last executing test programs: 6.447344049s ago: executing program 3 (id=2861): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x602, 0x1) r0 = open(&(0x7f0000000080)='./file0\x00', 0x662c2, 0xe1d2b27bdc14aa0c) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) r1 = prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) ioctl$auto(r1, 0x541b, 0xffffffffffffffff) openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, 0x0, 0x202, 0x0) mmap$auto(0x0, 0x100002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001440), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYRES16=r5], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x2004c044) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2a01, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/uts\x00') ioctl$auto(0x1, 0x890b, 0x8) r6 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x13, 0x0, 0x1ff) ioctl$auto_LOOP_CTL_ADD(r6, 0x4c80, 0xfffffffffffffffd) bpf$auto(0x1, 0x0, 0xc) 6.229297215s ago: executing program 1 (id=2862): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000840)={0x394, 0x0, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [@typed={0xb, 0x49, 0x0, 0x0, @str='):*@\x1b{\x00'}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0xb1, 0x2, 0x0, 0x1, [@generic="6d077193745a742234d9f05d4b65b3f4139bd7d07d629173bf715670fd76fbce93a641b6d2ec2f06828f68af3707b4ffd30fee9e174d609d1dd18a23533e8a7342b450ea5aa873da98c8e7468dab3fc5923b0a1e83b964c5acb7709aea0c641614f55abae5a63a990dcc8d4237a76fc90a40922ebb0b0f354e760a59a5094bea557054cfba1a90033979ef9afd0e05066b5cb861e8f68f37fe3d7d8a3ac571da7f71d30d39f2e23312fa85d795"]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x80000000}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}, @ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x280, 0x2, 0x0, 0x1, [@typed={0x8, 0x12d, 0x0, 0x0, @uid=0xffffffffffffffff}, @nested={0x28, 0x104, 0x0, 0x1, [@typed={0xc, 0xcc, 0x0, 0x0, @u64=0x6}, @generic="0d1c7fbb", @typed={0x14, 0x8d, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}]}, @nested={0xdc, 0x5b, 0x0, 0x1, [@nested={0x8, 0x38, 0x0, 0x1, [@nested={0x4, 0x5e}]}, @typed={0x8, 0xbc, 0x0, 0x0, @fd}, @nested={0xba, 0xa2, 0x0, 0x1, [@generic="0f215f43ca8ccaf772a042620e9f3f5bdb240e312a20044465b6bd87cb6736cac70431c0969f8f1a61b698cffeea474566ea4c86449e72f61469479cc9c9351be380af440182ec8384a8c5c1f009d16a7d84ca7893132a35e7bfbd638c43b322c4321a709241482268993613c98e13cad6ac68cff4e3409aeeac94b61efd455d86104b593d46fcd63d07a6d220ea2e3d066ed41ca92932d76fa80b10b4db43bfd8c699eda9c5ca081fec09ed09f7", @typed={0x8, 0xb2, 0x0, 0x0, @ipv4=@local}]}, @typed={0xc, 0x0, 0x0, 0x0, @u64=0xe4}]}, @generic="8f189204c251580ecdd8afd471d42189ea1d920925568b8bca9af2f69aaa9f51a0c3ed79b326b60dd436b2c3ed85ec12b05aa17f471f2cd27b2d8294522fcef399ddddb774b162b8ac730b61c71d06e9def181ae3b04a89928a11d9ec7d3f5f9594a5aca3167e23499a265ea2806d6e6d324cfe9", @nested={0xfb, 0x132, 0x0, 0x1, [@generic="c641d2aff852fce8d89e358144f47df1fe57524fdfa9b8a9faefe82eaa52048af6d8b5ccdd6c4365aab1556b869201533f814e29c5b9287e31f4d48b2abaa6eef3d5955bd43b7e853561732014c1e49bf5a8e5964b", @generic="84f340ed0f2012fb0285bf87dc49592ece198fba10ecd31aca14ad6fb03db0a4b46c8bc4d661bb0d8926deff576b54fd7f8fb5da49bbc440ac5bd5a53d4487e39318ec5b69393680d8fa84089e6d3b6b81e6847f993133b76bdfe3fa95e97c31f79f03f2bed322d3621d0a00aacb31759c264ae79c25566948e333daebbd7a1dbf700e5c02f0ff1b4367682c47201684196c36db1081fae5ef7e31df1f15a5ed701e"]}]}]}, 0x394}, 0x1, 0x0, 0x0, 0x4084000}, 0x4000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) write$auto(r1, 0x0, 0x6051) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioprio_get$auto(0x6, 0x0) socketcall$auto_SYS_SOCKETPAIR(0x8, 0x0) fsopen$auto(0x0, 0x1) open(0x0, 0x0, 0x64) mmap$auto(0x5, 0x2e983, 0x40, 0xeb1, 0x401, 0x8000) r2 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x69) listen$auto(0x3, 0x81) r3 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x7fff, 0x1}, 0x80000b}, 0x5, 0x20000000) close_range$auto(0x2, 0x8, 0x0) readv$auto(0x3, 0x0, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) 5.676856902s ago: executing program 3 (id=2864): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x9c0302, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x6, 0x21) prctl$auto(0x23, 0xbb38, 0x80000001, 0x0, 0x0) r1 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/environ\x00', 0x2000, 0x0) read$auto_proc_environ_operations_base(r1, &(0x7f0000000240)=""/80, 0x50) unshare$auto(0x40000080) close_range$auto(r0, r0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x2, 0x802, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0x2000000}, 0x68) socket(0x2b, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xae}, 0x5, 0x0, 0x3, 0x3a32182}, 0x4}, 0x3, 0x9) close_range$auto(0x2, r3, 0x2000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) mmap$auto(0x4000000000000000, 0x0, 0x233e, 0x2000000000009b72, r2, 0x0) r4 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000140), 0x189000, 0x0) readv$auto(r4, &(0x7f00000018c0)={&(0x7f0000001880), 0x1}, 0x9) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/fs/erofs/features/fragments\x00', 0x101900, 0x0) 4.54081065s ago: executing program 1 (id=2866): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/usbip-host/match_busid\x00', 0x28b42, 0x0) writev$auto(r0, &(0x7f0000000000)={&(0x7f0000000300)="8e8873b5f9dd39182ab801a9e417130ff346eab3d41f954d458b276ffab4f6d5b23e17c1671a234d49ad4c9511237ca78f46452d900392ea1a0de8060cd7694e777b4d62f1bcc443d7c1dbec30477e6b2572db86f4721133401e01e6d193613714dd6547af20dcc73bc5039c84c5c20552c8860805b36e82ab515330fb953c37f740c27114db08ce6725c6db2d98fa6d022a943e8c7b7d858d6642becac8add4cf359c1dc8883e7b6bc95e2b8da0cb380d324a82460644d2b6517db24f7e49e2a872", 0x9}, 0xc) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0x5, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vivid.0/video4linux/video62/name\x00', 0x100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_USBDEVFS_FORBID_SUSPEND(0xffffffffffffffff, 0x5521, 0x0) socket(0xa, 0x801, 0x84) writev$auto(0xffffffffffffffff, 0x0, 0x61b3) write$auto(0xffffffffffffffff, 0x0, 0x2) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) futex_waitv$auto(&(0x7f0000000300)={0x0, 0x4, 0x2}, 0x1, 0x0, &(0x7f0000000340)={0x225c17d03, 0x800006}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), 0xffffffffffffffff) getresuid$auto(&(0x7f00000000c0)=0x3, &(0x7f0000000100)=0x380, 0x0) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/dummy0/proto_down\x00', 0x60282, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r1) openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) 4.358476686s ago: executing program 0 (id=2867): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc26, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x1fe, 0x6) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000440)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x4}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='H'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(r0, r0, 0x0, 0x7ffff000) socket(0x26, 0x6, 0x8) setgroups$auto(0xe32, 0x0) eventfd2$auto(0xf1, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40602, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) r3 = epoll_create$auto(0x200004) socket(0xa, 0x1, 0x84) socket(0x21, 0x2, 0x2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000100), 0x40400, 0x0) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) epoll_ctl$auto(r3, 0x1, r2, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b41", 0xfdef) add_key$auto_KEY_SPEC_USER_KEYRING(0x0, &(0x7f0000000080)='/sys/kernel/con\x87ig/target/dbro\x7ft\x00', &(0x7f00000000c0)="a513b8212f90589c5660be05df4354f480e42434e18b", 0xf9c0, 0xfffffffffffffffc) 4.11196501s ago: executing program 0 (id=2869): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b", 0x6) 4.018621836s ago: executing program 0 (id=2870): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8f80, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/fs/netfs/volumes\x00', 0x40080, 0x0) pread64$auto(r2, 0x0, 0x8100000041, 0x413e) clock_nanosleep$auto(0xfffffff2, 0x5, 0x0, 0x0) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) fsopen$auto(0x0, 0x1) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0xfffffffffffffffa, 0x9, 0x19) waitid$auto_P_PIDFD(0x3, r1, &(0x7f0000000040)={@siginfo_0_0={0x2, 0x4, 0x0, @_rt={0xffffffffffffffff, 0x0, @sival_ptr=&(0x7f0000000280)="79ca6170c72c9b5affac767c0127e58e38f3f407303ed544651fc514ea2bf3a8d8ec1b5efc99d62cbb8043d4582607afd440f400a4fdcd74a0d6cc759ee437d05a5a149e70f79615cb36ed421aea340b2fe64c6f0439d9294cee642b94067691cdb8738f2363b14d75159d50f1d2041552ec66151a9f701e52dbbc1da461754f08314b0d6bbb04733b1e75896aa1d04e8e80eeef31efb7c1d6d29923d10bb06fc202e8c6970da24c428b428a45a8146761b0799727aa98dee9a474d1ec2011619ef92795e56f01adc6944105d7bf5c917ab81c899a21ee50a5ef56db545f"}}}, 0x20f5, &(0x7f0000000440)={{0x0, 0x80}, {0x8, 0x3}, 0xc2, 0xfffffffffffffff1, 0x80000001, 0x9, 0x1, 0xffffffffffffffff, 0x101, 0x101, 0xfff, 0x0, 0x3, 0x9, 0x8, 0xfffffffffffffffa}) madvise$auto(0x0, 0x2003f2, 0x15) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec10\x00', 0x101901, 0x0) ioctl$auto_CEC_TRANSMIT(r3, 0xc0386105, &(0x7f0000000000)={0x6, 0x3, 0x7, 0x2, 0x2, 0x80000002, "9b2189084142725dff0d933475a77466", 0xb, 0x5, 0x9, 0x5, 0x2, 0xb, 0x2}) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) socket(0x1d, 0x3, 0x1) ptrace$auto(0x4206, 0x1, 0x100000000, 0xe855) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x3) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 3.988167037s ago: executing program 1 (id=2871): r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/block/nbd1/sched/read2_fifo_list\x00', 0x169100, 0x0) pread64$auto(r0, 0x0, 0x1000f42d, 0x100) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) shmdt$auto(&(0x7f0000000340)='dummy0\x00') r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x12b742, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, r2, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/renderD128\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_NEW(r5, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x28, r6, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@OVS_VPORT_ATTR_OPTIONS={0x4}, @OVS_VPORT_ATTR_NAME={0x6, 0x3, '*\x00'}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040010}, 0x800) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0x5c8) pwrite64$auto(r3, 0x0, 0x9, 0x8) r7 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(r2, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000040)={0x20, r7, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x8, 0x0, 0x1, [@generic="8592a023"]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'dummy0\x00', 0x0}) sendmsg$auto_OVS_VPORT_CMD_DEL(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="080028bd7000fcdbdf250200000008000800", @ANYRES32=r8, @ANYBLOB="9ea5e506135a604b75bf30c4f6947162ee374f83a8ca80de1b47920b4c9d137d6361607f12c31b8a45421131602e1cd9598a1e68380b3205303c64bcb3e3f33cab6aa2d0b9a0bc506de0e9f281ef7fdd31b1948dd463f444"], 0x1c}, 0x1, 0x0, 0x0, 0x4040044}, 0x4004490) r9 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f00000001c0), r2) sendmsg$auto_NLBL_UNLABEL_C_STATICADDDEF(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4db77a4ef5f63cb7}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="3a001a3faec52e11d9beaea1e94fb73deadadb324d980b57c07df94ac8af0ec66d03fffb94b86d582272e6", @ANYRES16=r9, @ANYBLOB="20002dbd7000fedbdf25060000000400070014000300000000000000000000000000000000001400060077673000"/58], 0x40}, 0x1, 0x0, 0x0, 0x4040041}, 0x0) r10 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event2\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) keyctl$auto_KEYCTL_INSTANTIATE_IOV(0x14, 0x1000000000000000, 0x1, 0x31, 0x0) ioctl$auto_EVIOCSREP(r10, 0x40084503, 0x0) 3.904480782s ago: executing program 3 (id=2872): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) writev$auto(r0, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000340)=""/42, 0x2a) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r2 = epoll_create$auto(0x70c) epoll_ctl$auto(r2, 0x1, r1, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x40006) arch_prctl$auto_ARCH_MAP_VDSO_64(0x2003, 0x8) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2ac842, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x0, 0x4, 0x0, 0x0, 0x0, 0x400000) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r4, &(0x7f0000000080)={0x0, 0x101f}, 0x3) syz_genetlink_get_family_id$auto_smbd_genl(0x0, 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(0xffffffffffffffff, 0x0, 0x30004850) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$auto(r5, 0x4b47, 0x1) newfstatat$auto(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000180)={0xcf68, 0x7, 0x6, 0x0, 0xee00, 0xffffffffffffffff, 0x0, 0x1, 0x3, 0x1f, 0x7d, 0x0, 0x1, 0x1, 0xfffffffffffffff9, 0xffffffffffff7fff, 0x1000}, 0x8) 3.017757898s ago: executing program 1 (id=2873): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc26, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x1fe, 0x6) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000440)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x4}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='H'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(r0, r0, 0x0, 0x7ffff000) socket(0x26, 0x6, 0x8) setgroups$auto(0xe32, 0x0) eventfd2$auto(0xf1, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40602, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) r3 = epoll_create$auto(0x200004) socket(0xa, 0x1, 0x84) socket(0x21, 0x2, 0x2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000100), 0x40400, 0x0) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) epoll_ctl$auto(r3, 0x1, r2, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b41", 0xfdef) add_key$auto_KEY_SPEC_USER_KEYRING(0x0, &(0x7f0000000080)='/sys/kernel/con\x87ig/target/dbro\x7ft\x00', &(0x7f00000000c0)="a513b8212f90589c5660be05df4354f480e42434e18b", 0xf9c0, 0xfffffffffffffffc) 2.768463628s ago: executing program 3 (id=2874): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b4a, 0x9) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) socket(0xf, 0x3, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, 0x0, 0x8000) socket(0x1d, 0x3, 0x1) getpeername$auto(0x3, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/47, 0x2f) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040801}, 0x8045) 2.70322265s ago: executing program 2 (id=2875): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b4a, 0x9) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) socket(0xf, 0x3, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, 0x0, 0x8000) socket(0x1d, 0x3, 0x1) getpeername$auto(0x3, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/47, 0x2f) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040801}, 0x8045) 1.693410493s ago: executing program 2 (id=2876): socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a) r0 = socket(0xa, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000340)={{&(0x7f0000000400)="9157a568973d33cad87b3ccb554bef6e1ae943e11b4e98d0fd1c2f3047eabf23173c118f98020732ab8b8e55b082eb7c78e893d7f085f6e33773bf9e875d9214018032d344428af5ed3e2ededc9adf45d0614a97829e7bfcbe977b3b06d9eefa221e", 0x80000004, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0xffff8002}, 0x1, 0x8008) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) setrlimit$auto(0xb, 0x0) r1 = gettid() rt_tgsigqueueinfo$auto(0x0, r1, 0x21, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, r1, 0x1, 0x0) write$auto(r2, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x5, 0x0) r3 = socket(0xa, 0x801, 0x84) getsockopt$auto(r3, 0x84, 0x10, 0x0, 0x0) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC2\x00', 0x80, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nbd8/queue/physical_block_size\x00', 0xc0481, 0x0) ioctl$auto(0x1, 0x541b, 0x8) ioctl$auto(r5, 0xc10c5541, r4) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) socket(0x2c, 0x3, 0x0) syz_open_procfs$namespace(0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0x0, 0x20, 0xb687, 0x100000000000003, 0x3c2a19d5, 0x6, 0xffff, 0x62, 0xf8, 0x7, 0x6d42, 0x9, 0x80000a, 0xfffffffffffffffc]}, 0x0) 1.691404815s ago: executing program 3 (id=2877): unshare$auto(0x40000080) mmap$auto(0x0, 0x4, 0xde, 0x9b72, 0xffffffffffffffff, 0xa000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/008/001\x00', 0x402, 0x0) ioctl$auto_USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000180)={0x7, 0x6a, 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010b27bd7000fda5c5a620736600080003", @ANYRES32=r0], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8a241, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) pread64$auto(r4, &(0x7f0000000040)='uete1\x00', 0x200000000006, 0x7) ioctl$auto_FS_IOC_UNRESVSP64(r4, 0x4030582b, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x2, 0x3, 0x6) r6 = socket(0x2, 0x1, 0x0) bind$auto(r6, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) write$auto(r5, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0xcb) sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0xb2c, 0x2, 0x20000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) write$auto(0x3, 0x0, 0x100085) 1.630585709s ago: executing program 0 (id=2878): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc26, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x1fe, 0x6) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000440)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x4}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='H'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(r0, r0, 0x0, 0x7ffff000) socket(0x26, 0x6, 0x8) setgroups$auto(0xe32, 0x0) eventfd2$auto(0xf1, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40602, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) r3 = epoll_create$auto(0x200004) socket(0xa, 0x1, 0x84) socket(0x21, 0x2, 0x2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000100), 0x40400, 0x0) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) epoll_ctl$auto(r3, 0x1, r2, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b41", 0xfdef) add_key$auto_KEY_SPEC_USER_KEYRING(0x0, &(0x7f0000000080)='/sys/kernel/con\x87ig/target/dbro\x7ft\x00', &(0x7f00000000c0)="a513b8212f90589c5660be05df4354f480e42434e18b", 0xf9c0, 0xfffffffffffffffc) 1.578425268s ago: executing program 1 (id=2879): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b4a, 0x9) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x80000, 0x0) socket(0xf, 0x3, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x805, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) socket(0x1d, 0x3, 0x1) getpeername$auto(0x3, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/47, 