last executing test programs: 7m43.611738949s ago: executing program 1 (id=496): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto(0x8000000000000001, 0x24, 0x8) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/034/001\x00', 0x10040, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0x8, 0x2, 0x84) setsockopt$auto(0x3, 0x84, 0x11, 0x0, 0x27) 7m42.63087959s ago: executing program 1 (id=500): socket(0x2, 0x1, 0x106) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3d, 0x4, 0x0, 0x1, 0x9) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0xd4, 0x7, 0xd3e, 0x1, 0x9687, 0x3, 0x95f4da0a, 0x6, 0x3, 0x62, 0x5, 0x5, 0x6d3f, 0x7, 0x6, 0x6]}, 0x0) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x3, 0x7, 0x3, 0x11b0, 0xffffffffffffffff, 0x7) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x0, 0x0, 0x10) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0xfffffffd) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r2 = socketpair$auto(0x1e, 0xa, 0x9, 0x0) statx$auto(r2, 0x0, 0x401006, 0x4015, 0x0) setsockopt$auto(0x3, 0x2, 0x41, 0x0, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r3 = socket(0x2, 0x1, 0x0) bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x0, 0x0, 0x9, 0x0, 0x1f, 0x78}, 0x800008}, 0x5, 0x20000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0) 7m41.527344774s ago: executing program 1 (id=506): r0 = socket(0xa, 0x1, 0x84) r1 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x8e84f331f235668, 0x0) mmap$auto(0x9, 0x20003, 0x2, 0x12, r1, 0x100000008002) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x12}}, 0x54) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r2, &(0x7f0000000440)="110000000100"/17, 0x11) r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(r3, 0x40104d14, r3) mmap$auto(0x3, 0x5, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r4, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) getsid$auto(r5) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$auto_BLKALIGNOFF(r4, 0x127a, 0x0) getrlimit$auto(0xc, 0x0) fdatasync$auto(r4) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r6, 0x127f, 0x0) r7 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r7, 0x4018620d, r0) getsockopt$auto(r7, 0x2000083, 0x19, 0x0, &(0x7f0000000000)=0x8000002) 7m39.910076822s ago: executing program 1 (id=513): r0 = socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x2, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r2, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r3 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r3, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r4, &(0x7f0000003900)='\t', 0x1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1cb775afcdcb6419000000b7495b4617675fddc48b5d1059a13dd3a7c336cf08916d0af2c518198780d84932a671f3430d2c9e593173b24897da56b3fed22662bbee89e7018a17c28ddca6a5b8b3fc4b249a85fea2ae32392863ae4b38eaada389c94a269ef4fada1379dc831949f03f541bcb3eccfa49f28efe6498560bd4bdf8f890f4a1db3a552ea92cff5cca14377556479308f8e0b878a1fe5d04e8bfbd30252580b93b", @ANYRES16=r6, @ANYBLOB="01002abd7000fedbdf25040000000800170010000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8800}, 0x4880) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) ioctl$auto(0x3, 0x80000000, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/batadv0/mcast_solicit\x00', 0x2000, 0x0) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x0, @empty}, 0x54) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x0, 0xa, 0x0, 0x10000) chdir$auto(&(0x7f0000000000)='./file0\x00') 7m38.714291614s ago: executing program 1 (id=522): unshare$auto(0x40000080) (async) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) listen$auto(0x3, 0x81) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) (async) socket(0x22, 0x2, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0) (async) close_range$auto(0x2, 0xffffffffffffffff, 0x0) (async) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0x4048aecb, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r6, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) (async) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x14, r6, 0x100, 0x70bd2d, 0x25dfdc01, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20004054}, 0x4004084) (async) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 7m37.88899863s ago: executing program 1 (id=527): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = getpgid(0x0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) ioctl$auto(0x3, 0x400454ca, 0x38) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2002, 0x0) ioctl$auto(r1, 0x400454ca, 0x38) r2 = pidfd_open$auto(r0, 0x0) process_madvise$auto(r2, 0x0, 0x3, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) (async) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) (async, rerun: 64) r4 = socket(0x38, 0x80000, 0x6) (rerun: 64) ioctl$sock_SIOCGIFINDEX(r4, 0x401c5820, 0x0) 7m22.55741629s ago: executing program 32 (id=527): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = getpgid(0x0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) ioctl$auto(0x3, 0x400454ca, 0x38) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2002, 0x0) ioctl$auto(r1, 0x400454ca, 0x38) r2 = pidfd_open$auto(r0, 0x0) process_madvise$auto(r2, 0x0, 0x3, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) (async) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) (async, rerun: 64) r4 = socket(0x38, 0x80000, 0x6) (rerun: 64) ioctl$sock_SIOCGIFINDEX(r4, 0x401c5820, 0x0) 14.723933s ago: executing program 2 (id=2341): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r1) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYRESDEC=r1, @ANYRES32=r2, @ANYBLOB="19002fea03"], 0x24}, 0x1, 0x0, 0x0, 0x20004059}, 0x140080e4) 14.587520691s ago: executing program 2 (id=2342): openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000f80)='/sys/kernel/debug/dri/vkms/Writeback-1/vrr_range\x00', 0xa8441, 0x0) mmap$auto(0x0, 0x9, 0x800000000df, 0x9b72, 0xea8a, 0x8000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video33\x00', 0x22900, 0x0) ioctl$auto(r0, 0xc0945662, r0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000003f00)='/sys/devices/virtual/net/bond0/bonding/ad_partner_key\x00', 0x60400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000003f40)=""/156, 0x9c) unshare$auto(0x40000080) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) socket(0x2, 0x801, 0x6) request_key$auto(&(0x7f0000000500)='keyring\x00', &(0x7f0000000540)='\x00', 0x0, 0xffffffff) madvise$auto(0x81, 0x4b, 0x80000001) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xffffffffffffffff, 0x8000) bpf$auto(0x10, &(0x7f0000001700)=@query={@target_ifindex, 0x2e, 0x1, 0x9, 0x7f, @prog_cnt=0xffffffff, 0x0, 0xf, 0x8, 0x7, 0xfff}, 0x6) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, 0x0, 0x54) socket(0x29, 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYRES64, @ANYBLOB="1200", @ANYRES16=0x0], 0x1ac}}, 0x40000) 13.916498252s ago: executing program 2 (id=2346): r0 = prctl$auto(0x21, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) mmap$auto(0x0, 0x3000c, 0x4000000000df, 0x4000eb1, 0x401, 0x10000) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x5402, r1) close_range$auto(0x2, 0x8, 0x0) pidfd_getfd$auto(r0, 0xffffffffffffffff, 0x0) 5.900273813s ago: executing program 0 (id=2373): close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r0 = epoll_create$auto(0x3e) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/modules\x00', 0x88880, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000300)='/dev/audio\x00', 0x140, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f0000000240)={[0xe, 0x91e3, 0xb, 0xc, 0x0, 0xf58, 0x3, 0x104412d, 0x8, 0x0, 0x4, 0xd, 0x8000000000000, 0x84c, 0x3, 0x7]}, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fbdbdf250f00000008000300", @ANYRES32=r4, @ANYBLOB="05002f0004"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) 5.166705492s ago: executing program 3 (id=2377): read$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffffff, &(0x7f0000000000)=""/38, 0x26) r0 = prctl$auto(0x21, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) mmap$auto(0x0, 0x3000c, 0x4000000000df, 0x4000eb1, 0x401, 0x10000) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x5402, r1) close_range$auto(0x2, 0x8, 0x0) pidfd_getfd$auto(r0, 0xffffffffffffffff, 0x0) 4.993599128s ago: executing program 4 (id=2378): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010028bd7000fbdbdf250f00000008000300", @ANYRES32=r2, @ANYBLOB="05002f0004"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) 4.904607567s ago: executing program 0 (id=2379): mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x7, 0xc1, 0x563, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = open(0x0, 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) readahead$auto(r0, 0x5, 0x0) ustat$auto(0x801, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r1 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xc}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) socketpair$auto(0x1, 0x1, 0x6, 0x0) r2 = socketcall$auto(0xffe, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0x4008ae61, r2) socket(0x18, 0x2, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) 4.758730158s ago: executing program 4 (id=2380): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae47, 0x10000000000402) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="00000500", @ANYRES16=0x0, @ANYBLOB="010037bd7000ffdbdf25100000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x20080800) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/uid_map\x00', 0x109800, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x0, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) pipe2$auto(0x0, 0x0) sendmsg$auto(r4, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x200, 0x4}, 0x0) socket(0x29, 0x2, 0x0) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) socket(0xa, 0x1, 0x84) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 4.70106375s ago: executing program 3 (id=2381): openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xea$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) r1 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) io_uring_setup$auto(0x2, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, 0x0, 0x55) mincore$auto(0x0, 0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r2, 0x4018620d, 0xffffffffffffffff) socket(0x10, 0x5, 0x6) socketpair$auto(0x400024, 0x4, 0x80000001, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto_split_huge_pages_fops_huge_memory(r0, &(0x7f0000000180)="048cae0a03ac22f592d4e31648274bd130cbccb7987e08e41eefe3219d8a21a8c938aaa1cb5e", 0x26) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f0000000140)={&(0x7f0000000000), 0x55}, 0x6, 0x8, 0x0) r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fchdir$auto(r3) 4.415482434s ago: executing program 0 (id=2382): r0 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) socket(0x2, 0x1, 0x0) ioctl$auto_RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, 0x0) mmap$auto(0x0, 0x0, 0x8000000df, 0x90, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/loop6/trace/pid\x00', 0x44840, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r5, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r5, 0x7cb, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) close_range$auto(0x2, 0x8, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/binderfs/binder0\x00', 0x102, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x8, 0xffffffffffffff4b, 0x5, 0x1823, 0x800000000004, 0x6, 0x10000000000005, 0x19, 0x10, 0x5, 0x2dde, 0x8, 0xfffffffffffffffb, 0xab, 0x0, 0x1000001]}, 0x0) 4.152923626s ago: executing program 4 (id=2383): r0 = openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim4/max_vfs\x00', 0x101040, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, r0, 0x8000) r1 = socket(0x2, 0x3, 0x10e) bind$auto(r1, &(0x7f0000000000)=@in={0x2, 0x4e21, @multicast1}, 0x6a) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x9, 0x3, 0x13, 0x940, 0x6, 0x3, 0x6, 0x2, 0x9, 0x5, 0x4, 0x7, 0x200000000000004, 0x9, 0x5, 0x800003, 0x5, 0x7, 0x100, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, [0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x10000000000000, 0x0, 0x7, 0x0, 0xfffdffff, 0x1, 0xfffffffffffffffb, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1000000000, 0x1], "bad2ad54f354a5838df4653af95a64da2226132b3c8792ca0c27fbe0a9aceee7ea1144b23369dacb84b7a0"}, 0x1fe, 0x81) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video47\x00', 0xc0480, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) write$auto(0x3, 0x0, 0x1) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fsconfig$auto_JFFS2_COMPR_MODE_NONE(r2, 0x9, 0x0, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x7, 0x3, 0x10001, 0x3, 0x5e, 0x80000001, 0x27, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d5) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x3, 0x29f9, 0x948e, 0xffffffffffffffff, 0x15f4da0a, 0x3, 0x1000, 0x64, 0x404000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) sendfile$auto(r4, r4, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r2, 0xc4) madvise$auto(0x8000000000000001, 0xfffdffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x6, 0x4, 0x105, 0x5) socket(0x22, 0x80000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x1, 0x84) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3) socket(0x2b, 0x800, 0x4b76) 3.358168638s ago: executing program 3 (id=2384): r0 = prctl$auto(0x21, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) mmap$auto(0x0, 0x3000c, 0x4000000000df, 0x4000eb1, 0x401, 0x10000) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) (fail_nth: 3) ioctl$auto(0x3, 0x5402, r1) close_range$auto(0x2, 0x8, 0x0) pidfd_getfd$auto(r0, 0xffffffffffffffff, 0x0) 2.842586435s ago: executing program 4 (id=2385): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x220200, 0x0) (async) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x220200, 0x0) close_range$auto(0x2, 0x8000, 0x0) (async) close_range$auto(0x2, 0x8000, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) getsockopt$auto_SO_SNDTIMEO_OLD(r2, 0x0, 0x15, &(0x7f0000000000)='/dev/kvm\x00', &(0x7f0000000080)=0x7) open(&(0x7f00000001c0)='./file0\x00', 0x4242, 0x0) r3 = open(&(0x7f0000000800)='./file0\x00', 0x22200, 0x154) r4 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x115) copy_file_range$auto(r4, 0x0, r3, 0x0, 0x21c1, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000000c0), 0x201, 0x0) (async) r5 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000000c0), 0x201, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_READ(r5, 0xc0085508, &(0x7f00000001c0)={0xfffa, 0x7, 0xffff, "c6a75034a5d09542a469c782f461074119b24b175d2d3442aacd8697a254661fe0464c8aef8229b23c43c48461556e2786a7956344abfe957d3bb1b2e0016081ae088a4c3246b0856eb62fa29828b4163193c05041288ca6a0debafd9c7462d06bf5f9158f0b2c9f9870109ed43a42c3e2388cfff42f03b24f8f7adf7cdc7e7ec0dd95d8498a2f46bbb003df6b093acda8fc83050c69a8a430434b59fe708a292835e6bd3fa7a28c1f9e46fa8fa449b351a3c7d6cfca4e13"}) (async) ioctl$auto_USB_RAW_IOCTL_EP_READ(r5, 0xc0085508, &(0x7f00000001c0)={0xfffa, 0x7, 0xffff, "c6a75034a5d09542a469c782f461074119b24b175d2d3442aacd8697a254661fe0464c8aef8229b23c43c48461556e2786a7956344abfe957d3bb1b2e0016081ae088a4c3246b0856eb62fa29828b4163193c05041288ca6a0debafd9c7462d06bf5f9158f0b2c9f9870109ed43a42c3e2388cfff42f03b24f8f7adf7cdc7e7ec0dd95d8498a2f46bbb003df6b093acda8fc83050c69a8a430434b59fe708a292835e6bd3fa7a28c1f9e46fa8fa449b351a3c7d6cfca4e13"}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r6, 0x4068aea3, &(0x7f0000000440)={0xce}) ioctl$auto(0x3, 0xae41, r1) (async) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000000040)={0xd, 0x0, 0x0, 0x8000000000000003}) socket$nl_generic(0x10, 0x3, 0x10) 2.742122151s ago: executing program 3 (id=2386): socket(0xa, 0x2, 0x3a) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 2.737132163s ago: executing program 0 (id=2387): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', 0x0}) mmap$auto(0x0, 0x7d, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = socket(0xa, 0x1, 0x84) getsockopt$auto_SO_TXREHASH(r3, 0x1, 0x4a, 0x0, &(0x7f00000002c0)=0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r4, 0x0, 0x20) ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto_SNDCTL_DSP_GETIPTR(0xffffffffffffffff, 0x800c5011, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0) write$auto(r3, 0x0, 0x6) read$auto(0xffffffffffffffff, 0x0, 0x20) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010028bd7000fbdbdf250f00000008000300", @ANYRES32=r2, @ANYBLOB="05002f0004"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f00000002c0), r6) sendmsg$auto_SMC_PNETID_FLUSH(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x14, r7, 0x4ebf37b1785661fb, 0x70bd27, 0x25dfdbfc}, 0x14}}, 0x30) sendmsg$auto_SMC_PNETID_ADD(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x14, r7, 0x300, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4004001) 2.570938724s ago: executing program 4 (id=2388): syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'pim6reg0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'pimreg1\x00'}) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4004000) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f0000000240)={0xffffffffffffffff, 0x7ff}) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x14, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(r0, &(0x7f00000005c0)='pim6reg0\x00', 0x6) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f00000001c0)={0x6, 0xcb}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00042dbd7000fbe2df2502000000080002000100000028e5ff102d084475a9db785e92655ba955715583cc8a50063b3f5b86a34d4538191f112a8151d1cd40b92ef28fecf0ee5384dc719adb2cdb504b5061949d21c6c08399099c7aeb25a44be34571d51bd758e1d8a1135a4f734dc9494b025b6bdf4fbbf44b5355558911de93218243672f35b4eebeff5095141729de40aee41da2a874a3096581f618dd02d4f9ea95617b64f8b2b91222aa5c540d25e26833945b44d647c86bb617"], 0x1c}, 0x1, 0x0, 0x0, 0x24008054}, 0x40) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r5 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000280), r1) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(r3, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r5, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004010}, 0x29882fe5309675a8) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r4, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000000640)=ANY=[], 0x28}}, 0x0) 1.716119416s ago: executing program 0 (id=2389): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) mmap$auto(0x0, 0xe983, 0xe2, 0xeb1, 0x401, 0x8000) r1 = io_uring_setup$auto(0x6, 0x0) mknod$auto(0x0, 0x63c1, 0x7ff) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0) read$auto(r0, 0x0, 0x800) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6) r2 = waitid$auto(0xc8, r1, &(0x7f0000000140)={@siginfo_0_0={0x40, 0x0, 0x6, @_sigsys={&(0x7f0000000080)="f0eec9fa5efeb0083e242d4258141138eef83195d1349fdd0948f1c5b2facfe7a45ec8eb315d78479adc864e88926e78a7d83127f33b648f84812470a669aa4a38e5307f85c3d1b72d1eee2bc919b2a4724d0efb8b5b7f53af93c4157cf3baea7f9a2d1837d3857e85901d75f4784e024a7386fdc75389798d7adf579cb2a3a5c078d7b3c16492ae7493d6cd7984e8dde52a0481561221ac5901030416e3fdb0626326ec7097bfef4574b854913770f455c5220f5adf20", 