last executing test programs: 2m20.369651799s ago: executing program 2 (id=546): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r1, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) msgctl$auto_MSG_INFO(0x4b, 0xc, 0x0) prctl$auto(0x1, 0x8, 0x0, 0x3a, 0x1) 2m19.342103961s ago: executing program 2 (id=549): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) ptrace$auto(0x6, 0x1, 0x3, 0x180000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048004) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x4001, 0x0) mmap$auto(0x8, 0x2, 0xdf, 0xeb1, 0x401, 0x3) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r2, &(0x7f00000020c0)=""/4093, 0xffd) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.0/usb1/avoid_reset_quirk\x00', 0x68006, 0x0) read$auto(r3, 0x0, 0x20) madvise$auto(0x0, 0x200007, 0x19) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) sendmsg$auto_NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)={0x114, r4, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_MLO_SUPPORT={0x4}, @NL80211_ATTR_CSA_IES={0xca, 0xb9, 0x0, 0x1, [@generic='0', @generic="add7d9a228c331c7e9b4cba691c232d59cce35990055c7278437823621e528833e4226bb0185e561c7591eaf5e15776a054976e26bbd23c084e15fbfaf18fb59f845b317e8f7cde3015aba1119e4102bef9991ae2caf802a02bbf0a49864a4c2ab386c9cd5afa3d5facd9f1da63712497e8f23109c6f8624fbc6425fbff8112a11c2052e6610489e61e07793d98c6d909f019ea0ea69476924324d3ce1f47731bb04f922df1de16f0099e2aa452bfaf60089eb736657bf5627d30ee98972135e01", @nested={0x4, 0x12c}]}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x10, 0x6e, 0x0, 0x1, [@nested={0xc, 0x12e, 0x0, 0x1, [@typed={0x8, 0x129, 0x0, 0x0, @pid}]}]}, @NL80211_ATTR_MAC_MASK={0x13, 0xd7, "d21c5d1106df492eed082ee571aaa9"}, @NL80211_ATTR_CNTDWN_OFFS_BEACON={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x8}]}, 0x114}, 0x1, 0x0, 0x0, 0x8040}, 0x40) socketpair$auto(0x3, 0x5, 0x7, 0x0) 2m17.543877692s ago: executing program 2 (id=554): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/cifsFYI\x00', 0x40c01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/net/bond0/queues/tx-6/tx_timeout\x00', 0x2440, 0x0) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x900, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/current_tracer\x00', 0x40, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000900)='/proc/sys/kernel/pid_max\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0xe0282, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/io\x00', 0x180780, 0x0) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0x3000000000000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r0) 2m17.213081548s ago: executing program 2 (id=556): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r0 = ioctl$auto_TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000240)=0x802) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_FLUSH(r1, &(0x7f00000024c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000026c0)=ANY=[@ANYBLOB='Z\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000ffdbdf2511000000"], 0x14}}, 0x4000000) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="040028bd7000ffdbdf25040000fc09dac0ce0702a4b5"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20001090) close_range$auto(0x2, 0x8, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) clock_nanosleep$auto(0x2, 0x6, &(0x7f0000000840)={0x0, 0xc025}, 0x0) readv$auto(0x3, 0x0, 0x1) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x131200, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) r4 = open_by_handle_at$auto(r3, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) read$auto(r4, 0x0, 0x401) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) 2m16.188827656s ago: executing program 2 (id=560): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x80000, 0xb) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/ext4/sda1/mb_min_to_scan\x00', 0x88282, 0x0) ioctl$auto_BLKSECTGET(0xffffffffffffffff, 0x1267, 0x0) sendfile$auto(r0, r0, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0x149182, 0x0) r3 = openat$auto_trace_time_stamp_mode_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/timestamp_mode\x00', 0x200, 0x0) read$auto_trace_time_stamp_mode_fops_trace(r3, &(0x7f00000000c0)=""/45, 0x2d) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/workqueue/parameters/default_affinity_scope\x00', 0x1a9242, 0x0) sendfile$auto(r4, r4, 0x0, 0x5) mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r1, 0x0) mincore$auto(0x1000, 0x8001, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb2, 0xfffffffffffffffa, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000001700)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189082, 0x0) write$auto(r6, 0x0, 0x7) pread64$auto(r6, 0x0, 0x3, 0x5) r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) setsockopt$auto_SO_ATTACH_REUSEPORT_EBPF(r4, 0x0, 0x34, &(0x7f0000000100)='/sys/module/zswap/parameters/compressor\x00', 0xffff) sendmsg$auto_TIPC_NL_KEY_SET(r5, &(0x7f0000001fc0)={0x0, 0x0, &(0x7f0000001f80)={&(0x7f00000000c0)=ANY=[@ANYBLOB="18543219da1221a92b8ad8000000", @ANYRES16=r7, @ANYBLOB="010028bd7000fedbdf251700000004000680"], 0x18}, 0x1, 0x0, 0x0, 0x80}, 0xe040) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) r8 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy1/aql_txq_limit\x00', 0x822, 0x0) write$auto(r8, 0x0, 0xa50f) 2m15.600547614s ago: executing program 2 (id=562): r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x781443, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/pcm0c/sub6/sw_params\x00', 0x0, 0x0) openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim1/ports/2/ipsec\x00', 0x202081, 0x0) lseek$auto(r0, 0x401, 0xeffffffe) writev$auto(r1, &(0x7f0000000200)={0x0, 0xa}, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = set_tid_address$auto(0x0) syz_open_procfs$namespace(r2, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/locals\x00', 0x40, 0x0) pread64$auto(r3, 0x0, 0x200000000003, 0x2f4a3a23) r4 = socket(0x1d, 0x2, 0x6) r5 = io_uring_setup$auto(0x6, 0x0) read$auto(0xffffffffffffffff, 0x0, 0xea) socket(0xb877d7ae5150abdb, 0x3, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0xf}, 0x1, 0x0) semctl$auto(0x0, 0x7, 0x27, 0x2) renameat2$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4000) socket(0x2a, 0x2, 0x0) socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r4, 0x110, 0x5, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r5, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x310, 0x0) ustat$auto(0x801, 0x0) epoll_create$auto(0x4) 2m0.43755214s ago: executing program 32 (id=562): r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x781443, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/pcm0c/sub6/sw_params\x00', 0x0, 0x0) openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim1/ports/2/ipsec\x00', 0x202081, 0x0) lseek$auto(r0, 0x401, 0xeffffffe) writev$auto(r1, &(0x7f0000000200)={0x0, 0xa}, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = set_tid_address$auto(0x0) syz_open_procfs$namespace(r2, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/locals\x00', 0x40, 0x0) pread64$auto(r3, 0x0, 0x200000000003, 0x2f4a3a23) r4 = socket(0x1d, 0x2, 0x6) r5 = io_uring_setup$auto(0x6, 0x0) read$auto(0xffffffffffffffff, 0x0, 0xea) socket(0xb877d7ae5150abdb, 0x3, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0xf}, 0x1, 0x0) semctl$auto(0x0, 0x7, 0x27, 0x2) renameat2$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4000) socket(0x2a, 0x2, 0x0) socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r4, 0x110, 0x5, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r5, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x310, 0x0) ustat$auto(0x801, 0x0) epoll_create$auto(0x4) 1m55.03168743s ago: executing program 1 (id=624): timer_create$auto(0x9, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000300)={0x28020400, 0x0, 0x0, 0x0, {0x35}, 0x0, 0x0, 0x0, 0x0}, 0x58) read$auto(0x3, 0x0, 0x8080) timerfd_create$auto(0x7, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = io_uring_setup$auto(0xa, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/vm/dirty_writeback_centisecs\x00', 0xb02, 0x0) sendfile$auto(r1, r1, 0x0, 0x1) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffe}, 0x1) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x0) unshare$auto(0x40000080) connect$auto(0xffffffffffffffff, 0x0, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x40000, 0x0) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2800, 0x0) ioctl$auto_EVIOCGRAB(r2, 0x40044590, &(0x7f0000000000)=0x5) ioctl$auto_EVIOCGMASK(r3, 0x80104592, &(0x7f0000000140)={0x4, 0x800005, 0x400007}) ioctl$auto_SNDRV_PCM_IOCTL_REWIND2(r0, 0x40084146, &(0x7f0000000100)=0x8) close_range$auto(0x2, 0x8, 0x0) setfsuid$auto(0xee00) r4 = setfsuid$auto(0xee00) r5 = setfsuid$auto(0xee01) setresuid$auto(r4, r5, r4) 1m53.857927794s ago: executing program 1 (id=629): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r1, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) msgctl$auto_MSG_INFO(0x4b, 0xc, 0x0) prctl$auto(0x1, 0x8, 0x0, 0x3a, 0x1) 1m52.007499112s ago: executing program 1 (id=631): r0 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000000), 0x80101, 0x0) socket(0x25, 0x1, 0x0) write$auto_split_huge_pages_fops_huge_memory(r0, &(0x7f0000000040)="2f9143327f204f9127bd0c494bb2f75e31ed950d27740ce92a30e0e11bc8194405a0e11688c0cd430e1910af85020ee71b5282", 0x33) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x40a40, 0x0) readv$auto(0x3, &(0x7f0000000280)={0x0, 0xf7}, 0x87) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) listen$auto(0x3, 0x83) getrandom$auto(0x0, 0x6000000, 0x3) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x3, 0x1, 0x31, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x0) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendmsg$auto_SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) read$auto(r1, 0x0, 0x1) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) r3 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r3, &(0x7f0000000180)=""/61, 0xfffffeeb) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0) pread64$auto(r4, 0x0, 0x68, 0x10005) 1m50.822825677s ago: executing program 1 (id=633): mmap$auto(0x100000000000, 0x2000b, 0xdd, 0xeb1, 0xffffffffffffffff, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0xffff}, 0x5, 0x20000043) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fadvise64$auto_POSIX_FADV_NORMAL(0xffffffffffffffff, 0x7, 0xd, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) read$auto(0x3, 0x0, 0x8080) shutdown$auto(0x200000003, 0x2) r1 = bpf$auto(0x0, 0x0, 0x6f3) socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_ioam6(0x0, r1) unshare$auto(0x40000080) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r2, 0x0, 0x40) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty58\x00', 0x800, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'macsec0\x00', 0x0}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="20002abd7000fedbdf250500000008000500050000000500060008000000740001800800030007000000080003000600", @ANYBLOB="140002006e7230000000000000000000000000001b00020073797a5f74756e000000000000000000080001", @ANYRES32=r4, @ANYBLOB="1400020069705f7674693000000000000000000014000200766574683000000000000000000000000500070004000000050002000c000000000007000d000000"], 0xb0}, 0x1, 0x0, 0x0, 0x4000005}, 0x4000) 1m50.288776969s ago: executing program 1 (id=634): mmap$auto(0x0, 0x2, 0x6, 0x10, 0x401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xef1, 0xffffffffffffffff, 0x8000) r0 = epoll_create$auto(0x7) r1 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r1, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x82000000) epoll_wait$auto(r0, 0x0, 0xe007, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/binderfs/binder0\x00', 0x0, 0x0) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r2, 0xc018620c, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) socket(0x1d, 0x1, 0x7fff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00\xd6I\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xa8\xd3D\xd6O\xffmU\x03\xbcK\x86\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x8e\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\x00\x00\x00\x00\x00\x00', 0x100000a3d9) ioprio_set$auto(0x81b, 0xff, 0xffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={0x0, 0x1000}, 0x3) 1m48.601350239s ago: executing program 1 (id=639): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=@bpf_attr_3={0x2b, 0xffff, 0x6, 0x5, 0x9, 0x21, 0x7efe, 0x8, 0xd, "9cb752c613de1e128a360e822228879b", 0x0, 0xd0, 0xffffffffffffffff, 0x200, 0x0, 0x3, 0x8, 0x9, 0x6, 0x2, @attach_prog_fd, 0x0, 0x3, 0x5b, 0x6, 0x6}, 0x40) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = open(0x0, 0x161342, 0x100) write$auto(r2, &(0x7f0000000000)='}\x00', 0x5) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000) close_range$auto(0x2, 0x8, 0x0) r3 = memfd_create$auto(0x0, 0xe) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r4, &(0x7f0000000180)='\x05\x00\x00\x00', 0x80000005) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(r3, 0xc0385868, &(0x7f0000000400)={r3, &(0x7f0000000240)="c099d4f256158c5b4b5d36e15687a9109c95538bdfd31f53bfc13156bb095ef179306bd35f514b7fd0e8f264772180a1003cb7c8ed16ebaa69dbcfe4e6e87f3252f3b3ba79354a5b2926f3cba5efb2f7b6fdba6a46ccf3ae4dd94e457105e25abcb3da080c37f4f68f5ff2e8f8759346d6c96cdd", 0x401, &(0x7f00000002c0)="1a8bceabafbb25d08f652c687c1f388ca9973a14723e848afc3fc44fd9cc23a4b89603b12d88063ffdd227ea32de58512be579d684d96b72a1580da5bf23aabbacbf103c2de01932583065382c323efc52d235b2d34869f90489fde45960c1c17a305669a2a0b6c1d3e82ecbe2789fae09ec6bc6c1ad40785e5a3328f48459ff3ef2b49519aa6bbff29d2abd049762df05cf8317", 0xffffffff, &(0x7f0000000380)="723ec7b05c47aef595a509fa998c191b8582c5c30bc45e3b0ac2ade296bc0d3e519f8f95dca1f5f03b92c9b8770b796f472642b4cfcb3d03e460c788a47c94e7", &(0x7f00000003c0)=0x9}) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r5, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000200)={0x14, r6, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) r7 = syz_genetlink_get_family_id$auto_handshake(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)={0x14, r7, 0x1, 0x70bd27, 0x25dfdc00}, 0x14}, 0x1, 0x0, 0x0, 0x4002040}, 0x2004881c) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r9 = fcntl$getown(r0, 0x9) prctl$auto(0x2, 0x3, r9, 0xae0d, 0xffffffffffffffff) write$auto(r8, 0x0, 0x8ed) socket(0x26, 0x3, 0x4) 1m33.327095075s ago: executing program 33 (id=639): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=@bpf_attr_3={0x2b, 0xffff, 0x6, 0x5, 0x9, 0x21, 0x7efe, 0x8, 0xd, "9cb752c613de1e128a360e822228879b", 0x0, 0xd0, 0xffffffffffffffff, 0x200, 0x0, 0x3, 0x8, 0x9, 0x6, 0x2, @attach_prog_fd, 0x0, 0x3, 0x5b, 0x6, 0x6}, 0x40) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = open(0x0, 0x161342, 0x100) write$auto(r2, &(0x7f0000000000)='}\x00', 0x5) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000) close_range$auto(0x2, 0x8, 0x0) r3 = memfd_create$auto(0x0, 0xe) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r4, &(0x7f0000000180)='\x05\x00\x00\x00', 0x80000005) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(r3, 0xc0385868, &(0x7f0000000400)={r3, &(0x7f0000000240)="c099d4f256158c5b4b5d36e15687a9109c95538bdfd31f53bfc13156bb095ef179306bd35f514b7fd0e8f264772180a1003cb7c8ed16ebaa69dbcfe4e6e87f3252f3b3ba79354a5b2926f3cba5efb2f7b6fdba6a46ccf3ae4dd94e457105e25abcb3da080c37f4f68f5ff2e8f8759346d6c96cdd", 0x401, &(0x7f00000002c0)="1a8bceabafbb25d08f652c687c1f388ca9973a14723e848afc3fc44fd9cc23a4b89603b12d88063ffdd227ea32de58512be579d684d96b72a1580da5bf23aabbacbf103c2de01932583065382c323efc52d235b2d34869f90489fde45960c1c17a305669a2a0b6c1d3e82ecbe2789fae09ec6bc6c1ad40785e5a3328f48459ff3ef2b49519aa6bbff29d2abd049762df05cf8317", 0xffffffff, &(0x7f0000000380)="723ec7b05c47aef595a509fa998c191b8582c5c30bc45e3b0ac2ade296bc0d3e519f8f95dca1f5f03b92c9b8770b796f472642b4cfcb3d03e460c788a47c94e7", &(0x7f00000003c0)=0x9}) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r5, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000200)={0x14, r6, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) r7 = syz_genetlink_get_family_id$auto_handshake(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)={0x14, r7, 0x1, 0x70bd27, 0x25dfdc00}, 0x14}, 0x1, 0x0, 0x0, 0x4002040}, 0x2004881c) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r9 = fcntl$getown(r0, 0x9) prctl$auto(0x2, 0x3, r9, 0xae0d, 0xffffffffffffffff) write$auto(r8, 0x0, 0x8ed) socket(0x26, 0x3, 0x4) 1m30.88524128s ago: executing program 5 (id=677): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES16=r1, @ANYBLOB=' \x00\''], 0x1ac}}, 0x40885) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb1\x00', 0x841, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x703442, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x84401, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f0000000180)="0a1b9a5c7d00006e163bb154d7886d8edeea371cadb848770dc8f745d1c76eedba12b9f694dabdbcf3401910000000000060000023b5d40a", 0x38) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/radio8\x00', 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x0, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x4015f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x8, 0x8]}, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fa, 0x4020000000007, 0x1, 0xbc1, 0x7fe, 0x3, 0x8, 0x10001, 0x400000000003, 0x5, 0x8, 0xfffffffffffffffd, 0x20000000000004, 0x9, 0xfffffffffffdff81, 0x400003]}, 0x0) socket(0x11, 0x0, 0x302) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/filesystems\x00', 0x2, 0x0) read$auto_proc_iter_file_ops_compat_inode(r3, &(0x7f0000000280)=""/144, 0x90) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x4000481}, 0x4) socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0) 1m29.70954704s ago: executing program 5 (id=680): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d}) ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0) mmap$auto(0x9, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x5, 0x4, 0xc) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) mmap$auto(0x1002, 0xc, 0x4, 0x200000eb0, 0x401, 0x705cf82a) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x1000000d, 0x0, 0x0, 0x0, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) getpid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r1, 0x0, 0xfffffdf1) linkat$auto(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) utimes$auto(&(0x7f00000000c0)=':,\x00', 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x8) ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0) 1m27.531865266s ago: executing program 5 (id=682): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x80000007, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) read$auto(r0, 0x0, 0x1) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0xc800) r1 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x40482, 0x0) writev$auto(r1, &(0x7f0000000000)={&(0x7f0000000000), 0x4}, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = fanotify_init$auto(0x6, 0x2) sendmsg$auto_GTP_CMD_ECHOREQ(r2, 0x0, 0x8840) dup2$auto(0x5, 0x4) fsync$auto(0xffffffffffffffff) mmap$auto(0x1ff, 0x6, 0xfffffffffffffffe, 0x40eb4, r1, 0x307fffffffff) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r3, 0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x102, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r5, 0x0, 0x81) bpf$auto(0x0, 0x0, 0x6f0) sendmmsg$auto(r4, 0x0, 0x8, 0xe4) write$auto(0x3, 0x0, 0xfffffdef) 1m26.940670588s ago: executing program 5 (id=685): mmap$auto(0x100000000000, 0x2000b, 0xdd, 0xeb1, 0xffffffffffffffff, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fadvise64$auto_POSIX_FADV_NORMAL(0xffffffffffffffff, 0x7, 0xd, 0x0) fcntl$auto(0x3, 0x4, 0xa553) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) read$auto(0x3, 0x0, 0x8080) shutdown$auto(0x200000003, 0x2) r0 = bpf$auto(0x0, 0x0, 0x6f3) socket(0xa, 0x2, 0x88) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_ioam6(0x0, r0) unshare$auto(0x40000080) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r1, 0x0, 0x40) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty58\x00', 0x800, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'macsec0\x00', 0x0}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="20002abd7000fedbdf250500000008000500050000000500060008000000740001800800030007000000080003000600", @ANYBLOB="140002006e7230000000000000000000000000001b00020073797a5f74756e000000000000000000080001", @ANYRES32=r3, @ANYBLOB="1400020069705f7674693000000000000000000014000200766574683000000000000000000000000500070004000000050002000c000000000007000d000000"], 0xb0}, 0x1, 0x0, 0x0, 0x4000005}, 0x4000) 1m26.455599864s ago: executing program 5 (id=686): syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000680), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x123040, 0x0) ioctl$auto(r1, 0x80004536, r1) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder1\x00', 0x80200, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/v4l-touch14\x00', 0x200, 0x0) mmap$auto(0x7, 0x4, 0xdc, 0x9b72, r0, 0x100000000) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb5, r2, 0x0) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r3, 0x0, 0x7) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0xd}, 0x3) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_KVM_GET_MSRS(r5, 0xc008ae88, 0x0) r6 = socketpair$auto(0x3, 0x3, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) process_madvise$auto_MADV_DOFORK(r6, 0x0, 0x3, 0xb, 0x6) open(0x0, 0x22240, 0x55) socket(0x21, 0x2, 0xa) write$auto(0x3, 0x0, 0x8100) r7 = socket(0x2000000000000021, 0x2, 0x10000000000002) write$auto(r7, 0x0, 0x2) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 1m11.31931951s ago: executing program 34 (id=686): syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000680), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), r0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x123040, 0x0) ioctl$auto(r1, 0x80004536, r1) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder1\x00', 0x80200, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/v4l-touch14\x00', 0x200, 0x0) mmap$auto(0x7, 0x4, 0xdc, 0x9b72, r0, 0x100000000) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb5, r2, 0x0) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r3, 0x0, 0x7) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0xd}, 0x3) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_KVM_GET_MSRS(r5, 0xc008ae88, 0x0) r6 = socketpair$auto(0x3, 0x3, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) process_madvise$auto_MADV_DOFORK(r6, 0x0, 0x3, 0xb, 0x6) open(0x0, 0x22240, 0x55) socket(0x21, 0x2, 0xa) write$auto(0x3, 0x0, 0x8100) r7 = socket(0x2000000000000021, 0x2, 0x10000000000002) write$auto(r7, 0x0, 0x2) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 9.111874161s ago: executing program 4 (id=903): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x55) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0x20000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000e80)=""/206, 0xce) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) read$auto(r0, &(0x7f0000000000)='\x00', 0x91e2) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) getrandom$auto(0x0, 0x7fffffffffffffff, 0x1) r2 = socket(0xa, 0x1, 0x84) setsockopt$auto(r2, 0x0, 0x60, 0x0, 0x6f7250c4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x4000000, 0x5}, 0x7ffc}, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000002980), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_STATUS(r3, &(0x7f0000002a40)={0x0, 0x0, &(0x7f0000002a00)={&(0x7f00000029c0)={0x1c, r4, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0xffffffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x400c0c4) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)={0x44, r4, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_BACKEND_IDENTIFIER={0xc, 0xa, 'nl80211\x00'}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x6}]}, 0x44}}, 0x20000000) r5 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r5, 0x29, 0xd0, 0x0, 0x0) 8.245860173s ago: executing program 0 (id=912): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) write$auto(r0, 0x0, 0x2) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snd/controlC2\x00', 0x400, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)=';') pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) 8.014044424s ago: executing program 4 (id=905): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000100)={0x2, 0x0, 0x5f, 0x4, 0x0, 0x9, 0xeb8e, 0x0, @number_of_packets=0xfffffff7, 0x7, 0x800476, 0x0}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty42\x00', 0x40741, 0x0) ioctl$auto(0x3, 0x402c542d, r1) write$auto(0x3, 0x0, 0xfffffdef) r2 = syz_open_procfs$namespace(0xffffffffffffffff, 0x0) ioctl$NS_GET_PARENT(r2, 0xb701, 0x0) close_range$auto(0x2, 0x8, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = setfsuid$auto(0xee00) setresuid$auto(r3, 0x0, r3) mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x560e, r4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) 7.222259052s ago: executing program 6 (id=906): mmap$auto(0x0, 0x6, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) prctl$auto(0x1000000003b, 0x100001, 0x4, 0x80a, 0x6) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) ioctl$auto_UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000080)={0x130, 0x8, 0x10001}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) write$auto_proc_mem_operations_base(r0, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/loop9/hctx0/sched_tags_bitmap\x00', 0x101a00, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) mmap$auto(0xfffffffffffffffe, 0x3, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8040) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x4c02, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f0000000340)=""/179, 0xb3) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2900, 0x0) read$auto(r5, 0x0, 0x7) acct$auto(&(0x7f0000000000)='/dev/tty\x00`Mx\x9d\xfa\xb3\x1f\xc6k\x01\x13\x9b\x15[\xf7\xaan\x1fOgo\xbb(\xcbx\x9bJ\x91*\xa5a\x02\xf3\x1b\x9d\xddy\xef\xee\xe4h\xd5\nH\x80\x8a\xd7Y\xb8\xcb\x90') socket(0x2, 0x2, 0x0) 6.738907192s ago: executing program 6 (id=907): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) sysfs$auto(0x2, 0x4, 0x0) r0 = socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0x12, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x2c, 0x3, 0x0) bind$auto(r1, &(0x7f0000000080)=@xdp={0x2c, 0xc, 0x0, 0x1c}, 0x6b) setsockopt$auto_SO_BROADCAST(r1, 0x5, 0x6, 0x0, 0x74) r2 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r2, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "01e983638bffff4993021400"}, 0x17) socket(0x18, 0x3, 0x2) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x8fb5) fcntl$auto(0x0, 0x408, 0x100000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x400, 0x7ff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 6.738466698s ago: executing program 4 (id=908): socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x4003, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) madvise$auto(0x0, 0x200007, 0x19) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) connect$auto(0xffffffffffffffff, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680), 0x0) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x5, 0x4, 0xa) futex_wake$auto(&(0x7f0000000000)="facff2b53ab3522cb329b5a87bdbc091f5a6ad597f2789e870d64db4cf6503135f5a750abc973b65703b664991ab45d13445d9c4df1d25210345f44468854c9689b943d1c65073bf11fd0c98fb48f9f4d67c0908e74701", 0xfffffffffffffff8, 0xfff, 0x7f) sysfs$auto(0x2, 0x20, 0x0) shmget$auto(0x8, 0x10563, 0x568d1af2) 6.735251593s ago: executing program 3 (id=909): mmap$auto(0x100000000000, 0x2000b, 0xdd, 0xeb1, 0xffffffffffffffff, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0xffff}, 0x5, 0x20000043) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fadvise64$auto_POSIX_FADV_NORMAL(0xffffffffffffffff, 0x7, 0xd, 0x0) fcntl$auto(0x3, 0x4, 0xa553) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) read$auto(0x3, 0x0, 0x8080) shutdown$auto(0x200000003, 0x2) r1 = bpf$auto(0x0, 0x0, 0x6f3) socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_ioam6(0x0, r1) unshare$auto(0x40000080) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r2, 0x0, 0x40) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'macsec0\x00', 0x0}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="20002abd7000fedbdf250500000008000500050000000500060008000000740001800800030007000000080003000600", @ANYBLOB="140002006e7230000000000000000000000000001b00020073797a5f74756e000000000000000000080001", @ANYRES32=r4, @ANYBLOB="1400020069705f7674693000000000000000000014000200766574683000000000000000000000000500070004000000050002000c000000000007000d000000"], 0xb0}, 0x1, 0x0, 0x0, 0x4000005}, 0x4000) 6.381768468s ago: executing program 3 (id=910): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) read$auto(0x3, 0x0, 0x8080) unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x20) bind$auto(0x3, 0x0, 0x6a) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0xc, 0x4, 0x6d3f, 0x7, 0x2, 0x4000000000000d]}, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/lru_gen\x00', 0x2a602, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2b, 0x1, 0x0) socket(0xa, 0x2, 0x3a) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x4, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f00000000c0)='./file0\x00', 0x12c42, 0x10) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0) socket(0xa, 0x3, 0x3a) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x14, r1, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) 5.87522526s ago: executing program 0 (id=911): socket(0x2a, 0x80000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x0, @remote}, 0x6a) write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000040)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76158c045ff86707a23e18496d5d7129a8e340b7ebcd1806c7b26420ea05ca", 0x3d) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) open(&(0x7f0000000800)='./file1\x00', 0x163ac1, 0x82) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sysfs$auto(0x2, 0x23, 0x0) r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r4, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="42bf", 0x2) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYRESOCT=r2, @ANYRESOCT, @ANYRES8, @ANYRES16, @ANYRESHEX=r3, @ANYBLOB="de2226424ecd338c2a7d7e9ab6b1692609176f3156f5b69843e3d8c9eb80b3a39ac2ac65fbbd662aed71f79092d0c7f0c813449df0a869e6744d994122cf1657ecabacc04e2758ba00a3afdfd032b5416c6b24fe4107aae14b9d588fa215e391889a0c2fa9cb2f296012d7dc7ee36bb8b868c82726ff9e52e834a9d553ec705b2cd00e7e3b6cdd40b54201aacd08c092b04e87ea9748a6905d3267f009ebe321fff308ebd08e96b7938e378f886985b5248a4b5f90c52ee9f02f33cad741954c4997b216ba", @ANYRES8], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) r5 = socket(0x10, 0x2, 0x6) getsockopt$auto(r5, 0x2, 0x0, &(0x7f0000000180)='%\x00', &(0x7f00000001c0)=0x8) 5.531915497s ago: executing program 6 (id=914): mmap$auto(0x4, 0x8004, 0x4000000000df, 0x100040eb5, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x0, 0x6, 0x66) madvise$auto(0x4000000000002, 0x4, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0x6, 0x40eb1, 0x401, 0xa) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/scsi/sg/def_reserved_size\x00', 0xc8000, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x84) r1 = socket(0x28, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x82202, 0x0) io_uring_setup$auto(0x1, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) write$auto(r1, &(0x7f0000000080)='/dev/ttyS2\x00', 0xe) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0) socket(0x2, 0x3, 0xa) 5.352812784s ago: executing program 3 (id=915): r0 = prctl$auto(0x5, 0x80000000, 0x0, 0x78, 0x8) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, 0x0, 0x40002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/i8042/serio1/id/extra\x00', 0x80040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/215, 0xd7) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) prctl$auto(0x23, 0x200000000000009, 0x7fffffffefff, 0x0, 0x0) r4 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/cmdline\x00', 0x86600, 0x0) read$auto_proc_pid_cmdline_ops_base(r4, &(0x7f0000000040)=""/159, 0x9f) umount2$auto(&(0x7f0000000180)='/proc/bus/pci/00/01.3\x00', 0x1) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/asound/card1/timer_source\x00', 0x400601, 0x0) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0x800, 0x4, 0x2e) fsconfig$auto_JFFS2_COMPR_MODE_FORCEZLIB(r5, 0x77e237c7, 0x0, &(0x7f0000000280)="11ca59451c260b", 0x5) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) syz_clone(0x21000000, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x149041, 0x0) getsockopt$auto_SO_REUSEADDR(r0, 0x8000, 0x2, &(0x7f0000000040)='^\x92[\x00', 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, 0x0, 0x22042, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='!}*[\\@:[\xd5\xe5\xc5/\xa5', 0xc) 4.443135557s ago: executing program 4 (id=916): socket(0x2a, 0x80000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x0, @remote}, 0x6a) write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000040)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76", 0x1f) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) open(&(0x7f0000000800)='./file1\x00', 0x163ac1, 0x82) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sysfs$auto(0x2, 0x23, 0x0) r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r4, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="42bf", 0x2) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYRESOCT=r2, @ANYRESOCT, @ANYRES8, @ANYRES16, @ANYRESHEX=r3, @ANYBLOB="de2226424ecd338c2a7d7e9ab6b1692609176f3156f5b69843e3d8c9eb80b3a39ac2ac65fbbd662aed71f79092d0c7f0c813449df0a869e6744d994122cf1657ecabacc04e2758ba00a3afdfd032b5416c6b24fe4107aae14b9d588fa215e391889a0c2fa9cb2f296012d7dc7ee36bb8b868c82726ff9e52e834a9d553ec705b2cd00e7e3b6cdd40b54201aacd08c092b04e87ea9748a6905d3267f009ebe321fff308ebd08e96b7938e378f886985b5248a4b5f90c52ee9f02f33cad741954c4997b216ba", @ANYRES8], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) r5 = socket(0x10, 0x2, 0x6) getsockopt$auto(r5, 0x2, 0x0, &(0x7f0000000180)='%\x00', &(0x7f00000001c0)=0x8) 4.344876084s ago: executing program 0 (id=917): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000100)={0x2, 0x0, 0x5f, 0x4, 0x0, 0x9, 0xeb8e, 0x0, @number_of_packets=0xfffffff7, 0x7, 0x800476, 0x0}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty42\x00', 0x40741, 0x0) ioctl$auto(0x3, 0x402c542d, r1) write$auto(0x3, 0x0, 0xfffffdef) r2 = syz_open_procfs$namespace(0xffffffffffffffff, 0x0) ioctl$NS_GET_PARENT(r2, 0xb701, 0x0) close_range$auto(0x2, 0x8, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = setfsuid$auto(0xee00) setresuid$auto(r3, 0x0, r3) mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x560e, r4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) 3.079071449s ago: executing program 4 (id=918): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x95) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb) r3 = syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f0000006140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x20, r3, 0x711, 0x70b52c, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @u32=0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4405}, 0x4c848) getsockopt$auto_SO_RCVMARK(r2, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), r4) sendmsg$auto_NL802154_CMD_GET_INTERFACE(r4, &(0x7f0000000300)={0x0, 0xa6, &(0x7f0000000100)={&(0x7f0000000840)={0x14, r5, 0x305, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004881}, 0x800) 3.078251669s ago: executing program 0 (id=926): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000100)={0x2, 0x0, 0x5f, 0x4, 0x0, 0x9, 0xeb8e, 0x0, @number_of_packets=0xfffffff7, 0x7, 0x800476, 0x0}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty42\x00', 0x40741, 0x0) ioctl$auto(0x3, 0x402c542d, r1) write$auto(0x3, 0x0, 0xfffffdef) r2 = syz_open_procfs$namespace(0xffffffffffffffff, 0x0) ioctl$NS_GET_PARENT(r2, 0xb701, 0x0) close_range$auto(0x2, 0x8, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = setfsuid$auto(0xee00) setresuid$auto(r3, 0x0, r3) mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x560e, r4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) 3.077617663s ago: executing program 6 (id=919): syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'pimreg1\x00'}) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(0xffffffffffffffff, 0x0, 0x4004000) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x14, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) connect$auto(r1, &(0x7f0000000140)=@phonet={0x23, 0xc, 0x1, 0x2}, 0xdba6) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f00000001c0)={0x6, 0xcb}) socket(0x2, 0x80802, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00042dbd7000fbe2df2502000000080002000100000028e5ff102d084475a9db785e92655ba955715583cc8a50063b3f5b86a34d4538191f112a8151d1cd40b92ef28fecf0ee5384dc719adb2cdb504b5061949d21c6c08399099c7aeb25a44be34571d51bd758e1d8a1135a4f734dc9494b025b6bdf4fbbf44b5355558911de93218243672f35b4eebeff5095141729de40aee41da2a874a3096581f618dd02d4f9ea95617b64f8b2b91222aa5c540d25e26833945b44d647c86bb617"], 0x1c}, 0x1, 0x0, 0x0, 0x24008054}, 0x40) shutdown$auto(0x200000003, 0x2) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0) write$auto(r2, &(0x7f0000000400)='odev/audio1\x00', 0x100000a3d9) 2.279840409s ago: executing program 3 (id=920): mmap$auto(0x100000000000, 0x2000b, 0xdd, 0xeb1, 0xffffffffffffffff, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0xffff}, 0x5, 0x20000043) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fadvise64$auto_POSIX_FADV_NORMAL(0xffffffffffffffff, 0x7, 0xd, 0x0) fcntl$auto(0x3, 0x4, 0xa553) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) read$auto(0x3, 0x0, 0x8080) shutdown$auto(0x200000003, 0x2) r1 = bpf$auto(0x0, 0x0, 0x6f3) socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_ioam6(0x0, r1) unshare$auto(0x40000080) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r2, 0x0, 0x40) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'macsec0\x00', 0x0}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="20002abd7000fedbdf250500000008000500050000000500060008000000740001800800030007000000080003000600", @ANYBLOB="140002006e7230000000000000000000000000001b00020073797a5f74756e000000000000000000080001", @ANYRES32=r4, @ANYBLOB="1400020069705f7674693000000000000000000014000200766574683000000000000000000000000500070004000000050002000c000000000007000d000000"], 0xb0}, 0x1, 0x0, 0x0, 0x4000005}, 0x4000) 1.956371273s ago: executing program 4 (id=921): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x5) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000002040)='/dev/snd/pcmC1D1c\x00', 0x80, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/devcoredump/disabled\x00', 0xe3102, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0x4b71, 0x1) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0x3f, 0x5, 0x2000000000948b, 0x3, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1.899647212s ago: executing program 6 (id=922): mmap$auto(0x100000000000, 0x2000b, 0xdd, 0xeb1, 0xffffffffffffffff, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, 0x0, 0x5, 0x20000043) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fadvise64$auto_POSIX_FADV_NORMAL(0xffffffffffffffff, 0x7, 0xd, 0x0) fcntl$auto(0x3, 0x4, 0xa553) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) read$auto(0x3, 0x0, 0x8080) shutdown$auto(0x200000003, 0x2) r1 = bpf$auto(0x0, 0x0, 0x6f3) socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_ioam6(0x0, r1) unshare$auto(0x40000080) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r2, 0x0, 0x40) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty58\x00', 0x800, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'macsec0\x00', 0x0}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="20002abd7000fedbdf250500000008000500050000000500060008000000740001800800030007000000080003000600", @ANYBLOB="140002006e7230000000000000000000000000001b00020073797a5f74756e000000000000000000080001", @ANYRES32=r4, @ANYBLOB="1400020069705f7674693000000000000000000014000200766574683000000000000000000000000500070004000000050002000c000000000007000d000000"], 0xb0}, 0x1, 0x0, 0x0, 0x4000005}, 0x4000) 1.707342923s ago: executing program 0 (id=923): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) sysfs$auto(0x2, 0x4, 0x0) r0 = socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0x12, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x2c, 0x3, 0x0) bind$auto(r1, &(0x7f0000000080)=@xdp={0x2c, 0xc, 0x0, 0x1c}, 0x6b) setsockopt$auto_SO_BROADCAST(r1, 0x5, 0x6, 0x0, 0x74) r2 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r2, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "01e983638bffff4993021400"}, 0x17) socket(0x18, 0x3, 0x2) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x8fb5) fcntl$auto(0x0, 0x408, 0x100000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x400, 0x7ff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 1.113406972s ago: executing program 0 (id=924): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x1, 0x1, 0x6, 0x0, 0xffffffffffffff7f, 0x368e, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0x47, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdead, 0x804}) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0403d11, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, 0x0, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0x969d}, {0x2, 0x6}, 0x8000000000000000, 0xa, 0x8, 0xd11c, 0xb871, 0x6, 0x9ffd, 0x81, 0x4, 0x1000000000f8c5, 0x1000, 0x81, 0xc, 0xd}) mmap$auto(0x0, 0x5, 0x3, 0x14, r2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) 1.112858889s ago: executing program 6 (id=925): socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x4003, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) madvise$auto(0x0, 0x200007, 0x19) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) connect$auto(0xffffffffffffffff, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680), 0x0) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x5, 0x4, 0xa) futex_wake$auto(&(0x7f0000000000)="facff2b53ab3522cb329b5a87bdbc091f5a6ad597f2789e870d64db4cf6503135f5a750abc973b65703b664991ab45d13445d9c4df1d25210345f44468854c9689b943d1c65073bf11fd0c98fb48f9f4d67c0908e74701", 0xfffffffffffffff8, 0xfff, 0x7f) sysfs$auto(0x2, 0x20, 0x0) shmget$auto(0x8, 0x10563, 0x568d1af2) 1.105037698s ago: executing program 3 (id=927): mmap$auto(0xfffffffffffffffa, 0x1, 0xdf, 0xeb1, 0x401, 0x8003) rseq$auto(0x0, 0x1a, 0xffff, 0x0) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r2, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)=ANY=[], 0x24}}, 0x8880) recvmmsg$auto(0x3, 0x0, 0x800, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c) r3 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/034/001\x00', 0x802, 0x0) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r3) sendmsg$auto_NFC_CMD_DISABLE_SE(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x20008094}, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r4 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) writev$auto(r4, &(0x7f0000000140)={0x0, 0x5}, 0x5) r5 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PAUSE_OLD(r1, 