last executing test programs: 3m3.97316684s ago: executing program 2 (id=3200): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) close_range$auto(0x0, 0x5, 0x0) mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u50x0, 0xffffffffffffffff, 0x9, 0x0, 0x7f, 0x4}, &(0x7f0000000080)=0x71, &(0x7f00000000c0)=0xc1, 0xb2ae, 0x7ff, 0x7, 0x6, 0x508, 0xfff, 0x3, 0xb, @raw=0x8, @raw=0x80000000}) setitimer$auto(0x9, &(0x7f00000001c0)={{0x0, 0x6}, {0x81, 0xd00}}, &(0x7f0000000200)={{0x8, 0xd9}, {0xf63}}) sendmsg$auto_NL802154_CMD_ABORT_SCAN(r0, &(0x7f0000001780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001740)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9b0e0000", @ANYRES16=r3, @ANYBLOB="920629bd7000fedbdf252400000005000800030000000c001700070000000000000018122f806800478008000600", @ANYRES32=r4, @ANYBLOB="04004980fd7da365a721b5d9c67aeed495cec22b4b50f3319cec2ff76f42261a12b85e3d1e7f53334b48d0260019b89ba7bfa949783d9ef89892b7b875ec2d8967d7baf5343121be8903c0d591f8bd0d95ba38865eb95781771c683d0800d48004003a801d05ee547f58147fae8e9625697ceeae848408d54819b588db8b0808512e2291cccd8b7cb121522f4c58f9e803a0cb2676b9e9d0799f72eef25c18d9933a47c15706fa350f5b654fbe3458e26b7c2189387414b6154599b6c12196e0618bd059c062b8890371c0228a5508fbea75bf3c152e082f70af0fc0c239cb7b82b354dcf1aed9519771bf42ab016b8aa9b3ccebf765869c9391f4b2fee058985ae0bce47b1b812c6d8715c07ffb7a0ec0e03e9c0b2dcb161ed8d2aab0276e1dfb2ea479143eaa45cc1616402439b0ccd44948a7eab44cc703caaa0f7a989e324812da74a495924bc5d716f9294f4cef58ce2d81db148d82ae4a76cee263a2f3fb8460907a4988004beec77edb21933b6354f736a385d76e071ae6a90a56439a2af81b8ce32b74a90e59b24e1dd68b07218c0f2e49fcf70ad65a54cced6fe7353260e6e7aa4f55e98c2e89caaeeb09e5935bccf03278d316e58d7c716e2576aaa46f868596a7cf9c6275c947f8b0b94a3f7dba3e791b15e6e0445a92cc464f21a932e7cdd35013013a903cdca1b1fea5ebf5044141497d3f23464f36990fe071770308694ec1aac98bbd76b1ca6cd57da8781791b79aa48a05bd5d825fb9b4a1225a8307b355826d802e071dc211954a5c3ec8895d77d9c57fca4f83a7344c93af1ec15434c72a53a90233030df83c03da69c8b43b1f8467e0939a414479427e8c44fd24f01e3aa79466a8b3ed61b7d63e44558690930223a80a9811f718bf8cd4f60bb0ab90b261d6ded4dbde3c7801242db8f11ddce8813ec89138acd72d0d7f3df54cedeeb9130753831f7bdafc9526c25adffa115fce84f98b83218b23d13dcf2aeaf521cc536ef90d2b00044bdf27921e0a099e7d17b518fda5d200b90b78620e870b0597c6083274a6ebc52f52c175585e87bc208da1ad7e2f39ba8a92df32b65b483b7f8d9b89950e6bf2f24bee998c41dd6277bf0f257437d2604d370878d2d7f46f23a8fcc5e0e8d768b59f17e1969936bb85f21c8fefc9578d8c18fdb01aba3836c871373f0dfa8412bff5477b0ab8baba63bde59eb531e3659096e3974d44cfbc4bf2eef553193dbf88035ecbe10852bb34597f671059db5b7eb205e3bd6ac43bd9ce3abe4abc4ba7e594d51c9df664f757b62b81ed4f747c6ec014ffa25d86b028ad5954c2ba87f8c786dbadbed1617a71675d7d2165831dcdf71a8652d5288211aabd4b7867a4b5c787253405cd70cd90d46e55a31882439f76d7431f02357d488b7167661a7c5e08db988891578403106e215dfe6216d3fb61b3a75c03addca5adbb2a772d1b429f1dedac23e8d41b52651a18fb0334e19d96bb741e22e9acffda34d86c6ce88bab8db5c3b74cf30a5603ed5758ac2f26895ed1ffaf69e949bdc083596c907a5533780d02f25b04b676ebb78775a70a648436f94fe458796484ef7b5b4f7f9eb9e3380ffb2904de744750af4c78b3d3f160aa5de1d2945ed529b5878684d36a71a6dbf0ce6d1be19e0158998941f2f1973b94b29771d1bd8f4b01b95e85fb47b17f4929dcb3dd7c0b180940f3960734ca7753cbd8d2afef9c2205ce06310fc73af30c3c700de3692aa6b9b4555d6f7f64419b7e31e5b15d232f67b242308154fb44c3a390343dde1dff8654039f12f2a96b87188dd57e453d1617c1a47d7a3c126921230d8656140dab29a646ae98b83e13dcec1896190aa16fc15f2743fb0880c1c429da7f28c166c4b4f2317e3f6da29623efc34bc2518ad15e3661fd44715e784bd42a5d372509d65e6d0289a54a05e812abc35e3a97834311754d95e099fcb073d08591c1bbf1239314f09321e0ecf0ecb1e2d31d74011c43168f344f1b8891788cf47b0850e4c845447650db61f789a48c0b88a552a90f3897a683c605b08d8210bd4f2b8c214d309f6e906860d84763e077208399c7fd06ff940dd3c6bccdd51eace0246b24f5a26ddf5f0d6b45edf9effadad21e42f9e078ff12a91665f817b71c274aa9b5d95be8a092a5fdc3bb58c246edbbed07cb59db17be270bb9304634d75f36f9b6a57495e30a00970a0a84a876e2afd926b868751ead524e80c63811f2e507e79a75dd160240c53fa7f6980848dcb5a509f2361c584cfa9d757d2eac801bcfc561f9f2bb35c313176dc02bf2302d0a13cbb79189e42fa4e7ea23d6bfceac3356e9e85e297051cac236936ce8eea87a6ebbcb586c805c7cad8b79a6af682ec628ca05099b6e3b6476a5e762773c5d64510da44c9fb107cb31956f96a67e678c5bc895c7bf0d4d8e2b89e786d2f416c98f1010c98ceeee2e214311575e097bfef7e018ac537747e1c527672bb7f1403ffa94d97d28f1b3ca7e1121dec75d15bb70209b9269baf1034052faabae29ede4d9f4b692b96e9bd9567d0ce535762369c605100b4d711ff2f1820dfb1e06874fd21bbc737bc7f2d13b8b1646f4b5594bda7fe06dbed38d2db78f1b4569f7a4432a16012720478394c0836b99283d85bbd3a58f4639bb6a3fa408fd96bc81ff610ddc79ba9738af0026818ee43979874218bff55dd8377de8e3fac610ee56e8b6d4c6aa47866c6b594a83fbbc46671669e1336fbd8aebc0c91e44af6869fa2b8051f9283c6b98b3adc2eef0bb8dd573836d286c114e285652d019a71a5a05b9fe109ed90a1455ede78adcfdb70c63b6d2bbb3a424b9200fcf1a122fc2393127f00014242e3b88c6636a569ff41f32f99123c2da1ef479cd14c108b6ade94f02676480583239ed80f6b3cdd40a68fe557a05262455014ad6fbb29de0ec5c55f9bd31c30c0fa05a45e5afbf572ca7ff2bf273c8bd2953dbd45e1728840640ce87788dd35f596cd17ca492afa7d36190414df90471eac7b2ec81577cdc2ee016f873c29efe6a5ef7e375f8d44f326e1bb8f817b2510f9ea139470a3005375a1b286069d0286a7c858acb68a933d802d35dcf5149a3c14ac632aa01401c0305231cbc72d3698b16d7e65d3f9b735ce984caf1e14aebe4712eacca1a831ae3ecbae0864f24baf5f67ecc3d3cf3ef67e8063810e7f9fc037b651fb01d1e48e5a5b4de258d860b10a5169cbc5b94b9df2a68f74fba061ebf9d77ec3d0952b917307c964b9ec70e79cffb44ffa9309e5d2c50dc5d30fa48183f867bac809a54a7fe7fc8e48a16f0b143f079f83fc3f53ff5d854f19e49705f86e73c0a0d17ea0f1de83f26864c45e61b06a5536f38064c635689f8982865c8135ed4bcf78c5a55fc4f751a42af972b58628c42ff636212a5037fbf79d2aa4bdc7de9d5f806cf6e39f56b8a14d426cdd6917374d32176f9ecb46702df493de63e0ab3415b83ee9ccfa71787e65271c408ce5af32e6dda45418bdef062021aa24780168a663c322fdde9e5d7cd5b05821d212fd34ca967535c73fdf8464482922d7366af380204ddbdd0bd0cd692408270e7bf6a3319da8f4dbc1dc058fd4495fb66dfbb010bfd22da55e84848e3428a585025ae2bf90d46eca30004740bd95da1254d1418514af962e64eedfc0a055d6d2d6e06887d52600ab55183982e3ba9d153c0940b6f852f701cc85406c277ace74d4ba761ac0b0a41177963e8606a3960e91a665b25e6f09b66beee79f15b9eb69455888acb97c35451c97b41670499762f5e3ee0e050bf689ec1b08285e14aa6216399944f32776e65e7de52d2fe79a8abef8b9d5827b7c8742df5d53fa3a9b7baaf45f002574f2d10f4108c583d3976f450b2700b9cba5b39fea18e606d799a2af60f5fb66ea04b95e1fd891f6aa4245669390352e0c26f85d466c86eaffe18b73fcf596bdb07b11aa00e567a548b49a292c1aa501de0b26a799094c2885a6ce1c31f577467e6a7a447ca9334c7b4b9051b403246dcfa01cd2a4f292e00cfdb6e63890808b833ff9bf636e6f90d80c28ddd8b24d163f814e9dadf0aa43fe0bf6e101b28c44eb098686c835b25821423d38a54f91bc43b86d863182bf7da3934a4e8c496fa83124078c3eee8c1099b253140d523de7396431c36539231184889ef289d01d51f4697bc905ff9f3e56832e32c70b07f5f505fad8b6e2a98b9197f4dff5fc4a4a48b0d516dc61e3b08b6088c77a6d24b58549fa32b36c02384959c02364f16d21d41bedaf9787338ab4af68300ef152f24a895b620f6d2afec413598ca3c5a7a4bcd77d788b4b00554ed08cbf89a524808aaaec9a28660c83e5c59a396c12e85955e6b915adb93af64d0db836c2a5b89a445cf8d7c152599b7e5d6e8d867ea999a396efec57093abc12d43421e9b8c0ce67604bca8ccc9267c7d6782f711a4ff60b0b532a933dc4f393b479f29112725e7290680b1b4669dafda644982b64e0762b1df87dcd72304557b5f82b90116e1f3e5f88f65c0f8ed1e77c89338c953753e7e4b95a0cf82cddbe99b4a83330c8605906360119621719fcdb57d8a8e1cbc89a068d81073ce95d119029ab45a85aa9440f1cb40e7b779dabe4b5d150172690faca6681f6d9dc4bcfac5fa40162f669185df7f8b7bfd5582526b591d953f48a6930d7c9573c8d02995ec2523689482311442a4cc5ef353af0ca7b711e99daa9836bba2da2edf9d01b451a95506ccca40f0986a32e83c0128fefbd292cce1ca29efdbb18b0534903ddb3b3f21dcb9cb5c0abe42658ede43aadae58211770767149890a4cbfe471db2c520fa43a261c1df131a2ec33ef565aaa61d0abe80858e0c8fce4d4b44e82e5268e07f89b4fc2b01637e09d6060624d430eac20bc109ce14f380eec64bba066ee104a61f5c9ab76e53672674aa73c1ae9a57ac66acf85b369df8cfe36cbca486c2a040d283a9e1f71079cbf03b6ba8cf06bdeb5f4a5508bcd5b8b5b929a9c115fff08c3339dfe5ff53c9dcbbb19fb50d46e9ed9741ec4fac294270de856fe3bdb43598cace159e99064098ebc00b82eaa9e3eb84e70c380d3f65af6aea99fc0ab8991e5ee335f5fe37d9e7d99a5263339db787f86bd8ea0cfecb91e2a621e84b1f82fbc1a8fc0572bea6fba75db521d17274067b7c560598d3e146f715933330b3a5dd1d64c00f12c261332b2bc7857a0b69b6bb7227f7204ba4740a56ed5a3686298a351a0a29d4dc1c4a6271dda0132850b8e7734e9764706244796ab1c8521773085e98cef04418b028bb90723683d564fbb8c45cfb672385115951f9adfdf53a81bd8dd1df853d1eaa844a0a6b7eeb0b23f6208b0b92d79855a31340c0242f8876ec752c49eeb5651e76b217c738de93285587af1e634be869ac3e7e7a9fa8906d20a4c8f1df1089530700f60eb07332bf27e78a9e3f01de510cb955dc9bed4397460992a078ff0aa696226474ba5515ae1fd04d45a2a49ff854775e0e5ef898f79e28d26a70eb7e560de0fba33ab779a09101f1a2987f3b3b6f702edfb6be97986e10fe8819da78ada5eb69433fd76bb7c7ba0e5846ce653b620ac9c93acbb4bebd883d67e7b8b6d75d465815593158bc5616e43319af8da85097021a7b4f687294a03eaaa123b3c8d258ad5ca2379a858065ffe288d5bc7b2702ae24fba4d0a79d1a863c0e8251494f4fb6a3531a00f802421cde6e538a69ef6d795cd35f6b95d8f34b8d6f11e06e5baa3814f10ff19438f644403c6fa42b6a30b985a93d84b284f03e1d71ca715d141fff2c15f754f6191800ff8fd8df6dc0c3a47dd051b40443d0c882afb8cdcf8d776225e359d8a3e29c124e7631b5c4cf3fe37a74aae249e7ffb54c986b815ba9f32d6c5447e630398b777f93b35c5ddb7cc3b958704f436ea69f8aa8d91827fb7aa301f5807f8ae2983ee774fbd8f6c99afcaf0c8f1fb53fd6b46efd67f153ad2a96734966b349997d7e2fa335dc2d1a64521c57f2c0ab350606b8d48df055e4eeeba6d77e826aaade668bdd104814b8e9417512a5ea08e8a7ef882830655a8b1ac511a687b3f65ca03da9ec2a7da435120c6cf0ba8b9eecdbcc0d8c8524185209268ab0fdd2555ad90d728a2c6418502c07e68858ed9760bbdd663d5b0d393d77e0eca640f7dccaae0eccfc214f781283ebf8853cad8264b8ca2e2368dc74aa25cedc5b59470d71e3cd3887c4180ee50004db502b77e7071c5807d238d0961d189781d52d99276ecc15e4b506d4017d578f1d06635dd28a732d8b2f772af844de8c872b24e151578e06cc30f126111bc20cd2252105fdb3a2ca1187169ae84252b12f1809b635c2ccf6ffe9f1d6fc00e435e409567a7822695aae7cbe1b55f5b5d72efb1aa634e66e922588c4f4ed73bfb2f6300f9547a9cbb57bffdc72f899bbe00a266af271b8c2f3e5231713572cf95e3e8a54a3f852021e8239fa4cf74085a04833ef83dde789dced96adf348d12cd3b09a27b2876a15c1c7e905003b00000000000005000f0002000000140004007665746830000000000000000000000008000e000e0000000c001700ff0f00000000000006000200280000000500290001000000"], 0x1280}, 0x1, 0x0, 0x0, 0x4880}, 0x800) close_range$auto(0x2, 0x8, 0x0) 2m43.038161263s ago: executing program 32 (id=3222): mmap$auto(0xffffffffffffffff, 0x2020006, 0x2, 0x800000000000eb1, 0xfffffffffffffffa, 0x8001) r0 = io_uring_setup$auto(0x82, 0x0) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) brk$auto(0x7fffffffefff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x200}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0xc840) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r1) msgctl$auto_MSG_INFO(0x454d, 0xc, &(0x7f0000000240)={{0x3f, 0x0, 0xffffffffffffffff, 0x9, 0x0, 0x7f, 0x4}, &(0x7f0000000080)=0x71, &(0x7f00000000c0)=0xc1, 0xb2ae, 0x7ff, 0x7, 0x6, 0x508, 0xfff, 0x3, 0xb, @raw=0x8, @raw=0x80000000}) setitimer$auto(0x9, &(0x7f00000001c0)={{0x0, 0x6}, {0x81, 0xd00}}, &(0x7f0000000200)={{0x8, 0xd9}, {0xf63}}) sendmsg$auto_NL802154_CMD_ABORT_SCAN(r0, &(0x7f0000001780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001740)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9b0e0000", @ANYRES16=r3, @ANYBLOB="920629bd7000fedbdf252400000005000800030000000c001700070000000000000018122f806800478008000600", @ANYRES32=r4, @ANYBLOB="04004980fd7da365a721b5d9c67aeed495cec22b4b50f3319cec2ff76f42261a12b85e3d1e7f53334b48d0260019b89ba7bfa949783d9ef89892b7b875ec2d8967d7baf5343121be8903c0d591f8bd0d95ba38865eb95781771c683d0800d48004003a801d05ee547f58147fae8e9625697ceeae848408d54819b588db8b0808512e2291cccd8b7cb121522f4c58f9e803a0cb2676b9e9d0799f72eef25c18d9933a47c15706fa350f5b654fbe3458e26b7c2189387414b6154599b6c12196e0618bd059c062b8890371c0228a5508fbea75bf3c152e082f70af0fc0c239cb7b82b354dcf1aed9519771bf42ab016b8aa9b3ccebf765869c9391f4b2fee058985ae0bce47b1b812c6d8715c07ffb7a0ec0e03e9c0b2dcb161ed8d2aab0276e1dfb2ea479143eaa45cc1616402439b0ccd44948a7eab44cc703caaa0f7a989e324812da74a495924bc5d716f9294f4cef58ce2d81db148d82ae4a76cee263a2f3fb8460907a4988004beec77edb21933b6354f736a385d76e071ae6a90a56439a2af81b8ce32b74a90e59b24e1dd68b07218c0f2e49fcf70ad65a54cced6fe7353260e6e7aa4f55e98c2e89caaeeb09e5935bccf03278d316e58d7c716e2576aaa46f868596a7cf9c6275c947f8b0b94a3f7dba3e791b15e6e0445a92cc464f21a932e7cdd35013013a903cdca1b1fea5ebf5044141497d3f23464f36990fe071770308694ec1aac98bbd76b1ca6cd57da8781791b79aa48a05bd5d825fb9b4a1225a8307b355826d802e071dc211954a5c3ec8895d77d9c57fca4f83a7344c93af1ec15434c72a53a90233030df83c03da69c8b43b1f8467e0939a414479427e8c44fd24f01e3aa79466a8b3ed61b7d63e44558690930223a80a9811f718bf8cd4f60bb0ab90b261d6ded4dbde3c7801242db8f11ddce8813ec89138acd72d0d7f3df54cedeeb9130753831f7bdafc9526c25adffa115fce84f98b83218b23d13dcf2aeaf521cc536ef90d2b00044bdf27921e0a099e7d17b518fda5d200b90b78620e870b0597c6083274a6ebc52f52c175585e87bc208da1ad7e2f39ba8a92df32b65b483b7f8d9b89950e6bf2f24bee998c41dd6277bf0f257437d2604d370878d2d7f46f23a8fcc5e0e8d768b59f17e1969936bb85f21c8fefc9578d8c18fdb01aba3836c871373f0dfa8412bff5477b0ab8baba63bde59eb531e3659096e3974d44cfbc4bf2eef553193dbf88035ecbe10852bb34597f671059db5b7eb205e3bd6ac43bd9ce3abe4abc4ba7e594d51c9df664f757b62b81ed4f747c6ec014ffa25d86b028ad5954c2ba87f8c786dbadbed1617a71675d7d2165831dcdf71a8652d5288211aabd4b7867a4b5c787253405cd70cd90d46e55a31882439f76d7431f02357d488b7167661a7c5e08db988891578403106e215dfe6216d3fb61b3a75c03addca5adbb2a772d1b429f1dedac23e8d41b52651a18fb0334e19d96bb741e22e9acffda34d86c6ce88bab8db5c3b74cf30a5603ed5758ac2f26895ed1ffaf69e949bdc083596c907a5533780d02f25b04b676ebb78775a70a648436f94fe458796484ef7b5b4f7f9eb9e3380ffb2904de744750af4c78b3d3f160aa5de1d2945ed529b5878684d36a71a6dbf0ce6d1be19e0158998941f2f1973b94b29771d1bd8f4b01b95e85fb47b17f4929dcb3dd7c0b180940f3960734ca7753cbd8d2afef9c2205ce06310fc73af30c3c700de3692aa6b9b4555d6f7f64419b7e31e5b15d232f67b242308154fb44c3a390343dde1dff8654039f12f2a96b87188dd57e453d1617c1a47d7a3c126921230d8656140dab29a646ae98b83e13dcec1896190aa16fc15f2743fb0880c1c429da7f28c166c4b4f2317e3f6da29623efc34bc2518ad15e3661fd44715e784bd42a5d372509d65e6d0289a54a05e812abc35e3a97834311754d95e099fcb073d08591c1bbf1239314f09321e0ecf0ecb1e2d31d74011c43168f344f1b8891788cf47b0850e4c845447650db61f789a48c0b88a552a90f3897a683c605b08d8210bd4f2b8c214d309f6e906860d84763e077208399c7fd06ff940dd3c6bccdd51eace0246b24f5a26ddf5f0d6b45edf9effadad21e42f9e078ff12a91665f817b71c274aa9b5d95be8a092a5fdc3bb58c246edbbed07cb59db17be270bb9304634d75f36f9b6a57495e30a00970a0a84a876e2afd926b868751ead524e80c63811f2e507e79a75dd160240c53fa7f6980848dcb5a509f2361c584cfa9d757d2eac801bcfc561f9f2bb35c313176dc02bf2302d0a13cbb79189e42fa4e7ea23d6bfceac3356e9e85e297051cac236936ce8eea87a6ebbcb586c805c7cad8b79a6af682ec628ca05099b6e3b6476a5e762773c5d64510da44c9fb107cb31956f96a67e678c5bc895c7bf0d4d8e2b89e786d2f416c98f1010c98ceeee2e214311575e097bfef7e018ac537747e1c527672bb7f1403ffa94d97d28f1b3ca7e1121dec75d15bb70209b9269baf1034052faabae29ede4d9f4b692b96e9bd9567d0ce535762369c605100b4d711ff2f1820dfb1e06874fd21bbc737bc7f2d13b8b1646f4b5594bda7fe06dbed38d2db78f1b4569f7a4432a16012720478394c0836b99283d85bbd3a58f4639bb6a3fa408fd96bc81ff610ddc79ba9738af0026818ee43979874218bff55dd8377de8e3fac610ee56e8b6d4c6aa47866c6b594a83fbbc46671669e1336fbd8aebc0c91e44af6869fa2b8051f9283c6b98b3adc2eef0bb8dd573836d286c114e285652d019a71a5a05b9fe109ed90a1455ede78adcfdb70c63b6d2bbb3a424b9200fcf1a122fc2393127f00014242e3b88c6636a569ff41f32f99123c2da1ef479cd14c108b6ade94f02676480583239ed80f6b3cdd40a68fe557a05262455014ad6fbb29de0ec5c55f9bd31c30c0fa05a45e5afbf572ca7ff2bf273c8bd2953dbd45e1728840640ce87788dd35f596cd17ca492afa7d36190414df90471eac7b2ec81577cdc2ee016f873c29efe6a5ef7e375f8d44f326e1bb8f817b2510f9ea139470a3005375a1b286069d0286a7c858acb68a933d802d35dcf5149a3c14ac632aa01401c0305231cbc72d3698b16d7e65d3f9b735ce984caf1e14aebe4712eacca1a831ae3ecbae0864f24baf5f67ecc3d3cf3ef67e8063810e7f9fc037b651fb01d1e48e5a5b4de258d860b10a5169cbc5b94b9df2a68f74fba061ebf9d77ec3d0952b917307c964b9ec70e79cffb44ffa9309e5d2c50dc5d30fa48183f867bac809a54a7fe7fc8e48a16f0b143f079f83fc3f53ff5d854f19e49705f86e73c0a0d17ea0f1de83f26864c45e61b06a5536f38064c635689f8982865c8135ed4bcf78c5a55fc4f751a42af972b58628c42ff636212a5037fbf79d2aa4bdc7de9d5f806cf6e39f56b8a14d426cdd6917374d32176f9ecb46702df493de63e0ab3415b83ee9ccfa71787e65271c408ce5af32e6dda45418bdef062021aa24780168a663c322fdde9e5d7cd5b05821d212fd34ca967535c73fdf8464482922d7366af380204ddbdd0bd0cd692408270e7bf6a3319da8f4dbc1dc058fd4495fb66dfbb010bfd22da55e84848e3428a585025ae2bf90d46eca30004740bd95da1254d1418514af962e64eedfc0a055d6d2d6e06887d52600ab55183982e3ba9d153c0940b6f852f701cc85406c277ace74d4ba761ac0b0a41177963e8606a3960e91a665b25e6f09b66beee79f15b9eb69455888acb97c35451c97b41670499762f5e3ee0e050bf689ec1b08285e14aa6216399944f32776e65e7de52d2fe79a8abef8b9d5827b7c8742df5d53fa3a9b7baaf45f002574f2d10f4108c583d3976f450b2700b9cba5b39fea18e606d799a2af60f5fb66ea04b95e1fd891f6aa4245669390352e0c26f85d466c86eaffe18b73fcf596bdb07b11aa00e567a548b49a292c1aa501de0b26a799094c2885a6ce1c31f577467e6a7a447ca9334c7b4b9051b403246dcfa01cd2a4f292e00cfdb6e63890808b833ff9bf636e6f90d80c28ddd8b24d163f814e9dadf0aa43fe0bf6e101b28c44eb098686c835b25821423d38a54f91bc43b86d863182bf7da3934a4e8c496fa83124078c3eee8c1099b253140d523de7396431c36539231184889ef289d01d51f4697bc905ff9f3e56832e32c70b07f5f505fad8b6e2a98b9197f4dff5fc4a4a48b0d516dc61e3b08b6088c77a6d24b58549fa32b36c02384959c02364f16d21d41bedaf9787338ab4af68300ef152f24a895b620f6d2afec413598ca3c5a7a4bcd77d788b4b00554ed08cbf89a524808aaaec9a28660c83e5c59a396c12e85955e6b915adb93af64d0db836c2a5b89a445cf8d7c152599b7e5d6e8d867ea999a396efec57093abc12d43421e9b8c0ce67604bca8ccc9267c7d6782f711a4ff60b0b532a933dc4f393b479f29112725e7290680b1b4669dafda644982b64e0762b1df87dcd72304557b5f82b90116e1f3e5f88f65c0f8ed1e77c89338c953753e7e4b95a0cf82cddbe99b4a83330c8605906360119621719fcdb57d8a8e1cbc89a068d81073ce95d119029ab45a85aa9440f1cb40e7b779dabe4b5d150172690faca6681f6d9dc4bcfac5fa40162f669185df7f8b7bfd5582526b591d953f48a6930d7c9573c8d02995ec2523689482311442a4cc5ef353af0ca7b711e99daa9836bba2da2edf9d01b451a95506ccca40f0986a32e83c0128fefbd292cce1ca29efdbb18b0534903ddb3b3f21dcb9cb5c0abe42658ede43aadae58211770767149890a4cbfe471db2c520fa43a261c1df131a2ec33ef565aaa61d0abe80858e0c8fce4d4b44e82e5268e07f89b4fc2b01637e09d6060624d430eac20bc109ce14f380eec64bba066ee104a61f5c9ab76e53672674aa73c1ae9a57ac66acf85b369df8cfe36cbca486c2a040d283a9e1f71079cbf03b6ba8cf06bdeb5f4a5508bcd5b8b5b929a9c115fff08c3339dfe5ff53c9dcbbb19fb50d46e9ed9741ec4fac294270de856fe3bdb43598cace159e99064098ebc00b82eaa9e3eb84e70c380d3f65af6aea99fc0ab8991e5ee335f5fe37d9e7d99a5263339db787f86bd8ea0cfecb91e2a621e84b1f82fbc1a8fc0572bea6fba75db521d17274067b7c560598d3e146f715933330b3a5dd1d64c00f12c261332b2bc7857a0b69b6bb7227f7204ba4740a56ed5a3686298a351a0a29d4dc1c4a6271dda0132850b8e7734e9764706244796ab1c8521773085e98cef04418b028bb90723683d564fbb8c45cfb672385115951f9adfdf53a81bd8dd1df853d1eaa844a0a6b7eeb0b23f6208b0b92d79855a31340c0242f8876ec752c49eeb5651e76b217c738de93285587af1e634be869ac3e7e7a9fa8906d20a4c8f1df1089530700f60eb07332bf27e78a9e3f01de510cb955dc9bed4397460992a078ff0aa696226474ba5515ae1fd04d45a2a49ff854775e0e5ef898f79e28d26a70eb7e560de0fba33ab779a09101f1a2987f3b3b6f702edfb6be97986e10fe8819da78ada5eb69433fd76bb7c7ba0e5846ce653b620ac9c93acbb4bebd883d67e7b8b6d75d465815593158bc5616e43319af8da85097021a7b4f687294a03eaaa123b3c8d258ad5ca2379a858065ffe288d5bc7b2702ae24fba4d0a79d1a863c0e8251494f4fb6a3531a00f802421cde6e538a69ef6d795cd35f6b95d8f34b8d6f11e06e5baa3814f10ff19438f644403c6fa42b6a30b985a93d84b284f03e1d71ca715d141fff2c15f754f6191800ff8fd8df6dc0c3a47dd051b40443d0c882afb8cdcf8d776225e359d8a3e29c124e7631b5c4cf3fe37a74aae249e7ffb54c986b815ba9f32d6c5447e630398b777f93b35c5ddb7cc3b958704f436ea69f8aa8d91827fb7aa301f5807f8ae2983ee774fbd8f6c99afcaf0c8f1fb53fd6b46efd67f153ad2a96734966b349997d7e2fa335dc2d1a64521c57f2c0ab350606b8d48df055e4eeeba6d77e826aaade668bdd104814b8e9417512a5ea08e8a7ef882830655a8b1ac511a687b3f65ca03da9ec2a7da435120c6cf0ba8b9eecdbcc0d8c8524185209268ab0fdd2555ad90d728a2c6418502c07e68858ed9760bbdd663d5b0d393d77e0eca640f7dccaae0eccfc214f781283ebf8853cad8264b8ca2e2368dc74aa25cedc5b59470d71e3cd3887c4180ee50004db502b77e7071c5807d238d0961d189781d52d99276ecc15e4b506d4017d578f1d06635dd28a732d8b2f772af844de8c872b24e151578e06cc30f126111bc20cd2252105fdb3a2ca1187169ae84252b12f1809b635c2ccf6ffe9f1d6fc00e435e409567a7822695aae7cbe1b55f5b5d72efb1aa634e66e922588c4f4ed73bfb2f6300f9547a9cbb57bffdc72f899bbe00a266af271b8c2f3e5231713572cf95e3e8a54a3f852021e8239fa4cf74085a04833ef83dde789dced96adf348d12cd3b09a27b2876a15c1c7e905003b00000000000005000f0002000000140004007665746830000000000000000000000008000e000e0000000c001700ff0f00000000000006000200280000000500290001000000"], 