0x2f) close_range$auto(0x2, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(r5, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040801}, 0x8045) 1.495409369s ago: executing program 2 (id=2880): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/usbip-host/match_busid\x00', 0x28b42, 0x0) writev$auto(r0, 0x0, 0xc) close_range$auto(0x0, 0x5, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vivid.0/video4linux/video62/name\x00', 0x100, 0x0) close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/dummy0/proto_down\x00', 0x60282, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r1) openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) 1.147820601s ago: executing program 2 (id=2881): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc26, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x1fe, 0x6) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000440)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x4}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='H'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(r0, r0, 0x0, 0x7ffff000) socket(0x26, 0x6, 0x8) setgroups$auto(0xe32, 0x0) eventfd2$auto(0xf1, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40602, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) epoll_create$auto(0x200004) socket(0xa, 0x1, 0x84) socket(0x21, 0x2, 0x2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000100), 0x40400, 0x0) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) readv$auto(0x3, &(0x7f0000000600)={&(0x7f0000000540), 0xc}, 0x1da) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="c80d1b5d399b41", 0xfdef) add_key$auto_KEY_SPEC_USER_KEYRING(0x0, &(0x7f0000000080)='/sys/kernel/con\x87ig/target/dbro\x7ft\x00', &(0x7f00000000c0)="a513b8212f90589c5660be05df4354f480e42434e18b", 0xf9c0, 0xfffffffffffffffc) 1.10053867s ago: executing program 0 (id=2882): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x602, 0x1) r0 = open(&(0x7f0000000080)='./file0\x00', 0x662c2, 0xe1d2b27bdc14aa0c) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) r1 = prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) ioctl$auto(r1, 0x541b, 0xffffffffffffffff) openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, 0x0, 0x202, 0x0) mmap$auto(0x0, 0x100002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001440), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYRES16=r5], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x2004c044) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2a01, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/uts\x00') r6 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) r7 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r7, 0x29, 0x13, 0x0, 0x1ff) ioctl$auto_LOOP_CTL_ADD(r6, 0x4c80, 0xfffffffffffffffd) bpf$auto(0x1, 0x0, 0xc) 549.291076ms ago: executing program 1 (id=2883): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x602, 0x1) r0 = open(&(0x7f0000000080)='./file0\x00', 0x662c2, 0xe1d2b27bdc14aa0c) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) r1 = prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) ioctl$auto(r1, 0x541b, 0xffffffffffffffff) openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, 0x0, 0x202, 0x0) mmap$auto(0x0, 0x100002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001440), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYRES16=r5], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x2004c044) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2a01, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/uts\x00') r6 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) r7 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r7, 0x29, 0x13, 0x0, 0x1ff) ioctl$auto_LOOP_CTL_ADD(r6, 0x4c80, 0xfffffffffffffffd) bpf$auto(0x1, 0x0, 0xc) 516.084721ms ago: executing program 2 (id=2884): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc26, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x1fe, 0x6) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000440)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x4}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='H'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(r0, r0, 0x0, 0x7ffff000) socket(0x26, 0x6, 0x8) setgroups$auto(0xe32, 0x0) eventfd2$auto(0xf1, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40602, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) r3 = epoll_create$auto(0x200004) socket(0xa, 0x1, 0x84) socket(0x21, 0x2, 0x2) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000100), 0x40400, 0x0) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) epoll_ctl$auto(r3, 0x1, r2, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b41", 0xfdef) add_key$auto_KEY_SPEC_USER_KEYRING(0x0, &(0x7f0000000080)='/sys/kernel/con\x87ig/target/dbro\x7ft\x00', &(0x7f00000000c0)="a513b8212f90589c5660be05df4354f480e42434e18b", 0xf9c0, 0xfffffffffffffffc) 447.41393ms ago: executing program 0 (id=2885): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b4a, 0x9) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) socket(0xf, 0x3, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, 0x0, 0x8000) socket(0x1d, 0x3, 0x1) getpeername$auto(0x3, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/47, 0x2f) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040801}, 0x8045) 65.455993ms ago: executing program 2 (id=2886): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b4a, 0x9) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) socket(0xf, 0x3, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, 0x0, 0x8000) socket(0x1d, 0x3, 0x1) getpeername$auto(0x3, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/47, 0x2f) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040801}, 0x8045) 0s ago: executing program 3 (id=2887): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8f80, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/fs/netfs/volumes\x00', 0x40080, 0x0) pread64$auto(r2, 0x0, 0x8100000041, 0x413e) clock_nanosleep$auto(0xfffffff2, 0x5, 0x0, 0x0) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) fsopen$auto(0x0, 0x1) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0xfffffffffffffffa, 0x9, 0x19) waitid$auto_P_PIDFD(0x3, r1, &(0x7f0000000040)={@siginfo_0_0={0x2, 0x4, 0x0, @_rt={0xffffffffffffffff, 0x0, @sival_ptr=&(0x7f0000000280)="79ca6170c72c9b5affac767c0127e58e38f3f407303ed544651fc514ea2bf3a8d8ec1b5efc99d62cbb8043d4582607afd440f400a4fdcd74a0d6cc759ee437d05a5a149e70f79615cb36ed421aea340b2fe64c6f0439d9294cee642b94067691cdb8738f2363b14d75159d50f1d2041552ec66151a9f701e52dbbc1da461754f08314b0d6bbb04733b1e75896aa1d04e8e80eeef31efb7c1d6d29923d10bb06fc202e8c6970da24c428b428a45a8146761b0799727aa98dee9a474d1ec2011619ef92795e56f01adc6944105d7bf5c917ab81c899a21ee50a5ef56db545f7c"}}}, 0x20f5, &(0x7f0000000440)={{0x0, 0x80}, {0x8, 0x3}, 0xc2, 0xfffffffffffffff1, 0x80000001, 0x9, 0x1, 0xffffffffffffffff, 0x101, 0x101, 0xfff, 0x0, 0x3, 0x9, 0x8, 0xfffffffffffffffa}) madvise$auto(0x0, 0x2003f2, 0x15) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec10\x00', 0x101901, 0x0) ioctl$auto_CEC_TRANSMIT(r3, 0xc0386105, &(0x7f0000000000)={0x6, 0x3, 0x7, 0x2, 0x2, 0x80000002, "9b2189084142725dff0d933475a77466", 0xb, 0x5, 0x9, 0x5, 0x2, 0xb, 0x2}) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) socket(0x1d, 0x3, 0x1) ptrace$auto(0x4206, 0x1, 0x100000000, 0xe855) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x3) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) kernel console output (not intermixed with test programs): 9.692559][ T9712] block2mtd: illegal erase size [ 341.189539][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 342.926139][ T5822] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 343.875027][ T5822] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5 [ 344.253960][ T5822] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 344.263827][ T5822] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 344.278821][ T5822] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 344.278848][ T5822] Bluetooth: hci3: Unknown advertising packet type: 0x1f [ 344.286015][ T5822] Bluetooth: hci3: Unknown advertising packet type: 0x7c [ 344.293355][ T5822] Bluetooth: hci3: Unknown advertising packet type: 0x77 [ 344.300652][ T5822] Bluetooth: hci3: adv larger than maximum supported [ 344.308058][ T5822] Bluetooth: hci3: adv larger than maximum supported [ 344.314763][ T5822] Bluetooth: hci3: Malformed LE Event: 0x0d [ 355.875612][ T5822] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 357.839636][ T9998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.683'. [ 365.101797][T10098] openvswitch: netlink: Message has 4 unknown bytes. [ 365.970233][T10112] block2mtd: illegal erase size [ 371.391967][T10201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.721'. [ 371.401896][T10201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.721'. [ 373.341908][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 375.054418][T10267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.731'. [ 375.086498][T10267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.731'. [ 375.425088][T10273] block2mtd: illegal erase size [ 378.580637][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.587675][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.944846][T10350] netlink: 1 bytes leftover after parsing attributes in process `syz.2.747'. [ 380.122363][T10355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.748'. [ 380.239801][T10355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.748'. [ 384.262313][T10423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.758'. [ 384.272000][T10423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.758'. [ 384.913936][T10441] block2mtd: illegal erase size [ 385.091623][T10445] syz.3.760 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 389.754110][T10520] block2mtd: illegal erase size [ 396.683178][T10653] futex_wake_op: syz.1.788 tries to shift op by -2048; fix this program [ 399.075443][T10700] block2mtd: illegal erase size [ 401.722082][T10759] netlink: 4 bytes leftover after parsing attributes in process `syz.2.801'. [ 401.732271][T10759] netlink: 13 bytes leftover after parsing attributes in process `syz.2.801'. [ 409.821971][T10918] block2mtd: illegal erase size [ 412.203716][T10954] block2mtd: illegal erase size [ 418.636718][T11089] block2mtd: illegal erase size [ 427.659251][ T796] Process accounting resumed [ 427.906824][T11253] netlink: 4 bytes leftover after parsing attributes in process `syz.1.871'. [ 427.920768][T11253] netlink: 354 bytes leftover after parsing attributes in process `syz.1.871'. [ 429.333277][T11274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.875'. [ 429.349440][T11274] netlink: 13 bytes leftover after parsing attributes in process `syz.3.875'. [ 432.324953][T11320] netlink: 4 bytes leftover after parsing attributes in process `syz.1.881'. [ 432.334614][T11320] netlink: 354 bytes leftover after parsing attributes in process `syz.1.881'. [ 435.288698][T11356] netlink: 4 bytes leftover after parsing attributes in process `syz.1.890'. [ 435.312308][T11356] netlink: 354 bytes leftover after parsing attributes in process `syz.1.890'. [ 435.794491][T11367] netlink: 4 bytes leftover after parsing attributes in process `syz.1.893'. [ 435.841253][T11367] netlink: 354 bytes leftover after parsing attributes in process `syz.1.893'. [ 440.002636][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.009233][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.103213][T10674] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 453.140510][T11683] netlink: 4 bytes leftover after parsing attributes in process `syz.3.941'. [ 453.149938][T11683] netlink: 354 bytes leftover after parsing attributes in process `syz.3.941'. [ 454.307183][T11704] netlink: 4 bytes leftover after parsing attributes in process `syz.0.945'. [ 454.327406][T11704] netlink: 354 bytes leftover after parsing attributes in process `syz.0.945'. [ 456.806424][T11742] program syz.2.954 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 456.864790][ T29] audit: type=1807 audit(4294967298.780:5): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 456.880454][T11740] ima: policy update failed [ 456.920410][ T29] audit: type=1802 audit(4294967298.790:6): pid=11742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.954" res=0 errno=0 [ 456.960666][ T29] audit: type=1802 audit(4294967298.810:7): pid=11740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.954" res=0 errno=0 [ 457.130764][T11748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.955'. [ 457.198964][T11748] netlink: 354 bytes leftover after parsing attributes in process `syz.2.955'. [ 463.211835][T11846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.973'. [ 463.222589][T11846] netlink: 354 bytes leftover after parsing attributes in process `syz.2.973'. [ 465.097826][T11887] bridge0: port 3(netdevsim2) entered blocking state [ 465.104816][T11887] bridge0: port 3(netdevsim2) entered disabled state [ 465.112096][T11887] netdevsim netdevsim1 netdevsim2: entered allmulticast mode [ 465.125319][T11887] netdevsim netdevsim1 netdevsim2: entered promiscuous mode [ 465.143600][T11887] bridge0: port 3(netdevsim2) entered blocking state [ 465.150653][T11887] bridge0: port 3(netdevsim2) entered forwarding state [ 466.596492][T11925] netlink: 4 bytes leftover after parsing attributes in process `syz.3.983'. [ 466.632663][T11925] netlink: 354 bytes leftover after parsing attributes in process `syz.3.983'. [ 468.909752][T11982] sg_write: process 1236 (syz.3.990) changed security contexts after opening file descriptor, this is not allowed. [ 469.182265][T11989] FAULT_INJECTION: forcing a failure. [ 469.182265][T11989] name failslab, interval 1, probability 0, space 0, times 0 [ 469.284331][T11989] CPU: 0 UID: 0 PID: 11989 Comm: syz.3.991 Not tainted syzkaller #0 PREEMPT(full) [ 469.284353][T11989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 469.284368][T11989] Call Trace: [ 469.284373][T11989] [ 469.284382][T11989] dump_stack_lvl+0x100/0x190 [ 469.284411][T11989] should_fail_ex.cold+0x5/0xa [ 469.284430][T11989] should_failslab+0xc2/0x120 [ 469.284446][T11989] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 469.284469][T11989] ? alloc_inode+0x183/0x250 [ 469.284487][T11989] ? stashed_dentry_get+0x10a/0x2c0 [ 469.284503][T11989] ? stashed_dentry_get+0x10a/0x2c0 [ 469.284522][T11989] alloc_inode+0x183/0x250 [ 469.284542][T11989] path_from_stashed+0x25b/0x750 [ 469.284562][T11989] pidfs_alloc_file+0xf8/0x290 [ 469.284576][T11989] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 469.284595][T11989] pidfd_prepare+0x123/0x200 [ 469.284614][T11989] __x64_sys_pidfd_open+0x105/0x1a0 [ 469.284635][T11989] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 469.284668][T11989] do_syscall_64+0x106/0xf80 [ 469.284683][T11989] ? clear_bhb_loop+0x40/0x90 [ 469.284701][T11989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.284716][T11989] RIP: 0033:0x7f86aef9c819 [ 469.284730][T11989] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 469.284743][T11989] RSP: 002b:00007f86afe2e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 469.284760][T11989] RAX: ffffffffffffffda RBX: 00007f86af215fa0 RCX: 00007f86aef9c819 [ 469.284770][T11989] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 469.284778][T11989] RBP: 00007f86af032c91 R08: 0000000000000000 R09: 0000000000000000 [ 469.284786][T11989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 469.284794][T11989] R13: 00007f86af216038 R14: 00007f86af215fa0 R15: 00007fff24db5d48 [ 469.284813][T11989] [ 470.046345][T12002] netlink: 4 bytes leftover after parsing attributes in process `syz.2.995'. [ 470.056018][T12002] netlink: 354 bytes leftover after parsing attributes in process `syz.2.995'. [ 470.455102][T11999] kexec: Could not allocate control_code_buffer [ 471.536757][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!! [ 479.373947][T12173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1026'. [ 479.384383][T12173] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1026'. [ 480.348486][T12183] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1029'. [ 480.425760][T12183] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 480.480029][T12183] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 480.560494][T12183] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 480.598374][T12183] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 483.555677][T12217] FAULT_INJECTION: forcing a failure. [ 483.555677][T12217] name failslab, interval 1, probability 0, space 0, times 0 [ 483.621602][T12217] CPU: 0 UID: 0 PID: 12217 Comm: syz.2.1036 Not tainted syzkaller #0 PREEMPT(full) [ 483.621638][T12217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 483.621654][T12217] Call Trace: [ 483.621664][T12217] [ 483.621674][T12217] dump_stack_lvl+0x100/0x190 [ 483.621720][T12217] should_fail_ex.cold+0x5/0xa [ 483.621754][T12217] should_failslab+0xc2/0x120 [ 483.621783][T12217] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 483.621819][T12217] ? security_inode_alloc+0x3b/0x2c0 [ 483.621849][T12217] ? lockdep_init_map_type+0x5c/0x250 [ 483.621898][T12217] security_inode_alloc+0x3b/0x2c0 [ 483.621931][T12217] inode_init_always_gfp+0xced/0x1040 [ 483.621963][T12217] alloc_inode+0x8e/0x250 [ 483.622000][T12217] new_inode+0x22/0x1c0 [ 483.622039][T12217] shmem_get_inode+0x212/0x1040 [ 483.622078][T12217] ? __pfx_shmem_get_inode+0x10/0x10 [ 483.622097][T12217] ? rcu_is_watching+0x12/0xc0 [ 483.622119][T12217] ? percpu_counter_add_batch+0xb9/0x230 [ 483.622149][T12217] __shmem_file_setup+0x3ac/0x490 [ 483.622170][T12217] ? __pfx___shmem_file_setup+0x10/0x10 [ 483.622194][T12217] ? vm_area_alloc+0x1f/0x160 [ 483.622216][T12217] shmem_zero_setup+0x96/0x1b0 [ 483.622231][T12217] __mmap_region+0x2198/0x29e0 [ 483.622256][T12217] ? __pfx___mmap_region+0x10/0x10 [ 483.622276][T12217] ? process_measurement+0x1f4/0x2350 [ 483.622294][T12217] ? __pfx_css_rstat_updated+0x10/0x10 [ 483.622323][T12217] ? __lock_acquire+0x4a5/0x2630 [ 483.622351][T12217] ? lock_acquire+0x1cf/0x380 [ 483.622369][T12217] ? find_held_lock+0x2b/0x80 [ 483.622392][T12217] ? trace_sched_exit_tp+0x13a/0x180 [ 483.622438][T12217] ? rcu_is_watching+0x12/0xc0 [ 483.622472][T12217] ? cap_capable+0x107/0x460 [ 483.622506][T12217] mmap_region+0x180/0x3e0 [ 483.622551][T12217] do_mmap+0xc63/0x12f0 [ 483.622576][T12217] ? __pfx_do_mmap+0x10/0x10 [ 483.622593][T12217] ? __pfx_down_write_killable+0x10/0x10 [ 483.622616][T12217] vm_mmap_pgoff+0x29e/0x470 [ 483.622637][T12217] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 483.622656][T12217] ? do_futex+0x192/0x350 [ 483.622676][T12217] ? __pfx_do_futex+0x10/0x10 [ 