last executing test programs: 11.415864272s ago: executing program 0 (id=588): openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0) mmap$auto(0x100000, 0x2b1, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0x5, 0x9b72, 0x2, 0x6) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xc834, 0xfffffffffffffffa, 0x8000) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r1) sendmsg$auto_IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r3, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)={0x28, r2, 0x101, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) sendmsg$auto_NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x30, r2, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x4}, @NL802154_ATTR_COORDINATOR={0x8, 0x1e, 0x0, 0x1, [@generic="25d3500a"]}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x8804}, 0x4000040) prctl$auto_SECCOMP_MODE_STRICT(0x3, 0x1, 0x0, 0x9, 0x1) 9.909791903s ago: executing program 0 (id=593): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_cmdlines_size\x00', 0x90001, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800) (async) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2) (async) mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2) madvise$auto(0x0, 0x20499d, 0x9) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) (async) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x100, 0x4000000000df, 0x13, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x100, 0x4000000000df, 0x13, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) socket(0x2, 0x1, 0x106) (async) socket(0x2, 0x1, 0x106) connect$auto(0x3, 0x0, 0x54) ioprio_set$auto(0x3, 0x0, 0x4b34) (async) ioprio_set$auto(0x3, 0x0, 0x4b34) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x1000000, 0xffffffffffff0006, 0x17) (async) madvise$auto(0x1000000, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) clone$auto(0x0, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) close_range$auto(0x2, 0x8, 0x0) 8.631124213s ago: executing program 0 (id=599): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = clone3$auto(&(0x7f0000000180)={0x2000000000100d, 0x7, 0x1, 0x200000000010000, 0xe11b, 0x8000000000000000, 0x9a1, 0x2, 0x12006, 0x1ff, 0x5185}, 0xfffffffffffffa81) prctl$auto(0x3e, 0x1, r1, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x123002, 0x0) ioctl$auto_SNDCTL_DSP_GETBLKSIZE(r2, 0xc0045004, &(0x7f0000000000)) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r3 = open(0x0, 0x261c2, 0x84) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x2) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r5, r4, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x67f, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x80000001}, 0x2) bpf$auto(0x1, &(0x7f0000000380)=@raw_tracepoint={0x5, r3, 0x0, 0x6}, 0xc) madvise$auto(0xfffffffffffffffe, 0x240007, 0x17) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) 3.969677561s ago: executing program 0 (id=610): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/vivid.0/video4linux/video60/power/autosuspend_delay_ms\x00', 0x200, 0x0) write$auto(r0, &(0x7f0000000000)='\'\x00', 0xdbd8) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/114, 0x72) sendmmsg$auto(r0, &(0x7f0000000380)={{&(0x7f0000000040), 0x848, 0x0, 0x0, 0x0, 0x3, 0x10b}, 0x800009}, 0x1, 0x20020800) close_range$auto(0x2, 0x8, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sg0\x00', 0x20000, 0x0) r1 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000740), 0x101001, 0x0) writev$auto(r1, &(0x7f0000000100)={0x0, 0x100000000007111}, 0x8) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000b00), 0x40042, 0x0) fadvise64$auto_POSIX_FADV_RANDOM(r2, 0x81, 0x8, 0x1) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) madvise$auto(0xff, 0x5, 0x17) r3 = openat$auto_fops_x64_ro_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy10/netdev:wlan0/stations/08:02:11:00:00:01/driver_buffered_tids\x00', 0x12180, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/usbip-vudc.0/udc/usbip-vudc.0/current_speed\x00', 0x181040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)=""/206, 0xce) read$auto_fops_x64_ro_(r3, &(0x7f0000000200)=""/208, 0xd0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/seq/timer\x00', 0x28102, 0x0) read$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f0000001880)=""/4101, 0x1005) prctl$auto(0x3a, 0x1, 0x4, 0x2, 0xa) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x26, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) statmount$auto(&(0x7f0000000000)={0x1f, @raw, 0x80000007, 0x1ff, 0x8000000000000000}, 0x0, 0x2, 0x0) landlock_restrict_self$auto(0xffffffffffffffff, 0x4) 3.745453676s ago: executing program 2 (id=612): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) (async) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) (async, rerun: 64) close_range$auto(0x2, 0x8000, 0x0) (rerun: 64) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/cifsFYI\x00', 0x40c01, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = set_tid_address$auto(&(0x7f0000000140)=0xfffffffd) bpf$auto_BPF_LINK_DETACH(0x22, &(0x7f0000000180)=@task_fd_query={r2, r1, 0x6, 0x7f, 0x5, 0x3, r0, 0x4, 0x9}, 0xfffffff7) (async) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$auto(r1, 0xaea2, 0xffffffffffffffff) (async) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) (async) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000005c0)={'veth0_to_bridge\x00', 0x0}) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex=r7, 0xffffffffffffffff, 0x9c, 0x1, 0x1, @relative_fd, 0x5}, 0x96) (async) ioctl$auto(0x3, 0xc048ae65, r0) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r5, 0x4, &(0x7f0000000040)='-\x00', &(0x7f0000000080)="bb1e5ad3004d7a1741511d14ed5d2109f2e5e15b4cdf19389ee29c11e0b0cad5b9ce99e745e9de1cf27753e9c55abf243911da2301c76d123d3616645fa789f25da24cef55ddc98fc465451629ee59fe8c67a85e9a8442efe5e2760d7c0ed6ed9d282e7cd3d97c56c786286654171d5155de27a2066080540d9249e75c5fec5dd6225193d313d3c8efb61fce6606bec2b8b53eb20a56c195dfdeb2d5d119bec7c9cd01cc16ffc1ff59f532f4309717723a21b8a199a696484a", 0x2b4) 2.519173393s ago: executing program 2 (id=614): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x8100, 0x0) mmap$auto(0x7, 0x400008, 0xdf, 0x91, 0x7, 0x800008000) socket(0xa, 0x3, 0x3a) ioctl$auto_TIOCMSET2(0xffffffffffffffff, 0x5418, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4) write$auto(0xca, 0x0, 0x3) lseek$auto(0xffffffffffffffff, 0x9, 0x0) getdents$auto(0xffffffffffffffff, 0x0, 0x62d4) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/ldiscs\x00', 0x2, 0x0) 2.313676424s ago: executing program 2 (id=616): openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0) mmap$auto(0x100000, 0x2b1, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0x5, 0x9b72, 0x2, 0x6) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xc834, 0xfffffffffffffffa, 0x8000) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r1) sendmsg$auto_IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r3, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)={0x28, r2, 0x101, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) sendmsg$auto_NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x30, r2, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x4}, @NL802154_ATTR_COORDINATOR={0x8, 0x1e, 0x0, 0x1, [@generic="25d3500a"]}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x8804}, 0x4000040) prctl$auto_SECCOMP_MODE_STRICT(0x3, 0x1, 0x0, 0x9, 0x1) 2.125127552s ago: executing program 3 (id=617): mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0x2003f0, 0x1015) (async) madvise$auto(0x0, 0x200007, 0x19) (async) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x7, 0x0) socket(0x11, 0x800, 0x7) (async) r0 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) socketpair$auto(0x3, 0xd, 0x8dc2, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f00000002c0)=@info={r0, 0xd, 0x139}, 0x3) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/pids.peak\x00', 0x8000, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) (async) pivot_root$auto(0x0, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0x2000040080000000, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) connect$auto(0x3, 0x0, 0x10) (async) unshare$auto(0x40000080) (async) r1 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000100), 0x80840, 0x0) lseek$auto(r1, 0x0, 0x2) (async) readv$auto(r1, 0x0, 0x1) getsockopt$auto(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000040)='/dev/cec27\x00', 0x0) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 2.099895593s ago: executing program 0 (id=618): statmount$auto(&(0x7f0000000040)={0x1f, @raw, 0x80000027, 0xf5ff, 0x8}, 0x0, 0x208, 0x0) r0 = open(0x0, 0x161342, 0x130) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/hugepages/hugepages-2048kB/resv_hugepages\x00', 0x40200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/65, 0x41) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r0, 0x7cb, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_adj\x00', 0x600000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0) write$auto(r3, &(0x7f0000000100)='/surit\x8b\xafR\xf2y/integrity?iqa/policy\x00\xa2\xf4\x92_\xe8\xaeD\xca/ \xe5\xed`\xa4\xb5b\xff\x8c\xcf8\x00\xd5s\xb36\"\'\xb0\x84k\x98\xd7\xca\x06O\xd8Y\x15{W\f=XM\xb7\xf4\xca\xdf\x8fe\xe2\x91>`D{\x9e\xfe\x92\x9f|#5P\x8b\xdd\xd2/\b\xb5g\x18\xed\xaa \x9fs\xe0\x04\x84\x04\x02\x89\x84%d\xc1@\x91W\xf8\xf65\xa8\x1d\xde\alUZ\xab\x17\xba\xf8\x02\x12\x94\xdc\xcb\xc3\x06\x82\xc8G4>J\x83\xd3^\x8d', 0x2000000000c5) capset$auto(&(0x7f0000000040)={0x19980330}, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/tty/ttyt4/power/autosuspend_delay_ms\x00', 0x242602, 0x0) write$auto(0x3, 0x0, 0xffd8) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) 2.015976486s ago: executing program 1 (id=619): r0 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000000), 0x80200, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 1.903052159s ago: executing program 3 (id=620): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r1 = socket(0xa, 0x801, 0x84) lsm_list_modules$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x1, 0x3f, 0x0, 0xb) sendto$auto(0x3, 0x0, 0x2000f, 0x101, &(0x7f0000000000)=@in={0x2, 0x4e22, @rand_addr=0x64010100}, 0x1c) listen$auto(0x3, 0x81) r2 = socket(0x10, 0x80002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x7, 0x0) timerfd_settime$auto(r2, 0x0, 0x0, &(0x7f0000000080)={{0x1cf, 0x4}, {0x8, 0x9}}) accept$auto(0x3, 0x0, 0x0) read$auto(r0, 0x0, 0x80000000) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, 0x0, 0x40812) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec\x00', 0x189302, 0x0) r4 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r4, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r4, &(0x7f0000000240)="f85bcccc7952bf07004d40d5c48811724495d8b6c192512193c94bcb225ac16aa711c65ea1c1404692799b280660c2058309ead870c47ae0fe1a427fda17651eee63af615a93bf1cd60a4bf9cea1da1e7d25c63b85b626f63e7905d4159ecc3a37c13d68a9c3a190f69c42cd7a70d73ab607d63bbdc7a043d240c6370000000000000000009a58a5bbf50c2cb2e57199e19959894b446bea9aca58a7134c08000000eb59359bd247deda3851d3cf3b2d0442498ef5bb3d423732d59c51371e4fbc6bd2fbd411e750e21c9a9dd48cdf6a542ffba2050cce6acf42fe28f60ca259cfda4709160000000000000000000000000000007590e3ba50954664fff84b88edf994ead5845b2d2604675718abe0f42b9b359565e3cd81c4e1e453bdfde4fed953b57548f894d377174c5ad943f899a6c2e5efca7033da71bb8c34108926d9cfd78f6180a5757eedce2633a4609f77d71e9b2447bc4531f11765e6723d850599908552e96bc38b170e6ceaf075cc8e4a7702e7d91faecf35a5c8bf91b564dada26751f6631a87053978324a3cffc8ad8495a5b8e4231a2323c4042ecd7a1b86780f2ec2079ea3387a39c4233", 0x1ad) writev$auto(r3, &(0x7f0000000200)={0x0, 0x9}, 0x5) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) 1.724241478s ago: executing program 1 (id=621): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(r0, 0x0, 0x1) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x28082, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/ram3/queue/iostats_passthrough\x00', 0x28ce81, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) write$auto(r1, 0x0, 0xfffffdef) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/usb/drivers/usbip-host/rebind\x00', 0x121681, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x4329d0f5, 0xffffffffffffffff, 0x8003) r3 = openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000000940)='/sys/kernel/debug/netdevsim/netdevsim4/ports/2/bpf_tc_non_bound_accept\x00', 0x100, 0x0) mmap$auto(0x657, 0x2020009, 0x3, 0xebd, r3, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/usbip-host/match_busid\x00', 0x1e2b42, 0x0) mmap$auto(0x0, 0x1, 0x9, 0xeb1, 0xfffffffffffffffa, 0x9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/lapb2/statistics/rx_compressed\x00', 0x8000, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000180)='{', 0x1) close_range$auto(0x2, 0x8, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000580)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002dbd7000fbdbdf25010000000800010021100000040007800c0002000100000000000000249fbb47bb9a8cb0f6947572c350dea295ab39a4dff58df70121f646d348796d9ff88c93329093483b7868ac958ba44fae700c87b82c7e4e989e4d787772d596a5c64846c0bb082f7e2745f1735521ab5c9b4efade52418ddb66c6986627fa83db471ab97e4aa29ba6909c7b6293ef58d3caf802ebd505e8241593b22523912c579122644c87bcc043d7143a14f2e3ff662353c635b34d63fee989ccf7686d51491492521d4a05b160f175a113269e8c771b7adabf8e0881a5a5f864430ef7e763498f64"], 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) 1.542880189s ago: executing program 3 (id=622): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r0 = socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000580)='/proc/thread-self/net/raw6\x00', 0x500, 0x0) pread64$auto(r1, 0x0, 0x206, 0x14a) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) r2 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) sendmsg$auto_SMC_NETLINK_ENABLE_SEID(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="b0000000", @ANYRES16=r2, @ANYBLOB="02002cbd7000fbdbdf250e00000006728f0807939c9dc5bb6a9416b435d11cb41cee97ce64c93adfbccb251a966a3106ae656ec576352c12c05c37a212a0cad1a1b92ff448efa1f19d6c3fa25387701233698d08000078b0f59d5cace4d4c94371e7750b664b2279eaa1c3f2a390e9dbdb1ae8043c6c4a721688b9a46dccff4e70284d0444be32d62f40ba07b9156efe5849d75889091cc644fe9e58e763a0cfee805059a41f1e1e039f111ea73fa676788a19662b531fae00b8e2b450a73f27afdb26f02a1730c3b046f2bc44b178cbc7b46811ba886d51b9a669ab15885d52df3cd1aa123cca465273c6a9e1af5d962180a8dd4f36e4f8be6418ed08b344cd4f6743c5a820496845db6774d98f076e289e685812010cb58237431c7f1ccd13d9fc974064aade896ee465dc8523e38968589f7ad8236707c83ead6457553ce6a6808272cffd2e9a5ebba3c18d592bca977883cfcb5a1c7a3443639c15b275d9a182211aab937c2f5d556220f7c4ef56cffdc50d13016523b7ffff9e690ffb39a837e34ae13d1d7aacb4492a7e85cfd0e2a783a91ca09e8c4213caef7b4ce744f10f12eb8a1f3ac53924ca2e07efd9de5f97715b205aa7f6f1b1b82abcd10411d586e10c8bcb28a5a97488fc6919a14ebffea500"], 0xb0}, 0x1, 0x0, 0x0, 0xc014}, 0x20000000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) read$auto(0x4, 0x0, 0xfdef) sendto$auto(0xffffffffffffffff, &(0x7f0000000480)="77d3b9af53414919a6575cb84c0a540b62e3fd11ad276ae8158132506c239ac66298de8b171fe6644b05425d2adf8fd13fea87d6bfe9fbf761a70d75c12cc333d3c3188d27599bc26f1941b3c669791b87c8dbf69416940790395ceeb9fcde1a79b2d6560367e6532f0996cb10bc9c69b81823f3cf609a1877c6e2302eb91882569b67f59dfb15f4cf02eca9cac0ec", 0xf88, 0x0, &(0x7f00000000c0)=@vsock, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@generic={0xa, "02d0ac0c00e435826339c7328903"}, 0x6a) 1.379368223s ago: executing program 3 (id=623): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram11\x00', 0x14fe02, 0x0) mmap$auto(0x5, 0x810004, 0x4, 0x14, r0, 0x2000000000000002) preadv2$auto(r0, 0x0, 0x6, 0xffffffffffffffff, 0x8000000000000, 0x2f) dup3$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x3b09137d) close_range$auto(r0, 0xa, 0x4) ioctl$auto_BLKPG2(0xffffffffffffffff, 0x1269, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) r2 = socket(0x22, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x80044943, 0x0) ioctl$auto_I2C_SMBUS(r1, 0x720, 0x0) mmap$auto(0x0, 0x402000b, 0x4af, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xfc\x04\x00\x00)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) ioctl$auto(0x3, 0x8905, 0x38) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 1.287216123s ago: executing program 2 (id=624): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x8100, 0x0) mmap$auto(0x7, 0x400008, 0xdf, 0x91, 0x7, 0x800008000) socket(0xa, 0x3, 0x3a) ioctl$auto_TIOCMSET2(0xffffffffffffffff, 0x5418, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x1) lseek$auto(r0, 0x9, 0x0) getdents$auto(r0, 0x0, 0x62d4) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/ldiscs\x00', 0x2, 0x0) 1.19028699s ago: executing program 1 (id=625): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535"}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x9, 0xc4, 0x8, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x9, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb78, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0xd, 0x3, 0x71, 0x0, 0x8, 0x2, 0x3, 0xffffffffffffffbb, 0x2d7, 0x1, 0x1, 0x6, 0x2, 0x800000000, 0x6, 0x7, 0x0, 0x6, 0x4, 0x3, 0x40a, 0x9, 0x3ff, 0x8, 0x7, 0xffff, 0x50ce0883, 0x3d9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x2, 0x6, 0x1, 0x3, 0x3, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x6, 0x4, 0x2, 0x3, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x0, 0x8001, 0x0, 0x1, 0x7, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x6, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x8, 0x9, 0xfffffffffffffffb, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0xc63, 0xa, 0xb}}) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) (async) socket(0x10, 0x2, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0) 1.053397292s ago: executing program 1 (id=626): r0 = openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = clone3$auto(&(0x7f0000000040)={0x80000000, 0x400, 0x9, 0x2, 0x200, 0x9, 0x8000000000000000, 0x9, 0x9, 0x7f, 0x800}, 0x1abf9b6f) fcntl$auto_F_SETOWN(r0, 0x8, r1) (async, rerun: 64) write$auto(r0, &(0x7f00000000c0)='\x00', 0x5) (async, rerun: 64) fsconfig$auto_SHMEM_HUGE_DENY(r0, 0x100, &(0x7f0000000100)='!)