0x6, 0x4}}}, 0x8000, &(0x7f00000001c0)={{0x4, 0x4}, {0x2, 0xfe7b}, 0x6, 0x1, 0x1, 0x6, 0x699, 0x2ab, 0x9, 0x1, 0x2, 0xffffffff, 0x100000001, 0xfff, 0x2, 0x6}) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000080)={0x0, 0x100fff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000400), 0x40000000001243}, 0xa, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, &(0x7f0000000340)={0x2, 0xa17, 0x6, @inferred=r2, &(0x7f0000000000)={@inferred=r3, 0x1, 0xfffffff9, 0x4, "863b0e5b9f276cef4ed0db16cfc28ff31068e98f4c84755d504ec95ecfb8aa83add543395ea97afb451a11e0", @raw=0x2}, "93d2841943ee8b71434e36045244e6f4f442e71cc91cf16132e9e62231b32b03c1a333a686380c85f1e76bf01e45c6e68f72"}) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x202041, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) sysfs$auto(0x2, 0x1a, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0) ioctl$auto(r5, 0xc0285629, r5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) (async) mmap$auto(0x0, 0xe983, 0xe2, 0xeb1, 0x401, 0x8000) (async) io_uring_setup$auto(0x6, 0x0) (async) mknod$auto(0x0, 0x63c1, 0x7ff) (async) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0) (async) read$auto(r0, 0x0, 0x800) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) (async) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6) (async) waitid$auto(0xc8, r1, &(0x7f0000000140)={@siginfo_0_0={0x40, 0x0, 0x6, @_sigsys={&(0x7f0000000080)="f0eec9fa5efeb0083e242d4258141138eef83195d1349fdd0948f1c5b2facfe7a45ec8eb315d78479adc864e88926e78a7d83127f33b648f84812470a669aa4a38e5307f85c3d1b72d1eee2bc919b2a4724d0efb8b5b7f53af93c4157cf3baea7f9a2d1837d3857e85901d75f4784e024a7386fdc75389798d7adf579cb2a3a5c078d7b3c16492ae7493d6cd7984e8dde52a0481561221ac5901030416e3fdb0626326ec7097bfef4574b854913770f455c5220f5adf20", 0x6, 0x4}}}, 0x8000, &(0x7f00000001c0)={{0x4, 0x4}, {0x2, 0xfe7b}, 0x6, 0x1, 0x1, 0x6, 0x699, 0x2ab, 0x9, 0x1, 0x2, 0xffffffff, 0x100000001, 0xfff, 0x2, 0x6}) (async) getpid() (async) process_vm_readv$auto(r3, &(0x7f0000000080)={0x0, 0x100fff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000400), 0x40000000001243}, 0xa, 0x0) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, &(0x7f0000000340)={0x2, 0xa17, 0x6, @inferred=r2, &(0x7f0000000000)={@inferred=r3, 0x1, 0xfffffff9, 0x4, "863b0e5b9f276cef4ed0db16cfc28ff31068e98f4c84755d504ec95ecfb8aa83add543395ea97afb451a11e0", @raw=0x2}, "93d2841943ee8b71434e36045244e6f4f442e71cc91cf16132e9e62231b32b03c1a333a686380c85f1e76bf01e45c6e68f72"}) (async) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x202041, 0x0) (async) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async) sysfs$auto(0x2, 0x1a, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0) (async) ioctl$auto(r5, 0xc0285629, r5) (async) 1.681413411s ago: executing program 3 (id=2390): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) socket(0x10, 0x2, 0x0) (async) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYRESDEC=r2], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b) (async) write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b) 1.130836889s ago: executing program 0 (id=2391): r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/threads-max\x00', 0x20202, 0x0) (async) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/threads-max\x00', 0x20202, 0x0) sendfile$auto(r1, r2, 0x0, 0x716b) splice$auto(r0, &(0x7f0000000040), r1, &(0x7f00000000c0)=0x9, 0xa5a9, 0x7) (async) splice$auto(r0, &(0x7f0000000040), r1, &(0x7f00000000c0)=0x9, 0xa5a9, 0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = ioctl$auto_NS_GET_TGID_FROM_PIDNS(0xffffffffffffffff, 0x8004b707, &(0x7f0000000080)=0x1000) read$auto_tracing_total_entries_fops_trace(r4, &(0x7f0000000100), 0x0) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000280), 0xffffffffffffffff) (async) r5 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r3, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000003a00)={0x34, r5, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x1c, 0x1, 0x0, 0x1, [@nested={0x15, 0x139, 0x0, 0x1, [@nested={0x4, 0xeb}, @typed={0x8, 0x2d, 0x0, 0x0, @fd}, @generic="5ecb8698ec"]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x4000048) 1.000864116s ago: executing program 2 (id=2348): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/usbmon8\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) r0 = io_uring_setup$auto(0x401, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x7c, r1, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_PEER_AID={0x6}, @NL80211_ATTR_SUPPORTED_SELECTORS={0x60, 0x14e, "a03f9ef32c9e810813d56ea0501be80163ebf79325c07507f4cacadd1ded6c7d0a71eaf8a3b56d61448f9147e0174b3e5b1ea4b043e522996afd28776e97c2ff12030639c679dc3f6eb5801d3091bd416025c322f3922dc1ed06ecb6"}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x40800) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) sysfs$auto(0x2, 0x0, 0x0) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto(r2, 0x6, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) fsconfig$auto_JFFS2_COMPR_MODE_NONE(r2, 0x3, &(0x7f0000000080)='/dev/snd/controlC2\x00', &(0x7f00000000c0)="6ffd", 0x0) openat$auto_lowpan_control_fops_6lowpan(0xffffffffffffff9c, &(0x7f0000000180), 0x900, 0x0) read$auto(0x3, 0x0, 0xfdef) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) 624.093738ms ago: executing program 4 (id=2393): syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'pim6reg0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'pimreg1\x00'}) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4004000) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f0000000240)={0xffffffffffffffff, 0x7ff}) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x14, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(r0, &(0x7f00000005c0)='pim6reg0\x00', 0x6) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f00000001c0)={0x6, 0xcb}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00042dbd7000fbe2df2502000000080002000100000028e5ff102d084475a9db785e92655ba955715583cc8a50063b3f5b86a34d4538191f112a8151d1cd40b92ef28fecf0ee5384dc719adb2cdb504b5061949d21c6c08399099c7aeb25a44be34571d51bd758e1d8a1135a4f734dc9494b025b6bdf4fbbf44b5355558911de93218243672f35b4eebeff5095141729de40aee41da2a874a3096581f618dd02d4f9ea95617b64f8b2b91222aa5c540d25e26833945b44d647c86bb617"], 0x1c}, 0x1, 0x0, 0x0, 0x24008054}, 0x40) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000280), r1) open(&(0x7f0000000500)='./file0\x00', 0x0, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r3, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000000640)=ANY=[], 0x28}}, 0x0) 582.526287ms ago: executing program 2 (id=2394): read$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffffff, &(0x7f0000000000)=""/38, 0x26) r0 = prctl$auto(0x21, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) mmap$auto(0x0, 0x3000c, 0x4000000000df, 0x4000eb1, 0x401, 0x10000) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x5402, r1) close_range$auto(0x2, 0x8, 0x0) pidfd_getfd$auto(r0, 0xffffffffffffffff, 0x0) 238.707µs ago: executing program 2 (id=2395): r0 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) socket(0x2, 0x1, 0x0) ioctl$auto_RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, 0x0) mmap$auto(0x0, 0x0, 0x8000000df, 0x90, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/loop6/trace/pid\x00', 0x44840, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r5, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r5, 0x7cb, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) close_range$auto(0x2, 0x8, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/binderfs/binder0\x00', 0x102, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x8, 0xffffffffffffff4b, 0x5, 0x1823, 0x800000000004, 0x6, 0x10000000000005, 0x19, 0x10, 0x5, 0x2dde, 0x8, 0xfffffffffffffffb, 0xab, 0x0, 0x1000001]}, 0x0) 0s ago: executing program 3 (id=2396): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/rpc/nfs4.nametoid/channel\x00', 0x8200, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty42\x00', 0x42200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x41) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r0, 0x4004550d, &(0x7f0000000180)=0x798) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1, 0xffffffffffffffff, 0xffffffffffffffff}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44}, 0x40090) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0xf}, 0x3, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x32f042, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000200), 0x406480, 0x0) socket(0x2, 0x2, 0x8001) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/nbd6/queue/wbt_lat_usec\x00', 0x1a9242, 0x0) sendfile$auto(r3, r3, 0x0, 0x2) r4 = open(&(0x7f0000000000)='./file0\x00', 0x101800, 0xbf) ioctl$auto_XFS_IOC_GET_RESBLKS(r1, 0x80105873, &(0x7f0000000280)={0x7, 0xe1de}) ppoll$auto(&(0x7f0000000180)={r4, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8) open(&(0x7f0000000100)='./file0\x00', 0xcc81, 0x108) kernel console output (not intermixed with test programs): syz.0.1942 Tainted: G L syzkaller #0 PREEMPT(full) [ 596.622551][T14560] Tainted: [L]=SOFTLOCKUP [ 596.622558][T14560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 596.622567][T14560] Call Trace: [ 596.622573][T14560] [ 596.622580][T14560] dump_stack_lvl+0x16c/0x1f0 [ 596.622601][T14560] should_fail_ex+0x512/0x640 [ 596.622621][T14560] ? __kvmalloc_node_noprof+0x129/0xa40 [ 596.622648][T14560] should_failslab+0xc2/0x120 [ 596.622675][T14560] __kvmalloc_node_noprof+0x14a/0xa40 [ 596.622698][T14560] ? __pfx___mutex_lock+0x10/0x10 [ 596.622716][T14560] ? traverse.part.0.constprop.0+0x397/0x650 [ 596.622746][T14560] ? traverse.part.0.constprop.0+0x397/0x650 [ 596.622769][T14560] traverse.part.0.constprop.0+0x397/0x650 [ 596.622795][T14560] ? find_held_lock+0x2b/0x80 [ 596.622821][T14560] seq_read_iter+0x93c/0x12d0 [ 596.622844][T14560] ? aa_file_perm+0x2ad/0x1560 [ 596.622878][T14560] seq_read+0x3a3/0x570 [ 596.622901][T14560] ? __pfx_seq_read+0x10/0x10 [ 596.622927][T14560] ? get_pid_task+0xfc/0x250 [ 596.622951][T14560] ? __pfx_seq_read+0x10/0x10 [ 596.622973][T14560] proc_reg_read+0x240/0x330 [ 596.622995][T14560] ? __pfx_proc_reg_read+0x10/0x10 [ 596.623018][T14560] vfs_read+0x1e4/0xcf0 [ 596.623046][T14560] ? __pfx_vfs_read+0x10/0x10 [ 596.623069][T14560] ? find_held_lock+0x2b/0x80 [ 596.623091][T14560] ? __fget_files+0x204/0x3c0 [ 596.623118][T14560] ? __fget_files+0x20e/0x3c0 [ 596.623141][T14560] ? __fget_files+0x170/0x3c0 [ 596.623170][T14560] __x64_sys_pread64+0x1eb/0x250 [ 596.623197][T14560] ? __pfx___x64_sys_pread64+0x10/0x10 [ 596.623229][T14560] do_syscall_64+0xcd/0xf80 [ 596.623248][T14560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.623265][T14560] RIP: 0033:0x7f5c25f8f7c9 [ 596.623279][T14560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.623313][T14560] RSP: 002b:00007f5c26d94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 596.623331][T14560] RAX: ffffffffffffffda RBX: 00007f5c261e6090 RCX: 00007f5c25f8f7c9 [ 596.623342][T14560] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000006 [ 596.623351][T14560] RBP: 00007f5c26d94090 R08: 0000000000000000 R09: 0000000000000000 [ 596.623366][T14560] R10: 0000000000005ef6 R11: 0000000000000246 R12: 0000000000000001 [ 596.623376][T14560] R13: 00007f5c261e6128 R14: 00007f5c261e6090 R15: 00007fff3d4fc828 [ 596.623399][T14560] [ 597.625559][T14568] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1944'. [ 597.691858][T14572] [U] [ 597.694672][T14572] [U] [ 597.697391][T14572] [U] [ 597.700073][T14572] [U] [ 597.740543][T14572] [U] [ 597.743288][T14572] [U] [ 597.745978][T14572] [U] [ 597.748658][T14572] [U] [ 597.784070][T14572] [U] [ 597.786797][T14572] [U] [ 597.789480][T14572] [U] [ 597.792160][T14572] [U] [ 597.842404][T14572] [U] [ 597.845130][T14572] [U] [ 597.847817][T14572] [U] [ 597.850500][T14572] [U] [ 597.878737][T14572] [U] [ 598.794966][T14593] FAULT_INJECTION: forcing a failure. [ 598.794966][T14593] name failslab, interval 1, probability 0, space 0, times 0 [ 598.859821][T14593] CPU: 0 UID: 0 PID: 14593 Comm: syz.3.1953 Tainted: G L syzkaller #0 PREEMPT(full) [ 598.859850][T14593] Tainted: [L]=SOFTLOCKUP [ 598.859856][T14593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 598.859866][T14593] Call Trace: [ 598.859872][T14593] [ 598.859879][T14593] dump_stack_lvl+0x16c/0x1f0 [ 598.859901][T14593] should_fail_ex+0x512/0x640 [ 598.859922][T14593] ? __kmalloc_noprof+0xca/0x910 [ 598.859944][T14593] should_failslab+0xc2/0x120 [ 598.859970][T14593] __kmalloc_noprof+0xeb/0x910 [ 598.859990][T14593] ? kobject_get_path+0xd2/0x2d0 [ 598.860011][T14593] ? kobject_get_path+0xd2/0x2d0 [ 598.860027][T14593] kobject_get_path+0xd2/0x2d0 [ 598.860049][T14593] input_devices_seq_show+0x8d/0x1130 [ 598.860079][T14593] ? __pfx_input_devices_seq_show+0x10/0x10 [ 598.860103][T14593] ? __kvmalloc_node_noprof+0x3c9/0xa40 [ 598.860126][T14593] ? __pfx___mutex_lock+0x10/0x10 [ 598.860147][T14593] ? seq_list_start+0x9a/0xc0 [ 598.860170][T14593] traverse.part.0.constprop.0+0x107/0x650 [ 598.860197][T14593] ? find_held_lock+0x2b/0x80 [ 598.860224][T14593] seq_read_iter+0x93c/0x12d0 [ 598.860247][T14593] ? aa_file_perm+0x2ad/0x1560 [ 598.860281][T14593] seq_read+0x3a3/0x570 [ 598.860304][T14593] ? __pfx_seq_read+0x10/0x10 [ 598.860332][T14593] ? get_pid_task+0xfc/0x250 [ 598.860362][T14593] ? __pfx_seq_read+0x10/0x10 [ 598.860385][T14593] proc_reg_read+0x240/0x330 [ 598.860407][T14593] ? __pfx_proc_reg_read+0x10/0x10 [ 598.860429][T14593] vfs_read+0x1e4/0xcf0 [ 598.860458][T14593] ? __pfx_vfs_read+0x10/0x10 [ 598.860481][T14593] ? find_held_lock+0x2b/0x80 [ 598.860503][T14593] ? __fget_files+0x204/0x3c0 [ 598.860531][T14593] ? __fget_files+0x20e/0x3c0 [ 598.860554][T14593] ? __fget_files+0x170/0x3c0 [ 598.860584][T14593] __x64_sys_pread64+0x1eb/0x250 [ 598.860611][T14593] ? __pfx___x64_sys_pread64+0x10/0x10 [ 598.860644][T14593] do_syscall_64+0xcd/0xf80 [ 598.860662][T14593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.860680][T14593] RIP: 0033:0x7f6a0398f7c9 [ 598.860695][T14593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 598.860711][T14593] RSP: 002b:00007f6a047fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 598.860728][T14593] RAX: ffffffffffffffda RBX: 00007f6a03be5fa0 RCX: 00007f6a0398f7c9 [ 598.860739][T14593] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000006 [ 598.860749][T14593] RBP: 00007f6a047fc090 R08: 0000000000000000 R09: 0000000000000000 [ 598.860759][T14593] R10: 0000000000005ef6 R11: 0000000000000246 R12: 0000000000000001 [ 598.860769][T14593] R13: 00007f6a03be6038 R14: 00007f6a03be5fa0 R15: 00007ffcda89e408 [ 598.860791][T14593] [ 599.961602][T14599] Invalid ELF header magic: != ELF [ 601.388155][T14629] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1963'. [ 601.854971][T14640] random: crng reseeded on system resumption [ 602.252352][T14657] FAULT_INJECTION: forcing a failure. [ 602.252352][T14657] name failslab, interval 1, probability 0, space 0, times 0 [ 602.284544][T14655] sd 0:0:1:0: PR command failed: 1026 [ 602.309272][T14655] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 602.329121][T14657] CPU: 0 UID: 0 PID: 14657 Comm: syz.0.1969 Tainted: G L syzkaller #0 PREEMPT(full) [ 602.329149][T14657] Tainted: [L]=SOFTLOCKUP [ 602.329154][T14657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 602.329164][T14657] Call Trace: [ 602.329170][T14657] [ 602.329177][T14657] dump_stack_lvl+0x16c/0x1f0 [ 602.329199][T14657] should_fail_ex+0x512/0x640 [ 602.329220][T14657] ? __kmalloc_noprof+0xca/0x910 [ 602.329241][T14657] should_failslab+0xc2/0x120 [ 602.329276][T14657] __kmalloc_noprof+0xeb/0x910 [ 602.329293][T14657] ? lockdep_hardirqs_on+0x7c/0x110 [ 602.329310][T14657] ? kobject_get_path+0xd2/0x2d0 [ 602.329331][T14657] ? kobject_get_path+0xd2/0x2d0 [ 602.329347][T14657] kobject_get_path+0xd2/0x2d0 [ 602.329369][T14657] input_devices_seq_show+0x8d/0x1130 [ 602.329398][T14657] ? __pfx_input_devices_seq_show+0x10/0x10 [ 602.329423][T14657] ? __kvmalloc_node_noprof+0x3c9/0xa40 [ 602.329451][T14657] ? seq_list_start+0x9a/0xc0 [ 602.329474][T14657] traverse.part.0.constprop.0+0x107/0x650 [ 602.329505][T14657] seq_read_iter+0x93c/0x12d0 [ 602.329528][T14657] ? aa_file_perm+0x2ad/0x1560 [ 602.329561][T14657] seq_read+0x3a3/0x570 [ 602.329584][T14657] ? __pfx_seq_read+0x10/0x10 [ 602.329612][T14657] ? get_pid_task+0xfc/0x250 [ 602.329636][T14657] ? __pfx_seq_read+0x10/0x10 [ 602.329659][T14657] proc_reg_read+0x240/0x330 [ 602.329680][T14657] ? __pfx_proc_reg_read+0x10/0x10 [ 602.329703][T14657] vfs_read+0x1e4/0xcf0 [ 602.329732][T14657] ? __pfx_vfs_read+0x10/0x10 [ 602.329755][T14657] ? find_held_lock+0x2b/0x80 [ 602.329778][T14657] ? __fget_files+0x204/0x3c0 [ 602.329806][T14657] ? __fget_files+0x20e/0x3c0 [ 602.329829][T14657] ? __fget_files+0x170/0x3c0 [ 602.329859][T14657] __x64_sys_pread64+0x1eb/0x250 [ 602.329886][T14657] ? __pfx___x64_sys_pread64+0x10/0x10 [ 602.329918][T14657] do_syscall_64+0xcd/0xf80 [ 602.329937][T14657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 602.329955][T14657] RIP: 0033:0x7f5c25f8f7c9 [ 602.329969][T14657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 602.329987][T14657] RSP: 002b:00007f5c26db5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 602.330003][T14657] RAX: ffffffffffffffda RBX: 00007f5c261e5fa0 RCX: 00007f5c25f8f7c9 [ 602.330015][T14657] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000006 [ 602.330024][T14657] RBP: 00007f5c26db5090 R08: 0000000000000000 R09: 0000000000000000 [ 602.330034][T14657] R10: 0000000000005ef6 R11: 0000000000000246 R12: 0000000000000001 [ 602.330044][T14657] R13: 00007f5c261e6038 R14: 00007f5c261e5fa0 R15: 00007fff3d4fc828 [ 602.330067][T14657] [ 602.879435][T14655] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 605.151579][T14713] FAULT_INJECTION: forcing a failure. [ 605.151579][T14713] name failslab, interval 1, probability 0, space 0, times 0 [ 605.231610][T14713] CPU: 0 UID: 0 PID: 14713 Comm: syz.2.1982 Tainted: G L syzkaller #0 PREEMPT(full) [ 605.231640][T14713] Tainted: [L]=SOFTLOCKUP [ 605.231646][T14713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 605.231656][T14713] Call Trace: [ 605.231662][T14713] [ 605.231669][T14713] dump_stack_lvl+0x16c/0x1f0 [ 605.231691][T14713] should_fail_ex+0x512/0x640 [ 605.231713][T14713] ? __kmalloc_noprof+0xca/0x910 [ 605.231735][T14713] should_failslab+0xc2/0x120 [ 605.231762][T14713] __kmalloc_noprof+0xeb/0x910 [ 605.231780][T14713] ? lockdep_hardirqs_on+0x7c/0x110 [ 605.231797][T14713] ? kobject_get_path+0xd2/0x2d0 [ 605.231818][T14713] ? kobject_get_path+0xd2/0x2d0 [ 605.231834][T14713] kobject_get_path+0xd2/0x2d0 [ 605.231856][T14713] input_devices_seq_show+0x8d/0x1130 [ 605.231886][T14713] ? __pfx_input_devices_seq_show+0x10/0x10 [ 605.231910][T14713] ? __kvmalloc_node_noprof+0x3c9/0xa40 [ 605.231938][T14713] ? seq_list_start+0x9a/0xc0 [ 605.231961][T14713] traverse.part.0.constprop.0+0x107/0x650 [ 605.231993][T14713] seq_read_iter+0x93c/0x12d0 [ 605.232016][T14713] ? aa_file_perm+0x2ad/0x1560 [ 