483.622699][T12217] ksys_mmap_pgoff+0xe1/0x650 [ 483.622718][T12217] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 483.622734][T12217] ? xfd_validate_state+0x129/0x190 [ 483.622759][T12217] __x64_sys_mmap+0x125/0x190 [ 483.622783][T12217] do_syscall_64+0x106/0xf80 [ 483.622798][T12217] ? clear_bhb_loop+0x40/0x90 [ 483.622816][T12217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.622830][T12217] RIP: 0033:0x7fd6fff9c819 [ 483.622844][T12217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 483.622858][T12217] RSP: 002b:00007fd700d87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 483.622872][T12217] RAX: ffffffffffffffda RBX: 00007fd700216270 RCX: 00007fd6fff9c819 [ 483.622889][T12217] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 483.622898][T12217] RBP: 00007fd700032c91 R08: fffffffffffffffa R09: 0000000000008000 [ 483.622907][T12217] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 483.622916][T12217] R13: 00007fd700216308 R14: 00007fd700216270 R15: 00007ffde9300198 [ 483.622936][T12217] [ 484.434302][T12232] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1039'. [ 484.444388][T12232] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1039'. [ 488.543927][T12295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1049'. [ 488.553871][T12295] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1049'. [ 497.175717][T12445] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1073'. [ 497.372161][T12445] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 497.417783][T12445] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 497.470220][T12445] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 497.616770][T12445] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 497.824228][T12458] netlink: 'syz.2.1083': attribute type 9 has an invalid length. [ 497.833293][T12458] netlink: 11616 bytes leftover after parsing attributes in process `syz.2.1083'. [ 501.443956][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.450714][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.793067][T12543] debugfs: 'ttyS2' already exists in 'caif_serial' [ 503.947523][T12571] futex_wake_op: syz.1.1094 tries to shift op by -2048; fix this program [ 503.992239][T12571] futex_wake_op: syz.1.1094 tries to shift op by -2048; fix this program [ 508.272111][T12650] FAULT_INJECTION: forcing a failure. [ 508.272111][T12650] name failslab, interval 1, probability 0, space 0, times 0 [ 508.302812][T12650] CPU: 0 UID: 0 PID: 12650 Comm: syz.1.1107 Not tainted syzkaller #0 PREEMPT(full) [ 508.302848][T12650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 508.302865][T12650] Call Trace: [ 508.302873][T12650] [ 508.302883][T12650] dump_stack_lvl+0x100/0x190 [ 508.302933][T12650] should_fail_ex.cold+0x5/0xa [ 508.302967][T12650] should_failslab+0xc2/0x120 [ 508.302999][T12650] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 508.303042][T12650] ? do_getname+0x35/0x390 [ 508.303085][T12650] do_getname+0x35/0x390 [ 508.303125][T12650] user_path_at+0x26/0x60 [ 508.303154][T12650] __x64_sys_mount+0x1fb/0x310 [ 508.303190][T12650] ? __pfx___x64_sys_mount+0x10/0x10 [ 508.303235][T12650] do_syscall_64+0x106/0xf80 [ 508.303265][T12650] ? clear_bhb_loop+0x40/0x90 [ 508.303298][T12650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 508.303338][T12650] RIP: 0033:0x7f20a679c819 [ 508.303367][T12650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 508.303395][T12650] RSP: 002b:00007f20a76de028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 508.303421][T12650] RAX: ffffffffffffffda RBX: 00007f20a6a16090 RCX: 00007f20a679c819 [ 508.303440][T12650] RDX: 0000200000000240 RSI: 0000000000000000 RDI: 0000200000000180 [ 508.303457][T12650] RBP: 00007f20a6832c91 R08: 0000200000000280 R09: 0000000000000000 [ 508.303475][T12650] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 508.303491][T12650] R13: 00007f20a6a16128 R14: 00007f20a6a16090 R15: 00007ffc57a274e8 [ 508.303528][T12650] [ 514.730677][T12766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1127'. [ 514.751052][T12766] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1127'. [ 518.318225][T12854] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1137'. [ 518.344257][T12854] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1137'. [ 519.716323][T12889] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1144'. [ 519.758030][T12889] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1144'. [ 527.153452][T13032] netlink: 'syz.0.1164': attribute type 9 has an invalid length. [ 527.176789][T13032] netlink: 11616 bytes leftover after parsing attributes in process `syz.0.1164'. [ 527.353639][T13031] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 527.384368][T13038] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1166'. [ 527.393963][T13038] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1166'. [ 527.946003][T13033] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 528.908432][T10666] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 529.699905][T13079] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1172'. [ 529.797595][T13079] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1172'. [ 536.847653][T13168] binder: 13154:13168 ioctl 40086602 e20 returned -22 [ 539.161791][T13213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1194'. [ 539.171400][T13213] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1194'. [ 542.021764][T13253] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 542.576757][T13253] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 543.142874][T13286] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1205'. [ 543.153934][T13286] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1205'. [ 545.851131][T13331] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1212'. [ 545.900465][T13331] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1212'. [ 546.517452][T13345] netlink: 'syz.3.1216': attribute type 11 has an invalid length. [ 546.556772][T13345] netlink: 'syz.3.1216': attribute type 1 has an invalid length. [ 546.576906][T13345] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1216'. [ 548.499112][T13375] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1221'. [ 548.527703][T13375] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1221'. [ 548.808914][T13379] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1222'. [ 548.818561][T13379] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1222'. [ 550.427479][T13409] futex_wake_op: syz.0.1229 tries to shift op by -2048; fix this program [ 551.015665][T13419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1231'. [ 551.045743][T13419] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1231'. [ 551.472901][T13425] netlink: 'syz.3.1233': attribute type 1 has an invalid length. [ 551.480811][T13425] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1233'. [ 552.237023][T13443] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1238'. [ 552.345511][T13443] FAULT_INJECTION: forcing a failure. [ 552.345511][T13443] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 552.345568][T13443] CPU: 1 UID: 0 PID: 13443 Comm: syz.2.1238 Not tainted syzkaller #0 PREEMPT(full) [ 552.345602][T13443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 552.345620][T13443] Call Trace: [ 552.345628][T13443] [ 552.345639][T13443] dump_stack_lvl+0x100/0x190 [ 552.345686][T13443] should_fail_ex.cold+0x5/0xa [ 552.345714][T13443] ? prepare_alloc_pages+0x16d/0x5f0 [ 552.345750][T13443] should_fail_alloc_page+0xeb/0x140 [ 552.345785][T13443] prepare_alloc_pages+0x1f0/0x5f0 [ 552.345821][T13443] ? bpf_ksym_find+0x124/0x1c0 [ 552.345860][T13443] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 552.345904][T13443] ? __kernel_text_address+0xd/0x30 [ 552.345945][T13443] ? unwind_get_return_address+0x59/0xa0 [ 552.345976][T13443] ? arch_stack_walk+0xa6/0xf0 [ 552.346015][T13443] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 552.346058][T13443] ? stack_trace_save+0x8e/0xc0 [ 552.346098][T13443] ? kasan_save_stack+0x30/0x50 [ 552.346124][T13443] ? kasan_save_track+0x14/0x30 [ 552.346155][T13443] ? __kasan_kmalloc+0xaa/0xb0 [ 552.346179][T13443] ? vc_allocate+0x1a6/0x880 [ 552.346222][T13443] ? fb_var_to_videomode+0x586/0x6a0 [ 552.346263][T13443] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 552.346295][T13443] ? policy_nodemask+0xed/0x4f0 [ 552.346330][T13443] alloc_pages_mpol+0x1fb/0x550 [ 552.346363][T13443] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 552.346393][T13443] ? lockdep_hardirqs_on+0x78/0x100 [ 552.346425][T13443] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 552.346460][T13443] ? vc_allocate+0x4c3/0x880 [ 552.346501][T13443] ___kmalloc_large_node+0x104/0x150 [ 552.346537][T13443] ? fbcon_init+0xb4a/0x1820 [ 552.346573][T13443] __kmalloc_large_node_noprof+0x1c/0x70 [ 552.346617][T13443] __kmalloc_noprof+0x5be/0x850 [ 552.346666][T13443] ? visual_init+0x3bd/0x620 [ 552.346706][T13443] vc_allocate+0x4c3/0x880 [ 552.346748][T13443] ? __pfx_vc_allocate+0x10/0x10 [ 552.346801][T13443] con_install+0xa1/0x620 [ 552.346847][T13443] ? __pfx_con_install+0x10/0x10 [ 552.346896][T13443] ? __pfx_con_install+0x10/0x10 [ 552.346940][T13443] tty_init_dev.part.0+0x9e/0x470 [ 552.346974][T13443] tty_open+0xa63/0xfa0 [ 552.347009][T13443] ? __pfx_tty_open+0x10/0x10 [ 552.347035][T13443] ? chrdev_open+0x589/0x6a0 [ 552.347065][T13443] ? chrdev_open+0x589/0x6a0 [ 552.347102][T13443] ? __pfx_tty_open+0x10/0x10 [ 552.347131][T13443] chrdev_open+0x234/0x6a0 [ 552.347172][T13443] ? __pfx_chrdev_open+0x10/0x10 [ 552.347206][T13443] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 552.347246][T13443] do_dentry_open+0x6d8/0x1660 [ 552.347273][T13443] ? __pfx_chrdev_open+0x10/0x10 [ 552.347309][T13443] vfs_open+0x82/0x3f0 [ 552.347346][T13443] path_openat+0x208c/0x31a0 [ 552.347388][T13443] ? __pfx_path_openat+0x10/0x10 [ 552.347432][T13443] do_file_open+0x20e/0x430 [ 552.347463][T13443] ? __pfx_do_file_open+0x10/0x10 [ 552.347518][T13443] ? alloc_fd+0x476/0x790 [ 552.347551][T13443] ? do_getname+0x191/0x390 [ 552.347592][T13443] do_sys_openat2+0x10d/0x1e0 [ 552.347627][T13443] ? __pfx_do_sys_openat2+0x10/0x10 [ 552.347676][T13443] __x64_sys_openat+0x12d/0x210 [ 552.347714][T13443] ? __pfx___x64_sys_openat+0x10/0x10 [ 552.347767][T13443] do_syscall_64+0x106/0xf80 [ 552.347796][T13443] ? clear_bhb_loop+0x40/0x90 [ 552.347832][T13443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.347860][T13443] RIP: 0033:0x7fd6fff9c819 [ 552.347884][T13443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 552.347911][T13443] RSP: 002b:00007fd700dea028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 552.347937][T13443] RAX: ffffffffffffffda RBX: 00007fd700215fa0 RCX: 00007fd6fff9c819 [ 552.347953][T13443] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 552.347970][T13443] RBP: 00007fd700032c91 R08: 0000000000000000 R09: 0000000000000000 [ 552.347982][T13443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.347993][T13443] R13: 00007fd700216038 R14: 00007fd700215fa0 R15: 00007ffde9300198 [ 552.348026][T13443] [ 554.331249][T13470] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1242'. [ 554.382340][T13470] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1242'. [ 554.396515][T13471] futex_wake_op: syz.2.1243 tries to shift op by -2048; fix this program [ 554.409932][T13471] futex_wake_op: syz.2.1243 tries to shift op by -2048; fix this program [ 554.494762][T13471] 0x000000000001-0x000000020000 : "" [ 554.654613][T13471] ftl_cs: FTL header corrupt! [ 557.597887][T13541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1254'. [ 557.620937][T13541] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1254'. [ 557.998129][T13547] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1263'. [ 558.007810][T13547] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1263'. [ 558.465466][T11513] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 558.465501][T11513] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 558.482495][T11513] Bluetooth: hci3: Dropping invalid advertising data [ 558.489431][T11513] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 559.240970][T13576] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1260'. [ 559.477029][T13576] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode [ 559.501067][T13576] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 560.362018][T13597] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1264'. [ 560.408175][T13597] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1264'. [ 560.470381][T13601] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1265'. [ 560.480083][T13601] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1265'. [ 560.787064][T13606] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 561.532489][T13614] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 562.238665][T13616] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 562.715349][T13644] netlink: 'syz.1.1274': attribute type 1 has an invalid length. [ 562.753671][T13644] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1274'. [ 562.881006][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.887522][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.027044][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 567.900722][T13764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1292'. [ 567.983915][T13764] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1292'. [ 569.030069][T13776] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 569.072985][T13776] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 569.129395][T13776] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 569.170596][T13776] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 569.200242][T13776] page dumped because: unmovable page [ 569.226720][T13776] page_owner tracks the page as allocated [ 569.243747][T13776] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 5818, tgid 5818 (syz-executor), ts 81414969524, free_ts 69753292218 [ 569.320166][T13776] post_alloc_hook+0x153/0x170 [ 569.338134][T13776] get_page_from_freelist+0x111d/0x3140 [ 569.353821][T13776] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 569.364576][T13776] alloc_pages_bulk_noprof+0x782/0x1490 [ 569.384981][T13771] kexec: Could not allocate control_code_buffer [ 569.391360][T13776] __kasan_populate_vmalloc+0xf0/0x210 [ 569.403628][T13776] alloc_vmap_area+0x95d/0x2bd0 [ 569.432573][T13776] __get_vm_area_node+0x1ca/0x330 [ 569.442751][T13776] __vmalloc_node_range_noprof+0x213/0x1530 [ 569.469272][T13776] vmalloc_user_noprof+0x9e/0xe0 [ 569.496756][T13776] kcov_ioctl+0x4c/0x720 [ 569.516808][T13776] __x64_sys_ioctl+0x18e/0x210 [ 569.522187][T13776] do_syscall_64+0x106/0xf80 [ 569.554652][T13776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.606939][T13776] page last free pid 5770 tgid 5770 stack trace: [ 569.617743][T13776] __free_frozen_pages+0x7e1/0x10d0 [ 569.622981][T13776] __folio_put+0x3b4/0x540 [ 569.786401][T13776] anon_pipe_buf_release+0x40c/0x530 [ 569.802870][T13776] anon_pipe_read+0x5cd/0x1200 [ 569.840637][T13776] vfs_read+0x957/0xb30 [ 569.844848][T13776] ksys_read+0x1f8/0x250 [ 569.863908][T13776] do_syscall_64+0x106/0xf80 [ 569.885172][T13776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.028364][T13818] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1303'. [ 571.038497][T13818] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1303'. [ 577.420491][T13928] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 577.531362][T13931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1320'. [ 577.634360][T13931] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1320'. [ 579.548425][T13963] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1325'. [ 579.563805][T13963] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1325'. [ 580.922873][T13989] random: crng reseeded on system resumption [ 581.163935][T11513] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 581.163979][T11513] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 581.180458][T11513] Bluetooth: hci0: Dropping invalid advertising data [ 581.199101][T11513] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 584.401041][T14048] futex_wake_op: syz.0.1340 tries to shift op by -2048; fix this program [ 584.449104][T14048] futex_wake_op: syz.0.1340 tries to shift op by -2048; fix this program [ 585.839808][T14079] block2mtd: illegal erase size [ 587.941196][T14111] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 587.947858][T14111] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 590.564671][T14171] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1361'. [ 596.044500][T14264] random: crng reseeded on system resumption [ 599.663040][T14348] block2mtd: illegal erase size [ 616.932887][T14673] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 618.956107][T14704] FAULT_INJECTION: forcing a failure. [ 618.956107][T14704] name failslab, interval 1, probability 0, space 0, times 0 [ 618.978384][T14704] CPU: 0 UID: 0 PID: 14704 Comm: syz.2.1450 Not tainted syzkaller #0 PREEMPT(full) [ 618.978420][T14704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 618.978437][T14704] Call Trace: [ 618.978446][T14704] [ 618.978458][T14704] dump_stack_lvl+0x100/0x190 [ 618.978507][T14704] should_fail_ex.cold+0x5/0xa [ 618.978526][T14704] should_failslab+0xc2/0x120 [ 618.978543][T14704] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 618.978565][T14704] ? security_file_alloc+0x34/0x2c0 [ 618.978584][T14704] ? trace_kmem_cache_alloc+0xf3/0x120 [ 618.978603][T14704] security_file_alloc+0x34/0x2c0 [ 618.978623][T14704] init_file+0x95/0x480 [ 618.978642][T14704] alloc_empty_file+0x73/0x1c0 [ 618.978662][T14704] dentry_open+0x46/0xd0 [ 618.978681][T14704] acct_on+0x189/0x9e0 [ 618.978703][T14704] ? __pfx_acct_on+0x10/0x10 [ 618.978724][T14704] ? bpf_lsm_capable+0x9/0x10 [ 618.978740][T14704] ? security_capable+0x80/0x260 [ 618.978756][T14704] __x64_sys_acct+0x81/0x1e0 [ 618.978777][T14704] ? lockdep_hardirqs_on+0x78/0x100 [ 618.978793][T14704] do_syscall_64+0x106/0xf80 [ 618.978807][T14704] ? clear_bhb_loop+0x40/0x90 [ 618.978825][T14704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.978840][T14704] RIP: 0033:0x7fd6fff9c819 [ 618.978854][T14704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 618.978868][T14704] RSP: 002b:00007fd700dea028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 618.978882][T14704] RAX: ffffffffffffffda RBX: 00007fd700215fa0 RCX: 00007fd6fff9c819 [ 618.978892][T14704] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 618.978900][T14704] RBP: 00007fd700032c91 R08: 0000000000000000 R09: 0000000000000000 [ 618.978909][T14704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 