&\x00', &(0x7f0000000140)="73fe481b69e1d37a05e415895b0ca79770b002ae42166880c1d25ef4447d2d9d73f7f6b6e433cdf90c56d4a916609aa0b1c6f873f79a3c3132f76c5ae08f8962b1e5f40c680bd73b4f1629427fd545f9f676cfe7e7a55a77a4afdc34bb2c1131469808d16e5fffc3253896cf2fdebb842b8c2e3f9d9e7b9cd4ce9ce76e9aeea7f4762718ceb49e0866e654e3fbf3b5df81867ffa15fd53207c53a427ea2f0cddc0ecf6c0a14c99beff6c0d5958f1fe167e065721c3d3", 0xffffffffffffffff) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000200)="5e4a4893e6a9a413dc15c53ff4e4ef3cbe26d745469984df89477c17376f4825a843b7d902db1ac93db339f91311f38c26efa965a0898640484318beb5728b876b949af48a1ed44ba575dcd8ea0bfba09669da2f8660f91414358853be5d05122adc03241bfa8340e76831420c8f443eb4fa5784a935e66d69dff580b149286d8571aa6a5f8954ec662d05767d5b9f025844792ee99dd6f2589cf7dff1b99e03678bab0c454f25041cc5aaa69b", 0xad) bpf$auto_BPF_MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)=@link_detach={0xffffffffffffffff}, 0x6) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f00000003c0), r4) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000400)={'pim6reg\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_SET(r4, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x78, r5, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@OVS_DP_ATTR_NAME={0x2a, 0x1, '/sys/kernel/debug/binder/transactions\x00'}, @OVS_DP_ATTR_NAME={0x8, 0x1, '!)&\x00'}, @OVS_DP_ATTR_NAME={0x5, 0x1, '\x00'}, @OVS_DP_ATTR_NAME={0x5, 0x1, '\x00'}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x4}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r6}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r1}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x7}]}, 0x78}, 0x1, 0x0, 0x0, 0x44000}, 0x20000004) (async) mmap$auto(0x9, 0xfffffffffffffffa, 0x80, 0x10, r4, 0x5) ioctl$auto_OTPGETREGIONINFO(r4, 0x400c4d0f, &(0x7f0000000540)={0x5, 0x80000000}) getpid() (async) r7 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f00000005c0), r3) sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(r3, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x64, r7, 0x10, 0x70bd2d, 0x25dfdbfd, {}, [@IOAM6_ATTR_SC_ID={0x8, 0x4, 0x3}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x4}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0xffff}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0xb}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x200}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x80000001}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x7}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x81}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x4}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x2299}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x810) (async) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000740), r3) sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r4, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r8, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_FTM_RESPONDER={0x8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8051}, 0x0) (async, rerun: 32) ioctl$auto_VHOST_SET_FEATURES2(r4, 0x4008af00, &(0x7f0000000840)=0x7fffffff) (rerun: 32) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000880)='/dev/mtd0\x00', 0x2, 0x0) (async, rerun: 64) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x70, 0x0, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8001}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4804}, 0x804) (rerun: 64) r9 = socketpair$auto(0x7f, 0x1800, 0x3ff, &(0x7f0000000a00)) sendmsg$auto_NL80211_CMD_DEL_STATION(r9, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x38, r8, 0xa02, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0xfffb}, @NL80211_ATTR_HE_OBSS_PD={0xc, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET={0x5, 0x3, 0x7f}]}, @NL80211_ATTR_CENTER_FREQ1_OFFSET={0x8, 0x123, 0x6}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x1fa7}]}, 0x38}, 0x1, 0x0, 0x0, 0x41}, 0x44890) (async) sysfs$auto(0xff, 0x101, 0x9) (async) write$auto_drm_connector_fops_drm_debugfs(r4, &(0x7f0000000b40)="089dabed6728a55fc347bb4500e4f8c935d71cba5f4f59f3", 0x18) (async) r10 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000bc0), r9) sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(r3, &(0x7f0000000c80)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000c00)={0x1c, r10, 0x10, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8845}, 0x4000000) (async) getsockopt$auto_SO_BPF_EXTENSIONS(r0, 0x1000, 0x30, &(0x7f0000000cc0)='\x00', &(0x7f0000000d00)=0xd) (async, rerun: 32) sendmsg$auto_NCSI_CMD_PKG_INFO(r3, &(0x7f0000000e00)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x28, 0x0, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x437}, @NCSI_ATTR_IFINDEX={0x8}, @NCSI_ATTR_MULTI_FLAG={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x84}, 0x8044) (rerun: 32) 1.050134733s ago: executing program 2 (id=627): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) open(&(0x7f0000000000)='./file0\x00', 0x101800, 0x181) mkdir$auto(&(0x7f0000000280)='./cgroup.net/\f\x00\x00\x00\x00', 0xa3) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/maps\x00', 0x40302, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x8000000000000006, 0x22, 0x0, 0x7ffffc) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x207f93, 0xfffffffe, 0x7ffffffd, 0x3, 0x7, 0x5}) read$auto(r0, &(0x7f0000000000)='/proc/self/maps\x00', 0x9) clone$auto(0x2000020003b4a, 0x6, 0x0, 0x0, 0x103) 841.301229ms ago: executing program 0 (id=628): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001580)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/queues/tx-0/byte_queue_limits/limit_max\x00', 0x2001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/time\x00') recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xffffbff9, 0x10, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7ffffffff000}, 0x3) 663.244663ms ago: executing program 1 (id=629): r0 = socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_BTRFS_IOC_QUOTA_RESCAN(0xffffffffffffffff, 0x4040942c, &(0x7f0000000040)={0x2, 0x5, [0x1, 0x10000, 0xfffffffffffffff7, 0x2, 0x5c74, 0x10]}) sendto$auto(r0, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 523.071343ms ago: executing program 1 (id=630): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x80003, 0xffff) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/members\x00', 0x0, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x400c000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1a00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4001}, 0x40000) 455.589033ms ago: executing program 2 (id=631): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x80003, 0xffff) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/members\x00', 0x0, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x400c000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1a00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4001}, 0x40000) 211.242362ms ago: executing program 3 (id=632): unshare$auto(0x40000080) (async) openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000080), 0x100401, 0x0) (async) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) listen$auto(0x3, 0x81) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) (async) madvise$auto(0x0, 0x2003f2, 0x15) (async) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYRES8, @ANYRES64=0x0, @ANYRESDEC=r0], 0x14}}, 0x24048004) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r3, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) (async) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) epoll_create$auto(0x2) (async) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) 0s ago: executing program 3 (id=633): seccomp$auto(0x1, 0x3f, 0x0) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffff70005, 0x17) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2) madvise$auto(0x0, 0x20499d, 0x9) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x100, 0x4000000000df, 0x13, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0xa00009, 0x400002, 0x40eb1, 0x602, 0x300000000000) socket(0x2, 0x1, 0x106) connect$auto(0x3, 0x0, 0x54) ioprio_set$auto(0x3, 0x0, 0x4b34) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000001280)='/sys/kernel/config/nullb/features\x00', 0x109103, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x1000000, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) clone$auto(0x0, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) kernel console output (not intermixed with test programs): slave_0 added [ 90.378890][ T5831] team0: Port device team_slave_1 added [ 90.445096][ T5834] Bluetooth: hci1: command tx timeout [ 90.462658][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.470908][ T5834] Bluetooth: hci3: command tx timeout [ 90.471169][ T5829] Bluetooth: hci2: command tx timeout [ 90.476610][ T5834] Bluetooth: hci0: command tx timeout [ 90.482659][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.513998][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.531670][ T5827] hsr_slave_0: entered promiscuous mode [ 90.538384][ T5827] hsr_slave_1: entered promiscuous mode [ 90.544866][ T5827] debugfs: 'hsr0' already exists in 'hsr' [ 90.550678][ T5827] Cannot create hsr debugfs directory [ 90.576125][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.583210][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.609750][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.633197][ T5824] hsr_slave_0: entered promiscuous mode [ 90.639643][ T5824] hsr_slave_1: entered promiscuous mode [ 90.646233][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 90.651987][ T5824] Cannot create hsr debugfs directory [ 90.785187][ T5831] hsr_slave_0: entered promiscuous mode [ 90.791538][ T5831] hsr_slave_1: entered promiscuous mode [ 90.797946][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 90.803752][ T5831] Cannot create hsr debugfs directory [ 91.135537][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 91.156031][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 91.186284][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 91.199195][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.261656][ T5827] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.272478][ T5827] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.284541][ T5827] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.297213][ T5827] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.407426][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 91.431752][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 91.458256][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 91.484103][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 91.539366][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 91.550361][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 91.562833][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 91.583421][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.644215][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.716865][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.730333][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.748569][ T1321] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.756035][ T1321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.794324][ T1321] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.802187][ T1321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.817078][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.850515][ T1321] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.857678][ T1321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.911446][ T1321] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.918607][ T1321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.984014][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.071643][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.120625][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.136608][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.170883][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.178207][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.217976][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.225228][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.236849][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.244058][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.278456][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.285804][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.524752][ T5834] Bluetooth: hci2: command tx timeout [ 92.530228][ T5829] Bluetooth: hci0: command tx timeout [ 92.530271][ T5834] Bluetooth: hci3: command tx timeout [ 92.537217][ T5829] Bluetooth: hci1: command tx timeout [ 92.640997][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.859986][ T5828] veth0_vlan: entered promiscuous mode [ 92.892176][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.934962][ T5828] veth1_vlan: entered promiscuous mode [ 93.075792][ T5828] veth0_macvtap: entered promiscuous mode [ 93.101524][ T5828] veth1_macvtap: entered promiscuous mode [ 93.128470][ T5827] veth0_vlan: entered promiscuous mode [ 93.148584][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.173244][ T5827] veth1_vlan: entered promiscuous mode [ 93.189793][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.200651][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.213836][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.252272][ T3549] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.268913][ T3549] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.288046][ T3549] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.298670][ T3549] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.330361][ T5827] veth0_macvtap: entered promiscuous mode [ 93.358479][ T5827] veth1_macvtap: entered promiscuous mode [ 93.375317][ T5831] veth0_vlan: entered promiscuous mode [ 93.436519][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.461265][ T5831] veth1_vlan: entered promiscuous mode [ 93.498825][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.526558][ T3549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.546048][ T3549] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.571361][ T5824] veth0_vlan: entered promiscuous mode [ 93.592699][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.603878][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.618558][ T5824] veth1_vlan: entered promiscuous mode [ 93.641743][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.653421][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.674347][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.682500][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.712427][ T5831] veth0_macvtap: entered promiscuous mode [ 93.748183][ T5831] veth1_macvtap: entered promiscuous mode [ 93.775857][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 93.818448][ T5824] veth0_macvtap: entered promiscuous mode [ 93.860485][ T5824] veth1_macvtap: entered promiscuous mode [ 93.881005][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.907000][ T1155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.937350][ T1155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.946270][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.008399][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.019112][ T5918] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 94.046598][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.104583][ T1155] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.113631][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.122350][ T1155] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.134211][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.159636][ T1155] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.169321][ T1155] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.195742][ T5919] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 94.226310][ T1155] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.237720][ T1155] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.250977][ T1155] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.279656][ T1155] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.505948][ T5926] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 94.614559][ T5829] Bluetooth: hci3: command tx timeout [ 94.620771][ T5829] Bluetooth: hci0: command tx timeout [ 94.633344][ T5834] Bluetooth: hci2: command tx timeout [ 94.640716][ T5836] Bluetooth: hci1: command tx timeout [ 94.648096][ T3549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.669861][ T3549] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.803006][ T1321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.827212][ T1321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.939023][ T1321] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.958483][ T1321] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.986410][ T3549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.006517][ T3549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.588839][ T5944] FAULT_INJECTION: forcing a failure. [ 95.588839][ T5944] name failslab, interval 1, probability 0, space 0, times 1 [ 95.617675][ T5944] CPU: 0 UID: 0 PID: 5944 Comm: syz.2.3 Not tainted syzkaller #0 PREEMPT(full) [ 95.617718][ T5944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 95.617737][ T5944] Call Trace: [ 95.617746][ T5944] [ 95.617757][ T5944] dump_stack_lvl+0x100/0x190 [ 95.617800][ T5944] should_fail_ex.cold+0x5/0xa [ 95.617850][ T5944] should_failslab+0xc2/0x120 [ 95.617892][ T5944] __kmalloc_cache_noprof+0x80/0x810 [ 95.617921][ T5944] ? fsnotify_add_mark_locked+0x211/0xfc0 [ 95.617964][ T5944] ? fsnotify_add_mark_locked+0xa5e/0xfc0 [ 95.618013][ T5944] ? fsnotify_add_mark_locked+0xa5e/0xfc0 [ 95.618054][ T5944] fsnotify_add_mark_locked+0xa5e/0xfc0 [ 95.618108][ T5944] do_fanotify_mark+0x3033/0x4010 [ 95.618158][ T5944] ? __pfx_do_fanotify_mark+0x10/0x10 [ 95.618193][ T5944] ? __x64_sys_futex+0x358/0x4d0 [ 95.618241][ T5944] ? xfd_validate_state+0x129/0x190 [ 95.618297][ T5944] __x64_sys_fanotify_mark+0xbd/0x160 [ 95.618335][ T5944] ? do_syscall_64+0x94/0xf80 [ 95.618373][ T5944] ? lockdep_hardirqs_on+0x78/0x100 [ 95.618407][ T5944] do_syscall_64+0xc9/0xf80 [ 95.618447][ T5944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.618474][ T5944] RIP: 0033:0x7f0a48d9af79 [ 95.618499][ T5944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 95.618525][ T5944] RSP: 002b:00007f0a49bf5028 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 95.618554][ T5944] RAX: ffffffffffffffda RBX: 00007f0a49015fa0 RCX: 00007f0a48d9af79 [ 95.618573][ T5944] RDX: 0000000000008009 RSI: 0000000000000105 RDI: 0000000000000000 [ 95.618589][ T5944] RBP: 00007f0a48e316e0 R08: 0000000000000000 R09: 0000000000000000 [ 95.618607][ T5944] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 95.618624][ T5944] R13: 00007f0a49016038 R14: 00007f0a49015fa0 R15: 00007fff85f9fc78 [ 95.618663][ T5944] [ 95.826560][ T5951] Zero length message leads to an empty skb [ 95.934929][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.684779][ T5834] Bluetooth: hci2: command tx timeout [ 96.690968][ T5836] Bluetooth: hci1: command tx timeout [ 96.696526][ T5829] Bluetooth: hci0: command tx timeout [ 96.701958][ T5829] Bluetooth: hci3: command tx timeout [ 96.984647][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.014870][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.078253][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 97.125668][ T797] cfg80211: failed to load regulatory.db [ 97.384444][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 97.776272][ T5961] ovs_: entered promiscuous mode [ 97.794028][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 97.846438][ T5982] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.099810][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 98.144220][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 98.205162][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 98.285540][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 100.408518][ T6023] netlink: 12 bytes leftover after parsing attributes in process `syz.0.21'. [ 101.858470][ T6044] FAULT_INJECTION: forcing a failure. [ 101.858470][ T6044] name failslab, interval 1, probability 0, space 0, times 0 [ 101.894016][ T6044] CPU: 1 UID: 0 PID: 6044 Comm: syz.2.24 Tainted: G L syzkaller #0 PREEMPT(full) [ 101.894069][ T6044] Tainted: [L]=SOFTLOCKUP [ 101.894080][ T6044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 101.894099][ T6044] Call Trace: [ 101.894109][ T6044] [ 101.894127][ T6044] dump_stack_lvl+0x100/0x190 [ 101.894170][ T6044] should_fail_ex.cold+0x5/0xa [ 101.894214][ T6044] should_failslab+0xc2/0x120 [ 101.894262][ T6044] kmem_cache_alloc_noprof+0x83/0x780 [ 101.894297][ T6044] ? create_new_namespaces+0x30/0xab0 [ 101.894333][ T6044] ? create_new_namespaces+0x30/0xab0 [ 101.894362][ T6044] create_new_namespaces+0x30/0xab0 [ 101.894392][ T6044] ? bpf_lsm_capable+0x9/0x10 [ 101.894415][ T6044] ? security_capable+0x80/0x260 [ 101.894453][ T6044] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 101.894488][ T6044] ksys_unshare+0x455/0xab0 [ 101.894527][ T6044] ? __pfx_ksys_unshare+0x10/0x10 [ 101.894562][ T6044] ? xfd_validate_state+0x129/0x190 [ 101.894613][ T6044] __x64_sys_unshare+0x31/0x40 [ 101.894652][ T6044] do_syscall_64+0xc9/0xf80 [ 101.894692][ T6044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.894721][ T6044] RIP: 0033:0x7f0a48d9af79 [ 101.894746][ T6044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 101.894771][ T6044] RSP: 002b:00007f0a49bf5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 101.894800][ T6044] RAX: ffffffffffffffda RBX: 00007f0a49015fa0 RCX: 00007f0a48d9af79 [ 101.894820][ T6044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 101.894838][ T6044] RBP: 00007f0a48e316e0 R08: 0000000000000000 R09: 0000000000000000 [ 101.894855][ T6044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 101.894872][ T6044] R13: 00007f0a49016038 R14: 00007f0a49015fa0 R15: 00007fff85f9fc78 [ 101.894913][ T6044] [ 105.483899][ T6090] FAULT_INJECTION: forcing a failure. [ 105.483899][ T6090] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 105.520573][ T6090] CPU: 0 UID: 0 PID: 6090 Comm: syz.3.37 Tainted: G L syzkaller #0 PREEMPT(full) [ 105.520623][ T6090] Tainted: [L]=SOFTLOCKUP [ 105.520633][ T6090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 105.520651][ T6090] Call Trace: [ 105.520661][ T6090] [ 105.520672][ T6090] dump_stack_lvl+0x100/0x190 [ 105.520715][ T6090] should_fail_ex.cold+0x5/0xa [ 105.520758][ T6090] ? prepare_alloc_pages+0x16d/0x5f0 [ 105.520810][ T6090] should_fail_alloc_page+0xeb/0x140 [ 105.520856][ T6090] prepare_alloc_pages+0x1f0/0x5f0 [ 105.520903][ T6090] ? validate_mm+0x261/0x4e0 [ 105.520939][ T6090] __alloc_frozen_pages_noprof+0x193/0x2410 [ 105.520980][ T6090] ? validate_mm+0x392/0x4e0 [ 105.521019][ T6090] ? __pfx_validate_mm+0x10/0x10 [ 105.521059][ T6090] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 105.521112][ T6090] ? vma_wants_writenotify+0x10b/0x390 [ 105.521151][ T6090] ? __pfx_vma_wants_writenotify+0x10/0x10 [ 105.521203][ T6090] ? mas_ascend+0x53d/0xb30 [ 105.521238][ T6090] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 105.521274][ T6090] ? policy_nodemask+0xed/0x4f0 [ 105.521321][ T6090] alloc_pages_mpol+0x1fb/0x550 [ 105.521366][ T6090] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 105.521422][ T6090] alloc_pages_noprof+0x131/0x390 [ 105.521477][ T6090] __pmd_alloc+0x3b/0x9c0 [ 105.521535][ T6090] __handle_mm_fault+0xa99/0x2b50 [ 105.521576][ T6090] ? mt_find+0x45e/0x8e0 [ 105.521617][ T6090] ? __pfx___handle_mm_fault+0x10/0x10 [ 105.521649][ T6090] ? __pfx_mt_find+0x10/0x10 [ 105.521722][ T6090] handle_mm_fault+0x36d/0xa20 [ 105.521764][ T6090] __get_user_pages+0xf9c/0x34d0 [ 105.521827][ T6090] ? __pfx___get_user_pages+0x10/0x10 [ 105.521887][ T6090] populate_vma_page_range+0x267/0x3f0 [ 105.521939][ T6090] ? __pfx_populate_vma_page_range+0x10/0x10 [ 105.521987][ T6090] ? __pfx_find_vma_intersection+0x10/0x10 [ 105.522034][ T6090] ? do_mmap+0x93f/0x12f0 [ 105.522085][ T6090] __mm_populate+0x107/0x3a0 [ 105.522115][ T6090] ? __pfx___mm_populate+0x10/0x10 [ 105.522166][ T6090] ? up_write+0x290/0x4f0 [ 105.522215][ T6090] vm_mmap_pgoff+0x37f/0x470 [ 105.522266][ T6090] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 105.522311][ T6090] ? __pfx___might_resched+0x10/0x10 [ 105.522358][ T6090] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 105.522402][ T6090] ? __x64_sys_futex+0x34f/0x4d0 [ 105.522443][ T6090] ? __x64_sys_futex+0x358/0x4d0 [ 105.522499][ T6090] ksys_mmap_pgoff+0x7d/0x5b0 [ 105.522552][ T6090] __x64_sys_mmap+0x125/0x190 [ 105.522587][ T6090] do_syscall_64+0xc9/0xf80 [ 105.522628][ T6090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.522659][ T6090] RIP: 0033:0x7f9c9819af79 [ 105.522684][ T6090] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 105.522713][ T6090] RSP: 002b:00007f9c990aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 105.522742][ T6090] RAX: ffffffffffffffda RBX: 00007f9c98415fa0 RCX: 00007f9c9819af79 [ 105.522762][ T6090] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 105.522781][ T6090] RBP: 00007f9c982316e0 R08: 0000000000000002 R09: 0000000000008000 [ 105.522798][ T6090] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 105.522816][ T6090] R13: 00007f9c98416038 R14: 00007f9c98415fa0 R15: 00007ffd2a972918 [ 105.522858][ T6090] [ 106.332178][ T6078] : Can't lookup blockdev [ 106.736259][ T6110] netlink: 146 bytes leftover after parsing attributes in process `syz.0.42'. [ 107.882867][ T6131] netlink: 338 bytes leftover after parsing attributes in process `syz.3.47'. [ 107.928920][ T6131] bond_slave_0: entered allmulticast mode [ 108.332984][ T6142] netlink: 20 bytes leftover after parsing attributes in process `syz.3.48'. [ 109.198319][ T6150] netlink: 8 bytes leftover after parsing attributes in process `syz.2.51'. [ 111.081700][ T5829] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 112.014054][ T6216] netlink: 342 bytes leftover after parsing attributes in process `syz.0.65'. [ 113.169044][ T6237] futex_wake_op: syz.3.69 tries to shift op by -2048; fix this program [ 113.254442][ T6237] futex_wake_op: syz.3.69 tries to shift op by -2048; fix this program [ 115.015740][ T6250] kexec: Could not allocate control_code_buffer [ 115.136640][ T6276] netlink: 28 bytes leftover after parsing attributes in process `syz.3.77'. [ 115.965393][ T6289] FAULT_INJECTION: forcing a failure. [ 115.965393][ T6289] name failslab, interval 1, probability 0, space 0, times 0 [ 116.029542][ T6289] CPU: 0 UID: 0 PID: 6289 Comm: syz.0.79 Tainted: G L syzkaller #0 PREEMPT(full) [ 116.029574][ T6289] Tainted: [L]=SOFTLOCKUP [ 116.029581][ T6289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 116.029591][ T6289] Call Trace: [ 116.029597][ T6289] [ 116.029605][ T6289] dump_stack_lvl+0x100/0x190 [ 116.029631][ T6289] should_fail_ex.cold+0x5/0xa [ 116.029660][ T6289] should_failslab+0xc2/0x120 [ 116.029686][ T6289] kmem_cache_alloc_noprof+0x83/0x780 [ 116.029710][ T6289] ? __proc_create+0xc2/0x8c0 [ 116.029736][ T6289] ? __proc_create+0x2cb/0x8c0 [ 116.029766][ T6289] ? __proc_create+0x2cb/0x8c0 [ 116.029797][ T6289] __proc_create+0x2cb/0x8c0 [ 116.029840][ T6289] ? __pfx___proc_create+0x10/0x10 [ 116.029885][ T6289] ? _raw_write_unlock+0x28/0x50 [ 116.029905][ T6289] ? proc_register+0x559/0x8a0 [ 116.029924][ T6289] proc_create_reg+0x75/0x170 [ 116.029943][ T6289] proc_create_data+0x86/0x110 [ 116.029960][ T6289] ? __pfx_proc_create_data+0x10/0x10 [ 116.029977][ T6289] ? cache_register_net+0x137/0x5e0 [ 116.030003][ T6289] ? cache_register_net+0x137/0x5e0 [ 116.030033][ T6289] cache_register_net+0x25a/0x5e0 [ 116.030062][ T6289] ip_map_cache_create+0x8b/0x130 [ 116.030089][ T6289] ? __pfx_sunrpc_init_net+0x10/0x10 [ 116.030110][ T6289] sunrpc_init_net+0x55/0x190 [ 116.030132][ T6289] ops_init+0x1e2/0x5f0 [ 116.030165][ T6289] setup_net+0x118/0x3a0 [ 116.030182][ T6289] ? __pfx_setup_net+0x10/0x10 [ 116.030196][ T6289] ? lockdep_init_map_type+0x5c/0x250 [ 116.030222][ T6289] ? mutex_init_lockep+0x110/0x150 [ 116.030249][ T6289] copy_net_ns+0x46f/0x7c0 [ 116.030269][ T6289] create_new_namespaces+0x3ea/0xab0 [ 116.030294][ T6289] copy_namespaces+0x468/0x5e0 [ 116.030314][ T6289] copy_process+0x32d5/0x7890 [ 116.030348][ T6289] ? __pfx_copy_process+0x10/0x10 [ 116.030371][ T6289] ? find_held_lock+0x2b/0x80 [ 116.030397][ T6289] kernel_clone+0xfc/0x930 [ 116.030427][ T6289] ? __pfx_futex_wait+0x10/0x10 [ 116.030445][ T6289] ? __pfx_kernel_clone+0x10/0x10 [ 116.030482][ T6289] __do_sys_clone+0xd9/0x120 [ 116.030506][ T6289] ? __pfx___do_sys_clone+0x10/0x10 [ 116.030530][ T6289] ? __fget_files+0x21f/0x3d0 [ 116.030558][ T6289] ? xfd_validate_state+0x129/0x190 [ 116.030595][ T6289] do_syscall_64+0xc9/0xf80 [ 116.030618][ T6289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.030636][ T6289] RIP: 0033:0x7fca7bb9af79 [ 116.030651][ T6289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 116.030667][ T6289] RSP: 002b:00007fca7caa6fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 116.030685][ T6289] RAX: ffffffffffffffda RBX: 00007fca7be16090 RCX: 00007fca7bb9af79 [ 116.030696][ T6289] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 116.030706][ T6289] RBP: 00007fca7bc316e0 R08: 0000000000000000 R09: 0000000000000000 [ 116.030716][ T6289] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 116.030726][ T6289] R13: 00007fca7be16128 R14: 00007fca7be16090 R15: 00007ffffe7a9e48 [ 116.030748][ T6289] [ 117.102708][ T6312] FAULT_INJECTION: forcing a failure. [ 117.102708][ T6312] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 117.224447][ T6312] CPU: 0 UID: 0 PID: 6312 Comm: syz.0.86 Tainted: G L syzkaller #0 PREEMPT(full) [ 117.224493][ T6312] Tainted: [L]=SOFTLOCKUP [ 117.224503][ T6312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 117.224519][ T6312] Call Trace: [ 117.224534][ T6312] [ 117.224546][ T6312] dump_stack_lvl+0x100/0x190 [ 117.224586][ T6312] should_fail_ex.cold+0x5/0xa [ 117.224633][ T6312] _copy_from_user+0x2e/0xd0 [ 117.224679][ T6312] get_timespec64+0x8b/0x1b0 [ 117.224715][ T6312] ? __pfx_get_timespec64+0x10/0x10 [ 117.224747][ T6312] ? ktime_get+0x200/0x300 [ 117.224789][ T6312] __x64_sys_futex+0x21a/0x4d0 [ 117.224835][ T6312] ? __pfx___x64_sys_futex+0x10/0x10 [ 117.224873][ T6312] ? xfd_validate_state+0x129/0x190 [ 117.224931][ T6312] do_syscall_64+0xc9/0xf80 [ 117.224971][ T6312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.225000][ T6312] RIP: 0033:0x7fca7bb9af79 [ 117.225024][ T6312] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 117.225049][ T6312] RSP: 002b:00007ffffe7a9fa8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 117.225077][ T6312] RAX: ffffffffffffffda RBX: 000000000001c94c RCX: 00007fca7bb9af79 [ 117.225096][ T6312] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fca7be15fac [ 117.225112][ T6312] RBP: 0000000000000032 R08: 0000000000000000 R09: 0000000000000000 [ 117.225128][ T6312] R10: 00007ffffe7aa0b0 R11: 0000000000000246 R12: 00007ffffe7aa0d0 [ 117.225144][ T6312] R13: 00007fca7be15fac R14: 000000000001c97e R15: 00007ffffe7aa0b0 [ 117.225182][ T6312] [ 118.027715][ T6325] futex_wake_op: syz.2.89 tries to shift op by -2048; fix this program [ 118.279456][ T6332] __vm_enough_memory: pid: 6332, comm: syz.3.90, bytes: 4398046511104 not enough memory for the allocation [ 119.242570][ T6349] FAULT_INJECTION: forcing a failure. [ 119.242570][ T6349] name failslab, interval 1, probability 0, space 0, times 0 [ 119.267018][ T6349] CPU: 0 UID: 0 PID: 6349 Comm: syz.2.92 Tainted: G L syzkaller #0 PREEMPT(full) [ 119.267076][ T6349] Tainted: [L]=SOFTLOCKUP [ 119.267087][ T6349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 119.267104][ T6349] Call Trace: [ 119.267114][ T6349] [ 119.267126][ T6349] dump_stack_lvl+0x100/0x190 [ 119.267168][ T6349] should_fail_ex.cold+0x5/0xa [ 119.267219][ T6349] should_failslab+0xc2/0x120 [ 119.267262][ T6349] kmem_cache_alloc_noprof+0x83/0x780 [ 119.267303][ T6349] ? __kernfs_new_node+0xd2/0x960 [ 119.267352][ T6349] ? __kernfs_new_node+0xd2/0x960 [ 119.267391][ T6349] __kernfs_new_node+0xd2/0x960 [ 119.267438][ T6349] ? __pfx___kernfs_new_node+0x10/0x10 [ 119.267490][ T6349] ? find_held_lock+0x2b/0x80 [ 119.267520][ T6349] ? kernfs_root+0xee/0x2a0 [ 119.267558][ T6349] ? kernfs_root+0xee/0x2a0 [ 119.267608][ T6349] kernfs_new_node+0x11b/0x1a0 [ 119.267661][ T6349] __kernfs_create_file+0x53/0x350 [ 119.267699][ T6349] sysfs_add_file_mode_ns+0x207/0x3c0 [ 119.267753][ T6349] internal_create_group+0x593/0xf40 [ 119.267805][ T6349] ? __pfx_internal_create_group+0x10/0x10 [ 119.267854][ T6349] ? kernfs_create_link+0x1bd/0x240 [ 119.267894][ T6349] internal_create_groups+0x9d/0x150 [ 119.267940][ T6349] device_add+0x7c8/0x1950 [ 119.267986][ T6349] ? __pfx_device_add+0x10/0x10 [ 119.268025][ T6349] ? lockdep_init_map_type+0x5c/0x250 [ 119.268078][ T6349] ? __init_waitqueue_head+0xca/0x150 [ 119.268136][ T6349] netdev_register_kobject+0x1a9/0x3d0 [ 119.268175][ T6349] register_netdevice+0x12b3/0x21d0 [ 119.268207][ T6349] ? idr_alloc+0xdd/0x130 [ 119.268239][ T6349] ? __pfx_register_netdevice+0x10/0x10 [ 119.268264][ T6349] ? net_generic+0xea/0x2a0 [ 119.268307][ T6349] ppp_dev_configure+0x986/0xcb0 [ 119.268354][ T6349] ppp_ioctl+0x985/0x2800 [ 119.268395][ T6349] ? find_held_lock+0x2b/0x80 [ 119.268435][ T6349] ? __pfx_ppp_ioctl+0x10/0x10 [ 119.268479][ T6349] ? __fget_files+0x21f/0x3d0 [ 119.268519][ T6349] ? __pfx_ppp_ioctl+0x10/0x10 [ 119.268556][ T6349] __x64_sys_ioctl+0x18e/0x210 [ 119.268601][ T6349] do_syscall_64+0xc9/0xf80 [ 119.268636][ T6349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.268655][ T6349] RIP: 0033:0x7f0a48d9af79 [ 119.268671][ T6349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 119.268687][ T6349] RSP: 002b:00007f0a49bb3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 119.268705][ T6349] RAX: ffffffffffffffda RBX: 00007f0a49016180 RCX: 00007f0a48d9af79 [ 119.268716][ T6349] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 000000000000000d [ 119.268726][ T6349] RBP: 00007f0a48e316e0 R08: 0000000000000000 R09: 0000000000000000 [ 119.268736][ T6349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.268746][ T6349] R13: 00007f0a49016218 R14: 00007f0a49016180 R15: 00007fff85f9fc78 [ 119.268769][ T6349] [ 120.344777][ T6353] FAULT_INJECTION: forcing a failure. [ 120.344777][ T6353] name failslab, interval 1, probability 0, space 0, times 0 [ 120.416145][ T6353] CPU: 0 UID: 0 PID: 6353 Comm: syz.3.94 Tainted: G L syzkaller #0 PREEMPT(full) [ 120.416192][ T6353] Tainted: [L]=SOFTLOCKUP [ 120.416202][ T6353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 120.416218][ T6353] Call Trace: [ 120.416224][ T6353] [ 120.416231][ T6353] dump_stack_lvl+0x100/0x190 [ 120.416257][ T6353] should_fail_ex.cold+0x5/0xa [ 120.416286][ T6353] should_failslab+0xc2/0x120 [ 120.416312][ T6353] kmem_cache_alloc_noprof+0x83/0x780 [ 120.416336][ T6353] ? __pfx_map_id_range_down+0x10/0x10 [ 120.416356][ T6353] ? security_inode_alloc+0x3b/0x2c0 [ 120.416385][ T6353] ? security_inode_alloc+0x3b/0x2c0 [ 120.416407][ T6353] security_inode_alloc+0x3b/0x2c0 [ 120.416432][ T6353] inode_init_always_gfp+0xced/0x1040 [ 120.416458][ T6353] alloc_inode+0x8e/0x250 [ 120.416484][ T6353] sock_alloc+0x44/0x280 [ 120.416500][ T6353] ? security_socket_create+0x7f/0x250 [ 120.416523][ T6353] __sock_create+0xc2/0x860 [ 120.416547][ T6353] __sys_socket+0x14d/0x260 [ 120.416568][ T6353] ? __pfx___sys_socket+0x10/0x10 [ 120.416590][ T6353] ? do_user_addr_fault+0x8d6/0x12f0 [ 120.416613][ T6353] __x64_sys_socket+0x72/0xb0 [ 120.416633][ T6353] ? lockdep_hardirqs_on+0x78/0x100 [ 120.416654][ T6353] do_syscall_64+0xc9/0xf80 [ 120.416677][ T6353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.416695][ T6353] RIP: 0033:0x7f9c9819c807 [ 120.416710][ T6353] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 120.416726][ T6353] RSP: 002b:00007f9c990a8f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 120.416744][ T6353] RAX: ffffffffffffffda RBX: 00007f9c98415fa0 RCX: 00007f9c9819c807 [ 120.416755][ T6353] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 120.416765][ T6353] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 120.416775][ T6353] R10: 00002000000000c0 R11: 0000000000000286 R12: 0000000000000000 [ 120.416786][ T6353] R13: 00007f9c98416038 R14: 00007f9c98415fa0 R15: 00007ffd2a972918 [ 120.416810][ T6353] [ 120.418567][ T6353] socket: no more sockets [ 120.601118][ T6355] zswap: compressor not available [ 120.974319][ T6353] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 120.980815][ T6353] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 121.006330][ T6353] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 121.025256][ T6353] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.040651][ T6353] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 121.102774][ T6353] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 121.142526][ T6353] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 121.169434][ T6353] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 121.183251][ T6353] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 121.221723][ T6353] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 121.250681][ T6353] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.284646][ T6353] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 121.319570][ T6353] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 121.722701][ T6382] ptp ptp0: only physical clock in use now [ 122.096870][ T6390] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 122.934197][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.084365][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 123.244296][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.327263][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 124.015351][ T6422] tipc: Started in network mode [ 124.039222][ T6422] tipc: Node identity ffffffff, cluster identity 4711 [ 124.047348][ T6422] tipc: Node number set to 4294967295 [ 124.122790][ T6431] FAULT_INJECTION: forcing a failure. [ 124.122790][ T6431] name failslab, interval 1, probability 0, space 0, times 0 [ 124.190370][ T6431] CPU: 0 UID: 0 PID: 6431 Comm: syz.1.110 Tainted: G L syzkaller #0 PREEMPT(full) [ 124.190415][ T6431] Tainted: [L]=SOFTLOCKUP [ 124.190425][ T6431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 124.190441][ T6431] Call Trace: [ 124.190450][ T6431] [ 124.190460][ T6431] dump_stack_lvl+0x100/0x190 [ 124.190502][ T6431] should_fail_ex.cold+0x5/0xa [ 124.190548][ T6431] should_failslab+0xc2/0x120 [ 124.190589][ T6431] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 124.190627][ T6431] ? lockdep_init_map_type+0x5c/0x250 [ 124.190667][ T6431] ? __d_alloc+0x34/0xa80 [ 124.190708][ T6431] ? __d_alloc+0x34/0xa80 [ 124.190741][ T6431] __d_alloc+0x34/0xa80 [ 124.190781][ T6431] d_alloc_pseudo+0x1c/0xc0 [ 124.190807][ T6431] alloc_file_pseudo+0xcf/0x230 [ 124.190851][ T6431] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 124.190894][ T6431] ? alloc_fd+0x476/0x790 [ 124.190933][ T6431] sock_alloc_file+0x50/0x210 [ 124.190979][ T6431] __sys_socket+0x1c0/0x260 [ 124.191011][ T6431] ? fput+0x79/0x100 [ 124.191048][ T6431] ? __pfx___sys_socket+0x10/0x10 [ 124.191080][ T6431] ? ksys_write+0x1ac/0x250 [ 124.191112][ T6431] ? __pfx_ksys_write+0x10/0x10 [ 124.191153][ T6431] __x64_sys_socket+0x72/0xb0 [ 124.191185][ T6431] ? lockdep_hardirqs_on+0x78/0x100 [ 124.191217][ T6431] do_syscall_64+0xc9/0xf80 [ 124.191264][ T6431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.191292][ T6431] RIP: 0033:0x7f5ef919af79 [ 124.191315][ T6431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 124.191341][ T6431] RSP: 002b:00007f5efa11a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 124.191370][ T6431] RAX: ffffffffffffffda RBX: 00007f5ef9415fa0 RCX: 00007f5ef919af79 [ 124.191388][ T6431] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 124.191404][ T6431] RBP: 00007f5ef92316e0 R08: 0000000000000000 R09: 0000000000000000 [ 124.191421][ T6431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.191438][ T6431] R13: 00007f5ef9416038 R14: 00007f5ef9415fa0 R15: 00007fffbd25d2b8 [ 124.191477][ T6431] [ 125.037045][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 125.172078][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 125.334079][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 125.415177][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.023237][ T6470] netlink: 28 bytes leftover after parsing attributes in process `syz.1.116'. [ 126.107096][ T6470] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.267549][ T6470] bridge_slave_1 (unregistering): left allmulticast mode [ 126.302954][ T6470] bridge_slave_1 (unregistering): left promiscuous mode [ 126.335086][ T6470] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.815730][ T6490] bridge0: port 3(hsr0) entered blocking state [ 126.826301][ T6490] bridge0: port 3(hsr0) entered disabled state [ 126.832607][ T6490] hsr0: entered allmulticast mode [ 126.850465][ T6490] hsr_slave_0: entered allmulticast mode [ 126.867613][ T6490] hsr_slave_1: entered allmulticast mode [ 126.886818][ T6490] hsr0: entered promiscuous mode [ 126.902620][ T6490] bridge0: port 3(hsr0) entered blocking state [ 126.908936][ T6490] bridge0: port 3(hsr0) entered forwarding state [ 127.031833][ T6496] process 'syz.0.119' launched './file0' with NULL argv: empty string added [ 127.084489][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 127.142806][ T6500] netlink: 330 bytes leftover after parsing attributes in process `syz.2.121'. [ 127.251394][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 127.404463][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 127.485019][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 128.615197][ T6533] netlink: 24 bytes leftover after parsing attributes in process `syz.3.127'. [ 128.625534][ T6532] netlink: 24 bytes leftover after parsing attributes in process `syz.3.127'. [ 129.182229][ T6542] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 129.200170][ T6542] FAULT_INJECTION: forcing a failure. [ 129.200170][ T6542] name failslab, interval 1, probability 0, space 0, times 0 [ 129.268013][ T6542] CPU: 0 UID: 0 PID: 6542 Comm: syz.3.129 Tainted: G L syzkaller #0 PREEMPT(full) [ 129.268059][ T6542] Tainted: [L]=SOFTLOCKUP [ 129.268068][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 129.268084][ T6542] Call Trace: [ 129.268094][ T6542] [ 129.268105][ T6542] dump_stack_lvl+0x100/0x190 [ 129.268147][ T6542] should_fail_ex.cold+0x5/0xa [ 129.268202][ T6542] should_failslab+0xc2/0x120 [ 129.268243][ T6542] ? __register_sysctl_table+0xac/0x1650 [ 129.268287][ T6542] __kmalloc_noprof+0xf6/0x9c0 [ 129.268327][ T6542] ? __register_sysctl_table+0xac/0x1650 [ 129.268369][ T6542] __register_sysctl_table+0xac/0x1650 [ 129.268414][ T6542] ? rcu_is_watching+0x12/0xc0 [ 129.268447][ T6542] ? __pfx___register_sysctl_table+0x10/0x10 [ 129.268488][ T6542] ? register_pidns_sysctls+0x4b/0x1c0 [ 129.268534][ T6542] ? __asan_memcpy+0x3c/0x60 [ 129.268567][ T6542] register_pidns_sysctls+0x120/0x1c0 [ 129.268609][ T6542] ? __ns_common_init+0x295/0x4b0 [ 129.268646][ T6542] copy_pid_ns+0x67a/0x1090 [ 129.268682][ T6542] ? __memcg_slab_post_alloc_hook+0x473/0x880 [ 129.268725][ T6542] ? __pfx_copy_pid_ns+0x10/0x10 [ 129.268767][ T6542] ? copy_mnt_ns+0x10b/0xc40 [ 129.268802][ T6542] ? kmem_cache_alloc_noprof+0x2ff/0x780 [ 129.268840][ T6542] ? create_new_namespaces+0x30/0xab0 [ 129.268880][ T6542] create_new_namespaces+0x2aa/0xab0 [ 129.268921][ T6542] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 129.268966][ T6542] ksys_unshare+0x455/0xab0 [ 129.269007][ T6542] ? __pfx_ksys_unshare+0x10/0x10 [ 129.269047][ T6542] ? xfd_validate_state+0x129/0x190 [ 129.269101][ T6542] __x64_sys_unshare+0x31/0x40 [ 129.269140][ T6542] do_syscall_64+0xc9/0xf80 [ 129.269186][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.269214][ T6542] RIP: 0033:0x7f9c9819af79 [ 129.269237][ T6542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 129.269262][ T6542] RSP: 002b:00007f9c990aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 129.269291][ T6542] RAX: ffffffffffffffda RBX: 00007f9c98415fa0 RCX: 00007f9c9819af79 [ 129.269309][ T6542] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 129.269326][ T6542] RBP: 00007f9c982316e0 R08: 0000000000000000 R09: 0000000000000000 [ 129.269342][ T6542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.269358][ T6542] R13: 00007f9c98416038 R14: 00007f9c98415fa0 R15: 00007ffd2a972918 [ 129.269397][ T6542] [ 129.325187][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 131.886741][ T6613] FAULT_INJECTION: forcing a failure. [ 131.886741][ T6613] name failslab, interval 1, probability 0, space 0, times 0 [ 131.930930][ T6613] CPU: 1 UID: 0 PID: 6613 Comm: syz.3.141 Tainted: G L syzkaller #0 PREEMPT(full) [ 131.930976][ T6613] Tainted: [L]=SOFTLOCKUP [ 131.930986][ T6613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 131.931002][ T6613] Call Trace: [ 131.931012][ T6613] [ 131.931023][ T6613] dump_stack_lvl+0x100/0x190 [ 131.931064][ T6613] should_fail_ex.cold+0x5/0xa [ 131.931119][ T6613] should_failslab+0xc2/0x120 [ 131.931162][ T6613] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 131.931203][ T6613] ? __alloc_skb+0x156/0x410 [ 131.931239][ T6613] ? __alloc_skb+0x35d/0x410 [ 131.931282][ T6613] ? __alloc_skb+0x156/0x410 [ 131.931318][ T6613] __alloc_skb+0x156/0x410 [ 131.931354][ T6613] ? __alloc_skb+0x35d/0x410 [ 131.931391][ T6613] ? __pfx___alloc_skb+0x10/0x10 [ 131.931433][ T6613] ? __pfx___might_resched+0x10/0x10 [ 131.931477][ T6613] ? __lock_acquire+0x4a5/0x2630 [ 131.931521][ T6613] netlink_alloc_large_skb+0x69/0x150 [ 131.931570][ T6613] netlink_sendmsg+0x680/0xda0 [ 131.931622][ T6613] ? __pfx_netlink_sendmsg+0x10/0x10 [ 131.931664][ T6613] ? __import_iovec+0x1d2/0x640 [ 131.931713][ T6613] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 131.931757][ T6613] ____sys_sendmsg+0xa54/0xc30 [ 131.931793][ T6613] ? __pfx_____sys_sendmsg+0x10/0x10 [ 131.931830][ T6613] ? _kstrtoull+0x13c/0x1f0 [ 131.931861][ T6613] ? __pfx__kstrtoull+0x10/0x10 [ 131.931903][ T6613] ___sys_sendmsg+0x190/0x1e0 [ 131.931940][ T6613] ? __pfx____sys_sendmsg+0x10/0x10 [ 131.932011][ T6613] ? __pfx___might_resched+0x10/0x10 [ 131.932063][ T6613] __sys_sendmmsg+0x205/0x430 [ 131.932120][ T6613] ? __pfx___sys_sendmmsg+0x10/0x10 [ 131.932174][ T6613] ? __fget_files+0x215/0x3d0 [ 131.932206][ T6613] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 131.932259][ T6613] ? fput+0x79/0x100 [ 131.932299][ T6613] ? ksys_write+0x1ac/0x250 [ 131.932331][ T6613] ? __pfx_ksys_write+0x10/0x10 [ 131.932371][ T6613] __x64_sys_sendmmsg+0x9c/0x100 [ 131.932413][ T6613] ? lockdep_hardirqs_on+0x78/0x100 [ 131.932447][ T6613] do_syscall_64+0xc9/0xf80 [ 131.932485][ T6613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.932514][ T6613] RIP: 0033:0x7f9c9819af79 [ 131.932538][ T6613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 131.932563][ T6613] RSP: 002b:00007f9c990aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 131.932591][ T6613] RAX: ffffffffffffffda RBX: 00007f9c98415fa0 RCX: 00007f9c9819af79 [ 131.932609][ T6613] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 131.932626][ T6613] RBP: 00007f9c990aa090 R08: 0000000000000000 R09: 0000000000000000 [ 131.932642][ T6613] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 131.932658][ T6613] R13: 00007f9c98416038 R14: 00007f9c98415fa0 R15: 00007ffd2a972918 [ 131.932698][ T6613] [ 132.910165][ T6626] mmap: syz.3.145 (6626) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 133.006221][ T6631] FAULT_INJECTION: forcing a failure. [ 133.006221][ T6631] name fail_futex, interval 1, probability 0, space 0, times 1 [ 133.035015][ T6631] CPU: 1 UID: 0 PID: 6631 Comm: syz.0.139 Tainted: G L syzkaller #0 PREEMPT(full) [ 133.035065][ T6631] Tainted: [L]=SOFTLOCKUP [ 133.035076][ T6631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 133.035094][ T6631] Call Trace: [ 133.035105][ T6631] [ 133.035115][ T6631] dump_stack_lvl+0x100/0x190 [ 133.035157][ T6631] should_fail_ex.cold+0x5/0xa [ 133.035208][ T6631] get_futex_key+0x1d2/0x1620 [ 133.035255][ T6631] ? __pfx_get_futex_key+0x10/0x10 [ 133.035290][ T6631] ? find_held_lock+0x2b/0x80 [ 133.035321][ T6631] ? futex_wake+0x456/0x530 [ 133.035384][ T6631] futex_wake+0xea/0x530 [ 133.035433][ T6631] ? __pfx_futex_wait+0x10/0x10 [ 133.035462][ T6631] ? __pfx_futex_wake+0x10/0x10 [ 133.035516][ T6631] ? ksys_write+0x190/0x250 [ 133.035550][ T6631] ? ksys_write+0x190/0x250 [ 133.035592][ T6631] do_futex+0x32b/0x350 [ 133.035636][ T6631] ? __pfx_do_futex+0x10/0x10 [ 133.035679][ T6631] ? cap_task_prctl+0x104/0xa50 [ 133.035720][ T6631] ? __pfx_sched_core_share_pid+0x10/0x10 [ 133.035761][ T6631] __x64_sys_futex+0x34f/0x4d0 [ 133.035810][ T6631] ? __pfx___x64_sys_futex+0x10/0x10 [ 133.035862][ T6631] ? __pfx___do_sys_prctl+0x10/0x10 [ 133.035924][ T6631] do_syscall_64+0xc9/0xf80 [ 133.035966][ T6631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.035998][ T6631] RIP: 0033:0x7fca7bb9af79 [ 133.036024][ T6631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 133.036053][ T6631] RSP: 002b:00007fca7caa70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 133.036083][ T6631] RAX: ffffffffffffffda RBX: 00007fca7be16098 RCX: 00007fca7bb9af79 [ 133.036102][ T6631] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fca7be1609c [ 133.036118][ T6631] RBP: 00007fca7be16090 R08: 0000000000000000 R09: 0000000000000000 [ 133.036136][ T6631] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 133.036154][ T6631] R13: 00007fca7be16128 R14: 00007ffffe7a9d60 R15: 00007ffffe7a9e48 [ 133.036195][ T6631] [ 133.865946][ T6645] netlink: 8 bytes leftover after parsing attributes in process `syz.1.147'. [ 133.931559][ T6645] netlink: 342 bytes leftover after parsing attributes in process `syz.1.147'. [ 134.415392][ T6663] ptp ptp0: only physical clock in use now [ 134.429336][ T6663] FAULT_INJECTION: forcing a failure. [ 134.429336][ T6663] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 134.443379][ T6663] CPU: 0 UID: 0 PID: 6663 Comm: syz.1.151 Tainted: G L syzkaller #0 PREEMPT(full) [ 134.443414][ T6663] Tainted: [L]=SOFTLOCKUP [ 134.443421][ T6663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 134.443431][ T6663] Call Trace: [ 134.443437][ T6663] [ 134.443444][ T6663] dump_stack_lvl+0x100/0x190 [ 134.443471][ T6663] should_fail_ex.cold+0x5/0xa [ 134.443496][ T6663] ? prepare_alloc_pages+0x16d/0x5f0 [ 134.443525][ T6663] should_fail_alloc_page+0xeb/0x140 [ 134.443552][ T6663] prepare_alloc_pages+0x1f0/0x5f0 [ 134.443581][ T6663] ? validate_mm+0x261/0x4e0 [ 134.443602][ T6663] __alloc_frozen_pages_noprof+0x193/0x2410 [ 134.443625][ T6663] ? validate_mm+0x392/0x4e0 [ 134.443646][ T6663] ? __pfx_validate_mm+0x10/0x10 [ 134.443669][ T6663] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 134.443692][ T6663] ? vma_wants_writenotify+0x10b/0x390 [ 134.443714][ T6663] ? __pfx_vma_wants_writenotify+0x10/0x10 [ 134.443742][ T6663] ? mas_ascend+0x53d/0xb30 [ 134.443763][ T6663] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 134.443784][ T6663] ? policy_nodemask+0xed/0x4f0 [ 134.443810][ T6663] alloc_pages_mpol+0x1fb/0x550 [ 134.443837][ T6663] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 134.443871][ T6663] alloc_pages_noprof+0x131/0x390 [ 134.443897][ T6663] __pmd_alloc+0x3b/0x9c0 [ 134.443927][ T6663] __handle_mm_fault+0xa99/0x2b50 [ 134.443950][ T6663] ? mt_find+0x45e/0x8e0 [ 134.443973][ T6663] ? __pfx___handle_mm_fault+0x10/0x10 [ 134.443991][ T6663] ? __pfx_mt_find+0x10/0x10 [ 134.444030][ T6663] handle_mm_fault+0x36d/0xa20 [ 134.444059][ T6663] __get_user_pages+0xf9c/0x34d0 [ 134.444095][ T6663] ? __pfx___get_user_pages+0x10/0x10 [ 134.444151][ T6663] populate_vma_page_range+0x267/0x3f0 [ 134.444200][ T6663] ? __pfx_populate_vma_page_range+0x10/0x10 [ 134.444249][ T6663] ? __pfx_find_vma_intersection+0x10/0x10 [ 134.444297][ T6663] ? do_mmap+0x93f/0x12f0 [ 134.444348][ T6663] __mm_populate+0x107/0x3a0 [ 134.444377][ T6663] ? __pfx___mm_populate+0x10/0x10 [ 134.444427][ T6663] ? up_write+0x290/0x4f0 [ 134.444472][ T6663] vm_mmap_pgoff+0x37f/0x470 [ 134.444501][ T6663] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 134.444533][ T6663] ? __x64_sys_futex+0x34f/0x4d0 [ 134.444556][ T6663] ? __x64_sys_futex+0x358/0x4d0 [ 134.444583][ T6663] ksys_mmap_pgoff+0x7d/0x5b0 [ 134.444612][ T6663] __x64_sys_mmap+0x125/0x190 [ 134.444632][ T6663] do_syscall_64+0xc9/0xf80 [ 134.444655][ T6663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.444673][ T6663] RIP: 0033:0x7f5ef919af79 [ 134.444688][ T6663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 134.444705][ T6663] RSP: 002b:00007f5efa0f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 134.444723][ T6663] RAX: ffffffffffffffda RBX: 00007f5ef9416090 RCX: 00007f5ef919af79 [ 134.444734][ T6663] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 134.444745][ T6663] RBP: 00007f5ef92316e0 R08: 0000000000000002 R09: 0000000000008000 [ 134.444756][ T6663] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 