605.232049][T14713] seq_read+0x3a3/0x570 [ 605.232072][T14713] ? __pfx_seq_read+0x10/0x10 [ 605.232099][T14713] ? get_pid_task+0xfc/0x250 [ 605.232124][T14713] ? __pfx_seq_read+0x10/0x10 [ 605.232146][T14713] proc_reg_read+0x240/0x330 [ 605.232169][T14713] ? __pfx_proc_reg_read+0x10/0x10 [ 605.232191][T14713] vfs_read+0x1e4/0xcf0 [ 605.232227][T14713] ? __pfx_vfs_read+0x10/0x10 [ 605.232249][T14713] ? find_held_lock+0x2b/0x80 [ 605.232272][T14713] ? __fget_files+0x204/0x3c0 [ 605.232299][T14713] ? __fget_files+0x20e/0x3c0 [ 605.232322][T14713] ? __fget_files+0x170/0x3c0 [ 605.232352][T14713] __x64_sys_pread64+0x1eb/0x250 [ 605.232379][T14713] ? __pfx___x64_sys_pread64+0x10/0x10 [ 605.232412][T14713] do_syscall_64+0xcd/0xf80 [ 605.232430][T14713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.232447][T14713] RIP: 0033:0x7f2416f8f7c9 [ 605.232462][T14713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 605.232479][T14713] RSP: 002b:00007f2417dc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 605.232495][T14713] RAX: ffffffffffffffda RBX: 00007f24171e5fa0 RCX: 00007f2416f8f7c9 [ 605.232506][T14713] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000006 [ 605.232516][T14713] RBP: 00007f2417dc3090 R08: 0000000000000000 R09: 0000000000000000 [ 605.232526][T14713] R10: 0000000000005ef6 R11: 0000000000000246 R12: 0000000000000001 [ 605.232562][T14713] R13: 00007f24171e6038 R14: 00007f24171e5fa0 R15: 00007ffe42fbf378 [ 605.232585][T14713] [ 605.633231][T14715] syz.3.1985(14715): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 605.809519][T14719] FAULT_INJECTION: forcing a failure. [ 605.809519][T14719] name failslab, interval 1, probability 0, space 0, times 0 [ 605.822326][T14719] CPU: 0 UID: 0 PID: 14719 Comm: syz.2.1984 Tainted: G L syzkaller #0 PREEMPT(full) [ 605.822352][T14719] Tainted: [L]=SOFTLOCKUP [ 605.822358][T14719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 605.822368][T14719] Call Trace: [ 605.822374][T14719] [ 605.822381][T14719] dump_stack_lvl+0x16c/0x1f0 [ 605.822403][T14719] should_fail_ex+0x512/0x640 [ 605.822423][T14719] ? kmem_cache_alloc_noprof+0x62/0x770 [ 605.822447][T14719] should_failslab+0xc2/0x120 [ 605.822474][T14719] kmem_cache_alloc_noprof+0x83/0x770 [ 605.822496][T14719] ? __kernfs_new_node+0xd2/0x9b0 [ 605.822521][T14719] ? __kernfs_new_node+0xd2/0x9b0 [ 605.822540][T14719] __kernfs_new_node+0xd2/0x9b0 [ 605.822564][T14719] ? __pfx___kernfs_new_node+0x10/0x10 [ 605.822590][T14719] ? find_held_lock+0x2b/0x80 [ 605.822614][T14719] ? kernfs_root+0xee/0x2a0 [ 605.822638][T14719] kernfs_new_node+0x13c/0x1e0 [ 605.822666][T14719] kernfs_create_dir_ns+0x4c/0x1a0 [ 605.822692][T14719] sysfs_create_dir_ns+0x13a/0x2b0 [ 605.822713][T14719] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 605.822731][T14719] ? rcu_is_watching+0x12/0xc0 [ 605.822755][T14719] ? kfree+0x27d/0x6e0 [ 605.822772][T14719] ? rcu_is_watching+0x12/0xc0 [ 605.822799][T14719] kobject_add_internal+0x2c4/0x9d0 [ 605.822817][T14719] ? kfree_const+0x55/0x60 [ 605.822840][T14719] kobject_add+0x16e/0x240 [ 605.822858][T14719] ? __pfx_kobject_add+0x10/0x10 [ 605.822878][T14719] ? __pfx_kobject_add+0x10/0x10 [ 605.822906][T14719] blk_register_queue+0x89/0x4e0 [ 605.822927][T14719] __add_disk+0x74a/0xf00 [ 605.822952][T14719] ? find_held_lock+0x2b/0x80 [ 605.822976][T14719] add_disk_fwnode+0x3f8/0x5d0 [ 605.823005][T14719] zram_add+0x4bf/0x6f0 [ 605.823023][T14719] ? __pfx_zram_add+0x10/0x10 [ 605.823054][T14719] ? find_held_lock+0x2b/0x80 [ 605.823079][T14719] ? __pfx_hot_add_show+0x10/0x10 [ 605.823095][T14719] ? __pfx_class_attr_show+0x10/0x10 [ 605.823119][T14719] hot_add_show+0x21/0x80 [ 605.823136][T14719] class_attr_show+0x72/0xa0 [ 605.823161][T14719] sysfs_kf_seq_show+0x216/0x3e0 [ 605.823183][T14719] seq_read_iter+0x50e/0x12d0 [ 605.823241][T14719] kernfs_fop_read_iter+0x46c/0x610 [ 605.823268][T14719] ? rw_verify_area+0xcf/0x6c0 [ 605.823292][T14719] vfs_read+0x8bf/0xcf0 [ 605.823326][T14719] ? __pfx_vfs_read+0x10/0x10 [ 605.823367][T14719] ksys_read+0x12a/0x250 [ 605.823391][T14719] ? __pfx_ksys_read+0x10/0x10 [ 605.823423][T14719] do_syscall_64+0xcd/0xf80 [ 605.823442][T14719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.823459][T14719] RIP: 0033:0x7f2416f8f7c9 [ 605.823473][T14719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 605.823490][T14719] RSP: 002b:00007f2417dc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 605.823506][T14719] RAX: ffffffffffffffda RBX: 00007f24171e5fa0 RCX: 00007f2416f8f7c9 [ 605.823517][T14719] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 605.823527][T14719] RBP: 00007f2417013f91 R08: 0000000000000000 R09: 0000000000000000 [ 605.823537][T14719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.823546][T14719] R13: 00007f24171e6038 R14: 00007f24171e5fa0 R15: 00007ffe42fbf378 [ 605.823570][T14719] [ 605.823631][T14719] kobject: kobject_add_internal failed for queue (error: -12 parent: zram2) [ 607.121247][T14743] FAULT_INJECTION: forcing a failure. [ 607.121247][T14743] name failslab, interval 1, probability 0, space 0, times 0 [ 607.204509][T14743] CPU: 0 UID: 0 PID: 14743 Comm: syz.3.1992 Tainted: G L syzkaller #0 PREEMPT(full) [ 607.204538][T14743] Tainted: [L]=SOFTLOCKUP [ 607.204545][T14743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 607.204555][T14743] Call Trace: [ 607.204561][T14743] [ 607.204568][T14743] dump_stack_lvl+0x16c/0x1f0 [ 607.204591][T14743] should_fail_ex+0x512/0x640 [ 607.204612][T14743] ? __kmalloc_noprof+0xca/0x910 [ 607.204633][T14743] should_failslab+0xc2/0x120 [ 607.204661][T14743] __kmalloc_noprof+0xeb/0x910 [ 607.204679][T14743] ? lockdep_hardirqs_on+0x7c/0x110 [ 607.204696][T14743] ? kobject_get_path+0xd2/0x2d0 [ 607.204718][T14743] ? kobject_get_path+0xd2/0x2d0 [ 607.204734][T14743] kobject_get_path+0xd2/0x2d0 [ 607.204756][T14743] input_devices_seq_show+0x8d/0x1130 [ 607.204786][T14743] ? __pfx_input_devices_seq_show+0x10/0x10 [ 607.204810][T14743] ? __kvmalloc_node_noprof+0x3c9/0xa40 [ 607.204838][T14743] ? seq_list_start+0x9a/0xc0 [ 607.204861][T14743] traverse.part.0.constprop.0+0x107/0x650 [ 607.204892][T14743] seq_read_iter+0x93c/0x12d0 [ 607.204916][T14743] ? aa_file_perm+0x2ad/0x1560 [ 607.204949][T14743] seq_read+0x3a3/0x570 [ 607.204973][T14743] ? __pfx_seq_read+0x10/0x10 [ 607.205000][T14743] ? get_pid_task+0xfc/0x250 [ 607.205024][T14743] ? __pfx_seq_read+0x10/0x10 [ 607.205047][T14743] proc_reg_read+0x240/0x330 [ 607.205069][T14743] ? __pfx_proc_reg_read+0x10/0x10 [ 607.205092][T14743] vfs_read+0x1e4/0xcf0 [ 607.205122][T14743] ? __pfx_vfs_read+0x10/0x10 [ 607.205144][T14743] ? find_held_lock+0x2b/0x80 [ 607.205167][T14743] ? __fget_files+0x204/0x3c0 [ 607.205195][T14743] ? __fget_files+0x20e/0x3c0 [ 607.205224][T14743] ? __fget_files+0x170/0x3c0 [ 607.205255][T14743] __x64_sys_pread64+0x1eb/0x250 [ 607.205281][T14743] ? __pfx___x64_sys_pread64+0x10/0x10 [ 607.205314][T14743] do_syscall_64+0xcd/0xf80 [ 607.205332][T14743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.205350][T14743] RIP: 0033:0x7f6a0398f7c9 [ 607.205364][T14743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 607.205381][T14743] RSP: 002b:00007f6a047fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 607.205397][T14743] RAX: ffffffffffffffda RBX: 00007f6a03be5fa0 RCX: 00007f6a0398f7c9 [ 607.205408][T14743] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000006 [ 607.205418][T14743] RBP: 00007f6a047fc090 R08: 0000000000000000 R09: 0000000000000000 [ 607.205428][T14743] R10: 0000000000005ef6 R11: 0000000000000246 R12: 0000000000000001 [ 607.205438][T14743] R13: 00007f6a03be6038 R14: 00007f6a03be5fa0 R15: 00007ffcda89e408 [ 607.205460][T14743] [ 608.597151][T14757] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1997'. [ 608.797321][T14757] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1997'. [ 608.855003][T14759] FAULT_INJECTION: forcing a failure. [ 608.855003][T14759] name failslab, interval 1, probability 0, space 0, times 0 [ 608.954040][T14759] CPU: 0 UID: 0 PID: 14759 Comm: syz.2.1999 Tainted: G L syzkaller #0 PREEMPT(full) [ 608.954069][T14759] Tainted: [L]=SOFTLOCKUP [ 608.954075][T14759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 608.954085][T14759] Call Trace: [ 608.954092][T14759] [ 608.954098][T14759] dump_stack_lvl+0x16c/0x1f0 [ 608.954121][T14759] should_fail_ex+0x512/0x640 [ 608.954142][T14759] ? __kmalloc_noprof+0xca/0x910 [ 608.954164][T14759] should_failslab+0xc2/0x120 [ 608.954191][T14759] __kmalloc_noprof+0xeb/0x910 [ 608.954211][T14759] ? mpi_alloc_limb_space+0x31/0x60 [ 608.954233][T14759] ? mpi_alloc_limb_space+0x31/0x60 [ 608.954250][T14759] mpi_alloc_limb_space+0x31/0x60 [ 608.954268][T14759] mpi_alloc+0x199/0x230 [ 608.954284][T14759] ? mpi_free+0x14/0x160 [ 608.954300][T14759] mpi_read_raw_data+0x133/0x4a0 [ 608.954331][T14759] rsa_set_pub_key+0x149/0x270 [ 608.954351][T14759] ? __pfx_rsa_set_pub_key+0x10/0x10 [ 608.954377][T14759] ? __asan_memcpy+0x3c/0x60 [ 608.954402][T14759] rsassa_pkcs1_set_pub_key+0xce/0x1f0 [ 608.954427][T14759] public_key_verify_signature+0x779/0x970 [ 608.954451][T14759] ? __pfx_public_key_verify_signature+0x10/0x10 [ 608.954480][T14759] ? asymmetric_key_generate_id+0x7c/0x1b0 [ 608.954511][T14759] x509_check_for_self_signed+0x31a/0x500 [ 608.954536][T14759] x509_cert_parse+0x5f8/0x900 [ 608.954554][T14759] ? kasan_save_stack+0x42/0x60 [ 608.954577][T14759] ? kasan_save_stack+0x33/0x60 [ 608.954599][T14759] ? kasan_save_track+0x14/0x30 [ 608.954624][T14759] pkcs7_extract_cert+0xa4/0x3a0 [ 608.954649][T14759] asn1_ber_decoder+0xc84/0x1fa0 [ 608.954682][T14759] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 608.954721][T14759] pkcs7_parse_message+0x288/0x720 [ 608.954747][T14759] verify_pkcs7_signature+0x30/0xa0 [ 608.954771][T14759] valid_regdb+0x211/0x590 [ 608.954792][T14759] ? __pfx_valid_regdb+0x10/0x10 [ 608.954814][T14759] reg_reload_regdb+0x11a/0x460 [ 608.954836][T14759] ? __pfx_reg_reload_regdb+0x10/0x10 [ 608.954857][T14759] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 608.954880][T14759] ? nl80211_pre_doit+0x1b0/0xb10 [ 608.954907][T14759] genl_family_rcv_msg_doit+0x209/0x2f0 [ 608.954929][T14759] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 608.954948][T14759] ? genl_get_cmd+0x194/0x580 [ 608.954970][T14759] ? bpf_lsm_capable+0x9/0x10 [ 608.954993][T14759] ? security_capable+0x7e/0x260 [ 608.955015][T14759] genl_rcv_msg+0x55c/0x800 [ 608.955036][T14759] ? __pfx_genl_rcv_msg+0x10/0x10 [ 608.955060][T14759] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 608.955083][T14759] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 608.955100][T14759] ? __pfx_nl80211_post_doit+0x10/0x10 [ 608.955133][T14759] netlink_rcv_skb+0x158/0x420 [ 608.955149][T14759] ? __pfx_genl_rcv_msg+0x10/0x10 [ 608.955168][T14759] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 608.955205][T14759] ? netlink_deliver_tap+0x1ae/0xd30 [ 608.955234][T14759] genl_rcv+0x28/0x40 [ 608.955249][T14759] netlink_unicast+0x5aa/0x870 [ 608.955279][T14759] ? __pfx_netlink_unicast+0x10/0x10 [ 608.955306][T14759] ? __pfx___might_resched+0x10/0x10 [ 608.955330][T14759] ? __lock_acquire+0x436/0x2890 [ 608.955352][T14759] netlink_sendmsg+0x8c8/0xdd0 [ 608.955383][T14759] ? __pfx_netlink_sendmsg+0x10/0x10 [ 608.955414][T14759] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 608.955436][T14759] ____sys_sendmsg+0xa5d/0xc30 [ 608.955456][T14759] ? copy_msghdr_from_user+0x10a/0x160 [ 608.955481][T14759] ? __pfx_____sys_sendmsg+0x10/0x10 [ 608.955502][T14759] ? preempt_schedule_thunk+0x16/0x30 [ 608.955524][T14759] ? try_to_wake_up+0xa67/0x1860 [ 608.955551][T14759] ___sys_sendmsg+0x134/0x1d0 [ 608.955576][T14759] ? __pfx____sys_sendmsg+0x10/0x10 [ 608.955600][T14759] ? futex_private_hash_put+0x160/0x1b0 [ 608.955644][T14759] __sys_sendmsg+0x16d/0x220 [ 608.955669][T14759] ? __pfx___sys_sendmsg+0x10/0x10 [ 608.955693][T14759] ? __x64_sys_futex+0x1e0/0x4c0 [ 608.955726][T14759] do_syscall_64+0xcd/0xf80 [ 608.955745][T14759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.955763][T14759] RIP: 0033:0x7f2416f8f7c9 [ 608.955777][T14759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.955794][T14759] RSP: 002b:00007f2417dc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 608.955811][T14759] RAX: ffffffffffffffda RBX: 00007f24171e5fa0 RCX: 00007f2416f8f7c9 [ 608.955822][T14759] RDX: 00000000000000d0 RSI: 0000200000000580 RDI: 0000000000000005 [ 608.955832][T14759] RBP: 00007f2417013f91 R08: 0000000000000000 R09: 0000000000000000 [ 608.955842][T14759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 608.955852][T14759] R13: 00007f24171e6038 R14: 00007f24171e5fa0 R15: 00007ffe42fbf378 [ 608.955874][T14759] [ 609.871562][T14775] FAULT_INJECTION: forcing a failure. [ 609.871562][T14775] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 609.885179][T14775] CPU: 0 UID: 0 PID: 14775 Comm: syz.0.2003 Tainted: G L syzkaller #0 PREEMPT(full) [ 609.885205][T14775] Tainted: [L]=SOFTLOCKUP [ 609.885212][T14775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 609.885222][T14775] Call Trace: [ 609.885228][T14775] [ 609.885234][T14775] dump_stack_lvl+0x16c/0x1f0 [ 609.885263][T14775] should_fail_ex+0x512/0x640 [ 609.885287][T14775] _copy_to_user+0x32/0xd0 [ 609.885309][T14775] simple_read_from_buffer+0xcb/0x170 [ 609.885336][T14775] proc_fail_nth_read+0x197/0x240 [ 609.885354][T14775] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 609.885373][T14775] ? rw_verify_area+0xcf/0x6c0 [ 609.885395][T14775] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 609.885412][T14775] vfs_read+0x1e4/0xcf0 [ 609.885437][T14775] ? __pfx___mutex_lock+0x10/0x10 [ 609.885457][T14775] ? __pfx_vfs_read+0x10/0x10 [ 609.885487][T14775] ? __fget_files+0x20e/0x3c0 [ 609.885518][T14775] ksys_read+0x12a/0x250 [ 609.885542][T14775] ? __pfx_ksys_read+0x10/0x10 [ 609.885573][T14775] do_syscall_64+0xcd/0xf80 [ 609.885591][T14775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 609.885608][T14775] RIP: 0033:0x7f5c25f8e1dc [ 609.885623][T14775] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 609.885640][T14775] RSP: 002b:00007f5c26db5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 609.885656][T14775] RAX: ffffffffffffffda RBX: 00007f5c261e5fa0 RCX: 00007f5c25f8e1dc [ 609.885667][T14775] RDX: 000000000000000f RSI: 00007f5c26db50a0 RDI: 0000000000000007 [ 609.885677][T14775] RBP: 00007f5c26db5090 R08: 0000000000000000 R09: 0000000000000000 [ 609.885686][T14775] R10: 0000000000005ef6 R11: 0000000000000246 R12: 0000000000000001 [ 609.885696][T14775] R13: 00007f5c261e6038 R14: 00007f5c261e5fa0 R15: 00007fff3d4fc828 [ 609.885718][T14775] [ 610.459647][T14782] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2004'. [ 610.532665][T14784] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 610.662631][T14782] FAULT_INJECTION: forcing a failure. [ 610.662631][T14782] name failslab, interval 1, probability 0, space 0, times 0 [ 610.672590][T14787] FAULT_INJECTION: forcing a failure. [ 610.672590][T14787] name failslab, interval 1, probability 0, space 0, times 0 [ 610.701248][T14787] CPU: 1 UID: 0 PID: 14787 Comm: syz.0.2005 Tainted: G L syzkaller #0 PREEMPT(full) [ 610.701298][T14787] Tainted: [L]=SOFTLOCKUP [ 610.701308][T14787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 610.701323][T14787] Call Trace: [ 610.701332][T14787] [ 610.701344][T14787] dump_stack_lvl+0x16c/0x1f0 [ 610.701379][T14787] should_fail_ex+0x512/0x640 [ 610.701413][T14787] ? __kmalloc_noprof+0xca/0x910 [ 610.701449][T14787] should_failslab+0xc2/0x120 [ 610.701494][T14787] __kmalloc_noprof+0xeb/0x910 [ 610.701528][T14787] ? __register_sysctl_table+0xb3/0x1900 [ 610.701575][T14787] ? __register_sysctl_table+0xb3/0x1900 [ 610.701615][T14787] __register_sysctl_table+0xb3/0x1900 [ 610.701656][T14787] ? is_module_address+0x5f/0xf0 [ 610.701697][T14787] ? __pfx___register_sysctl_table+0x10/0x10 [ 610.701737][T14787] ? is_module_address+0x69/0xf0 [ 610.701769][T14787] ? register_net_sysctl_sz+0x222/0x450 [ 610.701805][T14787] ? __asan_memcpy+0x3c/0x60 [ 610.701846][T14787] xfrm6_net_init+0xf0/0x1c0 [ 610.701897][T14787] ? __pfx_xfrm6_net_init+0x10/0x10 [ 610.701939][T14787] ops_init+0x1e2/0x5f0 [ 610.701986][T14787] setup_net+0x11d/0x3a0 [ 610.702026][T14787] ? __pfx_setup_net+0x10/0x10 [ 610.702064][T14787] ? lockdep_init_map_type+0x5c/0x270 [ 610.702095][T14787] ? mutex_init_lockep+0x110/0x150 [ 610.702132][T14787] copy_net_ns+0x351/0x7c0 [ 610.702164][T14787] create_new_namespaces+0x3ea/0xab0 [ 610.702221][T14787] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 610.702264][T14787] ksys_unshare+0x45b/0xa40 [ 610.702292][T14787] ? __pfx_ksys_unshare+0x10/0x10 [ 610.702321][T14787] ? xfd_validate_state+0x61/0x180 [ 610.702361][T14787] __x64_sys_unshare+0x31/0x40 [ 610.702388][T14787] do_syscall_64+0xcd/0xf80 [ 610.702420][T14787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 610.702446][T14787] RIP: 0033:0x7f5c25f8f7c9 [ 610.702472][T14787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 610.702502][T14787] RSP: 002b:00007f5c26d94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 610.702530][T14787] RAX: ffffffffffffffda RBX: 00007f5c261e6090 RCX: 00007f5c25f8f7c9 [ 610.702550][T14787] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 610.702567][T14787] RBP: 00007f5c26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 610.702585][T14787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 610.702602][T14787] R13: 00007f5c261e6128 R14: 00007f5c261e6090 R15: 00007fff3d4fc828 [ 610.702644][T14787] [ 610.975224][T14782] CPU: 1 UID: 0 PID: 14782 Comm: syz.2.2004 Tainted: G L syzkaller #0 PREEMPT(full) [ 610.975279][T14782] Tainted: [L]=SOFTLOCKUP [ 610.975289][T14782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 610.975305][T14782] Call Trace: [ 610.975315][T14782] [ 610.975326][T14782] dump_stack_lvl+0x16c/0x1f0 [ 610.975360][T14782] should_fail_ex+0x512/0x640 [ 610.975393][T14782] ? __kmalloc_cache_noprof+0x5f/0x800 [ 610.975427][T14782] should_failslab+0xc2/0x120 [ 610.975469][T14782] __kmalloc_cache_noprof+0x80/0x800 [ 610.975499][T14782] ? pkcs7_parse_message+0x98/0x720 [ 610.975541][T14782] ? pkcs7_parse_message+0x98/0x720 [ 610.975573][T14782] pkcs7_parse_message+0x98/0x720 [ 610.975616][T14782] verify_pkcs7_signature+0x30/0xa0 [ 610.975654][T14782] valid_regdb+0x211/0x590 [ 610.975690][T14782] ? __pfx_valid_regdb+0x10/0x10 [ 610.975728][T14782] reg_reload_regdb+0x11a/0x460 [ 610.975760][T14782] ? __pfx_reg_reload_regdb+0x10/0x10 [ 610.975791][T14782] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 610.975824][T14782] ? nl80211_pre_doit+0x1b0/0xb10 [ 610.975867][T14782] genl_family_rcv_msg_doit+0x209/0x2f0 [ 610.975902][T14782] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 610.975934][T14782] ? genl_get_cmd+0x194/0x580 [ 610.975974][T14782] ? bpf_lsm_capable+0x9/0x10 [ 610.976010][T14782] ? security_capable+0x7e/0x260 [ 610.976049][T14782] genl_rcv_msg+0x55c/0x800 [ 610.976084][T14782] ? __pfx_genl_rcv_msg+0x10/0x10 [ 610.976114][T14782] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 610.976151][T14782] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 