618.978917][T14704] R13: 00007fd700216038 R14: 00007fd700215fa0 R15: 00007ffde9300198 [ 618.978936][T14704] [ 619.649238][T14721] program syz.1.1452 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 619.687081][T14721] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 623.154008][T14794] zram0: detected capacity change from 16 to 0 [ 624.336016][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.343020][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.468619][T14811] input: jJǸ-9%vJ86 as /devices/virtual/input/input29 [ 626.795651][T10671] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.065416][T14867] input: jJǸ-9%vJ86 as /devices/virtual/input/input30 [ 629.574457][T14927] input: jJǸ-9%vJ86 as /devices/virtual/input/input31 [ 634.896371][T15034] misc userio: Invalid payload size [ 637.271069][T15072] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 637.285198][T15072] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 637.344080][T15072] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 637.430350][T15072] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 637.552421][T15072] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 637.588931][T15072] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 639.138838][T15103] program syz.3.1527 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 639.154577][ T29] audit: type=1807 audit(4294975281.080:8): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 639.178642][T15102] ima: policy update failed [ 639.184292][ T29] audit: type=1802 audit(4294975281.080:9): pid=15103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.1527" res=0 errno=0 [ 639.415360][T11513] Bluetooth: hci1: command 0x0c1a tx timeout [ 639.422443][T10666] Bluetooth: hci0: command 0x0c1a tx timeout [ 639.438337][ T29] audit: type=1802 audit(4294975281.120:10): pid=15102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1527" res=0 errno=0 [ 639.596660][T11513] Bluetooth: hci3: command 0x0c1a tx timeout [ 639.603907][T10666] Bluetooth: hci2: command 0x0c1a tx timeout [ 641.516931][T11513] Bluetooth: hci1: command 0x0c1a tx timeout [ 641.524019][T10666] Bluetooth: hci0: command 0x0c1a tx timeout [ 642.556225][T15167] misc userio: Invalid payload size [ 643.068112][T15183] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 643.826509][T15194] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 643.860262][T15194] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 643.923182][T15194] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 643.956804][T15194] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 645.642903][T15245] nbd: illegal input index 37139 [ 645.748423][T15249] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1554'. [ 645.836688][T11513] Bluetooth: hci0: command 0x0c1a tx timeout [ 645.916847][T11513] Bluetooth: hci1: command 0x0c1a tx timeout [ 646.003018][T11513] Bluetooth: hci3: command 0x0c1a tx timeout [ 646.009307][T10666] Bluetooth: hci2: command 0x0c1a tx timeout [ 648.512061][T15303] mkiss: ax0: crc mode is auto. [ 652.320789][T15362] NFSD: Failed to start, no listeners configured. [ 654.923903][T15408] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 656.211961][T15428] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1584'. [ 656.729870][T15441] input: jJǸ-9%vJ86 as /devices/virtual/input/input32 [ 658.296662][T15454] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 658.296662][T15454] The task syz.2.1596 (15454) triggered the difference, watch for misbehavior. [ 658.316692][T15459] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 658.341874][T15459] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 658.388811][T15459] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 658.395015][T15459] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 659.090494][T15469] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1591'. [ 660.396776][T10666] Bluetooth: hci3: command 0x0c1a tx timeout [ 660.402802][T10666] Bluetooth: hci2: command 0x0c1a tx timeout [ 660.409097][T11513] Bluetooth: hci1: command 0x0c1a tx timeout [ 660.415433][T11513] Bluetooth: hci0: command 0x0c1a tx timeout [ 661.738728][T15532] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1603'. [ 661.749974][T15532] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1603'. [ 664.656419][T15573] FAULT_INJECTION: forcing a failure. [ 664.656419][T15573] name failslab, interval 1, probability 0, space 0, times 0 [ 664.723282][T15573] CPU: 1 UID: 0 PID: 15573 Comm: syz.1.1614 Not tainted syzkaller #0 PREEMPT(full) [ 664.723321][T15573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 664.723338][T15573] Call Trace: [ 664.723347][T15573] [ 664.723358][T15573] dump_stack_lvl+0x100/0x190 [ 664.723409][T15573] should_fail_ex.cold+0x5/0xa [ 664.723444][T15573] should_failslab+0xc2/0x120 [ 664.723477][T15573] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 664.723521][T15573] ? __kernfs_new_node+0xd2/0x960 [ 664.723571][T15573] __kernfs_new_node+0xd2/0x960 [ 664.723614][T15573] ? kernfs_add_one+0x214/0x850 [ 664.723650][T15573] ? __pfx___kernfs_new_node+0x10/0x10 [ 664.723703][T15573] ? find_held_lock+0x2b/0x80 [ 664.723731][T15573] ? kernfs_root+0xee/0x2a0 [ 664.723772][T15573] ? kernfs_root+0xee/0x2a0 [ 664.723823][T15573] kernfs_new_node+0x11b/0x1a0 [ 664.723858][T15573] kernfs_create_link+0xcc/0x240 [ 664.723897][T15573] sysfs_do_create_link_sd+0x90/0x140 [ 664.723942][T15573] sysfs_create_link+0x61/0xc0 [ 664.723983][T15573] device_add+0x553/0x1950 [ 664.724024][T15573] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 664.724055][T15573] ? __pfx_device_add+0x10/0x10 [ 664.724093][T15573] ? lockdep_init_map_type+0x5c/0x250 [ 664.724133][T15573] ? __init_waitqueue_head+0xca/0x150 [ 664.724187][T15573] netdev_register_kobject+0x1a9/0x3d0 [ 664.724227][T15573] register_netdevice+0x12e0/0x2210 [ 664.724266][T15573] ? __pfx_register_netdevice+0x10/0x10 [ 664.724309][T15573] __ip_tunnel_create+0x52b/0x670 [ 664.724342][T15573] ? __pfx___ip_tunnel_create+0x10/0x10 [ 664.724371][T15573] ? net_generic+0xea/0x2a0 [ 664.724410][T15573] ip_tunnel_init_net+0x230/0x780 [ 664.724446][T15573] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 664.724488][T15573] ? __kmalloc_noprof+0x320/0x850 [ 664.724536][T15573] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 664.724579][T15573] ops_init+0x1e2/0x5f0 [ 664.724613][T15573] setup_net+0x118/0x3a0 [ 664.724653][T15573] ? __pfx_setup_net+0x10/0x10 [ 664.724681][T15573] ? lockdep_init_map_type+0x5c/0x250 [ 664.724722][T15573] ? mutex_init_lockep+0x110/0x150 [ 664.724768][T15573] copy_net_ns+0x46f/0x7c0 [ 664.724806][T15573] create_new_namespaces+0x3ea/0xac0 [ 664.724847][T15573] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 664.724883][T15573] ksys_unshare+0x473/0xad0 [ 664.724923][T15573] ? __pfx_ksys_unshare+0x10/0x10 [ 664.724974][T15573] __x64_sys_unshare+0x31/0x40 [ 664.725010][T15573] do_syscall_64+0x106/0xf80 [ 664.725040][T15573] ? clear_bhb_loop+0x40/0x90 [ 664.725075][T15573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.725104][T15573] RIP: 0033:0x7f20a679c819 [ 664.725128][T15573] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 664.725155][T15573] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 664.725182][T15573] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 664.725201][T15573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 664.725219][T15573] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 664.725236][T15573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 664.725253][T15573] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 664.725293][T15573] [ 665.395364][T15580] mkiss: ax0: crc mode is auto. [ 668.891828][T15634] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 669.058707][T15634] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 669.281296][T15634] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 669.593379][T15634] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 670.302369][T15654] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1628'. [ 670.959605][T15508] Bluetooth: hci0: command 0x0c1a tx timeout [ 671.116802][T15508] Bluetooth: hci1: command 0x0c1a tx timeout [ 671.198872][T15508] Bluetooth: hci2: command 0x0c1a tx timeout [ 671.596732][T15508] Bluetooth: hci3: command 0x0c1a tx timeout [ 671.656432][T15669] futex_wake_op: syz.0.1632 tries to shift op by -2048; fix this program [ 674.057991][T15721] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 674.065980][T15721] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 674.074029][T15721] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 674.082076][T15721] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 675.894396][T15742] FAULT_INJECTION: forcing a failure. [ 675.894396][T15742] name failslab, interval 1, probability 0, space 0, times 0 [ 675.907275][T15742] CPU: 1 UID: 0 PID: 15742 Comm: syz.3.1644 Not tainted syzkaller #0 PREEMPT(full) [ 675.907313][T15742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 675.907330][T15742] Call Trace: [ 675.907340][T15742] [ 675.907351][T15742] dump_stack_lvl+0x100/0x190 [ 675.907402][T15742] should_fail_ex.cold+0x5/0xa [ 675.907438][T15742] should_failslab+0xc2/0x120 [ 675.907471][T15742] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 675.907523][T15742] ? __kernfs_new_node+0xd2/0x960 [ 675.907574][T15742] __kernfs_new_node+0xd2/0x960 [ 675.907622][T15742] ? __pfx___kernfs_new_node+0x10/0x10 [ 675.907674][T15742] ? find_held_lock+0x2b/0x80 [ 675.907702][T15742] ? kernfs_root+0xee/0x2a0 [ 675.907742][T15742] ? kernfs_root+0xee/0x2a0 [ 675.907794][T15742] kernfs_new_node+0x11b/0x1a0 [ 675.907828][T15742] __kernfs_create_file+0x53/0x350 [ 675.907868][T15742] sysfs_add_file_mode_ns+0x207/0x3c0 [ 675.907917][T15742] internal_create_group+0x593/0xf40 [ 675.907972][T15742] ? __pfx_internal_create_group+0x10/0x10 [ 675.908022][T15742] ? kernfs_create_link+0x1bd/0x240 [ 675.908063][T15742] internal_create_groups+0x9d/0x150 [ 675.908110][T15742] device_add+0x71a/0x1950 [ 675.908151][T15742] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 675.908181][T15742] ? __pfx_device_add+0x10/0x10 [ 675.908219][T15742] ? lockdep_init_map_type+0x5c/0x250 [ 675.908259][T15742] ? __init_waitqueue_head+0xca/0x150 [ 675.908311][T15742] netdev_register_kobject+0x1a9/0x3d0 [ 675.908351][T15742] register_netdevice+0x12e0/0x2210 [ 675.908390][T15742] ? __pfx_register_netdevice+0x10/0x10 [ 675.908433][T15742] __ip_tunnel_create+0x52b/0x670 [ 675.908467][T15742] ? __pfx___ip_tunnel_create+0x10/0x10 [ 675.908496][T15742] ? net_generic+0xea/0x2a0 [ 675.908540][T15742] ip_tunnel_init_net+0x230/0x780 [ 675.908577][T15742] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 675.908620][T15742] ? __kmalloc_noprof+0x320/0x850 [ 675.908669][T15742] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 675.908713][T15742] ops_init+0x1e2/0x5f0 [ 675.908748][T15742] setup_net+0x118/0x3a0 [ 675.908779][T15742] ? __pfx_setup_net+0x10/0x10 [ 675.908806][T15742] ? lockdep_init_map_type+0x5c/0x250 [ 675.908846][T15742] ? mutex_init_lockep+0x110/0x150 [ 675.908893][T15742] copy_net_ns+0x46f/0x7c0 [ 675.908930][T15742] create_new_namespaces+0x3ea/0xac0 [ 675.908971][T15742] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 675.909007][T15742] ksys_unshare+0x473/0xad0 [ 675.909047][T15742] ? __pfx_ksys_unshare+0x10/0x10 [ 675.909099][T15742] __x64_sys_unshare+0x31/0x40 [ 675.909135][T15742] do_syscall_64+0x106/0xf80 [ 675.909164][T15742] ? clear_bhb_loop+0x40/0x90 [ 675.909201][T15742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.909230][T15742] RIP: 0033:0x7f86aef9c819 [ 675.909255][T15742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 675.909282][T15742] RSP: 002b:00007f86afe0d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 675.909310][T15742] RAX: ffffffffffffffda RBX: 00007f86af216090 RCX: 00007f86aef9c819 [ 675.909329][T15742] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 675.909346][T15742] RBP: 00007f86af032c91 R08: 0000000000000000 R09: 0000000000000000 [ 675.909364][T15742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 675.909380][T15742] R13: 00007f86af216128 R14: 00007f86af216090 R15: 00007fff24db5d48 [ 675.909420][T15742] [ 676.286574][T10674] Bluetooth: hci3: command 0x0c1a tx timeout [ 676.292653][T10674] Bluetooth: hci2: command 0x0c1a tx timeout [ 676.298675][T10674] Bluetooth: hci1: command 0x0c1a tx timeout [ 676.304696][T10674] Bluetooth: hci0: command 0x0c1a tx timeout [ 679.755918][T15803] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 680.371912][T15798] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 680.398419][T15798] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 680.404735][T15798] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 680.430594][T15798] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 680.797387][T15508] Bluetooth: hci0: command 0x0c1a tx timeout [ 681.089790][T15841] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1664'. syzkaller syzkaller login: [ 682.476698][T15508] Bluetooth: hci3: command 0x0c1a tx timeout [ 682.483561][T15508] Bluetooth: hci2: command 0x0c1a tx timeout [ 682.489686][T10674] Bluetooth: hci1: command 0x0c1a tx timeout [ 684.621863][T15901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1676'. [ 684.647729][T15901] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1676'. [ 685.331478][T15916] syz.2.1681 (15916): attempted to duplicate a private mapping with mremap. This is not supported. [ 685.777184][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.784104][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.815961][T15913] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1681'. [ 687.288955][T15947] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 687.312946][T15947] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 687.331799][T15947] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 687.354285][T15947] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 689.097635][T15985] FAULT_INJECTION: forcing a failure. [ 689.097635][T15985] name failslab, interval 1, probability 0, space 0, times 0 [ 689.110579][T15985] CPU: 1 UID: 0 PID: 15985 Comm: syz.1.1696 Not tainted syzkaller #0 PREEMPT(full) [ 689.110614][T15985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 689.110628][T15985] Call Trace: [ 689.110636][T15985] [ 689.110647][T15985] dump_stack_lvl+0x100/0x190 [ 689.110696][T15985] should_fail_ex.cold+0x5/0xa [ 689.110732][T15985] should_failslab+0xc2/0x120 [ 689.110764][T15985] __kmalloc_cache_noprof+0x7a/0x6f0 [ 689.110802][T15985] ? rose_add_loopback_node+0x16b/0x460 [ 689.110849][T15985] rose_add_loopback_node+0x16b/0x460 [ 689.110886][T15985] ? __pfx_rose_open+0x10/0x10 [ 689.110912][T15985] rose_open+0x3e/0x110 [ 689.110938][T15985] ? __pfx_rose_open+0x10/0x10 [ 689.110962][T15985] __dev_open+0x3ad/0x960 [ 689.111003][T15985] ? __pfx___dev_open+0x10/0x10 [ 689.111048][T15985] ? __local_bh_enable_ip+0x9e/0x120 [ 689.111083][T15985] __dev_change_flags+0x558/0x6f0 [ 689.111140][T15985] ? __pfx___dev_change_flags+0x10/0x10 [ 689.111197][T15985] netif_change_flags+0x8d/0x160 [ 689.111247][T15985] dev_change_flags+0xba/0x250 [ 689.111283][T15985] flags_store+0x187/0x1e0 [ 689.111325][T15985] ? __pfx_flags_store+0x10/0x10 [ 689.111368][T15985] ? find_held_lock+0x2b/0x80 [ 689.111396][T15985] ? sysfs_file_kobj+0xe4/0x290 [ 689.111431][T15985] ? sysfs_file_kobj+0xe4/0x290 [ 689.111470][T15985] ? __pfx_flags_store+0x10/0x10 [ 689.111510][T15985] dev_attr_store+0x58/0x80 [ 689.111548][T15985] ? __pfx_dev_attr_store+0x10/0x10 [ 689.111586][T15985] sysfs_kf_write+0xf2/0x150 [ 689.111627][T15985] kernfs_fop_write_iter+0x3e0/0x5f0 [ 689.111659][T15985] ? __pfx_sysfs_kf_write+0x10/0x10 [ 689.111698][T15985] vfs_write+0x6ac/0x1070 [ 689.111729][T15985] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 689.111767][T15985] ? __pfx_vfs_write+0x10/0x10 [ 689.111823][T15985] ksys_write+0x12a/0x250 [ 689.111853][T15985] ? __pfx_ksys_write+0x10/0x10 [ 689.111887][T15985] do_syscall_64+0x106/0xf80 [ 689.111914][T15985] ? clear_bhb_loop+0x40/0x90 [ 689.111949][T15985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.111979][T15985] RIP: 0033:0x7f20a679c819 [ 689.112003][T15985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 689.112029][T15985] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 689.112054][T15985] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 689.112073][T15985] RDX: 0000000000000081 RSI: 0000200000000140 RDI: 0000000000000002 [ 689.112090][T15985] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 689.112107][T15985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 689.112123][T15985] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 689.112172][T15985] [ 689.395660][T15508] Bluetooth: hci3: command 0x0c1a tx timeout [ 689.402333][T15508] Bluetooth: hci2: command 0x0c1a tx timeout [ 689.408443][T15508] Bluetooth: hci1: command 0x0c1a tx timeout [ 689.414455][T15508] Bluetooth: hci0: command 0x0c1a tx timeout [ 689.811734][T15991] Invalid ELF header magic: != ELF [ 690.232992][T16002] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 690.307591][T16002] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 690.506263][T16002] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 690.563630][T16002] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 692.238367][T10666] Bluetooth: hci0: command 0x0c1a tx timeout [ 692.318595][T10666] Bluetooth: hci1: command 0x0c1a tx timeout [ 692.556702][T10666] Bluetooth: hci2: command 0x0c1a tx timeout [ 692.636699][T10666] Bluetooth: hci3: command 0x0c1a tx timeout [ 693.132617][T16062] Invalid ELF header magic: != ELF [ 693.229733][T16066] futex_wake_op: syz.2.1712 tries to shift op by -2048; fix this program [ 695.315211][T16088] FAULT_INJECTION: forcing a failure. [ 695.315211][T16088] name failslab, interval 1, probability 0, space 0, times 0 [ 695.346628][T16088] CPU: 1 UID: 0 PID: 16088 Comm: syz.2.1718 Not tainted syzkaller #0 PREEMPT(full) [ 695.346667][T16088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 695.346684][T16088] Call Trace: [ 695.346692][T16088] [ 695.346705][T16088] dump_stack_lvl+0x100/0x190 [ 695.346755][T16088] should_fail_ex.cold+0x5/0xa [ 695.346789][T16088] should_failslab+0xc2/0x120 [ 695.346821][T16088] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 695.346865][T16088] ? seq_open+0x55/0x170 [ 695.346911][T16088] seq_open+0x55/0x170 [ 695.346951][T16088] blk_mq_debugfs_open+0x106/0x1b0 [ 695.346998][T16088] ? __pfx_blk_mq_debugfs_open+0x10/0x10 [ 695.347040][T16088] full_proxy_open_regular+0x1b6/0x370 [ 695.347070][T16088] do_dentry_open+0x6d8/0x1660 [ 