0x1280}, 0x1, 0x0, 0x0, 0x4880}, 0x800) close_range$auto(0x2, 0x8, 0x0) 2m28.545925249s ago: executing program 0 (id=3343): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = socket(0x2b, 0x1, 0x1) setsockopt$auto_SO_BSDCOMPAT(r1, 0x6, 0xe, &(0x7f0000000000), 0x80001) 2m28.368603299s ago: executing program 0 (id=3345): socket(0x2, 0x2, 0x88) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7ffff7ffefff}, 0x8000000000000001) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r0, 0xae03, 0xdb) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/trace\x00', 0x705040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0xffd8) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) 2m27.775750673s ago: executing program 0 (id=3346): unshare$auto(0x401) mmap$auto(0x0, 0x2, 0x1000003, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x9) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @private=0xa010101}, 0x54) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0xfffffe36) 2m26.834138342s ago: executing program 0 (id=3347): openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x40000, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_MACSEC_CMD_GET_TXSC(r0, 0x0, 0x40080c4) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x2, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x141000, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, &(0x7f0000000000)={0x3, 0x1, 0x80000000, 0x70, 0x9, 0x1}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 2m25.900494444s ago: executing program 0 (id=3353): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) 2m24.017845061s ago: executing program 0 (id=3370): close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) finit_module$auto(0xffffffffffffffff, 0x0, 0x800) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/nfc/nfc1/rfkill1/soft\x00', 0xa3182, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) unshare$auto(0x3) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20100, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x6, 0x0) sendfile$auto(r0, r0, 0x0, 0xffffffff) 2m22.75544041s ago: executing program 1 (id=3365): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/9p/caches\x00', 0x103280, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000006380), 0x101101, 0x0) socket(0x2, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010300000000ffdbdf250100000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) read$auto(r0, &(0x7f00000004c0)=':)%-\x00', 0x1) 2m22.539320339s ago: executing program 1 (id=3367): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0x5, 0x5, 0xff, 0xac1, 0x5, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x800, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) clone$auto(0x20003b4a, 0x2, 0x0, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram0/queue/nomerges\x00', 0xe3102, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="0100"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m22.405142069s ago: executing program 1 (id=3368): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0002, 0x19) renameat$auto(r0, 0x0, r0, 0x0) socket(0x2c, 0x3, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x2) pidfd_getfd$auto(0x3, 0x1, 0x100000000) 2m20.56214631s ago: executing program 1 (id=3380): prctl$auto_PR_SET_TIMERSLACK(0x1d, 0x0, 0x3, 0x0, 0xfa) r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x1, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) r1 = open(&(0x7f0000000000)='./file0\x00', 0x101800, 0xbf) r2 = socket(0x2, 0x3, 0x100) splice$auto(r1, 0x0, r2, 0x0, 0x7fffffffffffffff, 0x9) writev$auto(r0, &(0x7f00000000c0)={&(0x7f0000000080)='@', 0x1292}, 0x4) r3 = socket(0xa, 0x3, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) clock_nanosleep$auto(0xb, 0xa000001c, 0x0, 0xffffffffffffffff) sendmmsg$auto(r3, &(0x7f0000000000)={{&(0x7f0000000040), 0xc88, 0x0, 0x0, &(0x7f00000000c0), 0x8, 0x200}, 0x5}, 0x3b8b, 0x800) flock$auto(r3, 0x800) 2m8.852155163s ago: executing program 33 (id=3370): close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) finit_module$auto(0xffffffffffffffff, 0x0, 0x800) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/nfc/nfc1/rfkill1/soft\x00', 0xa3182, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) unshare$auto(0x3) syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20100, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x6, 0x0) sendfile$auto(r0, r0, 0x0, 0xffffffff) 2m8.810936681s ago: executing program 1 (id=3385): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) 2m7.921742613s ago: executing program 1 (id=3388): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x801, 0x106) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) read$auto_stats_fops_(0xffffffffffffffff, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 2m5.800856591s ago: executing program 3 (id=3392): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) sendmsg$auto_NET_SHAPER_CMD_CAP_GET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x1, 0x70bdad, 0x25dfdbfb, {}, [@NET_SHAPER_A_CAPS_SCOPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4c880) r0 = gettid() r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video11\x00', 0x280, 0x0) ioctl$auto_v4l2_fops_v4l2_dev(r1, 0x80085617, 0x0) waitid$auto_P_PGID(0x2, r0, &(0x7f00000000c0)={@_si_pad}, 0x5, &(0x7f0000000240)={{0x7, 0x4}, {0x49, 0x8}, 0x7ff, 0x6, 0x0, 0xfff, 0x4, 0x44b, 0x3, 0x3, 0x587, 0x1200000000000000, 0xfffffffffffffff9, 0x8, 0xa3c, 0xa4}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_to_team\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4], 0x28}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) 2m5.090555342s ago: executing program 3 (id=3395): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x2000040080000004, 0xe) socket$auto(0x80000000, 0x497e, 0x6) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0) ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0) ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) write$auto(r0, 0x0, 0x10007c) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x00\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x11b5f095) socket$nl_generic(0x10, 0x3, 0x10) 2m3.208905055s ago: executing program 3 (id=3407): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x1, 0x84) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x211}, 0x7) semctl$auto(0x7, 0x6, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xa13, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0xff00) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 2m1.960804023s ago: executing program 3 (id=3402): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/boot_params/data\x00', 0x2c40, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xa) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x80000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x101100, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/cifs/open_files\x00', 0xd00, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r1) 2m0.139953426s ago: executing program 3 (id=3404): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) getxattrat$auto(r0, &(0x7f0000000000)='&&\x00', 0x47d, 0x0, 0x0, 0x1ff) r1 = gettid() process_vm_readv$auto(r1, 0x0, 0x3, 0x0, 0xbd, 0x101) mprotect$auto(0x0, 0x8000000000000001, 0x8) 1m58.769853344s ago: executing program 3 (id=3406): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) bind$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r1, 0x3a, 0x1, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x0, 0x100, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x40804) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4fc9, &(0x7f00000002c0)={0x0, 0xff8c}, 0x5, 0x0, 0x4, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) 1m52.812565865s ago: executing program 34 (id=3388): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x801, 0x106) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) read$auto_stats_fops_(0xffffffffffffffff, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 1m43.266927316s ago: executing program 35 (id=3406): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) bind$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r1, 0x3a, 0x1, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x0, 0x100, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x40804) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4fc9, &(0x7f00000002c0)={0x0, 0xff8c}, 0x5, 0x0, 0x4, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) 8.981281152s ago: executing program 6 (id=3784): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) 7.16117768s ago: executing program 6 (id=3788): unshare$auto(0x40000080) r0 = socket(0xa, 0x3, 0x101) setsockopt$auto(r0, 0x29, 0x2, 0x0, 0x5) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r1, 0x8000) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec25\x00', 0x101901, 0x0) mlock$auto(0x7c88, 0x7fff) socket$nl_generic(0x10, 0x3, 0x10) 6.734499263s ago: executing program 5 (id=3792): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000100)={0x0, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0xe63c, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c2, 0x8000c, 0x100000004}}) prctl$auto(0x3e, 0x9, 0x0, 0x0, 0x10) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x44c412e, 0x40eb2, 0xffffffffffffffff, 0x308000020000) write$auto(0xffffffffffffffff, 0x0, 0x8000007f) sendfile$auto(0x3, 0xffffffffffffffff, 0x0, 0x400000000006) 6.34707228s ago: executing program 4 (id=3795): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/ieee80211/phy1/hwsim/ps\x00', 0x240, 0x0) lseek$auto(0x3, 0xffffffffff800002, 0x10) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) unshare$auto(0x40000080) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900), 0x0) 5.428370183s ago: executing program 5 (id=3797): mlockall$auto(0x7) socket(0x2, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) ioctl$auto(0x3, 0x80108907, 0x38) socket(0xa, 0x3, 0x3a) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r0, 0x8000) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) 5.425306459s ago: executing program 6 (id=3798): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r0 = socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x19, 0x0, 0x9, 0x0, 0x1f, 0x3}, 0x4}, 0x7, 0x20020004) write$auto(0x3, 0x0, 0x7fffffff) io_uring_setup$auto(0x5, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 4.934708823s ago: executing program 7 (id=3799): msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x9, 0x0) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) readv$auto(r0, &(0x7f0000000a80)={0x0, 0x3}, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) io_uring_setup$auto(0xa9, 0x0) timer_create$auto(0x2, 0x0, 0x0) r1 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f00000002c0), 0x20001, 0x0) writev$auto(r1, &(0x7f0000001c80)={0x0, 0x101}, 0x6) 4.67033766s ago: executing program 4 (id=3800): socket(0x10, 0x2, 0x4) socket(0x1d, 0x2, 0x7) socket(0x2, 0x1, 0x0) r0 = open(&(0x7f0000000240)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0xa6) open_by_handle_at$auto(r0, &(0x7f0000000040)={0x8, 0x2, '\a\x00\x00\x00\x00\x00\x00\x00'}, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/loop8\x00', 0x28e80, 0x0) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r1, 0x92106405, r1) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video67\x00', 0x169000, 0x0) ioctl$auto(r2, 0xc0285628, r2) 4.093634168s ago: executing program 6 (id=3801): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) setresuid$auto(0x8, 0x8, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40) sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x48000}, 0x800) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/pfkey\x00', 0x8040, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, 0x0, 0x0) read$auto_proc_pid_set_comm_operations_base(0xffffffffffffffff, &(0x7f0000000300)=""/154, 0x9a) 3.968928759s ago: executing program 5 (id=3802): landlock_add_rule$auto(0xffffffffffffffff, 0x2, 0x0, 0x9) mmap$auto(0x0, 0x2020089, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff) 3.963899983s ago: executing program 4 (id=3803): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_show_traces_fops_trace(0xffffffffffffff9c, 0x0, 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xb}, 0x800008}, 0x5, 0x20000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x2, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(r1, 0x8, 0x0) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) 3.791006684s ago: executing program 7 (id=3804): unshare$auto(0x8000000) semtimedop$auto(0xfffffffe, 0x0, 0x1f1, 0x0) bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, 0x0, 0xfffffffe) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0) ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x9, 0x7, 0x8000000008011, 0x3, 0x8000) mprotect$auto(0x200000000000, 0x806122, 0xc) ioprio_set$auto(0x2, 0x800000000, 0x8) unshare$auto(0x40000080) 3.042204168s ago: executing program 4 (id=3805): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x0, 0x4, 0x0, 0x0, 0x0, 0x400000) writev$auto(0xffffffffffffffff, 0x0, 0x3) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) shmctl$auto_SHM_STAT_ANY(0x200, 0xf, &(0x7f0000000300)={{0x8, 0xffffffffffffffff, 0xee00, 0x2, 0x7, 0x8, 0x7}, 0xfc61, 0x3, 0x8, 0x0, @inferred=0xffffffffffffffff, @inferred, 0x0, 0x0, 0x0, &(0x7f0000000200)="d6945f865c39e9f502e5b3f53791ce4f894a2a28b48bfb2044e1cdc414ecd84daeeeb4d59a415d83bc9e726bd020b5274c3ef5b6b3fe04748f5a35edaaf4f837dc8e17f603d269b0562c"}) clone3$auto(0x0, 0x5) sendmsg$auto_TIPC_NL_MEDIA_GET(r0, 0x0, 0x24040015) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_urandom_fops_random(0xffffffffffffff9c, 0x0, 0x20400, 0x0) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/016/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240), 0xc694, 0x3, 0x80005, @stream_id=0x9, 0x2004b, 0xd, 0x0}) ioctl$auto_USBDEVFS_REAPURBNDELAY(r1, 0x4008550d, 0x0) 2.83080021s ago: executing program 5 (id=3806): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0xffff}, 0x5, 0x20000043) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyv8\x00', 0x20d00, 0x0) socket(0x15, 0x5, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7a142c64, 0x6d3c, 0x5, 0x80, 0xfb]}, 0x0) shutdown$auto(0x200000003, 0x2) 2.691246846s ago: executing program 7 (id=3807): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x24044010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x2003}}, 0x0) sysfs$auto(0x2, 0x1f, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x101d0, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.536834697s ago: executing program 4 (id=3808): madvise$auto(0x110c230000, 0x8031ca, 0x9) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x8100000041, 0x413e) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) syz_clone3(0x0, 0x0) r0 = open(0x0, 0x22240, 0x154) fcntl$auto(r0, 0x400, 0x1) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x3) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) 2.346161139s ago: executing program 6 (id=3809): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = socket(0xa, 0x3, 0x3a) close$auto(r1) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r1, 0x8, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r2 = open(0x0, 0x0, 0x408) getdents$auto(r2, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) 2.278184428s ago: executing program 7 (id=3810): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x5, 0x84) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(r0, 0x10000000084, 0x23, 0x0, 0x8) 1.847104295s ago: executing program 7 (id=3811): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r1 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x400, 0x0) preadv2$auto(r1, &(0x7f0000000280)={0x0, 0x80000000}, 0x3, 0x40000000003, 0x4, 0x2a) r2 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto_ftrace_subsystem_filter_fops_trace_events(r2, &(0x7f0000000140)="8f0447fef2afea7e35a0274f508a73119aff3bc0528f45fd27fea1bb4baa95f757cf9e57a14e04353736f4a23ce2a531c678ed7d6d28d43aaea2a69abe3e93453380adf35653f5875227ce319330afe5e4cc7601a8eccbb3729f9869ca35edaf6343e41fe91304ef53273ed0cc2dfe7bfe60f2c9fa95fc93cc906a80aec437a39cd0672a169c151550a062a76e472626", 0x90) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/personality\x00', 0x2, 0x0) read$auto_proc_single_file_operations_base(r4, &(0x7f0000000040)=""/228, 0xe4) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r3, 