610.976181][T14782] ? __pfx_nl80211_post_doit+0x10/0x10 [ 610.976250][T14782] netlink_rcv_skb+0x158/0x420 [ 610.976278][T14782] ? __pfx_genl_rcv_msg+0x10/0x10 [ 610.976313][T14782] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 610.976378][T14782] ? netlink_deliver_tap+0x1ae/0xd30 [ 610.976429][T14782] genl_rcv+0x28/0x40 [ 610.976456][T14782] netlink_unicast+0x5aa/0x870 [ 610.976507][T14782] ? __pfx_netlink_unicast+0x10/0x10 [ 610.976570][T14782] netlink_sendmsg+0x8c8/0xdd0 [ 610.976624][T14782] ? __pfx_netlink_sendmsg+0x10/0x10 [ 610.976676][T14782] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 610.976715][T14782] ____sys_sendmsg+0xa5d/0xc30 [ 610.976748][T14782] ? copy_msghdr_from_user+0x10a/0x160 [ 610.976790][T14782] ? __pfx_____sys_sendmsg+0x10/0x10 [ 610.976817][T14782] ? preempt_schedule_thunk+0x16/0x30 [ 610.976855][T14782] ? try_to_wake_up+0xa67/0x1860 [ 610.976898][T14782] ___sys_sendmsg+0x134/0x1d0 [ 610.976941][T14782] ? __pfx____sys_sendmsg+0x10/0x10 [ 610.976983][T14782] ? futex_private_hash_put+0x160/0x1b0 [ 610.977064][T14782] __sys_sendmsg+0x16d/0x220 [ 610.977106][T14782] ? __pfx___sys_sendmsg+0x10/0x10 [ 610.977144][T14782] ? __x64_sys_futex+0x1e0/0x4c0 [ 610.977205][T14782] do_syscall_64+0xcd/0xf80 [ 610.977246][T14782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 610.977275][T14782] RIP: 0033:0x7f2416f8f7c9 [ 610.977303][T14782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 610.977331][T14782] RSP: 002b:00007f2417dc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 610.977359][T14782] RAX: ffffffffffffffda RBX: 00007f24171e5fa0 RCX: 00007f2416f8f7c9 [ 610.977378][T14782] RDX: 00000000000000d0 RSI: 0000200000000580 RDI: 0000000000000005 [ 610.977396][T14782] RBP: 00007f2417013f91 R08: 0000000000000000 R09: 0000000000000000 [ 610.977413][T14782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 610.977430][T14782] R13: 00007f24171e6038 R14: 00007f24171e5fa0 R15: 00007ffe42fbf378 [ 610.977473][T14782] [ 612.735628][T14826] __vm_enough_memory: pid: 14826, comm: syz.2.2013, bytes: 4398046511104 not enough memory for the allocation [ 613.495766][T14830] ima: policy update failed [ 613.525906][ T30] audit: type=1802 audit(4294967485.200:41): pid=14830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2016" res=0 errno=0 [ 614.685431][T14859] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2023'. [ 614.725618][T14852] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2022'. [ 615.797002][T14878] FAULT_INJECTION: forcing a failure. [ 615.797002][T14878] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 615.862944][T14879] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2026'. [ 615.875880][T14878] CPU: 0 UID: 0 PID: 14878 Comm: syz.4.2027 Tainted: G L syzkaller #0 PREEMPT(full) [ 615.875908][T14878] Tainted: [L]=SOFTLOCKUP [ 615.875914][T14878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 615.875923][T14878] Call Trace: [ 615.875930][T14878] [ 615.875937][T14878] dump_stack_lvl+0x16c/0x1f0 [ 615.875959][T14878] should_fail_ex+0x512/0x640 [ 615.875984][T14878] _copy_from_user+0x2e/0xd0 [ 615.876004][T14878] move_addr_to_kernel+0x65/0x170 [ 615.876025][T14878] __sys_bind+0x11b/0x260 [ 615.876046][T14878] ? __pfx___sys_bind+0x10/0x10 [ 615.876072][T14878] ? xfd_validate_state+0x61/0x180 [ 615.876088][T14878] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 615.876110][T14878] __x64_sys_bind+0x72/0xb0 [ 615.876128][T14878] ? lockdep_hardirqs_on+0x7c/0x110 [ 615.876145][T14878] do_syscall_64+0xcd/0xf80 [ 615.876162][T14878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.876180][T14878] RIP: 0033:0x7ff74278f7c9 [ 615.876195][T14878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 615.876212][T14878] RSP: 002b:00007ff74360e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 615.876229][T14878] RAX: ffffffffffffffda RBX: 00007ff7429e6090 RCX: 00007ff74278f7c9 [ 615.876240][T14878] RDX: 000000000000006a RSI: 0000200000000040 RDI: 0000000000000005 [ 615.876250][T14878] RBP: 00007ff742813f91 R08: 0000000000000000 R09: 0000000000000000 [ 615.876260][T14878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 615.876270][T14878] R13: 00007ff7429e6128 R14: 00007ff7429e6090 R15: 00007ffd0a2137b8 [ 615.876291][T14878] [ 616.465758][T14859] Process accounting paused [ 616.479367][T14879] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2026'. [ 616.808044][ T30] audit: type=1800 audit(4294967488.479:42): pid=14901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2030" name="features" dev="configfs" ino=27504 res=0 errno=0 [ 617.945939][T14916] ima: policy update failed [ 617.951405][ T30] audit: type=1802 audit(4294967489.618:43): pid=14916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2034" res=0 errno=0 [ 619.064042][T14956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2041'. [ 619.252080][T14961] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2041'. [ 619.393543][T14960] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2039'. [ 620.819914][T14994] FAULT_INJECTION: forcing a failure. [ 620.819914][T14994] name failslab, interval 1, probability 0, space 0, times 0 [ 620.833575][T14994] CPU: 0 UID: 0 PID: 14994 Comm: syz.2.2047 Tainted: G L syzkaller #0 PREEMPT(full) [ 620.833605][T14994] Tainted: [L]=SOFTLOCKUP [ 620.833611][T14994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 620.833621][T14994] Call Trace: [ 620.833627][T14994] [ 620.833634][T14994] dump_stack_lvl+0x16c/0x1f0 [ 620.833657][T14994] should_fail_ex+0x512/0x640 [ 620.833678][T14994] ? kmem_cache_alloc_noprof+0x62/0x770 [ 620.833703][T14994] should_failslab+0xc2/0x120 [ 620.833730][T14994] kmem_cache_alloc_noprof+0x83/0x770 [ 620.833751][T14994] ? __proc_create+0x2c8/0x8d0 [ 620.833778][T14994] ? __proc_create+0x2c8/0x8d0 [ 620.833800][T14994] __proc_create+0x2c8/0x8d0 [ 620.833823][T14994] ? __pfx___proc_create+0x10/0x10 [ 620.833848][T14994] ? _raw_write_unlock+0x28/0x50 [ 620.833873][T14994] ? proc_register+0x559/0x8b0 [ 620.833900][T14994] proc_create_reg+0x7d/0x180 [ 620.833924][T14994] ? __pfx_sctp_snmp_seq_show+0x10/0x10 [ 620.833950][T14994] proc_create_net_single+0x86/0x180 [ 620.833975][T14994] ? __pfx_proc_create_net_single+0x10/0x10 [ 620.834006][T14994] sctp_proc_init+0xaa/0x270 [ 620.834032][T14994] ? __pfx_sctp_defaults_init+0x10/0x10 [ 620.834048][T14994] sctp_defaults_init+0x758/0xd90 [ 620.834065][T14994] ? __pfx_sctp_defaults_init+0x10/0x10 [ 620.834081][T14994] ops_init+0x1e2/0x5f0 [ 620.834107][T14994] setup_net+0x11d/0x3a0 [ 620.834133][T14994] ? __pfx_setup_net+0x10/0x10 [ 620.834156][T14994] ? lockdep_init_map_type+0x5c/0x270 [ 620.834174][T14994] ? mutex_init_lockep+0x110/0x150 [ 620.834195][T14994] copy_net_ns+0x351/0x7c0 [ 620.834213][T14994] create_new_namespaces+0x3ea/0xab0 [ 620.834241][T14994] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 620.834266][T14994] ksys_unshare+0x45b/0xa40 [ 620.834282][T14994] ? __pfx_ksys_unshare+0x10/0x10 [ 620.834298][T14994] ? xfd_validate_state+0x61/0x180 [ 620.834319][T14994] __x64_sys_unshare+0x31/0x40 [ 620.834343][T14994] do_syscall_64+0xcd/0xf80 [ 620.834361][T14994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.834378][T14994] RIP: 0033:0x7f2416f8f7c9 [ 620.834393][T14994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 620.834410][T14994] RSP: 002b:00007f2417dc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 620.834427][T14994] RAX: ffffffffffffffda RBX: 00007f24171e5fa0 RCX: 00007f2416f8f7c9 [ 620.834439][T14994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 620.834448][T14994] RBP: 00007f2417013f91 R08: 0000000000000000 R09: 0000000000000000 [ 620.834458][T14994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.834468][T14994] R13: 00007f24171e6038 R14: 00007f24171e5fa0 R15: 00007ffe42fbf378 [ 620.834490][T14994] [ 620.962970][T14997] netlink: 'syz.4.2049': attribute type 1 has an invalid length. [ 621.205894][T14997] netlink: 322 bytes leftover after parsing attributes in process `syz.4.2049'. [ 621.634538][T15018] Invalid ELF header magic: != ELF [ 621.873993][T15021] ima: policy update failed [ 621.897953][ T30] audit: type=1802 audit(4294967299.330:44): pid=15021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2051" res=0 errno=0 [ 622.749346][ T30] audit: type=1800 audit(4294967300.180:45): pid=15044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2054" name="features" dev="configfs" ino=55330 res=0 errno=0 [ 623.958025][T15065] netlink: 'syz.0.2060': attribute type 1 has an invalid length. [ 623.980418][T15061] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2067'. [ 623.999177][T15065] netlink: 322 bytes leftover after parsing attributes in process `syz.0.2060'. [ 623.999237][T15061] netlink: 'syz.4.2067': attribute type 1 has an invalid length. [ 624.016238][T15061] netlink: 13 bytes leftover after parsing attributes in process `syz.4.2067'. [ 624.359280][T15073] netlink: 'syz.4.2064': attribute type 1 has an invalid length. [ 624.401823][T15075] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 624.428197][T15076] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2063'. [ 624.796127][T15080] Process accounting resumed [ 625.068168][T15086] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2066'. [ 625.096154][T15086] mac80211_hwsim hwsim4 ›: renamed from wlan0 (while UP) [ 625.494345][T15092] [U] [ 625.497218][T15092] [U] [ 625.499958][T15092] [U] [ 625.502673][T15092] [U] [ 625.527709][T15092] [U] [ 625.530476][T15092] [U] [ 625.533237][T15092] [U] [ 625.535971][T15092] [U] [ 625.539639][T15092] [U] [ 625.542397][T15092] [U] [ 625.545135][T15092] [U] [ 625.547874][T15092] [U] [ 625.552271][T15092] [U] [ 625.555023][T15092] [U] [ 625.557764][T15092] [U] [ 625.560488][T15092] [U] [ 625.578660][T15092] [U] [ 625.581423][T15092] [U] [ 625.584158][T15092] [U] [ 625.586895][T15092] [U] [ 625.613871][T15092] [U] [ 625.757988][T15120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2080'. [ 625.781732][ T30] audit: type=1800 audit(4294967303.200:46): pid=15119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2071" name="features" dev="configfs" ino=55080 res=0 errno=0 [ 625.833143][T15122] netlink: 'syz.2.2072': attribute type 1 has an invalid length. [ 625.862925][T15122] netlink: 322 bytes leftover after parsing attributes in process `syz.2.2072'. [ 626.124525][T15125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2073'. [ 626.161615][T15104] ima: policy update failed [ 626.166286][ T30] audit: type=1802 audit(4294967303.590:47): pid=15104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2070" res=0 errno=0 [ 626.235216][T15125] netlink: 'syz.0.2073': attribute type 1 has an invalid length. [ 626.247792][T15125] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2073'. [ 628.111448][T15172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2086'. [ 628.149615][T15172] netlink: 'syz.3.2086': attribute type 1 has an invalid length. [ 628.157424][T15172] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2086'. [ 628.936581][T15178] zswap: compressor not available [ 629.499291][T15203] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2095'. [ 629.508539][T15203] ipvlan0: entered promiscuous mode [ 629.513751][T15203] ipvlan0: entered allmulticast mode [ 629.542221][T15203] veth0_vlan: entered allmulticast mode [ 629.716574][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.723068][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.869149][T14317] Bluetooth: hci0: unexpected event 0x23 length: 127 > 13 [ 630.897875][T15232] XFS: Clearing xfsstats [ 631.387892][ T7992] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 631.713891][T15258] futex_wake_op: syz.0.2109 tries to shift op by -2048; fix this program [ 633.640808][T15287] zswap: compressor not available [ 635.573449][T15348] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2136'. [ 635.590514][T15348] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2136'. [ 635.868526][ T7992] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 636.754261][T15370] futex_wake_op: syz.2.2140 tries to shift op by -2048; fix this program [ 637.895594][T15391] [U] [ 637.898415][T15391] [U] [ 637.901108][T15391] [U] [ 637.903817][T15391] [U] [ 637.925463][T15391] [U] [ 637.928236][T15391] [U] [ 637.930975][T15391] [U] [ 637.933707][T15391] [U] [ 637.969534][T15391] [U] [ 637.972284][T15391] [U] [ 637.974986][T15391] [U] [ 637.977683][T15391] [U] [ 637.987849][T15391] [U] [ 637.990588][T15391] [U] [ 637.993277][T15391] [U] [ 637.995966][T15391] [U] [ 638.032291][T15391] [U] [ 638.323717][T15397] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2147'. [ 638.337290][T15397] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2147'. [ 639.244817][T15424] [U] [ 639.247662][T15424] [U] [ 639.250616][T15424] [U] [ 639.253316][T15424] [U] [ 639.278547][T15425] futex_wake_op: syz.3.2154 tries to shift op by -2048; fix this program [ 639.332384][T15424] [U] [ 639.335102][T15424] [U] [ 639.337794][T15424] [U] [ 639.340511][T15424] [U] [ 639.401729][T15424] [U] [ 639.404452][T15424] [U] [ 639.407145][T15424] [U] [ 639.409833][T15424] [U] [ 639.448083][T15424] [U] [ 639.450933][T15424] [U] [ 639.453782][T15424] [U] [ 639.456466][T15424] [U] [ 639.489248][T15424] [U] [ 639.670821][T15430] FAULT_INJECTION: forcing a failure. [ 639.670821][T15430] name failslab, interval 1, probability 0, space 0, times 0 [ 639.720766][T15430] CPU: 1 UID: 0 PID: 15430 Comm: syz.0.2156 Tainted: G L syzkaller #0 PREEMPT(full) [ 639.720807][T15430] Tainted: [L]=SOFTLOCKUP [ 639.720813][T15430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 639.720824][T15430] Call Trace: [ 639.720831][T15430] [ 639.720838][T15430] dump_stack_lvl+0x16c/0x1f0 [ 639.720860][T15430] should_fail_ex+0x512/0x640 [ 639.720881][T15430] ? __kmalloc_noprof+0xca/0x910 [ 639.720906][T15430] should_failslab+0xc2/0x120 [ 639.720933][T15430] __kmalloc_noprof+0xeb/0x910 [ 639.720950][T15430] ? lockdep_init_map_type+0x5c/0x270 [ 639.720968][T15430] ? __list_lru_init+0xe8/0x4c0 [ 639.720991][T15430] ? __list_lru_init+0xe8/0x4c0 [ 639.721009][T15430] __list_lru_init+0xe8/0x4c0 [ 639.721030][T15430] alloc_super+0x917/0xd00 [ 639.721059][T15430] sget_fc+0x116/0xc20 [ 639.721082][T15430] ? __pfx_set_anon_super_fc+0x10/0x10 [ 639.721105][T15430] ? __pfx_mqueue_fill_super+0x10/0x10 [ 639.721121][T15430] get_tree_nodev+0x28/0x190 [ 639.721154][T15430] mqueue_get_tree+0xf1/0x130 [ 639.721170][T15430] vfs_get_tree+0x8e/0x330 [ 639.721190][T15430] fc_mount_longterm+0x1a/0x270 [ 639.721214][T15430] mq_init_ns+0x482/0x810 [ 639.721234][T15430] copy_ipcs+0x3db/0x7d0 [ 639.721255][T15430] create_new_namespaces+0x20a/0xab0 [ 639.721279][T15430] ? security_capable+0x7e/0x260 [ 639.721299][T15430] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 639.721324][T15430] ksys_unshare+0x45b/0xa40 [ 639.721340][T15430] ? __pfx_ksys_unshare+0x10/0x10 [ 639.721356][T15430] ? xfd_validate_state+0x61/0x180 [ 639.721378][T15430] __x64_sys_unshare+0x31/0x40 [ 639.721393][T15430] do_syscall_64+0xcd/0xf80 [ 639.721415][T15430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.721443][T15430] RIP: 0033:0x7f5c25f8f7c9 [ 639.721467][T15430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.721489][T15430] RSP: 002b:00007f5c26d94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 639.721505][T15430] RAX: ffffffffffffffda RBX: 00007f5c261e6090 RCX: 00007f5c25f8f7c9 [ 639.721517][T15430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 639.721526][T15430] RBP: 00007f5c26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 639.721536][T15430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 639.721546][T15430] R13: 00007f5c261e6128 R14: 00007f5c261e6090 R15: 00007fff3d4fc828 [ 639.721568][T15430] [ 642.622023][T15497] netlink: 'syz.2.2170': attribute type 1 has an invalid length. [ 642.630181][T15497] netlink: 322 bytes leftover after parsing attributes in process `syz.2.2170'. [ 642.765574][T15500] [U] [ 642.768417][T15500] [U] [ 642.771132][T15500] [U] [ 642.773827][T15500] [U] [ 642.776911][T15500] [U] [ 642.779655][T15500] [U] [ 642.782395][T15500] [U] [ 642.785129][T15500] [U] [ 642.788622][T15500] [U] [ 642.791372][T15500] [U] [ 642.794115][T15500] [U] [ 642.796851][T15500] [U] [ 642.807937][T15500] [U] [ 642.810699][T15500] [U] [ 642.813429][T15500] [U] [ 642.816165][T15500] [U] [ 642.830785][T15500] [U] [ 642.833542][T15500] [U] [ 642.836275][T15500] [U] [ 642.839013][T15500] [U] [ 642.842544][T15500] [U] [ 642.845291][T15500] [U] [ 642.848033][T15500] [U] [ 642.850741][T15500] [U] [ 642.855046][T15500] [U] [ 642.857807][T15500] [U] [ 642.860538][T15500] [U] [ 642.863245][T15500] [U] [ 642.866655][T15500] [U] [ 644.145933][T15519] [U] [ 644.148804][T15519] [U] [ 644.151537][T15519] [U] [ 644.154255][T15519] [U] [ 644.170342][T15519] [U] [ 644.173075][T15519] [U] [ 644.175766][T15519] [U] [ 644.178485][T15519] [U] [ 644.191818][T15519] [U] [ 644.194595][T15519] [U] [ 644.197329][T15519] [U] [ 644.200069][T15519] [U] [ 644.218238][T15519] [U] [ 644.221005][T15519] [U] [ 644.223743][T15519] [U] [ 644.226476][T15519] [U] [ 644.232826][T15519] [U] [ 644.235582][T15519] [U] [ 644.238317][T15519] [U] [ 644.241040][T15519] [U] [ 644.270080][T15519] [U] [ 644.272841][T15519] [U] [ 644.275574][T15519] [U] [ 644.278307][T15519] [U] [ 644.281638][T15519] [U] [ 644.284389][T15519] [U] [ 644.287121][T15519] [U] [ 644.289857][T15519] [U] [ 644.312095][T15519] [U] [ 644.317933][T15530] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2182'. [ 644.347212][T15530] netlink: 'syz.0.2182': attribute type 1 has an invalid length. [ 644.364536][T15530] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2182'. [ 644.592959][T15539] netlink: 'syz.2.2179': attribute type 1 has an invalid length. [ 644.602603][T15539] netlink: 322 bytes leftover after parsing attributes in process `syz.2.2179'. [ 644.748808][T15541] netlink: 'syz.0.2180': attribute type 1 has an invalid length. [ 644.756608][T15541] netlink: 322 bytes leftover after parsing attributes in process `syz.0.2180'. [ 644.775381][T15543] [U] [ 644.778228][T15543] [U] [ 644.780965][T15543] [U] [ 644.783697][T15543] [U] [ 644.797088][T15549] FAULT_INJECTION: forcing a failure. [ 644.797088][T15549] name failslab, interval 1, probability 0, space 0, times 0 [ 644.810768][T15549] CPU: 1 UID: 0 PID: 15549 Comm: syz.2.2183 Tainted: G L syzkaller #0 PREEMPT(full) [ 644.810809][T15549] Tainted: [L]=SOFTLOCKUP [ 644.810819][T15549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 644.810845][T15549] Call Trace: [ 644.810855][T15549] [ 644.810865][T15549] dump_stack_lvl+0x16c/0x1f0 [ 644.810898][T15549] should_fail_ex+0x512/0x640 [ 644.810928][T15549] ? kmem_cache_alloc_noprof+0x62/0x770 [ 644.810963][T15549] should_failslab+0xc2/0x120 [ 644.811006][T15549] kmem_cache_alloc_noprof+0x83/0x770 [ 644.811044][T15549] ? getname_flags.part.0+0x4c/0x550 [ 644.811081][T15549] ? getname_flags.part.0+0x4c/0x550 [ 644.811110][T15549] getname_flags.part.0+0x4c/0x550 [ 644.811145][T15549] getname_flags+0x93/0xf0 [ 644.811183][T15549] do_sys_openat2+0xb9/0x290 [ 644.811215][T15549] ? __pfx_do_sys_openat2+0x10/0x10 [ 644.811262][T15549] __x64_sys_openat+0x174/0x210 [ 