848fb6d056c8c020a"}, @HWSIM_ATTR_FRAME={0x881, 0x3, "5809034d8d741a85037b4e0e8802f4c2fd23b01a1f7ba5408450ee22aff124cca2129a159699514d0689f048a6391fa618b2ec0667f571ebf075d35717ce9b67b2a4b8d257135bdf2a243681afc2c762c3e4a582952ad4433235d830947c0688be13569d6f22ac0122096856ddfc3ddb5b3fcb437ee80279721625ad72750ef494a17c0b307839a5ca5208ed59f452e4b8d4e08fc7999ebdebc48c8a607be18cca175dcb7ec006df40ab06c77b3654f044826049d73ea17f574fc1c9f10c156a2c765f39ca628193202400fa6c3f2e0fc28841f15d45b0baf3c5fd8d4579e8b7498b72a32ae15a9ff4f1b2684fe469472f41e397ce04136b5b3048eac203bb0fd852cfa0532ee5433176cb162e799d4ea02003ec620be146dda3f042a8cad6d0fb049c8eb3a11af75fce7b4180f58fd2899da3b7c3a721142b5ac81b1257f6f7d98e521e634b507e59a8034b3e07f738cf273ee32352f65cfad8f48f698d291aedee88dfe670106457bf5a1ccad1fd9e5b8738b710f6e87546d85944364f8db06b685b6d4d79ffb1233e41255b1ae446f4f9655847324859f3a755b96b6e1f6cc30c0db57c5d914ee473b744eca225bdbef70ae50881c8edc46e1d2f0b9c96992386fdd1326c7ba1582bc5be2858459e20157bad55de4099134eaa93ba33fa598da68074a213283b59209da320ba1a92a09ddc76871bd7af83d3a54467dddf79df70d3f749f5165bc7153b5cacf0fbcd6a0dd0346b97bf7f34d2693d18c5d0ee3daeb49f17655c4e76bd016fb16f0e24d54e6f9540da0bcde18e8e99db9bb029603a104875c9834ab0260f30d3128f9e40d4fc578aef4d5a84713b1ff1f08d5041d374cb573ed8fad848e77c925e50263e9e08a75b8cb094b446e1090eef9d9fb1f59ccf506243effe3720007e56f5a562586ec262bf65f026f69658f4f78196ebaccbbd6ba211737e2928047b32d0e251698fa3df51a1c384bda34cc0f22ae4d115957a08b583ebf62cc5fb2c4978f2d8eeca7bba34e5eeb77ed83733364cd93f9d20ab268f830aeb1c3c04870d17b32d6d36470d40d014ffe5abfe1f0247e4a9fe685b368efb175b899a217bbbce24fb40baab36eb756eab88de2c68c15a2844c9469b97ed2ae0a435ccd67c46d493777f9f12e4c8205014744b47e89a2657b047f19a769a7affbe94f6dd7e45e2df6b43d1de4d8835df7bf910d2338f2167f010754f866f327fd04f8769988f3e2d7145c0d7d63884b69dc98b8f47692e4b2bda2dbb4975831063308762ff9ec1273d54ad5f7772766e49c7523257744ecf33b576d10db23ebe992942d460ec3051bd298fef0f62ff0b4c72b99191a54dbed0d9487613f0b6f882deda6e1ebe91856c0acca570f02acac35071fb4ab9f9e35a345b17f5b9e5092cf8a43451177d40d2a5f568de6ee976b141d6a772a679dbc03b22b3a49f8fb587b72998a045bf05dcb4e470dcff7cc08579b9a6bd1254f2abf811ec18b18dce9a70460684ad5f7b3dc0779c79d7863e2e4fc8860a77a06139f7f341250c037970b2176b01032cc6f48cbe79b64e49fdd263d95ebb5ebec24f3f3a1bd464e4fcf4b655bdc22f5d8b74c045e1e745ef67513a8da02e697e7cdb26e4d83d3387fa749f383dfe558d04999a706d965542659ff1ca63fdafc721614e9d2229fbbd279559f82644e6128ea4300c01c05b0dc22fd44934c5ee3c712432f4e62de85cd75433ef4befe2cb8b5cd981a302c4856b3e64e8e85dbc5d427b09d91d08b4e02901e451ef52405e5b3bc8f7bed75aaa0cffc251982cd3ae68ec9e62610befe267a0d94552d94389ca444fde0204456213722a04ea8aca29901a712eec2560ea73ed4b74e5ef35042de07673cc20fea0444c73a7793dd1879f185e6b9d2bfde2725a6a534f93222bcecf703e0181f620035f1cb1366e49e7d5c45ce7f408b165a4866d8555198a82ba0209ea700749d28f84d3e3bd7e1d58a155bb5bddce1125939c1d1109e703fdf5fb7b39c8a05d839c6ebfe621d724ac3d4c8b34e607105400fa96cf49a9e08e3265332cebaa5eda3820a62b2cb5664e029f197f9270f3dade11b73ee2c3041baeb7e50acb1fb29ffaa1e0c336b41e2df6668995cb1986d4e89cc6c7e7871ee39a97286951907e2329f15316a863a00f9210b29a0470151943364297b2845c246c927c8e72c40afb2ed95a6bd7f727015aa48dc6f2f2bb3ee5f24d9822a81c50969be7179fdd502aadc35e46bf9ee8195e613b8e69860607cc3df1a7f991ba1159450ec6490c147493b33111c6f60dfdeb09f223e3a010aba7bb89b4517b2d4ec389a8ccc3f38472eb1d3f1343676e7c2eb214f5032294186d00cbda686bde989661cd57d5b4545053e264a41b81876436edefbc5ed5a3d7f44e862be82403eba0ca0a04ea34510d2764d3f48aa768a2de71a04f014f8e5acfef7563ed5b12f1c3c3e4fb66d8605b2c189e576d4c4180f7d49bbd47ffa7ad1399da1dc28b4223c790d6f72b205beb74d9662ac5974e4045e8354a924c4da6b882e9795b8f752eb3c21db35b607ed749177f765da0c1ce499e8662bc5a21e25062c8a65ab9c2b25e332631c8b678267d49da36f5de055ecc9f74051f53bd7a2b91154e9800fd44552758f965c33012078f8f8ad4cc4023fef8a76fd139ee7b156cf883eb097fd8413be7f5282902241ed2bf733e1ca5be6935b895f224ddf76036922502796b9b5da426e01601c2d965e0a8451739f27eb1f4cd6a82d396c7abbd36b4383dac5534a62cf03e55f6a73610ffbc99310cd9b0fdb1ff0c9c9af69495ea280e152a22a5e85c11564b221edfa2d233e20bb4b4477e1fc1c978fef3f74a2aa83f7049367c720d645da482441cd280fbf5e737807053c5bcff3c755ce50aa8b0d3a52681a5781520f5f02686c65fad152fc1de78cdcd42b0244e3a5ce90056613961bc70852ea852826ef91b843025ff5b79e7b918e8c9f24a4f8b60c24311c2bd14c2a0f6f408c6959e76e76b7ea8bdb1390f8f5508c25d6a7add73484927410f30f1acb67a871a34dc351c5570d7cf7a12"}, @HWSIM_ATTR_REG_HINT_ALPHA2={0x5, 0xb, '&'}, @HWSIM_ATTR_RADIO_NAME={0x8, 0x11, '\'\\@/'}, @HWSIM_ATTR_CIPHER_SUPPORT={0x96, 0x18, "cafd98328f661c098f165688a1d6d24b4cc3bfbb177797472a7adccffcab453b975e26ca0f904f009e62bfc45138c680d06358c975f2910e8613d3a82d8f7c9158d5b9de6034eb63901eab7d3b9fc1a34a1514d5f4761ec952d65cee462ac6d580246b2f6c39017c7792a2fd6820f9d2d84b7a58aff150499dc1b9fe33573b4704f346c81770844af5753cc39b7142b3a13b"}, @HWSIM_ATTR_PERM_ADDR={0xae, 0x16, "66758858c3ae7ae2b34420ebf0512a1b0db45e4ee88a9e9caf4aeedff512a63aff39296ed6590c5407892b3f9b12e3442f6a55f8044d2767c35273bb1dbde851268bc8c084e2d0ff3a4b3cdd437555be857f1d1632893dc5690da300ca906009e431f1a260c021b939dbce566bab30bc791dd00d1652c12fe8f256929753972f101fa6e15c6e17f64a456b2f8c5165125d97735fba062b1d7cd2461cf23893741f702133036edd85e905"}, @HWSIM_ATTR_CIPHER_SUPPORT={0x8d, 0x18, "6ebda6f9aba6fb18eefcfc9af561f6c4c970c6f09474913f543ee37f58c70de574100d102683d61c0927505c6ec12fa8b387925f96992dd283d5fc7a654b8c46dd32abe20d48815deded50571f6293a32a984870a5a625f6fb205a7492228778a1b09f319733f7b15f2652854994d46e38df345943d0c21f0c020fabde318802200ae2d9417b7f8dfa"}, @HWSIM_ATTR_SIGNAL={0x8, 0x6, 0x8}, @HWSIM_ATTR_ADDR_RECEIVER={0x30, 0x1, "a035909523e06cf8443a26e129f9e69e408469f48f60b26f7043b5a51d72ab70f7dd51d6954a191bc0cc2842"}]}, 0xba0}}, 0x820) (async) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT642(r0, 0xc0984124, &(0x7f0000000e40)={0xfffffff7, "acc4cc86", 0x7, 0x80000001, 0x0, 0x6, 0x3, 0xd724, 0x9, 0x3, 0x9, 0x9, 0x9, 0x0, 0xfffffffffffffffb, 0x7, 0x80000000, 0x8, 0x3, "0b734ce4975d19fe36db9f716df65a135ab1dbd9"}) (async) ioctl$auto_BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000000f00)={@raw=0x1, "10664a6f0c0ff64feab0ebd94ffd9fe55b5e0877d6cb55bfbe4a114b01dadd9d7a3ca39b6a875abf9d2f7b25c4da0915307dc384804048b6bdbad62fde4851b4db6a79cddbe8593eac64165fbac37fa5d874c95185a555e4e08ace7c25a1038da710481f41cc31cba8f0541bfaf596180e6bc98a4bdb6e7fa8cf4e51827df1cadce7b725a4f8abd171e66356963f1accc9c18c9a0fe9a20ffbb9280b0185e3a1cc18927b123e4c9eb064e085ad7c2d3bc4711715f5ad91bd1f90bb6179153b514b7ec620b86b1ac7df98417ba6800155d6de5e0a236f43864c5c026ccfd3b19a10e78a3b41c14ce4998031e13d2da64f5275e2030452c95b0b3d7fc8d001ab867f6da1c8d62f41c01182ce8f9488c5aaf8a2a69eaef08f4e17f89660e95c0ec669317a129e2627c480eef3c4d394397337a80f26716601bf0a2975595870bc165db2dbb071d1976718515d00c827b8f75a016175ed365ceb6134dcb70f59f417d9cf262877d82a9e79b5f9065b5afb475d6a2f5521517710fd31f37425dcced8948ef9c30aea28a40ae13859df9ae81a900887edb6391b8b3d692b9e7d786913b268021103037802c26a296bc1a6a3554d3d0f70cde9d496b7cc24acadef318daf4733c744d9427dc741a8e45a3fa4faa1add04b116c1f17d910a3b9d5ed68f1e336a20bcfeff5a7f0d2df6a393e178b6721ec258715e251ba39fcbc6d1830f6ad2e8fc23e56c6295af39ac4f60bfa681db832b75005bb42d27c08a8af8df08d12b880a9b2a8eb853e2630f6b2c865ca3228a0f5439086148243bbfe371f78d1d151a6450110d86eb5643cd00b33492e9f378b0e573d812271df751ed6ddabc85ea5716e84e486479c4d0d2bb5af3f4f75e247fcf3cd97e9e98a01fbe139f7758401059add7c10153f7857b84e2ff1ff5558127a0453a0e65ee11117a1314ec4850ad663d50f78c8f054c8e562fd1e42887cb987b658e8598d90e64f0cc4344a66965c513cfeb57d870be71ea144083ff979d17fa3b358ea4c16932a624b0a80e158d27444bc3e90fd3d673af8efba32b26fd1b1f471fff06018dee0f01ddfe4a4fa9dff63d4b492b59abea9399a54f567c544846fd014e5ba165413da325c45e7e3d9ea236acd9bdb14f8af29b1e3c76b70c3a418f62f37e24193ffca636375b1bc64e1b790741f95b424f92bde6fcb47b454aa97cb6ce4ac352d0dd1b6b9c99b4100623e99fe93a5406f09a79c88a36a0443205e14329d3f32adf687c375a881f0f4e5221a9218d7dc4fd48f1bac2e1d93277601de3c1b3eb4d1af290b454fb13008844b9cbab937bbe2d93e5a28a9c5e67fc49931fbd9fccd0bd83e5614f711aea43160e1f7610f879742a9070c92b596eb7ea2b40eb2ae7b800dfb701c9ccdf23ddc6acc5863cc856f73c44a659a89694588ad5f487bfa29dbe4b362036c9ab480d4b46d74c25b8a839f8793722d21b36a6ae8386b6c5fd9466c986b28043c9b8c895db24edb2762faae537f2cfdf2b72fea574282a6ac7ecdcd9d92a2c6fe0d7b92930e9d1f0ac1abcc3de1efcb979de1ecf799e12e59917191125cd41cfad77693005df5c6d746fa2418cb1ed681cef95068fadbd10faee81f9798299a5cebaef6c84a9971c46f285fbfed8da8d121e63875a92f145b93db86f408ed7e7fc4d92987da4df27f7b85dce27239e5873c3f60c2ccbf2c98addab8b7e923874e375504a81f79972609f9c1887ea58ad958ab97fff7cae0ec1082787ba17d9093bb30c8fab3c94e2b0534cf3dec6f71f4e06c412f0bb2b644de9c11a4130eeba55fcc1b97262839cfc30e3de2d1a48be8543c372d9cc7025341d98f64bcded9c37d05a6699eb5f27747f8e8b0a1ab217d0e1a2f3db69d9bf2ba8c5cfa5e000e56c42b73a795d280e313b9c6bd57c55435cfbf700393fefe37e8a29ce91dc593c5359c45c0ab2c96c8183aab2c66513be23e5ce6641543afdd2c5ad456751006ba5ab91cbb3596b7e5075d12d07a60950b1f8fc7edf8827bb2576ef2c323633f6435039dc8eac9c5c8808d066463d33432d46e71f4f4befa27ad8957929c3bd427889f7df9c15f646c08b68155408d8e8b9257b318dbbdb8c9d4008184fd27267bce3eceb2920fa2bc3be5129328d09a24ba3231a736ce0803fcb45dda823c20a2fd65b8ddeac4ea7226b8db6bcdbcd4d12423654d92002406db9b4d94f6c8b63a8d869c1825fed689ea848397704e936faffca75b7851646ef854f358cc3e7913baea85fb95196a20612d50a760f889779c4dd9d3ef11cda9bff76c28c1c36009b6a474dd78565988bb87292f5c4ae74730a0857e2b178b700f84d316546a8ed66ec8b999b2f06a11d8daae53837303bdea44105e3edb4235b2d5faa572415ea386b123d58b188c3d5e24acd4b2eefbdc4621fa37aa1822573911a0633880cd0ca8686fcfe9bb954121d2a122b173bda320d80777d5926f1255274e1a7edbea793a8920fdb24c8228f134c06e12a5f8486106b477e2a66a3598c2d91a80a6505efde3b90bf5294e8388d997cf1468c35ce15e28859c165d974cdf70c58e540b0b2628cb85c629272eff9c24cb3981a10fe5248693e305ebe60c6300251400e14f9f78f75b24c67c6aa2c792e0c73e335980fb1990ae4b5d48bd72d264b64b9ee843b8e500fc28e190b7fdd93dcd4dacb445edd211a47aa99b624bebe50e350e644cd70923341e8fd269f73475c176e89cf19e0570364ee2259e35d50c5392cac8e95eeba631bebe55ef7893516ac7762e62f6b5b7d4895075dffb0ec99a46b430798ce2a56341e13b92e53e07b574620c688fcd84129998c19cf6281733b72e175c3c943d0e8c77776f68f7c97a14e609090276187f2effd996e3f7e3d2510a2e4bfecf9e41a76feac29f273deeb5d925cd6fd8aec9f050fc0cdf6b330be98f4bfc5f57e9e40183664ece34b0531ce09d62da41a6437ff3fb2f802121f360fc6f4db3d718a385c226cb1ff628f5ae249c81d11f2e2a2cc9791fffa2141ce7e030bf39d9035598be840099de9f208a1dc20ca9057800212fbc2b0591d00584873a3be206f70f7a049320e5e25c34a2a4bd61f4328275988d87275c4f01b33a8aa286779a9a89a16f4452eedc3505dd096615c332dbb7fe687e4d5ba15415cad12dd2d6d42d0d2e120bfd082a6a13818de4d1fe0a0dbdeeb1f1bf66fb9372434bd1d4222880757dab709c4b4aac8a3674185c6d9bd21850c22a4d6a0d6a0ad8b76dbb2cd701300c6b5efe43b8aad2ce2e5150453579b764fea9fc620260bebcc1818e3c3ec2695f3172ceae021da6c88caf2404d72c7b5413d98d9ce8b38b3d961a2682d8f3f3c5a7e430f0ef33c7eca95d76022bb9be0eba5ae9a43977cf460d227f3bdc155779b05252b6cfb67ce044c18fe7be761ab3300a63705e6df42b9644ebd72fcca2274f2e5950d1cb51a7936d5ec175e9fcfa6010f6200bf65c15f14435584f5649f1022f4fb93d163fe6940a9e9f0749e6e6ea2cb725539281a3c64d1ffac32e04988f207b26986fa2c27f161aa4e778a7b6ca7456e9ee39a022e6d9bcda223f2c4cc01ae8f4dbbd0a5adf3d6fd9925fce58a349a571579e3e54fe5e774813cd91d7a5b1a2e0bb783180071a6470e3ac8b80824a590c0c52f087ffa7de32eb99ba989f918e3b69b7d420c82a115bc1515b0121ce69f7c535d4d4e0e9ecb941e5b9f3cb8342846563c771469f1d9d9b5821f39f3ec827d4c285d21af45c45a06c612ef97df910e2282ca86bdb9158e9a605a775bd31bdeada9f0c2c4021e6d1a2779e197fd99821b18ad5c9f91e2c7e724b95237faf7a72c42b4e16e12136d9196fbf212c30ed4900a581b2721555867983136a222ff2cd59fe1f17544478a35de1a46bebc696c5731d9e66d2f72472c44f3355ba250cf79ef329fcbaf9219cf7f3ab4aeb5a394522db45e047cdee5d97d7b9d4e77738f58ef794fc66b40a741b003d9cf63882a75d7b48bb1421a924cbccf955f20c4435d14303add9f1389df0db9d8c7f53847720d37d6bd0a6e940a8876c8a5ef789cfdbfb20f29d4c39db36cf0772be19b3a3506c49ed3c56888c5a357b1d19ed50ee6f3c7fdf01cbf59ecc658c519d8180d2a690b3246b3a92bf58d060d7f5e0fc70a0e4ee2afa18cf1a5206371a446b33db91a32cbb5144f8134cf78b78a61bc24bacef20f0f07bf71f7238f379546f9eae39b0d4ac8de34cef98272a190ad16a641847b3a332aef26addf23365bcd8fea84a3a42e1a73c02eebd1012afce5c2403b99fb3e251aa26f114ec9f62ae0bf6d7494587975b7c6e0a98f254bc410b652fa138cd8a169f1d45a789dae923a0b44f35758c9f9b06bc535a02ea6a541b8b1528014296da0ee5d728635b19d019a5b4d794c21ac87ed9b145a7a512e36841bd1742b95728abc8286cf448877253d246d936db5d6277df98aa8e725017307152e1a46ba764846a561d31da2cc0f9a9c820f0439a4372afa12a4de7d6aaaa8dd2c22d905a029d262b79f16ff165314ab444c1ac183b55d92076542805833b3169af658315a80a86ddcc40c20fba2b8126131e35bf0d8d174f4065d731417c4360340ccbc908d284b950c620a7131ab39290c1b38e348a9799708568f1977ac2d948566783028d0da5665c2a9188667dd68d8e69ac017e28993ca9101e11297dba03985c68b891558879581380ec2e5566d523ea409f6b2697c8baf4fc18166e0e4d558de1e313a91a35fe6dd630eae0ff32c668148dff81a9275cb8163fdd1044a801907d13e91ad0a4f0f1906c1cae64995d230025170860ff26c92ffeaa49613e6d3341126cebfa99e82b68899ad7cecd296080c90ea835231787cc39052f7b0b239e1d8b7b0fa07cc8d9662a2e21aea640996001ebdeceb3e67bcee8ef0026af65b34a6574310ff07dc6e61e36de81d6f953bf6b3197e012485ddcfd0a1af16293fd378b022ce3b4cdb675b2c24eeaf1e73136049b91dc89b09d1688108a54767febada604a5ea9fa79fac5ccb56537c7412b8c8fba15a9cf1d4d1ad4bb22ac5ae7e5928f89d9ad22f23648eafd8b76bd844e94c0580eeafa4721d5257926ead88c61cee92d6038afc20b1d516beb9498f36341de502672a47ad3c3255ee9a9fe6a9b9beb4f09695c6be672136b55a892f99ebf982f4b3c2f9ad329cd24c509d66e739a0425cb0e9da0fedd0b3fa7ed7cb0cce47cebf45fd8453808314afffd00fbf3a8eaee6d1997e3158e6dfb9060fce3e679b642d544722dabdcf6cec39f05f97c10bc9134bc3fb6ded22ba36d95c8ac215c1440ddc9e62cede168f88c02642a1b844d587b412ed751ed5a6d33ae2a52d40a93ba456309ba4612040951017814233d42ac70bcdf9a20348d3c4cf15239727037f251b3ec7ac22e78e3505b9ff89bbc34ed86d9a5f018efc2f71c548fb6e8be64047de00aa6165e0d1100cc336a24cbcd0bed1b4d04c853805e9232f6016faa7862b4689f2edb82b98f00710b01339c22a8a68c355d936a3af2c7b280893aa37e74e2d40a6e5d0919ef0b8f2e698517d4f0a6e0bd67a9a61f138217388a687a5c6d9256addd727033fc147d365acf0e1f1e8f5446b5a836a6414e2c638244d3a10580d2e51957036f7236108a04b5150b635d24539b346da7dd08596145fbcd8142a13718c2b6b986b1b74478fcbd482ac3fa7c4c9cb5778ed5e56e987c26ac6ed0baacb99baae230522df5e80c3b9bcb9db201e0a02ce8f42ee3b50b1e2431fb2f87af148c88a"}) dup2$auto(r0, r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001f00)={'tunl0\x00', 0x0}) r3 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000001f40), 0x100, 0x0) bpf$auto_BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001f80)=@bpf_attr_0={0x4, 0xb, 0x9cb, 0x2, 0x3ff, r0, 0x0, "f56ca6e84dac488252e7d495c35960a2", r2, r0, 0x7, 0x1, 0x5, 0xffffffffffffff9d, r0, r3}, 0x4) msgctl$auto_IPC_INFO(0x10, 0x3, &(0x7f0000002100)={{0xfff, 0x0, 0xee00, 0x8, 0x6, 0xfffffffb, 0x8}, &(0x7f0000002080)=0xe, &(0x7f00000020c0)=0x5c, 0x5, 0x3, 0x8, 0x7, 0x7, 0x9, 0xfff4, 0x6, @raw=0x80, @raw}) (async) shmctl$auto_SHM_UNLOCK(0x2, 0xc, &(0x7f0000002280)={{0x101, 0xee00, 0xee00, 0xfea, 0xacf, 0x5dc, 0x1}, 0x80000000, 0x6d36, 0xffffffffffff9fb4, 0x43, @raw=0x81, @raw=0x5, 0x3, 0x0, &(0x7f0000002180)="b5f31b22ed983348fceab382cabec9ea459075199232838cb416cff18a5e042cd2db", &(0x7f00000021c0)="46c0344c1b45c252561043ba452ec908bbea445cf4604c1c6916284c3c05d527bc5c1a2aca4f58e694b9bd4a5697a3449328f30994ddb376ce458ecd42514840f69205f2c6d95b2ff1c5a87c3ae0dabd58ec4340048c3637a8869bb5b3800ab4678bf6fc6171baedf6bf6d2897b23e14d2f9ee381553bc535cf73fa14e0b0112f3fba54c0237466e48a0cacf56609e"}) stat$auto(&(0x7f0000002040)='./file0\x00', &(0x7f0000002300)={0x4, 0xf, 0x4, 0x8001, r8, r9, 0x0, 0xb92, 0x7, 0x90000, 0x8000000000000001, 0x3, 0xfffffffffffffffc, 0x2, 0xfffffffffffffffe, 0x2, 0x8000000000000001}) (async) r11 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000002400), r4) sendmsg$auto_MACSEC_CMD_UPD_RXSC(r3, &(0x7f0000002580)={&(0x7f00000023c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000002540)={&(0x7f0000002440)={0xf4, r11, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@MACSEC_ATTR_RXSC_CONFIG={0xe0, 0x2, 0x0, 0x1, [@nested={0xcd, 0x6d, 0x0, 0x1, [@generic="524371339aef2c3bbaaa547d33988c10b07bf55ac73c309a452c25c679c07a87a6b48f9caaa216f6ffce1e19bcff4d70b54a9e2d3db4acf3337b640d4a07d198c6f4c2127fc0a237f17a9b271e6e8f3d7dba8072e63e33ebb1c8f2b619245d", @nested={0x4, 0x113}, @nested={0x4, 0x82}, @generic="3ec17d804c8847c84758c81c79ee9041fba482c74b34efc29ce9624053debd45dd70a3cfbe7cee41912c839fe79f1980612439af7b48d8cc33681822f9f84c6b9b5d2da4339680256b5823fd229477f953887bf0859fa9faf5f3729af8cb", @nested={0x4, 0x134}]}, @typed={0xc, 0x87, 0x0, 0x0, @u64=0x2}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x880}, 0x54) (async) r12 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000002600), r4) sendmsg$auto_KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST(r7, &(0x7f00000026c0)={&(0x7f00000025c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002680)={&(0x7f0000002640)={0x14, r12, 0x200, 0x70bd2b, 0x25dfdbfb, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x48090}, 0x4) (async) r13 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002740), r6) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000002800)={&(0x7f0000002700)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000027c0)={&(0x7f0000002780)={0x40, r13, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x10001}, @NFSD_A_SERVER_SCOPE={0x13, 0x4, 'MAC80211_HWSIM\x00'}, @NFSD_A_SERVER_SCOPE={0xe, 0x4, 'SMBD_GENL\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0xc1) (async) r14 = fsopen$auto(&(0x7f0000002840)='\x00', 0x1e) r15 = getsockopt$auto(r14, 0x4, 0x8000, &(0x7f0000002880)='SMBD_GENL\x00', &(0x7f00000028c0)=0x10000) (async) ioctl$auto_tracing_buffers_fops_trace(r4, 0x40, &(0x7f0000002900)="6cca1e454b893145d5db47811ab2d05b9cec286532a10529c4c2368d1209244704a1746094d4863f6aca22c02906945892de109792dcd230e27fcf74e15e8ae8c578e8af4d68cc62860f2502162f9926fc3f6570e2a70f48fa8486b834389375d4af78a0eaa85705f46ea337f7eadde055562ce102d70ba8b4a251bb5bb1bd6c7d7d0ab5eec69e821ba93f9d4d2fb815fe04f6e16078a99908a3caf68277217d5a07b37926ed2930fc2131fd723f58d5") (async) syz_genetlink_get_family_id$auto_nlbl_calipso(&(0x7f00000029c0), r7) (async) r16 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002a40), r14) sendmsg$auto_NL802154_CMD_SET_ACKREQ_DEFAULT(r14, &(0x7f0000002b00)={&(0x7f0000002a00)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000002ac0)={&(0x7f0000002a80)={0x3c, r16, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFTYPE={0x8, 0x5, 0x3}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0xffffff83}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r15}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x5d}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x7f}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000002c40)={&(0x7f0000002b40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002c00)={&(0x7f0000002b80)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x3}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x4}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x3}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x7}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x3698}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x5c}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008841}, 0x4000) lchown$auto(&(0x7f0000002c80)='./file0/file0\x00', r10, r9) r17 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002d00), r14) sendmsg$auto_IPVS_CMD_DEL_SERVICE(r6, &(0x7f0000003040)={&(0x7f0000002cc0)={0x10, 