695.347100][T16088] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 695.347139][T16088] vfs_open+0x82/0x3f0 [ 695.347180][T16088] path_openat+0x208c/0x31a0 [ 695.347224][T16088] ? __pfx_path_openat+0x10/0x10 [ 695.347269][T16088] do_file_open+0x20e/0x430 [ 695.347311][T16088] ? __pfx_do_file_open+0x10/0x10 [ 695.347371][T16088] ? alloc_fd+0x476/0x790 [ 695.347405][T16088] ? do_getname+0x191/0x390 [ 695.347447][T16088] do_sys_openat2+0x10d/0x1e0 [ 695.347486][T16088] ? __pfx_do_sys_openat2+0x10/0x10 [ 695.347529][T16088] ? __fget_files+0x21f/0x3d0 [ 695.347565][T16088] __x64_sys_openat+0x12d/0x210 [ 695.347606][T16088] ? __pfx___x64_sys_openat+0x10/0x10 [ 695.347660][T16088] do_syscall_64+0x106/0xf80 [ 695.347688][T16088] ? clear_bhb_loop+0x40/0x90 [ 695.347723][T16088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.347753][T16088] RIP: 0033:0x7fd6fff9c819 [ 695.347777][T16088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 695.347804][T16088] RSP: 002b:00007fd700dea028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 695.347831][T16088] RAX: ffffffffffffffda RBX: 00007fd700215fa0 RCX: 00007fd6fff9c819 [ 695.347849][T16088] RDX: 0000000000000000 RSI: 0000200000000300 RDI: ffffffffffffff9c [ 695.347867][T16088] RBP: 00007fd700032c91 R08: 0000000000000000 R09: 0000000000000000 [ 695.347884][T16088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 695.347900][T16088] R13: 00007fd700216038 R14: 00007fd700215fa0 R15: 00007ffde9300198 [ 695.347938][T16088] [ 695.924366][T16095] netlink: 122 bytes leftover after parsing attributes in process `syz.2.1718'. [ 702.237863][T16219] futex_wake_op: syz.3.1739 tries to shift op by -2048; fix this program [ 702.594718][T16198] kexec: Could not allocate control_code_buffer [ 702.763360][T16228] Invalid ELF header magic: != ELF [ 703.902823][T16250] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 703.909582][T16250] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 703.952860][T16250] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 704.025506][T16250] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 704.816617][T16263] FAULT_INJECTION: forcing a failure. [ 704.816617][T16263] name failslab, interval 1, probability 0, space 0, times 0 [ 704.861474][T16263] CPU: 1 UID: 0 PID: 16263 Comm: syz.1.1749 Not tainted syzkaller #0 PREEMPT(full) [ 704.861516][T16263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 704.861533][T16263] Call Trace: [ 704.861542][T16263] [ 704.861553][T16263] dump_stack_lvl+0x100/0x190 [ 704.861602][T16263] should_fail_ex.cold+0x5/0xa [ 704.861636][T16263] should_failslab+0xc2/0x120 [ 704.861667][T16263] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 704.861711][T16263] ? alloc_empty_file+0x55/0x1c0 [ 704.861745][T16263] ? __pfx_stack_trace_save+0x10/0x10 [ 704.861776][T16263] alloc_empty_file+0x55/0x1c0 [ 704.861799][T16263] path_openat+0xe8/0x31a0 [ 704.861814][T16263] ? kasan_save_stack+0x3f/0x50 [ 704.861827][T16263] ? kasan_save_stack+0x30/0x50 [ 704.861839][T16263] ? kasan_save_track+0x14/0x30 [ 704.861851][T16263] ? __kasan_slab_alloc+0x89/0x90 [ 704.861864][T16263] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 704.861886][T16263] ? do_getname+0x35/0x390 [ 704.861903][T16263] ? do_sys_openat2+0xc5/0x1e0 [ 704.861922][T16263] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.861939][T16263] ? __pfx_path_openat+0x10/0x10 [ 704.861961][T16263] do_file_open+0x20e/0x430 [ 704.861978][T16263] ? __pfx_do_file_open+0x10/0x10 [ 704.862007][T16263] ? alloc_fd+0x476/0x790 [ 704.862024][T16263] ? do_getname+0x191/0x390 [ 704.862044][T16263] do_sys_openat2+0x10d/0x1e0 [ 704.862064][T16263] ? __pfx_do_sys_openat2+0x10/0x10 [ 704.862090][T16263] __x64_sys_openat+0x12d/0x210 [ 704.862110][T16263] ? __pfx___x64_sys_openat+0x10/0x10 [ 704.862138][T16263] do_syscall_64+0x106/0xf80 [ 704.862153][T16263] ? clear_bhb_loop+0x40/0x90 [ 704.862170][T16263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.862185][T16263] RIP: 0033:0x7f20a679c819 [ 704.862198][T16263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 704.862212][T16263] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 704.862226][T16263] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 704.862236][T16263] RDX: 0000000000038000 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 704.862245][T16263] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 704.862254][T16263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 704.862266][T16263] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 704.862285][T16263] [ 705.229315][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 705.918085][T15508] Bluetooth: hci0: command 0x0c1a tx timeout [ 705.924796][T10666] Bluetooth: hci1: command 0x0c1a tx timeout [ 705.996893][T10666] Bluetooth: hci2: command 0x0c1a tx timeout [ 706.076680][T10666] Bluetooth: hci3: command 0x0c1a tx timeout [ 706.970765][T16297] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1755'. [ 707.627470][T16306] futex_wake_op: syz.3.1758 tries to shift op by -2048; fix this program [ 707.660031][T16306] random: crng reseeded on system resumption [ 710.395255][T16360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1776'. [ 710.770391][T16367] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1778'. [ 710.787098][T16369] futex_wake_op: syz.1.1769 tries to shift op by -2048; fix this program [ 711.493635][T16381] netlink: 'syz.3.1772': attribute type 11 has an invalid length. [ 711.549754][T16381] netlink: 'syz.3.1772': attribute type 11 has an invalid length. [ 711.586541][T16381] netlink: 'syz.3.1772': attribute type 11 has an invalid length. [ 711.624742][T16381] netlink: 'syz.3.1772': attribute type 11 has an invalid length. [ 712.819287][T16393] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1775'. [ 716.784869][T16455] pim6reg: entered allmulticast mode [ 720.772128][T16512] futex_wake_op: syz.2.1799 tries to shift op by -2048; fix this program [ 720.821799][T16512] futex_wake_op: syz.2.1799 tries to shift op by -2048; fix this program [ 720.945326][T16512] 0x000000000001-0x000000020000 : "" [ 720.987069][T16512] ftl_cs: FTL header corrupt! [ 721.380516][T16514] misc userio: Invalid payload size [ 721.887301][T16532] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1803'. [ 721.940878][T16535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1804'. [ 721.956247][T16535] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1804'. [ 723.746894][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 726.309723][T16603] bridge_slave_1: left allmulticast mode [ 726.315436][T16603] bridge_slave_1: left promiscuous mode [ 726.323757][T16603] bridge0: port 2(bridge_slave_1) entered disabled state [ 727.579791][T16630] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1823'. [ 727.987929][T16608] Unable to find swap-space signature [ 728.403730][T11759] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1334 with max blocks 23 with error 74 [ 728.417067][T11759] EXT4-fs (sda1): This should not happen!! Data will be lost [ 728.417067][T11759] [ 729.018096][T16643] zswap: compressor not available [ 730.036082][T16681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1833'. [ 730.227049][T16681] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1833'. [ 731.603595][T16702] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 731.609904][T16702] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 731.616979][T16702] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 731.628110][T16702] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 732.311216][T16714] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1841'. [ 732.356181][T16714] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1841'. [ 732.455886][T16700] kexec: Could not allocate control_code_buffer [ 733.118919][T10666] Bluetooth: hci0: command 0x0c1a tx timeout [ 733.676616][T15508] Bluetooth: hci3: command 0x0c1a tx timeout [ 733.683634][T10666] Bluetooth: hci2: command 0x0c1a tx timeout [ 733.689660][T10674] Bluetooth: hci1: command 0x0c1a tx timeout [ 736.179583][T16766] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 736.186708][T16766] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 736.210282][T16766] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 736.216380][T16766] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 737.757229][T10666] Bluetooth: hci0: command 0x0c1a tx timeout [ 737.769545][T16793] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1860'. [ 738.236620][T10666] Bluetooth: hci3: command 0x0c1a tx timeout [ 738.242672][T15508] Bluetooth: hci2: command 0x0c1a tx timeout [ 738.248835][T10674] Bluetooth: hci1: command 0x0c1a tx timeout [ 743.633159][T16885] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1877'. [ 745.474361][T16908] FAULT_INJECTION: forcing a failure. [ 745.474361][T16908] name failslab, interval 1, probability 0, space 0, times 0 [ 745.489332][T16908] CPU: 1 UID: 0 PID: 16908 Comm: syz.2.1884 Tainted: G L syzkaller #0 PREEMPT(full) [ 745.489375][T16908] Tainted: [L]=SOFTLOCKUP [ 745.489385][T16908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 745.489402][T16908] Call Trace: [ 745.489411][T16908] [ 745.489421][T16908] dump_stack_lvl+0x100/0x190 [ 745.489471][T16908] should_fail_ex.cold+0x5/0xa [ 745.489504][T16908] ? xfrm_hash_alloc+0xcf/0x100 [ 745.489538][T16908] should_failslab+0xc2/0x120 [ 745.489571][T16908] __kmalloc_noprof+0xe0/0x850 [ 745.489624][T16908] xfrm_hash_alloc+0xcf/0x100 [ 745.489659][T16908] xfrm_state_init+0x15f/0x570 [ 745.489701][T16908] ? __pfx_xfrm_net_init+0x10/0x10 [ 745.489738][T16908] xfrm_net_init+0x20e/0xcf0 [ 745.489782][T16908] ? __pfx_xfrm_net_init+0x10/0x10 [ 745.489819][T16908] ops_init+0x1e2/0x5f0 [ 745.489854][T16908] setup_net+0x118/0x3a0 [ 745.489884][T16908] ? __pfx_setup_net+0x10/0x10 [ 745.489912][T16908] ? lockdep_init_map_type+0x5c/0x250 [ 745.489954][T16908] ? mutex_init_lockep+0x110/0x150 [ 745.490000][T16908] copy_net_ns+0x46f/0x7c0 [ 745.490037][T16908] create_new_namespaces+0x3ea/0xac0 [ 745.490078][T16908] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 745.490112][T16908] ksys_unshare+0x473/0xad0 [ 745.490150][T16908] ? __pfx_ksys_unshare+0x10/0x10 [ 745.490205][T16908] __x64_sys_unshare+0x31/0x40 [ 745.490240][T16908] do_syscall_64+0x106/0xf80 [ 745.490269][T16908] ? clear_bhb_loop+0x40/0x90 [ 745.490303][T16908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.490332][T16908] RIP: 0033:0x7fd6fff9c819 [ 745.490353][T16908] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 745.490380][T16908] RSP: 002b:00007fd700dea028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 745.490408][T16908] RAX: ffffffffffffffda RBX: 00007fd700215fa0 RCX: 00007fd6fff9c819 [ 745.490427][T16908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 745.490444][T16908] RBP: 00007fd700032c91 R08: 0000000000000000 R09: 0000000000000000 [ 745.490460][T16908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.490477][T16908] R13: 00007fd700216038 R14: 00007fd700215fa0 R15: 00007ffde9300198 [ 745.490514][T16908] [ 747.199822][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.206458][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.524981][T16975] netlink: 'syz.1.1895': attribute type 11 has an invalid length. [ 748.534019][T16975] netlink: 'syz.1.1895': attribute type 11 has an invalid length. [ 748.559930][T16975] netlink: 'syz.1.1895': attribute type 11 has an invalid length. [ 748.620422][T16975] netlink: 'syz.1.1895': attribute type 11 has an invalid length. [ 752.558012][T17025] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1907'. [ 752.767201][T17025] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 752.835014][T17025] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 752.976922][T17023] tipc: Withdrawal distribution failure [ 753.053203][T17025] bond0 (unregistering): Released all slaves [ 755.964605][T17070] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1915'. [ 756.052865][T17070] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1915'. [ 757.805473][T17101] FAULT_INJECTION: forcing a failure. [ 757.805473][T17101] name failslab, interval 1, probability 0, space 0, times 0 [ 757.818303][T17101] CPU: 0 UID: 0 PID: 17101 Comm: syz.1.1932 Tainted: G L syzkaller #0 PREEMPT(full) [ 757.818349][T17101] Tainted: [L]=SOFTLOCKUP [ 757.818360][T17101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 757.818377][T17101] Call Trace: [ 757.818387][T17101] [ 757.818398][T17101] dump_stack_lvl+0x100/0x190 [ 757.818449][T17101] should_fail_ex.cold+0x5/0xa [ 757.818483][T17101] ? xfrm_hash_alloc+0xcf/0x100 [ 757.818517][T17101] should_failslab+0xc2/0x120 [ 757.818550][T17101] __kmalloc_noprof+0xe0/0x850 [ 757.818599][T17101] xfrm_hash_alloc+0xcf/0x100 [ 757.818632][T17101] xfrm_net_init+0x35f/0xcf0 [ 757.818675][T17101] ? __pfx_xfrm_net_init+0x10/0x10 [ 757.818710][T17101] ops_init+0x1e2/0x5f0 [ 757.818743][T17101] setup_net+0x118/0x3a0 [ 757.818773][T17101] ? __pfx_setup_net+0x10/0x10 [ 757.818801][T17101] ? lockdep_init_map_type+0x5c/0x250 [ 757.818844][T17101] ? mutex_init_lockep+0x110/0x150 [ 757.818891][T17101] copy_net_ns+0x46f/0x7c0 [ 757.818928][T17101] create_new_namespaces+0x3ea/0xac0 [ 757.818967][T17101] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 757.819004][T17101] ksys_unshare+0x473/0xad0 [ 757.819044][T17101] ? __pfx_ksys_unshare+0x10/0x10 [ 757.819096][T17101] __x64_sys_unshare+0x31/0x40 [ 757.819133][T17101] do_syscall_64+0x106/0xf80 [ 757.819162][T17101] ? clear_bhb_loop+0x40/0x90 [ 757.819205][T17101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 757.819235][T17101] RIP: 0033:0x7f20a679c819 [ 757.819258][T17101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 757.819286][T17101] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 757.819314][T17101] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 757.819333][T17101] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 757.819350][T17101] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 757.819367][T17101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 757.819384][T17101] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 757.819424][T17101] [ 758.260309][T17110] FAULT_INJECTION: forcing a failure. [ 758.260309][T17110] name failslab, interval 1, probability 0, space 0, times 0 [ 758.260394][T17110] CPU: 1 UID: 0 PID: 17110 Comm: syz.2.1926 Tainted: G L syzkaller #0 PREEMPT(full) [ 758.260434][T17110] Tainted: [L]=SOFTLOCKUP [ 758.260444][T17110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 758.260460][T17110] Call Trace: [ 758.260470][T17110] [ 758.260479][T17110] dump_stack_lvl+0x100/0x190 [ 758.260527][T17110] should_fail_ex.cold+0x5/0xa [ 758.260561][T17110] ? cgroup_mkdir+0x270/0x1330 [ 758.260587][T17110] should_failslab+0xc2/0x120 [ 758.260620][T17110] __kmalloc_noprof+0xe0/0x850 [ 758.260672][T17110] cgroup_mkdir+0x270/0x1330 [ 758.260705][T17110] ? __pfx_cgroup_mkdir+0x10/0x10 [ 758.260735][T17110] kernfs_iop_mkdir+0x111/0x190 [ 758.260763][T17110] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 758.260811][T17110] vfs_mkdir+0x361/0x850 [ 758.260858][T17110] filename_mkdirat+0x48b/0x5e0 [ 758.260896][T17110] ? __pfx_filename_mkdirat+0x10/0x10 [ 758.260937][T17110] ? strncpy_from_user+0x19d/0x2d0 [ 758.260978][T17110] ? do_getname+0x191/0x390 [ 758.261019][T17110] __x64_sys_mkdir+0x6b/0x90 [ 758.261053][T17110] do_syscall_64+0x106/0xf80 [ 758.261082][T17110] ? clear_bhb_loop+0x40/0x90 [ 758.261117][T17110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 758.261146][T17110] RIP: 0033:0x7fd6fff9c819 [ 758.261169][T17110] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 758.261195][T17110] RSP: 002b:00007fd700dea028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 758.261225][T17110] RAX: ffffffffffffffda RBX: 00007fd700215fa0 RCX: 00007fd6fff9c819 [ 758.261244][T17110] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000040 [ 758.261260][T17110] RBP: 00007fd700032c91 R08: 0000000000000000 R09: 0000000000000000 [ 758.261277][T17110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 758.261293][T17110] R13: 00007fd700216038 R14: 00007fd700215fa0 R15: 00007ffde9300198 [ 758.261331][T17110] [ 758.877007][T10723] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1346 with max blocks 11 with error 117 [ 758.877111][T10723] EXT4-fs (sda1): This should not happen!! Data will be lost [ 758.877111][T10723] [ 759.599650][T17130] tipc: Started in network mode [ 759.599675][T17130] tipc: Node identity ee00, cluster identity 4711 [ 759.599707][T17130] tipc: Node number set to 60928 [ 759.987949][T17134] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1929'. [ 759.988885][T17134] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1929'. [ 761.580703][T17173] netlink: 'syz.0.1939': attribute type 11 has an invalid length. [ 761.630404][T17173] netlink: 'syz.0.1939': attribute type 11 has an invalid length. [ 761.648410][T17173] netlink: 'syz.0.1939': attribute type 11 has an invalid length. [ 761.657617][T17173] netlink: 'syz.0.1939': attribute type 11 has an invalid length. [ 763.444195][T17198] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1944'. [ 763.560334][T17198] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 763.574730][T17198] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 763.657824][T17198] bond0 (unregistering): Released all slaves [ 765.545984][T17230] netlink: 'syz.2.1951': attribute type 11 has an invalid length. [ 765.595707][T17230] netlink: 'syz.2.1951': attribute type 11 has an invalid length. [ 765.606516][T17230] netlink: 'syz.2.1951': attribute type 11 has an invalid length. [ 765.659172][T17230] netlink: 'syz.2.1951': attribute type 11 has an invalid length. [ 769.865763][T17303] netlink: 'syz.0.1965': attribute type 11 has an invalid length. [ 769.889490][T17303] netlink: 'syz.0.1965': attribute type 11 has an invalid length. [ 769.915855][T17303] netlink: 'syz.0.1965': attribute type 11 has an invalid length. [ 769.975343][T17303] netlink: 'syz.0.1965': attribute type 11 has an invalid length. [ 770.618000][ T42] Process accounting resumed [ 772.856300][T17349] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1974'. [ 772.904888][T17349] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 773.002848][T17349] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 773.062439][T17349] bond0 (unregistering): Released all slaves [ 775.390684][ T29] audit: type=1806 audit(4294967341.680:11): res=-14 [ 778.429519][T17451] netlink: 'syz.3.1993': attribute type 11 has an invalid length. [ 778.451211][T17451] netlink: 'syz.3.1993': attribute type 11 has an invalid length. [ 778.460979][T17451] netlink: 'syz.3.1993': attribute type 11 has an invalid length. [ 