0x5423, &(0x7f0000000740)="002f80ce438dc7e603f0b7a6067f41576cc19dc24b459e69b05dfa9eba540b47fd877cd9a9cbe1ce996aca0cf78f8dd358e105183018bbd49e72a48e06e80a63c0591e726372310c6e7384e48fcb6b67e16e53766708eebda1240d48cc109058cb288be330e82b55c58e344cdbcd072798e325e59e5195f5ad19ada69accd4b4577a6e4ecef8889e8686fd042f97a79a6874353ec9cede4744c079526aa5fdd69d11c3e9281214eea7600c1f0134267f8c3214ac4964a8ab1902dcab2a35bf483b0913a2fff749ca0f8aa7297200"/221) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r5, 0x40505412, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) fstatfs$auto(0x3, 0x0) ioctl$auto(r6, 0x4b67, 0x1) socket$nl_generic(0x10, 0x3, 0x10) 0s ago: executing program 3 (id=928): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_dev_fops_plock(0xffffffffffffff9c, 0x0, 0x2, 0x0) listen$auto(r0, 0x4d) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder1\x00', 0x240, 0x0) ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0) statx$auto(0xffffffffffffffff, 0x0, 0x1000, 0x8, 0x0) r2 = open(0x0, 0x4000, 0x124) socket(0x2, 0x80802, 0x0) close_range$auto(r2, 0xa, 0x0) futex_waitv$auto(0x0, 0x3ff, 0x7, 0x0, 0x0) socket(0x18, 0xa, 0x1) unshare$auto(0x40000080) mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x7ffe) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80001, 0x0) socket(0x2, 0x3, 0xa) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x28002, 0x0) select$auto(0x4, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x0, 0x15f4da0a, 0x4, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x3, 0x785]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x80000001ff, 0x9, 0xd40, 0x20000000000001, 0x948b, 0x5, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x66, 0x800d2, 0x3, 0x6d3f, 0x80000a, 0x8, 0x6]}, 0x0) kernel console output (not intermixed with test programs): oogle 02/12/2026 [ 105.936747][ T6272] Call Trace: [ 105.936756][ T6272] [ 105.936767][ T6272] dump_stack_lvl+0x100/0x190 [ 105.936814][ T6272] should_fail_ex.cold+0x5/0xa [ 105.936848][ T6272] should_failslab+0xc2/0x120 [ 105.936893][ T6272] __kmalloc_cache_noprof+0x7a/0x6f0 [ 105.936924][ T6272] ? vidtv_channel_si_init+0xa42/0x18d0 [ 105.936969][ T6272] vidtv_channel_si_init+0xa42/0x18d0 [ 105.937020][ T6272] vidtv_mux_init+0x526/0xbf0 [ 105.937062][ T6272] vidtv_start_feed+0x33e/0x4c0 [ 105.937107][ T6272] ? __pfx_vidtv_start_feed+0x10/0x10 [ 105.937153][ T6272] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 105.937205][ T6272] ? mark_held_locks+0x40/0x70 [ 105.937244][ T6272] ? __pfx_vidtv_start_feed+0x10/0x10 [ 105.937325][ T6272] dmx_ts_feed_start_filtering+0xf6/0x220 [ 105.937362][ T6272] dvb_dmxdev_start_feed+0x273/0x3f0 [ 105.937409][ T6272] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 105.937457][ T6272] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 105.937503][ T6272] dvb_demux_do_ioctl+0xe64/0x1200 [ 105.937558][ T6272] dvb_usercopy+0x167/0x340 [ 105.937596][ T6272] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 105.937642][ T6272] ? __pfx_dvb_usercopy+0x10/0x10 [ 105.937696][ T6272] ? __fget_files+0x21f/0x3d0 [ 105.937742][ T6272] dvb_demux_ioctl+0x29/0x40 [ 105.937781][ T6272] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 105.937822][ T6272] __x64_sys_ioctl+0x18e/0x210 [ 105.937858][ T6272] do_syscall_64+0x106/0xf80 [ 105.937892][ T6272] ? clear_bhb_loop+0x40/0x90 [ 105.937928][ T6272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.937957][ T6272] RIP: 0033:0x7fa6adf9bf79 [ 105.937982][ T6272] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 105.938008][ T6272] RSP: 002b:00007fa6aeda8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 105.938036][ T6272] RAX: ffffffffffffffda RBX: 00007fa6ae215fa0 RCX: 00007fa6adf9bf79 [ 105.938055][ T6272] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 105.938072][ T6272] RBP: 00007fa6ae0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 105.938089][ T6272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.938105][ T6272] R13: 00007fa6ae216038 R14: 00007fa6ae215fa0 R15: 00007ffe7e268168 [ 105.938144][ T6272] [ 107.139987][ T6291] Invalid ELF header magic: != ELF [ 108.434217][ T5835] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 110.614878][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout [ 111.208856][ T6344] FAULT_INJECTION: forcing a failure. [ 111.208856][ T6344] name failslab, interval 1, probability 0, space 0, times 0 [ 111.332710][ T6344] CPU: 1 UID: 0 PID: 6344 Comm: syz.1.74 Tainted: G L syzkaller #0 PREEMPT(full) [ 111.332744][ T6344] Tainted: [L]=SOFTLOCKUP [ 111.332750][ T6344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 111.332759][ T6344] Call Trace: [ 111.332764][ T6344] [ 111.332769][ T6344] dump_stack_lvl+0x100/0x190 [ 111.332796][ T6344] should_fail_ex.cold+0x5/0xa [ 111.332814][ T6344] should_failslab+0xc2/0x120 [ 111.332836][ T6344] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 111.332854][ T6344] ? __proc_create+0x2cb/0x8c0 [ 111.332875][ T6344] __proc_create+0x2cb/0x8c0 [ 111.332893][ T6344] ? __pfx___proc_create+0x10/0x10 [ 111.332912][ T6344] ? _raw_write_unlock+0x28/0x50 [ 111.332930][ T6344] ? proc_register+0x559/0x8a0 [ 111.332949][ T6344] proc_create_reg+0x75/0x170 [ 111.332968][ T6344] proc_create_net_data+0x8e/0x1c0 [ 111.332987][ T6344] ? __pfx_proc_create_net_data+0x10/0x10 [ 111.333008][ T6344] ? lockdep_init_map_type+0x5c/0x250 [ 111.333027][ T6344] ? lockdep_init_map_type+0x5c/0x250 [ 111.333046][ T6344] ? __pfx_igmp_net_init+0x10/0x10 [ 111.333062][ T6344] igmp_net_init+0xab/0x150 [ 111.333077][ T6344] ops_init+0x1e2/0x5f0 [ 111.333099][ T6344] setup_net+0x118/0x3a0 [ 111.333119][ T6344] ? __pfx_setup_net+0x10/0x10 [ 111.333137][ T6344] ? lockdep_init_map_type+0x5c/0x250 [ 111.333155][ T6344] ? mutex_init_lockep+0x110/0x150 [ 111.333175][ T6344] copy_net_ns+0x46f/0x7c0 [ 111.333197][ T6344] create_new_namespaces+0x3ea/0xac0 [ 111.333225][ T6344] copy_namespaces+0x468/0x5e0 [ 111.333241][ T6344] copy_process+0x3226/0x7a10 [ 111.333267][ T6344] ? __pfx_copy_process+0x10/0x10 [ 111.333283][ T6344] ? find_held_lock+0x2b/0x80 [ 111.333307][ T6344] ? futex_private_hash_put+0x107/0x1c0 [ 111.333326][ T6344] kernel_clone+0xfc/0x9a0 [ 111.333344][ T6344] ? __pfx_kernel_clone+0x10/0x10 [ 111.333370][ T6344] __do_sys_clone+0xd9/0x120 [ 111.333387][ T6344] ? __pfx___do_sys_clone+0x10/0x10 [ 111.333402][ T6344] ? find_held_lock+0x2b/0x80 [ 111.333438][ T6344] do_syscall_64+0x106/0xf80 [ 111.333456][ T6344] ? clear_bhb_loop+0x40/0x90 [ 111.333474][ T6344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.333489][ T6344] RIP: 0033:0x7fae4ad9bf79 [ 111.333501][ T6344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.333515][ T6344] RSP: 002b:00007fae4bc42fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 111.333530][ T6344] RAX: ffffffffffffffda RBX: 00007fae4b016180 RCX: 00007fae4ad9bf79 [ 111.333539][ T6344] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 111.333548][ T6344] RBP: 00007fae4ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 111.333556][ T6344] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 111.333564][ T6344] R13: 00007fae4b016218 R14: 00007fae4b016180 R15: 00007ffec06cc168 [ 111.333583][ T6344] [ 112.007460][ T6347] netlink: 8 bytes leftover after parsing attributes in process `syz.2.75'. [ 112.382883][ T6355] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 112.680946][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 112.772693][ T6362] FAULT_INJECTION: forcing a failure. [ 112.772693][ T6362] name failslab, interval 1, probability 0, space 0, times 0 [ 112.786118][ T6362] CPU: 0 UID: 0 PID: 6362 Comm: syz.2.77 Tainted: G L syzkaller #0 PREEMPT(full) [ 112.786162][ T6362] Tainted: [L]=SOFTLOCKUP [ 112.786170][ T6362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 112.786185][ T6362] Call Trace: [ 112.786194][ T6362] [ 112.786205][ T6362] dump_stack_lvl+0x100/0x190 [ 112.786249][ T6362] should_fail_ex.cold+0x5/0xa [ 112.786278][ T6362] should_failslab+0xc2/0x120 [ 112.786320][ T6362] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 112.786355][ T6362] ? __kernfs_new_node+0xd2/0x960 [ 112.786392][ T6362] __kernfs_new_node+0xd2/0x960 [ 112.786422][ T6362] ? __pfx___kernfs_new_node+0x10/0x10 [ 112.786457][ T6362] ? find_held_lock+0x2b/0x80 [ 112.786496][ T6362] ? kernfs_root+0xee/0x2a0 [ 112.786521][ T6362] ? kernfs_root+0xee/0x2a0 [ 112.786553][ T6362] kernfs_new_node+0x11b/0x1a0 [ 112.786590][ T6362] __kernfs_create_file+0x53/0x350 [ 112.786631][ T6362] sysfs_add_file_mode_ns+0x207/0x3c0 [ 112.786679][ T6362] internal_create_group+0x593/0xf40 [ 112.786719][ T6362] ? __pfx_internal_create_group+0x10/0x10 [ 112.786760][ T6362] ? kernfs_create_link+0x1bd/0x240 [ 112.786803][ T6362] internal_create_groups+0x9d/0x150 [ 112.786836][ T6362] device_add+0x71a/0x1950 [ 112.786871][ T6362] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 112.786921][ T6362] ? __pfx_device_add+0x10/0x10 [ 112.786953][ T6362] ? lockdep_init_map_type+0x5c/0x250 [ 112.786987][ T6362] ? __init_waitqueue_head+0xca/0x150 [ 112.787034][ T6362] netdev_register_kobject+0x1a9/0x3d0 [ 112.787081][ T6362] register_netdevice+0x12e0/0x2210 [ 112.787126][ T6362] ? __pfx_register_netdevice+0x10/0x10 [ 112.787175][ T6362] internal_dev_create+0x2d3/0x520 [ 112.787213][ T6362] ovs_vport_add+0x147/0x4d0 [ 112.787247][ T6362] new_vport+0x16/0x1d0 [ 112.787273][ T6362] ovs_dp_cmd_new+0x65d/0xdf0 [ 112.787310][ T6362] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 112.787349][ T6362] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 112.787395][ T6362] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 112.787447][ T6362] genl_family_rcv_msg_doit+0x214/0x300 [ 112.787494][ T6362] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 112.787537][ T6362] ? genl_get_cmd+0x3ef/0x720 [ 112.787586][ T6362] ? bpf_lsm_capable+0x9/0x10 [ 112.787627][ T6362] ? security_capable+0x80/0x260 [ 112.787671][ T6362] ? ns_capable+0xd2/0xf0 [ 112.787717][ T6362] genl_rcv_msg+0x560/0x800 [ 112.787764][ T6362] ? __pfx_genl_rcv_msg+0x10/0x10 [ 112.787807][ T6362] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 112.787852][ T6362] netlink_rcv_skb+0x159/0x420 [ 112.787898][ T6362] ? __pfx_genl_rcv_msg+0x10/0x10 [ 112.787943][ T6362] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 112.787981][ T6362] ? rcu_is_watching+0x12/0xc0 [ 112.788034][ T6362] ? __rcu_read_unlock+0x26a/0x5e0 [ 112.788067][ T6362] ? rcu_is_watching+0x12/0xc0 [ 112.788113][ T6362] genl_rcv+0x28/0x40 [ 112.788151][ T6362] netlink_unicast+0x5aa/0x870 [ 112.788195][ T6362] ? __pfx_netlink_unicast+0x10/0x10 [ 112.788248][ T6362] netlink_sendmsg+0x8b0/0xda0 [ 112.788293][ T6362] ? __pfx_netlink_sendmsg+0x10/0x10 [ 112.788328][ T6362] ? __import_iovec+0x1d2/0x640 [ 112.788367][ T6362] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 112.788418][ T6362] ____sys_sendmsg+0xa54/0xc30 [ 112.788464][ T6362] ? __pfx_____sys_sendmsg+0x10/0x10 [ 112.788513][ T6362] ? try_to_wake_up+0x644/0x1a80 [ 112.788565][ T6362] ___sys_sendmsg+0x190/0x1e0 [ 112.788595][ T6362] ? __pfx____sys_sendmsg+0x10/0x10 [ 112.788733][ T6362] ? futex_private_hash_put+0x107/0x1c0 [ 112.788785][ T6362] __sys_sendmsg+0x170/0x220 [ 112.788814][ T6362] ? __pfx___sys_sendmsg+0x10/0x10 [ 112.788847][ T6362] ? __x64_sys_futex+0x34f/0x4d0 [ 112.788918][ T6362] do_syscall_64+0x106/0xf80 [ 112.788954][ T6362] ? clear_bhb_loop+0x40/0x90 [ 112.788991][ T6362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.789021][ T6362] RIP: 0033:0x7ff4ff59bf79 [ 112.789044][ T6362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 112.789071][ T6362] RSP: 002b:00007ff5003e2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 112.789097][ T6362] RAX: ffffffffffffffda RBX: 00007ff4ff816180 RCX: 00007ff4ff59bf79 [ 112.789115][ T6362] RDX: 0000000000000080 RSI: 00002000000001c0 RDI: 000000000000000b [ 112.789133][ T6362] RBP: 00007ff4ff6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 112.789150][ T6362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.789166][ T6362] R13: 00007ff4ff816218 R14: 00007ff4ff816180 R15: 00007ffc1aa8f0a8 [ 112.789205][ T6362] [ 114.056470][ T6370] FAULT_INJECTION: forcing a failure. [ 114.056470][ T6370] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 114.069945][ T6370] CPU: 1 UID: 0 PID: 6370 Comm: syz.3.76 Tainted: G L syzkaller #0 PREEMPT(full) [ 114.069984][ T6370] Tainted: [L]=SOFTLOCKUP [ 114.069993][ T6370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 114.070009][ T6370] Call Trace: [ 114.070017][ T6370] [ 114.070027][ T6370] dump_stack_lvl+0x100/0x190 [ 114.070071][ T6370] should_fail_ex.cold+0x5/0xa [ 114.070094][ T6370] ? fs_reclaim_acquire+0x70/0x100 [ 114.070136][ T6370] should_fail_alloc_page+0xeb/0x140 [ 114.070173][ T6370] prepare_alloc_pages+0x1f0/0x5f0 [ 114.070225][ T6370] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 114.070267][ T6370] ? __lock_acquire+0x4a5/0x2630 [ 114.070299][ T6370] ? find_held_lock+0x2b/0x80 [ 114.070347][ T6370] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 114.070401][ T6370] ? find_held_lock+0x2b/0x80 [ 114.070450][ T6370] ? is_bpf_text_address+0x8a/0x1a0 [ 114.070500][ T6370] ? is_bpf_text_address+0x8a/0x1a0 [ 114.070541][ T6370] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 114.070587][ T6370] ? policy_nodemask+0xed/0x4f0 [ 114.070630][ T6370] alloc_pages_mpol+0x1fb/0x550 [ 114.070673][ T6370] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 114.070716][ T6370] ? find_held_lock+0x2b/0x80 [ 114.070761][ T6370] alloc_pages_noprof+0x131/0x390 [ 114.070805][ T6370] brd_submit_bio+0x116a/0x20d0 [ 114.070852][ T6370] ? __pfx_brd_submit_bio+0x10/0x10 [ 114.070889][ T6370] ? submit_bio_noacct_nocheck+0x74f/0xc10 [ 114.070928][ T6370] ? submit_bio_noacct_nocheck+0x74f/0xc10 [ 114.070965][ T6370] ? blk_try_enter_queue+0x1c5/0x4d0 [ 114.071004][ T6370] __submit_bio+0x419/0x6c0 [ 114.071043][ T6370] ? __pfx___submit_bio+0x10/0x10 [ 114.071086][ T6370] ? __pfx_blk_cgroup_bio_start+0x10/0x10 [ 114.071126][ T6370] ? bio_associate_blkg_from_css+0x550/0x13f0 [ 114.071170][ T6370] ? submit_bio_noacct_nocheck+0x74f/0xc10 [ 114.071207][ T6370] submit_bio_noacct_nocheck+0x74f/0xc10 [ 114.071251][ T6370] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 114.071294][ T6370] ? __pfx___might_resched+0x10/0x10 [ 114.071331][ T6370] ? bio_alloc_bioset+0x309/0x850 [ 114.071366][ T6370] submit_bio_noacct+0xd17/0x2010 [ 114.071412][ T6370] submit_bh_wbc+0x59c/0x770 [ 114.071468][ T6370] __block_write_full_folio+0x77f/0xee0 [ 114.071505][ T6370] ? __pfx_blkdev_get_block+0x10/0x10 [ 114.071549][ T6370] block_write_full_folio+0x3b5/0x4e0 [ 114.071585][ T6370] ? __pfx_blkdev_get_block+0x10/0x10 [ 114.071626][ T6370] blkdev_writepages+0xc7/0x150 [ 114.071665][ T6370] ? __pfx_blkdev_writepages+0x10/0x10 [ 114.071709][ T6370] ? do_writepages+0x4b5/0x600 [ 114.071739][ T6370] ? __pfx_blkdev_writepages+0x10/0x10 [ 114.071779][ T6370] do_writepages+0x278/0x600 [ 114.071810][ T6370] ? __pfx_do_writepages+0x10/0x10 [ 114.071835][ T6370] ? do_raw_spin_unlock+0x145/0x1e0 [ 114.071875][ T6370] ? _raw_spin_unlock+0x28/0x50 [ 114.071910][ T6370] filemap_writeback+0x22d/0x2e0 [ 114.071941][ T6370] ? __pfx_filemap_writeback+0x10/0x10 [ 114.071968][ T6370] ? find_held_lock+0x2b/0x80 [ 114.072049][ T6370] ? rcu_is_watching+0x12/0xc0 [ 114.072088][ T6370] ? __mark_inode_dirty+0x55c/0x1790 [ 114.072125][ T6370] filemap_write_and_wait_range.part.0+0x88/0x110 [ 114.072162][ T6370] kiocb_invalidate_pages+0xde/0x180 [ 114.072196][ T6370] blkdev_write_iter+0x48f/0xd70 [ 114.072244][ T6370] vfs_write+0x6ac/0x1070 [ 114.072282][ T6370] ? __pfx_blkdev_write_iter+0x10/0x10 [ 114.072325][ T6370] ? __pfx_vfs_write+0x10/0x10 [ 114.072360][ T6370] ? find_held_lock+0x2b/0x80 [ 114.072423][ T6370] ksys_write+0x12a/0x250 [ 114.072469][ T6370] ? __pfx_ksys_write+0x10/0x10 [ 114.072518][ T6370] do_syscall_64+0x106/0xf80 [ 114.072552][ T6370] ? clear_bhb_loop+0x40/0x90 [ 114.072586][ T6370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.072614][ T6370] RIP: 0033:0x7f5d50b9bf79 [ 114.072639][ T6370] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 114.072666][ T6370] RSP: 002b:00007f5d51ac0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 114.072692][ T6370] RAX: ffffffffffffffda RBX: 00007f5d50e16360 RCX: 00007f5d50b9bf79 [ 114.072710][ T6370] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000004 [ 114.072727][ T6370] RBP: 00007f5d50c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 114.072744][ T6370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.072760][ T6370] R13: 00007f5d50e163f8 R14: 00007f5d50e16360 R15: 00007ffe790d7058 [ 114.072796][ T6370] [ 114.513989][ T6370] Buffer I/O error on dev ram5, logical block 576, lost async page write [ 118.102877][ T5835] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 119.314747][ T6449] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 119.657860][ T6454] FAULT_INJECTION: forcing a failure. [ 119.657860][ T6454] name failslab, interval 1, probability 0, space 0, times 0 [ 119.728511][ T6454] CPU: 1 UID: 0 PID: 6454 Comm: syz.0.94 Tainted: G L syzkaller #0 PREEMPT(full) [ 119.728539][ T6454] Tainted: [L]=SOFTLOCKUP [ 119.728544][ T6454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 119.728553][ T6454] Call Trace: [ 119.728561][ T6454] [ 119.728567][ T6454] dump_stack_lvl+0x100/0x190 [ 119.728605][ T6454] should_fail_ex.cold+0x5/0xa [ 119.728623][ T6454] should_failslab+0xc2/0x120 [ 119.728646][ T6454] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 119.728665][ T6454] ? __kernfs_new_node+0xd2/0x960 [ 119.728684][ T6454] __kernfs_new_node+0xd2/0x960 [ 119.728701][ T6454] ? __pfx___kernfs_new_node+0x10/0x10 [ 119.728721][ T6454] ? find_held_lock+0x2b/0x80 [ 119.728743][ T6454] ? kernfs_root+0xee/0x2a0 [ 119.728757][ T6454] ? kernfs_root+0xee/0x2a0 [ 119.728781][ T6454] kernfs_new_node+0x11b/0x1a0 [ 119.728802][ T6454] __kernfs_create_file+0x53/0x350 [ 119.728825][ T6454] sysfs_add_file_mode_ns+0x207/0x3c0 [ 119.728854][ T6454] internal_create_group+0x593/0xf40 [ 119.728875][ T6454] ? __pfx_internal_create_group+0x10/0x10 [ 119.728895][ T6454] ? kernfs_create_link+0x1bd/0x240 [ 119.728928][ T6454] internal_create_groups+0x9d/0x150 [ 119.728947][ T6454] device_add+0x71a/0x1950 [ 119.728966][ T6454] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 119.728988][ T6454] ? __pfx_device_add+0x10/0x10 [ 119.729005][ T6454] ? lockdep_init_map_type+0x5c/0x250 [ 119.729024][ T6454] ? __init_waitqueue_head+0xca/0x150 [ 119.729048][ T6454] netdev_register_kobject+0x1a9/0x3d0 [ 119.729072][ T6454] register_netdevice+0x12e0/0x2210 [ 119.729096][ T6454] ? __pfx_register_netdevice+0x10/0x10 [ 119.729121][ T6454] internal_dev_create+0x2d3/0x520 [ 119.729143][ T6454] ovs_vport_add+0x147/0x4d0 [ 119.729162][ T6454] new_vport+0x16/0x1d0 [ 119.729179][ T6454] ovs_dp_cmd_new+0x65d/0xdf0 [ 119.729200][ T6454] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 119.729220][ T6454] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 119.729242][ T6454] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 119.729269][ T6454] genl_family_rcv_msg_doit+0x214/0x300 [ 119.729293][ T6454] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 119.729322][ T6454] ? genl_get_cmd+0x3ef/0x720 [ 119.729365][ T6454] ? bpf_lsm_capable+0x9/0x10 [ 119.729405][ T6454] ? security_capable+0x80/0x260 [ 119.729438][ T6454] ? ns_capable+0xd2/0xf0 [ 119.729463][ T6454] genl_rcv_msg+0x560/0x800 [ 119.729488][ T6454] ? __pfx_genl_rcv_msg+0x10/0x10 [ 119.729511][ T6454] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 119.729534][ T6454] netlink_rcv_skb+0x159/0x420 [ 119.729554][ T6454] ? __pfx_genl_rcv_msg+0x10/0x10 [ 119.729582][ T6454] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 119.729610][ T6454] ? netlink_deliver_tap+0x1ae/0xcc0 [ 119.729631][ T6454] genl_rcv+0x28/0x40 [ 119.729651][ T6454] netlink_unicast+0x5aa/0x870 [ 119.729674][ T6454] ? __pfx_netlink_unicast+0x10/0x10 [ 119.729702][ T6454] netlink_sendmsg+0x8b0/0xda0 [ 119.729725][ T6454] ? __pfx_netlink_sendmsg+0x10/0x10 [ 119.729743][ T6454] ? __import_iovec+0x1d2/0x640 [ 119.729763][ T6454] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 119.729789][ T6454] ____sys_sendmsg+0xa54/0xc30 [ 119.729813][ T6454] ? __pfx_____sys_sendmsg+0x10/0x10 [ 119.729839][ T6454] ? try_to_wake_up+0x644/0x1a80 [ 119.729865][ T6454] ___sys_sendmsg+0x190/0x1e0 [ 119.729881][ T6454] ? __pfx____sys_sendmsg+0x10/0x10 [ 119.729903][ T6454] ? futex_private_hash_put+0x107/0x1c0 [ 119.729954][ T6454] __sys_sendmsg+0x170/0x220 [ 119.729974][ T6454] ? __pfx___sys_sendmsg+0x10/0x10 [ 119.729993][ T6454] ? __x64_sys_futex+0x34f/0x4d0 [ 119.730023][ T6454] do_syscall_64+0x106/0xf80 [ 119.730042][ T6454] ? clear_bhb_loop+0x40/0x90 [ 119.730060][ T6454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.730075][ T6454] RIP: 0033:0x7fa6adf9bf79 [ 119.730098][ T6454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 119.730113][ T6454] RSP: 002b:00007fa6ac1f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 119.730129][ T6454] RAX: ffffffffffffffda RBX: 00007fa6ae216180 RCX: 00007fa6adf9bf79 [ 119.730139][ T6454] RDX: 0000000000000080 RSI: 00002000000001c0 RDI: 000000000000000b [ 119.730148][ T6454] RBP: 00007fa6ae0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 119.730156][ T6454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.730165][ T6454] R13: 00007fa6ae216218 R14: 00007fa6ae216180 R15: 00007ffe7e268168 [ 119.730188][ T6454] [ 120.195378][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 120.538569][ T6459] netlink: 28 bytes leftover after parsing attributes in process `syz.3.96'. [ 121.830345][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 122.276643][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.882671][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout [ 125.958803][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout [ 126.642758][ T6564] Invalid ELF header magic: != ELF [ 