0x0, 0x0, 0x10040}, 0xc, &(0x7f0000003000)={&(0x7f0000002d80)={0x264, r17, 0x0, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x39, 0x0, 0x0, @pid}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x401}, @IPVS_CMD_ATTR_SERVICE={0x22a, 0x1, 0x0, 0x1, [@typed={0xa, 0x19, 0x0, 0x0, @str='*.B]\xfd\x00'}, @generic="c9e8ca77e2d9b1b3590956f17f40e2cbc3a7a98ac4258bffa5d34b12f52169458ba4a10b5a3deb2e9cfb00c6065d644dbddd5650f23cde5294954302d96ca42cc1e563245a25758013e2b5e3ab2aed3c16880032b492bf8cfc46bd71f441a64e1468555bfc553c62446fb2d35900f98e7715537878958d809d5e7f4ca3bcebedfc48153d7f02fb454dc0163493504ecd9bdfb039", @generic="23d1d2dda074a7b46fa567963efbc2f5862156aea436aedfd60126d6b16cdc5de5e7f20eed80ea4c866e7ae5fc4a48e95b6e7ae38a5385ce6fafa4a55dcf5e9326c03e3a0cbb665e03b7a879a31f757a9710e8780e0c25a8fd0a819e4a026ad0a3f2c6a4e2b8e1efbcaeccf96a21484069a013a749f38d781891683d4421593753ebb0fcff3d9c2984a401cefa310dece1440c2e67f6c2e71a74e90356924d290401d04be977fe82f7d20439e224df6a736c4d3d1b842ed01c1490b8f3db88f7c7a3ccce80f1c775f4faf7f61fc945955bdf245efe85e2a169ee48b7ea9287a07c0759b7a3ba28b420f601690d3b21ea86776f7fd6f2cb87eff0a9f8a1ab5c", @generic="ba4ac3c6c8b35da7e06a13fc9008476e036d492d33e53fb1600b61b996e85942a61fd240989b4d3bb87af943d1ac010f18644583f88e343b4f9962a151c791cc56ce9be49e14eeaf6102c9c493f65b2594bb5e9a0e61385d974e6cf4aa72d7618c8585d48e745945b302a7ff964e426f74c0a3bf4bb22a", @typed={0x4, 0x6}, @typed={0x8, 0x6, 0x0, 0x0, @ipv4=@empty}, @typed={0x4, 0x42}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}]}, 0x264}, 0x1, 0x0, 0x0, 0x20004840}, 0x24008005) 2.959955206s ago: executing program 2 (id=1581): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) open(&(0x7f00000001c0)='./file0\x00', 0x4242, 0x0) (async) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x4242, 0x0) fanotify_mark$auto(0x0, 0x1, 0x3a, r0, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.804589327s ago: executing program 2 (id=1582): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/025/001\x00', 0x8901, 0x0) ioctl$auto(r0, 0x5522, r0) ioctl$auto(r0, 0x5521, 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000884) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_REUSEPORT(r2, 0x1, 0xf, &(0x7f0000000780)='\x00', &(0x7f00000007c0)=0xd) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r3, 0x5646, r3) read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000280)=""/40, 0x28) ioctl$auto(r3, 0x2400000, 0xffffffffffffffff) futex$auto(0x0, 0x4f549, 0xc, 0x0, 0x0, 0x404) unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0) socket(0x18, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa) write$auto(r4, 0x0, 0xfffffdf1) linkat$auto(r4, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r4, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) mprotect$auto(0x0, 0x8000000000000001, 0x8) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) prctl$auto(0x4, 0x1, 0x0, 0x9, 0x0) 2.375089522s ago: executing program 4 (id=1583): r0 = socket(0xa, 0x3, 0x3b) (async) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card0/pcm0c/sub6/hw_params\x00', 0x600002, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) (async) mremap$auto(0x1, 0x4, 0x3, 0x50a, 0x6) 1.574096785s ago: executing program 3 (id=1584): r0 = socket(0x28, 0x1, 0x0) setsockopt$auto(r0, 0x28, 0x1, 0x0, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000040), 0x30a00, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_VENDOR(r1, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)={0x14, r2, 0x705, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80) getrusage$auto_RUSAGE_CHILDREN(0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, 0x0, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x0) io_cancel$auto(0x2, 0x0, &(0x7f0000000300)={0x8, 0x8, 0xfffffffffffff801, 0x200}) r3 = bpf$auto(0x0, 0x0, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x7, 0x98, 0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) fcntl$auto_F_DUPFD(0xffffffffffffffff, 0x0, r3) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) 1.263924557s ago: executing program 4 (id=1585): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) getdents$auto(r0, &(0x7f00000004c0)={0x100, 0xa, 0x4}, 0x62d4) (async) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x141241, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) (async) sysfs$auto(0x2, 0x0, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x6, 0x0, 0x0, 0x0) (async) fsmount$auto(0x4, 0x0, 0x200003) (async) fsmount$auto(0x4, 0x0, 0xa7) (async) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/queues/tx-0/byte_queue_limits/stall_cnt\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) write$auto(0x3, 0x0, 0xfdef) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/sleep_millisecs\x00', 0x181482, 0x0) write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f0000003900)='\t', 0x1) (async) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r4 = socket(0x15, 0x80802, 0x0) setsockopt$auto(r4, 0x11, 0x67, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88000, 0x0) io_cancel$auto(0x3, 0x0, 0x0) bpf$auto_BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)=@token_create={0x3, r2}, 0x3) 1.245791639s ago: executing program 2 (id=1586): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x9, 0x20000000) r0 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x6, 0x7, 0xfffffffe, 0x8, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x9, 0x10004, 0xb, 0x2de, 0x508, 0x1, 0x101, 0x6, 0x8}, {0xfff7ffff, 0x400002, 0x1a000000, 0x5, 0x9, 0xffff0000, 0x76c5, 0x8, 0x7e97c04c}}) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x29, 0x30, 0x0, 0x56b) 990.783648ms ago: executing program 3 (id=1587): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timer_create$auto_CLOCK_REALTIME(0x0, 0x0, &(0x7f0000001580)=0xffffffff) 863.955398ms ago: executing program 4 (id=1588): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) (async) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/midi2\x00', 0xaa101, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.9/usb28/ep_00/power/control\x00', 0x111800, 0x0) sendfile$auto(r1, r1, 0x0, 0x2) (async) ioctl$auto_SNDRV_RAWMIDI_IOCTL_DRAIN(r0, 0x40045731, 0x0) 749.448068ms ago: executing program 1 (id=1589): mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x1, 0x106) (async) r0 = socket(0x2, 0x1, 0x106) getsockopt$auto(r0, 0x29, 0x4b, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/ptp/ptp0/max_vclocks\x00', 0x103841, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x202, 0x0) sendfile$auto(r2, r2, 0x0, 0x1) (async) sendfile$auto(r2, r2, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto_SO_TXTIME(r1, 0x8000, 0x3d, &(0x7f0000000040)='\x95]$\\!$\x00', &(0x7f0000000100)=0x2) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) socket(0xa, 0x2, 0x88) (async) r4 = socket(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'erspan0\x00'}) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000080)={0x7, 0xf1, 0xad}}) 631.543357ms ago: executing program 4 (id=1590): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r1, 0x4010ae68, r2) r3 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000140), 0x420c82, 0x0) ioctl$auto_FICLONE(r3, 0x40049409, 0xffffffffffffffff) write$auto(0xffffffffffffffff, 0x0, 0x5) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) select$auto(0xe, 0x0, 0x0, &(0x7f0000000000)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x100, 0xd08, 0xc, 0x200000000000c, 0x0, 0x6d2f, 0xffffffffffffff00, 0x2, 0x4000000000000d]}, 0x0) socket(0x2c, 0x1, 0x4004) getsockopt$auto(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0) setregid$auto(0xee01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mbind$auto(0x2000, 0x2a9c95b1, 0x100000000, 0x0, 0x5, 0x6) madvise$auto(0xd, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x6, 0x4, 0x1, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) fanotify_init$auto(0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r4 = socket(0x29, 0x2, 0x0) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00Da', @ANYRES16=r2, @ANYBLOB="6a199a460df22f4fec0d89b932eb31719c", @ANYBLOB="70865354dc5ca1c8f011ea7d8f96d26fa732ad6ecb0c3534542f0321a07a6eeb48af0d5e6a058623fad2f7b158cd66dcfacf7ec380260794c5ac82cbeb7aff405e97e77c43e0be99c6925f9435d9092f88bb60446629b78a84d3734f36c23906067dbb25489d4d98cf98c4061b87d4c6411cb20b4b7500c35cab510ee92668e6c71e830bd0200f7d6c7041314f478b4c08a9de13bc4f76f31e66e2a85a7c3daf4bca79ec2fc87a9e308895e079307b385ad7e87b150a916be8f2471679578de2dd367580a6aeed71c0d2fbad7bdc88fcd40f36b08cf9a23879ae129902f508452f62"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000810}, 0x40000) recvmmsg$auto(r5, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r4, 0x8913, 0x24) mmap$auto(0x0, 0x853, 0x2000000000000002, 0xeb1, 0xffffffffffffffff, 0x8000) 46.444923ms ago: executing program 2 (id=1591): mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8004) socket(0x2, 0x2, 0x0) (async) setsockopt$auto(0x3, 0x0, 0xd, 0x0, 0x3) (async) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810005, 0xf4, 0x800000000a011, r0, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x2000000000000006, 0xeb1, r0, 0x8000) setresuid$auto(0x0, 0x8, 0x8000) (async) mlockall$auto(0x7) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x88000, 0x0) (async) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x3, 0x6) r2 = socket(0x2, 0x1, 0x0) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0) (async) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/tcp\x00', 0x400, 0x0) setsockopt$auto_SO_DETACH_REUSEPORT_BPF(r1, 0x4, 0x44, &(0x7f00000000c0)='/proc/self/net/tcp\x00', 0x6) pread64$auto(r3, 0x0, 0x202, 0xfffff000) (async) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) sendmmsg$auto(0x3, 0x0, 0x9, 0x7400000) 0s ago: executing program 1 (id=1592): mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x801, 0x106) r1 = getsockopt$auto(r0, 0x6, 0xd, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x8d, 0x14, r1, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x4bfa, 0x1) r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r3, 0x400, 0x1) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10b858efb87216724200000b0000"], 0x14}, 0x1, 0x0, 0x0, 0x20000850}, 0xc08c) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0xc962c62d53916fba, 0x1, 0x6) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) acct$auto(&(0x7f0000000000)='/dev/tty\x00`Mx\x9d\xfa\xb3\x1f\xc6k\x01\x13\x9b\x15[\xf7\xaan\x1fOgo\xbb(\xcbx\x9bJ\x91*\xa5a\x02\xf3\x1b\x9d\xddy\xef\xee\xe4h\xd5\nH\x80\x8a\xd7Y\xb8\xcb\x90') socket(0x9, 0x1, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sysfs$auto(0x2, 0x23, 0x0) r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r4, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x4e22, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) kernel console output (not intermixed with test programs): r_hwframe+0x77/0x7f [ 309.647085][ T9848] RIP: 0033:0x7f318599c799 [ 309.647113][ T9848] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 309.647146][ T9848] RSP: 002b:00007f31867cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 309.647185][ T9848] RAX: ffffffffffffffda RBX: 00007f3185c15fa0 RCX: 00007f318599c799 [ 309.647207][ T9848] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 309.647228][ T9848] RBP: 00007f3185a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 309.647248][ T9848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.647267][ T9848] R13: 00007f3185c16038 R14: 00007f3185c15fa0 R15: 00007ffd9fc74608 [ 309.647339][ T9848] [ 310.750231][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout [ 310.831435][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 310.923565][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout [ 311.069209][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 311.397858][ T9877] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 311.961889][ T9854] binder: 9850:9854 ioctl c018620c 200000000040 returned -22 [ 315.288671][ T9904] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 315.383284][ T9899] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 316.339992][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.349592][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.229761][ T9911] binder: 9908:9911 ioctl c018620c 200000000040 returned -22 [ 317.442609][ T5833] Bluetooth: hci1: unexpected event 0x32 length: 727 > 9 [ 318.576271][ T9944] netlink: 28 bytes leftover after parsing attributes in process `syz.3.764'. [ 318.705270][ T9944] team0 (unregistering): Port device team_slave_0 removed [ 318.743815][ T9944] team0 (unregistering): Port device team_slave_1 removed [ 319.037451][ T9949] hub 1-0:1.0: USB hub found [ 319.043578][ T9949] hub 1-0:1.0: 1 port detected [ 319.877185][ T9953] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 319.948452][ T9953] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 319.954632][ T9953] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 320.007757][ T9953] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 320.483259][ T9961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.768'. [ 321.305051][ T9984] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 321.919231][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 321.978768][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 321.984954][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 322.057185][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 322.649569][T10002] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 323.069382][T10006] FAULT_INJECTION: forcing a failure. [ 323.069382][T10006] name failslab, interval 1, probability 0, space 0, times 0 [ 323.112097][T10006] CPU: 1 UID: 0 PID: 10006 Comm: syz.3.779 Tainted: G L syzkaller #0 PREEMPT(full) [ 323.112137][T10006] Tainted: [L]=SOFTLOCKUP [ 323.112146][T10006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 323.112161][T10006] Call Trace: [ 323.112169][T10006] [ 323.112177][T10006] dump_stack_lvl+0x100/0x190 [ 323.112220][T10006] should_fail_ex.cold+0x5/0xa [ 323.112248][T10006] should_failslab+0xc2/0x120 [ 323.112291][T10006] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 323.112329][T10006] ? fcntl_setlk+0xaa/0xe40 [ 323.112355][T10006] ? __lock_acquire+0x4a5/0x2630 [ 323.112396][T10006] fcntl_setlk+0xaa/0xe40 [ 323.112426][T10006] ? __pfx_fcntl_setlk+0x10/0x10 [ 323.112461][T10006] ? find_held_lock+0x2b/0x80 [ 323.112506][T10006] ? __might_fault+0xc5/0x140 [ 323.112554][T10006] ? __might_fault+0xc5/0x140 [ 323.112616][T10006] do_fcntl+0xf39/0x1670 [ 323.112649][T10006] ? __pfx_do_fcntl+0x10/0x10 [ 323.112679][T10006] ? __fget_files+0x215/0x3d0 [ 323.112711][T10006] ? tomoyo_file_fcntl+0x6c/0xc0 [ 323.112754][T10006] __x64_sys_fcntl+0x163/0x200 [ 323.112790][T10006] do_syscall_64+0x106/0xf80 [ 323.112826][T10006] ? clear_bhb_loop+0x40/0x90 [ 323.112856][T10006] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.112882][T10006] RIP: 0033:0x7f318599c799 [ 323.112902][T10006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 323.112925][T10006] RSP: 002b:00007f31867ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 323.112948][T10006] RAX: ffffffffffffffda RBX: 00007f3185c16090 RCX: 00007f318599c799 [ 323.112966][T10006] RDX: 0000000000000004 RSI: 0000000000000026 RDI: 0000000000000009 [ 323.112980][T10006] RBP: 00007f3185a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 323.112995][T10006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.113009][T10006] R13: 00007f3185c16128 R14: 00007f3185c16090 R15: 00007ffd9fc74608 [ 323.113040][T10006] [ 324.005569][T10015] netlink: Setting conntrack mark requires 'commit' flag. [ 324.273512][T10018] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 324.823795][T10024] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 325.123590][T10031] FAULT_INJECTION: forcing a failure. [ 325.123590][T10031] name failslab, interval 1, probability 0, space 0, times 0 [ 325.184360][T10031] CPU: 1 UID: 0 PID: 10031 Comm: syz.1.785 Tainted: G L syzkaller #0 PREEMPT(full) [ 325.184415][T10031] Tainted: [L]=SOFTLOCKUP [ 325.184427][T10031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 325.184447][T10031] Call Trace: [ 325.184458][T10031] [ 325.184470][T10031] dump_stack_lvl+0x100/0x190 [ 325.184528][T10031] should_fail_ex.cold+0x5/0xa [ 325.184567][T10031] should_failslab+0xc2/0x120 [ 325.184604][T10031] __kmalloc_cache_noprof+0x7a/0x6f0 [ 325.184649][T10031] ? trace_pid_list_alloc+0x2fe/0x480 [ 325.184710][T10031] trace_pid_list_alloc+0x2fe/0x480 [ 325.184769][T10031] trace_pid_write+0x110/0x460 [ 325.184825][T10031] ? __pfx_trace_pid_write+0x10/0x10 [ 325.184904][T10031] event_pid_write.isra.0+0x1e4/0x800 [ 325.184964][T10031] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 325.185035][T10031] vfs_write+0x2aa/0x1070 [ 325.185068][T10031] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 325.185107][T10031] ? __pfx_vfs_write+0x10/0x10 [ 325.185137][T10031] ? __fget_files+0x215/0x3d0 [ 325.185179][T10031] ? __fget_files+0x21f/0x3d0 [ 325.185230][T10031] ksys_write+0x12a/0x250 [ 325.185262][T10031] ? __pfx_ksys_write+0x10/0x10 [ 325.185307][T10031] do_syscall_64+0x106/0xf80 [ 325.185357][T10031] ? clear_bhb_loop+0x40/0x90 [ 325.185399][T10031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.185434][T10031] RIP: 0033:0x7f66b5d9c799 [ 325.185461][T10031] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 325.185495][T10031] RSP: 002b:00007f66b6cfc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 325.185527][T10031] RAX: ffffffffffffffda RBX: 00007f66b6016090 RCX: 00007f66b5d9c799 [ 325.185549][T10031] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 325.185568][T10031] RBP: 00007f66b5e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 325.185587][T10031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.185606][T10031] R13: 00007f66b6016128 R14: 00007f66b6016090 R15: 00007ffd9842b4a8 [ 325.185649][T10031] [ 325.997931][T10037] FAULT_INJECTION: forcing a failure. [ 325.997931][T10037] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 326.030905][T10037] CPU: 1 UID: 0 PID: 10037 Comm: syz.0.787 Tainted: G L syzkaller #0 PREEMPT(full) [ 326.030944][T10037] Tainted: [L]=SOFTLOCKUP [ 326.030953][T10037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 326.030967][T10037] Call Trace: [ 326.030975][T10037] [ 326.030985][T10037] dump_stack_lvl+0x100/0x190 [ 326.031027][T10037] should_fail_ex.cold+0x5/0xa [ 326.031051][T10037] ? prepare_alloc_pages+0x16d/0x5f0 [ 326.031085][T10037] should_fail_alloc_page+0xeb/0x140 [ 326.031114][T10037] prepare_alloc_pages+0x1f0/0x5f0 [ 326.031148][T10037] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 326.031190][T10037] ? __pfx_stack_trace_save+0x10/0x10 [ 326.031216][T10037] ? stack_depot_save_flags+0x27/0x9d0 [ 326.031248][T10037] ? kasan_save_stack+0x3f/0x50 [ 326.031286][T10037] ? kasan_save_stack+0x30/0x50 [ 326.031325][T10037] ? kasan_save_track+0x14/0x30 [ 326.031366][T10037] ? kasan_save_stack+0x3f/0x50 [ 326.031408][T10037] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 326.031452][T10037] ? __lock_acquire+0x4a5/0x2630 [ 326.031483][T10037] ? look_up_lock_class+0x55/0x120 [ 326.031527][T10037] ? lock_acquire+0x1cf/0x380 [ 326.031566][T10037] ? find_held_lock+0x2b/0x80 [ 326.031588][T10037] ? page_table_check_set+0x49a/0xa10 [ 326.031612][T10037] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 