0x8000) mprotect$auto(0x1000, 0x401000, 0x4) 944.132519ms ago: executing program 6 (id=3812): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) mlockall$auto(0x800000000000005) 938.844552ms ago: executing program 5 (id=3820): openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000040), 0x48080, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x60d02, 0x0) write$auto(0x3, 0x0, 0xfdef) mknod$auto(&(0x7f0000000900)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x4, 0x407) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x81, 0x0, &(0x7f0000000000)=0x9b) lstat$auto(&(0x7f0000000540)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) ioctl$auto(0x3, 0x5420, 0x38) read$auto(r0, 0x0, 0x73) 826.344107ms ago: executing program 4 (id=3813): r0 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000000), 0x8200, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 249.482859ms ago: executing program 7 (id=3814): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r0 = pipe2$auto(0x0, 0x80) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(r0, 0x5761, 0x4) mmap$auto(0x0, 0xfffffffffffffffd, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8000) r1 = socket(0x22, 0x2, 0x3) mmap$auto(0x100000000000000, 0x2009, 0x9, 0x10000000eb1, r1, 0x3) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) mq_open$auto(0x0, 0xffffffff, 0xa, 0x0) setuid$auto(0xe) mq_unlink$auto(0x0) 0s ago: executing program 5 (id=3815): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) kernel console output (not intermixed with test programs): _node+0xd2/0x9f0 [ 699.331089][T15972] ? __pfx___kernfs_new_node+0x10/0x10 [ 699.331136][T15972] ? find_held_lock+0x2b/0x80 [ 699.331181][T15972] ? kernfs_root+0xee/0x2a0 [ 699.331216][T15972] ? kernfs_root+0xee/0x2a0 [ 699.331259][T15972] kernfs_new_node+0x11b/0x1a0 [ 699.331307][T15972] __kernfs_create_file+0x53/0x350 [ 699.331364][T15972] sysfs_add_file_mode_ns+0x207/0x3c0 [ 699.331409][T15972] sysfs_merge_group+0x194/0x340 [ 699.331449][T15972] ? __pfx_sysfs_merge_group+0x10/0x10 [ 699.331487][T15972] ? bus_add_device+0x368/0x6b0 [ 699.331525][T15972] ? __pfx_bus_add_device+0x10/0x10 [ 699.331557][T15972] ? __pfx_dev_add_physical_location+0x10/0x10 [ 699.331616][T15972] dpm_sysfs_add+0x237/0x280 [ 699.331664][T15972] device_add+0x9ef/0x1950 [ 699.331715][T15972] ? __pfx_device_add+0x10/0x10 [ 699.331759][T15972] ? lockdep_init_map_type+0x5c/0x250 [ 699.331796][T15972] ? __init_waitqueue_head+0xca/0x150 [ 699.331847][T15972] rfkill_register+0x1ad/0xb30 [ 699.331897][T15972] nfc_register_device+0x11f/0x3e0 [ 699.331965][T15972] nci_register_device+0x7f1/0xb80 [ 699.332013][T15972] ? __pfx_nci_register_device+0x10/0x10 [ 699.332064][T15972] ? lockdep_init_map_type+0x5c/0x250 [ 699.332107][T15972] virtual_ncidev_open+0x141/0x220 [ 699.332165][T15972] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 699.332220][T15972] misc_open+0x26d/0x450 [ 699.332266][T15972] ? __pfx_misc_open+0x10/0x10 [ 699.332311][T15972] chrdev_open+0x234/0x6a0 [ 699.332353][T15972] ? __pfx_apparmor_file_open+0x10/0x10 [ 699.332387][T15972] ? __pfx_chrdev_open+0x10/0x10 [ 699.332434][T15972] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 699.332489][T15972] do_dentry_open+0x6d8/0x1660 [ 699.332527][T15972] ? __pfx_chrdev_open+0x10/0x10 [ 699.332579][T15972] vfs_open+0x82/0x3f0 [ 699.332634][T15972] path_openat+0x208c/0x31a0 [ 699.332692][T15972] ? __pfx_path_openat+0x10/0x10 [ 699.332759][T15972] do_file_open+0x20e/0x430 [ 699.332807][T15972] ? __pfx_do_file_open+0x10/0x10 [ 699.332884][T15972] ? alloc_fd+0x476/0x790 [ 699.332945][T15972] ? do_getname+0x191/0x390 [ 699.333000][T15972] do_sys_openat2+0x10d/0x1e0 [ 699.333054][T15972] ? __pfx_do_sys_openat2+0x10/0x10 [ 699.333111][T15972] ? __fget_files+0x21f/0x3d0 [ 699.333159][T15972] __x64_sys_openat+0x12d/0x210 [ 699.333213][T15972] ? __pfx___x64_sys_openat+0x10/0x10 [ 699.333274][T15972] ? rcu_is_watching+0x12/0xc0 [ 699.333322][T15972] do_syscall_64+0x10b/0xf80 [ 699.333371][T15972] ? clear_bhb_loop+0x40/0x90 [ 699.333410][T15972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.333441][T15972] RIP: 0033:0x7f5d5859ce59 [ 699.333466][T15972] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 699.333499][T15972] RSP: 002b:00007f5d5947b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 699.333530][T15972] RAX: ffffffffffffffda RBX: 00007f5d58816180 RCX: 00007f5d5859ce59 [ 699.333549][T15972] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 699.333570][T15972] RBP: 00007f5d58632d6f R08: 0000000000000000 R09: 0000000000000000 [ 699.333590][T15972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 699.333609][T15972] R13: 00007f5d58816218 R14: 00007f5d58816180 R15: 00007ffd2a29d298 [ 699.333651][T15972] [ 700.539494][T15996] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3071'. [ 700.936355][T16002] random: crng reseeded on system resumption [ 700.953635][T16000] netlink: 202 bytes leftover after parsing attributes in process `syz.0.3074'. [ 701.996701][T16018] FAULT_INJECTION: forcing a failure. [ 701.996701][T16018] name failslab, interval 1, probability 0, space 0, times 0 [ 702.023917][T16018] CPU: 1 UID: 0 PID: 16018 Comm: syz.2.3078 Tainted: G L syzkaller #0 PREEMPT(full) [ 702.023974][T16018] Tainted: [L]=SOFTLOCKUP [ 702.023986][T16018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 702.024007][T16018] Call Trace: [ 702.024017][T16018] [ 702.024030][T16018] dump_stack_lvl+0x100/0x190 [ 702.024074][T16018] should_fail_ex.cold+0x5/0xa [ 702.024117][T16018] should_failslab+0xc2/0x120 [ 702.024158][T16018] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 702.024212][T16018] ? __kernfs_new_node+0xd2/0x9f0 [ 702.024259][T16018] __kernfs_new_node+0xd2/0x9f0 [ 702.024317][T16018] ? __pfx___kernfs_new_node+0x10/0x10 [ 702.024367][T16018] ? find_held_lock+0x2b/0x80 [ 702.024413][T16018] ? kernfs_root+0xee/0x2a0 [ 702.024448][T16018] ? kernfs_root+0xee/0x2a0 [ 702.024495][T16018] kernfs_new_node+0x11b/0x1a0 [ 702.024545][T16018] __kernfs_create_file+0x53/0x350 [ 702.024602][T16018] sysfs_add_file_mode_ns+0x207/0x3c0 [ 702.024648][T16018] sysfs_merge_group+0x194/0x340 [ 702.024689][T16018] ? __pfx_sysfs_merge_group+0x10/0x10 [ 702.024729][T16018] ? bus_add_device+0x368/0x6b0 [ 702.024765][T16018] ? __pfx_bus_add_device+0x10/0x10 [ 702.024799][T16018] ? __pfx_dev_add_physical_location+0x10/0x10 [ 702.024857][T16018] dpm_sysfs_add+0x237/0x280 [ 702.024901][T16018] device_add+0x9ef/0x1950 [ 702.024950][T16018] ? __pfx_device_add+0x10/0x10 [ 702.024997][T16018] ? lockdep_init_map_type+0x5c/0x250 [ 702.025033][T16018] ? __init_waitqueue_head+0xca/0x150 [ 702.025085][T16018] rfkill_register+0x1ad/0xb30 [ 702.025136][T16018] nfc_register_device+0x11f/0x3e0 [ 702.025194][T16018] nci_register_device+0x7f1/0xb80 [ 702.025241][T16018] ? __pfx_nci_register_device+0x10/0x10 [ 702.025299][T16018] ? lockdep_init_map_type+0x5c/0x250 [ 702.025340][T16018] virtual_ncidev_open+0x141/0x220 [ 702.025399][T16018] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 702.025454][T16018] misc_open+0x26d/0x450 [ 702.025501][T16018] ? __pfx_misc_open+0x10/0x10 [ 702.025546][T16018] chrdev_open+0x234/0x6a0 [ 702.025589][T16018] ? __pfx_apparmor_file_open+0x10/0x10 [ 702.025625][T16018] ? __pfx_chrdev_open+0x10/0x10 [ 702.025671][T16018] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 702.025728][T16018] do_dentry_open+0x6d8/0x1660 [ 702.025771][T16018] ? __pfx_chrdev_open+0x10/0x10 [ 702.025837][T16018] vfs_open+0x82/0x3f0 [ 702.025893][T16018] path_openat+0x208c/0x31a0 [ 702.025951][T16018] ? __pfx_path_openat+0x10/0x10 [ 702.026011][T16018] do_file_open+0x20e/0x430 [ 702.026059][T16018] ? __pfx_do_file_open+0x10/0x10 [ 702.026133][T16018] ? alloc_fd+0x476/0x790 [ 702.026199][T16018] ? do_getname+0x191/0x390 [ 702.026255][T16018] do_sys_openat2+0x10d/0x1e0 [ 702.026318][T16018] ? __pfx_do_sys_openat2+0x10/0x10 [ 702.026377][T16018] ? __fget_files+0x21f/0x3d0 [ 702.026428][T16018] __x64_sys_openat+0x12d/0x210 [ 702.026485][T16018] ? __pfx___x64_sys_openat+0x10/0x10 [ 702.026548][T16018] ? rcu_is_watching+0x12/0xc0 [ 702.026596][T16018] do_syscall_64+0x10b/0xf80 [ 702.026648][T16018] ? clear_bhb_loop+0x40/0x90 [ 702.026692][T16018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.026728][T16018] RIP: 0033:0x7f560539ce59 [ 702.026757][T16018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 702.026792][T16018] RSP: 002b:00007f560619e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 702.026825][T16018] RAX: ffffffffffffffda RBX: 00007f5605616180 RCX: 00007f560539ce59 [ 702.026848][T16018] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 702.026870][T16018] RBP: 00007f5605432d6f R08: 0000000000000000 R09: 0000000000000000 [ 702.026892][T16018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 702.026912][T16018] R13: 00007f5605616218 R14: 00007f5605616180 R15: 00007fff09f83518 [ 702.026958][T16018] [ 704.243595][T16052] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3088'. [ 704.279257][T16058] FAULT_INJECTION: forcing a failure. [ 704.279257][T16058] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 704.294008][T16058] CPU: 1 UID: 0 PID: 16058 Comm: syz.1.3089 Tainted: G L syzkaller #0 PREEMPT(full) [ 704.294063][T16058] Tainted: [L]=SOFTLOCKUP [ 704.294075][T16058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 704.294095][T16058] Call Trace: [ 704.294105][T16058] [ 704.294117][T16058] dump_stack_lvl+0x100/0x190 [ 704.294160][T16058] should_fail_ex.cold+0x5/0xa [ 704.294196][T16058] ? prepare_alloc_pages+0x16d/0x5f0 [ 704.294243][T16058] should_fail_alloc_page+0xeb/0x140 [ 704.294285][T16058] prepare_alloc_pages+0x1f0/0x5f0 [ 704.294338][T16058] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 704.294399][T16058] ? bpf_ksym_find+0x124/0x1c0 [ 704.294437][T16058] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 704.294491][T16058] ? is_bpf_text_address+0x94/0x1a0 [ 704.294540][T16058] ? kernel_text_address+0x8d/0x100 [ 704.294577][T16058] ? __kernel_text_address+0xd/0x30 [ 704.294610][T16058] ? unwind_get_return_address+0x59/0xa0 [ 704.294657][T16058] ? arch_stack_walk+0xa6/0xf0 [ 704.294702][T16058] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 704.294769][T16058] ? __lock_acquire+0x4a5/0x2630 [ 704.294811][T16058] ? stack_depot_save_flags+0x27/0x9d0 [ 704.294862][T16058] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 704.294915][T16058] ? policy_nodemask+0xed/0x4f0 [ 704.294966][T16058] alloc_pages_mpol+0x1fb/0x540 [ 704.295011][T16058] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 704.295064][T16058] folio_alloc_mpol_noprof+0x36/0x260 [ 704.295116][T16058] shmem_alloc_folio+0x135/0x160 [ 704.295168][T16058] shmem_alloc_and_add_folio+0x371/0xd40 [ 704.295224][T16058] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 704.295275][T16058] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 704.295311][T16058] shmem_get_folio_gfp+0x6ab/0x1900 [ 704.295347][T16058] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 704.295376][T16058] ? filemap_map_pages+0x9c1/0x2140 [ 704.295421][T16058] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 704.295475][T16058] shmem_fault+0x1f9/0xa20 [ 704.295504][T16058] ? __pfx_shmem_fault+0x10/0x10 [ 704.295532][T16058] ? css_rstat_updated+0x1ce/0x5a0 [ 704.295580][T16058] ? __pfx_filemap_map_pages+0x10/0x10 [ 704.295630][T16058] ? find_held_lock+0x2b/0x80 [ 704.295672][T16058] __do_fault+0x10b/0x440 [ 704.295704][T16058] do_fault+0xa99/0x1750 [ 704.295746][T16058] __handle_mm_fault+0x187d/0x2a00 [ 704.295795][T16058] ? mt_find+0x45e/0x8e0 [ 704.295825][T16058] ? __pfx___handle_mm_fault+0x10/0x10 [ 704.295866][T16058] ? __pfx_mt_find+0x10/0x10 [ 704.295912][T16058] ? find_vma+0xbf/0x140 [ 704.295952][T16058] ? __pfx_find_vma+0x10/0x10 [ 704.295989][T16058] handle_mm_fault+0x36d/0xa20 [ 704.296040][T16058] do_user_addr_fault+0x74c/0x12f0 [ 704.296083][T16058] ? trace_page_fault_kernel+0x7a/0x200 [ 704.296124][T16058] exc_page_fault+0x6f/0xd0 [ 704.296169][T16058] asm_exc_page_fault+0x26/0x30 [ 704.296198][T16058] RIP: 0010:fault_in_readable+0xde/0x190 [ 704.296230][T16058] Code: 08 cb b1 ff 4c 89 f0 48 85 c0 0f 85 bf 00 00 00 e8 d7 d0 b1 ff 0f 01 cb 0f ae e8 4c 89 fb 4d 85 ff 75 31 eb 48 e8 c2 d0 b1 ff <44> 8a 33 e8 ba d0 b1 ff 48 81 c3 00 10 00 00 31 ff 48 81 e3 00 f0 [ 704.296260][T16058] RSP: 0018:ffffc90005c87b00 EFLAGS: 00050287 [ 704.296285][T16058] RAX: 0000000000008d41 RBX: 0000000000010000 RCX: ffffc90004161000 [ 704.296303][T16058] RDX: 0000000000080000 RSI: ffffffff82563bbe RDI: ffff888076cd0000 [ 704.296321][T16058] RBP: 0000000000011000 R08: 0000000000000006 R09: 0000000000011000 [ 704.296338][T16058] R10: 0000000000010000 R11: 0000000000000000 R12: 0000000000001000 [ 704.296355][T16058] R13: 1ffff92000b90f61 R14: 0000000000000000 R15: 0000000000010000 [ 704.296384][T16058] ? fault_in_readable+0xde/0x190 [ 704.296422][T16058] ? __pfx_fault_in_readable+0x10/0x10 [ 704.296463][T16058] fault_in_iov_iter_readable+0x101/0x2c0 [ 704.296516][T16058] generic_perform_write+0x863/0xa40 [ 704.296574][T16058] ? __pfx_generic_perform_write+0x10/0x10 [ 704.296624][T16058] ? file_update_time_flags+0x373/0x500 [ 704.296674][T16058] shmem_file_write_iter+0x10e/0x140 [ 704.296713][T16058] vfs_write+0x6ac/0x1070 [ 704.296747][T16058] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 704.296788][T16058] ? __pfx_vfs_write+0x10/0x10 [ 704.296843][T16058] ksys_write+0x12a/0x250 [ 704.296876][T16058] ? __pfx_ksys_write+0x10/0x10 [ 704.296913][T16058] ? rcu_is_watching+0x12/0xc0 [ 704.296960][T16058] do_syscall_64+0x10b/0xf80 [ 704.297004][T16058] ? clear_bhb_loop+0x40/0x90 [ 704.297039][T16058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.297070][T16058] RIP: 0033:0x7ffbe2b9ce59 [ 704.297094][T16058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 704.297122][T16058] RSP: 002b:00007ffbe3b41028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 704.297149][T16058] RAX: ffffffffffffffda RBX: 00007ffbe2e15fa0 RCX: 00007ffbe2b9ce59 [ 704.297168][T16058] RDX: 00000000fffffdf1 RSI: 0000000000000000 RDI: 0000000000000006 [ 704.297186][T16058] RBP: 00007ffbe2c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 704.297205][T16058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 704.297223][T16058] R13: 00007ffbe2e16038 R14: 00007ffbe2e15fa0 R15: 00007fffa795fad8 [ 704.297260][T16058] [ 705.147968][T16065] FAULT_INJECTION: forcing a failure. [ 705.147968][T16065] name failslab, interval 1, probability 0, space 0, times 0 [ 705.203140][T16065] CPU: 0 UID: 0 PID: 16065 Comm: syz.0.3090 Tainted: G L syzkaller #0 PREEMPT(full) [ 705.203196][T16065] Tainted: [L]=SOFTLOCKUP [ 705.203209][T16065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 705.203231][T16065] Call Trace: [ 705.203242][T16065] [ 705.203256][T16065] dump_stack_lvl+0x100/0x190 [ 705.203300][T16065] should_fail_ex.cold+0x5/0xa [ 705.203345][T16065] should_failslab+0xc2/0x120 [ 705.203389][T16065] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 705.203443][T16065] ? __kernfs_new_node+0xd2/0x9f0 [ 705.203491][T16065] __kernfs_new_node+0xd2/0x9f0 [ 705.203535][T16065] ? __pfx___kernfs_new_node+0x10/0x10 [ 705.203586][T16065] ? find_held_lock+0x2b/0x80 [ 705.203632][T16065] ? kernfs_root+0xee/0x2a0 [ 705.203667][T16065] ? kernfs_root+0xee/0x2a0 [ 705.203715][T16065] kernfs_new_node+0x11b/0x1a0 [ 705.203765][T16065] __kernfs_create_file+0x53/0x350 [ 705.203835][T16065] sysfs_add_file_mode_ns+0x207/0x3c0 [ 705.203883][T16065] sysfs_merge_group+0x194/0x340 [ 705.203927][T16065] ? __pfx_sysfs_merge_group+0x10/0x10 [ 705.203967][T16065] ? bus_add_device+0x368/0x6b0 [ 705.204037][T16065] ? __pfx_bus_add_device+0x10/0x10 [ 705.204071][T16065] ? __pfx_dev_add_physical_location+0x10/0x10 [ 705.204132][T16065] dpm_sysfs_add+0x237/0x280 [ 705.204182][T16065] device_add+0x9ef/0x1950 [ 705.204234][T16065] ? __pfx_device_add+0x10/0x10 [ 705.204281][T16065] ? lockdep_init_map_type+0x5c/0x250 [ 705.204318][T16065] ? __init_waitqueue_head+0xca/0x150 [ 705.204371][T16065] rfkill_register+0x1ad/0xb30 [ 705.204422][T16065] nfc_register_device+0x11f/0x3e0 [ 705.204480][T16065] nci_register_device+0x7f1/0xb80 [ 705.204527][T16065] ? __pfx_nci_register_device+0x10/0x10 [ 705.204579][T16065] ? lockdep_init_map_type+0x5c/0x250 [ 705.204623][T16065] virtual_ncidev_open+0x141/0x220 [ 705.204681][T16065] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 705.204735][T16065] misc_open+0x26d/0x450 [ 705.204780][T16065] ? __pfx_misc_open+0x10/0x10 [ 705.204832][T16065] chrdev_open+0x234/0x6a0 [ 705.204877][T16065] ? __pfx_apparmor_file_open+0x10/0x10 [ 705.204914][T16065] ? __pfx_chrdev_open+0x10/0x10 [ 705.204960][T16065] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 705.205014][T16065] do_dentry_open+0x6d8/0x1660 [ 705.205055][T16065] ? __pfx_chrdev_open+0x10/0x10 [ 705.205110][T16065] vfs_open+0x82/0x3f0 [ 705.205165][T16065] path_openat+0x208c/0x31a0 [ 705.205224][T16065] ? __pfx_path_openat+0x10/0x10 [ 705.205286][T16065] do_file_open+0x20e/0x430 [ 705.205335][T16065] ? __pfx_do_file_open+0x10/0x10 [ 705.205411][T16065] ? alloc_fd+0x476/0x790 [ 705.205458][T16065] ? do_getname+0x191/0x390 [ 705.205513][T16065] do_sys_openat2+0x10d/0x1e0 [ 705.205566][T16065] ? __pfx_do_sys_openat2+0x10/0x10 [ 705.205623][T16065] ? __fget_files+0x21f/0x3d0 [ 705.205673][T16065] __x64_sys_openat+0x12d/0x210 [ 705.205728][T16065] ? __pfx___x64_sys_openat+0x10/0x10 [ 705.205793][T16065] ? rcu_is_watching+0x12/0xc0 [ 705.205850][T16065] do_syscall_64+0x10b/0xf80 [ 705.205904][T16065] ? clear_bhb_loop+0x40/0x90 [ 705.205948][T16065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.205984][T16065] RIP: 0033:0x7f5d5859ce59 [ 705.206012][T16065] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 705.206047][T16065] RSP: 002b:00007f5d5947b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 705.206080][T16065] RAX: ffffffffffffffda RBX: 00007f5d58816180 RCX: 00007f5d5859ce59 [ 705.206102][T16065] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 705.206123][T16065] RBP: 00007f5d58632d6f R08: 0000000000000000 R09: 0000000000000000 [ 705.206143][T16065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 705.206162][T16065] R13: 00007f5d58816218 R14: 00007f5d58816180 R15: 00007ffd2a29d298 [ 705.206207][T16065] [ 706.238249][T16088] bond0: invalid ARP target specified [ 706.738483][T16104] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3097'. [ 706.777959][T16104] netlink: 354 bytes leftover after parsing attributes in process `syz.1.3097'. [ 