132.842037][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.848617][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 141.744376][ T6873] FAULT_INJECTION: forcing a failure. [ 141.744376][ T6873] name failslab, interval 1, probability 0, space 0, times 0 [ 141.868728][ T6873] CPU: 1 UID: 0 PID: 6873 Comm: syz.3.155 Tainted: G L syzkaller #0 PREEMPT(full) [ 141.868758][ T6873] Tainted: [L]=SOFTLOCKUP [ 141.868763][ T6873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 141.868772][ T6873] Call Trace: [ 141.868777][ T6873] [ 141.868784][ T6873] dump_stack_lvl+0x100/0x190 [ 141.868811][ T6873] should_fail_ex.cold+0x5/0xa [ 141.868830][ T6873] should_failslab+0xc2/0x120 [ 141.868852][ T6873] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 141.868870][ T6873] ? __skb_ext_alloc+0x1a/0x80 [ 141.868896][ T6873] __skb_ext_alloc+0x1a/0x80 [ 141.868924][ T6873] mptcp_sendmsg_frag+0x7ef/0x2e40 [ 141.868949][ T6873] ? __pfx_mptcp_sendmsg_frag+0x10/0x10 [ 141.868968][ T6873] __subflow_push_pending+0x34a/0xba0 [ 141.868993][ T6873] __mptcp_push_pending+0x2cc/0x540 [ 141.869015][ T6873] ? __pfx___mptcp_push_pending+0x10/0x10 [ 141.869041][ T6873] mptcp_sendmsg+0x17d1/0x1e40 [ 141.869068][ T6873] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 141.869090][ T6873] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 141.869108][ T6873] inet_sendmsg+0x11c/0x140 [ 141.869123][ T6873] sock_write_iter+0x509/0x610 [ 141.869146][ T6873] ? __pfx_sock_write_iter+0x10/0x10 [ 141.869175][ T6873] ? bpf_lsm_file_permission+0x9/0x10 [ 141.869194][ T6873] ? security_file_permission+0x76/0x210 [ 141.869213][ T6873] ? rw_verify_area+0xce/0x6d0 [ 141.869232][ T6873] vfs_write+0x6ac/0x1070 [ 141.869252][ T6873] ? __pfx_sock_write_iter+0x10/0x10 [ 141.869275][ T6873] ? __pfx_vfs_write+0x10/0x10 [ 141.869293][ T6873] ? find_held_lock+0x2b/0x80 [ 141.869327][ T6873] ksys_write+0x1f8/0x250 [ 141.869346][ T6873] ? __pfx_ksys_write+0x10/0x10 [ 141.869371][ T6873] do_syscall_64+0x106/0xf80 [ 141.869388][ T6873] ? clear_bhb_loop+0x40/0x90 [ 141.869406][ T6873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.869421][ T6873] RIP: 0033:0x7f5d50b9bf79 [ 141.869435][ T6873] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 141.869448][ T6873] RSP: 002b:00007f5d51b23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 141.869462][ T6873] RAX: ffffffffffffffda RBX: 00007f5d50e16090 RCX: 00007f5d50b9bf79 [ 141.869472][ T6873] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003 [ 141.869481][ T6873] RBP: 00007f5d50c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 141.869490][ T6873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.869498][ T6873] R13: 00007f5d50e16128 R14: 00007f5d50e16090 R15: 00007ffe790d7058 [ 141.869518][ T6873] [ 144.183092][ T6889] kexec: Could not allocate control_code_buffer [ 149.418839][ T6949] kexec: Could not allocate control_code_buffer [ 157.349547][ T7079] kexec: Could not allocate control_code_buffer [ 163.142997][ T7173] kexec: Could not allocate control_code_buffer [ 165.548892][ T7265] bridge0: port 3(team0) entered blocking state [ 165.556354][ T7265] bridge0: port 3(team0) entered disabled state [ 165.575134][ T7265] team0: entered allmulticast mode [ 165.580324][ T7265] team_slave_0: entered allmulticast mode [ 165.617232][ T7265] team_slave_1: entered allmulticast mode [ 165.786423][ T7265] team0: entered promiscuous mode [ 165.796481][ T7265] team_slave_0: entered promiscuous mode [ 165.832622][ T7265] team_slave_1: entered promiscuous mode [ 165.859225][ T7265] bridge0: port 3(team0) entered blocking state [ 165.865625][ T7265] bridge0: port 3(team0) entered forwarding state [ 171.750664][ T7384] vhci_hcd vhci_hcd.2: invalid port number 16 [ 171.775015][ T7384] vhci_hcd vhci_hcd.2: invalid port number 16 [ 172.076318][ T7386] bridge0: port 3(team0) entered blocking state [ 172.082647][ T7386] bridge0: port 3(team0) entered disabled state [ 172.089357][ T7386] team0: entered allmulticast mode [ 172.094508][ T7386] team_slave_0: entered allmulticast mode [ 172.140530][ T7386] team_slave_1: entered allmulticast mode [ 172.197145][ T7386] team0: entered promiscuous mode [ 172.230576][ T7386] team_slave_0: entered promiscuous mode [ 172.268387][ T7386] team_slave_1: entered promiscuous mode [ 172.289563][ T7386] bridge0: port 3(team0) entered blocking state [ 172.295992][ T7386] bridge0: port 3(team0) entered forwarding state [ 173.337094][ T7367] kexec: Could not allocate control_code_buffer [ 180.536814][ T7556] vhci_hcd vhci_hcd.2: invalid port number 16 [ 180.566071][ T7556] vhci_hcd vhci_hcd.2: invalid port number 16 [ 183.880977][ T7599] binder: 7598:7599 ioctl c018620c 0 returned -1 [ 187.073787][ T7665] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 187.464644][ T7673] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 190.243479][ T7731] syz.2.297(7731): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 192.331727][ T7775] vhci_hcd vhci_hcd.2: invalid port number 16 [ 192.342237][ T7775] vhci_hcd vhci_hcd.2: invalid port number 16 [ 193.757771][ T29] audit: type=1800 audit(1771101257.346:2): pid=7801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.308" name="lu_gp_id" dev="configfs" ino=21963 res=0 errno=0 [ 193.781726][ T7801] kstrtoul() returned -22 for lu_gp_id [ 193.926699][ T7801] netlink: 12 bytes leftover after parsing attributes in process `syz.3.308'. [ 193.995990][ T7796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.308'. [ 194.280639][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.287161][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.046316][ T7820] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 195.053292][ T7820] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 195.084357][ T7820] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 195.107287][ T7820] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 196.436341][ T7854] vhci_hcd vhci_hcd.2: invalid port number 16 [ 196.442594][ T7854] vhci_hcd vhci_hcd.2: invalid port number 16 [ 197.088583][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 197.088595][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout [ 197.155539][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 197.155549][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 197.193636][ T7872] input: jJǸ-9%vJ86 as /devices/virtual/input/input7 [ 197.657931][ T7867] hub 1-0:1.0: USB hub found [ 197.703986][ T7867] hub 1-0:1.0: 1 port detected [ 201.161742][ T7938] FAULT_INJECTION: forcing a failure. [ 201.161742][ T7938] name failslab, interval 1, probability 0, space 0, times 0 [ 201.175777][ T7938] CPU: 1 UID: 0 PID: 7938 Comm: syz.3.333 Tainted: G L syzkaller #0 PREEMPT(full) [ 201.175818][ T7938] Tainted: [L]=SOFTLOCKUP [ 201.175827][ T7938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 201.175852][ T7938] Call Trace: [ 201.175860][ T7938] [ 201.175873][ T7938] dump_stack_lvl+0x100/0x190 [ 201.175915][ T7938] should_fail_ex.cold+0x5/0xa [ 201.175945][ T7938] should_failslab+0xc2/0x120 [ 201.175980][ T7938] __kmalloc_cache_noprof+0x7a/0x6f0 [ 201.176007][ T7938] ? trace_pid_list_alloc+0x232/0x480 [ 201.176048][ T7938] trace_pid_list_alloc+0x232/0x480 [ 201.176087][ T7938] trace_pid_write+0x110/0x460 [ 201.176122][ T7938] ? __pfx_trace_pid_write+0x10/0x10 [ 201.176176][ T7938] event_pid_write.isra.0+0x1e4/0x800 [ 201.176214][ T7938] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 201.176259][ T7938] vfs_write+0x2aa/0x1070 [ 201.176292][ T7938] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 201.176331][ T7938] ? __pfx_vfs_write+0x10/0x10 [ 201.176363][ T7938] ? __fget_files+0x215/0x3d0 [ 201.176403][ T7938] ? __fget_files+0x21f/0x3d0 [ 201.176445][ T7938] ksys_write+0x12a/0x250 [ 201.176477][ T7938] ? __pfx_ksys_write+0x10/0x10 [ 201.176508][ T7938] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 201.176538][ T7938] ? syscall_user_dispatch+0x76/0x130 [ 201.176575][ T7938] do_syscall_64+0x106/0xf80 [ 201.176612][ T7938] ? clear_bhb_loop+0x40/0x90 [ 201.176643][ T7938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.176669][ T7938] RIP: 0033:0x7f5d50b9bf79 [ 201.176690][ T7938] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 201.176714][ T7938] RSP: 002b:00007f5d51b44028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 201.176741][ T7938] RAX: ffffffffffffffda RBX: 00007f5d50e15fa0 RCX: 00007f5d50b9bf79 [ 201.176757][ T7938] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 201.176772][ T7938] RBP: 00007f5d50c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 201.176787][ T7938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 201.176802][ T7938] R13: 00007f5d50e16038 R14: 00007f5d50e15fa0 R15: 00007ffe790d7058 [ 201.176836][ T7938] [ 208.523567][ T8068] vhci_hcd vhci_hcd.2: invalid port number 16 [ 208.539040][ T8068] vhci_hcd vhci_hcd.2: invalid port number 16 [ 209.053561][ T8069] binder: 8063:8069 ioctl c018620c 0 returned -1 [ 211.795177][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 214.872419][ T8163] vhci_hcd vhci_hcd.2: invalid port number 16 [ 214.892847][ T8163] vhci_hcd vhci_hcd.2: invalid port number 16 [ 216.106666][ T29] audit: type=1800 audit(1771101279.696:3): pid=8185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.366" name="dbroot" dev="configfs" ino=23283 res=0 errno=0 [ 221.116528][ T8266] bridge0: port 3(team0) entered blocking state [ 221.124995][ T8266] bridge0: port 3(team0) entered disabled state [ 221.167318][ T8266] team0: entered allmulticast mode [ 221.225372][ T8266] team_slave_0: entered allmulticast mode [ 221.325007][ T8266] team_slave_1: entered allmulticast mode [ 221.439230][ T8266] team0: entered promiscuous mode [ 221.494543][ T8266] team_slave_0: entered promiscuous mode [ 221.510270][ T8266] team_slave_1: entered promiscuous mode [ 221.574070][ T8266] bridge0: port 3(team0) entered blocking state [ 221.580719][ T8266] bridge0: port 3(team0) entered forwarding state [ 223.918056][ T8330] program syz.2.387 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 224.370456][ T8338] nvme_fcloop: unknown parameter or missing value '7' [ 224.737330][ T8340] binder: 8333:8340 ioctl c018620c 0 returned -1 [ 226.266114][ T8366] FAULT_INJECTION: forcing a failure. [ 226.266114][ T8366] name failslab, interval 1, probability 0, space 0, times 0 [ 226.360511][ T8366] CPU: 0 UID: 0 PID: 8366 Comm: syz.3.396 Tainted: G L syzkaller #0 PREEMPT(full) [ 226.360557][ T8366] Tainted: [L]=SOFTLOCKUP [ 226.360568][ T8366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 226.360585][ T8366] Call Trace: [ 226.360594][ T8366] [ 226.360605][ T8366] dump_stack_lvl+0x100/0x190 [ 226.360651][ T8366] should_fail_ex.cold+0x5/0xa [ 226.360684][ T8366] should_failslab+0xc2/0x120 [ 226.360727][ T8366] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 226.360760][ T8366] ? alloc_empty_file+0x55/0x1c0 [ 226.360806][ T8366] alloc_empty_file+0x55/0x1c0 [ 226.360834][ T8366] dentry_open+0x46/0xd0 [ 226.360860][ T8366] pidfs_alloc_file+0x18f/0x290 [ 226.360895][ T8366] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 226.360938][ T8366] pidfd_prepare+0x129/0x200 [ 226.360975][ T8366] __x64_sys_pidfd_open+0x105/0x1a0 [ 226.361012][ T8366] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 226.361061][ T8366] do_syscall_64+0x106/0xf80 [ 226.361100][ T8366] ? clear_bhb_loop+0x40/0x90 [ 226.361130][ T8366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.361155][ T8366] RIP: 0033:0x7f5d50b9bf79 [ 226.361177][ T8366] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.361199][ T8366] RSP: 002b:00007f5d51b44028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 226.361222][ T8366] RAX: ffffffffffffffda RBX: 00007f5d50e15fa0 RCX: 00007f5d50b9bf79 [ 226.361320][ T8366] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 226.361328][ T8366] RBP: 00007f5d50c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 226.361338][ T8366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.361346][ T8366] R13: 00007f5d50e16038 R14: 00007f5d50e15fa0 R15: 00007ffe790d7058 [ 226.361367][ T8366] [ 226.830068][ T8379] ======================================================= [ 226.830068][ T8379] WARNING: The mand mount option has been deprecated and [ 226.830068][ T8379] and is ignored by this kernel. Remove the mand [ 226.830068][ T8379] option from the mount to silence this warning. [ 226.830068][ T8379] ======================================================= [ 227.222102][ T8379] kexec: Could not allocate control_code_buffer [ 230.329242][ T8433] binder: 8426:8433 ioctl c018620c 0 returned -1 [ 230.390487][ T12] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:0: bg 3: bad block bitmap checksum [ 230.434559][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2050 with max blocks 1 with error 74 [ 230.534481][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 230.534481][ T12] [ 230.558300][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2057 with max blocks 2 with error 117 [ 230.584692][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 230.584692][ T12] [ 232.345712][ T8446] hub 1-0:1.0: USB hub found [ 232.368859][ T8446] hub 1-0:1.0: 1 port detected [ 233.881734][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2055 with max blocks 1 with error 117 [ 233.972934][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 233.972934][ T12] [ 234.085608][ T35] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2059 with max blocks 1 with error 117 [ 234.152106][ T35] EXT4-fs (sda1): This should not happen!! Data will be lost [ 234.152106][ T35] [ 234.921800][ T8521] EXT4-fs error (device sda1): ext4_discard_preallocations:5704: comm syz.1.421: Error -117 reading block bitmap for 3 [ 235.172431][ T35] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:2: bg 4: bad block bitmap checksum [ 235.225584][ T35] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2050 with max blocks 1 with error 74 [ 235.259976][ T35] EXT4-fs (sda1): This should not happen!! Data will be lost [ 235.259976][ T35] [ 235.334222][ T35] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:2: bg 5: bad block bitmap checksum [ 235.698575][ T8527] binder: 8519:8527 ioctl c018620c 0 returned -1 [ 239.124904][ T1153] EXT4-fs: 2 callbacks suppressed [ 239.124954][ T1153] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 239.186430][ T1153] EXT4-fs (sda1): This should not happen!! Data will be lost [ 239.186430][ T1153] [ 239.339339][ T1153] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2052 with max blocks 1 with error 117 [ 239.420733][ T1153] EXT4-fs (sda1): This should not happen!! Data will be lost [ 239.420733][ T1153] [ 240.767031][ T8603] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 240.887196][ T8603] EXT4-fs (sda1): This should not happen!! Data will be lost [ 240.887196][ T8603] [ 244.820912][ T29] audit: type=1400 audit(1771101308.426:4): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=8689 comm="syz.3.450" [ 244.865798][ T8691] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 244.930435][ T8691] EXT4-fs (sda1): This should not happen!! Data will be lost [ 244.930435][ T8691] [ 245.219985][ T35] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 2 with error 117 [ 245.271882][ T35] EXT4-fs (sda1): This should not happen!! Data will be lost [ 245.271882][ T35] [ 245.333394][ T35] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2062 with max blocks 1 with error 117 [ 245.378466][ T35] EXT4-fs (sda1): This should not happen!! Data will be lost [ 245.378466][ T35] [ 246.227369][ T1338] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 246.246013][ T1338] EXT4-fs (sda1): This should not happen!! Data will be lost [ 246.246013][ T1338] [ 246.272342][ T1338] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2065 with max blocks 1 with error 117 [ 246.301811][ T1338] EXT4-fs (sda1): This should not happen!! Data will be lost [ 246.301811][ T1338] [ 249.567964][ T8781] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 249.970633][ T1153] EXT4-fs: 10 callbacks suppressed [ 249.970655][ T1153] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2077 with max blocks 1 with error 117 [ 249.994597][ T1153] EXT4-fs (sda1): This should not happen!! Data will be lost [ 249.994597][ T1153] [ 250.429957][ T8790] FAULT_INJECTION: forcing a failure. [ 250.429957][ T8790] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 250.479129][ T8790] CPU: 0 UID: 0 PID: 8790 Comm: syz.1.466 Tainted: G L syzkaller #0 PREEMPT(full) [ 250.479156][ T8790] Tainted: [L]=SOFTLOCKUP [ 250.479161][ T8790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 250.479182][ T8790] Call Trace: [ 250.479187][ T8790] [ 250.479194][ T8790] dump_stack_lvl+0x100/0x190 [ 250.479221][ T8790] should_fail_ex.cold+0x5/0xa [ 250.479237][ T8790] ? prepare_alloc_pages+0x16d/0x5f0 [ 250.479268][ T8790] should_fail_alloc_page+0xeb/0x140 [ 250.479298][ T8790] prepare_alloc_pages+0x1f0/0x5f0 [ 250.479320][ T8790] ? arch_stack_walk+0xa6/0xf0 [ 250.479337][ T8790] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 250.479371][ T8790] ? stack_trace_save+0x8e/0xc0 [ 250.479400][ T8790] ? __pfx_stack_trace_save+0x10/0x10 [ 250.479428][ T8790] ? stack_depot_save_flags+0x27/0x9d0 [ 250.479446][ T8790] ? __lock_acquire+0x4a5/0x2630 [ 250.479465][ T8790] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 250.479484][ T8790] ? kasan_save_stack+0x3f/0x50 [ 250.479503][ T8790] ? kasan_save_stack+0x30/0x50 [ 250.479521][ T8790] ? __kasan_slab_alloc+0x89/0x90 [ 250.479540][ T8790] ? __pmd_alloc+0xbf/0x9c0 [ 250.479552][ T8790] ? copy_page_range+0x4531/0x6570 [ 250.479567][ T8790] ? dup_mmap+0xc00/0x1db0 [ 250.479583][ T8790] ? copy_process+0x73d1/0x7a10 [ 250.479598][ T8790] ? kernel_clone+0xfc/0x9a0 [ 250.479613][ T8790] ? __do_sys_clone+0xd9/0x120 [ 250.479627][ T8790] ? do_syscall_64+0x106/0xf80 [ 250.479645][ T8790] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.479673][ T8790] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 250.479696][ T8790] ? policy_nodemask+0xed/0x4f0 [ 250.479724][ T8790] alloc_pages_mpol+0x1fb/0x550 [ 250.479748][ T8790] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 250.479776][ T8790] alloc_pages_noprof+0x131/0x390 [ 250.479800][ T8790] pte_alloc_one+0x1e/0x3e0 [ 250.479817][ T8790] __pte_alloc+0x6d/0x3f0 [ 250.479845][ T8790] ? __pfx___pte_alloc+0x10/0x10 [ 250.479867][ T8790] ? _raw_spin_unlock+0x28/0x50 [ 250.479883][ T8790] ? __pmd_alloc+0x6aa/0x9c0 [ 250.479899][ T8790] copy_page_range+0x3e51/0x6570 [ 250.479943][ T8790] ? __pfx_copy_page_range+0x10/0x10 [ 250.479964][ T8790] ? mas_store+0x666/0xac0 [ 250.479986][ T8790] ? __pfx_mas_store+0x10/0x10 [ 250.480011][ T8790] ? __pfx___vma_start_write+0x10/0x10 [ 250.480037][ T8790] dup_mmap+0xc00/0x1db0 [ 250.480070][ T8790] ? __pfx_dup_mmap+0x10/0x10 [ 250.480083][ T8790] ? rcu_is_watching+0x12/0xc0 [ 250.480122][ T8790] copy_process+0x73d1/0x7a10 [ 250.480149][ T8790] ? __pfx_copy_process+0x10/0x10 [ 250.480165][ T8790] ? find_held_lock+0x2b/0x80 [ 250.480196][ T8790] ? futex_private_hash_put+0x107/0x1c0 [ 250.480215][ T8790] kernel_clone+0xfc/0x9a0 [ 250.480232][ T8790] ? __pfx_kernel_clone+0x10/0x10 [ 250.480259][ T8790] __do_sys_clone+0xd9/0x120 [ 250.480275][ T8790] ? __pfx___do_sys_clone+0x10/0x10 [ 250.480309][ T8790] do_syscall_64+0x106/0xf80 [ 250.480328][ T8790] ? clear_bhb_loop+0x40/0x90 [ 250.480346][ T8790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.480372][ T8790] RIP: 0033:0x7fae4ad9bf79 [ 250.480386][ T8790] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 250.480400][ T8790] RSP: 002b:00007fae4bc84fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 250.480420][ T8790] RAX: ffffffffffffffda RBX: 00007fae4b015fa0 RCX: 00007fae4ad9bf79 [ 250.480431][ T8790] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 250.480440][ T8790] RBP: 00007fae4ae327e0 R08: 0000000000000000 R09: 0000000000000000 [ 250.480449][ T8790] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 250.480457][ T8790] R13: 00007fae4b016038 R14: 00007fae4b015fa0 R15: 00007ffec06cc168 [ 250.480478][ T8790] [ 251.839247][ T8780] kexec: Could not allocate control_code_buffer [ 252.180900][ T8818] EXT4-fs error (device sda1): ext4_discard_preallocations:5704: comm syz.0.472: Error -117 reading block bitmap for 4 [ 252.203855][ T8818] EXT4-fs error (device sda1): ext4_discard_preallocations:5704: comm syz.0.472: Error -117 reading block bitmap for 5 [ 252.403187][ T8820] binder: 8815:8820 ioctl c018620c 0 returned -1 [ 253.816993][ T8847] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 254.483068][ T8848] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 255.218218][ T8873] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 255.424525][ T8874] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 255.730085][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.736680][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.264424][ T8913] FAULT_INJECTION: forcing a failure. [ 257.264424][ T8913] name failslab, interval 1, probability 0, space 0, times 0 [ 257.299560][ T8913] CPU: 1 UID: 0 PID: 8913 Comm: syz.3.486 Tainted: G L syzkaller #0 PREEMPT(full) [ 257.299606][ T8913] Tainted: [L]=SOFTLOCKUP [ 257.299616][ T8913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 257.299630][ T8913] Call Trace: [ 257.299640][ T8913] [ 257.299651][ T8913] dump_stack_lvl+0x100/0x190 [ 257.299697][ T8913] should_fail_ex.cold+0x5/0xa [ 257.299729][ T8913] ? iter_file_splice_write+0x1d3/0x10a0 [ 257.299770][ T8913] should_failslab+0xc2/0x120 [ 257.299810][ T8913] __kmalloc_noprof+0xe0/0x850 [ 257.299853][ T8913] iter_file_splice_write+0x1d3/0x10a0 [ 257.299892][ T8913] ? lockdep_hardirqs_on+0x78/0x100 [ 257.299931][ T8913] ? copy_splice_read+0x734/0xb90 [ 257.299965][ T8913] ? kfree+0x1f6/0x6b0 [ 257.300002][ T8913] ? __pfx_iter_file_splice_write+0x10/0x10 [ 257.300042][ T8913] ? __lock_acquire+0x4a5/0x2630 [ 257.300078][ T8913] ? __pfx_copy_splice_read+0x10/0x10 [ 257.300135][ T8913] ? __pfx_iter_file_splice_write+0x10/0x10 [ 257.300177][ T8913] direct_splice_actor+0x192/0x6c0 [ 257.300219][ T8913] splice_direct_to_actor+0x345/0xa30 [ 257.300260][ T8913] ? __pfx_direct_splice_actor+0x10/0x10 [ 257.300307][ T8913] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 257.300353][ T8913] do_splice_direct+0x174/0x240 [ 257.300399][ T8913] ? __pfx_do_splice_direct+0x10/0x10 [ 257.300432][ T8913] ? common_file_perm+0x1ab/0x4f0 [ 257.300463][ T8913] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 257.300506][ T8913] ? rw_verify_area+0xce/0x6d0 [ 257.300546][ T8913] do_sendfile+0xadc/0xe20 [ 257.300591][ T8913] ? __pfx_do_sendfile+0x10/0x10 [ 257.300631][ T8913] ? __x64_sys_futex+0x34f/0x4d0 [ 257.300660][ T8913] ? __x64_sys_futex+0x358/0x4d0 [ 257.300696][ T8913] __x64_sys_sendfile64+0x1d8/0x220 [ 257.300740][ T8913] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 257.300795][ T8913] do_syscall_64+0x106/0xf80 [ 257.300836][ T8913] ? clear_bhb_loop+0x40/0x90 [ 257.300872][ T8913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.300900][ T8913] RIP: 0033:0x7f5d50b9bf79 [ 257.300923][ T8913] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 257.300950][ T8913] RSP: 002b:00007f5d51b44028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 257.300977][ T8913] RAX: ffffffffffffffda RBX: 00007f5d50e15fa0 RCX: 00007f5d50b9bf79 [ 257.300996][ T8913] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 257.301013][ T8913] RBP: 00007f5d50c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 257.301030][ T8913] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 257.301046][ T8913] R13: 00007f5d50e16038 R14: 00007f5d50e15fa0 R15: 00007ffe790d7058 [ 257.301084][ T8913] [ 257.956756][ T8925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.489'. [ 258.025189][ T8925] netlink: 354 bytes leftover after parsing attributes in process `syz.2.489'. [ 258.242648][ T29] audit: type=1804 audit(1771101321.846:5): pid=8926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.488" name="/newroot/117/file0" dev="tmpfs" ino=613 res=1 errno=0 [ 258.314104][ T29] audit: type=1804 audit(1771101321.916:6): pid=8926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.488" name="/newroot/117/file0" dev="tmpfs" ino=613 res=1 errno=0 [ 262.236845][ T8999] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 265.981932][ T51] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 265.981957][ T51] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 265.998369][ T51] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 265.998413][ T51] Bluetooth: hci0: adv larger than maximum supported [ 266.007986][ T51] Bluetooth: hci0: adv larger than maximum supported [ 266.015182][ T51] Bluetooth: hci0: Malformed LE Event: 0x0d [ 269.773285][ T9174] FAULT_INJECTION: forcing a failure. [ 269.773285][ T9174] name failslab, interval 1, probability 0, space 0, times 0 [ 269.864634][ T9174] CPU: 1 UID: 0 PID: 9174 Comm: syz.3.524 Tainted: G L syzkaller #0 PREEMPT(full) [ 269.864675][ T9174] Tainted: [L]=SOFTLOCKUP [ 269.864684][ T9174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 269.864698][ T9174] Call Trace: [ 269.864706][ T9174] [ 269.864720][ T9174] dump_stack_lvl+0x100/0x190 [ 269.864763][ T9174] should_fail_ex.cold+0x5/0xa [ 269.864793][ T9174] should_failslab+0xc2/0x120 [ 269.864832][ T9174] __kmalloc_cache_noprof+0x7a/0x6f0 [ 269.864862][ T9174] ? proc_thread_self_get_link+0x1a6/0x210 [ 269.864901][ T9174] proc_thread_self_get_link+0x1a6/0x210 [ 269.864932][ T9174] pick_link+0xac2/0x13c0 [ 269.864961][ T9174] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 269.864993][ T9174] step_into_slowpath+0x9ba/0xf90 [ 269.865031][ T9174] ? __pfx_step_into_slowpath+0x10/0x10 [ 269.865053][ T9174] ? lookup_fast+0x2da/0x600 [ 269.865068][ T9174] ? inode_permission+0x374/0x620 [ 269.865085][ T9174] link_path_walk+0xf28/0x1cc0 [ 269.865110][ T9174] path_openat+0x1be/0x31a0 [ 269.865130][ T9174] ? kasan_save_stack+0x3f/0x50 [ 269.865148][ T9174] ? kasan_save_stack+0x30/0x50 [ 269.865165][ T9174] ? kasan_save_track+0x14/0x30 [ 269.865183][ T9174] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 269.865206][ T9174] ? __pfx_path_openat+0x10/0x10 [ 269.865233][ T9174] do_file_open+0x20e/0x430 [ 269.865255][ T9174] ? __pfx_do_file_open+0x10/0x10 [ 269.865289][ T9174] ? alloc_fd+0x476/0x790 [ 269.865320][ T9174] ? do_getname+0x191/0x390 [ 269.865337][ T9174] do_sys_openat2+0x10d/0x1e0 [ 269.865355][ T9174] ? __pfx_do_sys_openat2+0x10/0x10 [ 269.865379][ T9174] __x64_sys_openat+0x12d/0x210 [ 269.865397][ T9174] ? __pfx___x64_sys_openat+0x10/0x10 [ 269.865420][ T9174] do_syscall_64+0x106/0xf80 [ 269.865438][ T9174] ? clear_bhb_loop+0x40/0x90 [ 269.865458][ T9174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.865473][ T9174] RIP: 0033:0x7f5d50b9bf79 [ 269.865487][ T9174] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 269.865502][ T9174] RSP: 002b:00007f5d51b44028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 269.865517][ T9174] RAX: ffffffffffffffda RBX: 00007f5d50e15fa0 RCX: 00007f5d50b9bf79 [ 269.865526][ T9174] RDX: 0000000000008800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 269.865536][ T9174] RBP: 00007f5d50c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 269.865545][ T9174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.865554][ T9174] R13: 00007f5d50e16038 R14: 00007f5d50e15fa0 R15: 00007ffe790d7058 [ 269.865576][ T9174] [ 270.841879][ T9193] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.526: iget: checksum invalid [ 270.855627][ T9193] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 270.906969][ T9193] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.526: iget: checksum invalid [ 271.012932][ T9193] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 271.120945][ T9193] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.526: iget: checksum invalid [ 271.234614][ T9193] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 271.412339][ T9193] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.526: iget: checksum invalid [ 271.444685][ T9193] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 271.564873][ T9193] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 271.655048][ T9193] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 273.479035][ T9242] FAULT_INJECTION: forcing a failure. [ 273.479035][ T9242] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 273.597678][ T9242] CPU: 1 UID: 0 PID: 9242 Comm: syz.0.535 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.597721][ T9242] Tainted: [L]=SOFTLOCKUP [ 273.597731][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 273.597745][ T9242] Call Trace: [ 273.597753][ T9242] [ 273.597762][ T9242] dump_stack_lvl+0x100/0x190 [ 273.597809][ T9242] should_fail_ex.cold+0x5/0xa [ 273.597842][ T9242] _copy_from_user+0x2e/0xd0 [ 273.597878][ T9242] copy_mount_options+0x76/0x190 [ 273.597913][ T9242] __x64_sys_mount+0x1ab/0x310 [ 273.597941][ T9242] ? __pfx___x64_sys_mount+0x10/0x10 [ 273.597978][ T9242] do_syscall_64+0x106/0xf80 [ 273.598022][ T9242] ? clear_bhb_loop+0x40/0x90 [ 273.598057][ T9242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.598085][ T9242] RIP: 0033:0x7fa6adf9bf79 [ 273.598109][ T9242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.598135][ T9242] RSP: 002b:00007fa6aed87028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 273.598161][ T9242] RAX: ffffffffffffffda RBX: 00007fa6ae216090 RCX: 00007fa6adf9bf79 [ 273.598180][ T9242] RDX: 0000200000000240 RSI: 0000000000000000 RDI: 0000200000000180 [ 273.598197][ T9242] RBP: 00007fa6ae0327e0 R08: 0000200000000280 R09: 0000000000000000 [ 273.598214][ T9242] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 273.598230][ T9242] R13: 00007fa6ae216128 R14: 00007fa6ae216090 R15: 00007ffe7e268168 [ 273.598262][ T9242] [ 273.963636][ T9198] hub 1-0:1.0: USB hub found [ 274.000692][ T9198] hub 1-0:1.0: 1 port detected [ 275.638662][ T9271] netlink: 4 bytes leftover after parsing attributes in process `syz.0.539'. [ 275.707433][ T9267] netlink: 'syz.0.539': attribute type 1 has an invalid length. [ 275.732496][ T9267] netlink: 13 bytes leftover after parsing attributes in process `syz.0.539'. [ 277.271594][ T9301] __vm_enough_memory: pid: 9301, comm: syz.2.543, bytes: 4398046511104 not enough memory for the allocation [ 278.959079][ T9334] blktrace: Concurrent blktraces are not allowed on loop2 [ 280.750623][ T9370] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 282.321763][ T29] audit: type=1800 audit(1771101345.926:7): pid=9395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.560" name="lu_gp_id" dev="configfs" ino=32501 res=0 errno=0 [ 282.322038][ T9395] kstrtoul() returned -22 for lu_gp_id [ 282.377246][ T9398] zswap: compressor not available [ 284.143309][ T9419] hub 1-0:1.0: USB hub found [ 284.153397][ T9419] hub 1-0:1.0: 1 port detected [ 284.392094][ T9185] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9 [ 284.404662][ T9443] netlink: set zone limit has 8 unknown bytes [ 284.424155][ T9443] netlink: zone id is out of range [ 284.430240][ T9443] netlink: zone id is out of range [ 284.436269][ T9443] netlink: zone id is out of range [ 284.441418][ T9443] netlink: zone id is out of range [ 284.467371][ T9443] netlink: zone id is out of range [ 284.472536][ T9443] netlink: zone id is out of range [ 284.489939][ T9443] netlink: zone id is out of range [ 284.504905][ T9443] netlink: zone id is out of range [ 284.510093][ T9443] netlink: zone id is out of range [ 284.983449][ T9457] netlink: 4 bytes leftover after parsing attributes in process `syz.1.571'. [ 286.767568][ T9179] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 915 with max blocks 12 with error 117 [ 286.799469][ T9179] EXT4-fs (sda1): This should not happen!! Data will be lost [ 286.799469][ T9179] [ 287.645668][ T9185] Bluetooth: hci2: Malformed LE Event: 0x0b [ 288.299722][ T29] audit: type=1804 audit(1771101351.906:8): pid=9519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.582" name="/newroot/141/file0" dev="tmpfs" ino=734 res=1 errno=0 [ 288.346777][ T29] audit: type=1804 audit(1771101351.956:9): pid=9519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.582" name="/newroot/141/file0" dev="tmpfs" ino=734 res=1 errno=0 [ 290.001318][ T9545] netlink: 4128 bytes leftover after parsing attributes in process `syz.3.588'. [ 290.575641][ T9559] FAULT_INJECTION: forcing a failure. [ 290.575641][ T9559] name failslab, interval 1, probability 0, space 0, times 0 [ 290.590779][ T9559] CPU: 1 UID: 0 PID: 9559 Comm: syz.3.591 Tainted: G L syzkaller #0 PREEMPT(full) [ 290.590824][ T9559] Tainted: [L]=SOFTLOCKUP [ 290.590833][ T9559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 290.590849][ T9559] Call Trace: [ 290.590859][ T9559] [ 290.590869][ T9559] dump_stack_lvl+0x100/0x190 [ 290.590915][ T9559] should_fail_ex.cold+0x5/0xa [ 290.590946][ T9559] should_failslab+0xc2/0x120 [ 290.590988][ T9559] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 290.591025][ T9559] ? __alloc_skb+0x140/0x710 [ 290.591063][ T9559] __alloc_skb+0x140/0x710 [ 290.591094][ T9559] ? __alloc_skb+0x5b7/0x710 [ 290.591126][ T9559] ? __pfx___alloc_skb+0x10/0x10 [ 290.591161][ T9559] ? __pfx___register_sysctl_table+0x10/0x10 [ 290.591195][ T9559] ? is_module_address+0x69/0xf0 [ 290.591234][ T9559] inet_netconf_notify_devconf+0x9d/0x170 [ 290.591279][ T9559] __devinet_sysctl_register+0x227/0x360 [ 290.591321][ T9559] ? trace_kmalloc+0x101/0x130 [ 290.591356][ T9559] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 290.591411][ T9559] ? __asan_memcpy+0x3c/0x60 [ 290.591447][ T9559] devinet_init_net+0x334/0x8d0 [ 290.591491][ T9559] ? __pfx_devinet_init_net+0x10/0x10 [ 290.591531][ T9559] ops_init+0x1e2/0x5f0 [ 290.591572][ T9559] setup_net+0x118/0x3a0 [ 290.591605][ T9559] ? __pfx_setup_net+0x10/0x10 [ 290.591637][ T9559] ? lockdep_init_map_type+0x5c/0x250 [ 290.591672][ T9559] ? mutex_init_lockep+0x110/0x150 [ 290.591710][ T9559] copy_net_ns+0x46f/0x7c0 [ 290.591747][ T9559] create_new_namespaces+0x3ea/0xac0 [ 290.591795][ T9559] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 290.591825][ T9559] ksys_unshare+0x455/0xab0 [ 290.591858][ T9559] ? __pfx_ksys_unshare+0x10/0x10 [ 290.591902][ T9559] __x64_sys_unshare+0x31/0x40 [ 290.591934][ T9559] do_syscall_64+0x106/0xf80 [ 290.591967][ T9559] ? clear_bhb_loop+0x40/0x90 [ 290.591999][ T9559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.592026][ T9559] RIP: 0033:0x7f5d50b9bf79 [ 290.592049][ T9559] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 290.592075][ T9559] RSP: 002b:00007f5d51b44028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 290.592103][ T9559] RAX: ffffffffffffffda RBX: 00007f5d50e15fa0 RCX: 00007f5d50b9bf79 [ 290.592122][ T9559] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 290.592138][ T9559] RBP: 00007f5d50c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 290.592155][ T9559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 290.592171][ T9559] R13: 00007f5d50e16038 R14: 00007f5d50e15fa0 R15: 00007ffe790d7058 [ 290.592209][ T9559] [ 291.868928][ T9582] binder: 9581:9582 ioctl c018620c 0 returned -1 [ 295.956629][ T9653] binder: 9644:9653 ioctl c018620c 0 returned -1 [ 297.799742][ T9678] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 297.859183][ T9678] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 297.937167][ T9678] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 298.140671][ T9684] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum [ 298.485090][ T9687] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 298.502608][ T9687] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 298.513662][ T9687] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 298.550570][ T9687] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 298.562486][ T9687] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 298.999948][ T9695] __vm_enough_memory: pid: 9695, comm: syz.0.615, bytes: 4398046511104 not enough memory for the allocation [ 299.150601][ T9686] chnl_net:caif_netlink_parms(): no params data found [ 299.452063][ T9686] bridge0: port 1(bridge_slave_0) entered blocking state [ 299.459838][ T9686] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.467847][ T9686] bridge_slave_0: entered allmulticast mode [ 299.487998][ T9686] bridge_slave_0: entered promiscuous mode [ 299.530640][ T9686] bridge0: port 2(bridge_slave_1) entered blocking state [ 299.547362][ T9686] bridge0: port 2(bridge_slave_1) entered disabled state [ 299.554693][ T9686] bridge_slave_1: entered allmulticast mode [ 299.583162][ T9686] bridge_slave_1: entered promiscuous mode [ 299.700891][ T9686] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 299.725863][ T9686] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 299.783808][ T9686] team0: Port device team_slave_0 added [ 299.803239][ T9686] team0: Port device team_slave_1 added [ 299.850195][ T9686] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 299.875221][ T9686] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 299.913041][ T9686] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 299.936055][ T9686] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 299.943297][ T9686] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 299.999428][ T9686] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 300.122778][ T9686] hsr_slave_0: entered promiscuous mode [ 300.145390][ T9686] hsr_slave_1: entered promiscuous mode [ 300.162641][ T9686] debugfs: 'hsr0' already exists in 'hsr' [ 300.171564][ T9686] Cannot create hsr debugfs directory [ 300.485618][ T29] audit: type=1804 audit(2147483652.711:10): pid=9722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.619" name="/newroot/165/file0" dev="tmpfs" ino=870 res=1 errno=0 [ 300.568551][ T29] audit: type=1804 audit(2147483652.721:11): pid=9723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.619" name="/newroot/165/file0" dev="tmpfs" ino=870 res=1 errno=0 [ 300.676068][ T9687] Bluetooth: hci4: command tx timeout [ 301.175273][ T9686] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 301.197014][ T9686] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 301.229717][ T9686] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 301.369276][ T9686] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 301.734033][ T9686] 8021q: adding VLAN 0 to HW filter on device bond0 [ 301.752753][ T9686] 8021q: adding VLAN 0 to HW filter on device team0 [ 301.800871][ T9552] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.808254][ T9552] bridge0: port 1(bridge_slave_0) entered forwarding state [ 301.963883][ T9552] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.971091][ T9552] bridge0: port 2(bridge_slave_1) entered forwarding state [ 302.732017][ T9686] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 302.755574][ T9687] Bluetooth: hci4: command tx timeout [ 303.862606][ T9686] veth0_vlan: entered promiscuous mode [ 303.899559][ T9686] veth1_vlan: entered promiscuous mode [ 304.027245][ T9686] veth0_macvtap: entered promiscuous mode [ 304.060832][ T9686] veth1_macvtap: entered promiscuous mode [ 304.070916][ T9789] __vm_enough_memory: pid: 9789, comm: syz.3.627, bytes: 4398046511104 not enough memory for the allocation [ 304.110378][ T9686] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 304.149726][ T9686] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 304.185302][ T9552] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.194551][ T9552] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.256130][ T9552] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.267272][ T9552] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.803298][ T9792] FAULT_INJECTION: forcing a failure. [ 304.803298][ T9792] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 304.825184][ T9792] CPU: 0 UID: 0 PID: 9792 Comm: syz.0.628 Tainted: G L syzkaller #0 PREEMPT(full) [ 304.825228][ T9792] Tainted: [L]=SOFTLOCKUP [ 304.825237][ T9792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 304.825252][ T9792] Call Trace: [ 304.825260][ T9792] [ 304.825269][ T9792] dump_stack_lvl+0x100/0x190 [ 304.825322][ T9792] should_fail_ex.cold+0x5/0xa [ 304.825347][ T9792] ? prepare_alloc_pages+0x16d/0x5f0 [ 304.825390][ T9792] should_fail_alloc_page+0xeb/0x140 [ 304.825431][ T9792] prepare_alloc_pages+0x1f0/0x5f0 [ 304.825479][ T9792] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 304.825515][ T9792] ? __sys_sendmmsg+0x205/0x430 [ 304.825553][ T9792] ? __x64_sys_sendmmsg+0x9c/0x100 [ 304.825586][ T9792] ? __kernel_text_address+0xd/0x30 [ 304.825625][ T9792] ? unwind_get_return_address+0x59/0xa0 [ 304.825654][ T9792] ? arch_stack_walk+0x88/0xf0 [ 304.825690][ T9792] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 304.825729][ T9792] ? stack_trace_save+0x8e/0xc0 [ 304.825771][ T9792] ? __pfx_stack_trace_save+0x10/0x10 [ 304.825811][ T9792] ? __pfx___might_resched+0x10/0x10 [ 304.825849][ T9792] ? stack_depot_save_flags+0x27/0x9d0 [ 304.825897][ T9792] ? __lock_acquire+0x4a5/0x2630 [ 304.825931][ T9792] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 304.825975][ T9792] ? policy_nodemask+0xed/0x4f0 [ 304.826019][ T9792] alloc_pages_mpol+0x1fb/0x550 [ 304.826062][ T9792] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 304.826102][ T9792] ? __lock_acquire+0x4a5/0x2630 [ 304.826142][ T9792] alloc_pages_noprof+0x131/0x390 [ 304.826182][ T9792] pte_alloc_one+0x1e/0x3e0 [ 304.826211][ T9792] do_huge_pmd_anonymous_page+0x835/0x1a60 [ 304.826258][ T9792] __handle_mm_fault+0x1e9e/0x2b60 [ 304.826297][ T9792] ? mt_find+0x45e/0x8e0 [ 304.826347][ T9792] ? __pfx___handle_mm_fault+0x10/0x10 [ 304.826378][ T9792] ? __pfx_mt_find+0x10/0x10 [ 304.826448][ T9792] handle_mm_fault+0x36d/0xa20 [ 304.826488][ T9792] __get_user_pages+0xf9c/0x34d0 [ 304.826543][ T9792] ? down_read_killable+0x30e/0x4c0 [ 304.826583][ T9792] ? __lock_acquire+0x4a5/0x2630 [ 304.826616][ T9792] ? __pfx___get_user_pages+0x10/0x10 [ 304.826658][ T9792] ? __lock_acquire+0x4a5/0x2630 [ 304.826701][ T9792] __gup_longterm_locked+0x87d/0x16f0 [ 304.826757][ T9792] ? __pfx___gup_longterm_locked+0x10/0x10 [ 304.826805][ T9792] ? try_get_folio+0x262/0x750 [ 304.826843][ T9792] ? pmd_write+0xd3/0x150 [ 304.826881][ T9792] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 304.826932][ T9792] gup_fast_fallback+0x18c6/0x2460 [ 304.827004][ T9792] ? __pfx_gup_fast_fallback+0x10/0x10 [ 304.827054][ T9792] ? kasan_save_stack+0x30/0x50 [ 304.827088][ T9792] ? kasan_save_track+0x14/0x30 [ 304.827123][ T9792] ? __kasan_slab_alloc+0x89/0x90 [ 304.827160][ T9792] ? mempool_alloc_noprof+0x1b7/0x310 [ 304.827198][ T9792] ? bvec_alloc+0x197/0x210 [ 304.827224][ T9792] ? bio_alloc_bioset+0x59e/0x850 [ 304.827252][ T9792] ? blkdev_direct_IO+0xeae/0x1fb0 [ 304.827289][ T9792] ? blkdev_write_iter+0x703/0xd70 [ 304.827334][ T9792] ? vfs_write+0x6ac/0x1070 [ 304.827370][ T9792] ? ksys_write+0x12a/0x250 [ 304.827404][ T9792] ? do_syscall_64+0x106/0xf80 [ 304.827436][ T9792] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.827469][ T9792] pin_user_pages_fast+0xa7/0xf0 [ 304.827496][ T9792] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 304.827522][ T9792] ? iov_iter_advance+0xac/0x6d0 [ 304.827558][ T9792] iov_iter_extract_pages+0xa0d/0x1ef0 [ 304.827601][ T9792] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 304.827642][ T9792] ? iov_iter_revert+0x252/0x5b0 [ 304.827672][ T9792] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 304.827716][ T9792] iov_iter_extract_bvecs+0x10e/0xf40 [ 304.827766][ T9792] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 304.827804][ T9792] ? bio_init+0x404/0x610 [ 304.827850][ T9792] bio_iov_iter_get_pages+0x26a/0x970 [ 304.827894][ T9792] blkdev_direct_IO+0x1302/0x1fb0 [ 304.827946][ T9792] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 304.827995][ T9792] blkdev_write_iter+0x703/0xd70 [ 304.828037][ T9792] vfs_write+0x6ac/0x1070 [ 304.828067][ T9792] ? __pfx_blkdev_write_iter+0x10/0x10 [ 304.828090][ T9792] ? __pfx_vfs_write+0x10/0x10 [ 304.828108][ T9792] ? find_held_lock+0x2b/0x80 [ 304.828145][ T9792] ksys_write+0x12a/0x250 [ 304.828164][ T9792] ? __pfx_ksys_write+0x10/0x10 [ 304.828189][ T9792] do_syscall_64+0x106/0xf80 [ 304.828206][ T9792] ? clear_bhb_loop+0x40/0x90 [ 304.828224][ T9792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.828239][ T9792] RIP: 0033:0x7fa6adf9bf79 [ 304.828252][ T9792] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 304.828266][ T9792] RSP: 002b:00007fa6aeda8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 304.828286][ T9792] RAX: ffffffffffffffda RBX: 00007fa6ae215fa0 RCX: 00007fa6adf9bf79 [ 304.828296][ T9792] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000004 [ 304.828310][ T9792] RBP: 00007fa6ae0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 304.828319][ T9792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.828327][ T9792] R13: 00007fa6ae216038 R14: 00007fa6ae215fa0 R15: 00007ffe7e268168 [ 304.828347][ T9792] [ 304.846578][ T9687] Bluetooth: hci4: command tx timeout [ 305.589116][ T9229] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.661068][ T9229] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 305.680540][ T9175] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 920 with max blocks 7 with error 117 [ 305.705316][ T9175] EXT4-fs (sda1): This should not happen!! Data will be lost [ 305.705316][ T9175] [ 305.728507][ T9175] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1363 with max blocks 1 with error 117 [ 305.742810][ T9175] EXT4-fs (sda1): This should not happen!! Data will be lost [ 305.742810][ T9175] [ 305.827859][ T9179] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 305.847598][ T9179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 307.415759][ T9687] Bluetooth: hci4: command tx timeout [ 308.433411][ T9838] binder: 9837:9838 ioctl c018620c 0 returned -1 [ 309.730208][ T9866] __vm_enough_memory: pid: 9866, comm: syz.1.639, bytes: 4398046511104 not enough memory for the allocation [ 313.960142][ T9925] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 314.261197][ T9926] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 316.761874][ T9969] FAULT_INJECTION: forcing a failure. [ 316.761874][ T9969] name failslab, interval 1, probability 0, space 0, times 0 [ 316.784915][ T9969] CPU: 1 UID: 0 PID: 9969 Comm: syz.4.656 Tainted: G L syzkaller #0 PREEMPT(full) [ 316.784961][ T9969] Tainted: [L]=SOFTLOCKUP [ 316.784971][ T9969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 316.784987][ T9969] Call Trace: [ 316.784996][ T9969] [ 316.785006][ T9969] dump_stack_lvl+0x100/0x190 [ 316.785064][ T9969] should_fail_ex.cold+0x5/0xa [ 316.785098][ T9969] ? __register_sysctl_table+0xbe4/0x1650 [ 316.785133][ T9969] should_failslab+0xc2/0x120 [ 316.785176][ T9969] __kmalloc_noprof+0xe0/0x850 [ 316.785221][ T9969] __register_sysctl_table+0xbe4/0x1650 [ 316.785263][ T9969] ? __pfx___register_sysctl_table+0x10/0x10 [ 316.785296][ T9969] ? is_module_address+0x69/0xf0 [ 316.785327][ T9969] ? register_net_sysctl_sz+0x222/0x430 [ 316.785378][ T9969] __devinet_sysctl_register+0x1b9/0x360 [ 316.785424][ T9969] ? trace_kmalloc+0x101/0x130 [ 316.785466][ T9969] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 316.785516][ T9969] ? __asan_memcpy+0x3c/0x60 [ 316.785552][ T9969] devinet_init_net+0x334/0x8d0 [ 316.785595][ T9969] ? __pfx_devinet_init_net+0x10/0x10 [ 316.785635][ T9969] ops_init+0x1e2/0x5f0 [ 316.785676][ T9969] setup_net+0x118/0x3a0 [ 316.785713][ T9969] ? __pfx_setup_net+0x10/0x10 [ 316.785746][ T9969] ? lockdep_init_map_type+0x5c/0x250 [ 316.785782][ T9969] ? mutex_init_lockep+0x110/0x150 [ 316.785822][ T9969] copy_net_ns+0x46f/0x7c0 [ 316.785865][ T9969] create_new_namespaces+0x3ea/0xac0 [ 316.785918][ T9969] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 316.785949][ T9969] ksys_unshare+0x455/0xab0 [ 316.785985][ T9969] ? __pfx_ksys_unshare+0x10/0x10 [ 316.786033][ T9969] __x64_sys_unshare+0x31/0x40 [ 316.786080][ T9969] do_syscall_64+0x106/0xf80 [ 316.786117][ T9969] ? clear_bhb_loop+0x40/0x90 [ 316.786151][ T9969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.786179][ T9969] RIP: 0033:0x7f13b199bf79 [ 316.786203][ T9969] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 316.786229][ T9969] RSP: 002b:00007f13b28d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 316.786256][ T9969] RAX: ffffffffffffffda RBX: 00007f13b1c15fa0 RCX: 00007f13b199bf79 [ 316.786275][ T9969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 316.786292][ T9969] RBP: 00007f13b1a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 316.786308][ T9969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.786324][ T9969] R13: 00007f13b1c16038 R14: 00007f13b1c15fa0 R15: 00007ffc302eb238 [ 316.786362][ T9969] [ 316.788276][ T9969] sysctl could not get directory: /net/ipv4/conf/default -12 [ 317.291020][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.298198][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.599016][ T9253] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1346 with max blocks 6 with error 117 [ 317.711529][ T9253] EXT4-fs (sda1): This should not happen!! Data will be lost [ 317.711529][ T9253] [ 317.734452][ T9253] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1359 with max blocks 5 with error 117 [ 317.754903][ T9253] EXT4-fs (sda1): This should not happen!! Data will be lost [ 317.754903][ T9253] [ 318.363789][ T9986] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 318.392782][ T9986] FAULT_INJECTION: forcing a failure. [ 318.392782][ T9986] name failslab, interval 1, probability 0, space 0, times 0 [ 318.405991][ T9986] CPU: 0 UID: 0 PID: 9986 Comm: syz.4.660 Tainted: G L syzkaller #0 PREEMPT(full) [ 318.406016][ T9986] Tainted: [L]=SOFTLOCKUP [ 318.406021][ T9986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 318.406030][ T9986] Call Trace: [ 318.406035][ T9986] [ 318.406041][ T9986] dump_stack_lvl+0x100/0x190 [ 318.406067][ T9986] should_fail_ex.cold+0x5/0xa [ 318.406086][ T9986] should_failslab+0xc2/0x120 [ 318.406107][ T9986] __kmalloc_cache_noprof+0x7a/0x6f0 [ 318.406123][ T9986] ? trace_pid_list_alloc+0x2fe/0x480 [ 318.406148][ T9986] trace_pid_list_alloc+0x2fe/0x480 [ 318.406173][ T9986] trace_pid_write+0x110/0x460 [ 318.406194][ T9986] ? __pfx_trace_pid_write+0x10/0x10 [ 318.406244][ T9986] event_pid_write.isra.0+0x1e4/0x800 [ 318.406284][ T9986] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 318.406328][ T9986] vfs_write+0x2aa/0x1070 [ 318.406363][ T9986] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 318.406403][ T9986] ? __pfx_vfs_write+0x10/0x10 [ 318.406437][ T9986] ? __fget_files+0x215/0x3d0 [ 318.406468][ T9986] ? __fget_files+0x21f/0x3d0 [ 318.406492][ T9986] ksys_write+0x12a/0x250 [ 318.406512][ T9986] ? __pfx_ksys_write+0x10/0x10 [ 318.406530][ T9986] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 318.406548][ T9986] ? syscall_user_dispatch+0x76/0x130 [ 318.406570][ T9986] do_syscall_64+0x106/0xf80 [ 318.406589][ T9986] ? clear_bhb_loop+0x40/0x90 [ 318.406608][ T9986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.406623][ T9986] RIP: 0033:0x7f13b199bf79 [ 318.406637][ T9986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 318.406651][ T9986] RSP: 002b:00007f13b28d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 318.406666][ T9986] RAX: ffffffffffffffda RBX: 00007f13b1c15fa0 RCX: 00007f13b199bf79 [ 318.406675][ T9986] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 318.406684][ T9986] RBP: 00007f13b1a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 318.406692][ T9986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.406700][ T9986] R13: 00007f13b1c16038 R14: 00007f13b1c15fa0 R15: 00007ffc302eb238 [ 318.406720][ T9986] [ 319.634967][ T9985] hub 1-0:1.0: USB hub found [ 319.649761][ T9985] hub 1-0:1.0: 1 port detected [ 321.378250][T10029] FAULT_INJECTION: forcing a failure. [ 321.378250][T10029] name failslab, interval 1, probability 0, space 0, times 0 [ 321.465242][T10029] CPU: 1 UID: 0 PID: 10029 Comm: syz.0.667 Tainted: G L syzkaller #0 PREEMPT(full) [ 321.465286][T10029] Tainted: [L]=SOFTLOCKUP [ 321.465296][T10029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 321.465312][T10029] Call Trace: [ 321.465320][T10029] [ 321.465330][T10029] dump_stack_lvl+0x100/0x190 [ 321.465376][T10029] should_fail_ex.cold+0x5/0xa [ 321.465409][T10029] should_failslab+0xc2/0x120 [ 321.465450][T10029] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 321.465489][T10029] ? fib_notifier_ops_register+0x32/0x270 [ 321.465525][T10029] ? __debug_object_init+0x2de/0x3d0 [ 321.465560][T10029] kmemdup_noprof+0x29/0x60 [ 321.465594][T10029] fib_notifier_ops_register+0x32/0x270 [ 321.465632][T10029] fib4_notifier_init+0x4f/0xd0 [ 321.465668][T10029] fib_net_init+0xbf/0x3f0 [ 321.465709][T10029] ? is_module_address+0x69/0xf0 [ 321.465738][T10029] ? __pfx_fib_net_init+0x10/0x10 [ 321.465775][T10029] ? timer_init_key+0x150/0x340 [ 321.465810][T10029] ? devinet_init_net+0x56c/0x8d0 [ 321.465863][T10029] ? __pfx_fib_net_init+0x10/0x10 [ 321.465903][T10029] ops_init+0x1e2/0x5f0 [ 321.465943][T10029] setup_net+0x118/0x3a0 [ 321.465981][T10029] ? __pfx_setup_net+0x10/0x10 [ 321.466013][T10029] ? lockdep_init_map_type+0x5c/0x250 [ 321.466046][T10029] ? mutex_init_lockep+0x110/0x150 [ 321.466085][T10029] copy_net_ns+0x46f/0x7c0 [ 321.466124][T10029] create_new_namespaces+0x3ea/0xac0 [ 321.466178][T10029] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 321.466210][T10029] ksys_unshare+0x455/0xab0 [ 321.466247][T10029] ? __pfx_ksys_unshare+0x10/0x10 [ 321.466295][T10029] __x64_sys_unshare+0x31/0x40 [ 321.466328][T10029] do_syscall_64+0x106/0xf80 [ 321.466363][T10029] ? clear_bhb_loop+0x40/0x90 [ 321.466397][T10029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.466426][T10029] RIP: 0033:0x7fa6adf9bf79 [ 321.466450][T10029] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 321.466477][T10029] RSP: 002b:00007fa6aeda8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 321.466504][T10029] RAX: ffffffffffffffda RBX: 00007fa6ae215fa0 RCX: 00007fa6adf9bf79 [ 321.466523][T10029] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 321.466540][T10029] RBP: 00007fa6ae0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 321.466557][T10029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.466574][T10029] R13: 00007fa6ae216038 R14: 00007fa6ae215fa0 R15: 00007ffe7e268168 [ 321.466613][T10029] [ 322.878096][T10050] FAULT_INJECTION: forcing a failure. [ 322.878096][T10050] name failslab, interval 1, probability 0, space 0, times 0 [ 322.909358][T10050] CPU: 1 UID: 0 PID: 10050 Comm: syz.0.671 Tainted: G L syzkaller #0 PREEMPT(full) [ 322.909407][T10050] Tainted: [L]=SOFTLOCKUP [ 322.909416][T10050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 322.909431][T10050] Call Trace: [ 322.909441][T10050] [ 322.909451][T10050] dump_stack_lvl+0x100/0x190 [ 322.909493][T10050] should_fail_ex.cold+0x5/0xa [ 322.909524][T10050] should_failslab+0xc2/0x120 [ 322.909565][T10050] __kmalloc_cache_noprof+0x7a/0x6f0 [ 322.909595][T10050] ? trace_pid_list_alloc+0x232/0x480 [ 322.909642][T10050] trace_pid_list_alloc+0x232/0x480 [ 322.909683][T10050] trace_pid_write+0x110/0x460 [ 322.909722][T10050] ? __pfx_trace_pid_write+0x10/0x10 [ 322.909784][T10050] event_pid_write.isra.0+0x1e4/0x800 [ 322.909834][T10050] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 322.909888][T10050] vfs_write+0x2aa/0x1070 [ 322.909922][T10050] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 322.909965][T10050] ? __pfx_vfs_write+0x10/0x10 [ 322.909998][T10050] ? __fget_files+0x215/0x3d0 [ 322.910042][T10050] ? __fget_files+0x21f/0x3d0 [ 322.910092][T10050] ksys_write+0x12a/0x250 [ 322.910126][T10050] ? __pfx_ksys_write+0x10/0x10 [ 322.910160][T10050] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 322.910193][T10050] ? syscall_user_dispatch+0x76/0x130 [ 322.910234][T10050] do_syscall_64+0x106/0xf80 [ 322.910270][T10050] ? clear_bhb_loop+0x40/0x90 [ 322.910304][T10050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.910333][T10050] RIP: 0033:0x7fa6adf9bf79 [ 322.910355][T10050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 322.910381][T10050] RSP: 002b:00007fa6aeda8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 322.910408][T10050] RAX: ffffffffffffffda RBX: 00007fa6ae215fa0 RCX: 00007fa6adf9bf79 [ 322.910427][T10050] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 322.910443][T10050] RBP: 00007fa6ae0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 322.910457][T10050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.910472][T10050] R13: 00007fa6ae216038 R14: 00007fa6ae215fa0 R15: 00007ffe7e268168 [ 322.910508][T10050] [ 323.287354][T10054] nvme_fcloop: unknown parameter or missing value '7' [ 324.521429][T10076] hub 1-0:1.0: USB hub found [ 324.546887][T10076] hub 1-0:1.0: 1 port detected [ 325.062813][ T9185] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 325.073037][ T9185] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 325.083131][ T9185] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 325.094069][ T9185] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 325.103699][ T9185] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 325.718774][T10089] chnl_net:caif_netlink_parms(): no params data found [ 325.854368][T10089] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.874584][T10089] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.890309][T10089] bridge_slave_0: entered allmulticast mode [ 325.899199][T10089] bridge_slave_0: entered promiscuous mode [ 325.915598][T10089] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.922705][T10089] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.935127][T10089] bridge_slave_1: entered allmulticast mode [ 325.957270][T10089] bridge_slave_1: entered promiscuous mode [ 325.998943][T10089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 326.011752][T10089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 326.040306][T10089] team0: Port device team_slave_0 added [ 326.048494][T10089] team0: Port device team_slave_1 added [ 326.073906][T10089] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 326.080925][T10089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 326.107285][T10089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 326.120689][T10089] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 326.128295][T10089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 326.154352][T10089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 326.196021][T10089] hsr_slave_0: entered promiscuous mode [ 326.202565][T10089] hsr_slave_1: entered promiscuous mode [ 326.208948][T10089] debugfs: 'hsr0' already exists in 'hsr' [ 326.216076][T10089] Cannot create hsr debugfs directory [ 326.360413][T10089] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 326.370496][T10089] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 326.381380][T10089] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 326.392594][T10089] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 326.424540][T10089] bridge0: port 2(bridge_slave_1) entered blocking state [ 326.431708][T10089] bridge0: port 2(bridge_slave_1) entered forwarding state [ 326.439184][T10089] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.446309][T10089] bridge0: port 1(bridge_slave_0) entered forwarding state [ 326.500040][T10089] 8021q: adding VLAN 0 to HW filter on device bond0 [ 326.519861][ T9552] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.528884][ T9552] bridge0: port 2(bridge_slave_1) entered disabled state [ 326.542357][T10089] 8021q: adding VLAN 0 to HW filter on device team0 [ 326.556824][ T9229] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.563946][ T9229] bridge0: port 1(bridge_slave_0) entered forwarding state [ 326.580110][ T9229] bridge0: port 2(bridge_slave_1) entered blocking state [ 326.587237][ T9229] bridge0: port 2(bridge_slave_1) entered forwarding state [ 326.769419][T10089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 326.968065][T10089] veth0_vlan: entered promiscuous mode [ 326.978942][T10089] veth1_vlan: entered promiscuous mode [ 327.007707][T10089] veth0_macvtap: entered promiscuous mode [ 327.017625][T10089] veth1_macvtap: entered promiscuous mode [ 327.036254][T10089] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 327.051425][T10089] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 327.067891][ T9178] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.078748][ T9178] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.090534][ T9178] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.101271][ T9178] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.154951][ T9185] Bluetooth: hci5: command tx timeout [ 327.173481][ T9178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.182325][ T9178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.212720][ T9552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.222048][ T9552] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.359254][ T29] audit: type=1800 audit(2147483651.921:12): pid=10129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.689" name="dbroot" dev="configfs" ino=38452 res=0 errno=0 [ 327.486601][T10132] netlink: 4 bytes leftover after parsing attributes in process `syz.4.688'. [ 327.711710][T10137] netlink: 25 bytes leftover after parsing attributes in process `syz.4.688'. [ 329.246283][ T9185] Bluetooth: hci5: command tx timeout [ 330.761111][T10164] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 330.805443][T10164] FAULT_INJECTION: forcing a failure. [ 330.805443][T10164] name failslab, interval 1, probability 0, space 0, times 0 [ 330.820165][T10164] CPU: 1 UID: 0 PID: 10164 Comm: syz.5.682 Tainted: G L syzkaller #0 PREEMPT(full) [ 330.820210][T10164] Tainted: [L]=SOFTLOCKUP [ 330.820219][T10164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 330.820235][T10164] Call Trace: [ 330.820243][T10164] [ 330.820255][T10164] dump_stack_lvl+0x100/0x190 [ 330.820301][T10164] should_fail_ex.cold+0x5/0xa [ 330.820334][T10164] should_failslab+0xc2/0x120 [ 330.820376][T10164] __kmalloc_cache_noprof+0x7a/0x6f0 [ 330.820406][T10164] ? trace_pid_list_alloc+0x2fe/0x480 [ 330.820453][T10164] trace_pid_list_alloc+0x2fe/0x480 [ 330.820496][T10164] trace_pid_write+0x110/0x460 [ 330.820538][T10164] ? __pfx_trace_pid_write+0x10/0x10 [ 330.820600][T10164] event_pid_write.isra.0+0x1e4/0x800 [ 330.820640][T10164] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 330.820683][T10164] vfs_write+0x2aa/0x1070 [ 330.820716][T10164] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 330.820770][T10164] ? __pfx_vfs_write+0x10/0x10 [ 330.820804][T10164] ? __fget_files+0x215/0x3d0 [ 330.820845][T10164] ? __fget_files+0x21f/0x3d0 [ 330.820891][T10164] ksys_write+0x12a/0x250 [ 330.820925][T10164] ? __pfx_ksys_write+0x10/0x10 [ 330.820960][T10164] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 330.820995][T10164] ? syscall_user_dispatch+0x76/0x130 [ 330.821037][T10164] do_syscall_64+0x106/0xf80 [ 330.821072][T10164] ? clear_bhb_loop+0x40/0x90 [ 330.821108][T10164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.821136][T10164] RIP: 0033:0x7f0561d9bf79 [ 330.821158][T10164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 330.821184][T10164] RSP: 002b:00007f055fff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 330.821208][T10164] RAX: ffffffffffffffda RBX: 00007f0562015fa0 RCX: 00007f0561d9bf79 [ 330.821224][T10164] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 330.821248][T10164] RBP: 00007f0561e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 330.821264][T10164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.821280][T10164] R13: 00007f0562016038 R14: 00007f0562015fa0 R15: 00007ffc3395f128 [ 330.821316][T10164] [ 331.325055][ T9185] Bluetooth: hci5: command tx timeout [ 333.259439][T10210] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 333.395107][ T9185] Bluetooth: hci5: command tx timeout [ 338.818777][T10298] bridge0: port 4(gretap0) entered blocking state [ 338.827110][T10298] bridge0: port 4(gretap0) entered disabled state [ 338.837845][T10298] gretap0: entered allmulticast mode [ 338.932576][T10298] gretap0: entered promiscuous mode [ 338.941845][T10298] FAULT_INJECTION: forcing a failure. [ 338.941845][T10298] name failslab, interval 1, probability 0, space 0, times 0 [ 338.960969][T10298] CPU: 0 UID: 0 PID: 10298 Comm: syz.0.711 Tainted: G L syzkaller #0 PREEMPT(full) [ 338.961013][T10298] Tainted: [L]=SOFTLOCKUP [ 338.961023][T10298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 338.961038][T10298] Call Trace: [ 338.961048][T10298] [ 338.961058][T10298] dump_stack_lvl+0x100/0x190 [ 338.961104][T10298] should_fail_ex.cold+0x5/0xa [ 338.961136][T10298] should_failslab+0xc2/0x120 [ 338.961179][T10298] __kmalloc_cache_noprof+0x7a/0x6f0 [ 338.961217][T10298] ? nbp_vlan_init+0x163/0x500 [ 338.961258][T10298] nbp_vlan_init+0x163/0x500 [ 338.961291][T10298] ? __pfx_nbp_vlan_init+0x10/0x10 [ 338.961333][T10298] ? br_fdb_add_local+0x43/0x60 [ 338.961359][T10298] ? __local_bh_enable_ip+0xff/0x120 [ 338.961393][T10298] br_add_if+0xf79/0x1b40 [ 338.961426][T10298] ? veth_get_iflink+0x1e3/0x2c0 [ 338.961473][T10298] add_del_if+0x114/0x160 [ 338.961509][T10298] br_dev_siocdevprivate+0x8ac/0x1650 [ 338.961549][T10298] ? __pfx_br_dev_siocdevprivate+0x10/0x10 [ 338.961600][T10298] ? lock_acquire+0x1cf/0x380 [ 338.961646][T10298] ? netdev_name_node_lookup+0x107/0x150 [ 338.961676][T10298] ? __mutex_lock+0x26a/0x1b90 [ 338.961721][T10298] dev_ifsioc+0xc1e/0x1e90 [ 338.961758][T10298] ? __pfx_dev_ifsioc+0x10/0x10 [ 338.961788][T10298] ? __pfx___mutex_lock+0x10/0x10 [ 338.961837][T10298] ? dev_load+0x8e/0x240 [ 338.961865][T10298] ? dev_load+0x8e/0x240 [ 338.961904][T10298] dev_ioctl+0x70e/0x1070 [ 338.961956][T10298] sock_ioctl+0x494/0x6b0 [ 338.961983][T10298] ? __pfx_sock_ioctl+0x10/0x10 [ 338.962008][T10298] ? hook_file_ioctl_common+0x146/0x410 [ 338.962050][T10298] ? __fget_files+0x21f/0x3d0 [ 338.962095][T10298] ? __pfx_sock_ioctl+0x10/0x10 [ 338.962124][T10298] __x64_sys_ioctl+0x18e/0x210 [ 338.962161][T10298] do_syscall_64+0x106/0xf80 [ 338.962215][T10298] ? clear_bhb_loop+0x40/0x90 [ 338.962252][T10298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.962281][T10298] RIP: 0033:0x7fa6adf9bf79 [ 338.962305][T10298] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 338.962331][T10298] RSP: 002b:00007fa6ac1f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 338.962359][T10298] RAX: ffffffffffffffda RBX: 00007fa6ae216180 RCX: 00007fa6adf9bf79 [ 338.962378][T10298] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000008 [ 338.962395][T10298] RBP: 00007fa6ae0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 338.962412][T10298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 338.962429][T10298] R13: 00007fa6ae216218 R14: 00007fa6ae216180 R15: 00007ffe7e268168 [ 338.962468][T10298] [ 338.963124][T10298] gretap0: failed to initialize vlan filtering on this port [ 339.320880][T10298] gretap0: left allmulticast mode [ 340.212515][T10313] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 2 with max blocks 1 with error 117 [ 340.305691][T10313] EXT4-fs (sda1): This should not happen!! Data will be lost [ 340.305691][T10313] [ 340.516326][T10319] FAULT_INJECTION: forcing a failure. [ 340.516326][T10319] name failslab, interval 1, probability 0, space 0, times 0 [ 340.529374][T10319] CPU: 0 UID: 0 PID: 10319 Comm: syz.0.715 Tainted: G L syzkaller #0 PREEMPT(full) [ 340.529411][T10319] Tainted: [L]=SOFTLOCKUP [ 340.529416][T10319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 340.529425][T10319] Call Trace: [ 340.529431][T10319] [ 340.529437][T10319] dump_stack_lvl+0x100/0x190 [ 340.529462][T10319] should_fail_ex.cold+0x5/0xa [ 340.529480][T10319] should_failslab+0xc2/0x120 [ 340.529502][T10319] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 340.529521][T10319] ? alloc_inode+0x183/0x250 [ 340.529535][T10319] ? stashed_dentry_get+0x10a/0x2c0 [ 340.529556][T10319] ? stashed_dentry_get+0x10a/0x2c0 [ 340.529580][T10319] alloc_inode+0x183/0x250 [ 340.529596][T10319] path_from_stashed+0x25b/0x750 [ 340.529620][T10319] pidfs_alloc_file+0xf8/0x290 [ 340.529639][T10319] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 340.529663][T10319] pidfd_prepare+0x129/0x200 [ 340.529681][T10319] __x64_sys_pidfd_open+0x105/0x1a0 [ 340.529700][T10319] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 340.529723][T10319] do_syscall_64+0x106/0xf80 [ 340.529741][T10319] ? clear_bhb_loop+0x40/0x90 [ 340.529759][T10319] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.529773][T10319] RIP: 0033:0x7fa6adf9bf79 [ 340.529786][T10319] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 340.529800][T10319] RSP: 002b:00007fa6aeda8028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 340.529814][T10319] RAX: ffffffffffffffda RBX: 00007fa6ae215fa0 RCX: 00007fa6adf9bf79 [ 340.529824][T10319] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 340.529832][T10319] RBP: 00007fa6ae0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 340.529840][T10319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 340.529848][T10319] R13: 00007fa6ae216038 R14: 00007fa6ae215fa0 R15: 00007ffe7e268168 [ 340.529877][T10319] [ 341.812828][T10324] kexec: Could not allocate control_code_buffer [ 342.148249][ T29] audit: type=1800 audit(2147483666.701:13): pid=10342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.719" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 347.015654][ T9687] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 347.026619][ T9687] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 347.035538][ T9687] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 347.045388][ T9687] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 347.145823][ T9687] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 347.591405][T10406] chnl_net:caif_netlink_parms(): no params data found [ 347.734501][T10406] bridge0: port 1(bridge_slave_0) entered blocking state [ 347.745497][T10406] bridge0: port 1(bridge_slave_0) entered disabled state [ 347.763337][T10406] bridge_slave_0: entered allmulticast mode [ 347.794916][ T9178] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1359 with max blocks 5 with error 117 [ 347.819341][ T9178] EXT4-fs (sda1): This should not happen!! Data will be lost [ 347.819341][ T9178] [ 347.839312][T10406] bridge_slave_0: entered promiscuous mode [ 347.867645][T10406] bridge0: port 2(bridge_slave_1) entered blocking state [ 347.945968][T10406] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.965185][T10406] bridge_slave_1: entered allmulticast mode [ 347.976619][T10406] bridge_slave_1: entered promiscuous mode [ 348.047000][T10406] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 348.098671][T10406] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 348.246456][T10406] team0: Port device team_slave_0 added [ 348.288349][T10406] team0: Port device team_slave_1 added [ 348.297808][T10429] input: jJǸ-9%vJ86 as /devices/virtual/input/input14 [ 348.662229][T10406] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 348.680420][T10406] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 348.740491][T10406] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 348.790829][T10406] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 348.803720][T10406] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 348.857691][T10406] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 349.171679][T10406] hsr_slave_0: entered promiscuous mode [ 349.199326][T10406] hsr_slave_1: entered promiscuous mode [ 349.219383][T10406] debugfs: 'hsr0' already exists in 'hsr' [ 349.235536][ T9687] Bluetooth: hci6: command tx timeout [ 349.243797][T10406] Cannot create hsr debugfs directory [ 349.996211][T10406] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 350.058805][T10406] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 350.092878][T10406] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 350.119410][T10406] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 350.424867][T10453] bridge0: port 3(team0) entered blocking state [ 350.432098][T10453] bridge0: port 3(team0) entered disabled state [ 350.440654][T10453] team0: entered allmulticast mode [ 350.447018][T10453] team_slave_0: entered allmulticast mode [ 350.452960][T10453] team_slave_1: entered allmulticast mode [ 350.467626][T10453] team0: entered promiscuous mode [ 350.473050][T10453] team_slave_0: entered promiscuous mode [ 350.479598][T10453] team_slave_1: entered promiscuous mode [ 350.488752][T10453] bridge0: port 3(team0) entered blocking state [ 350.495209][T10453] bridge0: port 3(team0) entered forwarding state [ 350.590335][T10406] 8021q: adding VLAN 0 to HW filter on device bond0 [ 350.678780][T10406] 8021q: adding VLAN 0 to HW filter on device team0 [ 350.725240][ T9179] bridge0: port 1(bridge_slave_0) entered blocking state [ 350.732392][ T9179] bridge0: port 1(bridge_slave_0) entered forwarding state [ 350.810203][ T9179] bridge0: port 2(bridge_slave_1) entered blocking state [ 350.817348][ T9179] bridge0: port 2(bridge_slave_1) entered forwarding state [ 351.218097][T10474] hub 1-0:1.0: USB hub found [ 351.232128][T10474] hub 1-0:1.0: 1 port detected [ 351.279811][T10406] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 351.315261][ T9687] Bluetooth: hci6: command tx timeout [ 351.699263][T10406] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 352.463035][T10406] veth0_vlan: entered promiscuous mode [ 352.494235][T10406] veth1_vlan: entered promiscuous mode [ 352.614413][T10406] veth0_macvtap: entered promiscuous mode [ 352.690222][T10406] veth1_macvtap: entered promiscuous mode [ 352.770813][T10406] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 352.872185][T10406] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 352.927605][ T9253] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.951167][ T9253] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.049875][ T9253] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.063212][ T9253] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.301897][ T9229] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.369230][ T9229] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 353.395388][ T9687] Bluetooth: hci6: command tx timeout [ 353.629286][ T9175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.651431][ T9175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 354.343363][T10541] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.731: iget: checksum invalid [ 354.446928][T10541] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 354.462915][T10541] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.731: iget: checksum invalid [ 354.475574][T10541] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 354.486295][T10541] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.731: iget: checksum invalid [ 354.497363][T10541] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 354.508158][T10541] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.731: iget: checksum invalid [ 354.519471][T10541] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 354.528978][T10541] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 354.542298][T10541] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 355.476042][ T9687] Bluetooth: hci6: command tx timeout [ 356.579509][T10565] hub 1-0:1.0: USB hub found [ 356.604962][T10565] hub 1-0:1.0: 1 port detected [ 359.389686][T10624] input: jJǸ-9%vJ86 as /devices/virtual/input/input15 [ 360.495848][T10667] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 363.758168][T10731] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 364.288703][T10735] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 366.547400][T10786] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1345 with max blocks 14 with error 117 [ 366.585109][T10786] EXT4-fs (sda1): This should not happen!! Data will be lost [ 366.585109][T10786] [ 366.722888][ T29] audit: type=1804 audit(2147483691.261:14): pid=10783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.794" name="/newroot/218/file0" dev="tmpfs" ino=1143 res=1 errno=0 [ 366.869225][ T29] audit: type=1804 audit(2147483691.271:15): pid=10783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.794" name="/newroot/218/file0" dev="tmpfs" ino=1143 res=1 errno=0 [ 367.447123][ T29] audit: type=1800 audit(2147483692.011:16): pid=10798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.785" name="dbroot" dev="configfs" ino=43136 res=0 errno=0 [ 368.243007][T10817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.789'. [ 368.263802][T10817] netlink: 'syz.3.789': attribute type 1 has an invalid length. [ 368.363239][T10817] netlink: 13 bytes leftover after parsing attributes in process `syz.3.789'. [ 368.605575][T10825] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 369.359363][T10827] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 370.456337][T10850] FAULT_INJECTION: forcing a failure. [ 370.456337][T10850] name failslab, interval 1, probability 0, space 0, times 0 [ 370.538888][T10850] CPU: 0 UID: 0 PID: 10850 Comm: syz.4.797 Tainted: G L syzkaller #0 PREEMPT(full) [ 370.538934][T10850] Tainted: [L]=SOFTLOCKUP [ 370.538943][T10850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 370.538956][T10850] Call Trace: [ 370.538961][T10850] [ 370.538967][T10850] dump_stack_lvl+0x100/0x190 [ 370.538993][T10850] should_fail_ex.cold+0x5/0xa [ 370.539012][T10850] should_failslab+0xc2/0x120 [ 370.539033][T10850] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 370.539073][T10850] ? security_inode_alloc+0x3b/0x2c0 [ 370.539089][T10850] ? lockdep_init_map_type+0x5c/0x250 [ 370.539112][T10850] security_inode_alloc+0x3b/0x2c0 [ 370.539128][T10850] inode_init_always_gfp+0xced/0x1040 [ 370.539152][T10850] alloc_inode+0x8e/0x250 [ 370.539168][T10850] path_from_stashed+0x25b/0x750 [ 370.539193][T10850] pidfs_alloc_file+0xf8/0x290 [ 370.539213][T10850] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 370.539237][T10850] pidfd_prepare+0x129/0x200 [ 370.539255][T10850] __x64_sys_pidfd_open+0x105/0x1a0 [ 370.539274][T10850] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 370.539298][T10850] do_syscall_64+0x106/0xf80 [ 370.539319][T10850] ? clear_bhb_loop+0x40/0x90 [ 370.539337][T10850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.539351][T10850] RIP: 0033:0x7f13b199bf79 [ 370.539365][T10850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 370.539381][T10850] RSP: 002b:00007f13b28d1028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 370.539396][T10850] RAX: ffffffffffffffda RBX: 00007f13b1c15fa0 RCX: 00007f13b199bf79 [ 370.539406][T10850] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 370.539414][T10850] RBP: 00007f13b1a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 370.539423][T10850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 370.539431][T10850] R13: 00007f13b1c16038 R14: 00007f13b1c15fa0 R15: 00007ffc302eb238 [ 370.539451][T10850] [ 372.152804][T10858] kexec: Could not allocate control_code_buffer [ 373.342098][T10897] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 373.958420][T10901] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 375.176304][ T29] audit: type=1804 audit(2147483699.731:17): pid=10924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.810" name="/newroot/16/file0" dev="tmpfs" ino=102 res=1 errno=0 [ 375.200380][ T29] audit: type=1804 audit(2147483699.761:18): pid=10924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.810" name="/newroot/16/file0" dev="tmpfs" ino=102 res=1 errno=0 [ 377.620086][T10970] FAULT_INJECTION: forcing a failure. [ 377.620086][T10970] name failslab, interval 1, probability 0, space 0, times 0 [ 377.700983][T10970] CPU: 1 UID: 0 PID: 10970 Comm: syz.6.816 Tainted: G L syzkaller #0 PREEMPT(full) [ 377.701010][T10970] Tainted: [L]=SOFTLOCKUP [ 377.701015][T10970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 377.701024][T10970] Call Trace: [ 377.701030][T10970] [ 377.701036][T10970] dump_stack_lvl+0x100/0x190 [ 377.701062][T10970] should_fail_ex.cold+0x5/0xa [ 377.701081][T10970] should_failslab+0xc2/0x120 [ 377.701102][T10970] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 377.701123][T10970] ? alloc_inode+0x183/0x250 [ 377.701138][T10970] ? stashed_dentry_get+0x10a/0x2c0 [ 377.701159][T10970] ? stashed_dentry_get+0x10a/0x2c0 [ 377.701183][T10970] alloc_inode+0x183/0x250 [ 377.701199][T10970] path_from_stashed+0x25b/0x750 [ 377.701224][T10970] pidfs_alloc_file+0xf8/0x290 [ 377.701244][T10970] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 377.701268][T10970] pidfd_prepare+0x129/0x200 [ 377.701286][T10970] __x64_sys_pidfd_open+0x105/0x1a0 [ 377.701306][T10970] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 377.701330][T10970] do_syscall_64+0x106/0xf80 [ 377.701348][T10970] ? clear_bhb_loop+0x40/0x90 [ 377.701366][T10970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.701381][T10970] RIP: 0033:0x7fdb8599bf79 [ 377.701395][T10970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 377.701409][T10970] RSP: 002b:00007fdb867b9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 377.701424][T10970] RAX: ffffffffffffffda RBX: 00007fdb85c15fa0 RCX: 00007fdb8599bf79 [ 377.701436][T10970] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 377.701444][T10970] RBP: 00007fdb85a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 377.701453][T10970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 377.701461][T10970] R13: 00007fdb85c16038 R14: 00007fdb85c15fa0 R15: 00007fffd7ffc988 [ 377.701480][T10970] [ 378.609219][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.618051][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.687494][T10981] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 379.361523][T10982] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 379.612740][T10979] kexec: Could not allocate control_code_buffer [ 382.333870][ T9687] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 382.333912][ T9687] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 382.349930][ T9687] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 382.349979][ T9687] Bluetooth: hci1: adv larger than maximum supported [ 382.358734][ T9687] Bluetooth: hci1: adv larger than maximum supported [ 382.369180][ T9687] Bluetooth: hci1: Malformed LE Event: 0x0d [ 387.383598][T11106] hub 1-0:1.0: USB hub found [ 387.389330][T11106] hub 1-0:1.0: 1 port detected [ 387.593646][ T9687] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 387.593684][ T9687] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260 [ 387.610966][ T9687] Bluetooth: hci4: Unknown advertising packet type: 0x7f [ 387.611016][ T9687] Bluetooth: hci4: adv larger than maximum supported [ 387.618505][ T9687] Bluetooth: hci4: adv larger than maximum supported [ 387.625322][ T9687] Bluetooth: hci4: Malformed LE Event: 0x0d [ 388.344711][ T29] audit: type=1804 audit(2147483655.301:19): pid=11142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.845" name="/newroot/62/file0" dev="tmpfs" ino=338 res=1 errno=0 [ 388.424837][ T29] audit: type=1804 audit(2147483655.301:20): pid=11142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.845" name="/newroot/62/file0" dev="tmpfs" ino=338 res=1 errno=0 [ 389.206265][T11164] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 390.239678][T11166] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 393.703490][T11218] hub 1-0:1.0: USB hub found [ 393.713537][T11218] hub 1-0:1.0: 1 port detected [ 394.438172][T11239] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 394.870733][T11241] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 395.788287][T11265] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 396.303905][T11268] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 397.964256][T11281] Invalid ELF header magic: != ELF [ 398.330877][ T29] audit: type=1800 audit(2147483665.451:21): pid=11304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.871" name="dbroot" dev="configfs" ino=45770 res=0 errno=0 [ 402.282410][T11345] binder: 11344:11345 ioctl c018620c 0 returned -1 [ 404.627477][T11396] FAULT_INJECTION: forcing a failure. [ 404.627477][T11396] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 404.642066][T11396] CPU: 0 UID: 0 PID: 11396 Comm: syz.4.889 Tainted: G L syzkaller #0 PREEMPT(full) [ 404.642110][T11396] Tainted: [L]=SOFTLOCKUP [ 404.642119][T11396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 404.642136][T11396] Call Trace: [ 404.642146][T11396] [ 404.642154][T11396] dump_stack_lvl+0x100/0x190 [ 404.642198][T11396] should_fail_ex.cold+0x5/0xa [ 404.642225][T11396] ? prepare_alloc_pages+0x16d/0x5f0 [ 404.642273][T11396] should_fail_alloc_page+0xeb/0x140 [ 404.642316][T11396] prepare_alloc_pages+0x1f0/0x5f0 [ 404.642366][T11396] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 404.642402][T11396] ? trace_contention_end.constprop.0+0x15b/0x1b0 [ 404.642443][T11396] ? __pv_queued_spin_lock_slowpath+0x284/0xc00 [ 404.642481][T11396] ? css_rstat_updated+0x1ce/0x5a0 [ 404.642510][T11396] ? __pfx_css_rstat_updated+0x10/0x10 [ 404.642547][T11396] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 404.642585][T11396] ? __cgroup_account_cputime+0xd5/0x130 [ 404.642616][T11396] ? update_se+0x444/0x760 [ 404.642653][T11396] ? __schedule+0x2fa6/0x60e0 [ 404.642683][T11396] ? __schedule+0x2fa6/0x60e0 [ 404.642716][T11396] ? rcu_is_watching+0x12/0xc0 [ 404.642754][T11396] ? trace_sched_exit_tp+0x13a/0x180 [ 404.642784][T11396] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 404.642828][T11396] ? policy_nodemask+0xed/0x4f0 [ 404.642872][T11396] alloc_pages_mpol+0x1fb/0x550 [ 404.642915][T11396] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 404.642967][T11396] alloc_pages_noprof+0x131/0x390 [ 404.643011][T11396] pte_alloc_one+0x1e/0x3e0 [ 404.643051][T11396] do_huge_pmd_anonymous_page+0x835/0x1a60 [ 404.643098][T11396] __handle_mm_fault+0x1e9e/0x2b60 [ 404.643138][T11396] ? mt_find+0x45e/0x8e0 [ 404.643177][T11396] ? __pfx___handle_mm_fault+0x10/0x10 [ 404.643207][T11396] ? __pfx_mt_find+0x10/0x10 [ 404.643275][T11396] handle_mm_fault+0x36d/0xa20 [ 404.643315][T11396] __get_user_pages+0xf9c/0x34d0 [ 404.643368][T11396] ? down_read_killable+0x30e/0x4c0 [ 404.643407][T11396] ? __lock_acquire+0x4a5/0x2630 [ 404.643439][T11396] ? __pfx___get_user_pages+0x10/0x10 [ 404.643480][T11396] ? __lock_acquire+0x4a5/0x2630 [ 404.643522][T11396] __gup_longterm_locked+0x87d/0x16f0 [ 404.643577][T11396] ? __pfx___gup_longterm_locked+0x10/0x10 [ 404.643623][T11396] ? try_get_folio+0x262/0x750 [ 404.643660][T11396] ? pmd_write+0xd3/0x150 [ 404.643698][T11396] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 404.643748][T11396] gup_fast_fallback+0x18c6/0x2460 [ 404.643817][T11396] ? __pfx_gup_fast_fallback+0x10/0x10 [ 404.643860][T11396] ? kasan_save_stack+0x30/0x50 [ 404.643894][T11396] ? kasan_save_track+0x14/0x30 [ 404.643928][T11396] ? __kasan_slab_alloc+0x89/0x90 [ 404.643965][T11396] ? mempool_alloc_noprof+0x1b7/0x310 [ 404.644005][T11396] ? bvec_alloc+0x197/0x210 [ 404.644038][T11396] ? bio_alloc_bioset+0x59e/0x850 [ 