326.031657][T10037] ? policy_nodemask+0xed/0x4f0 [ 326.031685][T10037] alloc_pages_mpol+0x1fb/0x550 [ 326.031713][T10037] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 326.031748][T10037] folio_alloc_mpol_noprof+0x36/0x340 [ 326.031781][T10037] vma_alloc_folio_noprof+0xed/0x1d0 [ 326.031812][T10037] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 326.031852][T10037] do_anonymous_page+0xb3a/0x1fb0 [ 326.031899][T10037] __handle_mm_fault+0x1d42/0x2b60 [ 326.031942][T10037] ? __pfx___handle_mm_fault+0x10/0x10 [ 326.031978][T10037] ? pte_offset_map_lock+0x174/0x320 [ 326.032004][T10037] ? find_held_lock+0x2b/0x80 [ 326.032036][T10037] ? follow_page_pte+0x5b3/0x1400 [ 326.032087][T10037] handle_mm_fault+0x36d/0xa20 [ 326.032128][T10037] __get_user_pages+0xf9c/0x34d0 [ 326.032168][T10037] ? __pfx___get_user_pages+0x10/0x10 [ 326.032205][T10037] populate_vma_page_range+0x267/0x3f0 [ 326.032238][T10037] ? __pfx_populate_vma_page_range+0x10/0x10 [ 326.032269][T10037] ? __pfx_find_vma_intersection+0x10/0x10 [ 326.032296][T10037] ? do_mmap+0x93f/0x12f0 [ 326.032327][T10037] __mm_populate+0x107/0x3a0 [ 326.032358][T10037] ? __pfx___mm_populate+0x10/0x10 [ 326.032390][T10037] ? up_write+0x290/0x4f0 [ 326.032436][T10037] vm_mmap_pgoff+0x37f/0x470 [ 326.032468][T10037] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 326.032499][T10037] ? do_futex+0x192/0x350 [ 326.032533][T10037] ? __pfx_do_futex+0x10/0x10 [ 326.032579][T10037] ksys_mmap_pgoff+0xe1/0x650 [ 326.032606][T10037] ? __x64_sys_futex+0x34f/0x4d0 [ 326.032637][T10037] ? __x64_sys_futex+0x358/0x4d0 [ 326.032671][T10037] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 326.032698][T10037] ? xfd_validate_state+0x129/0x190 [ 326.032740][T10037] __x64_sys_mmap+0x125/0x190 [ 326.032781][T10037] do_syscall_64+0x106/0xf80 [ 326.032817][T10037] ? clear_bhb_loop+0x40/0x90 [ 326.032848][T10037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.032873][T10037] RIP: 0033:0x7f9e8759c799 [ 326.032893][T10037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 326.032918][T10037] RSP: 002b:00007f9e88465028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 326.032941][T10037] RAX: ffffffffffffffda RBX: 00007f9e87815fa0 RCX: 00007f9e8759c799 [ 326.032958][T10037] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 326.032972][T10037] RBP: 00007f9e87632c99 R08: ffffffffffffffff R09: 0000000000000000 [ 326.032988][T10037] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 326.033003][T10037] R13: 00007f9e87816038 R14: 00007f9e87815fa0 R15: 00007fff14001c38 [ 326.033035][T10037] [ 331.584982][T10102] binder: 10089:10102 ioctl c018620c 200000000040 returned -22 [ 333.920797][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 334.055784][T10123] Ignoring unsupported numa_zonelist_order value:  [ 336.712908][T10166] futex_wake_op: syz.2.809 tries to shift op by -2048; fix this program [ 336.724811][T10166] futex_wake_op: syz.2.809 tries to shift op by -2048; fix this program [ 336.767981][T10166] 0x000000000001-0x000000020000 : "" [ 336.842307][T10166] ftl_cs: FTL header corrupt! [ 341.072651][T10211] FAULT_INJECTION: forcing a failure. [ 341.072651][T10211] name failslab, interval 1, probability 0, space 0, times 0 [ 341.086943][T10211] CPU: 0 UID: 0 PID: 10211 Comm: syz.0.815 Tainted: G L syzkaller #0 PREEMPT(full) [ 341.086983][T10211] Tainted: [L]=SOFTLOCKUP [ 341.086991][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 341.087008][T10211] Call Trace: [ 341.087015][T10211] [ 341.087024][T10211] dump_stack_lvl+0x100/0x190 [ 341.087067][T10211] should_fail_ex.cold+0x5/0xa [ 341.087123][T10211] should_failslab+0xc2/0x120 [ 341.087150][T10211] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 341.087188][T10211] ? __proc_create+0x2cb/0x8c0 [ 341.087242][T10211] __proc_create+0x2cb/0x8c0 [ 341.087283][T10211] ? __pfx___proc_create+0x10/0x10 [ 341.087330][T10211] ? mark_held_locks+0x40/0x70 [ 341.087365][T10211] _proc_mkdir+0xb9/0x210 [ 341.087389][T10211] ? __pfx__proc_mkdir+0x10/0x10 [ 341.087411][T10211] ? sctp_defaults_init+0x720/0xd90 [ 341.087455][T10211] sctp_proc_init+0x59/0x270 [ 341.087490][T10211] ? __pfx_sctp_defaults_init+0x10/0x10 [ 341.087526][T10211] sctp_defaults_init+0x758/0xd90 [ 341.087563][T10211] ? __pfx_sctp_defaults_init+0x10/0x10 [ 341.087602][T10211] ops_init+0x1e2/0x5f0 [ 341.087644][T10211] setup_net+0x118/0x3a0 [ 341.087683][T10211] ? __pfx_setup_net+0x10/0x10 [ 341.087720][T10211] ? lockdep_init_map_type+0x5c/0x250 [ 341.087754][T10211] ? mutex_init_lockep+0x110/0x150 [ 341.087793][T10211] copy_net_ns+0x46f/0x7c0 [ 341.087819][T10211] create_new_namespaces+0x3ea/0xac0 [ 341.087853][T10211] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 341.087882][T10211] ksys_unshare+0x473/0xad0 [ 341.087915][T10211] ? __pfx_ksys_unshare+0x10/0x10 [ 341.087958][T10211] __x64_sys_unshare+0x31/0x40 [ 341.087989][T10211] do_syscall_64+0x106/0xf80 [ 341.088025][T10211] ? clear_bhb_loop+0x40/0x90 [ 341.088056][T10211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.088081][T10211] RIP: 0033:0x7f9e8759c799 [ 341.088107][T10211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 341.088131][T10211] RSP: 002b:00007f9e88423028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 341.088156][T10211] RAX: ffffffffffffffda RBX: 00007f9e87816180 RCX: 00007f9e8759c799 [ 341.088173][T10211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 341.088188][T10211] RBP: 00007f9e87632c99 R08: 0000000000000000 R09: 0000000000000000 [ 341.088203][T10211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.088218][T10211] R13: 00007f9e87816218 R14: 00007f9e87816180 R15: 00007fff14001c38 [ 341.088249][T10211] [ 342.515016][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 344.714398][T10249] ubi0: attaching mtd0 [ 344.718576][T10249] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 345.704215][T10266] zswap: compressor not available [ 346.816333][T10295] bonding: no command found in bonding_masters - use +ifname or -ifname [ 347.100523][T10300] &#$@\]\-: entered promiscuous mode [ 348.190893][T10320] netlink: 12 bytes leftover after parsing attributes in process `syz.2.842'. [ 348.419810][T10324] netlink: 28 bytes leftover after parsing attributes in process `syz.0.843'. [ 348.659479][T10324] vlan1: entered promiscuous mode [ 348.665637][T10327] FAULT_INJECTION: forcing a failure. [ 348.665637][T10327] name failslab, interval 1, probability 0, space 0, times 0 [ 348.728849][T10327] CPU: 1 UID: 0 PID: 10327 Comm: syz.1.844 Tainted: G L syzkaller #0 PREEMPT(full) [ 348.728903][T10327] Tainted: [L]=SOFTLOCKUP [ 348.728915][T10327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 348.728935][T10327] Call Trace: [ 348.728946][T10327] [ 348.728957][T10327] dump_stack_lvl+0x100/0x190 [ 348.729015][T10327] should_fail_ex.cold+0x5/0xa [ 348.729053][T10327] should_failslab+0xc2/0x120 [ 348.729099][T10327] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 348.729150][T10327] ? vm_area_alloc+0x1f/0x160 [ 348.729194][T10327] ? vma_merge_new_range+0x38b/0xa30 [ 348.729237][T10327] ? __sanitizer_cov_trace_switch+0x10/0x90 [ 348.729299][T10327] vm_area_alloc+0x1f/0x160 [ 348.729343][T10327] __mmap_region+0x10cc/0x29e0 [ 348.729397][T10327] ? __pfx___mmap_region+0x10/0x10 [ 348.729444][T10327] ? process_measurement+0x1f4/0x2350 [ 348.729511][T10327] ? __lock_acquire+0x4a5/0x2630 [ 348.729569][T10327] ? find_held_lock+0x2b/0x80 [ 348.729603][T10327] ? finish_task_switch.isra.0+0x200/0xb80 [ 348.729643][T10327] ? finish_task_switch.isra.0+0x200/0xb80 [ 348.729698][T10327] ? trace_sched_exit_tp+0x13a/0x180 [ 348.729741][T10327] ? __schedule+0x1000/0x6120 [ 348.729842][T10327] ? rcu_is_watching+0x12/0xc0 [ 348.729896][T10327] ? cap_capable+0x107/0x460 [ 348.729939][T10324] vlan1: entered allmulticast mode [ 348.729957][T10327] mmap_region+0x180/0x3e0 [ 348.730124][T10327] do_mmap+0xc63/0x12f0 [ 348.730256][T10327] ? __pfx_do_mmap+0x10/0x10 [ 348.730346][T10327] ? __pfx_down_write_killable+0x10/0x10 [ 348.730452][T10327] vm_mmap_pgoff+0x29e/0x470 [ 348.730601][T10327] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.730710][T10327] ? do_futex+0x192/0x350 [ 348.730819][T10327] ? __pfx_do_futex+0x10/0x10 [ 348.730956][T10327] ksys_mmap_pgoff+0xe1/0x650 [ 348.731044][T10327] ? __x64_sys_futex+0x34f/0x4d0 [ 348.731168][T10327] ? __x64_sys_futex+0x358/0x4d0 [ 348.731276][T10327] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 348.731373][T10327] ? xfd_validate_state+0x129/0x190 [ 348.731534][T10327] __x64_sys_mmap+0x125/0x190 [ 348.731700][T10327] do_syscall_64+0x106/0xf80 [ 348.731844][T10327] ? clear_bhb_loop+0x40/0x90 [ 348.731968][T10327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.732055][T10327] RIP: 0033:0x7f66b5d9c799 [ 348.732132][T10327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 348.732215][T10327] RSP: 002b:00007f66b6cfc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 348.732299][T10327] RAX: ffffffffffffffda RBX: 00007f66b6016090 RCX: 00007f66b5d9c799 [ 348.732340][T10327] RDX: 00000000000000df RSI: 0000000000400005 RDI: 0000000000000000 [ 348.732393][T10327] RBP: 00007f66b5e32c99 R08: 0000000000000002 R09: 0000000000008000 [ 348.732448][T10327] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 348.732499][T10327] R13: 00007f66b6016128 R14: 00007f66b6016090 R15: 00007ffd9842b4a8 [ 348.732603][T10327] [ 349.045343][T10324] veth0_vlan: entered allmulticast mode [ 352.902103][T10387] Ignoring unsupported numa_zonelist_order value: [ 353.244731][T10397] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 353.447956][T10406] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 353.511970][T10398] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 354.293390][T10427] futex_wake_op: syz.2.868 tries to shift op by -2048; fix this program [ 355.301792][ T29] audit: type=1804 audit(4294967358.932:9): pid=10445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.872" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 355.310179][T10446] : Can't lookup blockdev [ 355.726986][T10452] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 356.231706][T10461] tipc: Started in network mode [ 356.246074][T10461] tipc: Node identity ffffffff, cluster identity 4711 [ 356.264296][T10461] tipc: Node number set to 4294967295 [ 357.129521][T10472] zswap: compressor  not available [ 358.275946][T10512] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 359.667877][T10527] futex_wake_op: syz.1.888 tries to shift op by -2048; fix this program [ 359.676597][T10527] futex_wake_op: syz.1.888 tries to shift op by -2048; fix this program [ 359.686301][T10527] 0x000000000001-0x000000020000 : "" [ 359.707613][T10527] ftl_cs: FTL header corrupt! [ 360.219577][T10536] [U] [ 361.232253][T10555] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 362.830968][T10589] ptrace attach of "./syz-executor exec"[5825] was attempted by ""[10589] [ 364.151056][T10614] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 365.989325][T10668] block nbd7: not configured, cannot reconfigure [ 369.896435][T10723] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 369.921967][T10723] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 371.147290][T10742] futex_wake_op: syz.1.934 tries to shift op by -2048; fix this program [ 371.157165][T10742] futex_wake_op: syz.1.934 tries to shift op by -2048; fix this program [ 377.472954][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.479346][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.484508][T10858] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 381.521351][T10923] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 383.161210][T10942] NFSD: Failed to start, no listeners configured. [ 383.546139][T10957] netlink: 12 bytes leftover after parsing attributes in process `syz.3.969'. [ 383.650475][T10956] HfR: entered promiscuous mode [ 383.756879][T10957] HfR: left promiscuous mode [ 384.040597][T10945] kexec: Could not allocate control_code_buffer [ 384.483431][T10969] netlink: 'syz.0.971': attribute type 64 has an invalid length. [ 384.536871][T10969] netlink: 74 bytes leftover after parsing attributes in process `syz.0.971'. [ 385.049408][T10980] FAULT_INJECTION: forcing a failure. [ 385.049408][T10980] name fail_futex, interval 1, probability 0, space 0, times 0 [ 385.156277][T10980] CPU: 1 UID: 0 PID: 10980 Comm: syz.0.974 Tainted: G L syzkaller #0 PREEMPT(full) [ 385.156318][T10980] Tainted: [L]=SOFTLOCKUP [ 385.156326][T10980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 385.156342][T10980] Call Trace: [ 385.156413][T10980] [ 385.156422][T10980] dump_stack_lvl+0x100/0x190 [ 385.156510][T10980] should_fail_ex.cold+0x5/0xa [ 385.156553][T10980] get_futex_key+0x1d2/0x1620 [ 385.156604][T10980] ? __pfx_get_futex_key+0x10/0x10 [ 385.156645][T10980] futex_wake+0xea/0x530 [ 385.156685][T10980] ? __pfx_futex_wake+0x10/0x10 [ 385.156724][T10980] ? __call_rcu_common.constprop.0+0x3f0/0x9b0 [ 385.156774][T10980] do_futex+0x32b/0x350 [ 385.156807][T10980] ? __pfx_do_futex+0x10/0x10 [ 385.156841][T10980] ? __pfx___might_resched+0x10/0x10 [ 385.156888][T10980] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 385.157008][T10980] __x64_sys_futex+0x34f/0x4d0 [ 385.157045][T10980] ? __pfx___x64_sys_futex+0x10/0x10 [ 385.157090][T10980] do_syscall_64+0x106/0xf80 [ 385.157214][T10980] ? clear_bhb_loop+0x40/0x90 [ 385.157252][T10980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.157278][T10980] RIP: 0033:0x7f9e8759c799 [ 385.157299][T10980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 385.157324][T10980] RSP: 002b:00007f9e884650e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 385.157375][T10980] RAX: ffffffffffffffda RBX: 00007f9e87815fa8 RCX: 00007f9e8759c799 [ 385.157391][T10980] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9e87815fac [ 385.157407][T10980] RBP: 00007f9e87815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 385.157422][T10980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 385.157437][T10980] R13: 00007f9e87816038 R14: 00007fff14001b50 R15: 00007fff14001c38 [ 385.157468][T10980] [ 386.391119][T10991] zswap: compressor not available [ 386.784788][T11001] futex_wake_op: syz.1.978 tries to shift op by -2048; fix this program [ 386.797774][T11001] futex_wake_op: syz.1.978 tries to shift op by -2048; fix this program [ 389.081470][T11032] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 389.259323][T11038] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 390.435583][T11063] netlink: 28 bytes leftover after parsing attributes in process `syz.1.992'. [ 390.455319][T11063] ipvlan0: entered promiscuous mode [ 390.507438][T11063] ipvlan0: entered allmulticast mode [ 391.880399][T11083] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 393.241945][ T29] audit: type=1800 audit(4294967397.080:10): pid=11099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.996" name="discovery_nqn" dev="configfs" ino=35211 res=0 errno=0 [ 393.851232][ T51] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 393.851281][ T51] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 393.866707][ T51] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 393.866858][ T51] Bluetooth: hci0: adv larger than maximum supported [ 393.874247][ T51] Bluetooth: hci0: Unknown advertising packet type: 0x32 [ 393.882577][ T51] Bluetooth: hci0: Unknown advertising packet type: 0x16 [ 393.895147][ T51] Bluetooth: hci0: Malformed LE Event: 0x0d [ 395.080037][T11114] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 395.090298][T11114] pci 0000:00:01.3: PCI INT A: no GSI [ 395.572824][T11127] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 396.210149][T11146] bridge_slave_1: left allmulticast mode [ 396.216070][T11146] bridge_slave_1: left promiscuous mode [ 396.239921][T11146] bridge0: port 2(bridge_slave_1) entered disabled state [ 397.073518][T11156] FAULT_INJECTION: forcing a failure. [ 397.073518][T11156] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 397.087041][T11156] CPU: 1 UID: 0 PID: 11156 Comm: syz.2.1014 Tainted: G L syzkaller #0 PREEMPT(full) [ 397.087101][T11156] Tainted: [L]=SOFTLOCKUP [ 397.087110][T11156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 397.087126][T11156] Call Trace: [ 397.087135][T11156] [ 397.087174][T11156] dump_stack_lvl+0x100/0x190 [ 397.087217][T11156] should_fail_ex.cold+0x5/0xa [ 397.087241][T11156] ? prepare_alloc_pages+0x16d/0x5f0 [ 397.087310][T11156] should_fail_alloc_page+0xeb/0x140 [ 397.087350][T11156] prepare_alloc_pages+0x1f0/0x5f0 [ 397.087379][T11156] ? bpf_ksym_find+0x124/0x1c0 [ 397.087423][T11156] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 397.087465][T11156] ? __kernel_text_address+0xd/0x30 [ 397.087504][T11156] ? unwind_get_return_address+0x59/0xa0 [ 397.087538][T11156] ? arch_stack_walk+0xa6/0xf0 [ 397.087577][T11156] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 397.087616][T11156] ? stack_trace_save+0x8e/0xc0 [ 397.087641][T11156] ? __pfx_stack_trace_save+0x10/0x10 [ 397.087666][T11156] ? stack_depot_save_flags+0x27/0x9d0 [ 397.087774][T11156] ? mas_store_prealloc+0x893/0xfb0 [ 397.087842][T11156] ? kasan_save_stack+0x30/0x50 [ 397.087882][T11156] ? kasan_save_track+0x14/0x30 [ 397.087920][T11156] ? __kasan_slab_alloc+0x89/0x90 [ 397.087942][T11156] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 397.087981][T11156] ? __pmd_alloc+0xbf/0x950 [ 397.088012][T11156] ? __handle_mm_fault+0xa99/0x2b60 [ 397.088044][T11156] ? handle_mm_fault+0x36d/0xa20 [ 397.088076][T11156] ? __get_user_pages+0xf9c/0x34d0 [ 397.088102][T11156] ? populate_vma_page_range+0x267/0x3f0 [ 397.088131][T11156] ? __mm_populate+0x107/0x3a0 [ 397.088167][T11156] ? vm_mmap_pgoff+0x37f/0x470 [ 397.088201][T11156] ? ksys_mmap_pgoff+0xe1/0x650 [ 397.088227][T11156] ? __x64_sys_mmap+0x125/0x190 [ 397.088271][T11156] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 397.088320][T11156] ? policy_nodemask+0xed/0x4f0 [ 397.088348][T11156] alloc_pages_mpol+0x1fb/0x550 [ 397.088375][T11156] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 397.088409][T11156] alloc_pages_noprof+0x131/0x390 [ 397.088437][T11156] pte_alloc_one+0x1c/0x3d0 [ 397.088469][T11156] __pte_alloc+0x6d/0x3e0 [ 397.088495][T11156] ? __pfx___pte_alloc+0x10/0x10 [ 397.088522][T11156] ? do_raw_spin_lock+0x128/0x260 [ 397.088566][T11156] ? find_held_lock+0x2b/0x80 [ 397.088592][T11156] do_anonymous_page+0x13cc/0x1fb0 [ 397.088627][T11156] ? do_raw_spin_unlock+0x145/0x1e0 [ 397.088666][T11156] ? _raw_spin_unlock+0x28/0x50 [ 397.088733][T11156] ? __pmd_alloc+0x3fb/0x950 [ 397.088764][T11156] __handle_mm_fault+0x1d42/0x2b60 [ 397.088804][T11156] ? mt_find+0x45e/0x8e0 [ 397.088859][T11156] ? __pfx___handle_mm_fault+0x10/0x10 [ 397.088892][T11156] ? __pfx_mt_find+0x10/0x10 [ 397.088955][T11156] handle_mm_fault+0x36d/0xa20 [ 397.088995][T11156] __get_user_pages+0xf9c/0x34d0 [ 397.089037][T11156] ? __pfx___get_user_pages+0x10/0x10 [ 397.089074][T11156] populate_vma_page_range+0x267/0x3f0 [ 397.089107][T11156] ? __pfx_populate_vma_page_range+0x10/0x10 [ 397.089137][T11156] ? __pfx_find_vma_intersection+0x10/0x10 [ 397.089172][T11156] ? do_mmap+0x93f/0x12f0 [ 397.089202][T11156] __mm_populate+0x107/0x3a0 [ 397.089233][T11156] ? __pfx___mm_populate+0x10/0x10 [ 397.089265][T11156] ? up_write+0x290/0x4f0 [ 397.089305][T11156] vm_mmap_pgoff+0x37f/0x470 [ 397.089337][T11156] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 