707.008223][T16116] random: crng reseeded on system resumption [ 707.114297][T16119] netlink: 'syz.1.3104': attribute type 1 has an invalid length. [ 707.136030][T16119] netlink: 13 bytes leftover after parsing attributes in process `syz.1.3104'. [ 707.164150][T16119] netlink: 'syz.1.3104': attribute type 1 has an invalid length. [ 708.098308][T16134] FAULT_INJECTION: forcing a failure. [ 708.098308][T16134] name failslab, interval 1, probability 0, space 0, times 0 [ 708.169986][T16134] CPU: 1 UID: 0 PID: 16134 Comm: syz.1.3108 Tainted: G L syzkaller #0 PREEMPT(full) [ 708.170042][T16134] Tainted: [L]=SOFTLOCKUP [ 708.170055][T16134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 708.170086][T16134] Call Trace: [ 708.170108][T16134] [ 708.170122][T16134] dump_stack_lvl+0x100/0x190 [ 708.170170][T16134] should_fail_ex.cold+0x5/0xa [ 708.170232][T16134] should_failslab+0xc2/0x120 [ 708.170275][T16134] __kmalloc_cache_noprof+0x7a/0x6f0 [ 708.170335][T16134] ? drm_atomic_state_alloc+0xb8/0x120 [ 708.170493][T16134] drm_atomic_state_alloc+0xb8/0x120 [ 708.170549][T16134] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 708.170590][T16134] ? rcu_is_watching+0x12/0xc0 [ 708.170634][T16134] ? trace_contention_end+0x122/0x170 [ 708.170677][T16134] ? __mutex_lock+0x26d/0x1b10 [ 708.170714][T16134] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 708.170754][T16134] ? drm_master_internal_acquire+0x21/0x80 [ 708.170888][T16134] drm_client_modeset_commit_locked+0x14d/0x580 [ 708.170937][T16134] drm_client_modeset_commit+0x4f/0x80 [ 708.170978][T16134] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 708.171112][T16134] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 708.171185][T16134] drm_fbdev_client_restore+0x1b/0x30 [ 708.171270][T16134] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 708.171319][T16134] drm_client_dev_restore+0x205/0x2a0 [ 708.171367][T16134] drm_release+0x2c6/0x360 [ 708.171483][T16134] ? __pfx_drm_release+0x10/0x10 [ 708.171539][T16134] __fput+0x3ff/0xb50 [ 708.171601][T16134] task_work_run+0x150/0x240 [ 708.171639][T16134] ? __pfx_task_work_run+0x10/0x10 [ 708.171679][T16134] ? rcu_is_watching+0x12/0xc0 [ 708.171729][T16134] exit_to_user_mode_loop+0x107/0x4f0 [ 708.171764][T16134] ? rcu_is_watching+0x12/0xc0 [ 708.171811][T16134] do_syscall_64+0x6f2/0xf80 [ 708.171867][T16134] ? clear_bhb_loop+0x40/0x90 [ 708.171911][T16134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.171948][T16134] RIP: 0033:0x7ffbe2b9ce59 [ 708.171977][T16134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 708.172013][T16134] RSP: 002b:00007ffbe3b41028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 708.172048][T16134] RAX: 0000000000000000 RBX: 00007ffbe2e15fa0 RCX: 00007ffbe2b9ce59 [ 708.172070][T16134] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 708.172091][T16134] RBP: 00007ffbe2c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 708.172112][T16134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 708.172133][T16134] R13: 00007ffbe2e16038 R14: 00007ffbe2e15fa0 R15: 00007fffa795fad8 [ 708.172186][T16134] [ 709.790022][T16168] random: crng reseeded on system resumption [ 710.679758][T16182] FAULT_INJECTION: forcing a failure. [ 710.679758][T16182] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 710.734499][T16182] CPU: 0 UID: 0 PID: 16182 Comm: syz.3.3122 Tainted: G L syzkaller #0 PREEMPT(full) [ 710.734540][T16182] Tainted: [L]=SOFTLOCKUP [ 710.734566][T16182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 710.734593][T16182] Call Trace: [ 710.734602][T16182] [ 710.734611][T16182] dump_stack_lvl+0x100/0x190 [ 710.734644][T16182] should_fail_ex.cold+0x5/0xa [ 710.734676][T16182] ? prepare_alloc_pages+0x16d/0x5f0 [ 710.734714][T16182] should_fail_alloc_page+0xeb/0x140 [ 710.734745][T16182] prepare_alloc_pages+0x1f0/0x5f0 [ 710.734781][T16182] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 710.734828][T16182] ? rcu_is_watching+0x12/0xc0 [ 710.734868][T16182] ? trace_mm_page_alloc+0x163/0x1d0 [ 710.734900][T16182] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 710.734944][T16182] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 710.734990][T16182] ? find_held_lock+0x2b/0x80 [ 710.735028][T16182] ? is_bpf_text_address+0x8a/0x1a0 [ 710.735063][T16182] ? is_bpf_text_address+0x8a/0x1a0 [ 710.735100][T16182] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 710.735141][T16182] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 710.735178][T16182] ? is_bpf_text_address+0x94/0x1a0 [ 710.735212][T16182] ? kernel_text_address+0x8d/0x100 [ 710.735238][T16182] ? __kernel_text_address+0xd/0x30 [ 710.735263][T16182] ? unwind_get_return_address+0x59/0xa0 [ 710.735304][T16182] alloc_pages_bulk_noprof+0x649/0x1360 [ 710.735335][T16182] ? policy_nodemask+0xed/0x4f0 [ 710.735369][T16182] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 710.735413][T16182] ? kasan_save_stack+0x30/0x50 [ 710.735447][T16182] __kasan_populate_vmalloc+0xf0/0x210 [ 710.735494][T16182] alloc_vmap_area+0x95d/0x2b70 [ 710.735534][T16182] ? __pfx_alloc_vmap_area+0x10/0x10 [ 710.735570][T16182] __get_vm_area_node+0x1ca/0x330 [ 710.735604][T16182] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 710.735660][T16182] get_vm_area_caller+0x71/0xa0 [ 710.735691][T16182] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 710.735716][T16182] vmap+0x131/0x2f0 [ 710.735746][T16182] ? __pfx_vmap+0x10/0x10 [ 710.735784][T16182] ringbuf_map_alloc+0x3a1/0x8b0 [ 710.735814][T16182] ? __pfx_ringbuf_map_mem_usage+0x10/0x10 [ 710.735862][T16182] map_create+0x84e/0x2bc0 [ 710.735898][T16182] ? futex_unqueue+0x13d/0x2c0 [ 710.735925][T16182] ? __futex_wait+0x256/0x300 [ 710.735964][T16182] ? __pfx_map_create+0x10/0x10 [ 710.736000][T16182] ? __might_fault+0xc5/0x140 [ 710.736038][T16182] ? __might_fault+0xc5/0x140 [ 710.736086][T16182] __sys_bpf+0x2091/0x4b90 [ 710.736115][T16182] ? __pfx___sys_bpf+0x10/0x10 [ 710.736139][T16182] ? __pfx_futex_wait+0x10/0x10 [ 710.736178][T16182] ? errseq_sample+0x51/0x70 [ 710.736202][T16182] ? file_init_path+0x48e/0x670 [ 710.736242][T16182] ? do_futex+0x192/0x350 [ 710.736283][T16182] ? xfd_validate_state+0x129/0x190 [ 710.736316][T16182] __x64_sys_bpf+0x7b/0xc0 [ 710.736343][T16182] ? lockdep_hardirqs_on+0x78/0x100 [ 710.736384][T16182] do_syscall_64+0x10b/0xf80 [ 710.736421][T16182] ? clear_bhb_loop+0x40/0x90 [ 710.736451][T16182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.736476][T16182] RIP: 0033:0x7f5a26f9ce59 [ 710.736496][T16182] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 710.736521][T16182] RSP: 002b:00007f5a27ed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 710.736544][T16182] RAX: ffffffffffffffda RBX: 00007f5a27215fa0 RCX: 00007f5a26f9ce59 [ 710.736561][T16182] RDX: 0000000000000010 RSI: 00002000000000c0 RDI: 0000000000000000 [ 710.736576][T16182] RBP: 00007f5a27032d6f R08: 0000000000000000 R09: 0000000000000000 [ 710.736591][T16182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 710.736606][T16182] R13: 00007f5a27216038 R14: 00007f5a27215fa0 R15: 00007ffd62224dc8 [ 710.736637][T16182] [ 711.784341][T16203] FAULT_INJECTION: forcing a failure. [ 711.784341][T16203] name failslab, interval 1, probability 0, space 0, times 0 [ 711.843155][T16203] CPU: 1 UID: 0 PID: 16203 Comm: syz.0.3126 Tainted: G L syzkaller #0 PREEMPT(full) [ 711.843224][T16203] Tainted: [L]=SOFTLOCKUP [ 711.843238][T16203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 711.843259][T16203] Call Trace: [ 711.843269][T16203] [ 711.843284][T16203] dump_stack_lvl+0x100/0x190 [ 711.843330][T16203] should_fail_ex.cold+0x5/0xa [ 711.843374][T16203] should_failslab+0xc2/0x120 [ 711.843416][T16203] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 711.843469][T16203] ? __kernfs_new_node+0xd2/0x9f0 [ 711.843507][T16203] ? __pfx_try_to_wake_up+0x10/0x10 [ 711.843561][T16203] __kernfs_new_node+0xd2/0x9f0 [ 711.843601][T16203] ? wake_up_q+0xae/0x130 [ 711.843644][T16203] ? __pfx___kernfs_new_node+0x10/0x10 [ 711.843693][T16203] ? find_held_lock+0x2b/0x80 [ 711.843737][T16203] ? kernfs_root+0xee/0x2a0 [ 711.843773][T16203] ? kernfs_root+0xee/0x2a0 [ 711.843826][T16203] kernfs_new_node+0x11b/0x1a0 [ 711.843879][T16203] __kernfs_create_file+0x53/0x350 [ 711.843939][T16203] sysfs_add_file_mode_ns+0x207/0x3c0 [ 711.843987][T16203] sysfs_merge_group+0x194/0x340 [ 711.844030][T16203] ? __pfx_sysfs_merge_group+0x10/0x10 [ 711.844070][T16203] ? bus_add_device+0x368/0x6b0 [ 711.844107][T16203] ? __pfx_bus_add_device+0x10/0x10 [ 711.844140][T16203] ? __pfx_dev_add_physical_location+0x10/0x10 [ 711.844198][T16203] dpm_sysfs_add+0x237/0x280 [ 711.844256][T16203] device_add+0x9ef/0x1950 [ 711.844308][T16203] ? __pfx_device_add+0x10/0x10 [ 711.844353][T16203] ? lockdep_init_map_type+0x5c/0x250 [ 711.844388][T16203] ? __init_waitqueue_head+0xca/0x150 [ 711.844436][T16203] rfkill_register+0x1ad/0xb30 [ 711.844486][T16203] nfc_register_device+0x11f/0x3e0 [ 711.844545][T16203] nci_register_device+0x7f1/0xb80 [ 711.844590][T16203] ? __pfx_nci_register_device+0x10/0x10 [ 711.844640][T16203] ? lockdep_init_map_type+0x5c/0x250 [ 711.844682][T16203] virtual_ncidev_open+0x141/0x220 [ 711.844738][T16203] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 711.844793][T16203] misc_open+0x26d/0x450 [ 711.844838][T16203] ? __pfx_misc_open+0x10/0x10 [ 711.844883][T16203] chrdev_open+0x234/0x6a0 [ 711.844928][T16203] ? __pfx_apparmor_file_open+0x10/0x10 [ 711.844964][T16203] ? __pfx_chrdev_open+0x10/0x10 [ 711.845009][T16203] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 711.845066][T16203] do_dentry_open+0x6d8/0x1660 [ 711.845108][T16203] ? __pfx_chrdev_open+0x10/0x10 [ 711.845163][T16203] vfs_open+0x82/0x3f0 [ 711.845228][T16203] path_openat+0x208c/0x31a0 [ 711.845290][T16203] ? __pfx_path_openat+0x10/0x10 [ 711.845351][T16203] do_file_open+0x20e/0x430 [ 711.845398][T16203] ? __pfx_do_file_open+0x10/0x10 [ 711.845472][T16203] ? alloc_fd+0x476/0x790 [ 711.845519][T16203] ? do_getname+0x191/0x390 [ 711.845575][T16203] do_sys_openat2+0x10d/0x1e0 [ 711.845630][T16203] ? __pfx_do_sys_openat2+0x10/0x10 [ 711.845701][T16203] ? __fget_files+0x21f/0x3d0 [ 711.845776][T16203] __x64_sys_openat+0x12d/0x210 [ 711.845833][T16203] ? __pfx___x64_sys_openat+0x10/0x10 [ 711.845928][T16203] ? rcu_is_watching+0x12/0xc0 [ 711.845979][T16203] do_syscall_64+0x10b/0xf80 [ 711.846033][T16203] ? clear_bhb_loop+0x40/0x90 [ 711.846077][T16203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.846113][T16203] RIP: 0033:0x7f5d5859ce59 [ 711.846142][T16203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 711.846176][T16203] RSP: 002b:00007f5d5947b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 711.846217][T16203] RAX: ffffffffffffffda RBX: 00007f5d58816180 RCX: 00007f5d5859ce59 [ 711.846240][T16203] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 711.846263][T16203] RBP: 00007f5d58632d6f R08: 0000000000000000 R09: 0000000000000000 [ 711.846285][T16203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 711.846307][T16203] R13: 00007f5d58816218 R14: 00007f5d58816180 R15: 00007ffd2a29d298 [ 711.846355][T16203] [ 713.778538][T16235] netlink: 252 bytes leftover after parsing attributes in process `syz.0.3135'. [ 713.815754][T16235] netlink: 252 bytes leftover after parsing attributes in process `syz.0.3135'. [ 714.920352][T16247] netlink: 'syz.1.3139': attribute type 10 has an invalid length. [ 714.969364][T16247] netlink: 'syz.1.3139': attribute type 13 has an invalid length. [ 715.916102][T16261] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3144'. [ 715.942534][T16261] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 716.037822][T16261] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 716.284867][T16268] FAULT_INJECTION: forcing a failure. [ 716.284867][T16268] name failslab, interval 1, probability 0, space 0, times 0 [ 716.320950][T16268] CPU: 1 UID: 0 PID: 16268 Comm: syz.3.3146 Tainted: G L syzkaller #0 PREEMPT(full) [ 716.321007][T16268] Tainted: [L]=SOFTLOCKUP [ 716.321021][T16268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 716.321043][T16268] Call Trace: [ 716.321056][T16268] [ 716.321070][T16268] dump_stack_lvl+0x100/0x190 [ 716.321117][T16268] should_fail_ex.cold+0x5/0xa [ 716.321160][T16268] ? ring_buffer_read_start+0x1b9/0x450 [ 716.321205][T16268] should_failslab+0xc2/0x120 [ 716.321246][T16268] __kmalloc_noprof+0xe0/0x850 [ 716.321288][T16268] ring_buffer_read_start+0x1b9/0x450 [ 716.321338][T16268] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 716.321382][T16268] ? lockdep_init_map_type+0x5c/0x250 [ 716.321421][T16268] ? ring_buffer_overruns+0x14e/0x1a0 [ 716.321464][T16268] __tracing_open+0x74e/0xa80 [ 716.321508][T16268] tracing_open+0x26b/0x4d0 [ 716.321549][T16268] do_dentry_open+0x6d8/0x1660 [ 716.321592][T16268] ? __pfx_tracing_open+0x10/0x10 [ 716.321642][T16268] vfs_open+0x82/0x3f0 [ 716.321700][T16268] path_openat+0x208c/0x31a0 [ 716.321759][T16268] ? __pfx_path_openat+0x10/0x10 [ 716.321826][T16268] do_file_open+0x20e/0x430 [ 716.321876][T16268] ? __pfx_do_file_open+0x10/0x10 [ 716.321953][T16268] ? alloc_fd+0x476/0x790 [ 716.322001][T16268] ? do_getname+0x191/0x390 [ 716.322057][T16268] do_sys_openat2+0x10d/0x1e0 [ 716.322112][T16268] ? __pfx_do_sys_openat2+0x10/0x10 [ 716.322169][T16268] ? __fget_files+0x21f/0x3d0 [ 716.322220][T16268] __x64_sys_openat+0x12d/0x210 [ 716.322274][T16268] ? __pfx___x64_sys_openat+0x10/0x10 [ 716.322337][T16268] ? rcu_is_watching+0x12/0xc0 [ 716.322384][T16268] do_syscall_64+0x10b/0xf80 [ 716.322438][T16268] ? clear_bhb_loop+0x40/0x90 [ 716.322479][T16268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.322515][T16268] RIP: 0033:0x7f5a26f9ce59 [ 716.322543][T16268] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 716.322576][T16268] RSP: 002b:00007f5a27ed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 716.322610][T16268] RAX: ffffffffffffffda RBX: 00007f5a27215fa0 RCX: 00007f5a26f9ce59 [ 716.322633][T16268] RDX: 1a6b75d638828712 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 716.322656][T16268] RBP: 00007f5a27032d6f R08: 0000000000000000 R09: 0000000000000000 [ 716.322678][T16268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.322699][T16268] R13: 00007f5a27216038 R14: 00007f5a27215fa0 R15: 00007ffd62224dc8 [ 716.322745][T16268] [ 717.534252][T16285] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 718.014520][T16299] FAULT_INJECTION: forcing a failure. [ 718.014520][T16299] name failslab, interval 1, probability 0, space 0, times 0 [ 718.211345][T16299] CPU: 1 UID: 0 PID: 16299 Comm: syz.2.3156 Tainted: G L syzkaller #0 PREEMPT(full) [ 718.211401][T16299] Tainted: [L]=SOFTLOCKUP [ 718.211414][T16299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 718.211437][T16299] Call Trace: [ 718.211450][T16299] [ 718.211464][T16299] dump_stack_lvl+0x100/0x190 [ 718.211509][T16299] should_fail_ex.cold+0x5/0xa [ 718.211563][T16299] should_failslab+0xc2/0x120 [ 718.211604][T16299] __kmalloc_cache_noprof+0x7a/0x6f0 [ 718.211653][T16299] ? kobject_uevent_env+0x263/0x18b0 [ 718.211697][T16299] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 718.211745][T16299] kobject_uevent_env+0x263/0x18b0 [ 718.211797][T16299] ? bus_to_subsys+0x114/0x150 [ 718.211855][T16299] device_add+0x116e/0x1950 [ 718.211907][T16299] ? __pfx_device_add+0x10/0x10 [ 718.211951][T16299] ? lockdep_init_map_type+0x5c/0x250 [ 718.211986][T16299] ? __init_waitqueue_head+0xca/0x150 [ 718.212037][T16299] rfkill_register+0x1ad/0xb30 [ 718.212087][T16299] nfc_register_device+0x11f/0x3e0 [ 718.212142][T16299] nci_register_device+0x7f1/0xb80 [ 718.212188][T16299] ? __pfx_nci_register_device+0x10/0x10 [ 718.212239][T16299] ? lockdep_init_map_type+0x5c/0x250 [ 718.212282][T16299] virtual_ncidev_open+0x141/0x220 [ 718.212339][T16299] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 718.212410][T16299] misc_open+0x26d/0x450 [ 718.212456][T16299] ? __pfx_misc_open+0x10/0x10 [ 718.212501][T16299] chrdev_open+0x234/0x6a0 [ 718.212639][T16299] ? __pfx_apparmor_file_open+0x10/0x10 [ 718.212678][T16299] ? __pfx_chrdev_open+0x10/0x10 [ 718.212726][T16299] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 718.212782][T16299] do_dentry_open+0x6d8/0x1660 [ 718.212824][T16299] ? __pfx_chrdev_open+0x10/0x10 [ 718.212895][T16299] vfs_open+0x82/0x3f0 [ 718.212952][T16299] path_openat+0x208c/0x31a0 [ 718.213012][T16299] ? __pfx_path_openat+0x10/0x10 [ 718.213103][T16299] do_file_open+0x20e/0x430 [ 718.213154][T16299] ? __pfx_do_file_open+0x10/0x10 [ 718.213231][T16299] ? alloc_fd+0x476/0x790 [ 718.213279][T16299] ? do_getname+0x191/0x390 [ 718.213335][T16299] do_sys_openat2+0x10d/0x1e0 [ 718.213391][T16299] ? __pfx_do_sys_openat2+0x10/0x10 [ 718.213448][T16299] ? __fget_files+0x21f/0x3d0 [ 718.213499][T16299] __x64_sys_openat+0x12d/0x210 [ 718.213555][T16299] ? __pfx___x64_sys_openat+0x10/0x10 [ 718.213617][T16299] ? rcu_is_watching+0x12/0xc0 [ 718.213667][T16299] do_syscall_64+0x10b/0xf80 [ 718.213720][T16299] ? clear_bhb_loop+0x40/0x90 [ 718.213765][T16299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.213801][T16299] RIP: 0033:0x7f560539ce59 [ 718.213828][T16299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 718.213864][T16299] RSP: 002b:00007f560619e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 718.213898][T16299] RAX: ffffffffffffffda RBX: 00007f5605616180 RCX: 00007f560539ce59 [ 718.213921][T16299] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 718.213943][T16299] RBP: 00007f5605432d6f R08: 0000000000000000 R09: 0000000000000000 [ 718.213964][T16299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 718.213984][T16299] R13: 00007f5605616218 R14: 00007f5605616180 R15: 00007fff09f83518 [ 718.214030][T16299] [ 718.574556][T16309] netlink: 25 bytes leftover after parsing attributes in process `syz.0.3160'. [ 721.152122][T16360] FAULT_INJECTION: forcing a failure. [ 721.152122][T16360] name failslab, interval 1, probability 0, space 0, times 0 [ 721.198586][T16360] CPU: 1 UID: 0 PID: 16360 Comm: syz.0.3176 Tainted: G L syzkaller #0 PREEMPT(full) [ 721.198643][T16360] Tainted: [L]=SOFTLOCKUP [ 721.198656][T16360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 721.198678][T16360] Call Trace: [ 721.198689][T16360] [ 721.198702][T16360] dump_stack_lvl+0x100/0x190 [ 721.198747][T16360] should_fail_ex.cold+0x5/0xa [ 721.198800][T16360] should_failslab+0xc2/0x120 [ 721.198843][T16360] __kmalloc_cache_noprof+0x7a/0x6f0 [ 721.198895][T16360] ? trace_pid_list_alloc+0x2fe/0x480 [ 721.198953][T16360] trace_pid_list_alloc+0x2fe/0x480 [ 