778.496809][T17451] netlink: 'syz.3.1993': attribute type 11 has an invalid length. [ 781.313021][T17499] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2000'. [ 781.333716][T17499] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 781.349348][T17499] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 781.371361][T17499] bond0 (unregistering): Released all slaves [ 786.973134][T17579] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 74 [ 786.985679][T17579] EXT4-fs (sda1): This should not happen!! Data will be lost [ 786.985679][T17579] [ 787.722511][T17591] netlink: 'syz.1.2020': attribute type 11 has an invalid length. [ 787.768472][T17591] netlink: 'syz.1.2020': attribute type 11 has an invalid length. [ 787.838744][T17591] netlink: 'syz.1.2020': attribute type 11 has an invalid length. [ 787.890143][T17591] netlink: 'syz.1.2020': attribute type 11 has an invalid length. [ 788.847955][T17605] input: jJǸ-9%vJ86 as /devices/virtual/input/input37 [ 789.460122][T10723] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1370 with max blocks 14 with error 117 [ 789.483423][T10723] EXT4-fs (sda1): This should not happen!! Data will be lost [ 789.483423][T10723] [ 789.502667][T10723] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 1744 with max blocks 1 with error 117 [ 789.521893][T10723] EXT4-fs (sda1): This should not happen!! Data will be lost [ 789.521893][T10723] [ 790.075550][T17632] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2027'. [ 796.427241][T17706] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2042'. [ 796.491610][T17706] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2042'. [ 796.532877][T17706] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2042'. [ 799.332733][T17749] FAULT_INJECTION: forcing a failure. [ 799.332733][T17749] name failslab, interval 1, probability 0, space 0, times 0 [ 799.406139][T17749] CPU: 0 UID: 0 PID: 17749 Comm: syz.1.2050 Tainted: G L syzkaller #0 PREEMPT(full) [ 799.406166][T17749] Tainted: [L]=SOFTLOCKUP [ 799.406171][T17749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 799.406181][T17749] Call Trace: [ 799.406186][T17749] [ 799.406193][T17749] dump_stack_lvl+0x100/0x190 [ 799.406220][T17749] should_fail_ex.cold+0x5/0xa [ 799.406240][T17749] should_failslab+0xc2/0x120 [ 799.406257][T17749] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 799.406279][T17749] ? create_new_namespaces+0x30/0xac0 [ 799.406295][T17749] ? rcu_is_watching+0x12/0xc0 [ 799.406320][T17749] create_new_namespaces+0x30/0xac0 [ 799.406335][T17749] ? bpf_lsm_capable+0x9/0x10 [ 799.406352][T17749] ? security_capable+0x80/0x260 [ 799.406369][T17749] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 799.406387][T17749] ksys_unshare+0x473/0xad0 [ 799.406413][T17749] ? __pfx_ksys_unshare+0x10/0x10 [ 799.406463][T17749] __x64_sys_unshare+0x31/0x40 [ 799.406499][T17749] do_syscall_64+0x106/0xf80 [ 799.406523][T17749] ? clear_bhb_loop+0x40/0x90 [ 799.406542][T17749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 799.406558][T17749] RIP: 0033:0x7f20a679c819 [ 799.406571][T17749] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 799.406585][T17749] RSP: 002b:00007f20a76de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 799.406606][T17749] RAX: ffffffffffffffda RBX: 00007f20a6a16090 RCX: 00007f20a679c819 [ 799.406635][T17749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 799.406650][T17749] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 799.406667][T17749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 799.406682][T17749] R13: 00007f20a6a16128 R14: 00007f20a6a16090 R15: 00007ffc57a274e8 [ 799.406716][T17749] [ 800.625235][T17770] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 800.646656][T17770] EXT4-fs (sda1): This should not happen!! Data will be lost [ 800.646656][T17770] [ 802.985714][T17799] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2062'. [ 808.638933][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.645894][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.935064][T17885] FAULT_INJECTION: forcing a failure. [ 808.935064][T17885] name failslab, interval 1, probability 0, space 0, times 0 [ 809.011246][T17899] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 809.032445][T17885] CPU: 0 UID: 0 PID: 17885 Comm: syz.3.2078 Tainted: G L syzkaller #0 PREEMPT(full) [ 809.032470][T17885] Tainted: [L]=SOFTLOCKUP [ 809.032476][T17885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 809.032485][T17885] Call Trace: [ 809.032490][T17885] [ 809.032497][T17885] dump_stack_lvl+0x100/0x190 [ 809.032525][T17885] should_fail_ex.cold+0x5/0xa [ 809.032543][T17885] ? inotify_handle_inode_event+0x1a5/0x6a0 [ 809.032565][T17885] should_failslab+0xc2/0x120 [ 809.032581][T17885] __kmalloc_noprof+0xe0/0x850 [ 809.032603][T17885] ? stack_trace_save+0x8e/0xc0 [ 809.032637][T17885] inotify_handle_inode_event+0x1a5/0x6a0 [ 809.032663][T17885] ? __pfx_inotify_handle_inode_event+0x10/0x10 [ 809.032684][T17885] fsnotify_handle_inode_event.isra.0+0x1e3/0x410 [ 809.032704][T17885] fsnotify+0x187d/0x3550 [ 809.032725][T17885] ? __pfx_fsnotify+0x10/0x10 [ 809.032749][T17885] __fsnotify_parent+0x704/0xca0 [ 809.032770][T17885] ? __pfx___fsnotify_parent+0x10/0x10 [ 809.032790][T17885] ? __pfx___might_resched+0x10/0x10 [ 809.032816][T17885] ? __fput+0x30d/0xb40 [ 809.032833][T17885] __fput+0x30d/0xb40 [ 809.032855][T17885] task_work_run+0x150/0x240 [ 809.032877][T17885] ? __pfx_task_work_run+0x10/0x10 [ 809.032912][T17885] exit_to_user_mode_loop+0x100/0x4a0 [ 809.032935][T17885] do_syscall_64+0x668/0xf80 [ 809.032951][T17885] ? clear_bhb_loop+0x40/0x90 [ 809.032971][T17885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.032988][T17885] RIP: 0033:0x7f86aef9c819 [ 809.033001][T17885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 809.033015][T17885] RSP: 002b:00007f86afe2e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 809.033030][T17885] RAX: 0000000000000000 RBX: 00007f86af215fa0 RCX: 00007f86aef9c819 [ 809.033039][T17885] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 809.033047][T17885] RBP: 00007f86af032c91 R08: 0000000000000000 R09: 0000000000000000 [ 809.033056][T17885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 809.033065][T17885] R13: 00007f86af216038 R14: 00007f86af215fa0 R15: 00007fff24db5d48 [ 809.033085][T17885] [ 809.112408][T17899] EXT4-fs (sda1): This should not happen!! Data will be lost [ 809.112408][T17899] [ 810.540894][T17908] FAULT_INJECTION: forcing a failure. [ 810.540894][T17908] name failslab, interval 1, probability 0, space 0, times 0 [ 810.659869][T17908] CPU: 1 UID: 0 PID: 17908 Comm: syz.2.2082 Tainted: G L syzkaller #0 PREEMPT(full) [ 810.659918][T17908] Tainted: [L]=SOFTLOCKUP [ 810.659929][T17908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 810.659946][T17908] Call Trace: [ 810.659955][T17908] [ 810.659966][T17908] dump_stack_lvl+0x100/0x190 [ 810.660016][T17908] should_fail_ex.cold+0x5/0xa [ 810.660051][T17908] should_failslab+0xc2/0x120 [ 810.660085][T17908] __kmalloc_cache_noprof+0x7a/0x6f0 [ 810.660124][T17908] ? copy_net_ns+0x135/0x7c0 [ 810.660165][T17908] copy_net_ns+0x135/0x7c0 [ 810.660196][T17908] ? copy_cgroup_ns+0x71/0x970 [ 810.660234][T17908] create_new_namespaces+0x3ea/0xac0 [ 810.660280][T17908] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 810.660316][T17908] ksys_unshare+0x473/0xad0 [ 810.660357][T17908] ? __pfx_ksys_unshare+0x10/0x10 [ 810.660411][T17908] __x64_sys_unshare+0x31/0x40 [ 810.660448][T17908] do_syscall_64+0x106/0xf80 [ 810.660477][T17908] ? clear_bhb_loop+0x40/0x90 [ 810.660513][T17908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 810.660542][T17908] RIP: 0033:0x7fd6fff9c819 [ 810.660567][T17908] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 810.660594][T17908] RSP: 002b:00007fd700dc9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 810.660620][T17908] RAX: ffffffffffffffda RBX: 00007fd700216090 RCX: 00007fd6fff9c819 [ 810.660638][T17908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 810.660655][T17908] RBP: 00007fd700032c91 R08: 0000000000000000 R09: 0000000000000000 [ 810.660671][T17908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 810.660688][T17908] R13: 00007fd700216128 R14: 00007fd700216090 R15: 00007ffde9300198 [ 810.660734][T17908] [ 813.215024][T17958] __vm_enough_memory: pid: 17958, comm: syz.2.2093, bytes: 4398046511104 not enough memory for the allocation [ 814.365561][ T29] audit: type=1806 audit(4294967380.640:12): res=-14 [ 814.747004][T17988] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 814.811200][T17988] EXT4-fs (sda1): This should not happen!! Data will be lost [ 814.811200][T17988] [ 814.829803][T17989] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 1906 with max blocks 1 with error 117 [ 814.848572][T17989] EXT4-fs (sda1): This should not happen!! Data will be lost [ 814.848572][T17989] [ 815.178261][T17994] FAULT_INJECTION: forcing a failure. [ 815.178261][T17994] name failslab, interval 1, probability 0, space 0, times 0 [ 815.272845][T17994] CPU: 0 UID: 0 PID: 17994 Comm: syz.3.2099 Tainted: G L syzkaller #0 PREEMPT(full) [ 815.272895][T17994] Tainted: [L]=SOFTLOCKUP [ 815.272906][T17994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 815.272922][T17994] Call Trace: [ 815.272931][T17994] [ 815.272942][T17994] dump_stack_lvl+0x100/0x190 [ 815.272993][T17994] should_fail_ex.cold+0x5/0xa [ 815.273028][T17994] should_failslab+0xc2/0x120 [ 815.273061][T17994] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 815.273105][T17994] ? create_new_namespaces+0x30/0xac0 [ 815.273139][T17994] ? rcu_is_watching+0x12/0xc0 [ 815.273188][T17994] create_new_namespaces+0x30/0xac0 [ 815.273219][T17994] ? bpf_lsm_capable+0x9/0x10 [ 815.273249][T17994] ? security_capable+0x80/0x260 [ 815.273283][T17994] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 815.273327][T17994] ksys_unshare+0x473/0xad0 [ 815.273366][T17994] ? __pfx_ksys_unshare+0x10/0x10 [ 815.273418][T17994] __x64_sys_unshare+0x31/0x40 [ 815.273455][T17994] do_syscall_64+0x106/0xf80 [ 815.273485][T17994] ? clear_bhb_loop+0x40/0x90 [ 815.273520][T17994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.273549][T17994] RIP: 0033:0x7f86aef9c819 [ 815.273572][T17994] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 815.273600][T17994] RSP: 002b:00007f86afe0d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 815.273628][T17994] RAX: ffffffffffffffda RBX: 00007f86af216090 RCX: 00007f86aef9c819 [ 815.273646][T17994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 815.273664][T17994] RBP: 00007f86af032c91 R08: 0000000000000000 R09: 0000000000000000 [ 815.273681][T17994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 815.273699][T17994] R13: 00007f86af216128 R14: 00007f86af216090 R15: 00007fff24db5d48 [ 815.273736][T17994] [ 819.829748][T10672] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1372 with max blocks 12 with error 117 [ 819.855235][T10672] EXT4-fs (sda1): This should not happen!! Data will be lost [ 819.855235][T10672] [ 819.941751][T10672] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 1908 with max blocks 1 with error 117 [ 820.002087][T10672] EXT4-fs (sda1): This should not happen!! Data will be lost [ 820.002087][T10672] [ 820.247250][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 821.278949][T18069] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 821.334670][T18069] EXT4-fs (sda1): This should not happen!! Data will be lost [ 821.334670][T18069] [ 822.448971][T18087] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 826.503179][T18125] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 74 [ 826.587381][T18125] EXT4-fs (sda1): This should not happen!! Data will be lost [ 826.587381][T18125] [ 827.234366][ T29] audit: type=1800 audit(4294967393.520:13): pid=18160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2133" name="sr0" dev="devtmpfs" ino=2807 res=0 errno=0 [ 828.162934][T18180] input: jJǸ-9%vJ86 as /devices/virtual/input/input41 [ 836.446386][T18293] FAULT_INJECTION: forcing a failure. [ 836.446386][T18293] name failslab, interval 1, probability 0, space 0, times 0 [ 836.617518][T18293] CPU: 1 UID: 0 PID: 18293 Comm: syz.2.2157 Tainted: G L syzkaller #0 PREEMPT(full) [ 836.617545][T18293] Tainted: [L]=SOFTLOCKUP [ 836.617550][T18293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 836.617559][T18293] Call Trace: [ 836.617565][T18293] [ 836.617570][T18293] dump_stack_lvl+0x100/0x190 [ 836.617598][T18293] should_fail_ex.cold+0x5/0xa [ 836.617617][T18293] should_failslab+0xc2/0x120 [ 836.617637][T18293] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 836.617659][T18293] ? create_new_namespaces+0x30/0xac0 [ 836.617676][T18293] ? rcu_is_watching+0x12/0xc0 [ 836.617701][T18293] create_new_namespaces+0x30/0xac0 [ 836.617717][T18293] ? bpf_lsm_capable+0x9/0x10 [ 836.617732][T18293] ? security_capable+0x80/0x260 [ 836.617749][T18293] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 836.617767][T18293] ksys_unshare+0x473/0xad0 [ 836.617787][T18293] ? __pfx_ksys_unshare+0x10/0x10 [ 836.617812][T18293] __x64_sys_unshare+0x31/0x40 [ 836.617830][T18293] do_syscall_64+0x106/0xf80 [ 836.617845][T18293] ? clear_bhb_loop+0x40/0x90 [ 836.617863][T18293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 836.617877][T18293] RIP: 0033:0x7fd6fff9c819 [ 836.617890][T18293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 836.617911][T18293] RSP: 002b:00007fd700dc9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 836.617927][T18293] RAX: ffffffffffffffda RBX: 00007fd700216090 RCX: 00007fd6fff9c819 [ 836.617938][T18293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 836.617947][T18293] RBP: 00007fd700032c91 R08: 0000000000000000 R09: 0000000000000000 [ 836.617957][T18293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 836.617965][T18293] R13: 00007fd700216128 R14: 00007fd700216090 R15: 00007ffde9300198 [ 836.617985][T18293] [ 843.164387][T18403] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2181'. [ 843.517381][T18403] team0: Port device team_slave_1 removed [ 847.823098][T18496] FAULT_INJECTION: forcing a failure. [ 847.823098][T18496] name failslab, interval 1, probability 0, space 0, times 0 [ 847.861919][T18496] CPU: 0 UID: 0 PID: 18496 Comm: syz.1.2202 Tainted: G L syzkaller #0 PREEMPT(full) [ 847.861963][T18496] Tainted: [L]=SOFTLOCKUP [ 847.861969][T18496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 847.861979][T18496] Call Trace: [ 847.861984][T18496] [ 847.861989][T18496] dump_stack_lvl+0x100/0x190 [ 847.862016][T18496] should_fail_ex.cold+0x5/0xa [ 847.862035][T18496] should_failslab+0xc2/0x120 [ 847.862051][T18496] __kvmalloc_node_noprof+0xfa/0xa00 [ 847.862065][T18496] ? __do_sys_setgroups+0x126/0x4f0 [ 847.862091][T18496] __do_sys_setgroups+0x126/0x4f0 [ 847.862116][T18496] do_syscall_64+0x106/0xf80 [ 847.862131][T18496] ? clear_bhb_loop+0x40/0x90 [ 847.862150][T18496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.862165][T18496] RIP: 0033:0x7f20a679c819 [ 847.862179][T18496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 847.862193][T18496] RSP: 002b:00007f20a76de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000074 [ 847.862208][T18496] RAX: ffffffffffffffda RBX: 00007f20a6a16090 RCX: 00007f20a679c819 [ 847.862217][T18496] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000010 [ 847.862226][T18496] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 847.862234][T18496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 847.862243][T18496] R13: 00007f20a6a16128 R14: 00007f20a6a16090 R15: 00007ffc57a274e8 [ 847.862264][T18496] [ 848.160137][T18504] random: crng reseeded on system resumption [ 848.258539][T10670] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1376 with max blocks 8 with error 117 [ 848.295712][T10670] EXT4-fs (sda1): This should not happen!! Data will be lost [ 848.295712][T10670] [ 848.314850][T10670] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 848.350979][T10670] EXT4-fs (sda1): This should not happen!! Data will be lost [ 848.350979][T10670] [ 851.372381][T18533] usbip-vudc usbip-vudc.0: gadget not bound [ 853.957668][T18599] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2223'. [ 853.979191][T18599] mac80211_hwsim hwsim4 : renamed from wlan0 (while UP) [ 856.781427][T18647] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2234'. [ 858.480986][T18674] FAULT_INJECTION: forcing a failure. [ 858.480986][T18674] name failslab, interval 1, probability 0, space 0, times 0 [ 858.556907][T18674] CPU: 0 UID: 0 PID: 18674 Comm: syz.1.2240 Tainted: G L syzkaller #0 PREEMPT(full) [ 858.556954][T18674] Tainted: [L]=SOFTLOCKUP [ 858.556962][T18674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 858.556977][T18674] Call Trace: [ 858.556985][T18674] [ 858.556994][T18674] dump_stack_lvl+0x100/0x190 [ 858.557043][T18674] should_fail_ex.cold+0x5/0xa [ 858.557075][T18674] ? inotify_handle_inode_event+0x1a5/0x6a0 [ 858.557115][T18674] should_failslab+0xc2/0x120 [ 858.557138][T18674] __kmalloc_noprof+0xe0/0x850 [ 858.557160][T18674] ? stack_trace_save+0x8e/0xc0 [ 858.557178][T18674] inotify_handle_inode_event+0x1a5/0x6a0 [ 858.557202][T18674] ? __pfx_inotify_handle_inode_event+0x10/0x10 [ 858.557222][T18674] fsnotify_handle_inode_event.isra.0+0x1e3/0x410 [ 858.557241][T18674] fsnotify+0x187d/0x3550 [ 858.557262][T18674] ? __pfx_fsnotify+0x10/0x10 [ 858.557285][T18674] __fsnotify_parent+0x704/0xca0 [ 858.557305][T18674] ? __pfx___fsnotify_parent+0x10/0x10 [ 858.557325][T18674] ? __pfx___might_resched+0x10/0x10 [ 858.557351][T18674] ? __fput+0x30d/0xb40 [ 858.557367][T18674] __fput+0x30d/0xb40 [ 858.557389][T18674] task_work_run+0x150/0x240 [ 858.557411][T18674] ? __pfx_task_work_run+0x10/0x10 [ 858.557437][T18674] exit_to_user_mode_loop+0x100/0x4a0 [ 858.557459][T18674] do_syscall_64+0x668/0xf80 [ 858.557474][T18674] ? clear_bhb_loop+0x40/0x90 [ 858.557492][T18674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 858.557507][T18674] RIP: 0033:0x7f20a679c819 [ 858.557521][T18674] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 858.557536][T18674] RSP: 002b:00007f20a76de028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 858.557551][T18674] RAX: 0000000000000000 RBX: 00007f20a6a16090 RCX: 00007f20a679c819 [ 858.557560][T18674] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 858.557568][T18674] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 858.557577][T18674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 858.557593][T18674] R13: 00007f20a6a16128 R14: 00007f20a6a16090 R15: 00007ffc57a274e8 [ 858.557613][T18674] [ 862.268736][T18744] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2255'. [ 862.340707][T18744] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 