397.089367][T11156] ? do_futex+0x192/0x350 [ 397.089400][T11156] ? __pfx_do_futex+0x10/0x10 [ 397.089438][T11156] ksys_mmap_pgoff+0xe1/0x650 [ 397.089465][T11156] ? __x64_sys_futex+0x34f/0x4d0 [ 397.089496][T11156] ? __x64_sys_futex+0x358/0x4d0 [ 397.089530][T11156] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 397.089556][T11156] ? xfd_validate_state+0x129/0x190 [ 397.089598][T11156] __x64_sys_mmap+0x125/0x190 [ 397.089639][T11156] do_syscall_64+0x106/0xf80 [ 397.089675][T11156] ? clear_bhb_loop+0x40/0x90 [ 397.089706][T11156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.089732][T11156] RIP: 0033:0x7f31f8d9c799 [ 397.089754][T11156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 397.089779][T11156] RSP: 002b:00007f31f9cb7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 397.089803][T11156] RAX: ffffffffffffffda RBX: 00007f31f9015fa0 RCX: 00007f31f8d9c799 [ 397.089820][T11156] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 397.089836][T11156] RBP: 00007f31f8e32c99 R08: ffffffffffffffff R09: 0000000000008000 [ 397.089852][T11156] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 397.089867][T11156] R13: 00007f31f9016038 R14: 00007f31f9015fa0 R15: 00007ffcaeef85a8 [ 397.089899][T11156] [ 397.800734][T11156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 397.874072][T11156] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 401.172091][T11175] tipc: Started in network mode [ 401.177107][T11175] tipc: Node identity ee00, cluster identity 4711 [ 401.206529][T11175] tipc: Node number set to 60928 [ 401.321154][T11188] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 402.408004][T11208] smpboot: CPU 1 is now offline [ 403.253103][T11210] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 403.290907][T11210] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 403.327333][T11210] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 403.347631][T11210] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 403.752993][T11241] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1031'. [ 403.862199][T11248] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1031'. [ 404.669724][T11257] FAULT_INJECTION: forcing a failure. [ 404.669724][T11257] name failslab, interval 1, probability 0, space 0, times 0 [ 404.749623][T11257] CPU: 0 UID: 0 PID: 11257 Comm: syz.3.1033 Tainted: G L syzkaller #0 PREEMPT(full) [ 404.749662][T11257] Tainted: [L]=SOFTLOCKUP [ 404.749671][T11257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 404.749685][T11257] Call Trace: [ 404.749693][T11257] [ 404.749703][T11257] dump_stack_lvl+0x100/0x190 [ 404.749744][T11257] should_fail_ex.cold+0x5/0xa [ 404.749770][T11257] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 404.749836][T11257] should_failslab+0xc2/0x120 [ 404.749861][T11257] __kmalloc_noprof+0xe0/0x850 [ 404.749904][T11257] kernfs_fop_write_iter+0x26a/0x5f0 [ 404.749933][T11257] vfs_write+0x6ac/0x1070 [ 404.749960][T11257] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 404.749988][T11257] ? __pfx_vfs_write+0x10/0x10 [ 404.750027][T11257] ksys_write+0x12a/0x250 [ 404.750049][T11257] ? __pfx_ksys_write+0x10/0x10 [ 404.750078][T11257] do_syscall_64+0x106/0xf80 [ 404.750112][T11257] ? clear_bhb_loop+0x40/0x90 [ 404.750141][T11257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.750169][T11257] RIP: 0033:0x7f318599c799 [ 404.750188][T11257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 404.750219][T11257] RSP: 002b:00007f31867cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 404.750241][T11257] RAX: ffffffffffffffda RBX: 00007f3185c15fa0 RCX: 00007f318599c799 [ 404.750256][T11257] RDX: 0000000000000081 RSI: 0000200000000140 RDI: 0000000000000003 [ 404.750271][T11257] RBP: 00007f31867cd090 R08: 0000000000000000 R09: 0000000000000000 [ 404.750284][T11257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 404.750298][T11257] R13: 00007f3185c16038 R14: 00007f3185c15fa0 R15: 00007ffd9fc74608 [ 404.750328][T11257] [ 405.178054][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 405.332908][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 405.430627][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 405.437522][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 407.542382][T11298] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 407.574394][T11298] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 407.621785][T11298] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 407.665331][T11298] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 408.197992][T11327] syz.0.1055(11327): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 409.056956][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout [ 409.606566][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout [ 409.688330][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout [ 409.694415][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 413.878996][T11407] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1073'. [ 414.473254][T11418] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1073'. [ 414.658293][T11405] FAULT_INJECTION: forcing a failure. [ 414.658293][T11405] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 414.764028][T11405] CPU: 0 UID: 0 PID: 11405 Comm: syz.1.1072 Tainted: G L syzkaller #0 PREEMPT(full) [ 414.764068][T11405] Tainted: [L]=SOFTLOCKUP [ 414.764077][T11405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 414.764092][T11405] Call Trace: [ 414.764101][T11405] [ 414.764109][T11405] dump_stack_lvl+0x100/0x190 [ 414.764152][T11405] should_fail_ex.cold+0x5/0xa [ 414.764180][T11405] strncpy_from_user+0x3b/0x2d0 [ 414.764212][T11405] do_getname+0x78/0x390 [ 414.764248][T11405] do_sys_openat2+0xc5/0x1e0 [ 414.764281][T11405] ? __pfx_do_sys_openat2+0x10/0x10 [ 414.764316][T11405] ? __fget_files+0x21f/0x3d0 [ 414.764378][T11405] __x64_sys_openat+0x12d/0x210 [ 414.764413][T11405] ? __pfx___x64_sys_openat+0x10/0x10 [ 414.764459][T11405] do_syscall_64+0x106/0xf80 [ 414.764495][T11405] ? clear_bhb_loop+0x40/0x90 [ 414.764525][T11405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.764551][T11405] RIP: 0033:0x7f66b5d9c799 [ 414.764571][T11405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 414.764596][T11405] RSP: 002b:00007f66b6cdb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 414.764620][T11405] RAX: ffffffffffffffda RBX: 00007f66b6016180 RCX: 00007f66b5d9c799 [ 414.764637][T11405] RDX: 0000000000008901 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 414.764653][T11405] RBP: 00007f66b5e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 414.764668][T11405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 414.764683][T11405] R13: 00007f66b6016218 R14: 00007f66b6016180 R15: 00007ffd9842b4a8 [ 414.764714][T11405] [ 418.443083][T11489] can: request_module (can-proto-0) failed. [ 418.497041][T11490] can: request_module (can-proto-0) failed. [ 419.663854][T11488] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 420.000496][T11518] mtrr: base(0xe00000) is not aligned on a size(0x4000000000) boundary [ 421.274708][T11547] Ignoring unsupported numa_zonelist_order value: [ 421.322490][T11547] FAULT_INJECTION: forcing a failure. [ 421.322490][T11547] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 421.479614][T11547] CPU: 0 UID: 0 PID: 11547 Comm: syz.0.1097 Tainted: G L syzkaller #0 PREEMPT(full) [ 421.479653][T11547] Tainted: [L]=SOFTLOCKUP [ 421.479661][T11547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 421.479675][T11547] Call Trace: [ 421.479683][T11547] [ 421.479692][T11547] dump_stack_lvl+0x100/0x190 [ 421.479731][T11547] should_fail_ex.cold+0x5/0xa [ 421.479758][T11547] _copy_to_user+0x32/0xd0 [ 421.479863][T11547] simple_read_from_buffer+0xcb/0x170 [ 421.479902][T11547] proc_fail_nth_read+0x1af/0x230 [ 421.479933][T11547] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 421.479963][T11547] ? rw_verify_area+0xce/0x6d0 [ 421.479998][T11547] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 421.480026][T11547] vfs_read+0x1e4/0xb30 [ 421.480067][T11547] ? __pfx_vfs_read+0x10/0x10 [ 421.480103][T11547] ? __fget_files+0x215/0x3d0 [ 421.480131][T11547] ? __fget_files+0x21f/0x3d0 [ 421.480161][T11547] ksys_read+0x12a/0x250 [ 421.480181][T11547] ? __pfx_ksys_read+0x10/0x10 [ 421.480210][T11547] do_syscall_64+0x106/0xf80 [ 421.480245][T11547] ? clear_bhb_loop+0x40/0x90 [ 421.480274][T11547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.480298][T11547] RIP: 0033:0x7f9e8755cfce [ 421.480317][T11547] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 421.480339][T11547] RSP: 002b:00007f9e88443fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 421.480361][T11547] RAX: ffffffffffffffda RBX: 00007f9e884446c0 RCX: 00007f9e8755cfce [ 421.480377][T11547] RDX: 000000000000000f RSI: 00007f9e884440a0 RDI: 0000000000000004 [ 421.480391][T11547] RBP: 00007f9e88444090 R08: 0000000000000000 R09: 0000000000000000 [ 421.480405][T11547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 421.480425][T11547] R13: 00007f9e87816128 R14: 00007f9e87816090 R15: 00007fff14001c38 [ 421.480455][T11547] [ 421.708054][T11550] Ignoring unsupported numa_zonelist_order value: [ 422.222757][T11557] random: crng reseeded on system resumption [ 422.233020][T11556] netlink: 672 bytes leftover after parsing attributes in process `syz.0.1103'. [ 422.563759][T11561] Invalid ELF header magic: != ELF [ 424.430468][T11612] sg_write: data in/out 451579365/28898 bytes for SCSI command 0x62-- guessing data in; [ 424.430468][T11612] program syz.0.1112 not setting count and/or reply_len properly [ 424.876187][T11618] Ignoring unsupported numa_zonelist_order value: [ 425.319526][T11623] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1114'. [ 426.730528][T11658] netlink: zone id is out of range [ 427.149483][T11663] futex_wake_op: syz.1.1123 tries to shift op by -2048; fix this program [ 427.318562][T11692] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1127'. [ 427.338427][T11662] cgroup: fork rejected by pids controller in /syz1 [ 427.984003][ T5833] Bluetooth: hci3: unknown advertising packet type: 0xea [ 430.464967][T11772] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1138'. [ 430.696998][T11772] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.704426][T11772] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.768882][T11772] bridge0: entered promiscuous mode [ 432.565982][T11802] futex_wake_op: syz.0.1143 tries to shift op by -2048; fix this program [ 432.595879][T11802] futex_wake_op: syz.0.1143 tries to shift op by -2048; fix this program [ 432.629155][T11802] 0x000000000001-0x000000020000 : "" [ 432.662512][T11802] ftl_cs: FTL header corrupt! [ 436.113239][T11872] nfs: Unknown parameter 'nl802154' [ 436.183047][T11872] FAULT_INJECTION: forcing a failure. [ 436.183047][T11872] name failslab, interval 1, probability 0, space 0, times 0 [ 436.337115][T11872] CPU: 0 UID: 0 PID: 11872 Comm: syz.3.1160 Tainted: G L syzkaller #0 PREEMPT(full) [ 436.337153][T11872] Tainted: [L]=SOFTLOCKUP [ 436.337161][T11872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 436.337176][T11872] Call Trace: [ 436.337184][T11872] [ 436.337192][T11872] dump_stack_lvl+0x100/0x190 [ 436.337232][T11872] should_fail_ex.cold+0x5/0xa [ 436.337259][T11872] should_failslab+0xc2/0x120 [ 436.337284][T11872] __kmalloc_cache_node_noprof+0x7d/0x770 [ 436.337323][T11872] ? __alloc_disk_node+0x5a/0x6b0 [ 436.337434][T11872] __alloc_disk_node+0x5a/0x6b0 [ 436.337462][T11872] __blk_mq_alloc_disk+0x89/0x120 [ 436.337534][T11872] loop_add+0x498/0xb60 [ 436.337617][T11872] ? __pfx_loop_add+0x10/0x10 [ 436.337666][T11872] ? find_held_lock+0x2b/0x80 [ 436.337687][T11872] ? __fget_files+0x215/0x3d0 [ 436.337713][T11872] loop_control_ioctl+0xae/0x620 [ 436.337748][T11872] ? __pfx_loop_control_ioctl+0x10/0x10 [ 436.337785][T11872] ? __pfx_loop_control_ioctl+0x10/0x10 [ 436.337820][T11872] __x64_sys_ioctl+0x18e/0x210 [ 436.337857][T11872] do_syscall_64+0x106/0xf80 [ 436.337893][T11872] ? clear_bhb_loop+0x40/0x90 [ 436.337922][T11872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.337945][T11872] RIP: 0033:0x7f318599c799 [ 436.337964][T11872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 436.337987][T11872] RSP: 002b:00007f31867cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 436.338008][T11872] RAX: ffffffffffffffda RBX: 00007f3185c15fa0 RCX: 00007f318599c799 [ 436.338024][T11872] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000a [ 436.338038][T11872] RBP: 00007f3185a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 436.338052][T11872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 436.338066][T11872] R13: 00007f3185c16038 R14: 00007f3185c15fa0 R15: 00007ffd9fc74608 [ 436.338096][T11872] [ 437.340554][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 437.352288][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 437.403883][T11889] program syz.3.1163 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 438.702426][T11914] mkiss: ax0: crc mode is auto. [ 439.153743][T11926] FAULT_INJECTION: forcing a failure. [ 439.153743][T11926] name failslab, interval 1, probability 0, space 0, times 0 [ 439.224096][T11926] CPU: 0 UID: 0 PID: 11926 Comm: syz.1.1170 Tainted: G L syzkaller #0 PREEMPT(full) [ 439.224137][T11926] Tainted: [L]=SOFTLOCKUP [ 439.224146][T11926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 439.224161][T11926] Call Trace: [ 439.224171][T11926] [ 439.224180][T11926] dump_stack_lvl+0x100/0x190 [ 439.224224][T11926] should_fail_ex.cold+0x5/0xa [ 439.224252][T11926] ? tomoyo_realpath_from_path+0xb6/0x690 [ 439.224366][T11926] should_failslab+0xc2/0x120 [ 439.224394][T11926] __kmalloc_noprof+0xe0/0x850 [ 439.224438][T11926] tomoyo_realpath_from_path+0xb6/0x690 [ 439.224480][T11926] tomoyo_check_open_permission+0x2af/0x3c0 [ 439.224511][T11926] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 439.224569][T11926] ? do_raw_spin_lock+0x128/0x260 [ 439.224609][T11926] ? path_get+0x61/0x80 [ 439.224639][T11926] tomoyo_file_open+0x6b/0x90 [ 439.224807][T11926] security_file_open+0xb5/0x1e0 [ 439.224949][T11926] do_dentry_open+0x5aa/0x1660 [ 439.224979][T11926] ? security_inode_permission+0xbf/0x250 [ 439.225013][T11926] vfs_open+0x82/0x3f0 [ 439.225049][T11926] path_openat+0x208c/0x31a0 [ 439.225095][T11926] ? __pfx_path_openat+0x10/0x10 [ 439.225134][T11926] do_file_open+0x20e/0x430 [ 439.225164][T11926] ? __pfx_do_file_open+0x10/0x10 [ 439.225221][T11926] ? alloc_fd+0x476/0x790 [ 439.225251][T11926] ? do_getname+0x191/0x390 [ 439.225288][T11926] do_sys_openat2+0x10d/0x1e0 [ 439.225322][T11926] ? __pfx_do_sys_openat2+0x10/0x10 [ 439.225367][T11926] __x64_sys_openat+0x12d/0x210 [ 439.225403][T11926] ? __pfx___x64_sys_openat+0x10/0x10 [ 439.225451][T11926] do_syscall_64+0x106/0xf80 [ 439.225489][T11926] ? clear_bhb_loop+0x40/0x90 [ 439.225523][T11926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.225552][T11926] RIP: 0033:0x7f66b5d9c799 [ 439.225578][T11926] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 439.225603][T11926] RSP: 002b:00007f66b6d1d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 439.225628][T11926] RAX: ffffffffffffffda RBX: 00007f66b6015fa0 RCX: 00007f66b5d9c799 [ 439.225645][T11926] RDX: 000000000014fa02 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 439.225661][T11926] RBP: 00007f66b5e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 439.225677][T11926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 439.225693][T11926] R13: 00007f66b6016038 R14: 00007f66b6015fa0 R15: 00007ffd9842b4a8 [ 439.225727][T11926] [ 439.225739][T11926] ERROR: Out of memory at tomoyo_realpath_from_path. [ 444.676688][T12009] futex_wake_op: syz.2.1183 tries to shift op by -2048; fix this program [ 444.791354][T12009] FAULT_INJECTION: forcing a failure. [ 444.791354][T12009] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 444.880139][T12009] CPU: 0 UID: 0 PID: 12009 Comm: syz.2.1183 Tainted: G L syzkaller #0 PREEMPT(full) [ 444.880181][T12009] Tainted: [L]=SOFTLOCKUP [ 444.880190][T12009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 444.880205][T12009] Call Trace: [ 444.880213][T12009] [ 444.880222][T12009] dump_stack_lvl+0x100/0x190 [ 444.880264][T12009] should_fail_ex.cold+0x5/0xa [ 444.880288][T12009] ? prepare_alloc_pages+0x16d/0x5f0 [ 444.880320][T12009] should_fail_alloc_page+0xeb/0x140 [ 444.880348][T12009] prepare_alloc_pages+0x1f0/0x5f0 [ 444.880378][T12009] ? set_next_entity+0x11e/0x9c0 [ 444.880416][T12009] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 444.880459][T12009] ? __lock_acquire+0x4a5/0x2630 [ 444.880490][T12009] ? update_cfs_rq_load_avg+0x51/0x550 [ 444.880528][T12009] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 444.880568][T12009] ? find_held_lock+0x2b/0x80 [ 444.880590][T12009] ? finish_task_switch.isra.0+0x200/0xb80 [ 444.880617][T12009] ? finish_task_switch.isra.0+0x200/0xb80 [ 444.880646][T12009] ? rcu_is_watching+0x12/0xc0 [ 444.880693][T12009] ? finish_task_switch.isra.0+0x205/0xb80 [ 444.880725][T12009] ? rcu_is_watching+0x12/0xc0 [ 444.880763][T12009] ? trace_sched_exit_tp+0x13a/0x180 [ 444.880794][T12009] ? __schedule+0x1000/0x6120 [ 444.880828][T12009] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 444.880873][T12009] ? policy_nodemask+0xed/0x4f0 [ 444.880901][T12009] alloc_pages_mpol+0x1fb/0x550 [ 444.880929][T12009] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 444.880963][T12009] alloc_pages_noprof+0x131/0x390 [ 444.880992][T12009] __pmd_alloc+0x3b/0x950 [ 444.881024][T12009] __handle_mm_fault+0xa99/0x2b60 [ 444.881062][T12009] ? mt_find+0x45e/0x8e0 [ 444.881102][T12009] ? __pfx___handle_mm_fault+0x10/0x10 [ 444.881136][T12009] ? __pfx_mt_find+0x10/0x10 [ 444.881190][T12009] ? find_vma+0xbf/0x140 [ 444.881213][T12009] ? __pfx_find_vma+0x10/0x10 [ 444.881240][T12009] handle_mm_fault+0x36d/0xa20 [ 444.881280][T12009] do_user_addr_fault+0x74c/0x12f0 [ 444.881329][T12009] exc_page_fault+0x6f/0xd0 [ 444.881366][T12009] asm_exc_page_fault+0x26/0x30 [ 444.881391][T12009] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 444.881420][T12009] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f [ 444.881445][T12009] RSP: 0018:ffffc90005abfe68 EFLAGS: 00050202 [ 444.881465][T12009] RAX: 00000000000000ff RBX: 0000000000000002 RCX: 0000000000000002 [ 444.881484][T12009] RDX: 0000000000000001 RSI: ffffffff8c10ca20 RDI: 0000000000000001 [ 444.881499][T12009] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff1821944 [ 444.881514][T12009] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c10ca20 [ 444.881529][T12009] R13: 0000000000000003 R14: 00007ffffffff000 R15: 0000000000000000 [ 444.881559][T12009] _copy_to_user+0xa4/0xd0 [ 444.881591][T12009] keyctl_capabilities+0x5a/0x160 [ 444.881715][T12009] __do_sys_keyctl+0x427/0x5a0 [ 444.881741][T12009] do_syscall_64+0x106/0xf80 [ 444.881777][T12009] ? clear_bhb_loop+0x40/0x90 [ 444.881807][T12009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.881833][T12009] RIP: 0033:0x7f31f8d9c799 [ 444.881852][T12009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 444.881876][T12009] RSP: 002b:00007f31f9cb7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 444.881899][T12009] RAX: ffffffffffffffda RBX: 00007f31f9015fa0 RCX: 00007f31f8d9c799 [ 444.881915][T12009] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 000000000000001f [ 444.881929][T12009] RBP: 00007f31f8e32c99 R08: 00000000000003ff R09: 0000000000000000 [ 