644.811295][T15549] ? __pfx___x64_sys_openat+0x10/0x10 [ 644.811344][T15549] do_syscall_64+0xcd/0xf80 [ 644.811375][T15549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 644.811412][T15549] RIP: 0033:0x7f2416f8f7c9 [ 644.811434][T15549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 644.811461][T15549] RSP: 002b:00007f2417d60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 644.811487][T15549] RAX: ffffffffffffffda RBX: 00007f24171e6270 RCX: 00007f2416f8f7c9 [ 644.811505][T15549] RDX: 0000000000000040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 644.811523][T15549] RBP: 00007f2417013f91 R08: 0000000000000000 R09: 0000000000000000 [ 644.811540][T15549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 644.811557][T15549] R13: 00007f24171e6308 R14: 00007f24171e6270 R15: 00007ffe42fbf378 [ 644.811595][T15549] [ 645.085486][T15543] [U] [ 645.088262][T15543] [U] [ 645.091003][T15543] [U] [ 645.093741][T15543] [U] [ 645.098740][T15543] [U] [ 645.101495][T15543] [U] [ 645.104235][T15543] [U] [ 645.106951][T15543] [U] [ 645.141038][T15543] [U] [ 645.143792][T15543] [U] [ 645.146533][T15543] [U] [ 645.149268][T15543] [U] [ 645.156994][T15543] [U] [ 645.159749][T15543] [U] [ 645.162492][T15543] [U] [ 645.165238][T15543] [U] [ 645.168172][T15543] [U] [ 645.170905][T15543] [U] [ 645.173643][T15543] [U] [ 645.176338][T15543] [U] [ 645.179106][T15543] [U] [ 645.554341][T15570] [U] [ 645.557238][T15570] [U] [ 645.559979][T15570] [U] [ 645.562715][T15570] [U] [ 645.580311][T15570] [U] [ 645.583082][T15570] [U] [ 645.585828][T15570] [U] [ 645.588584][T15570] [U] [ 645.612224][T15570] [U] [ 645.614987][T15570] [U] [ 645.617725][T15570] [U] [ 645.620457][T15570] [U] [ 645.624241][T15570] [U] [ 645.626981][T15570] [U] [ 645.629716][T15570] [U] [ 645.632453][T15570] [U] [ 645.640632][T15570] [U] [ 645.643382][T15570] [U] [ 645.646127][T15570] [U] [ 645.648857][T15570] [U] [ 645.652689][T15570] [U] [ 645.655436][T15570] [U] [ 645.658180][T15570] [U] [ 645.660920][T15570] [U] [ 645.670264][T15567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2187'. [ 645.680271][T15570] [U] [ 645.683459][T15567] netlink: 'syz.2.2187': attribute type 1 has an invalid length. [ 645.692663][T15567] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2187'. [ 646.304197][T15598] [U] [ 646.307067][T15598] [U] [ 646.309811][T15598] [U] [ 646.312550][T15598] [U] [ 646.338097][T15598] [U] [ 646.340865][T15598] [U] [ 646.343601][T15598] [U] [ 646.346333][T15598] [U] [ 646.390161][T15598] [U] [ 646.392939][T15598] [U] [ 646.395682][T15598] [U] [ 646.398422][T15598] [U] [ 646.401538][T15598] [U] [ 646.404289][T15598] [U] [ 646.407022][T15598] [U] [ 646.409764][T15598] [U] [ 646.447602][T15598] [U] [ 646.469559][T15604] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2196'. [ 646.514266][T15606] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2197'. [ 646.530517][T15608] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2197'. [ 646.555855][T15598] Process accounting resumed [ 646.711086][T15611] [U] [ 646.713964][T15611] [U] [ 646.716766][T15611] [U] [ 646.719501][T15611] [U] [ 646.740959][T15611] [U] [ 646.743725][T15611] [U] [ 646.746460][T15611] [U] [ 646.749198][T15611] [U] [ 646.783788][T15617] sp0: Synchronizing with TNC [ 646.787226][T15611] [U] [ 646.791246][T15611] [U] [ 646.793981][T15611] [U] [ 646.796721][T15611] [U] [ 646.808242][T15611] [U] [ 646.811007][T15611] [U] [ 646.813745][T15611] [U] [ 646.816116][T15617] blktrace: Concurrent blktraces are not allowed on loop2 [ 646.816461][T15611] [U] [ 646.843591][T15611] [U] [ 646.846354][T15611] [U] [ 646.849092][T15611] [U] [ 646.851820][T15611] [U] [ 646.857111][T15611] [U] [ 646.859856][T15611] [U] [ 646.862578][T15611] [U] [ 646.865294][T15611] [U] [ 646.878234][T15611] [U] [ 646.880998][T15611] [U] [ 646.883741][T15611] [U] [ 646.886485][T15611] [U] [ 646.907575][T15611] [U] [ 646.910346][T15611] [U] [ 646.913086][T15611] [U] [ 646.915833][T15611] [U] [ 646.921968][T15625] netlink: 'syz.0.2198': attribute type 1 has an invalid length. [ 646.935333][T15611] [U] [ 647.336713][T15628] ALSA: mixer_oss: invalid OSS volume '' [ 647.360865][T15642] FAULT_INJECTION: forcing a failure. [ 647.360865][T15642] name failslab, interval 1, probability 0, space 0, times 0 [ 647.386167][T15642] CPU: 0 UID: 0 PID: 15642 Comm: syz.2.2204 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.386217][T15642] Tainted: [L]=SOFTLOCKUP [ 647.386229][T15642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 647.386247][T15642] Call Trace: [ 647.386258][T15642] [ 647.386270][T15642] dump_stack_lvl+0x16c/0x1f0 [ 647.386305][T15642] should_fail_ex+0x512/0x640 [ 647.386337][T15642] ? __kmalloc_noprof+0xca/0x910 [ 647.386377][T15642] should_failslab+0xc2/0x120 [ 647.386424][T15642] __kmalloc_noprof+0xeb/0x910 [ 647.386458][T15642] ? __list_lru_init+0xe8/0x4c0 [ 647.386499][T15642] ? __list_lru_init+0xe8/0x4c0 [ 647.386531][T15642] __list_lru_init+0xe8/0x4c0 [ 647.386567][T15642] alloc_super+0x8ce/0xd00 [ 647.386618][T15642] sget_fc+0x116/0xc20 [ 647.386657][T15642] ? __pfx_set_anon_super_fc+0x10/0x10 [ 647.386697][T15642] ? __pfx_mqueue_fill_super+0x10/0x10 [ 647.386725][T15642] get_tree_nodev+0x28/0x190 [ 647.386769][T15642] mqueue_get_tree+0xf1/0x130 [ 647.386798][T15642] vfs_get_tree+0x8e/0x330 [ 647.386833][T15642] fc_mount_longterm+0x1a/0x270 [ 647.386872][T15642] mq_init_ns+0x482/0x810 [ 647.386909][T15642] copy_ipcs+0x3db/0x7d0 [ 647.386947][T15642] create_new_namespaces+0x20a/0xab0 [ 647.386986][T15642] ? security_capable+0x7e/0x260 [ 647.387022][T15642] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 647.387066][T15642] ksys_unshare+0x45b/0xa40 [ 647.387093][T15642] ? __pfx_ksys_unshare+0x10/0x10 [ 647.387132][T15642] ? xfd_validate_state+0x61/0x180 [ 647.387178][T15642] __x64_sys_unshare+0x31/0x40 [ 647.387204][T15642] do_syscall_64+0xcd/0xf80 [ 647.387237][T15642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.387267][T15642] RIP: 0033:0x7f2416f8f7c9 [ 647.387292][T15642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 647.387320][T15642] RSP: 002b:00007f2417da2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 647.387347][T15642] RAX: ffffffffffffffda RBX: 00007f24171e6090 RCX: 00007f2416f8f7c9 [ 647.387367][T15642] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 647.387383][T15642] RBP: 00007f2417013f91 R08: 0000000000000000 R09: 0000000000000000 [ 647.387400][T15642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.387417][T15642] R13: 00007f24171e6128 R14: 00007f24171e6090 R15: 00007ffe42fbf378 [ 647.387458][T15642] [ 647.805204][T15651] FAULT_INJECTION: forcing a failure. [ 647.805204][T15651] name failslab, interval 1, probability 0, space 0, times 0 [ 647.885593][T15651] CPU: 1 UID: 0 PID: 15651 Comm: syz.0.2208 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.885644][T15651] Tainted: [L]=SOFTLOCKUP [ 647.885655][T15651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 647.885673][T15651] Call Trace: [ 647.885683][T15651] [ 647.885695][T15651] dump_stack_lvl+0x16c/0x1f0 [ 647.885728][T15651] should_fail_ex+0x512/0x640 [ 647.885756][T15651] ? __kmalloc_noprof+0xca/0x910 [ 647.885778][T15651] should_failslab+0xc2/0x120 [ 647.885805][T15651] __kmalloc_noprof+0xeb/0x910 [ 647.885830][T15651] ? __list_lru_init+0xe8/0x4c0 [ 647.885854][T15651] ? __list_lru_init+0xe8/0x4c0 [ 647.885872][T15651] __list_lru_init+0xe8/0x4c0 [ 647.885892][T15651] alloc_super+0x8ce/0xd00 [ 647.885920][T15651] sget_fc+0x116/0xc20 [ 647.885944][T15651] ? __pfx_set_anon_super_fc+0x10/0x10 [ 647.885966][T15651] ? __pfx_mqueue_fill_super+0x10/0x10 [ 647.885983][T15651] get_tree_nodev+0x28/0x190 [ 647.886007][T15651] mqueue_get_tree+0xf1/0x130 [ 647.886023][T15651] vfs_get_tree+0x8e/0x330 [ 647.886043][T15651] fc_mount_longterm+0x1a/0x270 [ 647.886066][T15651] mq_init_ns+0x482/0x810 [ 647.886094][T15651] copy_ipcs+0x3db/0x7d0 [ 647.886115][T15651] create_new_namespaces+0x20a/0xab0 [ 647.886139][T15651] ? security_capable+0x7e/0x260 [ 647.886159][T15651] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 647.886184][T15651] ksys_unshare+0x45b/0xa40 [ 647.886201][T15651] ? __pfx_ksys_unshare+0x10/0x10 [ 647.886218][T15651] ? xfd_validate_state+0x61/0x180 [ 647.886241][T15651] __x64_sys_unshare+0x31/0x40 [ 647.886255][T15651] do_syscall_64+0xcd/0xf80 [ 647.886273][T15651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.886290][T15651] RIP: 0033:0x7f5c25f8f7c9 [ 647.886306][T15651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 647.886322][T15651] RSP: 002b:00007f5c26d94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 647.886339][T15651] RAX: ffffffffffffffda RBX: 00007f5c261e6090 RCX: 00007f5c25f8f7c9 [ 647.886350][T15651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 647.886360][T15651] RBP: 00007f5c26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 647.886370][T15651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.886379][T15651] R13: 00007f5c261e6128 R14: 00007f5c261e6090 R15: 00007fff3d4fc828 [ 647.886402][T15651] [ 648.164072][T15654] FAULT_INJECTION: forcing a failure. [ 648.164072][T15654] name fail_futex, interval 1, probability 0, space 0, times 0 [ 648.177200][T15654] CPU: 1 UID: 0 PID: 15654 Comm: syz.4.2209 Tainted: G L syzkaller #0 PREEMPT(full) [ 648.177228][T15654] Tainted: [L]=SOFTLOCKUP [ 648.177234][T15654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 648.177244][T15654] Call Trace: [ 648.177250][T15654] [ 648.177256][T15654] dump_stack_lvl+0x16c/0x1f0 [ 648.177278][T15654] should_fail_ex+0x512/0x640 [ 648.177302][T15654] get_futex_key+0x1d0/0x15f0 [ 648.177324][T15654] ? __pfx_get_futex_key+0x10/0x10 [ 648.177348][T15654] ? find_held_lock+0x2b/0x80 [ 648.177369][T15654] ? ima_file_mprotect+0x1ba/0x690 [ 648.177404][T15654] futex_wait_setup+0x9d/0x570 [ 648.177452][T15654] __futex_wait+0x193/0x2f0 [ 648.177491][T15654] ? __pfx___futex_wait+0x10/0x10 [ 648.177532][T15654] ? __pfx_futex_wake_mark+0x10/0x10 [ 648.177560][T15654] ? futex_hash+0x2c5/0x380 [ 648.177580][T15654] ? futex_private_hash_put+0x160/0x1b0 [ 648.177600][T15654] futex_wait+0xe8/0x380 [ 648.177623][T15654] ? __pfx_futex_wait+0x10/0x10 [ 648.177659][T15654] do_futex+0x229/0x350 [ 648.177678][T15654] ? __pfx_do_futex+0x10/0x10 [ 648.177704][T15654] __x64_sys_futex+0x1e0/0x4c0 [ 648.177727][T15654] ? __pfx___x64_sys_futex+0x10/0x10 [ 648.177746][T15654] ? xfd_validate_state+0x61/0x180 [ 648.177762][T15654] ? __pfx_ksys_write+0x10/0x10 [ 648.177793][T15654] do_syscall_64+0xcd/0xf80 [ 648.177812][T15654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.177831][T15654] RIP: 0033:0x7ff74278f7c9 [ 648.177846][T15654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.177863][T15654] RSP: 002b:00007ff74362f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 648.177880][T15654] RAX: ffffffffffffffda RBX: 00007ff7429e5fa8 RCX: 00007ff74278f7c9 [ 648.177891][T15654] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff7429e5fa8 [ 648.177901][T15654] RBP: 00007ff7429e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 648.177911][T15654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 648.177921][T15654] R13: 00007ff7429e6038 R14: 00007ffd0a2136d0 R15: 00007ffd0a2137b8 [ 648.177943][T15654] [ 648.771481][T15663] [U] [ 648.774359][T15663] [U] [ 648.777092][T15663] [U] [ 648.779837][T15663] [U] [ 648.850140][T15663] [U] [ 648.852918][T15663] [U] [ 648.855658][T15663] [U] [ 648.858397][T15663] [U] [ 648.903022][T15663] [U] [ 648.905810][T15663] [U] [ 648.908551][T15663] [U] [ 648.911285][T15663] [U] [ 649.005061][T15663] [U] [ 649.007850][T15663] [U] [ 649.010575][T15663] [U] [ 649.013309][T15663] [U] [ 649.030084][T15663] [U] [ 649.032859][T15663] [U] [ 649.035608][T15663] [U] [ 649.038339][T15663] [U] [ 649.079073][T15663] [U] [ 649.205699][T15667] __nla_validate_parse: 2 callbacks suppressed [ 649.205726][T15667] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2212'. [ 649.238707][T15667] netlink: 'syz.2.2212': attribute type 1 has an invalid length. [ 649.246483][T15667] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2212'. [ 649.799567][T15695] netlink: 'syz.4.2217': attribute type 1 has an invalid length. [ 649.850758][T15696] FAULT_INJECTION: forcing a failure. [ 649.850758][T15696] name failslab, interval 1, probability 0, space 0, times 0 [ 649.897677][T15696] CPU: 0 UID: 0 PID: 15696 Comm: syz.2.2218 Tainted: G L syzkaller #0 PREEMPT(full) [ 649.897708][T15696] Tainted: [L]=SOFTLOCKUP [ 649.897714][T15696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 649.897724][T15696] Call Trace: [ 649.897731][T15696] [ 649.897738][T15696] dump_stack_lvl+0x16c/0x1f0 [ 649.897760][T15696] should_fail_ex+0x512/0x640 [ 649.897781][T15696] ? fs_reclaim_acquire+0xae/0x150 [ 649.897817][T15696] should_failslab+0xc2/0x120 [ 649.897844][T15696] __kmalloc_noprof+0xeb/0x910 [ 649.897864][T15696] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 649.897893][T15696] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 649.897918][T15696] tomoyo_realpath_from_path+0xc2/0x6e0 [ 649.897946][T15696] ? tomoyo_profile+0x47/0x60 [ 649.897963][T15696] tomoyo_path_number_perm+0x245/0x580 [ 649.897983][T15696] ? tomoyo_path_number_perm+0x237/0x580 [ 649.898006][T15696] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 649.898049][T15696] ? find_held_lock+0x2b/0x80 [ 649.898074][T15696] ? hook_file_ioctl_common+0x144/0x410 [ 649.898101][T15696] ? __fget_files+0x20e/0x3c0 [ 649.898129][T15696] security_file_ioctl+0x9b/0x240 [ 649.898152][T15696] __x64_sys_ioctl+0xb7/0x210 [ 649.898175][T15696] do_syscall_64+0xcd/0xf80 [ 649.898193][T15696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.898210][T15696] RIP: 0033:0x7f2416f8f7c9 [ 649.898224][T15696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 649.898241][T15696] RSP: 002b:00007f2417da2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 649.898257][T15696] RAX: ffffffffffffffda RBX: 00007f24171e6090 RCX: 00007f2416f8f7c9 [ 649.898268][T15696] RDX: 0000000000000000 RSI: 0000000000001261 RDI: 0000000000000005 [ 649.898278][T15696] RBP: 00007f2417013f91 R08: 0000000000000000 R09: 0000000000000000 [ 649.898287][T15696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 649.898297][T15696] R13: 00007f24171e6128 R14: 00007f24171e6090 R15: 00007ffe42fbf378 [ 649.898319][T15696] [ 649.898797][T15696] ERROR: Out of memory at tomoyo_realpath_from_path. [ 650.564754][T15704] [U] [ 650.567572][T15704] [U] [ 650.570259][T15704] [U] [ 650.572964][T15704] [U] [ 650.593701][T15705] FAULT_INJECTION: forcing a failure. [ 650.593701][T15705] name failslab, interval 1, probability 0, space 0, times 0 [ 650.607151][T15705] CPU: 0 UID: 0 PID: 15705 Comm: syz.3.2219 Tainted: G L syzkaller #0 PREEMPT(full) [ 650.607196][T15705] Tainted: [L]=SOFTLOCKUP [ 650.607207][T15705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 650.607225][T15705] Call Trace: [ 650.607235][T15705] [ 650.607246][T15705] dump_stack_lvl+0x16c/0x1f0 [ 650.607280][T15705] should_fail_ex+0x512/0x640 [ 650.607314][T15705] ? __kmalloc_noprof+0xca/0x910 [ 650.607362][T15705] should_failslab+0xc2/0x120 [ 650.607404][T15705] __kmalloc_noprof+0xeb/0x910 [ 650.607436][T15705] ? __list_lru_init+0xe8/0x4c0 [ 650.607475][T15705] ? __list_lru_init+0xe8/0x4c0 [ 650.607506][T15705] __list_lru_init+0xe8/0x4c0 [ 650.607542][T15705] alloc_super+0x8ce/0xd00 [ 650.607591][T15705] sget_fc+0x116/0xc20 [ 650.607631][T15705] ? __pfx_set_anon_super_fc+0x10/0x10 [ 650.607670][T15705] ? __pfx_mqueue_fill_super+0x10/0x10 [ 650.607697][T15705] get_tree_nodev+0x28/0x190 [ 650.607739][T15705] mqueue_get_tree+0xf1/0x130 [ 650.607768][T15705] vfs_get_tree+0x8e/0x330 [ 650.607801][T15705] fc_mount_longterm+0x1a/0x270 [ 650.607840][T15705] mq_init_ns+0x482/0x810 [ 650.607885][T15705] copy_ipcs+0x3db/0x7d0 [ 650.607923][T15705] create_new_namespaces+0x20a/0xab0 [ 650.607964][T15705] ? security_capable+0x7e/0x260 [ 650.607999][T15705] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 650.608041][T15705] ksys_unshare+0x45b/0xa40 [ 650.608077][T15705] ? __pfx_ksys_unshare+0x10/0x10 [ 650.608121][T15705] __x64_sys_unshare+0x31/0x40 [ 650.608146][T15705] do_syscall_64+0xcd/0xf80 [ 650.608178][T15705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.608207][T15705] RIP: 0033:0x7f6a0398f7c9 [ 650.608232][T15705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 650.608260][T15705] RSP: 002b:00007f6a047db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 650.608288][T15705] RAX: ffffffffffffffda RBX: 00007f6a03be6090 RCX: 00007f6a0398f7c9 [ 650.608307][T15705] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 650.608324][T15705] RBP: 00007f6a03a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 650.608342][T15705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 650.608358][T15705] R13: 00007f6a03be6128 R14: 00007f6a03be6090 R15: 00007ffcda89e408 [ 650.608400][T15705] [ 650.850461][T15704] [U] [ 650.853222][T15704] [U] [ 650.855973][T15704] [U] [ 650.858666][T15704] [U] [ 650.888191][T15704] [U] [ 651.183592][T15716] sp0: Synchronizing with TNC [ 651.252462][T15716] blktrace: Concurrent blktraces are not allowed on loop2 [ 651.354429][T15726] netlink: 62 bytes leftover after parsing attributes in process `syz.3.2225'. [ 652.481013][T15743] netlink: 'syz.2.2230': attribute type 1 has an invalid length. [ 652.702044][T15746] [U] [ 652.704922][T15746] [U] [ 652.707660][T15746] [U] [ 652.710393][T15746] [U] [ 652.715778][T15746] [U] [ 652.718538][T15746] [U] [ 652.721276][T15746] [U] [ 652.724016][T15746] [U] [ 652.728620][T15746] [U] [ 652.731368][T15746] [U] [ 652.734112][T15746] [U] [ 652.736841][T15746] [U] [ 652.740576][T15746] [U] [ 652.743328][T15746] [U] [ 652.746071][T15746] [U] [ 652.748805][T15746] [U] [ 652.752530][T15746] [U] [ 652.755278][T15746] [U] [ 652.758026][T15746] [U] [ 652.760762][T15746] [U] [ 652.764721][T15746] [U] [ 652.767469][T15746] [U] [ 652.770208][T15746] [U] [ 652.772986][T15746] [U] [ 652.782732][T15746] [U] [ 652.785501][T15746] [U] [ 652.788241][T15746] [U] [ 652.790985][T15746] [U] [ 652.796560][T15746] [U] [ 652.799314][T15746] [U] [ 652.802053][T15746] [U] [ 652.804797][T15746] [U] [ 652.810116][T15746] [U] [ 652.812865][T15746] [U] [ 652.815595][T15746] [U] [ 652.818325][T15746] [U] [ 652.842183][T15746] [U] [ 652.844991][T15746] [U] [ 652.847725][T15746] [U] [ 652.850455][T15746] [U] [ 652.857759][T15746] [U] [ 652.860521][T15746] [U] [ 652.863257][T15746] [U] [ 652.865993][T15746] [U] [ 652.870828][T15746] [U] [ 652.873592][T15746] [U] [ 652.876319][T15746] [U] [ 652.879056][T15746] [U] [ 652.884364][T15746] [U] [ 653.373890][T15758] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2235'. [ 653.667005][T15758] netlink: 'syz.0.2235': attribute type 1 has an invalid length. [ 653.685894][T15764] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69 [ 653.803071][T15758] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2235'. [ 654.512509][T15769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 654.557563][T15769] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 654.566132][T15769] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 654.724590][T15769] page_type: f5(slab) [ 654.739524][T15769] raw: 00fff00000000040 ffff88813ff27140 0000000000000000 dead000000000001 [ 654.760116][T15769] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 654.811931][T15769] head: 00fff00000000040 ffff88813ff27140 0000000000000000 dead000000000001 [ 654.827912][T15769] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 654.837257][T15769] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 654.853521][T15769] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 654.864935][T15769] page dumped because: unmovable page [ 654.871633][T15769] page_owner tracks the page as allocated [ 654.879604][T15769] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5305, tgid 5305 (v4l_id), ts 47916302958, free_ts 47822741499 [ 654.927377][T15769] post_alloc_hook+0x1af/0x220 [ 654.942393][T15769] get_page_from_freelist+0xd0b/0x31a0 [ 654.947965][T15769] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 654.953919][T15769] alloc_pages_mpol+0x1fb/0x550 [ 654.958902][T15769] new_slab+0x2c3/0x430 [ 654.963113][T15769] ___slab_alloc+0xe18/0x1c90 [ 654.967896][T15769] __slab_alloc.constprop.0+0x63/0x110 [ 654.973404][T15769] __kmalloc_noprof+0x4fc/0x910 [ 654.978331][T15769] tomoyo_realpath_from_path+0xc2/0x6e0 [ 654.983927][T15769] tomoyo_path_perm+0x274/0x460 [ 654.988881][T15769] security_inode_getattr+0x116/0x290 [ 654.994294][T15769] vfs_fstat+0x4b/0xe0 [ 654.998424][T15769] __do_sys_newfstat+0x87/0x100 [ 655.003320][T15769] do_syscall_64+0xcd/0xf80 [ 655.007880][T15769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.013808][T15769] page last free pid 5304 tgid 5304 stack trace: [ 655.020271][T15769] __free_frozen_pages+0x7df/0x1170 [ 655.025543][T15769] __put_partials+0x130/0x170 [ 655.030299][T15769] qlist_free_all+0x4c/0xf0 [ 655.034852][T15769] kasan_quarantine_reduce+0x195/0x1e0 [ 655.040419][T15769] __kasan_slab_alloc+0x69/0x90 [ 655.045319][T15769] __kmalloc_noprof+0x2f6/0x910 [ 655.050255][T15769] tomoyo_realpath_from_path+0xc2/0x6e0 [ 655.055860][T15769] tomoyo_path_perm+0x274/0x460 [ 655.060815][T15769] security_inode_getattr+0x116/0x290 [ 655.066232][T15769] vfs_fstat+0x4b/0xe0 [ 655.070444][T15769] __do_sys_newfstat+0x87/0x100 [ 655.097407][T15769] do_syscall_64+0xcd/0xf80 [ 655.112599][T15769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.265500][T15794] [U] [ 655.268378][T15794] [U] [ 655.271119][T15794] [U] [ 655.273863][T15794] [U] [ 655.276855][T15794] [U] [ 655.279597][T15794] [U] [ 655.282339][T15794] [U] [ 655.285076][T15794] [U] [ 655.289054][T15794] [U] [ 655.291813][T15794] [U] [ 655.294553][T15794] [U] [ 655.297306][T15794] [U] [ 655.301072][T15794] [U] [ 655.303817][T15794] [U] [ 655.306550][T15794] [U] [ 655.309287][T15794] [U] [ 655.313093][T15794] [U] [ 655.315843][T15794] [U] [ 655.318587][T15794] [U] [ 655.321312][T15794] [U] [ 655.326036][T15794] [U] [ 655.328790][T15794] [U] [ 655.331515][T15794] [U] [ 655.334225][T15794] [U] [ 655.375119][T15794] [U] [ 655.377889][T15794] [U] [ 655.380633][T15794] [U] [ 655.383358][T15794] [U] [ 655.441489][T15794] [U] [ 655.505202][T15784] FAULT_INJECTION: forcing a failure. [ 655.505202][T15784] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 655.531858][T15784] CPU: 1 UID: 0 PID: 15784 Comm: syz.3.2241 Tainted: G L syzkaller #0 PREEMPT(full) [ 655.531909][T15784] Tainted: [L]=SOFTLOCKUP [ 655.531920][T15784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 655.531937][T15784] Call Trace: [ 655.531948][T15784] [ 655.531960][T15784] dump_stack_lvl+0x16c/0x1f0 [ 655.531996][T15784] should_fail_ex+0x512/0x640 [ 655.532039][T15784] strncpy_from_user+0x3b/0x2e0 [ 655.532077][T15784] getname_flags.part.0+0x8f/0x550 [ 655.532118][T15784] getname_flags+0x93/0xf0 [ 655.532158][T15784] __x64_sys_execve+0x74/0xb0 [ 655.532201][T15784] do_syscall_64+0xcd/0xf80 [ 655.532235][T15784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.532265][T15784] RIP: 0033:0x7f6a0398f7c9 [ 655.532290][T15784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.532318][T15784] RSP: 002b:00007f6a047fc038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 655.532347][T15784] RAX: ffffffffffffffda RBX: 00007f6a03be5fa0 RCX: 00007f6a0398f7c9 [ 655.532367][T15784] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 655.532385][T15784] RBP: 00007f6a03a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 655.532403][T15784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.532420][T15784] R13: 00007f6a03be6038 R14: 00007f6a03be5fa0 R15: 00007ffcda89e408 [ 655.532461][T15784] [ 655.816316][T15796] Process accounting paused [ 657.863335][ C0] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8165b13a (__mcheck_cpu_init_prepare_banks+0x18a/0x380) [ 657.878900][ C0] Call Trace: [ 657.882220][ C0] [ 657.885076][ C0] ? __pfx___mcheck_cpu_init_prepare_banks+0x10/0x10 [ 657.891772][ C0] ? tick_irq_enter+0x16b/0x240 [ 657.896640][ C0] ? __pfx_mce_cpu_restart+0x10/0x10 [ 657.901932][ C0] mce_cpu_restart+0xd9/0x1f0 [ 657.906619][ C0] __flush_smp_call_function_queue+0x27d/0x8b0 [ 657.912798][ C0] __sysvec_call_function_single+0x87/0x3b0 [ 657.918715][ C0] sysvec_call_function_single+0x9f/0xc0 [ 657.924367][ C0] [ 657.927305][ C0] [ 657.930254][ C0] asm_sysvec_call_function_single+0x1a/0x20 [ 657.936243][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 657.941893][ C0] Code: 46 61 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 73 27 14 00 fb f4 4c 33 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 657.961513][ C0] RSP: 0018:ffffffff8e007df8 EFLAGS: 000002c6 [ 657.967592][ C0] RAX: 00000000002760c7 RBX: 0000000000000000 RCX: ffffffff8b7636d9 [ 657.975570][ C0] RDX: 0000000000000000 RSI: ffffffff8dacbe80 RDI: ffffffff8bf2b500 [ 657.983637][ C0] RBP: fffffbfff1c12f68 R08: 0000000000000001 R09: ffffed101708673d [ 657.991613][ C0] R10: ffff8880b84339eb R11: ffffffff8e098670 R12: 0000000000000000 [ 657.999588][ C0] R13: ffffffff8e097b40 R14: ffffffff908901d0 R15: 0000000000000000 [ 658.007577][ C0] ? ct_kernel_exit+0x139/0x190 [ 658.012441][ C0] default_idle+0x13/0x20 [ 658.016786][ C0] default_idle_call+0x6c/0xb0 [ 658.021558][ C0] do_idle+0x38d/0x510 [ 658.025649][ C0] ? __pfx_do_idle+0x10/0x10 [ 658.030268][ C0] cpu_startup_entry+0x4f/0x60 [ 658.035051][ C0] rest_init+0x16b/0x2b0 [ 658.039309][ C0] ? acpi_subsystem_init+0x133/0x180 [ 658.044605][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 658.050163][ C0] start_kernel+0x3ef/0x4d0 [ 658.054677][ C0] x86_64_start_reservations+0x18/0x30 [ 658.060152][ C0] x86_64_start_kernel+0x130/0x190 [ 658.065276][ C0] common_startup_64+0x13e/0x148 [ 658.070241][ C0] [ 658.759395][T15859] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2254'. [ 658.875641][T15854] netlink: 'syz.2.2254': attribute type 1 has an invalid length. [ 658.926517][T15854] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2254'. [ 659.291617][T15868] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2255'. [ 659.319358][T15868] netlink: 'syz.4.2255': attribute type 1 has an invalid length. [ 659.360685][T15868] netlink: 13 bytes leftover after parsing attributes in process `syz.4.2255'. [ 659.590985][T15873] [U] [ 659.593854][T15873] [U] [ 659.596585][T15873] [U] [ 659.599319][T15873] [U] [ 659.623807][T15873] [U] [ 659.626570][T15873] [U] [ 659.629310][T15873] [U] [ 659.632047][T15873] [U] [ 659.677481][T15873] [U] [ 659.680268][T15873] [U] [ 659.683015][T15873] [U] [ 659.685750][T15873] [U] [ 659.767399][T15873] [U] [ 659.799143][T15849] kexec: Could not allocate control_code_buffer [ 660.040090][T15888] FAULT_INJECTION: forcing a failure. [ 660.040090][T15888] name failslab, interval 1, probability 0, space 0, times 0 [ 660.071223][T15889] FAULT_INJECTION: forcing a failure. [ 660.071223][T15889] name failslab, interval 1, probability 0, space 0, times 0 [ 660.087529][T15889] CPU: 0 UID: 0 PID: 15889 Comm: syz.4.2260 Tainted: G L syzkaller #0 PREEMPT(full) [ 660.087579][T15889] Tainted: [L]=SOFTLOCKUP [ 660.087590][T15889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 660.087608][T15889] Call Trace: [ 660.087620][T15889] [ 660.087633][T15889] dump_stack_lvl+0x16c/0x1f0 [ 660.087668][T15889] should_fail_ex+0x512/0x640 [ 660.087713][T15889] ? __kmalloc_noprof+0xca/0x910 [ 660.087751][T15889] should_failslab+0xc2/0x120 [ 660.087798][T15889] __kmalloc_noprof+0xeb/0x910 [ 660.087832][T15889] ? __list_lru_init+0xe8/0x4c0 [ 660.087873][T15889] ? __list_lru_init+0xe8/0x4c0 [ 660.087904][T15889] __list_lru_init+0xe8/0x4c0 [ 660.087940][T15889] alloc_super+0x8ce/0xd00 [ 660.087989][T15889] sget_fc+0x116/0xc20 [ 660.088030][T15889] ? __pfx_set_anon_super_fc+0x10/0x10 [ 660.088070][T15889] ? __pfx_mqueue_fill_super+0x10/0x10 [ 660.088098][T15889] get_tree_nodev+0x28/0x190 [ 660.088143][T15889] mqueue_get_tree+0xf1/0x130 [ 660.088171][T15889] vfs_get_tree+0x8e/0x330 [ 660.088207][T15889] fc_mount_longterm+0x1a/0x270 [ 660.088247][T15889] mq_init_ns+0x482/0x810 [ 660.088285][T15889] copy_ipcs+0x3db/0x7d0 [ 660.088322][T15889] create_new_namespaces+0x20a/0xab0 [ 660.088364][T15889] ? security_capable+0x7e/0x260 [ 660.088398][T15889] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 660.088439][T15889] ksys_unshare+0x45b/0xa40 [ 660.088465][T15889] ? __pfx_ksys_unshare+0x10/0x10 [ 660.088494][T15889] ? xfd_validate_state+0x61/0x180 [ 660.088536][T15889] __x64_sys_unshare+0x31/0x40 [ 660.088563][T15889] do_syscall_64+0xcd/0xf80 [ 660.088596][T15889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.088626][T15889] RIP: 0033:0x7ff74278f7c9 [ 660.088651][T15889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.088680][T15889] RSP: 002b:00007ff74360e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 660.088718][T15889] RAX: ffffffffffffffda RBX: 00007ff7429e6090 RCX: 00007ff74278f7c9 [ 660.088739][T15889] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 660.088757][T15889] RBP: 00007ff742813f91 R08: 0000000000000000 R09: 0000000000000000 [ 660.088775][T15889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 660.088793][T15889] R13: 00007ff7429e6128 R14: 00007ff7429e6090 R15: 00007ffd0a2137b8 [ 660.088837][T15889] [ 660.092917][T15888] CPU: 0 UID: 0 PID: 15888 Comm: syz.0.2261 Tainted: G L syzkaller #0 PREEMPT(full) [ 660.092962][T15888] Tainted: [L]=SOFTLOCKUP [ 660.092973][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 660.092990][T15888] Call Trace: [ 660.093001][T15888] [ 660.093012][T15888] dump_stack_lvl+0x16c/0x1f0 [ 660.093046][T15888] should_fail_ex+0x512/0x640 [ 660.093087][T15888] should_failslab+0xc2/0x120 [ 660.093135][T15888] kmem_cache_alloc_noprof+0x83/0x770 [ 660.093173][T15888] ? skb_clone+0x190/0x3f0 [ 660.093224][T15888] ? skb_clone+0x190/0x3f0 [ 660.093262][T15888] skb_clone+0x190/0x3f0 [ 660.093306][T15888] netlink_deliver_tap+0xabd/0xd30 [ 660.093359][T15888] netlink_unicast+0x64c/0x870 [ 660.093412][T15888] ? __pfx_netlink_unicast+0x10/0x10 [ 660.093474][T15888] netlink_sendmsg+0x8c8/0xdd0 [ 660.093522][T15888] ? __pfx_netlink_sendmsg+0x10/0x10 [ 660.093570][T15888] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 660.093609][T15888] __sys_sendto+0x4a3/0x520 [ 660.093649][T15888] ? __pfx___sys_sendto+0x10/0x10 [ 660.093712][T15888] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 660.093755][T15888] ? count_memcg_events+0x122/0x290 [ 660.093830][T15888] __x64_sys_sendto+0xe0/0x1c0 [ 660.093867][T15888] ? do_syscall_64+0x91/0xf80 [ 660.093894][T15888] ? lockdep_hardirqs_on+0x7c/0x110 [ 660.093922][T15888] do_syscall_64+0xcd/0xf80 [ 660.093951][T15888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.093980][T15888] RIP: 0033:0x7f5c25f9165c [ 660.094006][T15888] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 660.094033][T15888] RSP: 002b:00007f5c26db3ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 660.094061][T15888] RAX: ffffffffffffffda RBX: 00007f5c26db3fc0 RCX: 00007f5c25f9165c [ 660.094079][T15888] RDX: 0000000000000020 RSI: 00007f5c26db4010 RDI: 0000000000000003 [ 660.094095][T15888] RBP: 0000000000000000 R08: 00007f5c26db3f14 R09: 000000000000000c [ 660.094112][T15888] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 660.094129][T15888] R13: 00007f5c26db3f68 R14: 00007f5c26db4010 R15: 0000000000000000 [ 660.094170][T15888] [ 660.848951][T15897] ima: policy update failed [ 660.853769][ T30] audit: type=1802 audit(4294967338.280:48): pid=15897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2262" res=0 errno=0 [ 661.239244][T15901] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2265'. [ 661.256875][T15901] netlink: 'syz.2.2265': attribute type 1 has an invalid length. [ 661.265211][T15901] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2265'. [ 663.199835][T15923] [U] [ 663.202724][T15923] [U] [ 663.205462][T15923] [U] [ 663.208205][T15923] [U] [ 663.257544][T15923] [U] [ 663.260299][T15923] [U] [ 663.263007][T15923] [U] [ 663.265711][T15923] [U] [ 663.308115][T15923] [U] [ 663.310890][T15923] [U] [ 663.313632][T15923] [U] [ 663.316369][T15923] [U] [ 663.337820][T15923] [U] [ 663.340586][T15923] [U] [ 663.343327][T15923] [U] [ 663.346063][T15923] [U] [ 663.361402][T15923] [U] [ 663.364170][T15923] [U] [ 663.366888][T15923] [U] [ 663.369692][T15923] [U] [ 663.434051][T15923] [U] [ 664.546441][T15953] sp0: Synchronizing with TNC [ 664.599376][T15953] blktrace: Concurrent blktraces are not allowed on loop2 [ 664.616174][ T7992] Bluetooth: hci1: unexpected subevent 0x01 length: 3 < 18 [ 665.547787][T15969] [U] [ 665.550640][T15969] [U] [ 665.553336][T15969] [U] [ 665.556028][T15969] [U] [ 665.610211][T15969] [U] [ 665.612998][T15969] [U] [ 665.615726][T15969] [U] [ 665.618460][T15969] [U] [ 665.658476][T15969] [U] [ 665.661254][T15969] [U] [ 665.663984][T15969] [U] [ 665.666676][T15969] [U] [ 665.733313][T15969] [U] [ 665.736042][T15969] [U] [ 665.738750][T15969] [U] [ 665.741436][T15969] [U] [ 665.782534][T15969] [U] [ 665.785328][T15969] [U] [ 665.788059][T15969] [U] [ 665.790778][T15969] [U] [ 665.807367][T15969] [U] [ 666.002005][T15974] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2285'. [ 666.519521][T15979] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2287'. [ 666.604903][T15979] netlink: 'syz.2.2287': attribute type 1 has an invalid length. [ 666.637390][T15979] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2287'. [ 667.087014][T15991] [U] [ 667.089850][T15991] [U] [ 667.092542][T15991] [U] [ 667.095243][T15991] [U] [ 667.151801][T15991] [U] [ 667.154527][T15991] [U] [ 667.157216][T15991] [U] [ 667.159926][T15991] [U] [ 667.197597][T15991] [U] [ 667.200333][T15991] [U] [ 667.203024][T15991] [U] [ 667.205714][T15991] [U] [ 667.234506][T15991] [U] [ 667.237253][T15991] [U] [ 667.239946][T15991] [U] [ 667.242648][T15991] [U] [ 667.301178][T15991] [U] [ 667.303933][T15991] [U] [ 667.306678][T15991] [U] [ 667.309365][T15991] [U] [ 667.412336][T15991] [U] [ 667.415068][T15991] [U] [ 667.417760][T15991] [U] [ 667.420474][T15991] [U] [ 667.462097][T15991] [U] [ 667.791188][T15998] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2291'. [ 667.801704][T15998] netlink: 'syz.4.2291': attribute type 1 has an invalid length. [ 667.809743][T15998] netlink: 13 bytes leftover after parsing attributes in process `syz.4.2291'. [ 668.453354][T16006] netlink: 'syz.4.2294': attribute type 1 has an invalid length. [ 668.494188][T16018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2296'. [ 668.538724][T16007] netlink: 'syz.2.2296': attribute type 1 has an invalid length. [ 668.630088][T16007] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2296'. [ 668.861235][T16006] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2294'. [ 669.484945][T16035] [U] [ 669.487850][T16035] [U] [ 669.490549][T16035] [U] [ 669.493235][T16035] [U] [ 669.505928][T16035] [U] [ 669.508655][T16035] [U] [ 669.511372][T16035] [U] [ 669.514057][T16035] [U] [ 669.607635][T16035] [U] [ 669.610402][T16035] [U] [ 669.613125][T16035] [U] [ 669.615828][T16035] [U] [ 669.657366][T16035] [U] [ 669.660146][T16035] [U] [ 669.662885][T16035] [U] [ 669.665637][T16035] [U] [ 669.707394][T16035] [U] [ 669.773871][T16045] sysfs_service_op_show: Client not running :-5: [ 670.002874][T16047] zswap: compressor not available [ 670.183373][T16055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2305'. [ 670.227594][T16055] netlink: 'syz.0.2305': attribute type 1 has an invalid length. [ 670.236083][T16055] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2305'. [ 670.769733][T16038] syz.3.2300 (16038) used greatest stack depth: 19480 bytes left [ 671.515107][T16039] syz.3.2300 (16039) used greatest stack depth: 19144 bytes left [ 671.598449][T16083] netlink: 'syz.0.2311': attribute type 1 has an invalid length. [ 671.734784][T16083] __nla_validate_parse: 1 callbacks suppressed [ 671.734808][T16083] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2311'. [ 672.451061][T16113] [U] [ 672.453926][T16113] [U] [ 672.456669][T16113] [U] [ 672.461010][T16113] [U] [ 672.473377][T16113] [U] [ 672.473434][T16113] [U] [ 672.473482][T16113] [U] [ 672.473530][T16113] [U] [ 672.473875][T16113] [U] [ 672.473927][T16113] [U] [ 672.473975][T16113] [U] [ 672.474023][T16113] [U] [ 672.474237][T16113] [U] [ 672.474283][T16113] [U] [ 672.474328][T16113] [U] [ 672.474377][T16113] [U] [ 672.474674][T16113] [U] [ 672.474723][T16113] [U] [ 672.474771][T16113] [U] [ 672.474818][T16113] [U] [ 672.475033][T16113] [U] [ 672.475081][T16113] [U] [ 672.475130][T16113] [U] [ 672.475177][T16113] [U] [ 672.475465][T16113] [U] [ 672.475513][T16113] [U] [ 672.475557][T16113] [U] [ 672.475610][T16113] [U] [ 672.475825][T16113] [U] [ 672.475875][T16113] [U] [ 672.475925][T16113] [U] [ 672.475975][T16113] [U] [ 672.476266][T16113] [U] [ 672.476315][T16113] [U] [ 672.476363][T16113] [U] [ 672.476410][T16113] [U] [ 672.476632][T16113] [U] [ 672.476680][T16113] [U] [ 672.476727][T16113] [U] [ 672.476775][T16113] [U] [ 672.477065][T16113] [U] [ 672.477115][T16113] [U] [ 672.477163][T16113] [U] [ 672.477208][T16113] [U] [ 672.486120][T16113] [U] [ 672.486167][T16113] [U] [ 672.486206][T16113] [U] [ 672.486248][T16113] [U] [ 672.490017][T16113] [U] [ 672.490068][T16113] [U] [ 672.490116][T16113] [U] [ 672.490162][T16113] [U] [ 672.490353][T16113] [U] [ 672.490401][T16113] [U] [ 672.490446][T16113] [U] [ 672.490491][T16113] [U] [ 672.490789][T16113] [U] [ 672.490835][T16113] [U] [ 672.490876][T16113] [U] [ 672.490922][T16113] [U] [ 672.491118][T16113] [U] [ 672.491169][T16113] [U] [ 672.491217][T16113] [U] [ 672.491261][T16113] [U] [ 672.491545][T16113] [U] [ 672.491599][T16113] [U] [ 672.491646][T16113] [U] [ 672.491694][T16113] [U] [ 672.491892][T16113] [U] [ 672.491936][T16113] [U] [ 672.491982][T16113] [U] [ 672.492027][T16113] [U] [ 672.492308][T16113] [U] [ 672.492357][T16113] [U] [ 672.492404][T16113] [U] [ 672.492451][T16113] [U] [ 672.492670][T16113] [U] [ 672.492719][T16113] [U] [ 672.492764][T16113] [U] [ 672.492803][T16113] [U] [ 672.495073][T16113] [U] [ 672.495114][T16113] [U] [ 672.495151][T16113] [U] [ 672.495184][T16113] [U] [ 672.495342][T16113] [U] [ 672.495392][T16113] [U] [ 672.495439][T16113] [U] [ 672.495487][T16113] [U] [ 672.495755][T16113] [U] [ 672.495793][T16113] [U] [ 672.495828][T16113] [U] [ 