862.381614][T18744] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 862.431514][T18744] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 862.491602][T18744] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 866.236250][T18802] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2267'. [ 868.486532][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 869.715485][T18859] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2279'. [ 869.758172][T18859] netlink: 302 bytes leftover after parsing attributes in process `syz.3.2279'. [ 870.087147][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.096670][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 874.544567][T18957] block2mtd: illegal erase size [ 874.550471][T18957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2300'. [ 874.579038][T18957] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 874.599139][T18957] EXT4-fs (sda1): This should not happen!! Data will be lost [ 874.599139][T18957] [ 879.325817][T19043] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2320'. [ 880.000129][T10670] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1382 with max blocks 2 with error 117 [ 880.016509][T10670] EXT4-fs (sda1): This should not happen!! Data will be lost [ 880.016509][T10670] [ 880.493062][T10670] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 880.536486][T10670] EXT4-fs (sda1): This should not happen!! Data will be lost [ 880.536486][T10670] [ 882.633395][T19103] misc userio: Invalid payload size [ 883.397600][T19124] mkiss: ax0: crc mode is auto. [ 888.487211][T19192] bond0: invalid ARP target specified [ 888.728149][T19218] FAULT_INJECTION: forcing a failure. [ 888.728149][T19218] name failslab, interval 1, probability 0, space 0, times 0 [ 888.776788][T19218] CPU: 0 UID: 0 PID: 19218 Comm: syz.1.2354 Tainted: G L syzkaller #0 PREEMPT(full) [ 888.776837][T19218] Tainted: [L]=SOFTLOCKUP [ 888.776847][T19218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 888.776863][T19218] Call Trace: [ 888.776872][T19218] [ 888.776883][T19218] dump_stack_lvl+0x100/0x190 [ 888.776933][T19218] should_fail_ex.cold+0x5/0xa [ 888.776966][T19218] should_failslab+0xc2/0x120 [ 888.776997][T19218] __kmalloc_cache_noprof+0x7a/0x6f0 [ 888.777035][T19218] ? wakeup_source_device_create+0x46/0x2e0 [ 888.777082][T19218] wakeup_source_device_create+0x46/0x2e0 [ 888.777121][T19218] wakeup_source_sysfs_add+0x1c/0x90 [ 888.777159][T19218] wakeup_source_register+0x154/0x3e0 [ 888.777194][T19218] ep_create_wakeup_source+0x1df/0x2e0 [ 888.777225][T19218] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 888.777260][T19218] ? do_epoll_ctl+0x1012/0x36a0 [ 888.777289][T19218] ? do_epoll_ctl+0x1012/0x36a0 [ 888.777330][T19218] do_epoll_ctl+0x1eee/0x36a0 [ 888.777375][T19218] ? __pfx_do_epoll_ctl+0x10/0x10 [ 888.777404][T19218] ? find_held_lock+0x2b/0x80 [ 888.777432][T19218] ? __might_fault+0xc5/0x140 [ 888.777475][T19218] ? __might_fault+0xc5/0x140 [ 888.777527][T19218] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 888.777557][T19218] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 888.777590][T19218] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 888.777633][T19218] do_syscall_64+0x106/0xf80 [ 888.777663][T19218] ? clear_bhb_loop+0x40/0x90 [ 888.777697][T19218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 888.777724][T19218] RIP: 0033:0x7f20a679c819 [ 888.777745][T19218] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 888.777787][T19218] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 888.777814][T19218] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 888.777830][T19218] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 888.777846][T19218] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 888.777861][T19218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 888.777876][T19218] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 888.777912][T19218] [ 889.137951][T19218] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2354'. [ 892.629908][T19281] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2367'. [ 899.022168][T19383] input: jJǸ-9%vJ86 as /devices/virtual/input/input42 [ 901.283644][T19417] FAULT_INJECTION: forcing a failure. [ 901.283644][T19417] name failslab, interval 1, probability 0, space 0, times 0 [ 901.446528][T19417] CPU: 1 UID: 0 PID: 19417 Comm: syz.2.2399 Tainted: G L syzkaller #0 PREEMPT(full) [ 901.446578][T19417] Tainted: [L]=SOFTLOCKUP [ 901.446589][T19417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 901.446605][T19417] Call Trace: [ 901.446614][T19417] [ 901.446625][T19417] dump_stack_lvl+0x100/0x190 [ 901.446670][T19417] should_fail_ex.cold+0x5/0xa [ 901.446704][T19417] should_failslab+0xc2/0x120 [ 901.446736][T19417] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 901.446779][T19417] ? alloc_empty_file+0x55/0x1c0 [ 901.446818][T19417] ? __pfx_stack_trace_save+0x10/0x10 [ 901.446854][T19417] alloc_empty_file+0x55/0x1c0 [ 901.446892][T19417] path_openat+0xe8/0x31a0 [ 901.446921][T19417] ? kasan_save_stack+0x3f/0x50 [ 901.446945][T19417] ? kasan_save_stack+0x30/0x50 [ 901.446970][T19417] ? kasan_save_track+0x14/0x30 [ 901.446996][T19417] ? __kasan_slab_alloc+0x89/0x90 [ 901.447023][T19417] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 901.447066][T19417] ? do_getname+0x35/0x390 [ 901.447100][T19417] ? do_sys_openat2+0xc5/0x1e0 [ 901.447139][T19417] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.447173][T19417] ? __pfx_path_openat+0x10/0x10 [ 901.447230][T19417] do_file_open+0x20e/0x430 [ 901.447265][T19417] ? __pfx_do_file_open+0x10/0x10 [ 901.447323][T19417] ? alloc_fd+0x476/0x790 [ 901.447356][T19417] ? do_getname+0x191/0x390 [ 901.447394][T19417] do_sys_openat2+0x10d/0x1e0 [ 901.447434][T19417] ? __pfx_do_sys_openat2+0x10/0x10 [ 901.447485][T19417] __x64_sys_openat+0x12d/0x210 [ 901.447526][T19417] ? __pfx___x64_sys_openat+0x10/0x10 [ 901.447580][T19417] do_syscall_64+0x106/0xf80 [ 901.447609][T19417] ? clear_bhb_loop+0x40/0x90 [ 901.447645][T19417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.447674][T19417] RIP: 0033:0x7fd6fff9c819 [ 901.447696][T19417] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 901.447723][T19417] RSP: 002b:00007fd700dea028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 901.447748][T19417] RAX: ffffffffffffffda RBX: 00007fd700215fa0 RCX: 00007fd6fff9c819 [ 901.447767][T19417] RDX: 0000000000038000 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 901.447785][T19417] RBP: 00007fd700032c91 R08: 0000000000000000 R09: 0000000000000000 [ 901.447801][T19417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 901.447816][T19417] R13: 00007fd700216038 R14: 00007fd700215fa0 R15: 00007ffde9300198 [ 901.447852][T19417] [ 903.404122][T19447] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2405'. [ 903.471006][T19447] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 903.521282][T19447] EXT4-fs (sda1): This should not happen!! Data will be lost [ 903.521282][T19447] [ 905.463284][ T29] audit: type=1800 audit(4294967471.720:14): pid=19486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2413" name="sr0" dev="tmpfs" ino=3355 res=0 errno=0 [ 908.058554][ T29] audit: type=1800 audit(4294967474.340:15): pid=19534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2423" name="sr0" dev="tmpfs" ino=3196 res=0 errno=0 [ 909.186306][T19551] __vm_enough_memory: pid: 19551, comm: syz.0.2428, bytes: 4398046511104 not enough memory for the allocation [ 909.991703][T19531] bond0: invalid ARP target specified [ 910.805963][T10671] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1382 with max blocks 2 with error 117 [ 910.829178][T10671] EXT4-fs (sda1): This should not happen!! Data will be lost [ 910.829178][T10671] [ 910.952879][T10671] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117 [ 911.002011][T10671] EXT4-fs (sda1): This should not happen!! Data will be lost [ 911.002011][T10671] [ 911.027297][T10671] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1339 with max blocks 18 with error 117 [ 911.080274][T10671] EXT4-fs (sda1): This should not happen!! Data will be lost [ 911.080274][T10671] [ 913.287094][T19621] input: jJǸ-9%vJ86 as /devices/virtual/input/input43 [ 916.237414][T12838] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 2 with max blocks 1 with error 117 [ 916.254488][T12838] EXT4-fs (sda1): This should not happen!! Data will be lost [ 916.254488][T12838] [ 923.087259][T19802] ubi0: attaching mtd0 [ 923.095845][T19802] ubi0: scanning is finished [ 923.131800][T19802] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 923.396084][T19807] tipc: Can't bind to reserved service type 0 [ 923.431057][T19802] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 925.511710][T19844] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2492'. [ 929.566671][T19924] netlink: 98 bytes leftover after parsing attributes in process `syz.2.2509'. [ 930.582927][T19951] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2517'. [ 931.521058][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.529099][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 939.608408][T20127] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2554'. [ 941.444133][T11759] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1353 with max blocks 29 with error 117 [ 941.467753][T11759] EXT4-fs (sda1): This should not happen!! Data will be lost [ 941.467753][T11759] [ 941.929304][T11759] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1344 with max blocks 13 with error 117 [ 942.023237][T11759] EXT4-fs (sda1): This should not happen!! Data will be lost [ 942.023237][T11759] [ 944.366856][T20191] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2569'. [ 944.376036][T20191] mac80211_hwsim hwsim2 : renamed from wlan0 (while UP) [ 948.391575][T20283] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2597'. [ 956.468347][T20427] input: jJǸ-9%vJ86 as /devices/virtual/input/input44 [ 960.204991][ C1] vcan0: j1939_tp_rxtimer: 0xffff888034b33c00: rx timeout, send abort [ 960.714622][ C1] vcan0: j1939_tp_rxtimer: 0xffff888034b33c00: abort rx timeout. Force session deactivation [ 964.492892][T20595] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2652'. [ 964.588849][T20595] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2652'. [ 965.409894][T20605] FAULT_INJECTION: forcing a failure. [ 965.409894][T20605] name failslab, interval 1, probability 0, space 0, times 0 [ 965.449033][T20605] CPU: 1 UID: 0 PID: 20605 Comm: syz.1.2656 Tainted: G L syzkaller #0 PREEMPT(full) [ 965.449081][T20605] Tainted: [L]=SOFTLOCKUP [ 965.449091][T20605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 965.449108][T20605] Call Trace: [ 965.449117][T20605] [ 965.449128][T20605] dump_stack_lvl+0x100/0x190 [ 965.449178][T20605] should_fail_ex.cold+0x5/0xa [ 965.449212][T20605] should_failslab+0xc2/0x120 [ 965.449245][T20605] __kmalloc_cache_node_noprof+0x7d/0x770 [ 965.449274][T20605] ? blk_mq_init_tags+0x8c/0x300 [ 965.449312][T20605] blk_mq_init_tags+0x8c/0x300 [ 965.449348][T20605] blk_mq_alloc_map_and_rqs+0x218/0xeb0 [ 965.449382][T20605] ? blk_mq_update_queue_map+0x227/0x3a0 [ 965.449419][T20605] blk_mq_alloc_tag_set+0x848/0x1330 [ 965.449463][T20605] loop_add+0x3b7/0xb60 [ 965.449505][T20605] ? __pfx_loop_add+0x10/0x10 [ 965.449568][T20605] ? rcu_is_watching+0x12/0xc0 [ 965.449611][T20605] ? do_sock_setsockopt+0x101/0x1d0 [ 965.449643][T20605] ? kfree+0x2ec/0x6b0 [ 965.449687][T20605] ? ipv6_setsockopt+0xcb/0x170 [ 965.449727][T20605] loop_control_ioctl+0xae/0x620 [ 965.449774][T20605] ? __pfx_loop_control_ioctl+0x10/0x10 [ 965.449819][T20605] ? xfd_validate_state+0x129/0x190 [ 965.449863][T20605] ? __pfx_loop_control_ioctl+0x10/0x10 [ 965.449909][T20605] __x64_sys_ioctl+0x18e/0x210 [ 965.449954][T20605] do_syscall_64+0x106/0xf80 [ 965.449983][T20605] ? clear_bhb_loop+0x40/0x90 [ 965.450018][T20605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 965.450051][T20605] RIP: 0033:0x7f20a679c819 [ 965.450074][T20605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 965.450102][T20605] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 965.450129][T20605] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 965.450149][T20605] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002 [ 965.450168][T20605] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 965.450185][T20605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 965.450202][T20605] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 965.450240][T20605] [ 965.450510][T20605] blk-mq: reduced tag depth (128 -> 64) [ 970.051768][T20702] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2683'. [ 970.062640][T20702] netlink: 302 bytes leftover after parsing attributes in process `syz.2.2683'. [ 971.073552][T20722] FAULT_INJECTION: forcing a failure. [ 971.073552][T20722] name failslab, interval 1, probability 0, space 0, times 0 [ 971.090297][T20722] CPU: 0 UID: 0 PID: 20722 Comm: syz.1.2687 Tainted: G L syzkaller #0 PREEMPT(full) [ 971.090322][T20722] Tainted: [L]=SOFTLOCKUP [ 971.090327][T20722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 971.090336][T20722] Call Trace: [ 971.090344][T20722] [ 971.090352][T20722] dump_stack_lvl+0x100/0x190 [ 971.090378][T20722] should_fail_ex.cold+0x5/0xa [ 971.090397][T20722] ? group_cpus_evenly+0x195/0x660 [ 971.090412][T20722] should_failslab+0xc2/0x120 [ 971.090429][T20722] __kmalloc_noprof+0xe0/0x850 [ 971.090456][T20722] group_cpus_evenly+0x195/0x660 [ 971.090473][T20722] ? __pfx_group_cpus_evenly+0x10/0x10 [ 971.090496][T20722] blk_mq_map_queues+0x9d/0x430 [ 971.090518][T20722] ? __pfx_blk_mq_map_queues+0x10/0x10 [ 971.090537][T20722] ? rcu_is_watching+0x12/0xc0 [ 971.090559][T20722] ? trace_kmalloc+0x101/0x130 [ 971.090574][T20722] ? __kasan_kmalloc+0xaa/0xb0 [ 971.090590][T20722] blk_mq_update_queue_map+0x305/0x3a0 [ 971.090610][T20722] blk_mq_alloc_tag_set+0x660/0x1330 [ 971.090625][T20722] ? idr_alloc+0x77/0x130 [ 971.090646][T20722] loop_add+0x3b7/0xb60 [ 971.090669][T20722] ? __pfx_loop_add+0x10/0x10 [ 971.090700][T20722] ? rcu_is_watching+0x12/0xc0 [ 971.090722][T20722] ? do_sock_setsockopt+0x101/0x1d0 [ 971.090738][T20722] ? kfree+0x2ec/0x6b0 [ 971.090756][T20722] ? ipv6_setsockopt+0xcb/0x170 [ 971.090776][T20722] loop_control_ioctl+0xae/0x620 [ 971.090800][T20722] ? __pfx_loop_control_ioctl+0x10/0x10 [ 971.090822][T20722] ? xfd_validate_state+0x129/0x190 [ 971.090846][T20722] ? __pfx_loop_control_ioctl+0x10/0x10 [ 971.090870][T20722] __x64_sys_ioctl+0x18e/0x210 [ 971.090893][T20722] do_syscall_64+0x106/0xf80 [ 971.090907][T20722] ? clear_bhb_loop+0x40/0x90 [ 971.090925][T20722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.090939][T20722] RIP: 0033:0x7f20a679c819 [ 971.090952][T20722] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 971.090967][T20722] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 971.090982][T20722] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 971.090992][T20722] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002 [ 971.091001][T20722] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 971.091009][T20722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 971.091018][T20722] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 971.091037][T20722] [ 971.557907][T20730] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2689'. [ 971.568979][T20730] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2689'. [ 972.316855][T10671] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1368 with max blocks 16 with error 117 [ 972.336119][T10671] EXT4-fs (sda1): This should not happen!! Data will be lost [ 972.336119][T10671] [ 977.581507][T20843] FAULT_INJECTION: forcing a failure. [ 977.581507][T20843] name fail_futex, interval 1, probability 0, space 0, times 1 [ 977.616905][T20843] CPU: 0 UID: 0 PID: 20843 Comm: syz.1.2717 Tainted: G L syzkaller #0 PREEMPT(full) [ 977.616947][T20843] Tainted: [L]=SOFTLOCKUP [ 977.616957][T20843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 977.616972][T20843] Call Trace: [ 977.616980][T20843] [ 977.616990][T20843] dump_stack_lvl+0x100/0x190 [ 977.617037][T20843] should_fail_ex.cold+0x5/0xa [ 977.617069][T20843] get_futex_key+0x295/0x1620 [ 977.617109][T20843] ? __pfx_get_futex_key+0x10/0x10 [ 977.617141][T20843] ? lock_acquire+0x1cf/0x380 [ 977.617189][T20843] futex_wake+0xea/0x530 [ 977.617233][T20843] ? __pfx_futex_wake+0x10/0x10 [ 977.617275][T20843] ? exit_mm_release+0x19/0x30 [ 977.617320][T20843] do_futex+0x32b/0x350 [ 977.617356][T20843] ? __pfx_do_futex+0x10/0x10 [ 977.617390][T20843] ? __might_fault+0xc5/0x140 [ 977.617449][T20843] mm_release+0x24a/0x2f0 [ 977.617479][T20843] do_exit+0x704/0x2b60 [ 977.617519][T20843] ? __pfx_do_exit+0x10/0x10 [ 977.617555][T20843] ? do_raw_spin_lock+0x128/0x260 [ 977.617594][T20843] ? find_held_lock+0x2b/0x80 [ 977.617620][T20843] ? get_signal+0x7e0/0x21e0 [ 977.617654][T20843] do_group_exit+0xd5/0x2a0 [ 977.617691][T20843] get_signal+0x1ec7/0x21e0 [ 977.617730][T20843] ? __pfx_get_signal+0x10/0x10 [ 977.617765][T20843] ? do_futex+0x192/0x350 [ 977.617806][T20843] arch_do_signal_or_restart+0x91/0x770 [ 977.617842][T20843] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 977.617885][T20843] ? __pfx___x64_sys_futex+0x10/0x10 [ 977.617931][T20843] exit_to_user_mode_loop+0x86/0x4a0 [ 977.617971][T20843] do_syscall_64+0x668/0xf80 [ 977.618000][T20843] ? clear_bhb_loop+0x40/0x90 [ 977.618034][T20843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.618061][T20843] RIP: 0033:0x7f20a679c819 [ 977.618085][T20843] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 977.618111][T20843] RSP: 002b:00007f20a76ff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 977.618137][T20843] RAX: fffffffffffffe00 RBX: 00007f20a6a15fa8 RCX: 00007f20a679c819 [ 977.618156][T20843] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f20a6a15fa8 [ 977.618173][T20843] RBP: 00007f20a6a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 977.618188][T20843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 977.618204][T20843] R13: 00007f20a6a16038 R14: 00007ffc57a27400 R15: 00007ffc57a274e8 [ 977.618238][T20843] [ 980.775975][T20918] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2735'. [ 982.416158][T20946] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2742'. [ 982.966797][T12838] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 2 with max blocks 1 with error 117 [ 983.024075][T12838] EXT4-fs (sda1): This should not happen!! Data will be lost [ 983.024075][T12838] [ 986.601256][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 986.608130][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 986.614721][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 