444.881950][T12009] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 444.881965][T12009] R13: 00007f31f9016038 R14: 00007f31f9015fa0 R15: 00007ffcaeef85a8 [ 444.881997][T12009] [ 447.911914][T12059] netlink: 'syz.1.1191': attribute type 21 has an invalid length. [ 448.043530][T12059] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1191'. [ 448.571192][T12072] Zero length message leads to an empty skb [ 448.579002][ T29] audit: type=1326 audit(4294967452.697:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12073 comm="syz.2.1195" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f31f8d9c799 code=0x0 [ 448.712563][T12076] netlink: 74 bytes leftover after parsing attributes in process `syz.2.1195'. [ 448.912967][T12094] capability: warning: `syz.1.1196' uses 32-bit capabilities (legacy support in use) [ 449.588232][T12104] syz.1.1199 uses obsolete (PF_INET,SOCK_PACKET) [ 449.743764][T12104] process 'syz.1.1199' launched '/dev/fd/3' with NULL argv: empty string added [ 451.151612][ T29] audit: type=1800 audit(4294967455.291:12): pid=12144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=41488 res=0 errno=0 [ 451.278551][T12147] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 451.435323][T12144] could not allocate digest TFM handle [ 452.028065][T12084] netdevsim netdevsim10 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.328955][T12170] binder: 12164:12170 ioctl c0e85667 38 returned -22 [ 452.549772][T12175] Ignoring unsupported numa_zonelist_order value: [ 453.119301][T12190] netlink: 'syz.3.1214': attribute type 33 has an invalid length. [ 453.166961][T12190] netlink: 322 bytes leftover after parsing attributes in process `syz.3.1214'. [ 453.248459][T12190] netlink: 'syz.3.1214': attribute type 33 has an invalid length. [ 453.287253][T12190] netlink: 322 bytes leftover after parsing attributes in process `syz.3.1214'. [ 453.379946][T12202] FAULT_INJECTION: forcing a failure. [ 453.379946][T12202] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 453.423255][T12202] CPU: 0 UID: 0 PID: 12202 Comm: syz.2.1217 Tainted: G L syzkaller #0 PREEMPT(full) [ 453.423297][T12202] Tainted: [L]=SOFTLOCKUP [ 453.423305][T12202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 453.423321][T12202] Call Trace: [ 453.423329][T12202] [ 453.423339][T12202] dump_stack_lvl+0x100/0x190 [ 453.423384][T12202] should_fail_ex.cold+0x5/0xa [ 453.423409][T12202] ? prepare_alloc_pages+0x16d/0x5f0 [ 453.423442][T12202] should_fail_alloc_page+0xeb/0x140 [ 453.423472][T12202] prepare_alloc_pages+0x1f0/0x5f0 [ 453.423506][T12202] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 453.423546][T12202] ? rcu_is_watching+0x12/0xc0 [ 453.423586][T12202] ? trace_pelt_se_tp+0x159/0x1b0 [ 453.423624][T12202] ? update_cfs_rq_load_avg+0x51/0x550 [ 453.423661][T12202] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 453.423706][T12202] ? __lock_acquire+0x4a5/0x2630 [ 453.423747][T12202] ? __lock_acquire+0x4a5/0x2630 [ 453.423783][T12202] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 453.423827][T12202] ? policy_nodemask+0xed/0x4f0 [ 453.423856][T12202] alloc_pages_mpol+0x1fb/0x550 [ 453.423883][T12202] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 453.423918][T12202] alloc_pages_noprof+0x131/0x390 [ 453.423946][T12202] __pmd_alloc+0x3b/0x950 [ 453.423978][T12202] __handle_mm_fault+0xa99/0x2b60 [ 453.424017][T12202] ? mt_find+0x45e/0x8e0 [ 453.424060][T12202] ? __pfx___handle_mm_fault+0x10/0x10 [ 453.424092][T12202] ? __pfx_mt_find+0x10/0x10 [ 453.424154][T12202] ? find_vma+0xbf/0x140 [ 453.424177][T12202] ? __pfx_find_vma+0x10/0x10 [ 453.424204][T12202] handle_mm_fault+0x36d/0xa20 [ 453.424244][T12202] do_user_addr_fault+0x74c/0x12f0 [ 453.424295][T12202] exc_page_fault+0x6f/0xd0 [ 453.424332][T12202] asm_exc_page_fault+0x26/0x30 [ 453.424357][T12202] RIP: 0010:strncpy_from_user+0xfd/0x2d0 [ 453.424388][T12202] Code: 00 4d 89 64 1d 00 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 32 b9 df fc 48 83 fd 07 0f 86 bb 00 00 00 e8 43 be df fc <4d> 8b 24 1e e8 3a be df fc 4c 89 e2 31 ff 4d 8d 7c 1d 00 48 b8 ff [ 453.424426][T12202] RSP: 0018:ffffc90004b1fd00 EFLAGS: 00050283 [ 453.424446][T12202] RAX: 0000000000000037 RBX: 0000000000000000 RCX: ffffc9000eab1000 [ 453.424462][T12202] RDX: 0000000000080000 RSI: ffffffff85285d9d RDI: ffff888030205b80 [ 453.424478][T12202] RBP: 00000000000000a8 R08: 0000000000000007 R09: 0000000000000007 [ 453.424492][T12202] R10: 00000000000000a8 R11: 0000000000000000 R12: 0000000000000000 [ 453.424507][T12202] R13: ffff88804bfebe18 R14: 0000000000000000 R15: 00000000000000a8 [ 453.424532][T12202] ? strncpy_from_user+0xfd/0x2d0 [ 453.424567][T12202] do_getname+0x78/0x390 [ 453.424603][T12202] do_sys_openat2+0xc5/0x1e0 [ 453.424636][T12202] ? __pfx_do_sys_openat2+0x10/0x10 [ 453.424680][T12202] __x64_sys_openat+0x12d/0x210 [ 453.424715][T12202] ? __pfx___x64_sys_openat+0x10/0x10 [ 453.424761][T12202] do_syscall_64+0x106/0xf80 [ 453.424797][T12202] ? clear_bhb_loop+0x40/0x90 [ 453.424827][T12202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.424852][T12202] RIP: 0033:0x7f31f8d9c799 [ 453.424871][T12202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 453.424895][T12202] RSP: 002b:00007f31f9cb7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 453.424917][T12202] RAX: ffffffffffffffda RBX: 00007f31f9015fa0 RCX: 00007f31f8d9c799 [ 453.424933][T12202] RDX: 0000000000048a42 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 453.424949][T12202] RBP: 00007f31f8e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 453.424964][T12202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 453.424978][T12202] R13: 00007f31f9016038 R14: 00007f31f9015fa0 R15: 00007ffcaeef85a8 [ 453.425010][T12202] [ 455.449258][T12221] netlink: 'syz.0.1223': attribute type 28 has an invalid length. [ 455.485691][T12221] netlink: 'syz.0.1223': attribute type 3 has an invalid length. [ 455.526844][T12221] netlink: 306 bytes leftover after parsing attributes in process `syz.0.1223'. [ 455.749682][T12227] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1224'. [ 457.727506][T12260] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1231'. [ 462.352831][T12328] block2mtd: illegal erase size [ 462.565425][ T5833] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 462.565458][ T5833] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 462.580414][ T5833] Bluetooth: hci0: Dropping invalid advertising data [ 462.587104][ T5833] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 462.587132][ T5833] Bluetooth: hci0: Dropping invalid advertising data [ 462.601362][ T5833] Bluetooth: hci0: Malformed LE Event: 0x02 [ 463.544201][T12350] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 465.955063][T12374] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078007000 pfn:0x78007 [ 466.017347][T12374] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 466.077621][T12374] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 466.175569][T12374] raw: ffff888078007000 0000000000000000 00000001ffffffff 0000000000000000 [ 466.287175][T12374] page dumped because: unmovable page [ 466.358026][T12374] page_owner tracks the page as allocated [ 466.428130][T12374] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO), pid 5948, tgid 5946 (syz.0.9), ts 103448292028, free_ts 103441473365 [ 466.428252][T12374] post_alloc_hook+0x153/0x170 [ 466.428292][T12374] get_page_from_freelist+0x111d/0x3140 [ 466.428330][T12374] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 466.428369][T12374] alloc_pages_mpol+0x1fb/0x550 [ 466.428394][T12374] alloc_pages_noprof+0x131/0x390 [ 466.428419][T12374] brd_submit_bio+0x116a/0x20d0 [ 466.428449][T12374] __submit_bio+0x419/0x6c0 [ 466.428548][T12374] submit_bio_noacct_nocheck+0x74f/0xc10 [ 466.428583][T12374] submit_bio_noacct+0xd17/0x2010 [ 466.428617][T12374] submit_bh_wbc+0x59c/0x770 [ 466.428652][T12374] __block_write_full_folio+0x77f/0xee0 [ 466.428692][T12374] block_write_full_folio+0x3b5/0x4e0 [ 466.428730][T12374] blkdev_writepages+0xc7/0x150 [ 466.428784][T12374] do_writepages+0x278/0x600 [ 466.428813][T12374] filemap_writeback+0x22d/0x2e0 [ 466.428852][T12374] file_write_and_wait_range+0xcd/0x140 [ 466.428887][T12374] page last free pid 5935 tgid 5933 stack trace: [ 466.428903][T12374] __free_frozen_pages+0x7e1/0x10d0 [ 466.428933][T12374] tlb_remove_table_rcu+0x2cf/0x380 [ 466.428965][T12374] rcu_core+0x5a2/0x10d0 [ 466.428998][T12374] handle_softirqs+0x1eb/0x9e0 [ 466.429023][T12374] __irq_exit_rcu+0xef/0x150 [ 466.429048][T12374] irq_exit_rcu+0x9/0x30 [ 466.429072][T12374] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 466.429109][T12374] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 466.614762][T12378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078007000 pfn:0x78007 [ 466.614845][T12378] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 466.614877][T12378] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 466.614903][T12378] raw: ffff888078007000 0000000000000000 00000001ffffffff 0000000000000000 [ 466.614919][T12378] page dumped because: unmovable page [ 466.614931][T12378] page_owner tracks the page as allocated [ 466.614942][T12378] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO), pid 5948, tgid 5946 (syz.0.9), ts 103448292028, free_ts 103441473365 [ 466.614983][T12378] post_alloc_hook+0x153/0x170 [ 466.615020][T12378] get_page_from_freelist+0x111d/0x3140 [ 466.615058][T12378] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 466.615097][T12378] alloc_pages_mpol+0x1fb/0x550 [ 466.615122][T12378] alloc_pages_noprof+0x131/0x390 [ 466.615147][T12378] brd_submit_bio+0x116a/0x20d0 [ 466.615176][T12378] __submit_bio+0x419/0x6c0 [ 466.615209][T12378] submit_bio_noacct_nocheck+0x74f/0xc10 [ 466.615245][T12378] submit_bio_noacct+0xd17/0x2010 [ 466.615286][T12378] submit_bh_wbc+0x59c/0x770 [ 466.615313][T12378] __block_write_full_folio+0x77f/0xee0 [ 466.615348][T12378] block_write_full_folio+0x3b5/0x4e0 [ 466.615386][T12378] blkdev_writepages+0xc7/0x150 [ 466.615421][T12378] do_writepages+0x278/0x600 [ 466.615449][T12378] filemap_writeback+0x22d/0x2e0 [ 466.615478][T12378] file_write_and_wait_range+0xcd/0x140 [ 466.615513][T12378] page last free pid 5935 tgid 5933 stack trace: [ 466.615528][T12378] __free_frozen_pages+0x7e1/0x10d0 [ 466.615559][T12378] tlb_remove_table_rcu+0x2cf/0x380 [ 466.615590][T12378] rcu_core+0x5a2/0x10d0 [ 466.615624][T12378] handle_softirqs+0x1eb/0x9e0 [ 466.615649][T12378] __irq_exit_rcu+0xef/0x150 [ 466.615673][T12378] irq_exit_rcu+0x9/0x30 [ 466.615698][T12378] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 466.615734][T12378] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 468.263918][T12385] zswap: compressor not available [ 468.971468][T12407] binder: 12406:12407 ioctl c00c6211 0 returned -14 [ 471.322738][T12446] mtrr: base(0xd00000) is not aligned on a size(0x4000000000) boundary [ 474.566075][T12507] FAULT_INJECTION: forcing a failure. [ 474.566075][T12507] name failslab, interval 1, probability 0, space 0, times 0 [ 474.657212][T12507] CPU: 0 UID: 0 PID: 12507 Comm: syz.2.1279 Tainted: G L syzkaller #0 PREEMPT(full) [ 474.657250][T12507] Tainted: [L]=SOFTLOCKUP [ 474.657259][T12507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 474.657272][T12507] Call Trace: [ 474.657280][T12507] [ 474.657289][T12507] dump_stack_lvl+0x100/0x190 [ 474.657329][T12507] should_fail_ex.cold+0x5/0xa [ 474.657357][T12507] should_failslab+0xc2/0x120 [ 474.657382][T12507] __kvmalloc_node_noprof+0xfa/0xa00 [ 474.657418][T12507] ? io_uring_setup.cold+0x171/0x1d79 [ 474.657455][T12507] ? lockdep_init_map_type+0x5c/0x250 [ 474.657491][T12507] io_uring_setup.cold+0x171/0x1d79 [ 474.657531][T12507] ? __pfx_io_uring_setup+0x10/0x10 [ 474.657650][T12507] ? do_futex+0x192/0x350 [ 474.657682][T12507] ? __pfx_do_futex+0x10/0x10 [ 474.657710][T12507] ? __pfx_do_sys_openat2+0x10/0x10 [ 474.657755][T12507] ? xfd_validate_state+0x129/0x190 [ 474.657799][T12507] __x64_sys_io_uring_setup+0xc2/0x170 [ 474.657833][T12507] do_syscall_64+0x106/0xf80 [ 474.657867][T12507] ? clear_bhb_loop+0x40/0x90 [ 474.657896][T12507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.657919][T12507] RIP: 0033:0x7f31f8d9c799 [ 474.657938][T12507] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 474.657961][T12507] RSP: 002b:00007f31f9c96028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 474.657983][T12507] RAX: ffffffffffffffda RBX: 00007f31f9016090 RCX: 00007f31f8d9c799 [ 474.657999][T12507] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 474.658012][T12507] RBP: 00007f31f8e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 474.658027][T12507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 474.658040][T12507] R13: 00007f31f9016128 R14: 00007f31f9016090 R15: 00007ffcaeef85a8 [ 474.658070][T12507] [ 475.626140][T12523] FAULT_INJECTION: forcing a failure. [ 475.626140][T12523] name fail_futex, interval 1, probability 0, space 0, times 0 [ 475.684338][T12523] CPU: 0 UID: 8 PID: 12523 Comm: syz.0.1282 Tainted: G L syzkaller #0 PREEMPT(full) [ 475.684378][T12523] Tainted: [L]=SOFTLOCKUP [ 475.684387][T12523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 475.684403][T12523] Call Trace: [ 475.684410][T12523] [ 475.684419][T12523] dump_stack_lvl+0x100/0x190 [ 475.684461][T12523] should_fail_ex.cold+0x5/0xa [ 475.684489][T12523] get_futex_key+0x1d2/0x1620 [ 475.684522][T12523] ? __pfx_get_futex_key+0x10/0x10 [ 475.684562][T12523] ? is_bpf_text_address+0x8a/0x1a0 [ 475.684605][T12523] ? __lock_acquire+0x4a5/0x2630 [ 475.684640][T12523] futex_wait_setup+0x83/0x510 [ 475.684687][T12523] __futex_wait+0x19f/0x300 [ 475.684728][T12523] ? __pfx___futex_wait+0x10/0x10 [ 475.684765][T12523] ? rcu_is_watching+0x12/0xc0 [ 475.684808][T12523] ? __pfx_futex_wake_mark+0x10/0x10 [ 475.684850][T12523] ? futex_hash+0x2c5/0x380 [ 475.684887][T12523] futex_wait+0xed/0x380 [ 475.684926][T12523] ? __pfx_futex_wait+0x10/0x10 [ 475.684979][T12523] do_futex+0x1ef/0x350 [ 475.685012][T12523] ? __pfx_do_futex+0x10/0x10 [ 475.685052][T12523] __x64_sys_futex+0x34f/0x4d0 [ 475.685089][T12523] ? __pfx___x64_sys_futex+0x10/0x10 [ 475.685121][T12523] ? __put_cred+0x111/0x180 [ 475.685157][T12523] ? keyctl_session_to_parent+0x39a/0xae0 [ 475.685194][T12523] do_syscall_64+0x106/0xf80 [ 475.685231][T12523] ? clear_bhb_loop+0x40/0x90 [ 475.685262][T12523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 475.685287][T12523] RIP: 0033:0x7f9e8759c799 [ 475.685306][T12523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 475.685331][T12523] RSP: 002b:00007f9e884650e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 475.685354][T12523] RAX: ffffffffffffffda RBX: 00007f9e87815fa8 RCX: 00007f9e8759c799 [ 475.685371][T12523] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9e87815fa8 [ 475.685386][T12523] RBP: 00007f9e87815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 475.685401][T12523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 475.685416][T12523] R13: 00007f9e87816038 R14: 00007fff14001b50 R15: 00007fff14001c38 [ 475.685447][T12523] [ 477.138009][T12552] netlink: 'syz.1.1288': attribute type 1 has an invalid length. [ 477.611744][T12561] [U] [ 477.614898][T12561] [U] [ 477.617614][T12561] [U] [ 477.620327][T12561] [U] [ 477.694607][T12554] FAULT_INJECTION: forcing a failure. [ 477.694607][T12554] name failslab, interval 1, probability 0, space 0, times 0 [ 477.767799][T12554] CPU: 0 UID: 0 PID: 12554 Comm: syz.0.1289 Tainted: G L syzkaller #0 PREEMPT(full) [ 477.767840][T12554] Tainted: [L]=SOFTLOCKUP [ 477.767849][T12554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 477.767864][T12554] Call Trace: [ 477.767872][T12554] [ 477.767881][T12554] dump_stack_lvl+0x100/0x190 [ 477.767924][T12554] should_fail_ex.cold+0x5/0xa [ 477.767953][T12554] should_failslab+0xc2/0x120 [ 477.767980][T12554] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 477.768018][T12554] ? security_inode_alloc+0x3b/0x2c0 [ 477.768045][T12554] ? lockdep_init_map_type+0x5c/0x250 [ 477.768083][T12554] security_inode_alloc+0x3b/0x2c0 [ 477.768109][T12554] inode_init_always_gfp+0xced/0x1040 [ 477.768139][T12554] alloc_inode+0x8e/0x250 [ 477.768172][T12554] path_from_stashed+0x25b/0x750 [ 477.768199][T12554] ? do_raw_spin_unlock+0x145/0x1e0 [ 477.768242][T12554] ns_get_path+0x60/0x80 [ 477.768266][T12554] proc_ns_get_link+0x121/0x230 [ 477.768303][T12554] ? __pfx_proc_ns_get_link+0x10/0x10 [ 477.768342][T12554] ? atime_needs_update+0x8b/0x6b0 [ 477.768380][T12554] pick_link+0xd17/0x13c0 [ 477.768416][T12554] ? __pfx_proc_ns_get_link+0x10/0x10 [ 477.768466][T12554] step_into_slowpath+0x9ba/0xf90 [ 477.768510][T12554] ? __pfx_step_into_slowpath+0x10/0x10 [ 477.768548][T12554] ? find_held_lock+0x2b/0x80 [ 477.768581][T12554] path_openat+0xf95/0x31a0 [ 477.768616][T12554] ? __pfx_path_openat+0x10/0x10 [ 477.768653][T12554] do_file_open+0x20e/0x430 [ 477.768681][T12554] ? __pfx_do_file_open+0x10/0x10 [ 477.768727][T12554] ? alloc_fd+0x476/0x790 [ 477.768753][T12554] ? do_getname+0x191/0x390 [ 477.768787][T12554] do_sys_openat2+0x10d/0x1e0 [ 477.768821][T12554] ? __pfx_do_sys_openat2+0x10/0x10 [ 477.768856][T12554] ? __fget_files+0x21f/0x3d0 [ 477.768885][T12554] __x64_sys_openat+0x12d/0x210 [ 477.768920][T12554] ? __pfx___x64_sys_openat+0x10/0x10 [ 477.768965][T12554] do_syscall_64+0x106/0xf80 [ 477.769001][T12554] ? clear_bhb_loop+0x40/0x90 [ 477.769032][T12554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.769057][T12554] RIP: 0033:0x7f9e8755cfce [ 477.769077][T12554] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 477.769101][T12554] RSP: 002b:00007f9e88464ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 477.769125][T12554] RAX: ffffffffffffffda RBX: 00007f9e884656c0 RCX: 00007f9e8755cfce [ 477.769142][T12554] RDX: 0000000000000002 RSI: 00007f9e88464f90 RDI: ffffffffffffff9c [ 477.769158][T12554] RBP: 00007f9e87632c99 R08: 0000000000000000 R09: 0000000000000000 [ 477.769173][T12554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.769188][T12554] R13: 00007f9e87816038 R14: 00007f9e87815fa0 R15: 00007fff14001c38 [ 477.769219][T12554] [ 478.081396][T12561] [U] [ 478.084156][T12561] [U] [ 478.086874][T12561] [U] [ 478.089581][T12561] [U] [ 478.329468][T12555] [U] [ 480.508382][T12608] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1299'. [ 481.315838][T12624] FAULT_INJECTION: forcing a failure. [ 481.315838][T12624] name fail_futex, interval 1, probability 0, space 0, times 0 [ 481.403150][T12624] CPU: 0 UID: 0 PID: 12624 Comm: syz.1.1303 Tainted: G L syzkaller #0 PREEMPT(full) [ 481.403191][T12624] Tainted: [L]=SOFTLOCKUP [ 481.403199][T12624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 481.403214][T12624] Call Trace: [ 481.403222][T12624] [ 481.403232][T12624] dump_stack_lvl+0x100/0x190 [ 481.403275][T12624] should_fail_ex.cold+0x5/0xa [ 481.403311][T12624] get_futex_key+0x1d2/0x1620 [ 481.403346][T12624] ? __pfx_get_futex_key+0x10/0x10 [ 481.403374][T12624] ? lockdep_hardirqs_on+0x78/0x100 [ 481.403414][T12624] ? fcntl_setlk+0x4f4/0xe40 [ 481.403440][T12624] ? kmem_cache_free+0x124/0x6a0 [ 481.403479][T12624] futex_wake+0xea/0x530 [ 481.403518][T12624] ? fcntl_setlk+0x4f9/0xe40 [ 481.403547][T12624] ? __pfx_futex_wake+0x10/0x10 [ 481.403582][T12624] ? __pfx_fcntl_setlk+0x10/0x10 [ 481.403613][T12624] ? __might_fault+0xc5/0x140 [ 481.403647][T12624] ? __might_fault+0xc5/0x140 [ 481.403688][T12624] do_futex+0x32b/0x350 [ 