134.444770][ T6663] R13: 00007f5ef9416128 R14: 00007f5ef9416090 R15: 00007fffbd25d2b8 [ 134.444792][ T6663] [ 134.762788][ T6624] syz.2.143 (6624) used greatest stack depth: 19248 bytes left [ 135.183779][ T6667] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 135.275670][ T6669] netlink: 186 bytes leftover after parsing attributes in process `syz.3.153'. [ 135.685417][ T5834] Bluetooth: hci2: Malformed LE Event: 0x0b [ 135.818724][ T30] audit: type=1800 audit(1770659111.753:2): pid=6681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.156" name="dbroot" dev="configfs" ino=11879 res=0 errno=0 [ 135.847888][ T6682] Invalid ELF header magic: != ELF [ 136.735781][ T6705] binder: 6700:6705 ioctl c018620c 0 returned -1 [ 136.959553][ T30] audit: type=1326 audit(1770659112.893:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6707 comm="syz.1.163" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5ef919af79 code=0x0 [ 137.386085][ T6714] FAULT_INJECTION: forcing a failure. [ 137.386085][ T6714] name failslab, interval 1, probability 0, space 0, times 0 [ 137.406249][ T6714] CPU: 0 UID: 0 PID: 6714 Comm: syz.0.164 Tainted: G L syzkaller #0 PREEMPT(full) [ 137.406278][ T6714] Tainted: [L]=SOFTLOCKUP [ 137.406284][ T6714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 137.406294][ T6714] Call Trace: [ 137.406300][ T6714] [ 137.406306][ T6714] dump_stack_lvl+0x100/0x190 [ 137.406331][ T6714] should_fail_ex.cold+0x5/0xa [ 137.406360][ T6714] should_failslab+0xc2/0x120 [ 137.406385][ T6714] ? kstrdup_quotable+0xc2/0x190 [ 137.406402][ T6714] __kmalloc_noprof+0xf6/0x9c0 [ 137.406419][ T6714] ? string_escape_mem+0x746/0xe00 [ 137.406441][ T6714] ? kstrdup_quotable+0xc2/0x190 [ 137.406456][ T6714] kstrdup_quotable+0xc2/0x190 [ 137.406474][ T6714] ? __pfx_kstrdup_quotable+0x10/0x10 [ 137.406493][ T6714] ? get_cmdline+0x86/0x360 [ 137.406522][ T6714] kstrdup_quotable_cmdline+0x127/0x210 [ 137.406543][ T6714] __report_access+0x77/0x230 [ 137.406559][ T6714] ? _raw_spin_unlock_irq+0x23/0x50 [ 137.406580][ T6714] task_work_run+0x150/0x240 [ 137.406607][ T6714] ? __pfx_task_work_run+0x10/0x10 [ 137.406634][ T6714] ? xfd_validate_state+0x129/0x190 [ 137.406665][ T6714] exit_to_user_mode_loop+0x100/0x4b0 [ 137.406690][ T6714] ? rcu_is_watching+0x12/0xc0 [ 137.406708][ T6714] do_syscall_64+0x4ea/0xf80 [ 137.406730][ T6714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.406748][ T6714] RIP: 0033:0x7fca7bb9af79 [ 137.406762][ T6714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 137.406777][ T6714] RSP: 002b:00007fca7caa7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 137.406795][ T6714] RAX: ffffffffffffffff RBX: 00007fca7be16090 RCX: 00007fca7bb9af79 [ 137.406805][ T6714] RDX: 0000000000000003 RSI: 0000200000002980 RDI: 0000000000000001 [ 137.406815][ T6714] RBP: 00007fca7bc316e0 R08: 0000000000000004 R09: 0000000000000000 [ 137.406825][ T6714] R10: 0000200000002a40 R11: 0000000000000246 R12: 0000000000000000 [ 137.406838][ T6714] R13: 00007fca7be16128 R14: 00007fca7be16090 R15: 00007ffffe7a9e48 [ 137.406860][ T6714] [ 137.406984][ T6714] ptrace attach of "./syz-executor exec"[5827] was attempted by "(null)"[6714] [ 138.063377][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.070473][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.797492][ T6747] syz.0.169 uses obsolete (PF_INET,SOCK_PACKET) [ 139.448428][ T6751] FAULT_INJECTION: forcing a failure. [ 139.448428][ T6751] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.525027][ T6751] CPU: 0 UID: 0 PID: 6751 Comm: syz.2.170 Tainted: G L syzkaller #0 PREEMPT(full) [ 139.525068][ T6751] Tainted: [L]=SOFTLOCKUP [ 139.525087][ T6751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 139.525102][ T6751] Call Trace: [ 139.525111][ T6751] [ 139.525121][ T6751] dump_stack_lvl+0x100/0x190 [ 139.525163][ T6751] should_fail_ex.cold+0x5/0xa [ 139.525206][ T6751] _copy_from_iter+0x1f4/0x1690 [ 139.525251][ T6751] ? __alloc_skb+0x220/0x410 [ 139.525285][ T6751] ? __alloc_skb+0x35d/0x410 [ 139.525321][ T6751] ? __pfx__copy_from_iter+0x10/0x10 [ 139.525373][ T6751] ? __pfx___might_resched+0x10/0x10 [ 139.525410][ T6751] ? __lock_acquire+0x4a5/0x2630 [ 139.525453][ T6751] netlink_sendmsg+0x808/0xda0 [ 139.525498][ T6751] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.525533][ T6751] ? __import_iovec+0x1d2/0x640 [ 139.525573][ T6751] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 139.525611][ T6751] ____sys_sendmsg+0xa54/0xc30 [ 139.525642][ T6751] ? __pfx_____sys_sendmsg+0x10/0x10 [ 139.525675][ T6751] ? _kstrtoull+0x13c/0x1f0 [ 139.525702][ T6751] ? __pfx__kstrtoull+0x10/0x10 [ 139.525736][ T6751] ___sys_sendmsg+0x190/0x1e0 [ 139.525768][ T6751] ? __pfx____sys_sendmsg+0x10/0x10 [ 139.525832][ T6751] ? __pfx___might_resched+0x10/0x10 [ 139.525876][ T6751] __sys_sendmmsg+0x205/0x430 [ 139.525915][ T6751] ? __pfx___sys_sendmmsg+0x10/0x10 [ 139.525959][ T6751] ? __fget_files+0x215/0x3d0 [ 139.525985][ T6751] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 139.526031][ T6751] ? fput+0x79/0x100 [ 139.526063][ T6751] ? ksys_write+0x1ac/0x250 [ 139.526100][ T6751] ? __pfx_ksys_write+0x10/0x10 [ 139.526133][ T6751] __x64_sys_sendmmsg+0x9c/0x100 [ 139.526167][ T6751] ? lockdep_hardirqs_on+0x78/0x100 [ 139.526195][ T6751] do_syscall_64+0xc9/0xf80 [ 139.526227][ T6751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.526251][ T6751] RIP: 0033:0x7f0a48d9af79 [ 139.526272][ T6751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 139.526294][ T6751] RSP: 002b:00007f0a49bf5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 139.526319][ T6751] RAX: ffffffffffffffda RBX: 00007f0a49015fa0 RCX: 00007f0a48d9af79 [ 139.526335][ T6751] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 139.526350][ T6751] RBP: 00007f0a49bf5090 R08: 0000000000000000 R09: 0000000000000000 [ 139.526373][ T6751] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 139.526387][ T6751] R13: 00007f0a49016038 R14: 00007f0a49015fa0 R15: 00007fff85f9fc78 [ 139.526422][ T6751] [ 140.107086][ T5834] Bluetooth: hci0: ACL packet too small [ 141.038112][ T6781] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 141.183172][ T6777] netlink: 28 bytes leftover after parsing attributes in process `syz.1.177'. [ 141.183432][ T6784] netlink: 28 bytes leftover after parsing attributes in process `syz.1.177'. [ 141.266960][ T6784] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.439419][ T6789] hub 1-0:1.0: USB hub found [ 141.467922][ T6789] hub 1-0:1.0: 1 port detected [ 141.526733][ T6784] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 142.488978][ T6815] syz.2.185 (6815): drop_caches: 0 [ 142.521863][ T30] audit: type=1326 audit(1770659118.453:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6814 comm="syz.2.185" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0a48d9af79 code=0x0 [ 143.819479][ T6835] FAULT_INJECTION: forcing a failure. [ 143.819479][ T6835] name failslab, interval 1, probability 0, space 0, times 0 [ 143.832423][ T6835] CPU: 1 UID: 0 PID: 6835 Comm: syz.0.189 Tainted: G L syzkaller #0 PREEMPT(full) [ 143.832452][ T6835] Tainted: [L]=SOFTLOCKUP [ 143.832459][ T6835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 143.832469][ T6835] Call Trace: [ 143.832475][ T6835] [ 143.832482][ T6835] dump_stack_lvl+0x100/0x190 [ 143.832507][ T6835] should_fail_ex.cold+0x5/0xa [ 143.832535][ T6835] should_failslab+0xc2/0x120 [ 143.832561][ T6835] kmem_cache_alloc_noprof+0x83/0x780 [ 143.832586][ T6835] ? __kernfs_new_node+0xd2/0x960 [ 143.832614][ T6835] ? __kernfs_new_node+0xd2/0x960 [ 143.832637][ T6835] __kernfs_new_node+0xd2/0x960 [ 143.832664][ T6835] ? __pfx___kernfs_new_node+0x10/0x10 [ 143.832694][ T6835] ? find_held_lock+0x2b/0x80 [ 143.832711][ T6835] ? kernfs_root+0xee/0x2a0 [ 143.832734][ T6835] ? kernfs_root+0xee/0x2a0 [ 143.832763][ T6835] kernfs_new_node+0x11b/0x1a0 [ 143.832793][ T6835] kernfs_create_dir_ns+0x4c/0x1a0 [ 143.832812][ T6835] cgroup_mkdir+0x3be/0x12d0 [ 143.832834][ T6835] ? __pfx_cgroup_mkdir+0x10/0x10 [ 143.832852][ T6835] kernfs_iop_mkdir+0x111/0x190 [ 143.832878][ T6835] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 143.832901][ T6835] vfs_mkdir+0x729/0xb50 [ 143.832933][ T6835] do_mkdirat+0x435/0x590 [ 143.832956][ T6835] ? __pfx_do_mkdirat+0x10/0x10 [ 143.832977][ T6835] ? strncpy_from_user+0x19d/0x2d0 [ 143.833005][ T6835] ? getname_flags.part.0+0x1c5/0x540 [ 143.833043][ T6835] __x64_sys_mkdir+0xef/0x140 [ 143.833066][ T6835] do_syscall_64+0xc9/0xf80 [ 143.833090][ T6835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.833110][ T6835] RIP: 0033:0x7fca7bb9af79 [ 143.833125][ T6835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 143.833142][ T6835] RSP: 002b:00007fca7cac8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 143.833160][ T6835] RAX: ffffffffffffffda RBX: 00007fca7be15fa0 RCX: 00007fca7bb9af79 [ 143.833171][ T6835] RDX: 0000000000000000 RSI: 00000000000007ff RDI: 0000200000000000 [ 143.833181][ T6835] RBP: 00007fca7bc316e0 R08: 0000000000000000 R09: 0000000000000000 [ 143.833191][ T6835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.833201][ T6835] R13: 00007fca7be16038 R14: 00007fca7be15fa0 R15: 00007ffffe7a9e48 [ 143.833224][ T6835] [ 144.482585][ T6855] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 145.470735][ T6883] netlink: 32 bytes leftover after parsing attributes in process `syz.1.199'. [ 145.749717][ T6888] capability: warning: `syz.2.200' uses 32-bit capabilities (legacy support in use) [ 146.332286][ T6903] netlink: 28 bytes leftover after parsing attributes in process `syz.1.202'. [ 148.024473][ T981] Process accounting resumed [ 148.753013][ T6945] Process accounting resumed [ 148.832621][ T6961] hub 1-0:1.0: USB hub found [ 148.838470][ T6961] hub 1-0:1.0: 1 port detected [ 149.525307][ T6988] netlink: 28 bytes leftover after parsing attributes in process `syz.0.218'. [ 149.556435][ T6988] FAULT_INJECTION: forcing a failure. [ 149.556435][ T6988] name failslab, interval 1, probability 0, space 0, times 0 [ 149.605061][ T6988] CPU: 0 UID: 0 PID: 6988 Comm: syz.0.218 Tainted: G L syzkaller #0 PREEMPT(full) [ 149.605102][ T6988] Tainted: [L]=SOFTLOCKUP [ 149.605109][ T6988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 149.605119][ T6988] Call Trace: [ 149.605125][ T6988] [ 149.605132][ T6988] dump_stack_lvl+0x100/0x190 [ 149.605158][ T6988] should_fail_ex.cold+0x5/0xa [ 149.605186][ T6988] should_failslab+0xc2/0x120 [ 149.605211][ T6988] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 149.605237][ T6988] ? __alloc_skb+0x156/0x410 [ 149.605265][ T6988] ? __alloc_skb+0x156/0x410 [ 149.605286][ T6988] __alloc_skb+0x156/0x410 [ 149.605308][ T6988] ? __alloc_skb+0x35d/0x410 [ 149.605330][ T6988] ? __pfx___alloc_skb+0x10/0x10 [ 149.605354][ T6988] ? rtnl_prop_list_size+0x144/0x2c0 [ 149.605381][ T6988] ? if_nlmsg_size+0x4a4/0xb30 [ 149.605410][ T6988] rtmsg_ifinfo_build_skb+0x81/0x260 [ 149.605431][ T6988] rtmsg_ifinfo+0xa4/0x1b0 [ 149.605452][ T6988] netif_close_many+0x2fc/0x630 [ 149.605473][ T6988] ? __pfx_netif_close_many+0x10/0x10 [ 149.605493][ T6988] ? netif_close_many_and_unlock+0x1af/0x270 [ 149.605517][ T6988] unregister_netdevice_many_notify+0x840/0x2580 [ 149.605554][ T6988] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 149.605584][ T6988] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 149.605609][ T6988] rtnl_dellink+0x472/0xb40 [ 149.605634][ T6988] ? __pfx_veth_dellink+0x10/0x10 [ 149.605651][ T6988] ? __kasan_slab_free+0x5f/0x80 [ 149.605672][ T6988] ? kmem_cache_free+0x143/0x720 [ 149.605690][ T6988] ? kfree_skbmem+0x19a/0x210 [ 149.605708][ T6988] ? __pfx_rtnl_dellink+0x10/0x10 [ 149.605731][ T6988] ? __dev_queue_xmit+0x6dd/0x46f0 [ 149.605751][ T6988] ? netlink_deliver_tap+0xa4d/0xcc0 [ 149.605775][ T6988] ? netlink_unicast+0x650/0x870 [ 149.605801][ T6988] ? ___sys_sendmsg+0x190/0x1e0 [ 149.605819][ T6988] ? __sys_sendmmsg+0x205/0x430 [ 149.605880][ T6988] ? __lock_acquire+0x4a5/0x2630 [ 149.605902][ T6988] ? consume_skb+0xd6/0x110 [ 149.605919][ T6988] ? find_held_lock+0x2b/0x80 [ 149.605955][ T6988] ? find_held_lock+0x2b/0x80 [ 149.605972][ T6988] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 149.605998][ T6988] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 149.606026][ T6988] ? __pfx_rtnl_dellink+0x10/0x10 [ 149.606052][ T6988] rtnetlink_rcv_msg+0x95e/0xe90 [ 149.606081][ T6988] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 149.606113][ T6988] ? ref_tracker_free+0x37e/0x6c0 [ 149.606133][ T6988] netlink_rcv_skb+0x159/0x420 [ 149.606149][ T6988] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 149.606177][ T6988] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 149.606201][ T6988] ? netlink_deliver_tap+0x1ae/0xcc0 [ 149.606231][ T6988] netlink_unicast+0x5aa/0x870 [ 149.606261][ T6988] ? __pfx_netlink_unicast+0x10/0x10 [ 149.606288][ T6988] ? __pfx___might_resched+0x10/0x10 [ 149.606314][ T6988] ? __lock_acquire+0x4a5/0x2630 [ 149.606342][ T6988] netlink_sendmsg+0x8b0/0xda0 [ 149.606373][ T6988] ? __pfx_netlink_sendmsg+0x10/0x10 [ 149.606399][ T6988] ? __import_iovec+0x1d2/0x640 [ 149.606428][ T6988] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 149.606453][ T6988] ____sys_sendmsg+0xa54/0xc30 [ 149.606474][ T6988] ? __pfx_____sys_sendmsg+0x10/0x10 [ 149.606503][ T6988] ___sys_sendmsg+0x190/0x1e0 [ 149.606525][ T6988] ? __pfx____sys_sendmsg+0x10/0x10 [ 149.606565][ T6988] ? __pfx___might_resched+0x10/0x10 [ 149.606596][ T6988] __sys_sendmmsg+0x205/0x430 [ 149.606625][ T6988] ? __pfx___sys_sendmmsg+0x10/0x10 [ 149.606656][ T6988] ? __fget_files+0x215/0x3d0 [ 149.606675][ T6988] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 149.606709][ T6988] ? fput+0x79/0x100 [ 149.606732][ T6988] ? ksys_write+0x1ac/0x250 [ 149.606751][ T6988] ? __pfx_ksys_write+0x10/0x10 [ 149.606775][ T6988] __x64_sys_sendmmsg+0x9c/0x100 [ 149.606801][ T6988] ? lockdep_hardirqs_on+0x78/0x100 [ 149.606821][ T6988] do_syscall_64+0xc9/0xf80 [ 149.606843][ T6988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.606861][ T6988] RIP: 0033:0x7fca7bb9af79 [ 149.606875][ T6988] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 149.606891][ T6988] RSP: 002b:00007fca7cac8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 149.606909][ T6988] RAX: ffffffffffffffda RBX: 00007fca7be15fa0 RCX: 00007fca7bb9af79 [ 149.606919][ T6988] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005 [ 149.606929][ T6988] RBP: 00007fca7cac8090 R08: 0000000000000000 R09: 0000000000000000 [ 149.606947][ T6988] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 149.606957][ T6988] R13: 00007fca7be16038 R14: 00007fca7be15fa0 R15: 00007ffffe7a9e48 [ 149.606979][ T6988] [ 154.186490][ T7068] FAULT_INJECTION: forcing a failure. [ 154.186490][ T7068] name failslab, interval 1, probability 0, space 0, times 0 [ 154.213165][ T7068] CPU: 0 UID: 0 PID: 7068 Comm: syz.2.233 Tainted: G L syzkaller #0 PREEMPT(full) [ 154.213214][ T7068] Tainted: [L]=SOFTLOCKUP [ 154.213225][ T7068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 154.213243][ T7068] Call Trace: [ 154.213253][ T7068] [ 154.213265][ T7068] dump_stack_lvl+0x100/0x190 [ 154.213307][ T7068] should_fail_ex.cold+0x5/0xa [ 154.213358][ T7068] should_failslab+0xc2/0x120 [ 154.213403][ T7068] __kmalloc_node_track_caller_noprof+0xf9/0x9d0 [ 154.213443][ T7068] ? __pfx_vsnprintf+0x10/0x10 [ 154.213477][ T7068] ? kasprintf+0xc7/0x100 [ 154.213512][ T7068] ? kvasprintf+0xbc/0x150 [ 154.213535][ T7068] kvasprintf+0xbc/0x150 [ 154.213562][ T7068] ? __pfx_kvasprintf+0x10/0x10 [ 154.213612][ T7068] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 154.213654][ T7068] ? lockdep_hardirqs_on+0x78/0x100 [ 154.213689][ T7068] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 154.213729][ T7068] kasprintf+0xc7/0x100 [ 154.213755][ T7068] ? __pfx_kasprintf+0x10/0x10 [ 154.213802][ T7068] ieee80211_alloc_led_names+0x1b0/0x420 [ 154.213854][ T7068] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 154.213907][ T7068] mac80211_hwsim_new_radio+0x1e1/0x57c0 [ 154.213970][ T7068] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 154.214006][ T7068] ? __nla_validate_parse+0x1e7/0x28b0 [ 154.214042][ T7068] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 154.214106][ T7068] hwsim_new_radio_nl+0xc1f/0x1340 [ 154.214143][ T7068] ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 154.214181][ T7068] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 154.214231][ T7068] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 154.214262][ T7068] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 154.214306][ T7068] genl_family_rcv_msg_doit+0x214/0x300 [ 154.214344][ T7068] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 154.214374][ T7068] ? genl_get_cmd+0x3ef/0x720 [ 154.214414][ T7068] ? bpf_lsm_capable+0x9/0x10 [ 154.214438][ T7068] ? security_capable+0x80/0x260 [ 154.214475][ T7068] ? ns_capable+0xd2/0xf0 [ 154.214511][ T7068] genl_rcv_msg+0x560/0x800 [ 154.214556][ T7068] ? __pfx_genl_rcv_msg+0x10/0x10 [ 154.214590][ T7068] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 154.214659][ T7068] netlink_rcv_skb+0x159/0x420 [ 154.214687][ T7068] ? __pfx_genl_rcv_msg+0x10/0x10 [ 154.214721][ T7068] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 154.214768][ T7068] ? netlink_deliver_tap+0x1ae/0xcc0 [ 154.214821][ T7068] genl_rcv+0x28/0x40 [ 154.214848][ T7068] netlink_unicast+0x5aa/0x870 [ 154.214900][ T7068] ? __pfx_netlink_unicast+0x10/0x10 [ 154.214965][ T7068] netlink_sendmsg+0x8b0/0xda0 [ 154.215019][ T7068] ? __pfx_netlink_sendmsg+0x10/0x10 [ 154.215064][ T7068] ? __import_iovec+0x1d2/0x640 [ 154.215115][ T7068] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 154.215160][ T7068] ____sys_sendmsg+0xa54/0xc30 [ 154.215198][ T7068] ? __pfx_____sys_sendmsg+0x10/0x10 [ 154.215227][ T7068] ? __pfx___futex_wait+0x10/0x10 [ 154.215263][ T7068] ? __pfx_futex_wake_mark+0x10/0x10 [ 154.215315][ T7068] ___sys_sendmsg+0x190/0x1e0 [ 154.215352][ T7068] ? __pfx____sys_sendmsg+0x10/0x10 [ 154.215407][ T7068] ? find_held_lock+0x2b/0x80 [ 154.215465][ T7068] __sys_sendmsg+0x170/0x220 [ 154.215512][ T7068] ? __pfx___sys_sendmsg+0x10/0x10 [ 154.215556][ T7068] ? __x64_sys_futex+0x34f/0x4d0 [ 154.215625][ T7068] do_syscall_64+0xc9/0xf80 [ 154.215677][ T7068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.215709][ T7068] RIP: 0033:0x7f0a48d9af79 [ 154.215735][ T7068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 154.215763][ T7068] RSP: 002b:00007f0a49bf5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 154.215793][ T7068] RAX: ffffffffffffffda RBX: 00007f0a49015fa0 RCX: 00007f0a48d9af79 [ 154.215813][ T7068] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000008 [ 154.215831][ T7068] RBP: 00007f0a48e316e0 R08: 0000000000000000 R09: 0000000000000000 [ 154.215849][ T7068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.215866][ T7068] R13: 00007f0a49016038 R14: 00007f0a49015fa0 R15: 00007fff85f9fc78 [ 154.215907][ T7068] [ 154.901947][ T7072] netlink: 4 bytes leftover after parsing attributes in process `syz.3.234'. [ 156.905786][ T7121] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 156.948546][ T7121] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 156.966866][ T7121] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 156.991746][ T7121] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 158.309343][ T7165] FAULT_INJECTION: forcing a failure. [ 158.309343][ T7165] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 158.337254][ T7165] CPU: 0 UID: 0 PID: 7165 Comm: syz.1.254 Tainted: G L syzkaller #0 PREEMPT(full) [ 158.337301][ T7165] Tainted: [L]=SOFTLOCKUP [ 158.337311][ T7165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 158.337327][ T7165] Call Trace: [ 158.337337][ T7165] [ 158.337348][ T7165] dump_stack_lvl+0x100/0x190 [ 158.337391][ T7165] should_fail_ex.cold+0x5/0xa [ 158.337439][ T7165] _copy_from_user+0x2e/0xd0 [ 158.337485][ T7165] copy_msghdr_from_user+0x9f/0x4f0 [ 158.337522][ T7165] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 158.337577][ T7165] ___sys_sendmsg+0x106/0x1e0 [ 158.337613][ T7165] ? __pfx____sys_sendmsg+0x10/0x10 [ 158.337667][ T7165] ? find_held_lock+0x2b/0x80 [ 158.337722][ T7165] __sys_sendmsg+0x170/0x220 [ 158.337768][ T7165] ? __pfx___sys_sendmsg+0x10/0x10 [ 158.337836][ T7165] do_syscall_64+0xc9/0xf80 [ 158.337918][ T7165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.337947][ T7165] RIP: 0033:0x7f5ef919af79 [ 158.337971][ T7165] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 158.337998][ T7165] RSP: 002b:00007f5efa11a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 158.338027][ T7165] RAX: ffffffffffffffda RBX: 00007f5ef9415fa0 RCX: 00007f5ef919af79 [ 158.338046][ T7165] RDX: 0000000000008094 RSI: 00002000000006c0 RDI: 0000000000000004 [ 158.338064][ T7165] RBP: 00007f5efa11a090 R08: 0000000000000000 R09: 0000000000000000 [ 158.338080][ T7165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.338097][ T7165] R13: 00007f5ef9416038 R14: 00007f5ef9415fa0 R15: 00007fffbd25d2b8 [ 158.338136][ T7165] [ 158.924525][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 159.005135][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 159.006218][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 159.011230][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 159.236973][ T7174] Invalid ELF header magic: != ELF [ 159.325942][ T7177] netlink: 28 bytes leftover after parsing attributes in process `syz.1.257'. [ 159.376423][ T7179] FAULT_INJECTION: forcing a failure. [ 159.376423][ T7179] name failslab, interval 1, probability 0, space 0, times 0 [ 159.402065][ T7179] CPU: 1 UID: 0 PID: 7179 Comm: syz.3.259 Tainted: G L syzkaller #0 PREEMPT(full) [ 159.402117][ T7179] Tainted: [L]=SOFTLOCKUP [ 159.402128][ T7179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 159.402145][ T7179] Call Trace: [ 159.402156][ T7179] [ 159.402168][ T7179] dump_stack_lvl+0x100/0x190 [ 159.402211][ T7179] should_fail_ex.cold+0x5/0xa [ 159.402261][ T7179] should_failslab+0xc2/0x120 [ 159.402306][ T7179] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 159.402351][ T7179] ? alloc_vmap_area+0x1840/0x2a00 [ 159.402392][ T7179] ? __pfx___might_resched+0x10/0x10 [ 159.402447][ T7179] ? alloc_vmap_area+0x1840/0x2a00 [ 159.402489][ T7179] alloc_vmap_area+0x1840/0x2a00 [ 159.402548][ T7179] ? __pfx_alloc_vmap_area+0x10/0x10 [ 159.402612][ T7179] __get_vm_area_node+0x1ca/0x330 [ 159.402673][ T7179] __vmalloc_node_range_noprof+0x213/0x1530 [ 159.402705][ T7179] ? kernel_clone+0xfc/0x930 [ 159.402757][ T7179] ? kernel_clone+0xfc/0x930 [ 159.402797][ T7179] ? rcu_read_unlock+0x17/0x60 [ 159.402837][ T7179] ? rcu_read_unlock+0x17/0x60 [ 159.402882][ T7179] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 159.402911][ T7179] ? __memcg_slab_post_alloc_hook+0x473/0x880 [ 159.402963][ T7179] ? rcu_is_watching+0x12/0xc0 [ 159.402993][ T7179] ? trace_kmem_cache_alloc+0x80/0xb0 [ 159.403037][ T7179] ? kernel_clone+0xfc/0x930 [ 159.403077][ T7179] __vmalloc_node_noprof+0xad/0xf0 [ 159.403103][ T7179] ? kernel_clone+0xfc/0x930 [ 159.403145][ T7179] copy_process+0x5ec/0x7890 [ 159.403179][ T7179] ? __pfx___schedule+0x10/0x10 [ 159.403228][ T7179] ? __pfx_copy_process+0x10/0x10 [ 159.403278][ T7179] ? _copy_from_user+0x59/0xd0 [ 159.403328][ T7179] kernel_clone+0xfc/0x930 [ 159.403368][ T7179] ? __pfx_kernel_clone+0x10/0x10 [ 159.403405][ T7179] ? futex_private_hash_put+0x107/0x1c0 [ 159.403455][ T7179] ? __pfx_futex_wake+0x10/0x10 [ 159.403509][ T7179] __do_sys_clone3+0x214/0x290 [ 159.403550][ T7179] ? __pfx___do_sys_clone3+0x10/0x10 [ 159.403656][ T7179] do_syscall_64+0xc9/0xf80 [ 159.403697][ T7179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.403726][ T7179] RIP: 0033:0x7f9c9819af79 [ 159.403749][ T7179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.403776][ T7179] RSP: 002b:00007f9c990a9ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 159.403806][ T7179] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f9c9819af79 [ 159.403826][ T7179] RDX: 00007f9c990a9f10 RSI: 0000000000000058 RDI: 00007f9c990a9f10 [ 159.403844][ T7179] RBP: 00007f9c982316e0 R08: 0000000000000000 R09: 0000000000000058 [ 159.403861][ T7179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.403878][ T7179] R13: 00007f9c98416038 R14: 00007f9c98415fa0 R15: 00007ffd2a972918 [ 159.403920][ T7179] [ 160.535724][ T7184] FAULT_INJECTION: forcing a failure. [ 160.535724][ T7184] name fail_futex, interval 1, probability 0, space 0, times 0 [ 160.603135][ T7184] CPU: 1 UID: 0 PID: 7184 Comm: syz.2.256 Tainted: G L syzkaller #0 PREEMPT(full) [ 160.603177][ T7184] Tainted: [L]=SOFTLOCKUP [ 160.603186][ T7184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 160.603199][ T7184] Call Trace: [ 160.603208][ T7184] [ 160.603219][ T7184] dump_stack_lvl+0x100/0x190 [ 160.603257][ T7184] should_fail_ex.cold+0x5/0xa [ 160.603301][ T7184] get_futex_key+0x106f/0x1620 [ 160.603342][ T7184] ? __pfx_get_futex_key+0x10/0x10 [ 160.603390][ T7184] futex_wake+0xea/0x530 [ 160.603436][ T7184] ? __pfx_futex_wake+0x10/0x10 [ 160.603476][ T7184] ? exit_mm_release+0x19/0x30 [ 160.603524][ T7184] do_futex+0x32b/0x350 [ 160.603563][ T7184] ? __pfx_do_futex+0x10/0x10 [ 160.603598][ T7184] ? __might_fault+0xc5/0x140 [ 160.603641][ T7184] mm_release+0x24a/0x2f0 [ 160.603674][ T7184] do_exit+0x675/0x2a30 [ 160.603721][ T7184] ? __pfx_do_exit+0x10/0x10 [ 160.603762][ T7184] ? do_raw_spin_lock+0x128/0x260 [ 160.603815][ T7184] ? find_held_lock+0x2b/0x80 [ 160.603842][ T7184] ? get_signal+0x7e0/0x21e0 [ 160.603880][ T7184] do_group_exit+0xd5/0x2a0 [ 160.603926][ T7184] get_signal+0x1ec7/0x21e0 [ 160.603970][ T7184] ? ksys_write+0x190/0x250 [ 160.604011][ T7184] ? __pfx_get_signal+0x10/0x10 [ 160.604047][ T7184] ? do_futex+0x192/0x350 [ 160.604092][ T7184] arch_do_signal_or_restart+0x91/0x770 [ 160.604130][ T7184] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 160.604178][ T7184] ? __pfx___x64_sys_futex+0x10/0x10 [ 160.604212][ T7184] ? xfd_validate_state+0x129/0x190 [ 160.604254][ T7184] exit_to_user_mode_loop+0x86/0x4b0 [ 160.604285][ T7184] ? rcu_is_watching+0x12/0xc0 [ 160.604309][ T7184] do_syscall_64+0x4ea/0xf80 [ 160.604339][ T7184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.604362][ T7184] RIP: 0033:0x7f0a48d9af79 [ 160.604381][ T7184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 160.604401][ T7184] RSP: 002b:00007f0a49b920e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 160.604424][ T7184] RAX: fffffffffffffe00 RBX: 00007f0a49016278 RCX: 00007f0a48d9af79 [ 160.604438][ T7184] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0a49016278 [ 160.604451][ T7184] RBP: 00007f0a49016270 R08: 0000000000000000 R09: 0000000000000000 [ 160.604464][ T7184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.604477][ T7184] R13: 00007f0a49016308 R14: 00007fff85f9fb90 R15: 00007fff85f9fc78 [ 160.604507][ T7184] [ 161.211677][ T7213] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 161.459293][ T7219] usb usb3: usbfs: interface 0 claimed by hub while 'syz.2.269' sets config #-1 [ 161.471729][ T7219] binder: 7215:7219 ioctl 4018620d 9 returned -22 [ 161.488899][ T7219] binder: 7215:7219 ioctl c018620c 9 returned -14 [ 162.798560][ T750] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.008874][ T750] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.162249][ T750] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.319493][ T750] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.655734][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 163.674481][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 163.685339][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 163.720406][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 163.731087][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 163.906326][ T750] hsr0: left allmulticast mode [ 163.911428][ T750] hsr_slave_0: left allmulticast mode [ 163.935089][ T750] hsr_slave_1: left allmulticast mode [ 163.940783][ T750] hsr0: left promiscuous mode [ 163.954618][ T750] bridge0: port 3(hsr0) entered disabled state [ 163.966327][ T750] bridge_slave_1: left allmulticast mode [ 163.972029][ T750] bridge_slave_1: left promiscuous mode [ 163.978751][ T750] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.990141][ T750] bridge_slave_0: left allmulticast mode [ 163.997465][ T750] bridge_slave_0: left promiscuous mode [ 164.001705][ T7270] netlink: 186 bytes leftover after parsing attributes in process `syz.1.287'. [ 164.003413][ T750] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.014062][ T7270] netlink: 186 bytes leftover after parsing attributes in process `syz.1.287'. [ 164.351292][ T750] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 164.366005][ T750] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 164.376045][ T750] bond0 (unregistering): Released all slaves [ 164.802485][ T750] hsr_slave_0: left promiscuous mode [ 164.874218][ T750] hsr_slave_1: left promiscuous mode [ 164.880617][ T750] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 164.903896][ T750] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 164.970086][ T750] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 164.990902][ T750] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 165.057347][ T750] veth1_macvtap: left promiscuous mode [ 165.076210][ T750] veth0_macvtap: left promiscuous mode [ 165.358358][ T7299] vivid-007: kernel_thread() failed [ 165.804419][ T5836] Bluetooth: hci1: command tx timeout [ 166.081098][ T750] team0 (unregistering): Port device team_slave_1 removed [ 166.180156][ T750] team0 (unregistering): Port device team_slave_0 removed [ 167.340150][ T7264] chnl_net:caif_netlink_parms(): no params data found [ 167.711251][ T5836] Bluetooth: hci2: ACL packet too small [ 167.711724][ T7264] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.777578][ T7264] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.796184][ T7264] bridge_slave_0: entered allmulticast mode [ 167.805168][ T7264] bridge_slave_0: entered promiscuous mode [ 167.813423][ T5836] Bluetooth: hci3: ACL packet too small [ 167.881465][ T7264] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.894206][ T5836] Bluetooth: hci1: command tx timeout [ 167.904535][ T7264] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.921991][ T7264] bridge_slave_1: entered allmulticast mode [ 167.940573][ T7264] bridge_slave_1: entered promiscuous mode [ 168.175054][ T7264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 168.216806][ T7264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 168.573636][ T7264] team0: Port device team_slave_0 added [ 168.690240][ T7264] team0: Port device team_slave_1 added [ 168.811480][ T7264] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 168.835263][ T7264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 168.895404][ T7264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 168.949197][ T7264] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 168.956492][ T7264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 168.983874][ T7264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 169.148577][ T7264] hsr_slave_0: entered promiscuous mode [ 169.179210][ T7264] hsr_slave_1: entered promiscuous mode [ 169.225660][ T7264] debugfs: 'hsr0' already exists in 'hsr' [ 169.231462][ T7264] Cannot create hsr debugfs directory [ 169.559156][ T7371] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 169.964252][ T5836] Bluetooth: hci1: command tx timeout [ 171.701482][ T7264] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 171.782208][ T7264] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 171.890746][ T7264] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 171.954076][ T7424] netlink: 8 bytes leftover after parsing attributes in process `syz.2.308'. [ 171.970569][ T7264] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 172.048578][ T5836] Bluetooth: hci1: command tx timeout [ 172.890022][ T7264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.988054][ T7264] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.040354][ T750] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.040519][ T750] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.055933][ T6948] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.056003][ T6948] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.273560][ T7459] perf: Dynamic interrupt throttling disabled, can hang your system! [ 174.457716][ T7264] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.946814][ T7264] veth0_vlan: entered promiscuous mode [ 175.001021][ T7264] veth1_vlan: entered promiscuous mode [ 175.199004][ T7264] veth0_macvtap: entered promiscuous mode [ 175.233567][ T7264] veth1_macvtap: entered promiscuous mode [ 175.358122][ T7264] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 175.421570][ T7264] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 175.489217][ T6948] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.547827][ T6948] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.578138][ T6948] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.596500][ T6948] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.849335][ T6948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.914633][ T6948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.075561][ T6948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.104175][ T6948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.420094][ T7539] openvswitch: netlink: Duplicate or invalid key (type 0). [ 178.583572][ T7556] FAULT_INJECTION: forcing a failure. [ 178.583572][ T7556] name failslab, interval 1, probability 0, space 0, times 0 [ 178.609717][ T7556] CPU: 1 UID: 0 PID: 7556 Comm: syz.0.328 Tainted: G L syzkaller #0 PREEMPT(full) [ 178.609748][ T7556] Tainted: [L]=SOFTLOCKUP [ 178.609754][ T7556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 178.609764][ T7556] Call Trace: [ 178.609770][ T7556] [ 178.609777][ T7556] dump_stack_lvl+0x100/0x190 [ 178.609804][ T7556] should_fail_ex.cold+0x5/0xa [ 178.609832][ T7556] should_failslab+0xc2/0x120 [ 178.609857][ T7556] kmem_cache_alloc_noprof+0x83/0x780 [ 178.609880][ T7556] ? __seq_open_private+0x22/0xd0 [ 178.609896][ T7556] ? seq_open+0x55/0x170 [ 178.609925][ T7556] ? seq_open+0x55/0x170 [ 178.609949][ T7556] seq_open+0x55/0x170 [ 178.609975][ T7556] __seq_open_private+0x3e/0xd0 [ 178.609992][ T7556] sysvipc_proc_open+0x2b/0x5b0 [ 178.610008][ T7556] ? __pfx_sysvipc_proc_open+0x10/0x10 [ 178.610025][ T7556] proc_reg_open+0x137/0x5f0 [ 178.610053][ T7556] do_dentry_open+0x73e/0x1570 [ 178.610073][ T7556] ? __pfx_proc_reg_open+0x10/0x10 [ 178.610100][ T7556] ? security_inode_permission+0xbf/0x250 [ 178.610130][ T7556] vfs_open+0x82/0x3f0 [ 178.610158][ T7556] path_openat+0x21dc/0x3120 [ 178.610186][ T7556] ? __pfx_path_openat+0x10/0x10 [ 178.610214][ T7556] do_filp_open+0x1f7/0x420 [ 178.610237][ T7556] ? __pfx_do_filp_open+0x10/0x10 [ 178.610272][ T7556] ? _raw_spin_unlock+0x28/0x50 [ 178.610290][ T7556] ? alloc_fd+0x476/0x790 [ 178.610318][ T7556] do_sys_openat2+0x12e/0x220 [ 178.610346][ T7556] ? __pfx_do_sys_openat2+0x10/0x10 [ 178.610380][ T7556] __x64_sys_openat+0x12d/0x210 [ 178.610408][ T7556] ? __pfx___x64_sys_openat+0x10/0x10 [ 178.610435][ T7556] ? xfd_validate_state+0x129/0x190 [ 178.610471][ T7556] do_syscall_64+0xc9/0xf80 [ 178.610494][ T7556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.610513][ T7556] RIP: 0033:0x7f5f3c39af79 [ 178.610528][ T7556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 178.610544][ T7556] RSP: 002b:00007f5f3d306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 178.610571][ T7556] RAX: ffffffffffffffda RBX: 00007f5f3c615fa0 RCX: 00007f5f3c39af79 [ 178.610582][ T7556] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 