721.199006][T16360] trace_pid_write+0x110/0x460 [ 721.199059][T16360] ? __pfx_trace_pid_write+0x10/0x10 [ 721.199135][T16360] event_pid_write.isra.0+0x1e4/0x7d0 [ 721.199194][T16360] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 721.199260][T16360] vfs_write+0x2aa/0x1070 [ 721.199305][T16360] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 721.199364][T16360] ? __pfx_vfs_write+0x10/0x10 [ 721.199406][T16360] ? __fget_files+0x215/0x3d0 [ 721.199458][T16360] ? __fget_files+0x21f/0x3d0 [ 721.199513][T16360] ksys_write+0x12a/0x250 [ 721.199554][T16360] ? __pfx_ksys_write+0x10/0x10 [ 721.199601][T16360] ? rcu_is_watching+0x12/0xc0 [ 721.199650][T16360] do_syscall_64+0x10b/0xf80 [ 721.199705][T16360] ? clear_bhb_loop+0x40/0x90 [ 721.199750][T16360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 721.199796][T16360] RIP: 0033:0x7f5d5859ce59 [ 721.199825][T16360] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 721.199860][T16360] RSP: 002b:00007f5d594bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 721.199892][T16360] RAX: ffffffffffffffda RBX: 00007f5d58815fa0 RCX: 00007f5d5859ce59 [ 721.199915][T16360] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 721.199937][T16360] RBP: 00007f5d58632d6f R08: 0000000000000000 R09: 0000000000000000 [ 721.199959][T16360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 721.199980][T16360] R13: 00007f5d58816038 R14: 00007f5d58815fa0 R15: 00007ffd2a29d298 [ 721.200025][T16360] [ 722.217301][T16377] netlink: 25 bytes leftover after parsing attributes in process `syz.0.3182'. [ 722.345390][T16372] zswap: compressor not available [ 725.426032][T16447] FAULT_INJECTION: forcing a failure. [ 725.426032][T16447] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 725.481741][T16447] CPU: 0 UID: 0 PID: 16447 Comm: syz.1.3204 Tainted: G L syzkaller #0 PREEMPT(full) [ 725.481804][T16447] Tainted: [L]=SOFTLOCKUP [ 725.481818][T16447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 725.481840][T16447] Call Trace: [ 725.481852][T16447] [ 725.481880][T16447] dump_stack_lvl+0x100/0x190 [ 725.481929][T16447] should_fail_ex.cold+0x5/0xa [ 725.481970][T16447] ? prepare_alloc_pages+0x16d/0x5f0 [ 725.482020][T16447] should_fail_alloc_page+0xeb/0x140 [ 725.482069][T16447] prepare_alloc_pages+0x1f0/0x5f0 [ 725.482122][T16447] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 725.482198][T16447] ? __lock_acquire+0x4a5/0x2630 [ 725.482237][T16447] ? __lock_acquire+0x4a5/0x2630 [ 725.482269][T16447] ? css_rstat_updated+0x1ce/0x5a0 [ 725.482333][T16447] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 725.482401][T16447] ? lock_acquire+0x1b1/0x370 [ 725.482440][T16447] ? find_held_lock+0x2b/0x80 [ 725.482484][T16447] ? page_table_check_set+0x477/0x920 [ 725.482538][T16447] ? page_table_check_set+0x486/0x920 [ 725.482581][T16447] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 725.482641][T16447] ? policy_nodemask+0xed/0x4f0 [ 725.482685][T16447] alloc_pages_mpol+0x1fb/0x540 [ 725.482732][T16447] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 725.482773][T16447] ? __lock_acquire+0x4a5/0x2630 [ 725.482806][T16447] ? rcu_read_unlock+0x2d/0xb0 [ 725.482877][T16447] folio_alloc_mpol_noprof+0x36/0x260 [ 725.482929][T16447] vma_alloc_folio_noprof+0xed/0x1d0 [ 725.482978][T16447] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 725.483031][T16447] ? __lock_acquire+0x4a5/0x2630 [ 725.483069][T16447] ? __pfx_filemap_map_pages+0x10/0x10 [ 725.483123][T16447] do_fault+0x1e6/0x1750 [ 725.483175][T16447] __handle_mm_fault+0x187d/0x2a00 [ 725.483233][T16447] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 725.483280][T16447] ? __pfx___handle_mm_fault+0x10/0x10 [ 725.483335][T16447] ? pte_offset_map_lock+0x174/0x320 [ 725.483376][T16447] ? find_held_lock+0x2b/0x80 [ 725.483436][T16447] ? follow_page_pte+0x4d0/0x13f0 [ 725.483487][T16447] handle_mm_fault+0x36d/0xa20 [ 725.483547][T16447] __get_user_pages+0x1178/0x32a0 [ 725.483607][T16447] ? __pfx___get_user_pages+0x10/0x10 [ 725.483664][T16447] populate_vma_page_range+0x267/0x3f0 [ 725.483713][T16447] ? __pfx_populate_vma_page_range+0x10/0x10 [ 725.483779][T16447] ? __pfx_find_vma_intersection+0x10/0x10 [ 725.483827][T16447] ? do_mmap+0x93f/0x12f0 [ 725.483880][T16447] __mm_populate+0x107/0x3a0 [ 725.483927][T16447] ? __pfx___mm_populate+0x10/0x10 [ 725.483976][T16447] ? up_write+0x28c/0x4f0 [ 725.484019][T16447] vm_mmap_pgoff+0x37f/0x470 [ 725.484069][T16447] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 725.484111][T16447] ? __fget_files+0x215/0x3d0 [ 725.484160][T16447] ? __fget_files+0x21f/0x3d0 [ 725.484209][T16447] ksys_mmap_pgoff+0x3cb/0x610 [ 725.484252][T16447] ? __x64_sys_futex+0x358/0x4d0 [ 725.484292][T16447] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 725.484333][T16447] ? xfd_validate_state+0x129/0x190 [ 725.484380][T16447] __x64_sys_mmap+0x125/0x190 [ 725.484424][T16447] do_syscall_64+0x10b/0xf80 [ 725.484478][T16447] ? clear_bhb_loop+0x40/0x90 [ 725.484520][T16447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.484554][T16447] RIP: 0033:0x7ffbe2b9ce59 [ 725.484582][T16447] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 725.484616][T16447] RSP: 002b:00007ffbe3b41028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 725.484649][T16447] RAX: ffffffffffffffda RBX: 00007ffbe2e15fa0 RCX: 00007ffbe2b9ce59 [ 725.484671][T16447] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000000000000 [ 725.484692][T16447] RBP: 00007ffbe2c32d6f R08: 0000000000000007 R09: 0000000000008000 [ 725.484715][T16447] R10: 0008000000008012 R11: 0000000000000246 R12: 0000000000000000 [ 725.484736][T16447] R13: 00007ffbe2e16038 R14: 00007ffbe2e15fa0 R15: 00007fffa795fad8 [ 725.484781][T16447] [ 727.302546][T16468] ubi3: attaching mtd1 [ 728.878331][T16482] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 728.917892][T16486] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3214'. [ 729.506284][ T5634] Bluetooth: hci3: unexpected subevent 0x18 length: 123 > 19 [ 729.515108][ T5634] Bluetooth: hci3: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 729.534172][T16499] binder: 16498:16499 ioctl c0306201 200000000000 returned -11 [ 730.783190][T16511] zswap: compressor not available [ 731.183648][T16525] FAULT_INJECTION: forcing a failure. [ 731.183648][T16525] name failslab, interval 1, probability 0, space 0, times 0 [ 731.204045][T16525] CPU: 0 UID: 0 PID: 16525 Comm: syz.3.3228 Tainted: G L syzkaller #0 PREEMPT(full) [ 731.204105][T16525] Tainted: [L]=SOFTLOCKUP [ 731.204119][T16525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 731.204141][T16525] Call Trace: [ 731.204154][T16525] [ 731.204168][T16525] dump_stack_lvl+0x100/0x190 [ 731.204215][T16525] should_fail_ex.cold+0x5/0xa [ 731.204261][T16525] should_failslab+0xc2/0x120 [ 731.204303][T16525] __kmalloc_cache_noprof+0x7a/0x6f0 [ 731.204355][T16525] ? ima_calc_file_hash_tfm+0x236/0x350 [ 731.204392][T16525] ? sha256_init+0xd/0xc0 [ 731.204435][T16525] ima_calc_file_hash_tfm+0x236/0x350 [ 731.204473][T16525] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 731.204552][T16525] ? look_up_lock_class+0x55/0x120 [ 731.204611][T16525] ? ima_alloc_tfm+0x21a/0x2e0 [ 731.204656][T16525] ima_calc_file_hash+0x1e3/0x380 [ 731.204693][T16525] ima_collect_measurement+0x94f/0xb30 [ 731.204763][T16525] ? __pfx_ima_collect_measurement+0x10/0x10 [ 731.204826][T16525] ? process_measurement+0x5ab/0x2350 [ 731.204890][T16525] ? is_bad_inode+0xd/0x40 [ 731.204926][T16525] ? xattr_resolve_name+0x27d/0x3f0 [ 731.204975][T16525] ? vfs_getxattr_alloc+0xec/0x350 [ 731.205028][T16525] ? ima_get_hash_algo+0x22d/0x400 [ 731.205079][T16525] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 731.205138][T16525] ? process_measurement+0xdfe/0x2350 [ 731.205189][T16525] process_measurement+0xdfe/0x2350 [ 731.205254][T16525] ? stack_trace_save+0x8e/0xc0 [ 731.205304][T16525] ? __pfx_process_measurement+0x10/0x10 [ 731.205362][T16525] ? __lock_acquire+0x4a5/0x2630 [ 731.205397][T16525] ? __kasan_slab_alloc+0x89/0x90 [ 731.205433][T16525] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 731.205489][T16525] ? init_file+0x95/0x480 [ 731.205534][T16525] ? alloc_empty_file+0x79/0x1c0 [ 731.205583][T16525] ? alloc_file_pseudo+0x13a/0x230 [ 731.205633][T16525] ? ksys_mmap_pgoff+0x242/0x610 [ 731.205673][T16525] ? __x64_sys_mmap+0x125/0x190 [ 731.205710][T16525] ? do_syscall_64+0x10b/0xf80 [ 731.205802][T16525] ? __pfx_aa_file_perm+0x10/0x10 [ 731.205862][T16525] ima_file_mmap+0x1c4/0x1f0 [ 731.205927][T16525] ? __pfx_ima_file_mmap+0x10/0x10 [ 731.205995][T16525] security_mmap_file+0x278/0x9b0 [ 731.206040][T16525] vm_mmap_pgoff+0xec/0x470 [ 731.206089][T16525] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 731.206130][T16525] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 731.206184][T16525] ? hugetlbfs_get_inode+0x3f5/0x700 [ 731.206248][T16525] ksys_mmap_pgoff+0x285/0x610 [ 731.206296][T16525] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 731.206338][T16525] ? xfd_validate_state+0x129/0x190 [ 731.206383][T16525] __x64_sys_mmap+0x125/0x190 [ 731.206425][T16525] do_syscall_64+0x10b/0xf80 [ 731.206477][T16525] ? clear_bhb_loop+0x40/0x90 [ 731.206520][T16525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.206556][T16525] RIP: 0033:0x7f5a26f9ce59 [ 731.206584][T16525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 731.206619][T16525] RSP: 002b:00007f5a27ed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 731.206653][T16525] RAX: ffffffffffffffda RBX: 00007f5a27215fa0 RCX: 00007f5a26f9ce59 [ 731.206677][T16525] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 731.206699][T16525] RBP: 00007f5a27032d6f R08: 0000000000000401 R09: 0000300000000000 [ 731.206721][T16525] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 731.206741][T16525] R13: 00007f5a27216038 R14: 00007f5a27215fa0 R15: 00007ffd62224dc8 [ 731.206785][T16525] [ 731.210825][ T30] audit: type=1800 audit(4294967333.220:20): pid=16525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3228" name="anon_hugepage" dev="hugetlbfs" ino=77619 res=0 errno=0 [ 732.049426][ T5634] Bluetooth: hci2: Malformed Event: 0x02 [ 732.348284][T16543] FAULT_INJECTION: forcing a failure. [ 732.348284][T16543] name failslab, interval 1, probability 0, space 0, times 0 [ 732.381219][T16543] CPU: 0 UID: 0 PID: 16543 Comm: syz.0.3235 Tainted: G L syzkaller #0 PREEMPT(full) [ 732.381284][T16543] Tainted: [L]=SOFTLOCKUP [ 732.381297][T16543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 732.381318][T16543] Call Trace: [ 732.381331][T16543] [ 732.381344][T16543] dump_stack_lvl+0x100/0x190 [ 732.381390][T16543] should_fail_ex.cold+0x5/0xa [ 732.381434][T16543] should_failslab+0xc2/0x120 [ 732.381475][T16543] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 732.381533][T16543] ? alloc_inode+0x183/0x250 [ 732.381585][T16543] ? do_futex+0x192/0x350 [ 732.381631][T16543] alloc_inode+0x183/0x250 [ 732.381686][T16543] create_pipe_files+0x4c/0x970 [ 732.381737][T16543] do_pipe2+0xbd/0x1e0 [ 732.381783][T16543] ? __pfx_do_pipe2+0x10/0x10 [ 732.381830][T16543] ? pipe_ioctl+0x226/0x2c0 [ 732.381872][T16543] ? syscall_user_dispatch+0x76/0x130 [ 732.381916][T16543] __x64_sys_pipe+0x33/0x50 [ 732.381962][T16543] do_syscall_64+0x10b/0xf80 [ 732.382016][T16543] ? clear_bhb_loop+0x40/0x90 [ 732.382060][T16543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.382095][T16543] RIP: 0033:0x7f5d5859ce59 [ 732.382128][T16543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 732.382164][T16543] RSP: 002b:00007f5d594bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 732.382198][T16543] RAX: ffffffffffffffda RBX: 00007f5d58815fa0 RCX: 00007f5d5859ce59 [ 732.382222][T16543] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 732.382243][T16543] RBP: 00007f5d58632d6f R08: 0000000000000000 R09: 0000000000000000 [ 732.382273][T16543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 732.382295][T16543] R13: 00007f5d58816038 R14: 00007f5d58815fa0 R15: 00007ffd2a29d298 [ 732.382340][T16543] [ 733.170013][T16554] smpboot: CPU 1 is now offline [ 733.418367][T16564] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3242'. [ 734.161267][T16572] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 735.395833][T16597] Process accounting resumed [ 735.893518][T16605] netlink: 54 bytes leftover after parsing attributes in process `syz.3.3257'. [ 737.986875][T16632] netlink: 9 bytes leftover after parsing attributes in process `syz.1.3267'. [ 738.021265][T16632] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3267'. [ 738.263492][T16638] netlink: 504 bytes leftover after parsing attributes in process `syz.1.3269'. [ 738.832038][ T5634] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 738.832073][ T5634] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 738.847701][ T5634] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 738.847754][ T5634] Bluetooth: hci0: adv larger than maximum supported [ 738.857576][ T5634] Bluetooth: hci0: Unknown advertising packet type: 0x3f [ 738.864386][ T5634] Bluetooth: hci0: Unknown advertising packet type: 0x58 [ 738.871798][ T5634] Bluetooth: hci0: Malformed LE Event: 0x0d [ 739.541529][T16657] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3272'. [ 739.580160][T16654] HfR: entered promiscuous mode [ 739.767856][T16657] HfR: left promiscuous mode [ 740.216258][T16667] random: crng reseeded on system resumption [ 740.762821][T16671] usb usb37: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 740.870521][T16671] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 741.679346][T16691] FAULT_INJECTION: forcing a failure. [ 741.679346][T16691] name failslab, interval 1, probability 0, space 0, times 0 [ 741.723662][T16691] CPU: 0 UID: 0 PID: 16691 Comm: syz.0.3280 Tainted: G L syzkaller #0 PREEMPT(full) [ 741.723726][T16691] Tainted: [L]=SOFTLOCKUP [ 741.723735][T16691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 741.723751][T16691] Call Trace: [ 741.723759][T16691] [ 741.723769][T16691] dump_stack_lvl+0x100/0x190 [ 741.723802][T16691] should_fail_ex.cold+0x5/0xa [ 741.723834][T16691] should_failslab+0xc2/0x120 [ 741.723862][T16691] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 741.723902][T16691] ? ima_inode_get+0x11f/0x580 [ 741.723946][T16691] ima_inode_get+0x11f/0x580 [ 741.723987][T16691] process_measurement+0x1213/0x2350 [ 741.724032][T16691] ? stack_depot_save_flags+0x27/0x9d0 [ 741.724063][T16691] ? stack_trace_save+0x8e/0xc0 [ 741.724098][T16691] ? __pfx_process_measurement+0x10/0x10 [ 741.724138][T16691] ? __lock_acquire+0x4a5/0x2630 [ 741.724162][T16691] ? __kasan_slab_alloc+0x89/0x90 [ 741.724187][T16691] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 741.724227][T16691] ? init_file+0x95/0x480 [ 741.724259][T16691] ? alloc_empty_file+0x79/0x1c0 [ 741.724294][T16691] ? alloc_file_pseudo+0x13a/0x230 [ 741.724330][T16691] ? ksys_mmap_pgoff+0x242/0x610 [ 741.724357][T16691] ? __x64_sys_mmap+0x125/0x190 [ 741.724383][T16691] ? do_syscall_64+0x10b/0xf80 [ 741.724447][T16691] ? __pfx_aa_file_perm+0x10/0x10 [ 741.724489][T16691] ima_file_mmap+0x1c4/0x1f0 [ 741.724534][T16691] ? __pfx_ima_file_mmap+0x10/0x10 [ 741.724581][T16691] security_mmap_file+0x278/0x9b0 [ 741.724613][T16691] vm_mmap_pgoff+0xec/0x470 [ 741.724648][T16691] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 741.724677][T16691] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 741.724722][T16691] ? hugetlbfs_get_inode+0x3f5/0x700 [ 741.724767][T16691] ksys_mmap_pgoff+0x285/0x610 [ 741.724801][T16691] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 741.724831][T16691] ? xfd_validate_state+0x129/0x190 [ 741.724862][T16691] __x64_sys_mmap+0x125/0x190 [ 741.724892][T16691] do_syscall_64+0x10b/0xf80 [ 741.724929][T16691] ? clear_bhb_loop+0x40/0x90 [ 741.724958][T16691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.724983][T16691] RIP: 0033:0x7f5d5859ce59 [ 741.725003][T16691] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 741.725028][T16691] RSP: 002b:00007f5d594bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 741.725052][T16691] RAX: ffffffffffffffda RBX: 00007f5d58815fa0 RCX: 00007f5d5859ce59 [ 741.725069][T16691] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 741.725084][T16691] RBP: 00007f5d58632d6f R08: 0000000000000401 R09: 0000300000000000 [ 741.725100][T16691] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 741.725115][T16691] R13: 00007f5d58816038 R14: 00007f5d58815fa0 R15: 00007ffd2a29d298 [ 741.725146][T16691] [ 742.778308][T16710] ubi3: attaching mtd1 [ 743.943339][T16732] netlink: 306 bytes leftover after parsing attributes in process `syz.0.3297'. [ 744.455399][T16730] FAULT_INJECTION: forcing a failure. [ 744.455399][T16730] name fail_futex, interval 1, probability 0, space 0, times 0 [ 744.501034][T16730] CPU: 0 UID: 0 PID: 16730 Comm: syz.3.3296 Tainted: G L syzkaller #0 PREEMPT(full) [ 744.501098][T16730] Tainted: [L]=SOFTLOCKUP [ 744.501114][T16730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 744.501130][T16730] Call Trace: [ 744.501138][T16730] [ 744.501147][T16730] dump_stack_lvl+0x100/0x190 [ 744.501180][T16730] should_fail_ex.cold+0x5/0xa [ 744.501211][T16730] get_futex_key+0x1d2/0x1510 [ 744.501239][T16730] ? __pfx_get_futex_key+0x10/0x10 [ 744.501262][T16730] ? futex_hash+0x2ad/0x370 [ 744.501286][T16730] ? futex_hash+0x141/0x370 [ 744.501313][T16730] futex_wake+0xea/0x530 [ 744.501345][T16730] ? __pfx_futex_wait+0x10/0x10 [ 744.501378][T16730] ? __pfx_futex_wake+0x10/0x10 [ 744.501413][T16730] ? __lock_acquire+0x4a5/0x2630 [ 744.501436][T16730] ? do_sys_openat2+0x1b4/0x1e0 [ 744.501486][T16730] do_futex+0x32b/0x350 [ 744.501514][T16730] ? __pfx_do_futex+0x10/0x10 [ 744.501543][T16730] ? find_held_lock+0x2b/0x80 [ 744.501579][T16730] __x64_sys_futex+0x34f/0x4d0 [ 744.501609][T16730] ? __fget_files+0x21f/0x3d0 [ 744.501638][T16730] ? __pfx___x64_sys_futex+0x10/0x10 [ 744.501671][T16730] ? rcu_is_watching+0x12/0xc0 [ 744.501704][T16730] do_syscall_64+0x10b/0xf80 [ 744.501743][T16730] ? clear_bhb_loop+0x40/0x90 [ 744.501772][T16730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.501797][T16730] RIP: 0033:0x7f5a26f9ce59 [ 744.501817][T16730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 744.501842][T16730] RSP: 002b:00007f5a27ed00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 744.501866][T16730] RAX: ffffffffffffffda RBX: 00007f5a27215fa8 RCX: 00007f5a26f9ce59 [ 744.501883][T16730] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5a27215fac [ 744.501898][T16730] RBP: 00007f5a27215fa0 R08: 0000000000000001 