481.403721][T12624] ? __pfx_do_futex+0x10/0x10 [ 481.403753][T12624] ? do_fcntl+0x811/0x1670 [ 481.403790][T12624] __x64_sys_futex+0x34f/0x4d0 [ 481.403827][T12624] ? __pfx___x64_sys_futex+0x10/0x10 [ 481.403860][T12624] ? tomoyo_file_fcntl+0x6c/0xc0 [ 481.403908][T12624] do_syscall_64+0x106/0xf80 [ 481.403944][T12624] ? clear_bhb_loop+0x40/0x90 [ 481.403975][T12624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 481.404001][T12624] RIP: 0033:0x7f66b5d9c799 [ 481.404021][T12624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 481.404045][T12624] RSP: 002b:00007f66b6d1d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 481.404068][T12624] RAX: ffffffffffffffda RBX: 00007f66b6015fa8 RCX: 00007f66b5d9c799 [ 481.404085][T12624] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f66b6015fac [ 481.404100][T12624] RBP: 00007f66b6015fa0 R08: 0000000000000000 R09: 0000000000000000 [ 481.404115][T12624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 481.404130][T12624] R13: 00007f66b6016038 R14: 00007ffd9842b3c0 R15: 00007ffd9842b4a8 [ 481.404161][T12624] [ 483.516580][T12661] HfR: entered promiscuous mode [ 483.562893][T12661] openvswitch: HfR: Dropping previously announced user features [ 485.900054][T12712] FAULT_INJECTION: forcing a failure. [ 485.900054][T12712] name fail_futex, interval 1, probability 0, space 0, times 0 [ 485.935213][T12709] zswap: compressor not available [ 486.041705][T12712] CPU: 0 UID: 0 PID: 12712 Comm: syz.0.1320 Tainted: G L syzkaller #0 PREEMPT(full) [ 486.041746][T12712] Tainted: [L]=SOFTLOCKUP [ 486.041755][T12712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 486.041770][T12712] Call Trace: [ 486.041785][T12712] [ 486.041794][T12712] dump_stack_lvl+0x100/0x190 [ 486.041837][T12712] should_fail_ex.cold+0x5/0xa [ 486.041866][T12712] get_futex_key+0x1d2/0x1620 [ 486.041900][T12712] ? __pfx_get_futex_key+0x10/0x10 [ 486.041928][T12712] ? rcu_is_watching+0x12/0xc0 [ 486.041966][T12712] ? vfs_writev+0x1d5/0xe10 [ 486.042003][T12712] ? kfree+0x2ec/0x6b0 [ 486.042042][T12712] futex_wake+0xea/0x530 [ 486.042083][T12712] ? __pfx_futex_wake+0x10/0x10 [ 486.042124][T12712] ? do_writev+0x214/0x340 [ 486.042169][T12712] do_futex+0x32b/0x350 [ 486.042201][T12712] ? __pfx_do_futex+0x10/0x10 [ 486.042236][T12712] ? __fget_files+0x21f/0x3d0 [ 486.042263][T12712] __x64_sys_futex+0x34f/0x4d0 [ 486.042300][T12712] ? __pfx___x64_sys_futex+0x10/0x10 [ 486.042334][T12712] ? __pfx_do_writev+0x10/0x10 [ 486.042380][T12712] do_syscall_64+0x106/0xf80 [ 486.042417][T12712] ? clear_bhb_loop+0x40/0x90 [ 486.042448][T12712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.042473][T12712] RIP: 0033:0x7f9e8759c799 [ 486.042493][T12712] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 486.042524][T12712] RSP: 002b:00007f9e884230e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 486.042548][T12712] RAX: ffffffffffffffda RBX: 00007f9e87816188 RCX: 00007f9e8759c799 [ 486.042565][T12712] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9e8781618c [ 486.042581][T12712] RBP: 00007f9e87816180 R08: 0000000000000000 R09: 0000000000000000 [ 486.042596][T12712] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 486.042611][T12712] R13: 00007f9e87816218 R14: 00007fff14001b50 R15: 00007fff14001c38 [ 486.042642][T12712] [ 486.340231][T12718] aoe: could not set interface list: too many interfaces [ 486.507641][T12723] FAULT_INJECTION: forcing a failure. [ 486.507641][T12723] name failslab, interval 1, probability 0, space 0, times 0 [ 486.525063][T12723] CPU: 0 UID: 0 PID: 12723 Comm: syz.3.1325 Tainted: G L syzkaller #0 PREEMPT(full) [ 486.525100][T12723] Tainted: [L]=SOFTLOCKUP [ 486.525108][T12723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 486.525122][T12723] Call Trace: [ 486.525130][T12723] [ 486.525138][T12723] dump_stack_lvl+0x100/0x190 [ 486.525179][T12723] should_fail_ex.cold+0x5/0xa [ 486.525206][T12723] should_failslab+0xc2/0x120 [ 486.525232][T12723] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 486.525268][T12723] ? __anon_vma_prepare+0x344/0x5e0 [ 486.525307][T12723] __anon_vma_prepare+0x344/0x5e0 [ 486.525352][T12723] __vmf_anon_prepare+0x11f/0x250 [ 486.525381][T12723] do_anonymous_page+0x552/0x1fb0 [ 486.525415][T12723] ? __handle_mm_fault+0x17a4/0x2b60 [ 486.525452][T12723] __handle_mm_fault+0x1d42/0x2b60 [ 486.525493][T12723] ? __pfx___handle_mm_fault+0x10/0x10 [ 486.525529][T12723] ? pte_offset_map_lock+0x174/0x320 [ 486.525553][T12723] ? find_held_lock+0x2b/0x80 [ 486.525586][T12723] ? follow_page_pte+0x5b3/0x1400 [ 486.525618][T12723] handle_mm_fault+0x36d/0xa20 [ 486.525659][T12723] __get_user_pages+0xf9c/0x34d0 [ 486.525696][T12723] ? __pfx___get_user_pages+0x10/0x10 [ 486.525731][T12723] populate_vma_page_range+0x267/0x3f0 [ 486.525761][T12723] ? __pfx_populate_vma_page_range+0x10/0x10 [ 486.525789][T12723] ? __pfx_find_vma_intersection+0x10/0x10 [ 486.525816][T12723] ? do_mmap+0x93f/0x12f0 [ 486.525848][T12723] __mm_populate+0x107/0x3a0 [ 486.525877][T12723] ? __pfx___mm_populate+0x10/0x10 [ 486.525907][T12723] ? up_write+0x290/0x4f0 [ 486.525944][T12723] vm_mmap_pgoff+0x37f/0x470 [ 486.525974][T12723] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 486.526003][T12723] ? do_futex+0x192/0x350 [ 486.526034][T12723] ? __pfx_do_futex+0x10/0x10 [ 486.526070][T12723] ksys_mmap_pgoff+0xe1/0x650 [ 486.526095][T12723] ? __x64_sys_futex+0x34f/0x4d0 [ 486.526125][T12723] ? __x64_sys_futex+0x358/0x4d0 [ 486.526156][T12723] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 486.526182][T12723] ? xfd_validate_state+0x129/0x190 [ 486.526222][T12723] __x64_sys_mmap+0x125/0x190 [ 486.526261][T12723] do_syscall_64+0x106/0xf80 [ 486.526296][T12723] ? clear_bhb_loop+0x40/0x90 [ 486.526329][T12723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.526354][T12723] RIP: 0033:0x7f318599c799 [ 486.526373][T12723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 486.526395][T12723] RSP: 002b:00007f31867cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 486.526417][T12723] RAX: ffffffffffffffda RBX: 00007f3185c15fa0 RCX: 00007f318599c799 [ 486.526432][T12723] RDX: 00000000000000df RSI: 0000000000000009 RDI: 0000000000000000 [ 486.526446][T12723] RBP: 00007f3185a32c99 R08: 0000000000000000 R09: 0000000000008000 [ 486.526461][T12723] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 486.526475][T12723] R13: 00007f3185c16038 R14: 00007f3185c15fa0 R15: 00007ffd9fc74608 [ 486.526505][T12723] [ 486.531466][T12723] FAULT_INJECTION: forcing a failure. [ 486.531466][T12723] name failslab, interval 1, probability 0, space 0, times 0 [ 486.839001][T12723] CPU: 0 UID: 0 PID: 12723 Comm: syz.3.1325 Tainted: G L syzkaller #0 PREEMPT(full) [ 486.839038][T12723] Tainted: [L]=SOFTLOCKUP [ 486.839046][T12723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 486.839060][T12723] Call Trace: [ 486.839070][T12723] [ 486.839080][T12723] dump_stack_lvl+0x100/0x190 [ 486.839120][T12723] should_fail_ex.cold+0x5/0xa [ 486.839148][T12723] should_failslab+0xc2/0x120 [ 486.839174][T12723] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 486.839210][T12723] ? dst_alloc+0x99/0x1a0 [ 486.839358][T12723] dst_alloc+0x99/0x1a0 [ 486.839388][T12723] rt_dst_alloc+0x35/0x3a0 [ 486.839478][T12723] ip_route_output_key_hash_rcu+0x87a/0x2870 [ 486.839515][T12723] ip_route_output_key_hash+0x118/0x2b0 [ 486.839544][T12723] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 486.839587][T12723] vti_tunnel_xmit+0xd7e/0x1d90 [ 486.839654][T12723] ? __pfx_vti_tunnel_xmit+0x10/0x10 [ 486.839677][T12723] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 486.839728][T12723] ? rcu_lockdep_current_cpu_online+0x30/0x150 [ 486.839758][T12723] dev_hard_start_xmit+0x121/0x7d0 [ 486.839833][T12723] __dev_queue_xmit+0x32c1/0x4800 [ 486.839865][T12723] ? find_held_lock+0x2b/0x80 [ 486.839887][T12723] ? __might_fault+0xc5/0x140 [ 486.839924][T12723] ? __pfx___dev_queue_xmit+0x10/0x10 [ 486.839955][T12723] ? _copy_from_iter+0x270/0x1690 [ 486.840015][T12723] ? __pfx__copy_from_iter+0x10/0x10 [ 486.840042][T12723] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 486.840079][T12723] ? packet_parse_headers+0x5ae/0x800 [ 486.840138][T12723] ? __asan_memset+0x23/0x50 [ 486.840169][T12723] ? packet_parse_headers+0x5ba/0x800 [ 486.840194][T12723] ? packet_parse_headers+0x205/0x800 [ 486.840219][T12723] ? __pfx_packet_parse_headers+0x10/0x10 [ 486.840248][T12723] packet_xmit+0x243/0x310 [ 486.840276][T12723] packet_sendmsg+0x32f4/0x53c0 [ 486.840316][T12723] ? __pfx___might_resched+0x10/0x10 [ 486.840352][T12723] ? __lock_acquire+0x4a5/0x2630 [ 486.840386][T12723] ? aa_sk_perm+0x309/0xaa0 [ 486.840433][T12723] ? __pfx_packet_sendmsg+0x10/0x10 [ 486.840457][T12723] ? __pfx_aa_sk_perm+0x10/0x10 [ 486.840491][T12723] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 486.840551][T12723] ____sys_sendmsg+0x9e1/0xb70 [ 486.840597][T12723] ? __pfx_packet_sendmsg+0x10/0x10 [ 486.840625][T12723] ? __pfx_____sys_sendmsg+0x10/0x10 [ 486.840654][T12723] ? futex_unqueue+0x133/0x2c0 [ 486.840689][T12723] ___sys_sendmsg+0x190/0x1e0 [ 486.840732][T12723] ? __pfx____sys_sendmsg+0x10/0x10 [ 486.840758][T12723] ? __pfx___futex_wait+0x10/0x10 [ 486.840812][T12723] ? find_held_lock+0x2b/0x80 [ 486.840851][T12723] __sys_sendmmsg+0x205/0x430 [ 486.840890][T12723] ? __pfx___sys_sendmmsg+0x10/0x10 [ 486.840932][T12723] ? __pfx_do_futex+0x10/0x10 [ 486.840983][T12723] ? __sys_socket+0xac/0x260 [ 486.841012][T12723] ? xfd_validate_state+0x129/0x190 [ 486.841054][T12723] __x64_sys_sendmmsg+0x9c/0x100 [ 486.841088][T12723] ? lockdep_hardirqs_on+0x78/0x100 [ 486.841124][T12723] do_syscall_64+0x106/0xf80 [ 486.841159][T12723] ? clear_bhb_loop+0x40/0x90 [ 486.841188][T12723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.841213][T12723] RIP: 0033:0x7f318599c799 [ 486.841234][T12723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 486.841257][T12723] RSP: 002b:00007f31867cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 486.841280][T12723] RAX: ffffffffffffffda RBX: 00007f3185c15fa0 RCX: 00007f318599c799 [ 486.841296][T12723] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000004 [ 486.841312][T12723] RBP: 00007f3185a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 486.841327][T12723] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 486.841340][T12723] R13: 00007f3185c16038 R14: 00007f3185c15fa0 R15: 00007ffd9fc74608 [ 486.841371][T12723] [ 487.898828][T12732] ubi0: attaching mtd0 [ 487.928852][T12732] ubi0 error: ubi_attach_mtd_dev: bad VID header (33554495) or data offsets (33554559) [ 487.961526][T12734] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input10 [ 487.992633][T12737] ubi0: attaching mtd0 [ 487.996775][T12737] ubi0 error: ubi_attach_mtd_dev: bad VID header (33554495) or data offsets (33554559) [ 490.487390][T12775] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 490.585056][T12779] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 491.848243][T12807] input: f as /devices/virtual/input/input11 [ 491.898706][T12807] FAULT_INJECTION: forcing a failure. [ 491.898706][T12807] name failslab, interval 1, probability 0, space 0, times 0 [ 492.039181][T12807] CPU: 0 UID: 0 PID: 12807 Comm: syz.1.1345 Tainted: G L syzkaller #0 PREEMPT(full) [ 492.039222][T12807] Tainted: [L]=SOFTLOCKUP [ 492.039230][T12807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 492.039245][T12807] Call Trace: [ 492.039253][T12807] [ 492.039262][T12807] dump_stack_lvl+0x100/0x190 [ 492.039305][T12807] should_fail_ex.cold+0x5/0xa [ 492.039333][T12807] should_failslab+0xc2/0x120 [ 492.039360][T12807] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 492.039406][T12807] ? kstrdup_const+0x63/0x80 [ 492.039427][T12807] ? find_held_lock+0x2b/0x80 [ 492.039456][T12807] kstrdup+0x51/0xe0 [ 492.039498][T12807] kstrdup_const+0x63/0x80 [ 492.039520][T12807] __kernfs_new_node+0x9b/0x960 [ 492.039560][T12807] ? __pfx___kernfs_new_node+0x10/0x10 [ 492.039603][T12807] ? find_held_lock+0x2b/0x80 [ 492.039626][T12807] ? kernfs_root+0xee/0x2a0 [ 492.039660][T12807] ? kernfs_root+0xee/0x2a0 [ 492.039701][T12807] kernfs_new_node+0x11b/0x1a0 [ 492.039746][T12807] kernfs_create_link+0xcc/0x240 [ 492.039778][T12807] sysfs_do_create_link_sd+0x90/0x140 [ 492.039815][T12807] sysfs_create_link+0x61/0xc0 [ 492.039851][T12807] device_add+0xb5d/0x1950 [ 492.039979][T12807] ? __pfx_device_add+0x10/0x10 [ 492.040014][T12807] ? kobject_get+0xbb/0x150 [ 492.040089][T12807] cdev_device_add+0x12b/0x270 [ 492.040118][T12807] evdev_connect+0x3a8/0x4b0 [ 492.040227][T12807] input_attach_handler.isra.0+0x177/0x1e0 [ 492.040288][T12807] input_register_device.cold+0x139/0x375 [ 492.040352][T12807] uinput_ioctl_handler.isra.0+0x8d8/0x1d10 [ 492.040426][T12807] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 492.040464][T12807] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 492.040503][T12807] ? find_held_lock+0x2b/0x80 [ 492.040525][T12807] ? __fget_files+0x215/0x3d0 [ 492.040562][T12807] ? __pfx_uinput_ioctl+0x10/0x10 [ 492.040592][T12807] __x64_sys_ioctl+0x18e/0x210 [ 492.040631][T12807] do_syscall_64+0x106/0xf80 [ 492.040667][T12807] ? clear_bhb_loop+0x40/0x90 [ 492.040697][T12807] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 492.040723][T12807] RIP: 0033:0x7f66b5d9c799 [ 492.040744][T12807] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 492.040768][T12807] RSP: 002b:00007f66b6d1d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 492.040792][T12807] RAX: ffffffffffffffda RBX: 00007f66b6015fa0 RCX: 00007f66b5d9c799 [ 492.040810][T12807] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005 [ 492.040825][T12807] RBP: 00007f66b5e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 492.040841][T12807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 492.040856][T12807] R13: 00007f66b6016038 R14: 00007f66b6015fa0 R15: 00007ffd9842b4a8 [ 492.040888][T12807] [ 492.780057][T12812] zswap: compressor not available [ 493.572565][T12807] input: failed to attach handler evdev to device input11, error: -12 [ 493.821314][T12808] Invalid ELF header magic: != ELF [ 494.622723][T12839] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 496.101178][T12877] futex_wake_op: syz.0.1360 tries to shift op by -2048; fix this program [ 496.173874][T12877] futex_wake_op: syz.0.1360 tries to shift op by -2048; fix this program [ 497.510176][T12898] __vm_enough_memory: pid: 12898, comm: syz.1.1367, bytes: 4398046511104 not enough memory for the allocation [ 497.718326][T12903] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 498.543983][T12925] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 498.947081][T12923] Ignoring unsupported numa_zonelist_order value: [ 499.322853][ T8215] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 499.657805][ T8215] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 500.093455][ T8215] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 500.192055][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 500.204543][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 500.214791][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 500.227881][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 500.235675][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 500.367031][ T8215] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.142892][ T8215] netdevsim netdevsim10 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.590135][ T8215] bridge_slave_1: left allmulticast mode [ 501.616829][ T8215] bridge_slave_1: left promiscuous mode [ 501.659240][ T8215] bridge0: port 2(bridge_slave_1) entered disabled state [ 501.710695][ T8215] bridge_slave_0: left allmulticast mode [ 501.745921][ T8215] bridge_slave_0: left promiscuous mode [ 501.786033][ T8215] bridge0: port 1(bridge_slave_0) entered disabled state [ 501.910046][T12961] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 502.110903][T12961] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 502.322856][ T5833] Bluetooth: hci0: command tx timeout [ 502.754041][ T8215] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 502.800118][ T8215] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 502.841428][ T8215] bond0 (unregistering): Released all slaves [ 502.935051][T12940] chnl_net:caif_netlink_parms(): no params data found [ 503.016940][ T8215] HfR: left promiscuous mode [ 503.478920][T12987] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1385'. [ 503.767143][T12940] bridge0: port 1(bridge_slave_0) entered blocking state [ 503.824759][T12940] bridge0: port 1(bridge_slave_0) entered disabled state [ 503.894856][T12940] bridge_slave_0: entered allmulticast mode [ 503.932662][T12940] bridge_slave_0: entered promiscuous mode [ 504.259878][T12940] bridge0: port 2(bridge_slave_1) entered blocking state [ 504.337965][T12940] bridge0: port 2(bridge_slave_1) entered disabled state [ 504.382673][T12940] bridge_slave_1: entered allmulticast mode [ 504.394455][ T5833] Bluetooth: hci0: command tx timeout [ 504.448231][T12940] bridge_slave_1: entered promiscuous mode [ 504.936720][ T29] audit: type=1806 audit(4294967509.351:13): xattr="" res=-22 [ 505.048433][T12940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 505.084035][T13030] dyndbg: bad flag-op /, at start of /dev/dsp [ 505.124522][T13030] dyndbg: flags parse failed [ 505.131978][T12940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 505.474118][T13040] FAULT_INJECTION: forcing a failure. [ 505.474118][T13040] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 505.566508][T13040] CPU: 0 UID: 0 PID: 13040 Comm: syz.1.1393 Tainted: G L syzkaller #0 PREEMPT(full) [ 505.566549][T13040] Tainted: [L]=SOFTLOCKUP [ 505.566557][T13040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 505.566573][T13040] Call Trace: [ 505.566581][T13040] [ 505.566590][T13040] dump_stack_lvl+0x100/0x190 [ 505.566633][T13040] should_fail_ex.cold+0x5/0xa [ 505.566662][T13040] _copy_from_user+0x2e/0xd0 [ 505.566693][T13040] __sys_bpf+0x243/0x4b90 [ 505.566725][T13040] ? __pfx___sys_bpf+0x10/0x10 [ 505.566756][T13040] ? __pfx_futex_wait+0x10/0x10 [ 505.566803][T13040] ? __fget_files+0x215/0x3d0 [ 505.566833][T13040] ? do_futex+0x192/0x350 [ 505.566881][T13040] ? xfd_validate_state+0x129/0x190 [ 505.566925][T13040] __x64_sys_bpf+0x7b/0xc0 [ 505.566953][T13040] ? lockdep_hardirqs_on+0x78/0x100 [ 505.566991][T13040] do_syscall_64+0x106/0xf80 [ 505.567027][T13040] ? clear_bhb_loop+0x40/0x90 [ 505.567058][T13040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.567085][T13040] RIP: 0033:0x7f66b5d9c799 [ 505.567105][T13040] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 505.567129][T13040] RSP: 002b:00007f66b6cfc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 505.567153][T13040] RAX: ffffffffffffffda RBX: 00007f66b6016090 RCX: 00007f66b5d9c799 [ 505.567169][T13040] RDX: 0000000000000003 RSI: 0000200000000040 RDI: 000000000000001b [ 505.567184][T13040] RBP: 00007f66b5e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 505.567200][T13040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 505.567214][T13040] R13: 00007f66b6016128 R14: 00007f66b6016090 R15: 00007ffd9842b4a8 [ 505.567246][T13040] [ 506.298023][T12940] team0: Port device team_slave_0 added [ 506.353619][T12940] team0: Port device team_slave_1 added [ 506.375411][ T8215] hsr_slave_0: left promiscuous mode [ 506.402439][ T8215] hsr_slave_1: left promiscuous mode [ 506.423073][ T8215] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 