986.621401][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 986.628007][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 986.634594][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 986.670152][T21008] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2756'. [ 986.681976][T21008] netlink: 302 bytes leftover after parsing attributes in process `syz.2.2756'. [ 986.698847][T21006] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2755'. [ 987.391085][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807d85d000: rx timeout, send abort [ 987.899399][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807d85d000: abort rx timeout. Force session deactivation [ 992.959990][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 992.966850][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.371090][T21101] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2778'. [ 995.155429][T21124] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2782'. [ 995.204026][T21124] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2782'. [ 1001.994994][T21226] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2803'. [ 1002.062546][T21226] netlink: 302 bytes leftover after parsing attributes in process `syz.2.2803'. [ 1003.521144][T10670] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 939 with max blocks 2 with error 117 [ 1003.569715][T10670] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1003.569715][T10670] [ 1007.833158][T21298] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2819'. [ 1008.019233][T21298] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2819'. [ 1010.461439][T21334] FAULT_INJECTION: forcing a failure. [ 1010.461439][T21334] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1010.542969][T21334] CPU: 1 UID: 0 PID: 21334 Comm: syz.1.2827 Tainted: G L syzkaller #0 PREEMPT(full) [ 1010.543012][T21334] Tainted: [L]=SOFTLOCKUP [ 1010.543022][T21334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1010.543039][T21334] Call Trace: [ 1010.543049][T21334] [ 1010.543059][T21334] dump_stack_lvl+0x100/0x190 [ 1010.543108][T21334] should_fail_ex.cold+0x5/0xa [ 1010.543140][T21334] get_futex_key+0x1d2/0x1620 [ 1010.543179][T21334] ? __pfx_get_futex_key+0x10/0x10 [ 1010.543225][T21334] futex_wake+0xea/0x530 [ 1010.543265][T21334] ? __pfx_futex_wake+0x10/0x10 [ 1010.543319][T21334] ? errseq_sample+0x51/0x70 [ 1010.543355][T21334] ? file_init_path+0x48e/0x670 [ 1010.543391][T21334] do_futex+0x32b/0x350 [ 1010.543425][T21334] ? __pfx_do_futex+0x10/0x10 [ 1010.543458][T21334] ? fd_install+0x223/0x580 [ 1010.543488][T21334] __x64_sys_futex+0x34f/0x4d0 [ 1010.543523][T21334] ? __sys_socket+0xac/0x260 [ 1010.543559][T21334] ? __pfx___x64_sys_futex+0x10/0x10 [ 1010.543605][T21334] do_syscall_64+0x106/0xf80 [ 1010.543633][T21334] ? clear_bhb_loop+0x40/0x90 [ 1010.543669][T21334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.543700][T21334] RIP: 0033:0x7f20a679c819 [ 1010.543724][T21334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1010.543752][T21334] RSP: 002b:00007f20a76ff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1010.543780][T21334] RAX: ffffffffffffffda RBX: 00007f20a6a15fa8 RCX: 00007f20a679c819 [ 1010.543804][T21334] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f20a6a15fac [ 1010.543820][T21334] RBP: 00007f20a6a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1010.543836][T21334] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 1010.543852][T21334] R13: 00007f20a6a16038 R14: 00007ffc57a27400 R15: 00007ffc57a274e8 [ 1010.543885][T21334] [ 1011.209948][T21349] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2829'. [ 1012.627511][T21375] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2835'. [ 1016.427902][T21428] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2846'. [ 1016.452803][T21428] netlink: 302 bytes leftover after parsing attributes in process `syz.2.2846'. [ 1018.812676][T21459] NFSD: Failed to start, no listeners configured. [ 1020.382440][T21479] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45 [ 1020.780695][T21490] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2857'. [ 1020.823117][T21490] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2857'. [ 1021.190524][T21486] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 1021.219388][T21486] CPU: 0 UID: 0 PID: 21486 Comm: syz.1.2855 Tainted: G L syzkaller #0 PREEMPT(full) [ 1021.219431][T21486] Tainted: [L]=SOFTLOCKUP [ 1021.219440][T21486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1021.219455][T21486] Call Trace: [ 1021.219464][T21486] [ 1021.219473][T21486] dump_stack_lvl+0x100/0x190 [ 1021.219522][T21486] sysfs_warn_dup.cold+0x1c/0x28 [ 1021.219556][T21486] sysfs_do_create_link_sd+0x113/0x140 [ 1021.219598][T21486] sysfs_create_link+0x61/0xc0 [ 1021.219636][T21486] device_add+0x675/0x1950 [ 1021.219677][T21486] ? __pfx_device_add+0x10/0x10 [ 1021.219713][T21486] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1021.219746][T21486] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 1021.219803][T21486] wiphy_register+0x1e5b/0x2d30 [ 1021.219837][T21486] ? __rtnl_unlock+0xb9/0xf0 [ 1021.219868][T21486] ? netdev_run_todo+0x7c0/0x12c0 [ 1021.219907][T21486] ? __pfx_wiphy_register+0x10/0x10 [ 1021.219943][T21486] ? __asan_memset+0x23/0x50 [ 1021.219995][T21486] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 1021.220045][T21486] ieee80211_register_hw+0x2cfd/0x4140 [ 1021.220100][T21486] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1021.220135][T21486] ? __pfx___debug_object_init+0x10/0x10 [ 1021.220174][T21486] ? find_held_lock+0x2b/0x80 [ 1021.220205][T21486] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1021.220237][T21486] ? __hrtimer_setup+0x178/0x280 [ 1021.220280][T21486] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 1021.220339][T21486] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1021.220385][T21486] hwsim_new_radio_nl+0xc1f/0x1340 [ 1021.220418][T21486] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1021.220460][T21486] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 1021.220497][T21486] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 1021.220542][T21486] genl_family_rcv_msg_doit+0x214/0x300 [ 1021.220581][T21486] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1021.220614][T21486] ? genl_get_cmd+0x3ef/0x720 [ 1021.220653][T21486] ? bpf_lsm_capable+0x9/0x10 [ 1021.220686][T21486] ? security_capable+0x80/0x260 [ 1021.220715][T21486] ? ns_capable+0xd2/0xf0 [ 1021.220746][T21486] genl_rcv_msg+0x560/0x800 [ 1021.220785][T21486] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1021.220820][T21486] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1021.220866][T21486] netlink_rcv_skb+0x159/0x420 [ 1021.220898][T21486] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1021.220935][T21486] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1021.220991][T21486] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1021.221024][T21486] genl_rcv+0x28/0x40 [ 1021.221054][T21486] netlink_unicast+0x5aa/0x870 [ 1021.221087][T21486] ? __pfx_netlink_unicast+0x10/0x10 [ 1021.221129][T21486] netlink_sendmsg+0x8b0/0xda0 [ 1021.221163][T21486] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1021.221189][T21486] ? __import_iovec+0x1d2/0x640 [ 1021.221225][T21486] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1021.221258][T21486] ____sys_sendmsg+0x9e1/0xb70 [ 1021.221288][T21486] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1021.221318][T21486] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1021.221357][T21486] ? __pfx_futex_wake_mark+0x10/0x10 [ 1021.221402][T21486] ___sys_sendmsg+0x190/0x1e0 [ 1021.221438][T21486] ? __pfx____sys_sendmsg+0x10/0x10 [ 1021.221514][T21486] __sys_sendmsg+0x170/0x220 [ 1021.221539][T21486] ? __pfx___sys_sendmsg+0x10/0x10 [ 1021.221563][T21486] ? __x64_sys_futex+0x34f/0x4d0 [ 1021.221617][T21486] do_syscall_64+0x106/0xf80 [ 1021.221644][T21486] ? clear_bhb_loop+0x40/0x90 [ 1021.221675][T21486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.221701][T21486] RIP: 0033:0x7f20a679c819 [ 1021.221723][T21486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1021.221747][T21486] RSP: 002b:00007f20a76bd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1021.221771][T21486] RAX: ffffffffffffffda RBX: 00007f20a6a16180 RCX: 00007f20a679c819 [ 1021.221789][T21486] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1021.221805][T21486] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1021.221821][T21486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1021.221836][T21486] R13: 00007f20a6a16218 R14: 00007f20a6a16180 R15: 00007ffc57a274e8 [ 1021.221872][T21486] [ 1025.797544][T21544] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2867'. [ 1025.820747][T21544] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2867'. [ 1027.270437][T21571] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2873'. [ 1028.562310][T21589] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2878'. [ 1028.612056][T21589] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2878'. [ 1029.239126][T21603] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2881'. [ 1029.271619][T21603] netlink: 302 bytes leftover after parsing attributes in process `syz.2.2881'. [ 1029.723021][T21614] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2884'. [ 1029.809943][T21614] netlink: 302 bytes leftover after parsing attributes in process `syz.2.2884'. [ 1030.028510][T21611] FAULT_INJECTION: forcing a failure. [ 1030.028510][T21611] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.142110][T21611] CPU: 1 UID: 0 PID: 21611 Comm: syz.1.2883 Tainted: G L syzkaller #0 PREEMPT(full) [ 1030.142157][T21611] Tainted: [L]=SOFTLOCKUP [ 1030.142167][T21611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1030.142184][T21611] Call Trace: [ 1030.142193][T21611] [ 1030.142203][T21611] dump_stack_lvl+0x100/0x190 [ 1030.142256][T21611] should_fail_ex.cold+0x5/0xa [ 1030.142289][T21611] should_failslab+0xc2/0x120 [ 1030.142322][T21611] __kmalloc_cache_node_noprof+0x7d/0x770 [ 1030.142352][T21611] ? sbitmap_queue_init_node+0x291/0x4a0 [ 1030.142385][T21611] sbitmap_queue_init_node+0x291/0x4a0 [ 1030.142419][T21611] blk_mq_init_tags+0x184/0x300 [ 1030.142456][T21611] blk_mq_alloc_map_and_rqs+0x218/0xeb0 [ 1030.142492][T21611] ? blk_mq_update_queue_map+0x227/0x3a0 [ 1030.142530][T21611] blk_mq_alloc_tag_set+0x848/0x1330 [ 1030.142572][T21611] loop_add+0x3b7/0xb60 [ 1030.142616][T21611] ? __pfx_loop_add+0x10/0x10 [ 1030.142677][T21611] ? rcu_is_watching+0x12/0xc0 [ 1030.142719][T21611] ? do_sock_setsockopt+0x101/0x1d0 [ 1030.142750][T21611] ? kfree+0x2ec/0x6b0 [ 1030.142784][T21611] ? ipv6_setsockopt+0xcb/0x170 [ 1030.142822][T21611] loop_control_ioctl+0xae/0x620 [ 1030.142869][T21611] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1030.142913][T21611] ? xfd_validate_state+0x129/0x190 [ 1030.142957][T21611] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1030.143003][T21611] __x64_sys_ioctl+0x18e/0x210 [ 1030.143049][T21611] do_syscall_64+0x106/0xf80 [ 1030.143078][T21611] ? clear_bhb_loop+0x40/0x90 [ 1030.143124][T21611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.143154][T21611] RIP: 0033:0x7f20a679c819 [ 1030.143177][T21611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1030.143205][T21611] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1030.143232][T21611] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 1030.143251][T21611] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002 [ 1030.143270][T21611] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1030.143287][T21611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1030.143303][T21611] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 1030.143339][T21611] [ 1030.425744][T21611] blk-mq: reduced tag depth (128 -> 64) [ 1030.528654][T21611] ------------[ cut here ]------------ [ 1030.534284][T21611] !rwb [ 1030.534302][T21611] WARNING: block/blk-wbt.c:785 at wbt_init_enable_default+0x164/0x1c0, CPU#0: syz.1.2883/21611 [ 1030.548221][T21611] Modules linked in: [ 1030.552233][T21611] CPU: 0 UID: 0 PID: 21611 Comm: syz.1.2883 Tainted: G L syzkaller #0 PREEMPT(full) [ 1030.563242][T21611] Tainted: [L]=SOFTLOCKUP [ 1030.567597][T21611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1030.577679][T21611] RIP: 0010:wbt_init_enable_default+0x164/0x1c0 [ 1030.584496][T21611] Code: b9 21 fd 5b 5d 41 5c 41 5d 41 5e e9 86 32 ab 06 4c 89 f7 e8 ee 51 8d fd eb 83 4c 89 f7 e8 e4 51 8d fd eb d0 e8 cd b9 21 fd 90 <0f> 0b 90 e9 e9 fe ff ff e8 bf b9 21 fd 90 0f 0b 90 48 b8 00 00 00 [ 1030.604351][T21611] RSP: 0018:ffffc9000cd27b50 EFLAGS: 00010287 [ 1030.610633][T21611] RAX: 00000000000281c5 RBX: ffff88804f1ad000 RCX: ffffc90005549000 [ 1030.618672][T21611] RDX: 0000000000080000 RSI: ffffffff84e68973 RDI: ffffffff8c1b1da0 [ 1030.626901][T21611] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1030.635013][T21611] R10: 0000000000000001 R11: ffffffff81000130 R12: ffff88802a992fa8 [ 1030.643448][T21611] R13: ffff8880493adbac R14: ffff88804f1ad390 R15: ffff88802a992fb8 [ 1030.651692][T21611] FS: 00007f20a76ff6c0(0000) GS:ffff888124340000(0000) knlGS:0000000000000000 [ 1030.660649][T21611] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1030.667239][T21611] CR2: 0000001b30b21ff8 CR3: 00000000350ea000 CR4: 00000000003526f0 [ 1030.675199][T21611] Call Trace: [ 1030.678722][T21611] [ 1030.681649][T21611] blk_register_queue+0x42c/0x590 [ 1030.686882][T21611] __add_disk+0x73f/0xe40 [ 1030.691232][T21611] add_disk_fwnode+0x118/0x5c0 [ 1030.695987][T21611] loop_add+0x90b/0xb60 [ 1030.700208][T21611] ? __pfx_loop_add+0x10/0x10 [ 1030.704891][T21611] ? rcu_is_watching+0x12/0xc0 [ 1030.709670][T21611] ? do_sock_setsockopt+0x101/0x1d0 [ 1030.714868][T21611] ? kfree+0x2ec/0x6b0 [ 1030.719102][T21611] ? ipv6_setsockopt+0xcb/0x170 [ 1030.723952][T21611] loop_control_ioctl+0xae/0x620 [ 1030.728928][T21611] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1030.734471][T21611] ? xfd_validate_state+0x129/0x190 [ 1030.739701][T21611] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1030.745579][T21611] __x64_sys_ioctl+0x18e/0x210 [ 1030.750582][T21611] do_syscall_64+0x106/0xf80 [ 1030.755166][T21611] ? clear_bhb_loop+0x40/0x90 [ 1030.759864][T21611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.765768][T21611] RIP: 0033:0x7f20a679c819 [ 1030.770196][T21611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1030.789833][T21611] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1030.798299][T21611] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 1030.806261][T21611] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002 [ 1030.814274][T21611] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1030.822252][T21611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1030.830247][T21611] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 1030.838256][T21611] [ 1030.841280][T21611] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1030.848549][T21611] CPU: 0 UID: 0 PID: 21611 Comm: syz.1.2883 Tainted: G L syzkaller #0 PREEMPT(full) [ 1030.859488][T21611] Tainted: [L]=SOFTLOCKUP [ 1030.863801][T21611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1030.873839][T21611] Call Trace: [ 1030.877106][T21611] [ 1030.880029][T21611] dump_stack_lvl+0x100/0x190 [ 1030.884703][T21611] vpanic+0x552/0x970 [ 1030.888673][T21611] ? __pfx_vpanic+0x10/0x10 [ 1030.893167][T21611] panic+0xd1/0xe0 [ 1030.896876][T21611] ? __pfx_panic+0x10/0x10 [ 1030.901288][T21611] check_panic_on_warn.cold+0x19/0x34 [ 1030.906648][T21611] ? wbt_init_enable_default+0x164/0x1c0 [ 1030.912274][T21611] __warn.cold+0x191/0x348 [ 1030.916679][T21611] __report_bug+0x296/0x3d0 [ 1030.921179][T21611] ? wbt_init_enable_default+0x164/0x1c0 [ 1030.926825][T21611] ? __pfx___report_bug+0x10/0x10 [ 1030.931855][T21611] ? wbt_init_enable_default+0x164/0x1c0 [ 1030.937480][T21611] report_bug+0xb2/0x220 [ 1030.941708][T21611] ? wbt_init_enable_default+0x164/0x1c0 [ 1030.947333][T21611] handle_bug+0x16a/0x2a0 [ 1030.951661][T21611] exc_invalid_op+0x17/0x50 [ 1030.956153][T21611] asm_exc_invalid_op+0x1a/0x20 [ 1030.960988][T21611] RIP: 0010:wbt_init_enable_default+0x164/0x1c0 [ 1030.967228][T21611] Code: b9 21 fd 5b 5d 41 5c 41 5d 41 5e e9 86 32 ab 06 4c 89 f7 e8 ee 51 8d fd eb 83 4c 89 f7 e8 e4 51 8d fd eb d0 e8 cd b9 21 fd 90 <0f> 0b 90 e9 e9 fe ff ff e8 bf b9 21 fd 90 0f 0b 90 48 b8 00 00 00 [ 1030.986824][T21611] RSP: 0018:ffffc9000cd27b50 EFLAGS: 00010287 [ 1030.992877][T21611] RAX: 00000000000281c5 RBX: ffff88804f1ad000 RCX: ffffc90005549000 [ 1031.000833][T21611] RDX: 0000000000080000 RSI: ffffffff84e68973 RDI: ffffffff8c1b1da0 [ 1031.008788][T21611] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1031.016743][T21611] R10: 0000000000000001 R11: ffffffff81000130 R12: ffff88802a992fa8 [ 1031.024697][T21611] R13: ffff8880493adbac R14: ffff88804f1ad390 R15: ffff88802a992fb8 [ 1031.032658][T21611] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1031.038716][T21611] ? wbt_init_enable_default+0x163/0x1c0 [ 1031.044355][T21611] blk_register_queue+0x42c/0x590 [ 1031.049375][T21611] __add_disk+0x73f/0xe40 [ 1031.053700][T21611] add_disk_fwnode+0x118/0x5c0 [ 1031.058457][T21611] loop_add+0x90b/0xb60 [ 1031.062623][T21611] ? __pfx_loop_add+0x10/0x10 [ 1031.067303][T21611] ? rcu_is_watching+0x12/0xc0 [ 1031.072060][T21611] ? do_sock_setsockopt+0x101/0x1d0 [ 1031.077259][T21611] ? kfree+0x2ec/0x6b0 [ 1031.081338][T21611] ? ipv6_setsockopt+0xcb/0x170 [ 1031.086178][T21611] loop_control_ioctl+0xae/0x620 [ 1031.091117][T21611] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1031.096672][T21611] ? xfd_validate_state+0x129/0x190 [ 1031.101869][T21611] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1031.107413][T21611] __x64_sys_ioctl+0x18e/0x210 [ 1031.112173][T21611] do_syscall_64+0x106/0xf80 [ 1031.116769][T21611] ? clear_bhb_loop+0x40/0x90 [ 1031.121439][T21611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1031.127319][T21611] RIP: 0033:0x7f20a679c819 [ 1031.131722][T21611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1031.151321][T21611] RSP: 002b:00007f20a76ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1031.159744][T21611] RAX: ffffffffffffffda RBX: 00007f20a6a15fa0 RCX: 00007f20a679c819 [ 1031.167700][T21611] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002 [ 1031.175655][T21611] RBP: 00007f20a6832c91 R08: 0000000000000000 R09: 0000000000000000 [ 1031.183608][T21611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1031.191563][T21611] R13: 00007f20a6a16038 R14: 00007f20a6a15fa0 R15: 00007ffc57a274e8 [ 1031.199530][T21611] [ 1031.202872][T21611] Kernel Offset: disabled [ 1031.207191][T21611] Rebooting in 86400 seconds..