672.495865][T16113] [U] [ 672.496078][T16113] [U] [ 672.496122][T16113] [U] [ 672.496156][T16113] [U] [ 672.496188][T16113] [U] [ 672.496433][T16113] [U] [ 672.496480][T16113] [U] [ 672.496521][T16113] [U] [ 672.496559][T16113] [U] [ 672.496741][T16113] [U] [ 672.496787][T16113] [U] [ 672.496828][T16113] [U] [ 672.496868][T16113] [U] [ 672.497163][T16113] [U] [ 672.497214][T16113] [U] [ 672.497260][T16113] [U] [ 672.497292][T16113] [U] [ 672.497721][T16113] [U] [ 672.497770][T16113] [U] [ 672.497812][T16113] [U] [ 672.497855][T16113] [U] [ 672.499630][T16113] [U] [ 672.499680][T16113] [U] [ 672.499727][T16113] [U] [ 672.499772][T16113] [U] [ 672.499971][T16113] [U] [ 672.500018][T16113] [U] [ 672.500064][T16113] [U] [ 672.500106][T16113] [U] [ 672.500405][T16113] [U] [ 672.500451][T16113] [U] [ 672.500495][T16113] [U] [ 672.500541][T16113] [U] [ 672.500706][T16113] [U] [ 672.500752][T16113] [U] [ 672.500797][T16113] [U] [ 672.511959][T16113] [U] [ 672.949538][T16116] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2318'. [ 672.965854][T16116] netlink: 'syz.3.2318': attribute type 1 has an invalid length. [ 672.965885][T16116] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2318'. [ 673.953425][T16148] blktrace: Concurrent blktraces are not allowed on loop2 [ 674.387655][T16156] netlink: 'syz.2.2330': attribute type 1 has an invalid length. [ 674.555918][T16159] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2330'. [ 674.690683][T15800] syz.3.2241 (15800) used greatest stack depth: 18456 bytes left [ 675.570566][T16179] block nbd0: NBD_DISCONNECT [ 675.633464][T16172] phram: not enough arguments [ 675.656388][T16172] FAULT_INJECTION: forcing a failure. [ 675.656388][T16172] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 675.726244][T16172] CPU: 0 UID: 0 PID: 16172 Comm: syz.2.2334 Tainted: G L syzkaller #0 PREEMPT(full) [ 675.726276][T16172] Tainted: [L]=SOFTLOCKUP [ 675.726283][T16172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 675.726292][T16172] Call Trace: [ 675.726299][T16172] [ 675.726306][T16172] dump_stack_lvl+0x16c/0x1f0 [ 675.726328][T16172] should_fail_ex+0x512/0x640 [ 675.726352][T16172] should_fail_alloc_page+0xe7/0x130 [ 675.726381][T16172] prepare_alloc_pages+0x401/0x670 [ 675.726408][T16172] ? rcu_is_watching+0x12/0xc0 [ 675.726434][T16172] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 675.726461][T16172] ? __lock_acquire+0x436/0x2890 [ 675.726478][T16172] ? kimage_alloc_pages+0x2bc/0x350 [ 675.726505][T16172] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 675.726530][T16172] ? lock_acquire+0x179/0x330 [ 675.726548][T16172] ? find_next_iomem_res+0x3fb/0x4b0 [ 675.726583][T16172] ? do_raw_read_unlock+0x44/0xe0 [ 675.726604][T16172] ? _raw_read_unlock+0x28/0x50 [ 675.726629][T16172] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 675.726656][T16172] ? policy_nodemask+0xea/0x4e0 [ 675.726683][T16172] alloc_pages_mpol+0x1fb/0x550 [ 675.726710][T16172] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 675.726737][T16172] ? __pti_set_user_pgtbl+0xf1/0x190 [ 675.726761][T16172] alloc_pages_noprof+0x131/0x390 [ 675.726788][T16172] get_zeroed_page_noprof+0x18/0xb0 [ 675.726814][T16172] machine_kexec_prepare+0xff4/0x1720 [ 675.726848][T16172] ? __pfx_machine_kexec_prepare+0x10/0x10 [ 675.726877][T16172] ? __pfx_alloc_pgt_page+0x10/0x10 [ 675.726904][T16172] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 675.726937][T16172] do_kexec_load+0x61d/0x860 [ 675.726954][T16172] ? __pfx_do_kexec_load+0x10/0x10 [ 675.726972][T16172] ? _copy_from_user+0x59/0xd0 [ 675.726994][T16172] __x64_sys_kexec_load+0x1bf/0x230 [ 675.727012][T16172] do_syscall_64+0xcd/0xf80 [ 675.727030][T16172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.727047][T16172] RIP: 0033:0x7f2416f8f7c9 [ 675.727062][T16172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 675.727078][T16172] RSP: 002b:00007f2417dc3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 675.727095][T16172] RAX: ffffffffffffffda RBX: 00007f24171e5fa0 RCX: 00007f2416f8f7c9 [ 675.727106][T16172] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000000000ff [ 675.727116][T16172] RBP: 00007f2417013f91 R08: 0000000000000000 R09: 0000000000000000 [ 675.727126][T16172] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 675.727135][T16172] R13: 00007f24171e6038 R14: 00007f24171e5fa0 R15: 00007ffe42fbf378 [ 675.727175][T16172] [ 676.388248][T16198] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2338'. [ 676.398615][T16198] netlink: 'syz.0.2338': attribute type 1 has an invalid length. [ 676.406354][T16198] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2338'. [ 676.731665][T16191] Process accounting paused [ 677.829266][T14317] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 677.845193][T14317] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 677.855158][T14317] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 677.876191][T14317] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 677.884967][T14317] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 678.076637][T16237] FAULT_INJECTION: forcing a failure. [ 678.076637][T16237] name failslab, interval 1, probability 0, space 0, times 0 [ 678.151105][T16237] CPU: 0 UID: 0 PID: 16237 Comm: syz.4.2351 Tainted: G L syzkaller #0 PREEMPT(full) [ 678.151156][T16237] Tainted: [L]=SOFTLOCKUP [ 678.151167][T16237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 678.151185][T16237] Call Trace: [ 678.151195][T16237] [ 678.151208][T16237] dump_stack_lvl+0x16c/0x1f0 [ 678.151243][T16237] should_fail_ex+0x512/0x640 [ 678.151278][T16237] ? __kmalloc_noprof+0xca/0x910 [ 678.151317][T16237] should_failslab+0xc2/0x120 [ 678.151363][T16237] __kmalloc_noprof+0xeb/0x910 [ 678.151397][T16237] ? __list_lru_init+0xe8/0x4c0 [ 678.151436][T16237] ? __list_lru_init+0xe8/0x4c0 [ 678.151468][T16237] __list_lru_init+0xe8/0x4c0 [ 678.151505][T16237] alloc_super+0x8ce/0xd00 [ 678.151554][T16237] sget_fc+0x116/0xc20 [ 678.151593][T16237] ? __pfx_set_anon_super_fc+0x10/0x10 [ 678.151632][T16237] ? __pfx_mqueue_fill_super+0x10/0x10 [ 678.151661][T16237] get_tree_nodev+0x28/0x190 [ 678.151706][T16237] mqueue_get_tree+0xf1/0x130 [ 678.151734][T16237] vfs_get_tree+0x8e/0x330 [ 678.151771][T16237] fc_mount_longterm+0x1a/0x270 [ 678.151811][T16237] mq_init_ns+0x482/0x810 [ 678.151857][T16237] copy_ipcs+0x3db/0x7d0 [ 678.151895][T16237] create_new_namespaces+0x20a/0xab0 [ 678.151936][T16237] ? security_capable+0x7e/0x260 [ 678.151974][T16237] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 678.152020][T16237] ksys_unshare+0x45b/0xa40 [ 678.152047][T16237] ? __pfx_ksys_unshare+0x10/0x10 [ 678.152076][T16237] ? xfd_validate_state+0x61/0x180 [ 678.152116][T16237] __x64_sys_unshare+0x31/0x40 [ 678.152143][T16237] do_syscall_64+0xcd/0xf80 [ 678.152176][T16237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.152205][T16237] RIP: 0033:0x7ff74278f7c9 [ 678.152230][T16237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 678.152258][T16237] RSP: 002b:00007ff74360e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 678.152287][T16237] RAX: ffffffffffffffda RBX: 00007ff7429e6090 RCX: 00007ff74278f7c9 [ 678.152306][T16237] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 678.152324][T16237] RBP: 00007ff742813f91 R08: 0000000000000000 R09: 0000000000000000 [ 678.152341][T16237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 678.152359][T16237] R13: 00007ff7429e6128 R14: 00007ff7429e6090 R15: 00007ffd0a2137b8 [ 678.152402][T16237] [ 678.555009][T16242] netlink: 222 bytes leftover after parsing attributes in process `syz.3.2353'. [ 678.570686][T16244] FAULT_INJECTION: forcing a failure. [ 678.570686][T16244] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 678.584942][T16244] CPU: 1 UID: 0 PID: 16244 Comm: syz.0.2354 Tainted: G L syzkaller #0 PREEMPT(full) [ 678.584982][T16244] Tainted: [L]=SOFTLOCKUP [ 678.584992][T16244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 678.585008][T16244] Call Trace: [ 678.585017][T16244] [ 678.585028][T16244] dump_stack_lvl+0x16c/0x1f0 [ 678.585059][T16244] should_fail_ex+0x512/0x640 [ 678.585098][T16244] _copy_to_user+0x32/0xd0 [ 678.585133][T16244] simple_read_from_buffer+0xcb/0x170 [ 678.585172][T16244] proc_fail_nth_read+0x197/0x240 [ 678.585202][T16244] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 678.585234][T16244] ? rw_verify_area+0xcf/0x6c0 [ 678.585269][T16244] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 678.585299][T16244] vfs_read+0x1e4/0xcf0 [ 678.585339][T16244] ? __pfx___mutex_lock+0x10/0x10 [ 678.585374][T16244] ? __pfx_vfs_read+0x10/0x10 [ 678.585423][T16244] ? __fget_files+0x20e/0x3c0 [ 678.585470][T16244] ksys_read+0x12a/0x250 [ 678.585507][T16244] ? __pfx_ksys_read+0x10/0x10 [ 678.585558][T16244] do_syscall_64+0xcd/0xf80 [ 678.585586][T16244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.585613][T16244] RIP: 0033:0x7f5c25f8e1dc [ 678.585634][T16244] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 678.585659][T16244] RSP: 002b:00007f5c26db5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 678.585685][T16244] RAX: ffffffffffffffda RBX: 00007f5c261e5fa0 RCX: 00007f5c25f8e1dc [ 678.585703][T16244] RDX: 000000000000000f RSI: 00007f5c26db50a0 RDI: 0000000000000004 [ 678.585719][T16244] RBP: 00007f5c26db5090 R08: 0000000000000000 R09: 0000000000000000 [ 678.585735][T16244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 678.585751][T16244] R13: 00007f5c261e6038 R14: 00007f5c261e5fa0 R15: 00007fff3d4fc828 [ 678.585791][T16244] [ 678.621497][T16242] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 678.688506][T16248] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 678.919186][T12981] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 679.085833][T16231] chnl_net:caif_netlink_parms(): no params data found [ 679.146262][T12981] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 679.158221][T16256] netlink: 'syz.3.2356': attribute type 4 has an invalid length. [ 679.273617][T12981] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 679.439820][T16258] FAULT_INJECTION: forcing a failure. [ 679.439820][T16258] name failslab, interval 1, probability 0, space 0, times 0 [ 679.453207][T16258] CPU: 1 UID: 0 PID: 16258 Comm: syz.3.2356 Tainted: G L syzkaller #0 PREEMPT(full) [ 679.453254][T16258] Tainted: [L]=SOFTLOCKUP [ 679.453265][T16258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 679.453284][T16258] Call Trace: [ 679.453295][T16258] [ 679.453306][T16258] dump_stack_lvl+0x16c/0x1f0 [ 679.453341][T16258] should_fail_ex+0x512/0x640 [ 679.453376][T16258] ? lockdep_hardirqs_on+0x7c/0x110 [ 679.453411][T16258] should_failslab+0xc2/0x120 [ 679.453459][T16258] kmem_cache_alloc_noprof+0x83/0x770 [ 679.453495][T16258] ? do_raw_spin_lock+0x12c/0x2b0 [ 679.453537][T16258] ? inet_bind_bucket_create+0x2d/0x280 [ 679.453582][T16258] ? inet_bind_bucket_create+0x2d/0x280 [ 679.453620][T16258] inet_bind_bucket_create+0x2d/0x280 [ 679.453664][T16258] inet_csk_get_port+0x117d/0x2890 [ 679.453713][T16258] ? trace_inet_sock_set_state+0x194/0x1f0 [ 679.453753][T16258] ? __pfx_inet_csk_get_port+0x10/0x10 [ 679.453782][T16258] inet_csk_listen_start+0x158/0x380 [ 679.453815][T16258] __inet_listen_sk+0x20f/0x520 [ 679.453850][T16258] ? __pfx___inet_listen_sk+0x10/0x10 [ 679.453884][T16258] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 679.453926][T16258] ? __local_bh_enable_ip+0xa4/0x120 [ 679.453971][T16258] inet_listen+0x93/0xd0 [ 679.454007][T16258] smc_listen+0x5ff/0xbb0 [ 679.454049][T16258] __sys_listen_socket+0x117/0x160 [ 679.454082][T16258] __sys_listen+0xa7/0x130 [ 679.454127][T16258] __x64_sys_listen+0x53/0x80 [ 679.454161][T16258] do_syscall_64+0xcd/0xf80 [ 679.454194][T16258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 679.454223][T16258] RIP: 0033:0x7f6a0398f7c9 [ 679.454248][T16258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 679.454277][T16258] RSP: 002b:00007f6a047ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000032 [ 679.454306][T16258] RAX: ffffffffffffffda RBX: 00007f6a03be6180 RCX: 00007f6a0398f7c9 [ 679.454326][T16258] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000002 [ 679.454343][T16258] RBP: 00007f6a03a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 679.454360][T16258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 679.454377][T16258] R13: 00007f6a03be6218 R14: 00007f6a03be6180 R15: 00007ffcda89e408 [ 679.454420][T16258] [ 679.693254][T12981] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 679.896754][T16231] bridge0: port 1(bridge_slave_0) entered blocking state [ 679.904664][T16231] bridge0: port 1(bridge_slave_0) entered disabled state [ 679.914244][T16231] bridge_slave_0: entered allmulticast mode [ 679.924611][T16231] bridge_slave_0: entered promiscuous mode [ 679.947759][T14317] Bluetooth: hci3: command tx timeout [ 679.968146][T16231] bridge0: port 2(bridge_slave_1) entered blocking state [ 679.976371][T16231] bridge0: port 2(bridge_slave_1) entered disabled state [ 679.984130][T16231] bridge_slave_1: entered allmulticast mode [ 679.992353][T16231] bridge_slave_1: entered promiscuous mode [ 679.993946][T16270] [U] [ 680.001027][T16270] [U] [ 680.003769][T16270] [U] [ 680.006518][T16270] [U] [ 680.011658][T16270] [U] [ 680.014412][T16270] [U] [ 680.017139][T16270] [U] [ 680.019879][T16270] [U] [ 680.024883][T16270] [U] [ 680.027632][T16270] [U] [ 680.030379][T16270] [U] [ 680.033119][T16270] [U] [ 680.040167][T16270] [U] [ 680.042917][T16270] [U] [ 680.045658][T16270] [U] [ 680.048391][T16270] [U] [ 680.066789][T16270] [U] [ 680.069559][T16270] [U] [ 680.072296][T16270] [U] [ 680.075031][T16270] [U] [ 680.101902][T16270] [U] [ 680.104672][T16270] [U] [ 680.107414][T16270] [U] [ 680.110155][T16270] [U] [ 680.140408][T16231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 680.157741][T16270] [U] [ 680.171019][T16231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 680.183289][T12981] batadv0: left allmulticast mode [ 680.189341][T12981] batadv0: left promiscuous mode [ 680.195830][T12981] bridge0: port 3(batadv0) entered disabled state [ 680.218370][T12981] bridge_slave_1: left allmulticast mode [ 680.224152][T12981] bridge_slave_1: left promiscuous mode [ 680.250820][T12981] bridge0: port 2(bridge_slave_1) entered disabled state [ 680.273784][T12981] bridge_slave_0: left allmulticast mode [ 680.290603][T12981] bridge_slave_0: left promiscuous mode [ 680.296501][T12981] bridge0: port 1(bridge_slave_0) entered disabled state [ 681.415764][T12981] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 681.443190][T12981] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 681.469474][T12981] bond0 (unregistering): Released all slaves [ 681.554497][T16231] team0: Port device team_slave_0 added [ 681.606712][T16231] team0: Port device team_slave_1 added [ 681.749869][T16231] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 681.764580][T16231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 681.808924][T16231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 681.849681][T16231] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 681.875684][T16231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 681.903200][T16231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 682.029288][T14317] Bluetooth: hci3: command tx timeout [ 682.175476][T16231] hsr_slave_0: entered promiscuous mode [ 682.227913][T16231] hsr_slave_1: entered promiscuous mode [ 682.248824][T16231] debugfs: 'hsr0' already exists in 'hsr' [ 682.261988][T16231] Cannot create hsr debugfs directory [ 682.775708][T12981] hsr_slave_0: left promiscuous mode [ 682.819071][T12981] hsr_slave_1: left promiscuous mode [ 682.838763][T12981] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 682.853804][T12981] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 682.869483][T16328] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2367'. [ 682.884356][T12981] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 682.893574][T12981] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 682.954597][T16331] Line length is too long: Should be less than 4094 [ 682.982017][T12981] veth1_macvtap: left promiscuous mode [ 682.995015][T12981] veth0_macvtap: left promiscuous mode [ 683.007059][T12981] veth1_vlan: left promiscuous mode [ 683.021355][T12981] veth0_vlan: left promiscuous mode [ 683.927968][T12981] team0 (unregistering): Port device team_slave_1 removed [ 683.994470][T12981] team0 (unregistering): Port device team_slave_0 removed [ 684.109754][T14317] Bluetooth: hci3: command tx timeout [ 684.886098][T16349] FAULT_INJECTION: forcing a failure. [ 684.886098][T16349] name failslab, interval 1, probability 0, space 0, times 0 [ 684.914033][T16349] CPU: 1 UID: 0 PID: 16349 Comm: syz.4.2371 Tainted: G L syzkaller #0 PREEMPT(full) [ 684.914082][T16349] Tainted: [L]=SOFTLOCKUP [ 684.914093][T16349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 684.914111][T16349] Call Trace: [ 684.914122][T16349] [ 684.914134][T16349] dump_stack_lvl+0x16c/0x1f0 [ 684.914170][T16349] should_fail_ex+0x512/0x640 [ 684.914204][T16349] ? kmem_cache_alloc_noprof+0x62/0x770 [ 684.914246][T16349] should_failslab+0xc2/0x120 [ 684.914290][T16349] kmem_cache_alloc_noprof+0x83/0x770 [ 684.914326][T16349] ? __kernfs_new_node+0xd2/0x9b0 [ 684.914367][T16349] ? __kernfs_new_node+0xd2/0x9b0 [ 684.914398][T16349] __kernfs_new_node+0xd2/0x9b0 [ 684.914435][T16349] ? __pfx___kernfs_new_node+0x10/0x10 [ 684.914471][T16349] ? find_held_lock+0x2b/0x80 [ 684.914501][T16349] ? kernfs_root+0xee/0x2a0 [ 684.914534][T16349] kernfs_new_node+0x13c/0x1e0 [ 684.914579][T16349] __kernfs_create_file+0x53/0x350 [ 684.914604][T16349] sysfs_add_file_mode_ns+0x207/0x3c0 [ 684.914637][T16349] sysfs_merge_group+0x1aa/0x340 [ 684.914666][T16349] ? __pfx_sysfs_merge_group+0x10/0x10 [ 684.914700][T16349] ? __pfx_dev_add_physical_location+0x10/0x10 [ 684.914735][T16349] ? bus_to_subsys+0x131/0x160 [ 684.914764][T16349] dpm_sysfs_add+0x237/0x280 [ 684.914799][T16349] device_add+0x9cc/0x1980 [ 684.914835][T16349] ? __pfx_device_add+0x10/0x10 [ 684.914881][T16349] __add_disk+0x457/0xf00 [ 684.914914][T16349] ? find_held_lock+0x2b/0x80 [ 684.914945][T16349] add_disk_fwnode+0x3f8/0x5d0 [ 684.914982][T16349] zram_add+0x4bf/0x6f0 [ 684.915004][T16349] ? __pfx_zram_add+0x10/0x10 [ 684.915053][T16349] ? find_held_lock+0x2b/0x80 [ 684.915087][T16349] ? __pfx_hot_add_show+0x10/0x10 [ 684.915108][T16349] ? __pfx_class_attr_show+0x10/0x10 [ 684.915138][T16349] hot_add_show+0x21/0x80 [ 684.915160][T16349] class_attr_show+0x72/0xa0 [ 684.915192][T16349] sysfs_kf_seq_show+0x216/0x3e0 [ 684.915221][T16349] seq_read_iter+0x50e/0x12d0 [ 684.915266][T16349] kernfs_fop_read_iter+0x46c/0x610 [ 684.915300][T16349] ? rw_verify_area+0xcf/0x6c0 [ 684.915333][T16349] vfs_read+0x8bf/0xcf0 [ 684.915370][T16349] ? __pfx_vfs_read+0x10/0x10 [ 684.915424][T16349] ksys_read+0x12a/0x250 [ 684.915454][T16349] ? __pfx_ksys_read+0x10/0x10 [ 684.915496][T16349] do_syscall_64+0xcd/0xf80 [ 684.915520][T16349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 684.915542][T16349] RIP: 0033:0x7ff74278f7c9 [ 684.915569][T16349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 