506.430568][ T8215] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 506.471386][ T5833] Bluetooth: hci0: command tx timeout [ 506.528037][ T8215] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 506.551832][ T8215] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 506.615063][ T8215] veth1_macvtap: left promiscuous mode [ 506.653311][ T8215] veth0_macvtap: left promiscuous mode [ 506.658944][ T8215] veth1_vlan: left promiscuous mode [ 506.681730][T13055] FAULT_INJECTION: forcing a failure. [ 506.681730][T13055] name failslab, interval 1, probability 0, space 0, times 0 [ 506.795260][T13055] CPU: 0 UID: 0 PID: 13055 Comm: syz.3.1392 Tainted: G L syzkaller #0 PREEMPT(full) [ 506.795302][T13055] Tainted: [L]=SOFTLOCKUP [ 506.795310][T13055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 506.795326][T13055] Call Trace: [ 506.795334][T13055] [ 506.795343][T13055] dump_stack_lvl+0x100/0x190 [ 506.795386][T13055] should_fail_ex.cold+0x5/0xa [ 506.795423][T13055] should_failslab+0xc2/0x120 [ 506.795449][T13055] __kmalloc_cache_noprof+0x7a/0x6f0 [ 506.795483][T13055] ? proc_self_get_link+0x189/0x1f0 [ 506.795525][T13055] proc_self_get_link+0x189/0x1f0 [ 506.795563][T13055] pick_link+0xac2/0x13c0 [ 506.795599][T13055] ? __pfx_proc_self_get_link+0x10/0x10 [ 506.795640][T13055] step_into_slowpath+0x9ba/0xf90 [ 506.795684][T13055] ? __pfx_step_into_slowpath+0x10/0x10 [ 506.795727][T13055] ? lookup_fast+0x2da/0x600 [ 506.795761][T13055] ? inode_permission+0x374/0x620 [ 506.795798][T13055] link_path_walk+0xf28/0x1cc0 [ 506.795846][T13055] path_openat+0x1be/0x31a0 [ 506.795870][T13055] ? kasan_save_stack+0x3f/0x50 [ 506.795908][T13055] ? kasan_save_stack+0x30/0x50 [ 506.795946][T13055] ? kasan_save_track+0x14/0x30 [ 506.795984][T13055] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 506.796030][T13055] ? __pfx_path_openat+0x10/0x10 [ 506.796066][T13055] do_file_open+0x20e/0x430 [ 506.796094][T13055] ? __pfx_do_file_open+0x10/0x10 [ 506.796141][T13055] ? alloc_fd+0x476/0x790 [ 506.796168][T13055] ? do_getname+0x191/0x390 [ 506.796202][T13055] do_sys_openat2+0x10d/0x1e0 [ 506.796235][T13055] ? __pfx_do_sys_openat2+0x10/0x10 [ 506.796279][T13055] __x64_sys_openat+0x12d/0x210 [ 506.796314][T13055] ? __pfx___x64_sys_openat+0x10/0x10 [ 506.796360][T13055] do_syscall_64+0x106/0xf80 [ 506.796403][T13055] ? clear_bhb_loop+0x40/0x90 [ 506.796434][T13055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.796460][T13055] RIP: 0033:0x7f318595cfce [ 506.796480][T13055] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 506.796505][T13055] RSP: 002b:00007f31833d0ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 506.796528][T13055] RAX: ffffffffffffffda RBX: 00007f31833d16c0 RCX: 00007f318595cfce [ 506.796545][T13055] RDX: 0000000000000002 RSI: 00007f31833d0f90 RDI: ffffffffffffff9c [ 506.796561][T13055] RBP: 00007f3185a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 506.796576][T13055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 506.796591][T13055] R13: 00007f3185c163f8 R14: 00007f3185c16360 R15: 00007ffd9fc74608 [ 506.796622][T13055] [ 508.530620][ T5833] Bluetooth: hci0: command tx timeout [ 508.965883][T12940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 509.005159][T12940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 509.147185][T12940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 509.261943][T12940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 509.304992][T12940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 509.405655][T12940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 509.985587][T12940] hsr_slave_0: entered promiscuous mode [ 510.038288][T12940] hsr_slave_1: entered promiscuous mode [ 510.054903][T12940] debugfs: 'hsr0' already exists in 'hsr' [ 510.060764][T12940] Cannot create hsr debugfs directory [ 511.816357][T12940] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 511.889303][T12940] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 511.972707][T12940] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 512.025852][T12940] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 512.733502][T12940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 512.841581][T12940] 8021q: adding VLAN 0 to HW filter on device team0 [ 512.903186][T12084] bridge0: port 1(bridge_slave_0) entered blocking state [ 512.910744][T12084] bridge0: port 1(bridge_slave_0) entered forwarding state [ 512.990917][T12084] bridge0: port 2(bridge_slave_1) entered blocking state [ 512.998148][T12084] bridge0: port 2(bridge_slave_1) entered forwarding state [ 513.413905][T13131] netlink: 12644 bytes leftover after parsing attributes in process `syz.1.1405'. [ 513.492899][T12940] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 513.594307][T12940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 515.075924][T12086] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.369124][T12940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 515.690958][T12086] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 516.280412][T12086] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 516.446212][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 516.458705][ T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 516.467853][ T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 516.475952][ T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 516.494356][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 516.593276][T12086] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 517.198949][T12086] bridge_slave_1: left allmulticast mode [ 517.204672][T12086] bridge_slave_1: left promiscuous mode [ 517.244106][T12086] bridge0: port 2(bridge_slave_1) entered disabled state [ 517.284821][T12086] bridge_slave_0: left allmulticast mode [ 517.299132][T12086] bridge_slave_0: left promiscuous mode [ 517.317275][T12086] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.752396][T12086] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 517.800887][T12086] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 517.835892][T12086] bond0 (unregistering): Released all slaves [ 517.903132][T12940] veth0_vlan: entered promiscuous mode [ 517.965450][T12940] veth1_vlan: entered promiscuous mode [ 518.027903][T12086] HfR: left promiscuous mode [ 518.151958][T12086] tipc: Left network mode [ 518.328904][T12940] veth0_macvtap: entered promiscuous mode [ 518.468359][T12940] veth1_macvtap: entered promiscuous mode [ 518.559545][ T5833] Bluetooth: hci3: command tx timeout [ 518.607533][T13171] chnl_net:caif_netlink_parms(): no params data found [ 518.783537][T12940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 519.041788][T12940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 519.230772][T12086] hsr_slave_0: left promiscuous mode [ 519.260995][T12086] hsr_slave_1: left promiscuous mode [ 519.285800][T12086] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 519.323564][T12086] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 519.435191][T12086] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 519.442652][T12086] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 519.537428][T12086] veth1_macvtap: left promiscuous mode [ 519.542960][T12086] veth0_macvtap: left promiscuous mode [ 520.637974][ T5833] Bluetooth: hci3: command tx timeout [ 520.918806][T12084] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 520.936936][T12084] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 520.945736][T12084] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.027051][T12084] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.310770][T13171] bridge0: port 1(bridge_slave_0) entered blocking state [ 521.348344][T13171] bridge0: port 1(bridge_slave_0) entered disabled state [ 521.384032][T13171] bridge_slave_0: entered allmulticast mode [ 521.407927][T13171] bridge_slave_0: entered promiscuous mode [ 521.450129][T13171] bridge0: port 2(bridge_slave_1) entered blocking state [ 521.489709][T13171] bridge0: port 2(bridge_slave_1) entered disabled state [ 521.511990][T13171] bridge_slave_1: entered allmulticast mode [ 521.555099][T13171] bridge_slave_1: entered promiscuous mode [ 521.764992][T13171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 521.801262][T13171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 521.823696][T13242] mmap: syz.1.1420 (13242) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 521.873547][T12084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.914897][T12084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 522.134302][T13171] team0: Port device team_slave_0 added [ 522.203783][T12086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 522.213534][T13171] team0: Port device team_slave_1 added [ 522.239399][T12086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 522.457099][T12940] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 522.618917][T13171] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 522.661829][T13171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 522.698942][ T5833] Bluetooth: hci3: command tx timeout [ 522.766415][T13171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 522.814607][T13171] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 522.838787][T13171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 522.931174][T13171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 523.381431][T13171] hsr_slave_0: entered promiscuous mode [ 523.411406][T13171] hsr_slave_1: entered promiscuous mode [ 523.449914][T13171] debugfs: 'hsr0' already exists in 'hsr' [ 523.483807][T13171] Cannot create hsr debugfs directory [ 524.768966][ T5833] Bluetooth: hci3: command tx timeout [ 525.747699][T13171] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 525.833901][T13171] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 525.894611][T13171] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 525.966662][T13171] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 526.447208][T13171] 8021q: adding VLAN 0 to HW filter on device bond0 [ 526.535258][T13171] 8021q: adding VLAN 0 to HW filter on device team0 [ 526.592304][T12082] bridge0: port 1(bridge_slave_0) entered blocking state [ 526.599565][T12082] bridge0: port 1(bridge_slave_0) entered forwarding state [ 526.705349][T12082] bridge0: port 2(bridge_slave_1) entered blocking state [ 526.712888][T12082] bridge0: port 2(bridge_slave_1) entered forwarding state [ 527.844138][T13171] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 528.164740][T13171] veth0_vlan: entered promiscuous mode [ 528.259314][T13171] veth1_vlan: entered promiscuous mode [ 528.445268][T13171] veth0_macvtap: entered promiscuous mode [ 528.491785][T13171] veth1_macvtap: entered promiscuous mode [ 528.629180][T13171] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 528.720257][T13171] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 528.812669][T12088] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 528.849391][T12088] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 528.898403][T12088] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 528.937355][T12088] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.848419][T12084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 529.915508][T12084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 530.131577][T12087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 530.210586][T12087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 530.897123][T13369] FAULT_INJECTION: forcing a failure. [ 530.897123][T13369] name failslab, interval 1, probability 0, space 0, times 0 [ 530.966446][T13369] CPU: 0 UID: 0 PID: 13369 Comm: syz.2.1430 Tainted: G L syzkaller #0 PREEMPT(full) [ 530.966487][T13369] Tainted: [L]=SOFTLOCKUP [ 530.966496][T13369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 530.966512][T13369] Call Trace: [ 530.966520][T13369] [ 530.966529][T13369] dump_stack_lvl+0x100/0x190 [ 530.966572][T13369] should_fail_ex.cold+0x5/0xa [ 530.966600][T13369] ? tracepoint_add_func+0x2c5/0xf30 [ 530.966625][T13369] should_failslab+0xc2/0x120 [ 530.966651][T13369] __kmalloc_noprof+0xe0/0x850 [ 530.966735][T13369] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 530.966762][T13369] tracepoint_add_func+0x2c5/0xf30 [ 530.966786][T13369] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 530.966812][T13369] ? __pfx___mutex_lock+0x10/0x10 [ 530.966850][T13369] ? rcu_is_watching+0x12/0xc0 [ 530.966892][T13369] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 530.966917][T13369] tracepoint_probe_register+0xc4/0x110 [ 530.966944][T13369] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 530.966972][T13369] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 530.966997][T13369] ? __lock_acquire+0x4a5/0x2630 [ 530.967037][T13369] tracing_start_sched_switch+0xaf/0x170 [ 530.967079][T13369] __ftrace_event_enable_disable+0x557/0x6f0 [ 530.967110][T13369] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 530.967150][T13369] ftrace_set_clr_event+0x16e/0x330 [ 530.967184][T13369] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 530.967217][T13369] ? trace_get_user+0x3ae/0xa70 [ 530.967250][T13369] ftrace_event_write+0x259/0x2c0 [ 530.967284][T13369] ? __pfx_ftrace_event_write+0x10/0x10 [ 530.967329][T13369] vfs_write+0x2aa/0x1070 [ 530.967352][T13369] ? __pfx_ftrace_event_write+0x10/0x10 [ 530.967389][T13369] ? __pfx_vfs_write+0x10/0x10 [ 530.967410][T13369] ? __fget_files+0x215/0x3d0 [ 530.967441][T13369] ? __fget_files+0x21f/0x3d0 [ 530.967473][T13369] ksys_write+0x12a/0x250 [ 530.967495][T13369] ? __pfx_ksys_write+0x10/0x10 [ 530.967527][T13369] do_syscall_64+0x106/0xf80 [ 530.967563][T13369] ? clear_bhb_loop+0x40/0x90 [ 530.967594][T13369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.967620][T13369] RIP: 0033:0x7f31f8d9c799 [ 530.967640][T13369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 530.967664][T13369] RSP: 002b:00007f31f9c75028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 530.967687][T13369] RAX: ffffffffffffffda RBX: 00007f31f9016180 RCX: 00007f31f8d9c799 [ 530.967710][T13369] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000006 [ 530.967726][T13369] RBP: 00007f31f8e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 530.967741][T13369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 530.967756][T13369] R13: 00007f31f9016218 R14: 00007f31f9016180 R15: 00007ffcaeef85a8 [ 530.967788][T13369] [ 530.967811][T13369] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup [ 534.526601][T13427] bridge_slave_1: left allmulticast mode [ 534.573201][T13427] bridge_slave_1: left promiscuous mode [ 534.610186][T13427] bridge0: port 2(bridge_slave_1) entered disabled state [ 534.623373][T13431] FAULT_INJECTION: forcing a failure. [ 534.623373][T13431] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 534.694922][T13431] CPU: 0 UID: 0 PID: 13431 Comm: syz.1.1441 Tainted: G L syzkaller #0 PREEMPT(full) [ 534.694963][T13431] Tainted: [L]=SOFTLOCKUP [ 534.694972][T13431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 534.694987][T13431] Call Trace: [ 534.694995][T13431] [ 534.695004][T13431] dump_stack_lvl+0x100/0x190 [ 534.695046][T13431] should_fail_ex.cold+0x5/0xa [ 534.695071][T13431] ? prepare_alloc_pages+0x16d/0x5f0 [ 534.695102][T13431] should_fail_alloc_page+0xeb/0x140 [ 534.695131][T13431] prepare_alloc_pages+0x1f0/0x5f0 [ 534.695159][T13431] ? bpf_ksym_find+0x124/0x1c0 [ 534.695193][T13431] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 534.695235][T13431] ? __kernel_text_address+0xd/0x30 [ 534.695272][T13431] ? unwind_get_return_address+0x59/0xa0 [ 534.695300][T13431] ? arch_stack_walk+0xa6/0xf0 [ 534.695334][T13431] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 534.695373][T13431] ? stack_trace_save+0x8e/0xc0 [ 534.695396][T13431] ? __pfx_stack_trace_save+0x10/0x10 [ 534.695422][T13431] ? stack_depot_save_flags+0x27/0x9d0 [ 534.695454][T13431] ? mas_store_prealloc+0x893/0xfb0 [ 534.695484][T13431] ? kasan_save_stack+0x30/0x50 [ 534.695523][T13431] ? kasan_save_track+0x14/0x30 [ 534.695561][T13431] ? __kasan_slab_alloc+0x89/0x90 [ 534.695592][T13431] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 534.695630][T13431] ? __pmd_alloc+0xbf/0x950 [ 534.695657][T13431] ? __handle_mm_fault+0xa99/0x2b60 [ 534.695692][T13431] ? handle_mm_fault+0x36d/0xa20 [ 534.695724][T13431] ? __get_user_pages+0xf9c/0x34d0 [ 534.695750][T13431] ? populate_vma_page_range+0x267/0x3f0 [ 534.695779][T13431] ? __mm_populate+0x107/0x3a0 [ 534.695806][T13431] ? vm_mmap_pgoff+0x37f/0x470 [ 534.695832][T13431] ? ksys_mmap_pgoff+0xe1/0x650 [ 534.695855][T13431] ? __x64_sys_mmap+0x125/0x190 [ 534.695891][T13431] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 534.695936][T13431] ? policy_nodemask+0xed/0x4f0 [ 534.695964][T13431] alloc_pages_mpol+0x1fb/0x550 [ 534.695991][T13431] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 534.696026][T13431] alloc_pages_noprof+0x131/0x390 [ 534.696054][T13431] pte_alloc_one+0x1c/0x3d0 [ 534.696082][T13431] __pte_alloc+0x6d/0x3e0 [ 534.696107][T13431] ? __pfx___pte_alloc+0x10/0x10 [ 534.696134][T13431] ? do_raw_spin_lock+0x128/0x260 [ 534.696171][T13431] ? find_held_lock+0x2b/0x80 [ 534.696196][T13431] do_anonymous_page+0x13cc/0x1fb0 [ 534.696231][T13431] ? do_raw_spin_unlock+0x145/0x1e0 [ 534.696270][T13431] ? _raw_spin_unlock+0x28/0x50 [ 534.696302][T13431] ? __pmd_alloc+0x3fb/0x950 [ 534.696333][T13431] __handle_mm_fault+0x1d42/0x2b60 [ 534.696372][T13431] ? mt_find+0x45e/0x8e0 [ 534.696412][T13431] ? __pfx___handle_mm_fault+0x10/0x10 [ 534.696446][T13431] ? __pfx_mt_find+0x10/0x10 [ 534.696509][T13431] handle_mm_fault+0x36d/0xa20 [ 534.696549][T13431] __get_user_pages+0xf9c/0x34d0 [ 534.696593][T13431] ? __pfx___get_user_pages+0x10/0x10 [ 534.696630][T13431] populate_vma_page_range+0x267/0x3f0 [ 534.696663][T13431] ? __pfx_populate_vma_page_range+0x10/0x10 [ 534.696694][T13431] ? __pfx_find_vma_intersection+0x10/0x10 [ 534.696722][T13431] ? do_mmap+0x93f/0x12f0 [ 534.696753][T13431] __mm_populate+0x107/0x3a0 [ 534.696784][T13431] ? __pfx___mm_populate+0x10/0x10 [ 534.696817][T13431] ? up_write+0x290/0x4f0 [ 534.696856][T13431] vm_mmap_pgoff+0x37f/0x470 [ 534.696887][T13431] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 534.696917][T13431] ? do_futex+0x192/0x350 [ 534.696951][T13431] ? __pfx_do_futex+0x10/0x10 [ 534.696988][T13431] ksys_mmap_pgoff+0xe1/0x650 [ 534.697015][T13431] ? __x64_sys_futex+0x34f/0x4d0 [ 534.697046][T13431] ? __x64_sys_futex+0x358/0x4d0 [ 534.697079][T13431] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 534.697106][T13431] ? xfd_validate_state+0x129/0x190 [ 534.697148][T13431] __x64_sys_mmap+0x125/0x190 [ 534.697188][T13431] do_syscall_64+0x106/0xf80 [ 534.697225][T13431] ? clear_bhb_loop+0x40/0x90 [ 534.697255][T13431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.697281][T13431] RIP: 0033:0x7f66b5d9c799 [ 534.697303][T13431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 534.697343][T13431] RSP: 002b:00007f66b6d1d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 534.697368][T13431] RAX: ffffffffffffffda RBX: 00007f66b6015fa0 RCX: 00007f66b5d9c799 [ 534.697384][T13431] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 534.697399][T13431] RBP: 00007f66b5e32c99 R08: ffffffffffffffff R09: 0000000000008000 [ 534.697415][T13431] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 534.697430][T13431] R13: 00007f66b6016038 R14: 00007f66b6015fa0 