R09: 0000000000000000 [ 744.501927][T16730] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 744.501944][T16730] R13: 00007f5a27216038 R14: 00007ffd62224ce0 R15: 00007ffd62224dc8 [ 744.501975][T16730] [ 745.205215][T16747] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 745.293913][T16747] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 745.391669][T16747] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 745.690561][T16752] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum [ 746.438454][ T5637] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 746.455636][ T5637] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 746.470507][ T5637] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 746.483344][ T5637] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 746.496596][ T5637] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 746.527672][ T5637] Bluetooth: hci1: unexpected subevent 0x01 length: 3 < 18 [ 747.515702][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.522286][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.446901][T16777] Process accounting resumed [ 748.552464][ T5637] Bluetooth: hci4: command tx timeout [ 749.483682][T16761] bridge0: port 1(bridge_slave_0) entered blocking state [ 749.483769][T16761] bridge0: port 1(bridge_slave_0) entered disabled state [ 749.483918][T16761] bridge_slave_0: entered allmulticast mode [ 749.493227][T16761] bridge_slave_0: entered promiscuous mode [ 749.509573][T16761] bridge0: port 2(bridge_slave_1) entered blocking state [ 749.509653][T16761] bridge0: port 2(bridge_slave_1) entered disabled state [ 749.509779][T16761] bridge_slave_1: entered allmulticast mode [ 749.518908][T16761] bridge_slave_1: entered promiscuous mode [ 749.747887][T16761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 749.808886][T16761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 749.975003][T16761] team0: Port device team_slave_0 added [ 749.987877][T16761] team0: Port device team_slave_1 added [ 750.306618][T16761] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 750.306641][T16761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 750.306673][T16761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 750.332956][T16761] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 750.332979][T16761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 750.333012][T16761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 750.631229][ T5637] Bluetooth: hci4: command tx timeout [ 750.714290][T16761] hsr_slave_0: entered promiscuous mode [ 750.715212][T16761] hsr_slave_1: entered promiscuous mode [ 750.719151][T16761] debugfs: 'hsr0' already exists in 'hsr' [ 750.719181][T16761] Cannot create hsr debugfs directory [ 751.190422][T16824] random: crng reseeded on system resumption [ 751.986351][T16761] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 752.107372][T16761] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 752.149843][T16761] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 752.194832][T16761] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 752.239514][T16761] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 752.297912][T16761] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 752.316905][ T5637] block nbd1: Receive control failed (result -32) [ 752.369781][T16761] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 752.407345][T16761] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 752.711219][ T5637] Bluetooth: hci4: command tx timeout [ 752.986626][T16761] 8021q: adding VLAN 0 to HW filter on device bond0 [ 753.070526][T16761] 8021q: adding VLAN 0 to HW filter on device team0 [ 753.114986][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 753.122208][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 753.207787][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 753.215091][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 754.761306][T16761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 754.791830][ T5637] Bluetooth: hci4: command tx timeout [ 755.552557][T16761] veth0_vlan: entered promiscuous mode [ 755.590116][T16761] veth1_vlan: entered promiscuous mode [ 755.663598][T16761] veth0_macvtap: entered promiscuous mode [ 755.692456][T16761] veth1_macvtap: entered promiscuous mode [ 755.740568][T16761] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 755.774455][T16761] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 755.806645][ T3411] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 755.846507][ T3411] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 755.885035][ T3411] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 755.921577][ T3411] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 756.126363][ T3411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 756.158288][ T3411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 756.242199][ T3411] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 756.259810][ T3411] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 756.598946][T16906] ubi3: attaching mtd1 [ 758.284226][T16926] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 758.524705][T16930] FAULT_INJECTION: forcing a failure. [ 758.524705][T16930] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 758.571579][ T5637] Bluetooth: hci0: unexpected subevent 0x18 length: 123 > 19 [ 758.580015][ T5637] Bluetooth: hci0: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 758.608729][T16930] CPU: 0 UID: 0 PID: 16930 Comm: syz.0.3336 Tainted: G L syzkaller #0 PREEMPT(full) [ 758.608770][T16930] Tainted: [L]=SOFTLOCKUP [ 758.608779][T16930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 758.608794][T16930] Call Trace: [ 758.608803][T16930] [ 758.608812][T16930] dump_stack_lvl+0x100/0x190 [ 758.608844][T16930] should_fail_ex.cold+0x5/0xa [ 758.608871][T16930] ? prepare_alloc_pages+0x16d/0x5f0 [ 758.608905][T16930] should_fail_alloc_page+0xeb/0x140 [ 758.608936][T16930] prepare_alloc_pages+0x1f0/0x5f0 [ 758.608973][T16930] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 758.609022][T16930] ? __lock_acquire+0x4a5/0x2630 [ 758.609045][T16930] ? __lock_acquire+0x4a5/0x2630 [ 758.609067][T16930] ? css_rstat_updated+0x1ce/0x5a0 [ 758.609117][T16930] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 758.609161][T16930] ? lock_acquire+0x1b1/0x370 [ 758.609185][T16930] ? find_held_lock+0x2b/0x80 [ 758.609217][T16930] ? page_table_check_set+0x477/0x920 [ 758.609251][T16930] ? page_table_check_set+0x486/0x920 [ 758.609281][T16930] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 758.609318][T16930] ? policy_nodemask+0xed/0x4f0 [ 758.609349][T16930] alloc_pages_mpol+0x1fb/0x540 [ 758.609379][T16930] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 758.609406][T16930] ? __lock_acquire+0x4a5/0x2630 [ 758.609429][T16930] ? rcu_read_unlock+0x2d/0xb0 [ 758.609472][T16930] folio_alloc_mpol_noprof+0x36/0x260 [ 758.609507][T16930] vma_alloc_folio_noprof+0xed/0x1d0 [ 758.609541][T16930] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 758.609578][T16930] ? __lock_acquire+0x4a5/0x2630 [ 758.609603][T16930] ? __pfx_filemap_map_pages+0x10/0x10 [ 758.609641][T16930] do_fault+0x1e6/0x1750 [ 758.609676][T16930] __handle_mm_fault+0x187d/0x2a00 [ 758.609717][T16930] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 758.609752][T16930] ? __pfx___handle_mm_fault+0x10/0x10 [ 758.609792][T16930] ? pte_offset_map_lock+0x174/0x320 [ 758.609820][T16930] ? find_held_lock+0x2b/0x80 [ 758.609860][T16930] ? follow_page_pte+0x4d0/0x13f0 [ 758.609895][T16930] handle_mm_fault+0x36d/0xa20 [ 758.609937][T16930] __get_user_pages+0x1178/0x32a0 [ 758.609978][T16930] ? __pfx___get_user_pages+0x10/0x10 [ 758.610016][T16930] populate_vma_page_range+0x267/0x3f0 [ 758.610051][T16930] ? __pfx_populate_vma_page_range+0x10/0x10 [ 758.610084][T16930] ? __pfx_find_vma_intersection+0x10/0x10 [ 758.610124][T16930] ? do_mmap+0x93f/0x12f0 [ 758.610157][T16930] __mm_populate+0x107/0x3a0 [ 758.610190][T16930] ? __pfx___mm_populate+0x10/0x10 [ 758.610225][T16930] ? up_write+0x28c/0x4f0 [ 758.610255][T16930] vm_mmap_pgoff+0x37f/0x470 [ 758.610290][T16930] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 758.610320][T16930] ? __fget_files+0x215/0x3d0 [ 758.610353][T16930] ? __fget_files+0x21f/0x3d0 [ 758.610387][T16930] ksys_mmap_pgoff+0x3cb/0x610 [ 758.610417][T16930] ? __x64_sys_futex+0x358/0x4d0 [ 758.610445][T16930] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 758.610474][T16930] ? xfd_validate_state+0x129/0x190 [ 758.610505][T16930] __x64_sys_mmap+0x125/0x190 [ 758.610535][T16930] do_syscall_64+0x10b/0xf80 [ 758.610575][T16930] ? clear_bhb_loop+0x40/0x90 [ 758.610606][T16930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 758.610632][T16930] RIP: 0033:0x7f5d5859ce59 [ 758.610652][T16930] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 758.610676][T16930] RSP: 002b:00007f5d594bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 758.610700][T16930] RAX: ffffffffffffffda RBX: 00007f5d58815fa0 RCX: 00007f5d5859ce59 [ 758.610716][T16930] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000000000000 [ 758.610731][T16930] RBP: 00007f5d58632d6f R08: 0000000000000007 R09: 0000000000008000 [ 758.610746][T16930] R10: 0008000000008012 R11: 0000000000000246 R12: 0000000000000000 [ 758.610761][T16930] R13: 00007f5d58816038 R14: 00007f5d58815fa0 R15: 00007ffd2a29d298 [ 758.610793][T16930] [ 759.007491][T16932] binder: 16931:16932 ioctl c0306201 200000000000 returned -11 [ 760.564079][T16938] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 760.608840][T16938] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 760.888286][T16938] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 760.902566][T16938] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 760.915362][T16938] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 760.929692][T16938] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 760.944236][T16938] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 760.990117][T16938] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 761.398711][T16953] binder: 16952:16953 ioctl 400c620e 0 returned -22 [ 761.506172][T16959] ubi3: attaching mtd1 [ 761.941691][T16970] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3351'. [ 762.311306][ T5637] Bluetooth: hci2: command 0x0406 tx timeout [ 762.495842][T16974] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer. [ 762.951211][ T5637] Bluetooth: hci4: command 0x0c1a tx timeout [ 762.957349][ T5634] Bluetooth: hci0: command 0x0406 tx timeout [ 762.964766][ T5634] Bluetooth: hci1: command 0x0406 tx timeout [ 762.972132][ T5637] Bluetooth: hci3: command 0x0406 tx timeout [ 763.084090][T16987] FAULT_INJECTION: forcing a failure. [ 763.084090][T16987] name failslab, interval 1, probability 0, space 0, times 0 [ 763.171475][T16987] CPU: 0 UID: 0 PID: 16987 Comm: syz.3.3357 Tainted: G L syzkaller #0 PREEMPT(full) [ 763.171515][T16987] Tainted: [L]=SOFTLOCKUP [ 763.171525][T16987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 763.171540][T16987] Call Trace: [ 763.171549][T16987] [ 763.171558][T16987] dump_stack_lvl+0x100/0x190 [ 763.171594][T16987] should_fail_ex.cold+0x5/0xa [ 763.171632][T16987] should_failslab+0xc2/0x120 [ 763.171662][T16987] __kmalloc_cache_noprof+0x7a/0x6f0 [ 763.171699][T16987] ? trace_pid_list_alloc+0x2fe/0x480 [ 763.171740][T16987] trace_pid_list_alloc+0x2fe/0x480 [ 763.171779][T16987] trace_pid_write+0x110/0x460 [ 763.171815][T16987] ? __pfx_trace_pid_write+0x10/0x10 [ 763.171866][T16987] event_pid_write.isra.0+0x1e4/0x7d0 [ 763.171906][T16987] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 763.171952][T16987] vfs_write+0x2aa/0x1070 [ 763.171981][T16987] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 763.172022][T16987] ? __pfx_vfs_write+0x10/0x10 [ 763.172049][T16987] ? __fget_files+0x215/0x3d0 [ 763.172085][T16987] ? __fget_files+0x21f/0x3d0 [ 763.172122][T16987] ksys_write+0x12a/0x250 [ 763.172150][T16987] ? __pfx_ksys_write+0x10/0x10 [ 763.172181][T16987] ? rcu_is_watching+0x12/0xc0 [ 763.172215][T16987] do_syscall_64+0x10b/0xf80 [ 763.172254][T16987] ? clear_bhb_loop+0x40/0x90 [ 763.172284][T16987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 763.172309][T16987] RIP: 0033:0x7f5a26f9ce59 [ 763.172329][T16987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 763.172354][T16987] RSP: 002b:00007f5a27ed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 763.172378][T16987] RAX: ffffffffffffffda RBX: 00007f5a27215fa0 RCX: 00007f5a26f9ce59 [ 763.172394][T16987] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 763.172409][T16987] RBP: 00007f5a27032d6f R08: 0000000000000000 R09: 0000000000000000 [ 763.172425][T16987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 763.172440][T16987] R13: 00007f5a27216038 R14: 00007f5a27215fa0 R15: 00007ffd62224dc8 [ 763.172471][T16987] syzkaller syzkaller login: [ 764.398448][T16986] Bluetooth: hci2: command 0x0406 tx timeout [ 764.907451][T17009] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 765.031525][T16986] Bluetooth: hci4: command 0x0c1a tx timeout [ 765.534313][T17025] Process accounting paused [ 767.111209][T16986] Bluetooth: hci4: command 0x0c1a tx timeout [ 767.677418][T17053] netlink: 'syz.4.3379': attribute type 1 has an invalid length. [ 767.709416][T17053] netlink: 13 bytes leftover after parsing attributes in process `syz.4.3379'. [ 767.740510][T17053] netlink: 'syz.4.3379': attribute type 1 has an invalid length. [ 779.345228][T16986] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 779.466293][T17076] FAULT_INJECTION: forcing a failure. [ 779.466293][T17076] name failslab, interval 1, probability 0, space 0, times 0 [ 779.548257][T17076] CPU: 0 UID: 0 PID: 17076 Comm: syz.3.3387 Tainted: G L syzkaller #0 PREEMPT(full) [ 779.548298][T17076] Tainted: [L]=SOFTLOCKUP [ 779.548307][T17076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 779.548322][T17076] Call Trace: [ 779.548330][T17076] [ 779.548340][T17076] dump_stack_lvl+0x100/0x190 [ 779.548371][T17076] should_fail_ex.cold+0x5/0xa [ 779.548403][T17076] should_failslab+0xc2/0x120 [ 779.548432][T17076] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 779.548458][T17076] ? kasprintf+0xc7/0x100 [ 779.548485][T17076] ? __lock_acquire+0x4a5/0x2630 [ 779.548512][T17076] kvasprintf+0xbc/0x150 [ 779.548538][T17076] ? __pfx_kvasprintf+0x10/0x10 [ 779.548576][T17076] kasprintf+0xc7/0x100 [ 779.548602][T17076] ? __pfx_kasprintf+0x10/0x10 [ 779.548630][T17076] ? __is_module_percpu_address+0x1c2/0x430 [ 779.548679][T17076] wq_init_lockdep+0x3f/0xe0 [ 779.548716][T17076] alloc_workqueue_noprof+0xdc/0x130 [ 779.548753][T17076] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 779.548796][T17076] ? __pfx___debug_object_init+0x10/0x10 [ 779.548843][T17076] nci_register_device+0x21e/0xb80 [ 779.548878][T17076] ? __pfx_nci_register_device+0x10/0x10 [ 779.548913][T17076] ? lockdep_init_map_type+0x5c/0x250 [ 779.548943][T17076] virtual_ncidev_open+0x141/0x220 [ 779.548985][T17076] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 779.549025][T17076] misc_open+0x26d/0x450 [ 779.549066][T17076] ? __pfx_misc_open+0x10/0x10 [ 779.549098][T17076] chrdev_open+0x234/0x6a0 [ 779.549129][T17076] ? __pfx_apparmor_file_open+0x10/0x10 [ 779.549153][T17076] ? __pfx_chrdev_open+0x10/0x10 [ 779.549186][T17076] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 779.549226][T17076] do_dentry_open+0x6d8/0x1660 [ 779.549255][T17076] ? __pfx_chrdev_open+0x10/0x10 [ 779.549296][T17076] vfs_open+0x82/0x3f0 [ 779.549336][T17076] path_openat+0x208c/0x31a0 [ 779.549377][T17076] ? __pfx_path_openat+0x10/0x10 [ 779.549419][T17076] do_file_open+0x20e/0x430 [ 779.549452][T17076] ? __pfx_do_file_open+0x10/0x10 [ 779.549504][T17076] ? alloc_fd+0x476/0x790 [ 779.549543][T17076] ? do_getname+0x191/0x390 [ 779.549584][T17076] do_sys_openat2+0x10d/0x1e0 [ 779.549622][T17076] ? __pfx_do_sys_openat2+0x10/0x10 [ 779.549672][T17076] __x64_sys_openat+0x12d/0x210 [ 779.549712][T17076] ? __pfx___x64_sys_openat+0x10/0x10 [ 779.549756][T17076] ? rcu_is_watching+0x12/0xc0 [ 779.549791][T17076] do_syscall_64+0x10b/0xf80 [ 779.549829][T17076] ? clear_bhb_loop+0x40/0x90 [ 779.549858][T17076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.549883][T17076] RIP: 0033:0x7f5a26f9ce59 [ 779.549903][T17076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 779.549927][T17076] RSP: 002b:00007f5a27eaf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 779.549951][T17076] RAX: ffffffffffffffda RBX: 00007f5a27216090 RCX: 00007f5a26f9ce59 [ 779.549968][T17076] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 779.549984][T17076] RBP: 00007f5a27032d6f R08: 0000000000000000 R09: 0000000000000000 [ 779.549999][T17076] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 779.550014][T17076] R13: 00007f5a27216128 R14: 00007f5a27216090 R15: 00007ffd62224dc8 [ 779.550045][T17076] [ 779.983153][ T4947] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 780.012596][T17072] Process accounting paused [ 780.085263][ T4947] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 780.095256][ T4947] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 780.105030][ T4947] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 780.113493][ T4947] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 782.147304][T17080] bridge0: port 1(bridge_slave_0) entered blocking state [ 782.157012][ T4947] Bluetooth: hci5: command tx timeout [ 782.196108][T17080] bridge0: port 1(bridge_slave_0) entered disabled state [ 782.219428][T17080] bridge_slave_0: entered allmulticast mode [ 782.251340][T17080] bridge_slave_0: entered promiscuous mode [ 782.282066][T17080] bridge0: port 2(bridge_slave_1) entered blocking state [ 782.317758][T17080] bridge0: port 2(bridge_slave_1) entered disabled state [ 782.355805][T17080] bridge_slave_1: entered allmulticast mode [ 782.385451][T17080] bridge_slave_1: entered promiscuous mode [ 782.506814][T17080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 782.549538][T17080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 782.699427][T17080] team0: Port device team_slave_0 added [ 782.728149][T17080] team0: Port device team_slave_1 added [ 782.834169][T17080] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 782.864435][T17080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 782.981912][T17080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 783.063214][T17080] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 783.093875][T17080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 