178.610592][ T7556] RBP: 00007f5f3c4316e0 R08: 0000000000000000 R09: 0000000000000000 [ 178.610602][ T7556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 178.610612][ T7556] R13: 00007f5f3c616038 R14: 00007f5f3c615fa0 R15: 00007ffe69809c28 [ 178.610634][ T7556] [ 179.272336][ T7558] Process accounting paused [ 180.647493][ T7572] FAULT_INJECTION: forcing a failure. [ 180.647493][ T7572] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 180.677961][ T7572] CPU: 1 UID: 0 PID: 7572 Comm: syz.2.334 Tainted: G L syzkaller #0 PREEMPT(full) [ 180.678005][ T7572] Tainted: [L]=SOFTLOCKUP [ 180.678014][ T7572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 180.678028][ T7572] Call Trace: [ 180.678037][ T7572] [ 180.678048][ T7572] dump_stack_lvl+0x100/0x190 [ 180.678087][ T7572] should_fail_ex.cold+0x5/0xa [ 180.678129][ T7572] _copy_from_user+0x2e/0xd0 [ 180.678172][ T7572] get_timespec64+0x8b/0x1b0 [ 180.678204][ T7572] ? __pfx_get_timespec64+0x10/0x10 [ 180.678240][ T7572] ? common_nsleep+0xa1/0xd0 [ 180.678277][ T7572] __x64_sys_clock_nanosleep+0x1ce/0x480 [ 180.678308][ T7572] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 180.678342][ T7572] do_syscall_64+0xc9/0xf80 [ 180.678372][ T7572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.678395][ T7572] RIP: 0033:0x7f0a48d5b84e [ 180.678417][ T7572] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 180.678445][ T7572] RSP: 002b:00007fff85f9fd58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 180.678471][ T7572] RAX: ffffffffffffffda RBX: 00005555941d2500 RCX: 00007f0a48d5b84e [ 180.678487][ T7572] RDX: 00007fff85f9fdb0 RSI: 0000000000000000 RDI: 0000000000000000 [ 180.678502][ T7572] RBP: 00007f0a49017da0 R08: 0000000000000000 R09: 0000000000000000 [ 180.678526][ T7572] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000002c1cc [ 180.678549][ T7572] R13: 00007f0a4901618c R14: 000000000002c197 R15: 00007f0a49016180 [ 180.678601][ T7572] [ 182.845589][ T5836] Bluetooth: hci0: ACL packet too small [ 183.126808][ T7666] Invalid ELF header magic: != ELF [ 183.646729][ T5836] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 184.095025][ T7698] mmap: syz.0.354 (7698): VmData 45805568 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 185.564409][ T7724] Invalid ELF header magic: != ELF [ 185.690400][ T7736] FAULT_INJECTION: forcing a failure. [ 185.690400][ T7736] name failslab, interval 1, probability 0, space 0, times 0 [ 185.713538][ T7736] CPU: 0 UID: 0 PID: 7736 Comm: syz.2.364 Tainted: G L syzkaller #0 PREEMPT(full) [ 185.713595][ T7736] Tainted: [L]=SOFTLOCKUP [ 185.713605][ T7736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 185.713619][ T7736] Call Trace: [ 185.713628][ T7736] [ 185.713639][ T7736] dump_stack_lvl+0x100/0x190 [ 185.713678][ T7736] should_fail_ex.cold+0x5/0xa [ 185.713725][ T7736] should_failslab+0xc2/0x120 [ 185.713766][ T7736] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 185.713806][ T7736] ? __alloc_skb+0x156/0x410 [ 185.713851][ T7736] ? __alloc_skb+0x156/0x410 [ 185.713887][ T7736] __alloc_skb+0x156/0x410 [ 185.713923][ T7736] ? __alloc_skb+0x35d/0x410 [ 185.713961][ T7736] ? __pfx___alloc_skb+0x10/0x10 [ 185.714000][ T7736] ? genl_rcv_msg+0x4b0/0x800 [ 185.714028][ T7736] ? genl_rcv_msg+0x4be/0x800 [ 185.714069][ T7736] netlink_ack+0x117/0xb80 [ 185.714105][ T7736] netlink_rcv_skb+0x333/0x420 [ 185.714129][ T7736] ? __pfx_genl_rcv_msg+0x10/0x10 [ 185.714159][ T7736] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 185.714200][ T7736] ? netlink_deliver_tap+0x1ae/0xcc0 [ 185.714247][ T7736] genl_rcv+0x28/0x40 [ 185.714273][ T7736] netlink_unicast+0x5aa/0x870 [ 185.714323][ T7736] ? __pfx_netlink_unicast+0x10/0x10 [ 185.714384][ T7736] netlink_sendmsg+0x8b0/0xda0 [ 185.714437][ T7736] ? __pfx_netlink_sendmsg+0x10/0x10 [ 185.714479][ T7736] ? __import_iovec+0x1d2/0x640 [ 185.714526][ T7736] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 185.714580][ T7736] ____sys_sendmsg+0xa54/0xc30 [ 185.714617][ T7736] ? __pfx_____sys_sendmsg+0x10/0x10 [ 185.714667][ T7736] ___sys_sendmsg+0x190/0x1e0 [ 185.714703][ T7736] ? __pfx____sys_sendmsg+0x10/0x10 [ 185.714758][ T7736] ? find_held_lock+0x2b/0x80 [ 185.714814][ T7736] __sys_sendmsg+0x170/0x220 [ 185.714858][ T7736] ? __pfx___sys_sendmsg+0x10/0x10 [ 185.714927][ T7736] do_syscall_64+0xc9/0xf80 [ 185.714967][ T7736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.714995][ T7736] RIP: 0033:0x7f0a48d9af79 [ 185.715018][ T7736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 185.715043][ T7736] RSP: 002b:00007f0a49bf5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 185.715072][ T7736] RAX: ffffffffffffffda RBX: 00007f0a49015fa0 RCX: 00007f0a48d9af79 [ 185.715091][ T7736] RDX: 0000000000008094 RSI: 00002000000006c0 RDI: 0000000000000004 [ 185.715108][ T7736] RBP: 00007f0a49bf5090 R08: 0000000000000000 R09: 0000000000000000 [ 185.715125][ T7736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 185.715141][ T7736] R13: 00007f0a49016038 R14: 00007f0a49015fa0 R15: 00007fff85f9fc78 [ 185.715182][ T7736] [ 187.262413][ T7755] bond0: invalid ARP target specified [ 187.367128][ T7758] netlink: 28 bytes leftover after parsing attributes in process `syz.2.370'. [ 187.378885][ T7758] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 187.394346][ T7758] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 187.409417][ T7758] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 187.442254][ T7758] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 187.509539][ T5836] Bluetooth: hci0: ACL packet too small [ 187.590724][ T5836] Bluetooth: hci1: ACL packet too small [ 187.974546][ T30] audit: type=1800 audit(1770659163.913:5): pid=7780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.375" name="members" dev="configfs" ino=18150 res=0 errno=0 [ 190.041383][ T5836] Bluetooth: hci2: ACL packet too small [ 191.964749][ T7859] zswap: compressor not available [ 192.189544][ T5836] Bluetooth: hci2: Malformed LE Event: 0x0b [ 194.219167][ T7895] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 195.477187][ T7902] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 196.061859][ T7936] syz.2.404 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 198.074827][ T7969] binder: 7963:7969 ioctl c018620c 0 returned -1 [ 198.368165][ T5836] Bluetooth: hci3: ACL packet too small [ 199.490469][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.497275][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.535064][ T8009] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 199.582282][ T8011] FAULT_INJECTION: forcing a failure. [ 199.582282][ T8011] name failslab, interval 1, probability 0, space 0, times 0 [ 199.636054][ T8011] CPU: 1 UID: 0 PID: 8011 Comm: syz.2.420 Tainted: G L syzkaller #0 PREEMPT(full) [ 199.636093][ T8011] Tainted: [L]=SOFTLOCKUP [ 199.636099][ T8011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 199.636109][ T8011] Call Trace: [ 199.636115][ T8011] [ 199.636122][ T8011] dump_stack_lvl+0x100/0x190 [ 199.636148][ T8011] should_fail_ex.cold+0x5/0xa [ 199.636186][ T8011] should_failslab+0xc2/0x120 [ 199.636211][ T8011] kmem_cache_alloc_noprof+0x83/0x780 [ 199.636235][ T8011] ? prepare_creds+0x2c/0x950 [ 199.636254][ T8011] ? prepare_creds+0x2c/0x950 [ 199.636268][ T8011] prepare_creds+0x2c/0x950 [ 199.636285][ T8011] copy_creds+0xa7/0xa50 [ 199.636304][ T8011] copy_process+0x1029/0x7890 [ 199.636325][ T8011] ? __lock_acquire+0x4a5/0x2630 [ 199.636357][ T8011] ? __pfx_copy_process+0x10/0x10 [ 199.636380][ T8011] ? find_held_lock+0x2b/0x80 [ 199.636413][ T8011] kernel_clone+0xfc/0x930 [ 199.636435][ T8011] ? find_held_lock+0x2b/0x80 [ 199.636453][ T8011] ? __pfx_kernel_clone+0x10/0x10 [ 199.636489][ T8011] __do_sys_clone+0xd9/0x120 [ 199.636512][ T8011] ? __pfx___do_sys_clone+0x10/0x10 [ 199.636544][ T8011] ? ksys_write+0x1ac/0x250 [ 199.636564][ T8011] ? __pfx_ksys_write+0x10/0x10 [ 199.636590][ T8011] do_syscall_64+0xc9/0xf80 [ 199.636615][ T8011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.636635][ T8011] RIP: 0033:0x7f0a48d9af79 [ 199.636651][ T8011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 199.636670][ T8011] RSP: 002b:00007f0a49bf5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 199.636687][ T8011] RAX: ffffffffffffffda RBX: 00007f0a49015fa0 RCX: 00007f0a48d9af79 [ 199.636698][ T8011] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0002000020003b4a [ 199.636708][ T8011] RBP: 00007f0a49bf5090 R08: 0000000000000103 R09: 0000000000000000 [ 199.636718][ T8011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 199.636728][ T8011] R13: 00007f0a49016038 R14: 00007f0a49015fa0 R15: 00007fff85f9fc78 [ 199.636750][ T8011] [ 200.592234][ T8026] zram0: detected capacity change from 0 to 8 [ 200.852930][ T5836] Bluetooth: hci2: ACL packet too small [ 201.779617][ T8048] netlink: 186 bytes leftover after parsing attributes in process `syz.3.427'. [ 202.083978][ T8052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.430'. [ 202.512664][ T8057] FAULT_INJECTION: forcing a failure. [ 202.512664][ T8057] name failslab, interval 1, probability 0, space 0, times 0 [ 202.542186][ T8057] CPU: 1 UID: 0 PID: 8057 Comm: syz.2.431 Tainted: G L syzkaller #0 PREEMPT(full) [ 202.542218][ T8057] Tainted: [L]=SOFTLOCKUP [ 202.542225][ T8057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 202.542235][ T8057] Call Trace: [ 202.542241][ T8057] [ 202.542249][ T8057] dump_stack_lvl+0x100/0x190 [ 202.542276][ T8057] should_fail_ex.cold+0x5/0xa [ 202.542304][ T8057] should_failslab+0xc2/0x120 [ 202.542331][ T8057] ? snd_midi_event_new+0xa1/0x210 [ 202.542349][ T8057] __kmalloc_noprof+0xf6/0x9c0 [ 202.542373][ T8057] ? snd_midi_event_new+0xa1/0x210 [ 202.542390][ T8057] snd_midi_event_new+0xa1/0x210 [ 202.542409][ T8057] snd_virmidi_output_open+0x106/0x670 [ 202.542432][ T8057] open_substream+0x480/0x9e0 [ 202.542458][ T8057] rawmidi_open_priv+0x595/0x6f0 [ 202.542487][ T8057] snd_rawmidi_open+0x4c9/0xba0 [ 202.542516][ T8057] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 202.542542][ T8057] ? __pfx_default_wake_function+0x10/0x10 [ 202.542564][ T8057] ? kobject_get_unless_zero+0x156/0x200 [ 202.542591][ T8057] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 202.542616][ T8057] snd_open+0x22d/0x4c0 [ 202.542636][ T8057] ? __pfx_snd_open+0x10/0x10 [ 202.542655][ T8057] chrdev_open+0x234/0x6a0 [ 202.542677][ T8057] ? __pfx_apparmor_file_open+0x10/0x10 [ 202.542701][ T8057] ? __pfx_chrdev_open+0x10/0x10 [ 202.542730][ T8057] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 202.542769][ T8057] do_dentry_open+0x73e/0x1570 [ 202.542801][ T8057] ? __pfx_chrdev_open+0x10/0x10 [ 202.542835][ T8057] ? security_inode_permission+0xbf/0x250 [ 202.542873][ T8057] vfs_open+0x82/0x3f0 [ 202.542901][ T8057] path_openat+0x21dc/0x3120 [ 202.542930][ T8057] ? __pfx_path_openat+0x10/0x10 [ 202.542959][ T8057] do_filp_open+0x1f7/0x420 [ 202.542982][ T8057] ? __pfx_do_filp_open+0x10/0x10 [ 202.543018][ T8057] ? _raw_spin_unlock+0x28/0x50 [ 202.543035][ T8057] ? alloc_fd+0x476/0x790 [ 202.543061][ T8057] do_sys_openat2+0x12e/0x220 [ 202.543095][ T8057] ? __pfx_do_sys_openat2+0x10/0x10 [ 202.543124][ T8057] ? __fget_files+0x21f/0x3d0 [ 202.543148][ T8057] __x64_sys_openat+0x12d/0x210 [ 202.543176][ T8057] ? __pfx___x64_sys_openat+0x10/0x10 [ 202.543207][ T8057] ? xfd_validate_state+0x129/0x190 [ 202.543244][ T8057] do_syscall_64+0xc9/0xf80 [ 202.543267][ T8057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.543286][ T8057] RIP: 0033:0x7f0a48d9af79 [ 202.543301][ T8057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 202.543319][ T8057] RSP: 002b:00007f0a49bd4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 202.543338][ T8057] RAX: ffffffffffffffda RBX: 00007f0a49016090 RCX: 00007f0a48d9af79 [ 202.543349][ T8057] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 202.543359][ T8057] RBP: 00007f0a48e316e0 R08: 0000000000000000 R09: 0000000000000000 [ 202.543370][ T8057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.543380][ T8057] R13: 00007f0a49016128 R14: 00007f0a49016090 R15: 00007fff85f9fc78 [ 202.543402][ T8057] [ 203.065970][ T8058] ptp ptp0: new virtual clock ptp1 [ 203.154624][ T8058] ptp ptp0: new virtual clock ptp2 [ 203.201624][ T8058] ptp ptp0: new virtual clock ptp3 [ 203.280706][ T8058] ptp ptp0: new virtual clock ptp4 [ 203.326787][ T8071] netlink: 8 bytes leftover after parsing attributes in process `syz.0.433'. [ 203.326994][ T8058] ptp ptp0: new virtual clock ptp5 [ 203.367198][ T8058] ptp ptp0: new virtual clock ptp6 [ 203.413722][ T8058] ptp ptp0: new virtual clock ptp7 [ 203.445025][ T8058] failed to create ptp aux_worker -4 [ 203.450610][ T8057] ptp ptp0: only physical clock in use now [ 203.834568][ T8082] netlink: 17 bytes leftover after parsing attributes in process `syz.3.435'. [ 204.382364][ T5836] Bluetooth: hci2: ACL packet too small [ 204.856993][ T8103] random: crng reseeded on system resumption [ 205.090629][ T8106] hub 1-0:1.0: USB hub found [ 205.121930][ T8106] hub 1-0:1.0: 1 port detected [ 207.086893][ T8154] FAULT_INJECTION: forcing a failure. [ 207.086893][ T8154] name failslab, interval 1, probability 0, space 0, times 0 [ 207.154383][ T8154] CPU: 1 UID: 0 PID: 8154 Comm: syz.2.454 Tainted: G L syzkaller #0 PREEMPT(full) [ 207.154429][ T8154] Tainted: [L]=SOFTLOCKUP [ 207.154438][ T8154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 207.154453][ T8154] Call Trace: [ 207.154462][ T8154] [ 207.154473][ T8154] dump_stack_lvl+0x100/0x190 [ 207.154514][ T8154] should_fail_ex.cold+0x5/0xa [ 207.154561][ T8154] should_failslab+0xc2/0x120 [ 207.154603][ T8154] kmem_cache_alloc_noprof+0x83/0x780 [ 207.154640][ T8154] ? lsm_blob_alloc+0x68/0x90 [ 207.154670][ T8154] ? dup_fd+0x4d/0xd10 [ 207.154709][ T8154] ? dup_fd+0x4d/0xd10 [ 207.154737][ T8154] dup_fd+0x4d/0xd10 [ 207.154775][ T8154] ? apparmor_task_alloc+0x2c1/0x3b0 [ 207.154816][ T8154] copy_process+0x26cc/0x7890 [ 207.154859][ T8154] ? __lock_acquire+0x4a5/0x2630 [ 207.154913][ T8154] ? __pfx_copy_process+0x10/0x10 [ 207.154952][ T8154] ? find_held_lock+0x2b/0x80 [ 207.154995][ T8154] kernel_clone+0xfc/0x930 [ 207.155031][ T8154] ? find_held_lock+0x2b/0x80 [ 207.155061][ T8154] ? __pfx_kernel_clone+0x10/0x10 [ 207.155116][ T8154] __do_sys_clone+0xd9/0x120 [ 207.155155][ T8154] ? __pfx___do_sys_clone+0x10/0x10 [ 207.155209][ T8154] ? ksys_write+0x1ac/0x250 [ 207.155250][ T8154] ? __pfx_ksys_write+0x10/0x10 [ 207.155284][ T8154] ? fput+0x79/0x100 [ 207.155348][ T8154] do_syscall_64+0xc9/0xf80 [ 207.155387][ T8154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.155415][ T8154] RIP: 0033:0x7f0a48d9af79 [ 207.155438][ T8154] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 207.155464][ T8154] RSP: 002b:00007f0a49bf5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 207.155492][ T8154] RAX: ffffffffffffffda RBX: 00007f0a49015fa0 RCX: 00007f0a48d9af79 [ 207.155511][ T8154] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0002000020003b4a [ 207.155529][ T8154] RBP: 00007f0a49bf5090 R08: 0000000000000103 R09: 0000000000000000 [ 207.155546][ T8154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.155563][ T8154] R13: 00007f0a49016038 R14: 00007f0a49015fa0 R15: 00007fff85f9fc78 [ 207.155602][ T8154] [ 207.739286][ T5836] Bluetooth: hci2: ACL packet too small [ 207.937465][ T30] audit: type=1800 audit(1770659183.873:6): pid=8161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.457" name="members" dev="configfs" ino=21554 res=0 errno=0 [ 209.404191][ T8177] netlink: 8 bytes leftover after parsing attributes in process `syz.1.460'. [ 209.712499][ T8160] Process accounting resumed [ 211.854526][ T8202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.465'. [ 211.884571][ T5836] Bluetooth: hci2: unexpected event 0x14 length: 16 > 6 [ 212.096595][ T5836] Bluetooth: hci2: ACL packet too small [ 212.576578][ T8221] zswap: compressor not available [ 212.871884][ T8233] FAULT_INJECTION: forcing a failure. [ 212.871884][ T8233] name failslab, interval 1, probability 0, space 0, times 0 [ 212.904941][ T8233] CPU: 0 UID: 0 PID: 8233 Comm: syz.1.472 Tainted: G L syzkaller #0 PREEMPT(full) [ 212.904986][ T8233] Tainted: [L]=SOFTLOCKUP [ 212.904995][ T8233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 212.905011][ T8233] Call Trace: [ 212.905021][ T8233] [ 212.905032][ T8233] dump_stack_lvl+0x100/0x190 [ 212.905073][ T8233] should_fail_ex.cold+0x5/0xa [ 212.905119][ T8233] should_failslab+0xc2/0x120 [ 212.905160][ T8233] kmem_cache_alloc_noprof+0x83/0x780 [ 212.905208][ T8233] ? d_instantiate+0x90/0xb0 [ 212.905249][ T8233] ? alloc_empty_file+0x55/0x1c0 [ 212.905295][ T8233] ? alloc_empty_file+0x55/0x1c0 [ 212.905330][ T8233] alloc_empty_file+0x55/0x1c0 [ 212.905373][ T8233] alloc_file_pseudo+0x13a/0x230 [ 212.905417][ T8233] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 212.905462][ T8233] ? hugetlbfs_get_inode+0x36e/0x6f0 [ 212.905496][ T8233] hugetlb_file_setup+0x2a8/0x5b0 [ 212.905527][ T8233] ? __UNIQUE_ID_modinfo_887+0x640a2910/0xffffffffffeca210 [ 212.905564][ T8233] ksys_mmap_pgoff+0x185/0x5b0 [ 212.905612][ T8233] __x64_sys_mmap+0x125/0x190 [ 212.905638][ T8233] ? __UNIQUE_ID_modinfo_887+0x640a2910/0xffffffffffeca210 [ 212.905677][ T8233] do_syscall_64+0xc9/0xf80 [ 212.905715][ T8233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.905744][ T8233] RIP: 0033:0x7f5ef919af79 [ 212.905766][ T8233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 212.905792][ T8233] RSP: 002b:00007f5efa11a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 212.905819][ T8233] RAX: ffffffffffffffda RBX: 00007f5ef9415fa0 RCX: 00007f5ef919af79 [ 212.905837][ T8233] RDX: 0000000000000002 RSI: 0000000000000005 RDI: ffffffffff600700 [ 212.905854][ T8233] RBP: 00007f5ef92316e0 R08: 0000000000000401 R09: 0000300000000000 [ 212.905871][ T8233] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 