R15: 00007ffd9842b4a8 [ 534.697462][T13431] [ 535.361901][T13436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 535.373041][T13436] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 535.685396][T13447] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1443'. [ 535.728236][T13447] ipvlan0: entered promiscuous mode [ 535.751432][T13447] ipvlan0: entered allmulticast mode [ 535.769688][T13447] veth0_vlan: entered allmulticast mode [ 536.746343][T13465] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 537.608938][T13476] futex_wake_op: syz.2.1456 tries to shift op by -2048; fix this program [ 537.698338][T13476] futex_wake_op: syz.2.1456 tries to shift op by -2048; fix this program [ 539.292914][T13506] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 540.456387][ T5833] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 540.456419][ T5833] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 540.471521][ T5833] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 540.471561][ T5833] Bluetooth: hci3: Unknown advertising packet type: 0x34 [ 540.480215][ T5833] Bluetooth: hci3: adv larger than maximum supported [ 540.487793][ T5833] Bluetooth: hci3: Malformed LE Event: 0x0d [ 542.011112][T13524] tipc: Started in network mode [ 542.016059][T13524] tipc: Node identity ee00, cluster identity 4711 [ 542.140407][T13524] tipc: Node number set to 60928 [ 542.166874][T13534] FAULT_INJECTION: forcing a failure. [ 542.166874][T13534] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 542.249376][T13534] CPU: 0 UID: 0 PID: 13534 Comm: syz.3.1457 Tainted: G L syzkaller #0 PREEMPT(full) [ 542.249419][T13534] Tainted: [L]=SOFTLOCKUP [ 542.249427][T13534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 542.249443][T13534] Call Trace: [ 542.249451][T13534] [ 542.249460][T13534] dump_stack_lvl+0x100/0x190 [ 542.249503][T13534] should_fail_ex.cold+0x5/0xa [ 542.249527][T13534] ? prepare_alloc_pages+0x16d/0x5f0 [ 542.249558][T13534] should_fail_alloc_page+0xeb/0x140 [ 542.249586][T13534] prepare_alloc_pages+0x1f0/0x5f0 [ 542.249615][T13534] ? bpf_ksym_find+0x124/0x1c0 [ 542.249648][T13534] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 542.249690][T13534] ? __kernel_text_address+0xd/0x30 [ 542.249728][T13534] ? unwind_get_return_address+0x59/0xa0 [ 542.249755][T13534] ? arch_stack_walk+0xa6/0xf0 [ 542.249788][T13534] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 542.249837][T13534] ? stack_trace_save+0x8e/0xc0 [ 542.249862][T13534] ? __pfx_stack_trace_save+0x10/0x10 [ 542.249887][T13534] ? stack_depot_save_flags+0x27/0x9d0 [ 542.249920][T13534] ? mas_store_prealloc+0x893/0xfb0 [ 542.249950][T13534] ? kasan_save_stack+0x30/0x50 [ 542.249989][T13534] ? kasan_save_track+0x14/0x30 [ 542.250027][T13534] ? __kasan_slab_alloc+0x89/0x90 [ 542.250049][T13534] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 542.250086][T13534] ? __pmd_alloc+0xbf/0x950 [ 542.250114][T13534] ? __handle_mm_fault+0xa99/0x2b60 [ 542.250146][T13534] ? handle_mm_fault+0x36d/0xa20 [ 542.250178][T13534] ? __get_user_pages+0xf9c/0x34d0 [ 542.250204][T13534] ? populate_vma_page_range+0x267/0x3f0 [ 542.250233][T13534] ? __mm_populate+0x107/0x3a0 [ 542.250261][T13534] ? vm_mmap_pgoff+0x37f/0x470 [ 542.250286][T13534] ? ksys_mmap_pgoff+0xe1/0x650 [ 542.250310][T13534] ? __x64_sys_mmap+0x125/0x190 [ 542.250346][T13534] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 542.250390][T13534] ? policy_nodemask+0xed/0x4f0 [ 542.250418][T13534] alloc_pages_mpol+0x1fb/0x550 [ 542.250446][T13534] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 542.250480][T13534] alloc_pages_noprof+0x131/0x390 [ 542.250508][T13534] pte_alloc_one+0x1c/0x3d0 [ 542.250536][T13534] __pte_alloc+0x6d/0x3e0 [ 542.250561][T13534] ? __pfx___pte_alloc+0x10/0x10 [ 542.250588][T13534] ? do_raw_spin_lock+0x128/0x260 [ 542.250625][T13534] ? find_held_lock+0x2b/0x80 [ 542.250649][T13534] do_anonymous_page+0x13cc/0x1fb0 [ 542.250684][T13534] ? do_raw_spin_unlock+0x145/0x1e0 [ 542.250723][T13534] ? _raw_spin_unlock+0x28/0x50 [ 542.250754][T13534] ? __pmd_alloc+0x3fb/0x950 [ 542.250786][T13534] __handle_mm_fault+0x1d42/0x2b60 [ 542.250831][T13534] ? mt_find+0x45e/0x8e0 [ 542.250872][T13534] ? __pfx___handle_mm_fault+0x10/0x10 [ 542.250906][T13534] ? __pfx_mt_find+0x10/0x10 [ 542.250968][T13534] handle_mm_fault+0x36d/0xa20 [ 542.251008][T13534] __get_user_pages+0xf9c/0x34d0 [ 542.251047][T13534] ? __pfx___get_user_pages+0x10/0x10 [ 542.251084][T13534] populate_vma_page_range+0x267/0x3f0 [ 542.251117][T13534] ? __pfx_populate_vma_page_range+0x10/0x10 [ 542.251146][T13534] ? __pfx_find_vma_intersection+0x10/0x10 [ 542.251174][T13534] ? do_mmap+0x93f/0x12f0 [ 542.251204][T13534] __mm_populate+0x107/0x3a0 [ 542.251235][T13534] ? __pfx___mm_populate+0x10/0x10 [ 542.251267][T13534] ? up_write+0x290/0x4f0 [ 542.251306][T13534] vm_mmap_pgoff+0x37f/0x470 [ 542.251337][T13534] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 542.251367][T13534] ? do_futex+0x192/0x350 [ 542.251400][T13534] ? __pfx_do_futex+0x10/0x10 [ 542.251438][T13534] ksys_mmap_pgoff+0xe1/0x650 [ 542.251464][T13534] ? __x64_sys_futex+0x34f/0x4d0 [ 542.251496][T13534] ? __x64_sys_futex+0x358/0x4d0 [ 542.251529][T13534] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 542.251556][T13534] ? xfd_validate_state+0x129/0x190 [ 542.251598][T13534] __x64_sys_mmap+0x125/0x190 [ 542.251638][T13534] do_syscall_64+0x106/0xf80 [ 542.251674][T13534] ? clear_bhb_loop+0x40/0x90 [ 542.251705][T13534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.251731][T13534] RIP: 0033:0x7f7fb9b9c799 [ 542.251752][T13534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 542.251776][T13534] RSP: 002b:00007f7fbaa27028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 542.251806][T13534] RAX: ffffffffffffffda RBX: 00007f7fb9e15fa0 RCX: 00007f7fb9b9c799 [ 542.251823][T13534] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 542.251839][T13534] RBP: 00007f7fb9c32c99 R08: ffffffffffffffff R09: 0000000000008000 [ 542.251855][T13534] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 542.251870][T13534] R13: 00007f7fb9e16038 R14: 00007f7fb9e15fa0 R15: 00007ffe9e972c58 [ 542.251901][T13534] [ 543.224810][T13534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 543.254785][T13534] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 544.635669][T13553] NFSD: Failed to start, no listeners configured. [ 548.722573][T13606] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 550.941625][T13630] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1471'. [ 554.061412][T13657] NFSD: Failed to start, no listeners configured. [ 556.543757][T13698] syz.1.1482 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 560.224952][T13741] [U] [ 560.227713][T13741] [U] [ 560.230428][T13741] [U] [ 560.233140][T13741] [U] [ 560.426532][T13741] [U] [ 560.429348][T13741] [U] [ 560.432058][T13741] [U] [ 560.434787][T13741] [U] [ 560.806755][T13755] FAULT_INJECTION: forcing a failure. [ 560.806755][T13755] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 560.928219][T13755] CPU: 0 UID: 0 PID: 13755 Comm: syz.3.1491 Tainted: G L syzkaller #0 PREEMPT(full) [ 560.928259][T13755] Tainted: [L]=SOFTLOCKUP [ 560.928268][T13755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 560.928283][T13755] Call Trace: [ 560.928291][T13755] [ 560.928300][T13755] dump_stack_lvl+0x100/0x190 [ 560.928343][T13755] should_fail_ex.cold+0x5/0xa [ 560.928367][T13755] ? prepare_alloc_pages+0x16d/0x5f0 [ 560.928398][T13755] should_fail_alloc_page+0xeb/0x140 [ 560.928426][T13755] prepare_alloc_pages+0x1f0/0x5f0 [ 560.928459][T13755] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 560.928502][T13755] ? __pfx_futex_wake_mark+0x10/0x10 [ 560.928545][T13755] ? futex_hash+0x2c5/0x380 [ 560.928579][T13755] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 560.928621][T13755] ? futex_wait+0x125/0x380 [ 560.928659][T13755] ? __pfx_futex_wait+0x10/0x10 [ 560.928705][T13755] ? vfs_write+0x15d/0x1070 [ 560.928728][T13755] ? __pfx_sock_write_iter+0x10/0x10 [ 560.928755][T13755] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 560.928799][T13755] ? policy_nodemask+0xed/0x4f0 [ 560.928827][T13755] alloc_pages_mpol+0x1fb/0x550 [ 560.928855][T13755] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 560.928884][T13755] ? __x64_sys_futex+0x34f/0x4d0 [ 560.928915][T13755] ? __x64_sys_futex+0x358/0x4d0 [ 560.928952][T13755] alloc_pages_noprof+0x131/0x390 [ 560.928980][T13755] get_free_pages_noprof+0x10/0xb0 [ 560.929016][T13755] __do_sys_mincore+0xf7/0x610 [ 560.929056][T13755] do_syscall_64+0x106/0xf80 [ 560.929101][T13755] ? clear_bhb_loop+0x40/0x90 [ 560.929132][T13755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 560.929158][T13755] RIP: 0033:0x7f7fb9b9c799 [ 560.929178][T13755] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 560.929202][T13755] RSP: 002b:00007f7fbaa06028 EFLAGS: 00000246 ORIG_RAX: 000000000000001b [ 560.929226][T13755] RAX: ffffffffffffffda RBX: 00007f7fb9e16090 RCX: 00007f7fb9b9c799 [ 560.929242][T13755] RDX: 0000000000000000 RSI: 0000000004000000 RDI: 0000000000001000 [ 560.929258][T13755] RBP: 00007f7fb9c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 560.929273][T13755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 560.929288][T13755] R13: 00007f7fb9e16128 R14: 00007f7fb9e16090 R15: 00007ffe9e972c58 [ 560.929319][T13755] [ 561.275933][T13735] [U] [ 562.819743][T13772] random: crng reseeded on system resumption [ 563.461048][T13796] Ignoring unsupported numa_zonelist_order value: [ 564.152575][T13808] [U] [ 564.155375][T13808] [U] [ 564.158096][T13808] [U] [ 564.160810][T13808] [U] [ 564.349369][T13808] [U] [ 564.352145][T13808] [U] [ 564.355056][T13808] [U] [ 564.357775][T13808] [U] [ 565.011377][T13799] [U] [ 566.609452][T13850] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1518'. [ 566.713980][T13860] bond0: no command found in slaves file - use +ifname or -ifname [ 569.478521][T13906] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1526'. [ 569.789710][T13911] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1528'. [ 574.140865][ T5833] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 574.140899][ T5833] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 574.157947][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 574.157976][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x5c [ 574.168882][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x57 [ 574.176853][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x76 [ 574.183972][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x3f [ 574.195182][ T5833] Bluetooth: hci2: Malformed LE Event: 0x0d [ 575.522533][T13973] tipc: Started in network mode [ 575.522557][T13973] tipc: Node identity ee00, cluster identity 4711 [ 575.522572][T13973] tipc: Node number set to 60928 [ 580.588549][T14040] NFSD: Failed to start, no listeners configured. [ 583.456849][T14069] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1558'. [ 584.271341][T14078] sg_write: data in/out 262108/65454 bytes for SCSI command 0x0-- guessing data in; [ 584.271341][T14078] program syz.2.1561 not setting count and/or reply_len properly [ 587.251594][ T5833] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 587.258959][ T51] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 588.791263][T14143] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1574'. [ 588.800935][T14169] vivid-007: ================= START STATUS ================= [ 588.851688][T14169] vivid-007: Generate PTS: true [ 588.882846][T14169] vivid-007: Generate SCR: true [ 588.896881][T14169] tpg source WxH: 320x240 (Y'CbCr) [ 588.929433][T14169] tpg field: 1 [ 588.948527][T14169] tpg crop: (0,0)/320x240 [ 588.994378][T14169] tpg compose: (0,0)/320x240 [ 589.014165][T14169] tpg colorspace: 8 [ 589.018082][T14169] tpg transfer function: 0/0 [ 589.112220][T14169] tpg Y'CbCr encoding: 0/0 [ 589.192338][T14169] tpg quantization: 0/0 [ 589.196542][T14169] tpg RGB range: 0/2 [ 589.247443][T14169] vivid-007: ================== END STATUS ================== [ 592.054112][T14221] ------------[ cut here ]------------ [ 592.059968][T14221] IS_ERR(old) [ 592.059994][T14221] WARNING: kernel/tracepoint.c:367 at tracepoint_probe_unregister+0x837/0xd10, CPU#0: syz.1.1592/14221 [ 592.074526][T14221] Modules linked in: [ 592.079390][T14221] CPU: 0 UID: 0 PID: 14221 Comm: syz.1.1592 Tainted: G L syzkaller #0 PREEMPT(full) [ 592.091855][T14221] Tainted: [L]=SOFTLOCKUP [ 592.097853][T14221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 592.108080][T14221] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10 [ 592.114796][T14221] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 a0 df 09 82 48 c7 c7 c0 32 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00 [ 592.135342][T14221] RSP: 0018:ffffc900036cf8a8 EFLAGS: 00010287 [ 592.141529][T14221] RAX: 000000000000894e RBX: 00000000fffffffe RCX: ffffc9000f6f1000 [ 592.149617][T14221] RDX: 0000000000080000 RSI: ffffffff8209f096 RDI: ffff88801e751e80 [ 592.157777][T14221] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 592.165872][T14221] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff82100b60 [ 592.174069][T14221] R13: 0000000000000202 R14: 0000000000000002 R15: ffffffff8f786f20 [ 592.183056][T14221] FS: 00007f66b6cfc6c0(0000) GS:ffff888124349000(0000) knlGS:0000000000000000 [ 592.193946][T14221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 592.201756][T14221] CR2: 00007f3457dcba90 CR3: 000000005af40000 CR4: 00000000003526f0 [ 592.210901][T14221] Call Trace: [ 592.214842][T14221] [ 592.217901][T14221] tracing_stop_cmdline_record+0x66/0xa0 [ 592.223592][T14221] __ftrace_event_enable_disable+0x5c4/0x6f0 [ 592.229896][T14221] ftrace_event_set_open+0x224/0x380 [ 592.235285][T14221] do_dentry_open+0x6d8/0x1660 [ 592.240106][T14221] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 592.246034][T14221] vfs_open+0x82/0x3f0 [ 592.250176][T14221] path_openat+0x208c/0x31a0 [ 592.254804][T14221] ? __pfx_path_openat+0x10/0x10 [ 592.259917][T14221] do_file_open+0x20e/0x430 [ 592.264446][T14221] ? __pfx_do_file_open+0x10/0x10 [ 592.269582][T14221] ? alloc_fd+0x476/0x790 [ 592.273945][T14221] ? do_getname+0x191/0x390 [ 592.278525][T14221] do_sys_openat2+0x10d/0x1e0 [ 592.283858][T14221] ? __pfx_do_sys_openat2+0x10/0x10 [ 592.290120][T14221] ? find_held_lock+0x2b/0x80 [ 592.294838][T14221] __x64_sys_openat+0x12d/0x210 [ 592.300217][T14221] ? __pfx___x64_sys_openat+0x10/0x10 [ 592.305755][T14221] do_syscall_64+0x106/0xf80 [ 592.310472][T14221] ? clear_bhb_loop+0x40/0x90 [ 592.315251][T14221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.321209][T14221] RIP: 0033:0x7f66b5d9c799 [ 592.325717][T14221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 592.345543][T14221] RSP: 002b:00007f66b6cfc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 592.354011][T14221] RAX: ffffffffffffffda RBX: 00007f66b6016090 RCX: 00007f66b5d9c799 [ 592.362178][T14221] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 592.370302][T14221] RBP: 00007f66b5e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 592.378346][T14221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 592.387102][T14221] R13: 00007f66b6016128 R14: 00007f66b6016090 R15: 00007ffd9842b4a8 [ 592.396196][T14221] [ 592.399904][T14221] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 592.407225][T14221] CPU: 0 UID: 0 PID: 14221 Comm: syz.1.1592 Tainted: G L syzkaller #0 PREEMPT(full) [ 592.418268][T14221] Tainted: [L]=SOFTLOCKUP [ 592.422704][T14221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 592.432788][T14221] Call Trace: [ 592.436090][T14221] [ 592.439045][T14221] dump_stack_lvl+0x100/0x190 [ 592.443773][T14221] vpanic+0x552/0x970 [ 592.447784][T14221] ? __pfx_vpanic+0x10/0x10 [ 592.452321][T14221] panic+0xd1/0xe0 [ 592.456077][T14221] ? __pfx_panic+0x10/0x10 [ 592.460818][T14221] check_panic_on_warn.cold+0x19/0x34 [ 592.466241][T14221] ? tracepoint_probe_unregister+0x837/0xd10 [ 592.472260][T14221] __warn.cold+0x191/0x348 [ 592.476708][T14221] __report_bug+0x296/0x3d0 [ 592.481312][T14221] ? tracepoint_probe_unregister+0x837/0xd10 [ 592.487335][T14221] ? __pfx___report_bug+0x10/0x10 [ 592.492404][T14221] ? rcu_is_watching+0x12/0xc0 [ 592.497217][T14221] ? trace_contention_end+0x140/0x180 [ 592.502635][T14221] ? __mutex_lock+0x26a/0x1b90 [ 592.507456][T14221] ? tracepoint_probe_unregister+0x31/0xd10 [ 592.513462][T14221] ? tracepoint_probe_unregister+0x837/0xd10 [ 592.519482][T14221] report_bug+0xb2/0x220 [ 592.523752][T14221] ? tracepoint_probe_unregister+0x837/0xd10 [ 592.529750][T14221] handle_bug+0x16a/0x2a0 [ 592.534097][T14221] exc_invalid_op+0x17/0x50 [ 592.538633][T14221] asm_exc_invalid_op+0x1a/0x20 [ 592.543503][T14221] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10 [ 592.550127][T14221] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 a0 df 09 82 48 c7 c7 c0 32 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00 [ 592.569763][T14221] RSP: 0018:ffffc900036cf8a8 EFLAGS: 00010287 [ 592.575961][T14221] RAX: 000000000000894e RBX: 00000000fffffffe RCX: ffffc9000f6f1000 [ 592.583950][T14221] RDX: 0000000000080000 RSI: ffffffff8209f096 RDI: ffff88801e751e80 [ 592.592199][T14221] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 592.600220][T14221] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff82100b60 [ 592.608215][T14221] R13: 0000000000000202 R14: 0000000000000002 R15: ffffffff8f786f20 [ 592.616208][T14221] ? __pfx_probe_sched_switch+0x10/0x10 [ 592.621782][T14221] ? tracepoint_probe_unregister+0x836/0xd10 [ 592.627783][T14221] ? tracepoint_probe_unregister+0x836/0xd10 [ 592.633793][T14221] tracing_stop_cmdline_record+0x66/0xa0 [ 592.639454][T14221] __ftrace_event_enable_disable+0x5c4/0x6f0 [ 592.645477][T14221] ftrace_event_set_open+0x224/0x380 [ 592.650789][T14221] do_dentry_open+0x6d8/0x1660 [ 592.655568][T14221] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 592.661401][T14221] vfs_open+0x82/0x3f0 [ 592.665496][T14221] path_openat+0x208c/0x31a0 [ 592.670139][T14221] ? __pfx_path_openat+0x10/0x10 [ 592.675136][T14221] do_file_open+0x20e/0x430 [ 592.679940][T14221] ? __pfx_do_file_open+0x10/0x10 [ 592.685019][T14221] ? alloc_fd+0x476/0x790 [ 592.689429][T14221] ? do_getname+0x191/0x390 [ 592.694065][T14221] do_sys_openat2+0x10d/0x1e0 [ 592.698887][T14221] ? __pfx_do_sys_openat2+0x10/0x10 [ 592.704130][T14221] ? find_held_lock+0x2b/0x80 [ 592.708839][T14221] __x64_sys_openat+0x12d/0x210 [ 592.713740][T14221] ? __pfx___x64_sys_openat+0x10/0x10 [ 592.719149][T14221] do_syscall_64+0x106/0xf80 [ 592.723769][T14221] ? clear_bhb_loop+0x40/0x90 [ 592.728472][T14221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.734488][T14221] RIP: 0033:0x7f66b5d9c799 [ 592.738938][T14221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 592.758580][T14221] RSP: 002b:00007f66b6cfc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 592.767101][T14221] RAX: ffffffffffffffda RBX: 00007f66b6016090 RCX: 00007f66b5d9c799 [ 592.775100][T14221] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 592.783079][T14221] RBP: 00007f66b5e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 592.791059][T14221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 592.799148][T14221] R13: 00007f66b6016128 R14: 00007f66b6016090 R15: 00007ffd9842b4a8 [ 592.807191][T14221] [ 592.810322][T14221] Kernel Offset: disabled [ 592.814695][T14221] Rebooting in 86400 seconds..