783.186616][T17080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 783.345401][T17080] hsr_slave_0: entered promiscuous mode [ 783.384525][T17080] hsr_slave_1: entered promiscuous mode [ 783.414510][T17080] debugfs: 'hsr0' already exists in 'hsr' [ 783.437546][T17080] Cannot create hsr debugfs directory [ 784.232504][ T4947] Bluetooth: hci5: command tx timeout [ 784.385885][T17080] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 784.437286][T17080] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 784.466138][T17080] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 784.505006][T17080] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 784.528700][T17080] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 784.576371][T17080] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 784.610061][T17080] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 784.649263][T17080] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 785.027631][T17080] 8021q: adding VLAN 0 to HW filter on device bond0 [ 785.113557][T17080] 8021q: adding VLAN 0 to HW filter on device team0 [ 785.179929][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 785.187142][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 785.316821][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 785.324077][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 786.311623][ T4947] Bluetooth: hci5: command tx timeout [ 787.075695][T17080] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 787.176947][T17171] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 787.229390][T17171] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 787.260260][T17178] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 787.284518][T17171] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 787.344575][T17171] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 787.383909][T17171] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 787.429971][T17171] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 787.488895][T17171] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 787.600210][T17171] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 787.934759][T17080] veth0_vlan: entered promiscuous mode [ 788.003923][T17080] veth1_vlan: entered promiscuous mode [ 788.115703][T17080] veth0_macvtap: entered promiscuous mode [ 788.149058][T17080] veth1_macvtap: entered promiscuous mode [ 788.254523][T17080] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 788.315617][T17080] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 788.382945][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.425457][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.477660][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.504765][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.757629][T15402] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 788.807645][T15402] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 788.925937][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 788.951270][ T4947] Bluetooth: hci2: command 0x0406 tx timeout [ 788.967005][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 789.271406][ T4947] Bluetooth: hci3: command 0x0406 tx timeout [ 789.351477][ T4947] Bluetooth: hci0: command 0x0406 tx timeout [ 789.357639][T16986] Bluetooth: hci1: command 0x0406 tx timeout [ 789.431412][T16986] Bluetooth: hci4: command 0x0c1a tx timeout [ 789.437520][ T4947] Bluetooth: hci5: command 0x0c1a tx timeout [ 791.464760][T17223] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3412'. [ 791.485764][T17223] netlink: 13 bytes leftover after parsing attributes in process `syz.5.3412'. [ 791.511358][ T4947] Bluetooth: hci5: command 0x0c1a tx timeout [ 792.506968][T17235] netlink: 252 bytes leftover after parsing attributes in process `syz.5.3415'. [ 792.529910][T17235] netlink: 252 bytes leftover after parsing attributes in process `syz.5.3415'. [ 793.594102][ T4947] Bluetooth: hci5: command 0x0c1a tx timeout [ 793.879705][ T4947] Bluetooth: hci5: ACL packet for unknown connection handle 0 [ 794.585079][T17256] FAULT_INJECTION: forcing a failure. [ 794.585079][T17256] name failslab, interval 1, probability 0, space 0, times 0 [ 794.613619][T17256] CPU: 0 UID: 0 PID: 17256 Comm: syz.4.3420 Tainted: G L syzkaller #0 PREEMPT(full) [ 794.613666][T17256] Tainted: [L]=SOFTLOCKUP [ 794.613675][T17256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 794.613693][T17256] Call Trace: [ 794.613702][T17256] [ 794.613713][T17256] dump_stack_lvl+0x100/0x190 [ 794.613753][T17256] should_fail_ex.cold+0x5/0xa [ 794.613792][T17256] should_failslab+0xc2/0x120 [ 794.613824][T17256] __kmalloc_cache_noprof+0x7a/0x6f0 [ 794.613861][T17256] ? trace_pid_list_alloc+0x2fe/0x480 [ 794.613904][T17256] trace_pid_list_alloc+0x2fe/0x480 [ 794.613942][T17256] trace_pid_write+0x110/0x460 [ 794.613978][T17256] ? __pfx_trace_pid_write+0x10/0x10 [ 794.614031][T17256] event_pid_write.isra.0+0x1e4/0x7d0 [ 794.614071][T17256] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 794.614117][T17256] vfs_write+0x2aa/0x1070 [ 794.614147][T17256] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 794.614195][T17256] ? __pfx_vfs_write+0x10/0x10 [ 794.614223][T17256] ? __fget_files+0x215/0x3d0 [ 794.614259][T17256] ? __fget_files+0x21f/0x3d0 [ 794.614296][T17256] ksys_write+0x12a/0x250 [ 794.614325][T17256] ? __pfx_ksys_write+0x10/0x10 [ 794.614356][T17256] ? rcu_is_watching+0x12/0xc0 [ 794.614392][T17256] do_syscall_64+0x10b/0xf80 [ 794.614431][T17256] ? clear_bhb_loop+0x40/0x90 [ 794.614461][T17256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 794.614487][T17256] RIP: 0033:0x7f59ff59ce59 [ 794.614507][T17256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 794.614533][T17256] RSP: 002b:00007f59fd7ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 794.614557][T17256] RAX: ffffffffffffffda RBX: 00007f59ff815fa0 RCX: 00007f59ff59ce59 [ 794.614573][T17256] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 794.614589][T17256] RBP: 00007f59ff632d6f R08: 0000000000000000 R09: 0000000000000000 [ 794.614604][T17256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 794.614619][T17256] R13: 00007f59ff816038 R14: 00007f59ff815fa0 R15: 00007ffed26b3a48 [ 794.614650][T17256] [ 794.963932][T17258] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 795.596146][T17265] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3423'. [ 795.619375][T17266] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3422'. [ 795.632612][T16986] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 795.663934][T16986] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 795.674123][T16986] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 795.682439][T16986] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 795.690025][T16986] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 795.751020][T17266] netlink: 13 bytes leftover after parsing attributes in process `syz.4.3422'. [ 797.528969][T17267] bridge0: port 1(bridge_slave_0) entered blocking state [ 797.558661][T17267] bridge0: port 1(bridge_slave_0) entered disabled state [ 797.583758][T17267] bridge_slave_0: entered allmulticast mode [ 797.637520][T17267] bridge_slave_0: entered promiscuous mode [ 797.677568][T17267] bridge0: port 2(bridge_slave_1) entered blocking state [ 797.706448][T17267] bridge0: port 2(bridge_slave_1) entered disabled state [ 797.730921][T17267] bridge_slave_1: entered allmulticast mode [ 797.751487][T16986] Bluetooth: hci6: command tx timeout [ 797.770223][T17267] bridge_slave_1: entered promiscuous mode [ 797.889639][T17267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 797.929812][T17267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 798.048447][T17267] team0: Port device team_slave_0 added [ 798.089077][T17267] team0: Port device team_slave_1 added [ 798.196456][T17267] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 798.227614][T17267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 798.328103][T17267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 798.378253][T17267] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 798.413787][T17267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 798.501694][T17267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 798.670902][T17267] hsr_slave_0: entered promiscuous mode [ 798.701616][T17267] hsr_slave_1: entered promiscuous mode [ 798.722448][T17267] debugfs: 'hsr0' already exists in 'hsr' [ 798.744969][T17267] Cannot create hsr debugfs directory [ 799.831471][T16986] Bluetooth: hci6: command tx timeout [ 800.025158][T17267] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 800.066538][T17267] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 800.086574][T17267] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 800.122517][T17267] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 800.145546][T17267] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 800.208310][T17267] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 800.235322][T17267] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 800.260476][T17267] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 800.630444][T17267] 8021q: adding VLAN 0 to HW filter on device bond0 [ 800.700599][T17267] 8021q: adding VLAN 0 to HW filter on device team0 [ 800.715565][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 800.722761][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 800.750737][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 800.757970][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 800.810040][T17267] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 801.233335][T17267] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 801.527551][T17267] veth0_vlan: entered promiscuous mode [ 801.545242][T17267] veth1_vlan: entered promiscuous mode [ 801.578144][T17267] veth0_macvtap: entered promiscuous mode [ 801.590919][T17267] veth1_macvtap: entered promiscuous mode [ 801.618331][T17267] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 801.634317][T17267] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 801.651365][ T3411] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.668153][ T3411] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.738187][ T3411] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.792717][ T3411] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.859706][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 801.883545][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 801.914318][T16986] Bluetooth: hci6: command tx timeout [ 801.938104][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 801.954779][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.446999][T17339] zswap: compressor not available [ 802.939188][T17355] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 803.991330][T16986] Bluetooth: hci6: command tx timeout [ 805.405626][ T4947] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 805.420089][ T4947] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 805.433915][ T4947] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 805.450166][ T4947] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 805.464952][ T4947] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 805.620597][T17383] zswap: compressor not available [ 806.347563][ T4947] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 806.347597][ T4947] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260 [ 806.365984][ T4947] Bluetooth: hci4: Unknown advertising packet type: 0x7f [ 806.366051][ T4947] Bluetooth: hci4: adv larger than maximum supported [ 806.373455][ T4947] Bluetooth: hci4: Unknown advertising packet type: 0x32 [ 806.384126][ T4947] Bluetooth: hci4: Unknown advertising packet type: 0x77 [ 806.394770][ T4947] Bluetooth: hci4: Unknown advertising packet type: 0x74 [ 806.402023][ T4947] Bluetooth: hci4: Malformed LE Event: 0x0d [ 807.239236][T17416] random: crng reseeded on system resumption [ 807.512200][ T4947] Bluetooth: hci7: command tx timeout [ 808.069864][T17424] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 808.367488][T17427] smpboot: CPU 1 is now offline [ 808.967257][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.976551][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.591878][T16986] Bluetooth: hci7: command tx timeout [ 809.806491][T17387] bridge0: port 1(bridge_slave_0) entered blocking state [ 809.886724][T17387] bridge0: port 1(bridge_slave_0) entered disabled state [ 809.925491][T17387] bridge_slave_0: entered allmulticast mode [ 810.000495][T17387] bridge_slave_0: entered promiscuous mode [ 810.072454][T17387] bridge0: port 2(bridge_slave_1) entered blocking state [ 810.118149][T17387] bridge0: port 2(bridge_slave_1) entered disabled state [ 810.150030][T17387] bridge_slave_1: entered allmulticast mode [ 810.187626][T17387] bridge_slave_1: entered promiscuous mode [ 810.391894][T17387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 810.450006][T17387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 810.601617][T17387] team0: Port device team_slave_0 added [ 810.647412][T17387] team0: Port device team_slave_1 added [ 810.919793][T17387] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 810.955523][T17387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 811.090016][T17387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 811.199968][T17387] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 811.242025][T17387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 811.363960][T17387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 811.672868][ T4947] Bluetooth: hci7: command tx timeout [ 811.856160][T17387] hsr_slave_0: entered promiscuous mode [ 811.877037][T17387] hsr_slave_1: entered promiscuous mode [ 811.901771][T17387] debugfs: 'hsr0' already exists in 'hsr' [ 811.924509][T17387] Cannot create hsr debugfs directory [ 812.633838][T17387] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 812.650794][T17387] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 812.662492][T17387] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 812.673364][T17387] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 812.681976][T17387] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 812.692040][T17387] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 812.700166][T17387] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 812.714585][T17387] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 812.816849][T17387] 8021q: adding VLAN 0 to HW filter on device bond0 [ 812.839472][T17387] 8021q: adding VLAN 0 to HW filter on device team0 [ 812.855933][ T3346] bridge0: port 1(bridge_slave_0) entered blocking state [ 812.863221][ T3346] bridge0: port 1(bridge_slave_0) entered forwarding state [ 812.904711][ T3346] bridge0: port 2(bridge_slave_1) entered blocking state [ 812.911905][ T3346] bridge0: port 2(bridge_slave_1) entered forwarding state [ 813.386558][T17387] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 813.762927][ T4947] Bluetooth: hci7: command tx timeout [ 813.924472][T17387] veth0_vlan: entered promiscuous mode [ 813.940029][T17387] veth1_vlan: entered promiscuous mode [ 813.975619][T17387] veth0_macvtap: entered promiscuous mode [ 813.988803][T17387] veth1_macvtap: entered promiscuous mode [ 814.018715][T17387] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 814.037502][T17387] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 814.052534][ T3346] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.069330][ T3346] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.114524][ T3346] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.165134][ T3346] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 814.283349][ T3346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 814.308041][ T3346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 814.347395][T15402] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 814.356344][T15402] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 816.020467][T17523] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 816.078686][T17517] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 816.257081][ T22] IRQ fixup: irq 34 move in progress, old vector 49 [ 816.267609][T17524] smpboot: CPU 1 is now offline [ 816.399269][T17527] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 816.906173][T17533] ubi3: attaching mtd1 [ 819.568725][T17570] FAULT_INJECTION: forcing a failure. [ 819.568725][T17570] name fail_futex, interval 1, probability 0, space 0, times 0 [ 819.568769][T17570] CPU: 0 UID: 0 PID: 17570 Comm: syz.7.3474 Tainted: G L syzkaller #0 PREEMPT(full) [ 819.568805][T17570] Tainted: [L]=SOFTLOCKUP [ 819.568814][T17570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 819.568829][T17570] Call Trace: [ 819.568837][T17570] [ 819.568847][T17570] dump_stack_lvl+0x100/0x190 [ 819.568878][T17570] should_fail_ex.cold+0x5/0xa [ 819.568909][T17570] get_futex_key+0x1d2/0x1510 [ 819.568938][T17570] ? __pfx_get_futex_key+0x10/0x10 [ 819.568964][T17570] ? trace_pid_list_is_set+0x11a/0x390 [ 819.568996][T17570] ? trace_pid_list_is_set+0x22c/0x390 [ 819.569048][T17570] futex_wait_setup+0x83/0x510 [ 819.569088][T17570] __futex_wait+0x19f/0x300 [ 819.569124][T17570] ? __pfx___futex_wait+0x10/0x10 [ 819.569156][T17570] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 819.569198][T17570] ? __pfx_futex_wake_mark+0x10/0x10 [ 819.569235][T17570] ? find_held_lock+0x2b/0x80 [ 819.569267][T17570] ? futex_wake+0x456/0x530 [ 819.569305][T17570] futex_wait+0xe6/0x370 [ 819.569338][T17570] ? __pfx_futex_wait+0x10/0x10 [ 819.569378][T17570] ? madvise_unlock+0xa9/0x220 [ 819.569414][T17570] do_futex+0x1ef/0x350 [ 819.569441][T17570] ? __pfx_do_futex+0x10/0x10 [ 819.569475][T17570] __x64_sys_futex+0x34f/0x4d0 [ 819.569516][T17570] ? __pfx___x64_sys_futex+0x10/0x10 [ 819.569545][T17570] ? ksys_write+0x1ac/0x250 [ 819.569578][T17570] ? rcu_is_watching+0x12/0xc0 [ 819.569612][T17570] do_syscall_64+0x10b/0xf80 [ 819.569650][T17570] ? clear_bhb_loop+0x40/0x90 [ 819.569680][T17570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 819.569705][T17570] RIP: 0033:0x7f986b99ce59 [ 819.569726][T17570] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 819.569751][T17570] RSP: 002b:00007f986c7cc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 819.569774][T17570] RAX: ffffffffffffffda RBX: 00007f986bc16278 RCX: 00007f986b99ce59 [ 819.569790][T17570] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f986bc16278 [ 819.569804][T17570] RBP: 00007f986bc16270 R08: 0000000000000000 R09: 0000000000000000 [ 