684.915591][T16349] RSP: 002b:00007ff74362f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 684.915612][T16349] RAX: ffffffffffffffda RBX: 00007ff7429e5fa0 RCX: 00007ff74278f7c9 [ 684.915628][T16349] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000005 [ 684.915642][T16349] RBP: 00007ff742813f91 R08: 0000000000000000 R09: 0000000000000000 [ 684.915656][T16349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 684.915670][T16349] R13: 00007ff7429e6038 R14: 00007ff7429e5fa0 R15: 00007ffd0a2137b8 [ 684.915704][T16349] [ 685.524749][T16356] FAULT_INJECTION: forcing a failure. [ 685.524749][T16356] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 685.544866][T16356] CPU: 1 UID: 0 PID: 16356 Comm: syz.3.2374 Tainted: G L syzkaller #0 PREEMPT(full) [ 685.544903][T16356] Tainted: [L]=SOFTLOCKUP [ 685.544912][T16356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 685.544926][T16356] Call Trace: [ 685.544935][T16356] [ 685.544944][T16356] dump_stack_lvl+0x16c/0x1f0 [ 685.544972][T16356] should_fail_ex+0x512/0x640 [ 685.545005][T16356] _copy_from_iter+0x2a4/0x16c0 [ 685.545041][T16356] ? __pfx__copy_from_iter+0x10/0x10 [ 685.545069][T16356] ? rcu_is_watching+0x12/0xc0 [ 685.545100][T16356] ? kfree+0x27d/0x6e0 [ 685.545124][T16356] ? file_tty_write.constprop.0+0x6f3/0x9b0 [ 685.545174][T16356] file_tty_write.constprop.0+0x487/0x9b0 [ 685.545227][T16356] vfs_write+0x7d3/0x11d0 [ 685.545265][T16356] ? __pfx_tty_write+0x10/0x10 [ 685.545305][T16356] ? __pfx_vfs_write+0x10/0x10 [ 685.545339][T16356] ? find_held_lock+0x2b/0x80 [ 685.545400][T16356] ksys_write+0x12a/0x250 [ 685.545435][T16356] ? __pfx_ksys_write+0x10/0x10 [ 685.545481][T16356] do_syscall_64+0xcd/0xf80 [ 685.545514][T16356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.545541][T16356] RIP: 0033:0x7f6a0398f7c9 [ 685.545565][T16356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.545590][T16356] RSP: 002b:00007f6a047fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 685.545616][T16356] RAX: ffffffffffffffda RBX: 00007f6a03be5fa0 RCX: 00007f6a0398f7c9 [ 685.545633][T16356] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 685.545650][T16356] RBP: 00007f6a047fc090 R08: 0000000000000000 R09: 0000000000000000 [ 685.545667][T16356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 685.545682][T16356] R13: 00007f6a03be6038 R14: 00007f6a03be5fa0 R15: 00007ffcda89e408 [ 685.545730][T16356] [ 685.946413][T16359] Process accounting resumed [ 686.129165][T16365] [U] [ 686.132033][T16365] [U] [ 686.134773][T16365] [U] [ 686.137515][T16365] [U] [ 686.177387][T16365] [U] [ 686.180140][T16365] [U] [ 686.182849][T16365] [U] [ 686.185556][T16365] [U] [ 686.188640][T14317] Bluetooth: hci3: command tx timeout [ 686.218356][T16365] [U] [ 686.221116][T16365] [U] [ 686.223855][T16365] [U] [ 686.226588][T16365] [U] [ 686.256530][T16365] [U] [ 686.259306][T16365] [U] [ 686.262040][T16365] [U] [ 686.264776][T16365] [U] [ 686.317280][T16365] [U] [ 686.372389][T16231] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 686.416313][T16231] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 686.468759][T16231] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 686.501328][T16231] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 686.924656][T16231] 8021q: adding VLAN 0 to HW filter on device bond0 [ 687.026562][T16231] 8021q: adding VLAN 0 to HW filter on device team0 [ 687.076410][T12979] bridge0: port 1(bridge_slave_0) entered blocking state [ 687.083585][T12979] bridge0: port 1(bridge_slave_0) entered forwarding state [ 687.135705][ T7996] bridge0: port 2(bridge_slave_1) entered blocking state [ 687.142918][ T7996] bridge0: port 2(bridge_slave_1) entered forwarding state [ 687.503639][T16382] binder: 16380:16382 ioctl 4018620d ffffffffffffffff returned -22 [ 687.946322][T16422] [U] [ 687.949164][T16422] [U] [ 687.951850][T16422] [U] [ 687.954534][T16422] [U] [ 688.007354][T16422] FAULT_INJECTION: forcing a failure. [ 688.007354][T16422] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 688.020926][T16422] CPU: 1 UID: 0 PID: 16422 Comm: syz.3.2384 Tainted: G L syzkaller #0 PREEMPT(full) [ 688.020968][T16422] Tainted: [L]=SOFTLOCKUP [ 688.020978][T16422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 688.020995][T16422] Call Trace: [ 688.021005][T16422] [ 688.021015][T16422] dump_stack_lvl+0x16c/0x1f0 [ 688.021050][T16422] should_fail_ex+0x512/0x640 [ 688.021089][T16422] _copy_from_iter+0x2a4/0x16c0 [ 688.021133][T16422] ? __pfx__copy_from_iter+0x10/0x10 [ 688.021177][T16422] ? __pfx___might_resched+0x10/0x10 [ 688.021224][T16422] file_tty_write.constprop.0+0x487/0x9b0 [ 688.021279][T16422] vfs_write+0x7d3/0x11d0 [ 688.021321][T16422] ? __pfx_tty_write+0x10/0x10 [ 688.021365][T16422] ? __pfx_vfs_write+0x10/0x10 [ 688.021401][T16422] ? find_held_lock+0x2b/0x80 [ 688.021473][T16422] ksys_write+0x12a/0x250 [ 688.021512][T16422] ? __pfx_ksys_write+0x10/0x10 [ 688.021565][T16422] do_syscall_64+0xcd/0xf80 [ 688.021597][T16422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.021624][T16422] RIP: 0033:0x7f6a0398f7c9 [ 688.021646][T16422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.021673][T16422] RSP: 002b:00007f6a047fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 688.021699][T16422] RAX: ffffffffffffffda RBX: 00007f6a03be5fa0 RCX: 00007f6a0398f7c9 [ 688.021717][T16422] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 688.021734][T16422] RBP: 00007f6a047fc090 R08: 0000000000000000 R09: 0000000000000000 [ 688.021752][T16422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 688.021768][T16422] R13: 00007f6a03be6038 R14: 00007f6a03be5fa0 R15: 00007ffcda89e408 [ 688.021810][T16422] [ 688.021861][T16422] [U] [ 688.223070][T16231] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 688.629461][T16231] veth0_vlan: entered promiscuous mode [ 688.672728][T16432] FAULT_INJECTION: forcing a failure. [ 688.672728][T16432] name failslab, interval 1, probability 0, space 0, times 0 [ 688.686953][T16432] CPU: 0 UID: 0 PID: 16432 Comm: syz.0.2387 Tainted: G L syzkaller #0 PREEMPT(full) [ 688.686997][T16432] Tainted: [L]=SOFTLOCKUP [ 688.687008][T16432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 688.687023][T16432] Call Trace: [ 688.687040][T16432] [ 688.687052][T16432] dump_stack_lvl+0x16c/0x1f0 [ 688.687087][T16432] should_fail_ex+0x512/0x640 [ 688.687120][T16432] ? kmem_cache_alloc_noprof+0x62/0x770 [ 688.687162][T16432] should_failslab+0xc2/0x120 [ 688.687207][T16432] kmem_cache_alloc_noprof+0x83/0x770 [ 688.687242][T16432] ? __kernfs_new_node+0xd2/0x9b0 [ 688.687286][T16432] ? __kernfs_new_node+0xd2/0x9b0 [ 688.687319][T16432] __kernfs_new_node+0xd2/0x9b0 [ 688.687358][T16432] ? __pfx___kernfs_new_node+0x10/0x10 [ 688.687404][T16432] ? find_held_lock+0x2b/0x80 [ 688.687455][T16432] ? kernfs_root+0xee/0x2a0 [ 688.687502][T16432] kernfs_new_node+0x13c/0x1e0 [ 688.687552][T16432] __kernfs_create_file+0x53/0x350 [ 688.687586][T16432] sysfs_add_file_mode_ns+0x207/0x3c0 [ 688.687631][T16432] internal_create_group+0x597/0xf70 [ 688.687679][T16432] ? __pfx_internal_create_group+0x10/0x10 [ 688.687722][T16432] ? kernfs_create_link+0x1bd/0x240 [ 688.687757][T16432] internal_create_groups+0x9d/0x150 [ 688.687798][T16432] device_add+0x6f7/0x1980 [ 688.687847][T16432] ? __pfx_device_add+0x10/0x10 [ 688.687890][T16432] ? lockdep_init_map_type+0x5c/0x270 [ 688.687919][T16432] ? __init_waitqueue_head+0xca/0x150 [ 688.687961][T16432] netdev_register_kobject+0x1a9/0x3d0 [ 688.687997][T16432] register_netdevice+0x13c1/0x21e0 [ 688.688043][T16432] ? __pfx_register_netdevice+0x10/0x10 [ 688.688092][T16432] ? __pfx_loopback_net_init+0x10/0x10 [ 688.688125][T16432] register_netdev+0x34/0x50 [ 688.688164][T16432] loopback_net_init+0x7a/0x170 [ 688.688199][T16432] ? __pfx_loopback_net_init+0x10/0x10 [ 688.688233][T16432] ops_init+0x1e2/0x5f0 [ 688.688277][T16432] setup_net+0x11d/0x3a0 [ 688.688320][T16432] ? __pfx_setup_net+0x10/0x10 [ 688.688359][T16432] ? lockdep_init_map_type+0x5c/0x270 [ 688.688388][T16432] ? mutex_init_lockep+0x110/0x150 [ 688.688421][T16432] copy_net_ns+0x351/0x7c0 [ 688.688464][T16432] create_new_namespaces+0x3ea/0xab0 [ 688.688514][T16432] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 688.688557][T16432] ksys_unshare+0x45b/0xa40 [ 688.688585][T16432] ? __pfx_ksys_unshare+0x10/0x10 [ 688.688614][T16432] ? xfd_validate_state+0x61/0x180 [ 688.688651][T16432] __x64_sys_unshare+0x31/0x40 [ 688.688678][T16432] do_syscall_64+0xcd/0xf80 [ 688.688708][T16432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.688738][T16432] RIP: 0033:0x7f5c25f8f7c9 [ 688.688764][T16432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.688794][T16432] RSP: 002b:00007f5c26db5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 688.688823][T16432] RAX: ffffffffffffffda RBX: 00007f5c261e5fa0 RCX: 00007f5c25f8f7c9 [ 688.688843][T16432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 688.688861][T16432] RBP: 00007f5c26013f91 R08: 0000000000000000 R09: 0000000000000000 [ 688.688880][T16432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 688.688897][T16432] R13: 00007f5c261e6038 R14: 00007f5c261e5fa0 R15: 00007fff3d4fc828 [ 688.688938][T16432] [ 689.043125][T16231] veth1_vlan: entered promiscuous mode [ 689.280517][T16231] veth0_macvtap: entered promiscuous mode [ 689.323685][T16231] veth1_macvtap: entered promiscuous mode [ 689.425008][T16231] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 689.448555][T16231] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 689.493520][T12974] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 689.547840][T12974] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 689.585662][T12974] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 689.632283][T12974] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 689.727781][T15113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 689.735626][T15113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 689.814120][T12974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 689.838187][T12974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 690.682966][T16483] [U] [ 690.685834][T16483] [U] [ 690.688550][T16483] [U] [ 690.691240][T16483] [U] [ 690.726360][T16483] [U] [ 690.729091][T16483] [U] [ 690.731785][T16483] [U] [ 690.734470][T16483] [U] [ 690.806556][T16483] [U] [ 690.809285][T16483] [U] [ 690.811975][T16483] [U] [ 690.814663][T16483] [U] [ 690.852672][T16483] [U] [ 690.855421][T16483] [U] [ 690.858119][T16483] [U] [ 690.860804][T16483] [U] [ 690.902846][T16483] [U] [ 690.905571][T16483] [U] [ 690.908286][T16483] [U] [ 690.910984][T16483] [U] [ 690.946323][T16483] [U] [ 690.949616][ T7992] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 690.964377][ T7992] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 690.972425][ T7992] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 690.980768][ T7992] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 691.007257][ T7992] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 691.156865][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.166092][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.536528][T12252] ------------[ cut here ]------------ [ 691.542085][T12252] ODEBUG: free active (active state 0) object: ffff888073abd460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 691.555013][T12252] WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0, CPU#0: syz.0.1421/12252 [ 691.565253][T12252] Modules linked in: [ 691.569493][T12252] CPU: 0 UID: 0 PID: 12252 Comm: syz.0.1421 Tainted: G L syzkaller #0 PREEMPT(full) [ 691.580819][T12252] Tainted: [L]=SOFTLOCKUP SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 691.585139][T12252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 691.596486][T12252] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 691.602962][T12252] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d d2 c3 df 0b 41 56 48 8b 14 dd 60 c6 f2 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 3c 4c d6 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 691.623588][T12252] RSP: 0018:ffffc9000497f698 EFLAGS: 00010246 [ 691.630411][T12252] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 691.638739][T12252] RDX: ffffffff8bf2c5a0 RSI: ffffffff8bf2c180 RDI: ffffffff9092a9e0 [ 691.646744][T12252] RBP: 0000000000000001 R08: ffff888073abd460 R09: ffffffff8b906c80 [ 691.654995][T12252] R10: ffffffff908901d7 R11: ffff88801ff4c830 R12: ffffffff8bf2c180 [ 691.663084][T12252] R13: ffffffff8b906cc0 R14: ffffffff8a7ec490 R15: ffffc9000497f798 [ 691.671521][T12252] FS: 0000000000000000(0000) GS:ffff8881248f6000(0000) knlGS:0000000000000000 [ 691.680950][T12252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 691.687614][T12252] CR2: 0000200000218000 CR3: 0000000075d20000 CR4: 00000000003526f0 [ 691.695617][T12252] Call Trace: [ 691.698967][T12252] [ 691.701928][T12252] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 691.707778][T12252] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 691.713611][T12252] debug_check_no_obj_freed+0x4b7/0x600 [ 691.720011][T12252] ? find_held_lock+0x2b/0x80 [ 691.724741][T12252] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 691.730962][T12252] ? __page_table_check_zero+0x2f2/0x4a0 [ 691.736611][T12252] ? __pfx___page_table_check_zero+0x10/0x10 [ 691.742639][T12252] __free_frozen_pages+0x31a/0x1170 [ 691.747900][T12252] hci_release_dev+0x4ef/0x640 [ 691.752675][T12252] ? __pfx_hci_release_dev+0x10/0x10 [ 691.758014][T12252] ? rcu_is_watching+0x12/0xc0 [ 691.762787][T12252] ? kfree+0x27d/0x6e0 [ 691.766859][T12252] bt_host_release+0x6a/0xb0 [ 691.771730][T12252] ? __pfx_bt_host_release+0x10/0x10 [ 691.777432][T12252] device_release+0xa4/0x240 [ 691.782024][T12252] kobject_put+0x1ef/0x6f0 [ 691.786440][T12252] put_device+0x1f/0x30 [ 691.791088][T12252] vhci_release+0x185/0x230 [ 691.795594][T12252] ? __pfx_vhci_release+0x10/0x10 [ 691.800652][T12252] __fput+0x402/0xb70 [ 691.804646][T12252] task_work_run+0x150/0x240 [ 691.809477][T12252] ? __pfx_task_work_run+0x10/0x10 [ 691.814595][T12252] do_exit+0x87f/0x2bd0 [ 691.818976][T12252] ? __pfx_do_exit+0x10/0x10 [ 691.823686][T12252] ? cgroup_update_frozen_flag+0x107/0x210 [ 691.829646][T12252] ? find_held_lock+0x2b/0x80 [ 691.834333][T12252] do_group_exit+0xd3/0x2a0 [ 691.838884][T12252] get_signal+0x2671/0x26d0 [ 691.843405][T12252] ? __pfx_get_signal+0x10/0x10 [ 691.848291][T12252] ? __lock_acquire+0x436/0x2890 [ 691.853226][T12252] arch_do_signal_or_restart+0x8f/0x7a0 [ 691.858809][T12252] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 691.864973][T12252] ? do_raw_spin_lock+0x12c/0x2b0 [ 691.870074][T12252] exit_to_user_mode_loop+0x8c/0x540 [ 691.875365][T12252] ret_from_fork+0x79d/0xb10 [ 691.880232][T12252] ? __pfx_ret_from_fork+0x10/0x10 [ 691.885345][T12252] ? rcu_is_watching+0x12/0xc0 [ 691.890336][T12252] ? __switch_to+0x7af/0x10d0 [ 691.895021][T12252] ret_from_fork_asm+0x1a/0x30 [ 691.899837][T12252] [ 691.902855][T12252] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 691.910128][T12252] CPU: 0 UID: 0 PID: 12252 Comm: syz.0.1421 Tainted: G L syzkaller #0 PREEMPT(full) [ 691.921060][T12252] Tainted: [L]=SOFTLOCKUP [ 691.925373][T12252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 691.935423][T12252] Call Trace: [ 691.938695][T12252] [ 691.941620][T12252] dump_stack_lvl+0x3d/0x1f0 [ 691.946207][T12252] vpanic+0x640/0x6f0 [ 691.950184][T12252] ? debug_print_object+0x18e/0x2a0 [ 691.955386][T12252] panic+0xca/0xd0 [ 691.959107][T12252] ? __pfx_panic+0x10/0x10 [ 691.963529][T12252] ? check_panic_on_warn+0x1f/0xb0 [ 691.968635][T12252] check_panic_on_warn+0xab/0xb0 [ 691.973568][T12252] __warn+0x108/0x3c0 [ 691.977549][T12252] __report_bug+0x2a0/0x520 [ 691.982054][T12252] ? debug_print_object+0x18e/0x2a0 [ 691.987257][T12252] ? __pfx___report_bug+0x10/0x10 [ 691.992287][T12252] ? __lock_acquire+0x436/0x2890 [ 691.997223][T12252] report_bug_entry+0xe1/0x290 [ 692.001991][T12252] ? debug_print_object+0x19b/0x2a0 [ 692.007194][T12252] handle_bug+0x18a/0x260 [ 692.011521][T12252] exc_invalid_op+0x17/0x50 [ 692.016018][T12252] asm_exc_invalid_op+0x1a/0x20 [ 692.020865][T12252] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 692.026677][T12252] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d d2 c3 df 0b 41 56 48 8b 14 dd 60 c6 f2 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 3c 4c d6 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 692.046279][T12252] RSP: 0018:ffffc9000497f698 EFLAGS: 00010246 [ 692.052342][T12252] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 692.060309][T12252] RDX: ffffffff8bf2c5a0 RSI: ffffffff8bf2c180 RDI: ffffffff9092a9e0 [ 692.068276][T12252] RBP: 0000000000000001 R08: ffff888073abd460 R09: ffffffff8b906c80 [ 692.076241][T12252] R10: ffffffff908901d7 R11: ffff88801ff4c830 R12: ffffffff8bf2c180 [ 692.084205][T12252] R13: ffffffff8b906cc0 R14: ffffffff8a7ec490 R15: ffffc9000497f798 [ 692.092170][T12252] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 692.097642][T12252] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 692.103109][T12252] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 692.108922][T12252] debug_check_no_obj_freed+0x4b7/0x600 [ 692.114463][T12252] ? find_held_lock+0x2b/0x80 [ 692.119142][T12252] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 692.125205][T12252] ? __page_table_check_zero+0x2f2/0x4a0 [ 692.130840][T12252] ? __pfx___page_table_check_zero+0x10/0x10 [ 692.136830][T12252] __free_frozen_pages+0x31a/0x1170 [ 692.142032][T12252] hci_release_dev+0x4ef/0x640 [ 692.146800][T12252] ? __pfx_hci_release_dev+0x10/0x10 [ 692.152086][T12252] ? rcu_is_watching+0x12/0xc0 [ 692.156854][T12252] ? kfree+0x27d/0x6e0 [ 692.160921][T12252] bt_host_release+0x6a/0xb0 [ 692.165506][T12252] ? __pfx_bt_host_release+0x10/0x10 [ 692.170795][T12252] device_release+0xa4/0x240 [ 692.175382][T12252] kobject_put+0x1ef/0x6f0 [ 692.179800][T12252] put_device+0x1f/0x30 [ 692.183949][T12252] vhci_release+0x185/0x230 [ 692.188450][T12252] ? __pfx_vhci_release+0x10/0x10 [ 692.193473][T12252] __fput+0x402/0xb70 [ 692.197455][T12252] task_work_run+0x150/0x240 [ 692.202043][T12252] ? __pfx_task_work_run+0x10/0x10 [ 692.207163][T12252] do_exit+0x87f/0x2bd0 [ 692.211320][T12252] ? __pfx_do_exit+0x10/0x10 [ 692.215917][T12252] ? cgroup_update_frozen_flag+0x107/0x210 [ 692.221721][T12252] ? find_held_lock+0x2b/0x80 [ 692.226401][T12252] do_group_exit+0xd3/0x2a0 [ 692.230901][T12252] get_signal+0x2671/0x26d0 [ 692.235411][T12252] ? __pfx_get_signal+0x10/0x10 [ 692.240262][T12252] ? __lock_acquire+0x436/0x2890 [ 692.245268][T12252] arch_do_signal_or_restart+0x8f/0x7a0 [ 692.250816][T12252] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 692.256978][T12252] ? do_raw_spin_lock+0x12c/0x2b0 [ 692.262013][T12252] exit_to_user_mode_loop+0x8c/0x540 [ 692.267300][T12252] ret_from_fork+0x79d/0xb10 [ 692.271889][T12252] ? __pfx_ret_from_fork+0x10/0x10 [ 692.277006][T12252] ? rcu_is_watching+0x12/0xc0 [ 692.281787][T12252] ? __switch_to+0x7af/0x10d0 [ 692.286475][T12252] ret_from_fork_asm+0x1a/0x30 [ 692.291251][T12252] [ 692.294650][T12252] Kernel Offset: disabled [ 692.298971][T12252] Rebooting in 86400 seconds..