212.905887][ T8233] R13: 00007f5ef9416038 R14: 00007f5ef9415fa0 R15: 00007fffbd25d2b8 [ 212.905918][ T8233] ? __UNIQUE_ID_modinfo_887+0x640a2910/0xffffffffffeca210 [ 212.905958][ T8233] [ 214.298727][ T8251] hub 1-0:1.0: USB hub found [ 214.483419][ T8251] hub 1-0:1.0: 1 port detected [ 215.068733][ T8255] FAULT_INJECTION: forcing a failure. [ 215.068733][ T8255] name failslab, interval 1, probability 0, space 0, times 0 [ 215.078917][ T8247] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 215.090944][ T8255] CPU: 0 UID: 0 PID: 8255 Comm: syz.2.477 Tainted: G L syzkaller #0 PREEMPT(full) [ 215.090990][ T8255] Tainted: [L]=SOFTLOCKUP [ 215.091002][ T8255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 215.091019][ T8255] Call Trace: [ 215.091029][ T8255] [ 215.091041][ T8255] dump_stack_lvl+0x100/0x190 [ 215.091082][ T8255] should_fail_ex.cold+0x5/0xa [ 215.091131][ T8255] should_failslab+0xc2/0x120 [ 215.091173][ T8255] ? cache_create_net+0x9b/0x220 [ 215.091214][ T8255] __kmalloc_noprof+0xf6/0x9c0 [ 215.091250][ T8255] ? cache_create_net+0x2b/0x220 [ 215.091301][ T8255] ? cache_create_net+0x9b/0x220 [ 215.091342][ T8255] cache_create_net+0x9b/0x220 [ 215.091385][ T8255] ? __pfx_nfsd_net_init+0x10/0x10 [ 215.091431][ T8255] nfsd_idmap_init+0x62/0x250 [ 215.091465][ T8255] ? __pfx_nfsd_net_init+0x10/0x10 [ 215.091508][ T8255] nfsd_net_init+0x69/0x3d0 [ 215.091555][ T8255] ? __pfx_nfsd_net_init+0x10/0x10 [ 215.091598][ T8255] ops_init+0x1e2/0x5f0 [ 215.091650][ T8255] setup_net+0x118/0x3a0 [ 215.091678][ T8255] ? __pfx_setup_net+0x10/0x10 [ 215.091702][ T8255] ? lockdep_init_map_type+0x5c/0x250 [ 215.091746][ T8255] ? mutex_init_lockep+0x110/0x150 [ 215.091795][ T8255] copy_net_ns+0x46f/0x7c0 [ 215.091830][ T8255] create_new_namespaces+0x3ea/0xab0 [ 215.091875][ T8255] copy_namespaces+0x468/0x5e0 [ 215.091922][ T8255] copy_process+0x32d5/0x7890 [ 215.091984][ T8255] ? __pfx_copy_process+0x10/0x10 [ 215.092047][ T8255] kernel_clone+0xfc/0x930 [ 215.092086][ T8255] ? __pfx_futex_wait+0x10/0x10 [ 215.092117][ T8255] ? __pfx_kernel_clone+0x10/0x10 [ 215.092181][ T8255] __do_sys_clone+0xd9/0x120 [ 215.092222][ T8255] ? __pfx___do_sys_clone+0x10/0x10 [ 215.092263][ T8255] ? __fget_files+0x21f/0x3d0 [ 215.092312][ T8255] ? xfd_validate_state+0x129/0x190 [ 215.092375][ T8255] do_syscall_64+0xc9/0xf80 [ 215.092416][ T8255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.092448][ T8255] RIP: 0033:0x7f0a48d9af79 [ 215.092473][ T8255] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.092502][ T8255] RSP: 002b:00007f0a49bf4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 215.092532][ T8255] RAX: ffffffffffffffda RBX: 00007f0a49015fa0 RCX: 00007f0a48d9af79 [ 215.092552][ T8255] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 215.092570][ T8255] RBP: 00007f0a48e316e0 R08: 0000000000000000 R09: 0000000000000000 [ 215.092588][ T8255] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 215.092605][ T8255] R13: 00007f0a49016038 R14: 00007f0a49015fa0 R15: 00007fff85f9fc78 [ 215.092646][ T8255] [ 215.454226][ T8247] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 215.484335][ T8247] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 216.114932][ T8268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.480'. [ 217.141634][ T8285] FAULT_INJECTION: forcing a failure. [ 217.141634][ T8285] name failslab, interval 1, probability 0, space 0, times 0 [ 217.270551][ T8285] CPU: 1 UID: 0 PID: 8285 Comm: syz.2.483 Tainted: G L syzkaller #0 PREEMPT(full) [ 217.270603][ T8285] Tainted: [L]=SOFTLOCKUP [ 217.270613][ T8285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 217.270629][ T8285] Call Trace: [ 217.270638][ T8285] [ 217.270648][ T8285] dump_stack_lvl+0x100/0x190 [ 217.270685][ T8285] should_fail_ex.cold+0x5/0xa [ 217.270724][ T8285] should_failslab+0xc2/0x120 [ 217.270765][ T8285] ? memcg_list_lru_alloc+0x4ec/0x740 [ 217.270797][ T8285] __kmalloc_noprof+0xf6/0x9c0 [ 217.270837][ T8285] ? memcg_list_lru_alloc+0x4ec/0x740 [ 217.270870][ T8285] memcg_list_lru_alloc+0x4ec/0x740 [ 217.270913][ T8285] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 217.270948][ T8285] ? rcu_read_unlock+0x17/0x60 [ 217.271001][ T8285] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 217.271040][ T8285] __memcg_slab_post_alloc_hook+0x12e/0x880 [ 217.271103][ T8285] ? kasan_save_track+0x14/0x30 [ 217.271153][ T8285] kmem_cache_alloc_lru_noprof+0x606/0x7d0 [ 217.271198][ T8285] ? alloc_inode+0x183/0x250 [ 217.271256][ T8285] ? alloc_inode+0x183/0x250 [ 217.271298][ T8285] alloc_inode+0x183/0x250 [ 217.271344][ T8285] alloc_anon_inode+0x2a/0x3e0 [ 217.271384][ T8285] dma_buf_export+0x267/0xa90 [ 217.271415][ T8285] ? sg_alloc_table+0x4c/0x1c0 [ 217.271456][ T8285] system_heap_allocate+0xaec/0x10e0 [ 217.271496][ T8285] ? __pfx_system_heap_allocate+0x10/0x10 [ 217.271540][ T8285] ? rep_movs_alternative+0x4a/0x90 [ 217.271595][ T8285] dma_heap_ioctl+0x37f/0x5e0 [ 217.271649][ T8285] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 217.271694][ T8285] ? __do_sys_close_range+0x230/0x740 [ 217.271753][ T8285] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 217.271804][ T8285] __x64_sys_ioctl+0x18e/0x210 [ 217.271857][ T8285] do_syscall_64+0xc9/0xf80 [ 217.271896][ T8285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.271926][ T8285] RIP: 0033:0x7f0a48d9af79 [ 217.271951][ T8285] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 217.271979][ T8285] RSP: 002b:00007f0a49bd4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.272009][ T8285] RAX: ffffffffffffffda RBX: 00007f0a49016090 RCX: 00007f0a48d9af79 [ 217.272030][ T8285] RDX: 0000200000000140 RSI: ffffffffffdffe00 RDI: 0000000000000001 [ 217.272049][ T8285] RBP: 00007f0a48e316e0 R08: 0000000000000000 R09: 0000000000000000 [ 217.272067][ T8285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.272084][ T8285] R13: 00007f0a49016128 R14: 00007f0a49016090 R15: 00007fff85f9fc78 [ 217.272125][ T8285] [ 218.586672][ T5836] Bluetooth: hci1: ACL packet too small [ 219.654382][ T8314] netlink: 4176 bytes leftover after parsing attributes in process `syz.0.488'. [ 222.605766][ T8377] random: crng reseeded on system resumption [ 224.314681][ T8391] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 225.767366][ T30] audit: type=1800 audit(1770659201.703:7): pid=8437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.509" name="members" dev="configfs" ino=21358 res=0 errno=0 [ 226.681811][ T8460] FAULT_INJECTION: forcing a failure. [ 226.681811][ T8460] name failslab, interval 1, probability 0, space 0, times 0 [ 226.768194][ T8460] CPU: 0 UID: 0 PID: 8460 Comm: syz.0.511 Tainted: G L syzkaller #0 PREEMPT(full) [ 226.768224][ T8460] Tainted: [L]=SOFTLOCKUP [ 226.768230][ T8460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 226.768239][ T8460] Call Trace: [ 226.768245][ T8460] [ 226.768252][ T8460] dump_stack_lvl+0x100/0x190 [ 226.768277][ T8460] should_fail_ex.cold+0x5/0xa [ 226.768306][ T8460] should_failslab+0xc2/0x120 [ 226.768330][ T8460] ? usb_hcd_submit_urb+0x601/0x2150 [ 226.768346][ T8460] __kmalloc_noprof+0xf6/0x9c0 [ 226.768371][ T8460] ? usb_hcd_submit_urb+0x601/0x2150 [ 226.768385][ T8460] usb_hcd_submit_urb+0x601/0x2150 [ 226.768409][ T8460] usb_submit_urb+0x8aa/0x1910 [ 226.768433][ T8460] ? __init_swait_queue_head+0xca/0x150 [ 226.768463][ T8460] usb_start_wait_urb+0x106/0x4c0 [ 226.768485][ T8460] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 226.768512][ T8460] ? __asan_memset+0x23/0x50 [ 226.768535][ T8460] usb_control_msg+0x326/0x4a0 [ 226.768564][ T8460] ? __pfx_usb_control_msg+0x10/0x10 [ 226.768593][ T8460] ? kernfs_find_and_get_ns+0x5f/0x70 [ 226.768639][ T8460] usb_hub_set_port_power+0x125/0x180 [ 226.768682][ T8460] disable_store+0x2eb/0x450 [ 226.768710][ T8460] ? __pfx_disable_store+0x10/0x10 [ 226.768733][ T8460] ? find_held_lock+0x2b/0x80 [ 226.768749][ T8460] ? sysfs_file_kobj+0xe4/0x290 [ 226.768768][ T8460] ? sysfs_file_kobj+0xe4/0x290 [ 226.768790][ T8460] ? __pfx_disable_store+0x10/0x10 [ 226.768811][ T8460] dev_attr_store+0x58/0x80 [ 226.768834][ T8460] ? __pfx_dev_attr_store+0x10/0x10 [ 226.768857][ T8460] sysfs_kf_write+0xf2/0x150 [ 226.768880][ T8460] kernfs_fop_write_iter+0x3e0/0x5f0 [ 226.768897][ T8460] ? __pfx_sysfs_kf_write+0x10/0x10 [ 226.768920][ T8460] vfs_write+0x6ac/0x1070 [ 226.768940][ T8460] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 226.768960][ T8460] ? __pfx_vfs_write+0x10/0x10 [ 226.768978][ T8460] ? find_held_lock+0x2b/0x80 [ 226.769009][ T8460] ksys_write+0x12a/0x250 [ 226.769029][ T8460] ? __pfx_ksys_write+0x10/0x10 [ 226.769055][ T8460] do_syscall_64+0xc9/0xf80 [ 226.769086][ T8460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.769103][ T8460] RIP: 0033:0x7f5f3c39af79 [ 226.769118][ T8460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.769134][ T8460] RSP: 002b:00007f5f3d306028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 226.769151][ T8460] RAX: ffffffffffffffda RBX: 00007f5f3c615fa0 RCX: 00007f5f3c39af79 [ 226.769162][ T8460] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 226.769172][ T8460] RBP: 00007f5f3c4316e0 R08: 0000000000000000 R09: 0000000000000000 [ 226.769182][ T8460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.769191][ T8460] R13: 00007f5f3c616038 R14: 00007f5f3c615fa0 R15: 00007ffe69809c28 [ 226.769214][ T8460] [ 228.619610][ T8488] usb usb37: usbfs: process 8488 (syz.2.516) did not claim interface 0 before use [ 228.792991][ T8488] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 230.984535][ T8532] Invalid ELF header magic: != ELF [ 231.376876][ T8545] cougar: G6 mapped to space [ 232.169902][ T8551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.528'. [ 233.043806][ T8570] netlink: 100 bytes leftover after parsing attributes in process `syz.0.531'. [ 233.304669][ T8566] netlink: 334 bytes leftover after parsing attributes in process `syz.2.530'. [ 235.113600][ T5836] Bluetooth: hci3: ACL packet too small [ 235.286214][ T8605] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 235.965557][ T8618] zswap: compressor û not available [ 235.994422][ T8625] Setting dangerous option i915.mitigations - tainting kernel [ 236.077476][ T8613] Invalid ELF header magic: != ELF [ 239.797064][ T8685] netlink: 'syz.3.556': attribute type 3 has an invalid length. [ 239.944772][ T8679] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 239.955879][ T8679] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 240.015017][ T8685] hub 1-0:1.0: USB hub found [ 240.106899][ T8685] hub 1-0:1.0: 1 port detected [ 240.403429][ T8692] [U] [ 241.306034][ T8709] FAULT_INJECTION: forcing a failure. [ 241.306034][ T8709] name failslab, interval 1, probability 0, space 0, times 0 [ 241.357273][ T8709] CPU: 0 UID: 0 PID: 8709 Comm: syz.3.559 Tainted: G U L syzkaller #0 PREEMPT(full) [ 241.357307][ T8709] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 241.357314][ T8709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 241.357325][ T8709] Call Trace: [ 241.357331][ T8709] [ 241.357338][ T8709] dump_stack_lvl+0x100/0x190 [ 241.357364][ T8709] should_fail_ex.cold+0x5/0xa [ 241.357394][ T8709] should_failslab+0xc2/0x120 [ 241.357419][ T8709] __kmalloc_cache_noprof+0x80/0x810 [ 241.357439][ T8709] ? kobject_uevent_env+0x263/0x18b0 [ 241.357465][ T8709] ? __mutex_unlock_slowpath+0x15c/0x790 [ 241.357491][ T8709] ? kobject_uevent_env+0x263/0x18b0 [ 241.357518][ T8709] kobject_uevent_env+0x263/0x18b0 [ 241.357557][ T8709] ? bus_to_subsys+0x114/0x150 [ 241.357587][ T8709] device_del+0x605/0x9b0 [ 241.357611][ T8709] ? __pfx_device_del+0x10/0x10 [ 241.357646][ T8709] ? put_device+0x24/0x30 [ 241.357670][ T8709] ? nfc_llcp_local_put.part.0+0x80/0xd0 [ 241.357709][ T8709] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 241.357754][ T8709] nfc_remove_device+0x9d/0xc0 [ 241.357790][ T8709] virtual_ncidev_close+0x4b/0xa0 [ 241.357833][ T8709] __fput+0x3ff/0xb40 [ 241.357883][ T8709] task_work_run+0x150/0x240 [ 241.357932][ T8709] ? __pfx_task_work_run+0x10/0x10 [ 241.358000][ T8709] exit_to_user_mode_loop+0x100/0x4b0 [ 241.358045][ T8709] ? rcu_is_watching+0x12/0xc0 [ 241.358079][ T8709] do_syscall_64+0x4ea/0xf80 [ 241.358120][ T8709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.358150][ T8709] RIP: 0033:0x7f9c9819af79 [ 241.358175][ T8709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.358204][ T8709] RSP: 002b:00007f9c99089028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 241.358233][ T8709] RAX: 0000000000000000 RBX: 00007f9c98416090 RCX: 00007f9c9819af79 [ 241.358253][ T8709] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 241.358272][ T8709] RBP: 00007f9c982316e0 R08: 0000000000000000 R09: 0000000000000000 [ 241.358290][ T8709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.358308][ T8709] R13: 00007f9c98416128 R14: 00007f9c98416090 R15: 00007ffd2a972918 [ 241.358349][ T8709] [ 242.199370][ T8732] netlink: 29 bytes leftover after parsing attributes in process `syz.0.561'. [ 242.235681][ T5836] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 242.433262][ T8679] Process accounting paused [ 242.677287][ T8735] FAULT_INJECTION: forcing a failure. [ 242.677287][ T8735] name failslab, interval 1, probability 0, space 0, times 0 [ 242.733992][ T8735] CPU: 0 UID: 0 PID: 8735 Comm: syz.1.564 Tainted: G U L syzkaller #0 PREEMPT(full) [ 242.734045][ T8735] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 242.734062][ T8735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 242.734078][ T8735] Call Trace: [ 242.734089][ T8735] [ 242.734100][ T8735] dump_stack_lvl+0x100/0x190 [ 242.734144][ T8735] should_fail_ex.cold+0x5/0xa [ 242.734197][ T8735] should_failslab+0xc2/0x120 [ 242.734242][ T8735] kmem_cache_alloc_noprof+0x83/0x780 [ 242.734283][ T8735] ? __proc_create+0xc2/0x8c0 [ 242.734330][ T8735] ? __proc_create+0x2cb/0x8c0 [ 242.734386][ T8735] ? __proc_create+0x2cb/0x8c0 [ 242.734431][ T8735] __proc_create+0x2cb/0x8c0 [ 242.734468][ T8735] ? __pfx___proc_create+0x10/0x10 [ 242.734497][ T8735] ? _raw_write_unlock+0x28/0x50 [ 242.734524][ T8735] proc_create_reg+0x75/0x170 [ 242.734541][ T8735] ? __pfx_kcm_stats_seq_show+0x10/0x10 [ 242.734565][ T8735] proc_create_net_single+0x86/0x180 [ 242.734582][ T8735] ? __pfx_proc_create_net_single+0x10/0x10 [ 242.734613][ T8735] ? __pfx_kcm_proc_init_net+0x10/0x10 [ 242.734636][ T8735] kcm_proc_init_net+0x52/0x120 [ 242.734658][ T8735] ops_init+0x1e2/0x5f0 [ 242.734688][ T8735] setup_net+0x118/0x3a0 [ 242.734705][ T8735] ? __pfx_setup_net+0x10/0x10 [ 242.734720][ T8735] ? lockdep_init_map_type+0x5c/0x250 [ 242.734745][ T8735] ? mutex_init_lockep+0x110/0x150 [ 242.734773][ T8735] copy_net_ns+0x46f/0x7c0 [ 242.734794][ T8735] create_new_namespaces+0x3ea/0xab0 [ 242.734821][ T8735] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 242.734843][ T8735] ksys_unshare+0x455/0xab0 [ 242.734870][ T8735] ? __pfx_ksys_unshare+0x10/0x10 [ 242.734894][ T8735] ? xfd_validate_state+0x129/0x190 [ 242.734929][ T8735] __x64_sys_unshare+0x31/0x40 [ 242.734954][ T8735] do_syscall_64+0xc9/0xf80 [ 242.734977][ T8735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.734995][ T8735] RIP: 0033:0x7f5ef919af79 [ 242.735010][ T8735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 242.735027][ T8735] RSP: 002b:00007f5efa11a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 242.735046][ T8735] RAX: ffffffffffffffda RBX: 00007f5ef9415fa0 RCX: 00007f5ef919af79 [ 242.735057][ T8735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 242.735067][ T8735] RBP: 00007f5ef92316e0 R08: 0000000000000000 R09: 0000000000000000 [ 242.735078][ T8735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.735088][ T8735] R13: 00007f5ef9416038 R14: 00007f5ef9415fa0 R15: 00007fffbd25d2b8 [ 242.735111][ T8735] [ 244.645215][ T8773] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 245.762854][ T5836] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 245.762897][ T5836] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 245.779301][ T5836] Bluetooth: hci0: Dropping invalid advertising data [ 245.787520][ T5836] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 245.787549][ T5836] Bluetooth: hci0: Dropping invalid advertising data [ 245.801652][ T5836] Bluetooth: hci0: Malformed LE Event: 0x02 [ 246.266973][ T8796] can: request_module (can-proto-3) failed. [ 246.636497][ T30] audit: type=1800 audit(1770659222.573:8): pid=8806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.579" name="members" dev="configfs" ino=23354 res=0 errno=0 [ 247.906891][ T8843] pim6reg: entered allmulticast mode [ 249.074309][ T30] audit: type=1800 audit(1770659225.003:9): pid=8862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.591" name="members" dev="configfs" ino=24295 res=0 errno=0 [ 250.100651][ T5836] Bluetooth: hci0: ACL packet too small [ 253.234689][ T5836] Bluetooth: hci3: ACL packet too small [ 254.794797][ T8953] random: crng reseeded on system resumption [ 256.973426][ T5836] Bluetooth: hci3: ACL packet too small [ 258.180190][ T9008] ima: Unable to open file: /surit‹¯Ròy/integrity?iqa/policy (-2) [ 258.191724][ T9008] ima: policy update failed [ 258.259351][ T30] audit: type=1802 audit(1770659234.183:10): pid=9008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.618" res=0 errno=0 [ 259.018066][ T30] audit: type=1800 audit(1770659234.953:11): pid=9046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.630" name="members" dev="configfs" ino=25774 res=0 errno=0 [ 259.364690][ T9040] BUG: Bad rss-counter state mm:ffff88802861e200 type:MM_FILEPAGES val:640 Comm:syz.2.627 Pid:9040 [ 260.175278][ T30] audit: type=1800 audit(1770659236.113:12): pid=9059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.633" name="features" dev="configfs" ino=25070 res=0 errno=0 [ 260.930588][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.937308][ T1301] ieee802154 phy1 wpan1: encryption failed: -22