404.644066][T11396] ? blkdev_direct_IO+0xeae/0x1fb0 [ 404.644104][T11396] ? blkdev_write_iter+0x703/0xd70 [ 404.644143][T11396] ? vfs_write+0x6ac/0x1070 [ 404.644179][T11396] ? ksys_write+0x12a/0x250 [ 404.644214][T11396] ? do_syscall_64+0x106/0xf80 [ 404.644248][T11396] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.644282][T11396] pin_user_pages_fast+0xa7/0xf0 [ 404.644310][T11396] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 404.644339][T11396] ? iov_iter_advance+0xac/0x6d0 [ 404.644377][T11396] iov_iter_extract_pages+0xa0d/0x1ef0 [ 404.644424][T11396] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 404.644467][T11396] ? iov_iter_revert+0x252/0x5b0 [ 404.644496][T11396] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 404.644540][T11396] iov_iter_extract_bvecs+0x10e/0xf40 [ 404.644589][T11396] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 404.644629][T11396] ? bio_init+0x404/0x610 [ 404.644671][T11396] bio_iov_iter_get_pages+0x26a/0x970 [ 404.644712][T11396] blkdev_direct_IO+0x1302/0x1fb0 [ 404.644770][T11396] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 404.644828][T11396] blkdev_write_iter+0x703/0xd70 [ 404.644876][T11396] vfs_write+0x6ac/0x1070 [ 404.644914][T11396] ? __pfx_blkdev_write_iter+0x10/0x10 [ 404.644957][T11396] ? __pfx_vfs_write+0x10/0x10 [ 404.644991][T11396] ? find_held_lock+0x2b/0x80 [ 404.645064][T11396] ksys_write+0x12a/0x250 [ 404.645103][T11396] ? __pfx_ksys_write+0x10/0x10 [ 404.645152][T11396] do_syscall_64+0x106/0xf80 [ 404.645187][T11396] ? clear_bhb_loop+0x40/0x90 [ 404.645221][T11396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.645250][T11396] RIP: 0033:0x7f13b199bf79 [ 404.645272][T11396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 404.645300][T11396] RSP: 002b:00007f13b284d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 404.645327][T11396] RAX: ffffffffffffffda RBX: 00007f13b1c16360 RCX: 00007f13b199bf79 [ 404.645347][T11396] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000004 [ 404.645365][T11396] RBP: 00007f13b1a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 404.645382][T11396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 404.645399][T11396] R13: 00007f13b1c163f8 R14: 00007f13b1c16360 R15: 00007ffc302eb238 [ 404.645438][T11396] [ 406.839474][T11412] FAULT_INJECTION: forcing a failure. [ 406.839474][T11412] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 406.868694][T11412] CPU: 0 UID: 0 PID: 11412 Comm: syz.3.901 Tainted: G L syzkaller #0 PREEMPT(full) [ 406.868721][T11412] Tainted: [L]=SOFTLOCKUP [ 406.868727][T11412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 406.868735][T11412] Call Trace: [ 406.868741][T11412] [ 406.868747][T11412] dump_stack_lvl+0x100/0x190 [ 406.868774][T11412] should_fail_ex.cold+0x5/0xa [ 406.868789][T11412] ? prepare_alloc_pages+0x16d/0x5f0 [ 406.868816][T11412] should_fail_alloc_page+0xeb/0x140 [ 406.868841][T11412] prepare_alloc_pages+0x1f0/0x5f0 [ 406.868867][T11412] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 406.868886][T11412] ? __sys_sendmmsg+0x205/0x430 [ 406.868906][T11412] ? __x64_sys_sendmmsg+0x9c/0x100 [ 406.868923][T11412] ? __kernel_text_address+0xd/0x30 [ 406.868943][T11412] ? unwind_get_return_address+0x59/0xa0 [ 406.868960][T11412] ? arch_stack_walk+0x88/0xf0 [ 406.868978][T11412] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 406.868998][T11412] ? stack_trace_save+0x8e/0xc0 [ 406.869020][T11412] ? __pfx_stack_trace_save+0x10/0x10 [ 406.869042][T11412] ? stack_depot_save_flags+0x27/0x9d0 [ 406.869066][T11412] ? stack_trace_save+0x8e/0xc0 [ 406.869095][T11412] ? __lock_acquire+0x4a5/0x2630 [ 406.869113][T11412] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 406.869136][T11412] ? policy_nodemask+0xed/0x4f0 [ 406.869160][T11412] alloc_pages_mpol+0x1fb/0x550 [ 406.869183][T11412] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 406.869204][T11412] ? __lock_acquire+0x4a5/0x2630 [ 406.869225][T11412] alloc_pages_noprof+0x131/0x390 [ 406.869247][T11412] pte_alloc_one+0x1e/0x3e0 [ 406.869263][T11412] do_huge_pmd_anonymous_page+0x835/0x1a60 [ 406.869287][T11412] __handle_mm_fault+0x1e9e/0x2b60 [ 406.869308][T11412] ? mt_find+0x45e/0x8e0 [ 406.869328][T11412] ? __pfx___handle_mm_fault+0x10/0x10 [ 406.869344][T11412] ? __pfx_mt_find+0x10/0x10 [ 406.869379][T11412] handle_mm_fault+0x36d/0xa20 [ 406.869400][T11412] __get_user_pages+0xf9c/0x34d0 [ 406.869429][T11412] ? down_read_killable+0x30e/0x4c0 [ 406.869449][T11412] ? __lock_acquire+0x4a5/0x2630 [ 406.869466][T11412] ? __pfx___get_user_pages+0x10/0x10 [ 406.869487][T11412] ? __lock_acquire+0x4a5/0x2630 [ 406.869508][T11412] __gup_longterm_locked+0x87d/0x16f0 [ 406.869537][T11412] ? __pfx___gup_longterm_locked+0x10/0x10 [ 406.869561][T11412] ? try_get_folio+0x262/0x750 [ 406.869580][T11412] ? pmd_write+0xd3/0x150 [ 406.869600][T11412] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 406.869626][T11412] gup_fast_fallback+0x18c6/0x2460 [ 406.869662][T11412] ? __pfx_gup_fast_fallback+0x10/0x10 [ 406.869685][T11412] ? kasan_save_stack+0x30/0x50 [ 406.869702][T11412] ? kasan_save_track+0x14/0x30 [ 406.869720][T11412] ? __kasan_slab_alloc+0x89/0x90 [ 406.869739][T11412] ? mempool_alloc_noprof+0x1b7/0x310 [ 406.869760][T11412] ? bvec_alloc+0x197/0x210 [ 406.869774][T11412] ? bio_alloc_bioset+0x59e/0x850 [ 406.869788][T11412] ? blkdev_direct_IO+0xeae/0x1fb0 [ 406.869807][T11412] ? blkdev_write_iter+0x703/0xd70 [ 406.869831][T11412] ? vfs_write+0x6ac/0x1070 [ 406.869850][T11412] ? ksys_write+0x12a/0x250 [ 406.869868][T11412] ? do_syscall_64+0x106/0xf80 [ 406.869886][T11412] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.869904][T11412] pin_user_pages_fast+0xa7/0xf0 [ 406.869918][T11412] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 406.869934][T11412] ? iov_iter_advance+0xac/0x6d0 [ 406.869953][T11412] iov_iter_extract_pages+0xa0d/0x1ef0 [ 406.869978][T11412] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 406.870000][T11412] ? iov_iter_revert+0x252/0x5b0 [ 406.870015][T11412] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 406.870038][T11412] iov_iter_extract_bvecs+0x10e/0xf40 [ 406.870070][T11412] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 406.870090][T11412] ? bio_init+0x404/0x610 [ 406.870115][T11412] bio_iov_iter_get_pages+0x26a/0x970 [ 406.870138][T11412] blkdev_direct_IO+0x1302/0x1fb0 [ 406.870170][T11412] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 406.870200][T11412] blkdev_write_iter+0x703/0xd70 [ 406.870225][T11412] vfs_write+0x6ac/0x1070 [ 406.870245][T11412] ? __pfx_blkdev_write_iter+0x10/0x10 [ 406.870267][T11412] ? __pfx_vfs_write+0x10/0x10 [ 406.870285][T11412] ? find_held_lock+0x2b/0x80 [ 406.870318][T11412] ksys_write+0x12a/0x250 [ 406.870337][T11412] ? __pfx_ksys_write+0x10/0x10 [ 406.870363][T11412] do_syscall_64+0x106/0xf80 [ 406.870380][T11412] ? clear_bhb_loop+0x40/0x90 [ 406.870398][T11412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.870413][T11412] RIP: 0033:0x7f5d50b9bf79 [ 406.870427][T11412] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 406.870442][T11412] RSP: 002b:00007f5d51b44028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 406.870456][T11412] RAX: ffffffffffffffda RBX: 00007f5d50e15fa0 RCX: 00007f5d50b9bf79 [ 406.870466][T11412] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000004 [ 406.870476][T11412] RBP: 00007f5d50c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 406.870485][T11412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 406.870494][T11412] R13: 00007f5d50e16038 R14: 00007f5d50e15fa0 R15: 00007ffe790d7058 [ 406.870521][T11412] [ 407.959799][T11425] binder: 11423:11425 ioctl c018620c 0 returned -1 [ 410.619581][T11483] Invalid ELF header magic: != ELF [ 412.147828][T11509] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.910: iget: checksum invalid [ 412.175320][T11509] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 412.275198][T11509] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.910: iget: checksum invalid [ 412.314154][T11513] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 412.334439][T11509] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 412.352952][T11509] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.910: iget: checksum invalid [ 412.452057][T11509] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 412.471618][T11509] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.910: iget: checksum invalid [ 412.494041][T11509] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 412.507909][T11509] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 412.522967][T11509] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 413.076039][T11514] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 413.888270][T11534] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 414.353796][T11538] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 418.285231][ T30] INFO: task kworker/u8:3:49 blocked for more than 143 seconds. [ 418.292900][ T30] Tainted: G L syzkaller #0 [ 418.299568][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 418.324735][ T30] task:kworker/u8:3 state:D stack:23704 pid:49 tgid:49 ppid:2 task_flags:0x4208160 flags:0x00080000 [ 418.380602][ T30] Workqueue: netns cleanup_net [ 418.421969][ T30] Call Trace: [ 418.426208][ T30] [ 418.429180][ T30] __schedule+0xfee/0x60e0 [ 418.471384][ T30] ? __lock_acquire+0x4a5/0x2630 [ 418.518410][ T30] ? __pfx___schedule+0x10/0x10 [ 418.523525][ T30] ? find_held_lock+0x2b/0x80 [ 418.644678][ T30] ? schedule+0x2bf/0x390 [ 418.649176][ T30] schedule+0xdd/0x390 [ 418.653291][ T30] schedule_timeout+0x1b2/0x280 [ 418.704691][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 418.710132][ T30] ? mark_held_locks+0x40/0x70 [ 418.797297][ T30] __wait_for_common+0x2e7/0x4c0 [ 418.802268][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 418.814007][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 418.820496][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 418.826719][ T30] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 418.832574][ T30] __flush_workqueue+0x3f7/0x1200 [ 418.845928][ T30] ? __virt_addr_valid+0x32d/0x620 [ 418.851133][ T30] ? find_held_lock+0x2b/0x80 [ 418.864724][ T30] ? find_held_lock+0x2b/0x80 [ 418.869474][ T30] ? __pfx___flush_workqueue+0x10/0x10 [ 418.897884][ T30] ? queue_work_on+0x11b/0x1e0 [ 418.902690][ T30] ? lockdep_hardirqs_on+0x78/0x100 [ 418.944638][ T30] rxrpc_destroy_all_connections+0xf9/0x420 [ 418.950688][ T30] ? __pfx_rxrpc_destroy_all_connections+0x10/0x10 [ 419.027890][ T30] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 419.033923][ T30] ? __timer_delete_sync+0x151/0x1c0 [ 419.073824][ T30] rxrpc_exit_net+0x7b/0xc0 [ 419.079196][ T30] ? __pfx_rxrpc_exit_net+0x10/0x10 [ 419.084484][ T30] ops_undo_list+0x2ee/0xab0 [ 419.114943][ T30] ? __pfx_ops_undo_list+0x10/0x10 [ 419.120083][ T30] ? cleanup_net+0x332/0x920 [ 419.134687][ T30] ? idr_destroy+0x62/0x2e0 [ 419.139245][ T30] cleanup_net+0x499/0x920 [ 419.143658][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 419.154730][ T30] ? rcu_is_watching+0x12/0xc0 [ 419.170888][ T30] process_one_work+0x9d7/0x1920 [ 419.184728][ T30] ? __pfx_process_one_work+0x10/0x10 [ 419.201501][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 419.214747][ T30] worker_thread+0x5da/0xe40 [ 419.219369][ T30] ? kthread+0x13a/0x450 [ 419.223623][ T30] ? __pfx_worker_thread+0x10/0x10 [ 419.245306][ T30] kthread+0x370/0x450 [ 419.254907][ T30] ? __pfx_kthread+0x10/0x10 [ 419.259519][ T30] ret_from_fork+0x754/0xd80 [ 419.264101][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 419.285059][ T30] ? __switch_to+0x7b4/0x1120 [ 419.289784][ T30] ? __pfx_kthread+0x10/0x10 [ 419.308338][ T30] ret_from_fork_asm+0x1a/0x30 [ 419.313135][ T30] [ 419.316915][ T30] [ 419.316915][ T30] Showing all locks held in the system: [ 419.335105][ T30] 2 locks held by kworker/1:0/24: [ 419.340243][ T30] #0: ffff88813fe5f548 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 419.353267][ T30] #1: ffffc900001e7d08 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 419.370005][ T30] 1 lock held by khungtaskd/30: [ 419.424050][ T30] #0: ffffffff8e7e92e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 419.435112][ T30] 3 locks held by kworker/u8:3/49: [ 419.458433][ T30] #0: ffff88801c6a6948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 419.484160][ T30] #1: ffffc90000b97d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 419.506653][ T30] #2: ffffffff905f69f0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 [ 419.554906][ T30] 2 locks held by getty/5582: [ 419.560615][ T30] #0: ffff8880378790a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 419.644694][ T30] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 419.694761][ T30] 3 locks held by kworker/u11:1/9185: [ 419.700171][ T30] #0: ffff8880336a9148 ((wq_completion)hci4){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 419.744709][ T30] #1: ffffc90003b37d08 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 419.792309][ T30] #2: ffff88807e99cec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x18a/0x470 [ 419.809051][ T30] 1 lock held by syz.2.562/9406: [ 419.814023][ T30] #0: ffff888079bf3008 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 419.828508][ T30] 1 lock held by syz.1.639/9864: [ 419.833488][ T30] #0: ffffffff905f69f0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 419.843615][ T30] 1 lock held by syz.5.686/10182: [ 419.852353][ T30] #0: ffff8880849cc148 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 419.866473][ T30] 5 locks held by syz-executor/10406: [ 419.871925][ T30] #0: ffff88805c764ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0 [ 419.890569][ T30] #1: ffff88805c7640c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240 [ 419.901730][ T30] #2: ffffffff908a7268 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280 [ 419.912897][ T30] #3: ffff8880360222f8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x770 [ 419.924020][ T30] #4: ffffffff8e7f4ef8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 419.934123][ T30] 1 lock held by syz.0.924/11622: [ 419.939252][ T30] #0: ffffffff8e7f4ef8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 419.949347][ T30] 1 lock held by syz.3.928/11626: [ 419.954400][ T30] #0: ffffffff9060f2e8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 [ 419.963845][ T30] [ 419.967414][ T30] ============================================= [ 419.967414][ T30] [ 419.976064][ T30] NMI backtrace for cpu 0 [ 419.976089][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 419.976131][ T30] Tainted: [L]=SOFTLOCKUP [ 419.976139][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 419.976155][ T30] Call Trace: [ 419.976163][ T30] [ 419.976173][ T30] dump_stack_lvl+0x100/0x190 [ 419.976214][ T30] nmi_cpu_backtrace.cold+0x12d/0x151 [ 419.976253][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 419.976288][ T30] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 419.976334][ T30] sys_info+0x141/0x190 [ 419.976367][ T30] watchdog+0xd25/0x1050 [ 419.976413][ T30] ? __pfx_watchdog+0x10/0x10 [ 419.976450][ T30] ? __kthread_parkme+0x18c/0x230 [ 419.976479][ T30] ? kthread+0x13a/0x450 [ 419.976507][ T30] ? __pfx_watchdog+0x10/0x10 [ 419.976541][ T30] kthread+0x370/0x450 [ 419.976569][ T30] ? __pfx_kthread+0x10/0x10 [ 419.976601][ T30] ret_from_fork+0x754/0xd80 [ 419.976638][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 419.976681][ T30] ? __switch_to+0x7b4/0x1120 [ 419.976707][ T30] ? __pfx_kthread+0x10/0x10 [ 419.976739][ T30] ret_from_fork_asm+0x1a/0x30 [ 419.976783][ T30] [ 419.976792][ T30] Sending NMI from CPU 0 to CPUs 1: [ 420.105942][ C1] NMI backtrace for cpu 1 [ 420.105963][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G L syzkaller #0 PREEMPT(full) [ 420.105996][ C1] Tainted: [L]=SOFTLOCKUP [ 420.106004][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 420.106019][ C1] RIP: 0010:debug_lockdep_rcu_enabled+0x0/0x40 [ 420.106056][ C1] Code: 00 00 8b 44 24 04 eb b2 89 44 24 04 e8 a9 fa ff ff 8b 44 24 04 eb aa 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 8b 05 82 d4 4d 05 85 c0 74 20 8b 05 90 06 4e 05 85 c0 [ 420.106079][ C1] RSP: 0018:ffffc90000a089b8 EFLAGS: 00000293 [ 420.106098][ C1] RAX: ffffc90000198001 RBX: ffffc90000197e08 RCX: ffffffff922bca01 [ 420.106115][ C1] RDX: ffffc90000197e10 RSI: 0000000000000001 RDI: ffffc90000a08a40 [ 420.106130][ C1] RBP: 0000000000000001 R08: ffffffff922bcaee R09: 0000000000000007 [ 420.106145][ C1] R10: 0000000000000200 R11: 00000000000a8ba3 R12: ffffc90000a08a80 [ 420.106160][ C1] R13: ffffc90000a08a30 R14: ffffc90000197e08 R15: ffffc90000a08a64 [ 420.106176][ C1] FS: 0000000000000000(0000) GS:ffff88812445a000(0000) knlGS:0000000000000000 [ 420.106199][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 420.106215][ C1] CR2: 00007fa6adfe96c0 CR3: 00000000338e0000 CR4: 00000000003526f0 [ 420.106230][ C1] Call Trace: [ 420.106237][ C1] [ 420.106254][ C1] unwind_next_frame+0x3a8/0x1ea0 [ 420.106279][ C1] ? default_idle_call+0x6c/0xb0 [ 420.106314][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 420.106352][ C1] arch_stack_walk+0x94/0xf0 [ 420.106376][ C1] ? do_idle+0x35b/0x4b0 [ 420.106410][ C1] ? rcu_core+0x5a2/0x10d0 [ 420.106439][ C1] stack_trace_save+0x8e/0xc0 [ 420.106472][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 420.106509][ C1] ? __lock_acquire+0x4a5/0x2630 [ 420.106535][ C1] ? kasan_save_stack+0x3f/0x50 [ 420.106565][ C1] ? kasan_save_stack+0x30/0x50 [ 420.106593][ C1] ? kasan_save_track+0x14/0x30 [ 420.106622][ C1] kasan_save_stack+0x30/0x50 [ 420.106650][ C1] ? kasan_save_stack+0x30/0x50 [ 420.106679][ C1] ? kasan_save_track+0x14/0x30 [ 420.106707][ C1] ? kasan_save_free_info+0x3b/0x70 [ 420.106734][ C1] ? __kasan_slab_free+0x5f/0x80 [ 420.106777][ C1] ? kmem_cache_free+0x124/0x6a0 [ 420.106809][ C1] ? rcu_core+0x5a2/0x10d0 [ 420.106849][ C1] ? handle_softirqs+0x1eb/0x9e0 [ 420.106872][ C1] ? __irq_exit_rcu+0xef/0x150 [ 420.106900][ C1] ? irq_exit_rcu+0x9/0x30 [ 420.106926][ C1] ? sysvec_apic_timer_interrupt+0xa3/0xc0 [ 420.106954][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 420.106980][ C1] ? pv_native_safe_halt+0xf/0x20 [ 420.107006][ C1] ? default_idle+0x9/0x10 [ 420.107037][ C1] ? default_idle_call+0x6c/0xb0 [ 420.107090][ C1] kasan_save_track+0x14/0x30 [ 420.107119][ C1] kasan_save_free_info+0x3b/0x70 [ 420.107143][ C1] __kasan_slab_free+0x5f/0x80 [ 420.107239][ C1] kmem_cache_free+0x124/0x6a0 [ 420.107280][ C1] ? rcu_core+0x59d/0x10d0 [ 420.107314][ C1] rcu_core+0x5a2/0x10d0 [ 420.107346][ C1] ? __pfx_rcu_core+0x10/0x10 [ 420.107376][ C1] ? run_timer_base+0x121/0x190 [ 420.107399][ C1] ? __pfx_run_timer_base+0x10/0x10 [ 420.107424][ C1] handle_softirqs+0x1eb/0x9e0 [ 420.107449][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 420.107479][ C1] __irq_exit_rcu+0xef/0x150 [ 420.107501][ C1] irq_exit_rcu+0x9/0x30 [ 420.107528][ C1] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 420.107556][ C1] [ 420.107563][ C1] [ 420.107572][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 420.107596][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 420.107626][ C1] Code: b8 86 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d e3 fa 1f 00 fb f4 fc 35 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 420.107649][ C1] RSP: 0018:ffffc90000197df0 EFLAGS: 00000246 [ 420.107671][ C1] RAX: 000000000044527b RBX: ffff88801e6e8000 RCX: ffffffff8b8b8c75 [ 420.107691][ C1] RDX: 0000000000000000 RSI: ffffffff8de7571f RDI: ffffffff8c1adca0 [ 420.107706][ C1] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed10170a6795 [ 420.107721][ C1] R10: ffff8880b8533cab R11: 0000000000000000 R12: ffffed1003cdd000 [ 420.107737][ C1] R13: 0000000000000001 R14: ffffffff90d95310 R15: 0000000000000000 [ 420.107759][ C1] ? ct_kernel_exit+0x125/0x180 [ 420.107796][ C1] default_idle+0x9/0x10 [ 420.107838][ C1] default_idle_call+0x6c/0xb0 [ 420.107870][ C1] do_idle+0x35b/0x4b0 [ 420.107913][ C1] ? __pfx_do_idle+0x10/0x10 [ 420.107959][ C1] cpu_startup_entry+0x4f/0x60 [ 420.107996][ C1] start_secondary+0x21d/0x2d0 [ 420.108025][ C1] ? __pfx_start_secondary+0x10/0x10 [ 420.108058][ C1] common_startup_64+0x13e/0x148 [ 420.108089][ C1] [ 420.593771][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 420.600668][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 420.611376][ T30] Tainted: [L]=SOFTLOCKUP [ 420.615702][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 420.625752][ T30] Call Trace: [ 420.629019][ T30] [ 420.631935][ T30] dump_stack_lvl+0x100/0x190 [ 420.636616][ T30] vpanic+0x552/0x970 [ 420.640595][ T30] ? __pfx_vpanic+0x10/0x10 [ 420.645091][ T30] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 420.651241][ T30] panic+0xd1/0xe0 [ 420.655035][ T30] ? __pfx_panic+0x10/0x10 [ 420.659439][ T30] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 420.665585][ T30] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 420.671821][ T30] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 420.677968][ T30] ? watchdog.cold+0x198/0x1ca [ 420.682723][ T30] ? watchdog+0xd35/0x1050 [ 420.687139][ T30] watchdog.cold+0x1a9/0x1ca [ 420.691721][ T30] ? __pfx_watchdog+0x10/0x10 [ 420.696388][ T30] ? __kthread_parkme+0x18c/0x230 [ 420.701403][ T30] ? kthread+0x13a/0x450 [ 420.705639][ T30] ? __pfx_watchdog+0x10/0x10 [ 420.710346][ T30] kthread+0x370/0x450 [ 420.714443][ T30] ? __pfx_kthread+0x10/0x10 [ 420.719054][ T30] ret_from_fork+0x754/0xd80 [ 420.723638][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 420.728743][ T30] ? __switch_to+0x7b4/0x1120 [ 420.733538][ T30] ? __pfx_kthread+0x10/0x10 [ 420.738141][ T30] ret_from_fork_asm+0x1a/0x30 [ 420.742910][ T30] [ 420.746063][ T30] Kernel Offset: disabled [ 420.750377][ T30] Rebooting in 86400 seconds..