819.569819][T17570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 819.569834][T17570] R13: 00007f986bc16308 R14: 00007ffd87b99a00 R15: 00007ffd87b99ae8 [ 819.569865][T17570] [ 820.229478][T17582] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 820.446762][T17583] smpboot: CPU 1 is now offline [ 827.734789][T17676] netlink: 13 bytes leftover after parsing attributes in process `syz.6.3499'. [ 828.050876][T17679] netlink: 202 bytes leftover after parsing attributes in process `syz.6.3500'. [ 831.387805][T17721] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 831.564423][T17727] smpboot: CPU 1 is now offline [ 833.710468][T17758] ubi3: attaching mtd1 [ 835.929778][T17783] netlink: 62 bytes leftover after parsing attributes in process `syz.7.3529'. [ 836.119634][T17774] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 836.335069][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 836.344840][T17789] smpboot: CPU 1 is now offline [ 836.380168][T17795] random: crng reseeded on system resumption [ 838.536107][T17813] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 838.755629][T17818] smpboot: CPU 1 is now offline [ 838.917316][T17817] netlink: 34 bytes leftover after parsing attributes in process `syz.7.3538'. [ 839.356752][T17829] vhci_hcd vhci_hcd.2: invalid port number 111 [ 839.406669][T17829] vhci_hcd vhci_hcd.2: default hub control req: a356 va1b7 i006f l230 [ 840.288541][T17842] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3547'. [ 840.338365][T17842] veth1_macvtap: left promiscuous mode [ 840.379078][T17842] macsec0: entered promiscuous mode [ 840.412356][T17842] macsec0: entered allmulticast mode [ 841.151547][T17857] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 841.528315][T17864] netlink: 'syz.6.3555': attribute type 10 has an invalid length. [ 841.568061][T17864] netlink: 230 bytes leftover after parsing attributes in process `syz.6.3555'. [ 842.008880][T17871] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 842.339909][T17875] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 843.380579][T17879] MTRR 1 not used [ 847.399317][T17972] netlink: 122 bytes leftover after parsing attributes in process `syz.7.3582'. [ 850.647836][T18005] netlink: 62 bytes leftover after parsing attributes in process `syz.6.3595'. [ 851.310007][T18027] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 851.331694][T18019] FAULT_INJECTION: forcing a failure. [ 851.331694][T18019] name failslab, interval 1, probability 0, space 0, times 0 [ 851.395165][T18019] CPU: 0 UID: 0 PID: 18019 Comm: syz.4.3599 Tainted: G L syzkaller #0 PREEMPT(full) [ 851.395205][T18019] Tainted: [L]=SOFTLOCKUP [ 851.395215][T18019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 851.395230][T18019] Call Trace: [ 851.395239][T18019] [ 851.395250][T18019] dump_stack_lvl+0x100/0x190 [ 851.395281][T18019] should_fail_ex.cold+0x5/0xa [ 851.395312][T18019] ? tracepoint_add_func+0x3a8/0x1150 [ 851.395349][T18019] should_failslab+0xc2/0x120 [ 851.395378][T18019] __kmalloc_noprof+0xe0/0x850 [ 851.395406][T18019] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 851.395476][T18019] tracepoint_add_func+0x3a8/0x1150 [ 851.395512][T18019] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 851.395550][T18019] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 851.395581][T18019] tracepoint_probe_register+0xc4/0x110 [ 851.395620][T18019] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 851.395658][T18019] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 851.395683][T18019] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 851.395714][T18019] ? __pfx_probe_sched_switch+0x10/0x10 [ 851.395760][T18019] trace_event_reg+0x209/0x350 [ 851.395796][T18019] __ftrace_event_enable_disable+0x211/0x6f0 [ 851.395840][T18019] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 851.395875][T18019] ftrace_set_clr_event+0x1b7/0x3f0 [ 851.395906][T18019] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 851.395935][T18019] ? trace_get_user+0x3ae/0xa70 [ 851.395980][T18019] ftrace_event_write+0x259/0x2c0 [ 851.396016][T18019] ? __pfx_ftrace_event_write+0x10/0x10 [ 851.396057][T18019] vfs_write+0x2aa/0x1070 [ 851.396087][T18019] ? __pfx_ftrace_event_write+0x10/0x10 [ 851.396122][T18019] ? __pfx_vfs_write+0x10/0x10 [ 851.396150][T18019] ? __fget_files+0x215/0x3d0 [ 851.396186][T18019] ? __fget_files+0x21f/0x3d0 [ 851.396223][T18019] ksys_write+0x12a/0x250 [ 851.396264][T18019] ? __pfx_ksys_write+0x10/0x10 [ 851.396295][T18019] ? rcu_is_watching+0x12/0xc0 [ 851.396328][T18019] do_syscall_64+0x10b/0xf80 [ 851.396364][T18019] ? clear_bhb_loop+0x40/0x90 [ 851.396393][T18019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 851.396418][T18019] RIP: 0033:0x7f59ff59ce59 [ 851.396437][T18019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 851.396461][T18019] RSP: 002b:00007f59fd7ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 851.396483][T18019] RAX: ffffffffffffffda RBX: 00007f59ff815fa0 RCX: 00007f59ff59ce59 [ 851.396500][T18019] RDX: 0000000000000af0 RSI: 0000000000000000 RDI: 0000000000000007 [ 851.396514][T18019] RBP: 00007f59ff632d6f R08: 0000000000000000 R09: 0000000000000000 [ 851.396529][T18019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 851.396544][T18019] R13: 00007f59ff816038 R14: 00007f59ff815fa0 R15: 00007ffed26b3a48 [ 851.396574][T18019] [ 851.399959][T18019] event trace: Could not enable event nfsd_file_cons_err [ 852.233077][T18038] FAULT_INJECTION: forcing a failure. [ 852.233077][T18038] name failslab, interval 1, probability 0, space 0, times 0 [ 852.344595][T18038] CPU: 0 UID: 0 PID: 18038 Comm: syz.6.3604 Tainted: G L syzkaller #0 PREEMPT(full) [ 852.344636][T18038] Tainted: [L]=SOFTLOCKUP [ 852.344645][T18038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 852.344661][T18038] Call Trace: [ 852.344669][T18038] [ 852.344679][T18038] dump_stack_lvl+0x100/0x190 [ 852.344711][T18038] should_fail_ex.cold+0x5/0xa [ 852.344742][T18038] should_failslab+0xc2/0x120 [ 852.344772][T18038] __kmalloc_cache_node_noprof+0x7d/0x770 [ 852.344799][T18038] ? alloc_shrinker_info+0x192/0x470 [ 852.344833][T18038] alloc_shrinker_info+0x192/0x470 [ 852.344864][T18038] ? __pfx_mem_cgroup_css_online+0x10/0x10 [ 852.344906][T18038] mem_cgroup_css_online+0xa4/0xbf0 [ 852.344948][T18038] ? __pfx_mem_cgroup_css_online+0x10/0x10 [ 852.344990][T18038] online_css+0xb2/0x350 [ 852.345019][T18038] cgroup_apply_control_enable+0xa8d/0xdd0 [ 852.345064][T18038] cgroup_mkdir+0x59c/0x1310 [ 852.345105][T18038] ? __pfx_cgroup_mkdir+0x10/0x10 [ 852.345156][T18038] kernfs_iop_mkdir+0x111/0x190 [ 852.345186][T18038] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 852.345224][T18038] vfs_mkdir+0x361/0x850 [ 852.345250][T18038] filename_mkdirat+0x48b/0x5e0 [ 852.345285][T18038] ? __pfx_filename_mkdirat+0x10/0x10 [ 852.345317][T18038] ? strncpy_from_user+0x19d/0x2d0 [ 852.345356][T18038] ? do_getname+0x191/0x390 [ 852.345394][T18038] __x64_sys_mkdir+0x6b/0x90 [ 852.345428][T18038] do_syscall_64+0x10b/0xf80 [ 852.345466][T18038] ? clear_bhb_loop+0x40/0x90 [ 852.345495][T18038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 852.345520][T18038] RIP: 0033:0x7f55ca99ce59 [ 852.345539][T18038] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 852.345562][T18038] RSP: 002b:00007f55cb842028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 852.345585][T18038] RAX: ffffffffffffffda RBX: 00007f55cac15fa0 RCX: 00007f55ca99ce59 [ 852.345601][T18038] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 852.345619][T18038] RBP: 00007f55caa32d6f R08: 0000000000000000 R09: 0000000000000000 [ 852.345634][T18038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 852.345648][T18038] R13: 00007f55cac16038 R14: 00007f55cac15fa0 R15: 00007ffec3362af8 [ 852.345679][T18038] [ 855.073399][T18074] netlink: 202 bytes leftover after parsing attributes in process `syz.6.3617'. [ 856.205832][T18092] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 856.396526][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 856.406643][T18093] smpboot: CPU 1 is now offline [ 857.729177][T18113] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 857.771530][T18112] netlink: 98 bytes leftover after parsing attributes in process `syz.4.3626'. [ 857.839837][T18112] netlink: 50 bytes leftover after parsing attributes in process `syz.4.3626'. [ 860.862580][T18168] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 861.738974][T18178] FAULT_INJECTION: forcing a failure. [ 861.738974][T18178] name failslab, interval 1, probability 0, space 0, times 0 [ 861.905521][T18178] CPU: 0 UID: 0 PID: 18178 Comm: syz.7.3647 Tainted: G L syzkaller #0 PREEMPT(full) [ 861.905561][T18178] Tainted: [L]=SOFTLOCKUP [ 861.905571][T18178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 861.905586][T18178] Call Trace: [ 861.905595][T18178] [ 861.905604][T18178] dump_stack_lvl+0x100/0x190 [ 861.905640][T18178] should_fail_ex.cold+0x5/0xa [ 861.905672][T18178] should_failslab+0xc2/0x120 [ 861.905701][T18178] __kvmalloc_node_noprof+0xfa/0xa00 [ 861.905725][T18178] ? io_uring_setup.cold+0x171/0x1c6e [ 861.905764][T18178] ? lockdep_init_map_type+0x5c/0x250 [ 861.905793][T18178] io_uring_setup.cold+0x171/0x1c6e [ 861.905836][T18178] ? __pfx_io_uring_setup+0x10/0x10 [ 861.905962][T18178] ? do_futex+0x192/0x350 [ 861.905991][T18178] ? __pfx_do_futex+0x10/0x10 [ 861.906030][T18178] ? xfd_validate_state+0x129/0x190 [ 861.906056][T18178] ? ksys_write+0x1ac/0x250 [ 861.906092][T18178] __x64_sys_io_uring_setup+0xc2/0x170 [ 861.906124][T18178] do_syscall_64+0x10b/0xf80 [ 861.906162][T18178] ? clear_bhb_loop+0x40/0x90 [ 861.906191][T18178] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 861.906216][T18178] RIP: 0033:0x7f986b99ce59 [ 861.906236][T18178] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 861.906261][T18178] RSP: 002b:00007f986c80e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 861.906284][T18178] RAX: ffffffffffffffda RBX: 00007f986bc16090 RCX: 00007f986b99ce59 [ 861.906301][T18178] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 861.906315][T18178] RBP: 00007f986ba32d6f R08: 0000000000000000 R09: 0000000000000000 [ 861.906331][T18178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 861.906346][T18178] R13: 00007f986bc16128 R14: 00007f986bc16090 R15: 00007ffd87b99ae8 [ 861.906377][T18178] [ 863.697308][T18202] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 863.900603][T18208] smpboot: CPU 1 is now offline [ 865.105917][T18220] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 865.105917][T18220] M' is too long [ 865.176307][T18220] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 865.176307][T18220] W ' is too long [ 867.197180][T18243] netlink: 'syz.4.3662': attribute type 28 has an invalid length. [ 867.238504][T18243] netlink: 'syz.4.3662': attribute type 3 has an invalid length. [ 867.278046][T18243] netlink: 306 bytes leftover after parsing attributes in process `syz.4.3662'. [ 867.929463][T18253] FAULT_INJECTION: forcing a failure. [ 867.929463][T18253] name failslab, interval 1, probability 0, space 0, times 0 [ 867.999291][T18253] CPU: 0 UID: 0 PID: 18253 Comm: syz.6.3665 Tainted: G L syzkaller #0 PREEMPT(full) [ 867.999331][T18253] Tainted: [L]=SOFTLOCKUP [ 867.999341][T18253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 867.999356][T18253] Call Trace: [ 867.999365][T18253] [ 867.999375][T18253] dump_stack_lvl+0x100/0x190 [ 867.999406][T18253] should_fail_ex.cold+0x5/0xa [ 867.999437][T18253] ? tracepoint_add_func+0x3a8/0x1150 [ 867.999473][T18253] should_failslab+0xc2/0x120 [ 867.999503][T18253] __kmalloc_noprof+0xe0/0x850 [ 867.999530][T18253] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 867.999563][T18253] tracepoint_add_func+0x3a8/0x1150 [ 867.999599][T18253] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 867.999639][T18253] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 867.999671][T18253] tracepoint_probe_register+0xc4/0x110 [ 867.999711][T18253] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 867.999749][T18253] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 867.999773][T18253] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 867.999804][T18253] ? __pfx_probe_sched_switch+0x10/0x10 [ 867.999850][T18253] trace_event_reg+0x209/0x350 [ 867.999885][T18253] __ftrace_event_enable_disable+0x211/0x6f0 [ 867.999928][T18253] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 867.999963][T18253] ftrace_set_clr_event+0x1b7/0x3f0 [ 867.999994][T18253] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 868.000022][T18253] ? trace_get_user+0x3ae/0xa70 [ 868.000067][T18253] ftrace_event_write+0x259/0x2c0 [ 868.000097][T18253] ? __pfx_ftrace_event_write+0x10/0x10 [ 868.000137][T18253] vfs_write+0x2aa/0x1070 [ 868.000166][T18253] ? __pfx_ftrace_event_write+0x10/0x10 [ 868.000198][T18253] ? __pfx_vfs_write+0x10/0x10 [ 868.000225][T18253] ? __fget_files+0x215/0x3d0 [ 868.000266][T18253] ? __fget_files+0x21f/0x3d0 [ 868.000304][T18253] ksys_write+0x12a/0x250 [ 868.000332][T18253] ? __pfx_ksys_write+0x10/0x10 [ 868.000363][T18253] ? rcu_is_watching+0x12/0xc0 [ 868.000398][T18253] do_syscall_64+0x10b/0xf80 [ 868.000436][T18253] ? clear_bhb_loop+0x40/0x90 [ 868.000465][T18253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.000491][T18253] RIP: 0033:0x7f55ca99ce59 [ 868.000511][T18253] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 868.000536][T18253] RSP: 002b:00007f55cb842028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 868.000558][T18253] RAX: ffffffffffffffda RBX: 00007f55cac15fa0 RCX: 00007f55ca99ce59 [ 868.000575][T18253] RDX: 0000000000000af0 RSI: 0000000000000000 RDI: 0000000000000007 [ 868.000591][T18253] RBP: 00007f55caa32d6f R08: 0000000000000000 R09: 0000000000000000 [ 868.000607][T18253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 868.000621][T18253] R13: 00007f55cac16038 R14: 00007f55cac15fa0 R15: 00007ffec3362af8 [ 868.000653][T18253] [ 868.601207][T18253] event trace: Could not enable event nfsd_file_cons_err [ 868.903115][T18261] FAULT_INJECTION: forcing a failure. [ 868.903115][T18261] name failslab, interval 1, probability 0, space 0, times 0 [ 868.984903][T18261] CPU: 0 UID: 0 PID: 18261 Comm: syz.4.3667 Tainted: G L syzkaller #0 PREEMPT(full) [ 868.984965][T18261] Tainted: [L]=SOFTLOCKUP [ 868.984976][T18261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 868.984992][T18261] Call Trace: [ 868.985000][T18261] [ 868.985009][T18261] dump_stack_lvl+0x100/0x190 [ 868.985041][T18261] should_fail_ex.cold+0x5/0xa [ 868.985072][T18261] ? lsm_blob_alloc+0x68/0x90 [ 868.985107][T18261] should_failslab+0xc2/0x120 [ 868.985136][T18261] __kmalloc_noprof+0xe0/0x850 [ 868.985158][T18261] ? trace_kmalloc+0xe3/0x110 [ 868.985192][T18261] lsm_blob_alloc+0x68/0x90 [ 868.985234][T18261] security_sk_alloc+0x2d/0x290 [ 868.985260][T18261] sk_prot_alloc+0x12a/0x2a0 [ 868.985301][T18261] sk_alloc+0x36/0xe80 [ 868.985329][T18261] __netlink_create+0x5e/0x2c0 [ 868.985364][T18261] __netlink_kernel_create+0xed/0x750 [ 868.985400][T18261] ? __lock_acquire+0x4a5/0x2630 [ 868.985425][T18261] ? __pfx___netlink_kernel_create+0x10/0x10 [ 868.985474][T18261] rtnetlink_net_init+0xb9/0x140 [ 868.985563][T18261] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 868.985590][T18261] ? lockdep_init_map_type+0x5c/0x250 [ 868.985614][T18261] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 868.985638][T18261] ? __pfx_rtnetlink_bind+0x10/0x10 [ 868.985666][T18261] ? mutex_init_lockdep+0xf1/0x120 [ 868.985695][T18261] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 868.985720][T18261] ops_init+0x1e2/0x5f0 [ 868.985754][T18261] setup_net+0x118/0x3a0 [ 868.985785][T18261] ? __pfx_setup_net+0x10/0x10 [ 868.985816][T18261] ? mutex_init_lockdep+0xf1/0x120 [ 868.985847][T18261] copy_net_ns+0x46f/0x7c0 [ 868.985883][T18261] create_new_namespaces+0x3ea/0xac0 [ 868.985923][T18261] unshare_nsproxy_namespaces+0xf2/0x220 [ 868.985958][T18261] ksys_unshare+0x438/0xab0 [ 868.985998][T18261] ? __pfx_ksys_unshare+0x10/0x10 [ 868.986033][T18261] ? xfd_validate_state+0x129/0x190 [ 868.986058][T18261] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 868.986092][T18261] __x64_sys_unshare+0x31/0x40 [ 868.986129][T18261] do_syscall_64+0x10b/0xf80 [ 868.986168][T18261] ? clear_bhb_loop+0x40/0x90 [ 868.986197][T18261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.986229][T18261] RIP: 0033:0x7f59ff59ce59 [ 868.986250][T18261] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 868.986275][T18261] RSP: 002b:00007f59fd7ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 868.986298][T18261] RAX: ffffffffffffffda RBX: 00007f59ff815fa0 RCX: 00007f59ff59ce59 [ 868.986315][T18261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 868.986331][T18261] RBP: 00007f59ff632d6f R08: 0000000000000000 R09: 0000000000000000 [ 868.986347][T18261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 868.986362][T18261] R13: 00007f59ff816038 R14: 00007f59ff815fa0 R15: 00007ffed26b3a48 [ 868.986394][T18261] [ 870.404950][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.413584][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 872.214292][T18301] ubi3: attaching mtd1 [ 873.615888][T18313] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 873.754744][T18318] smpboot: CPU 1 is now offline [ 878.083922][T18364] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 879.941775][T18398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3708'. [ 880.005260][T18402] netlink: 25 bytes leftover after parsing attributes in process `syz.4.3708'. [ 882.001125][T18423] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 882.832858][T18422] FAULT_INJECTION: forcing a failure. [ 882.832858][T18422] name failslab, interval 1, probability 0, space 0, times 0 [ 882.927988][T18422] CPU: 0 UID: 0 PID: 18422 Comm: syz.4.3714 Tainted: G L syzkaller #0 PREEMPT(full) [ 882.928029][T18422] Tainted: [L]=SOFTLOCKUP [ 882.928038][T18422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 882.928054][T18422] Call Trace: [ 882.928063][T18422] [ 882.928073][T18422] dump_stack_lvl+0x100/0x190 [ 882.928104][T18422] should_fail_ex.cold+0x5/0xa [ 882.928135][T18422] should_failslab+0xc2/0x120 [ 882.928164][T18422] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 882.928205][T18422] ? anon_vma_clone+0x2ba/0xcd0 [ 882.928244][T18422] anon_vma_clone+0x2ba/0xcd0 [ 882.928285][T18422] __split_vma+0x51f/0xd90 [ 882.928325][T18422] ? __pfx___split_vma+0x10/0x10 [ 882.928378][T18422] vma_modify+0x12ad/0x25c0 [ 882.928426][T18422] ? __pfx_vma_modify+0x10/0x10 [ 882.928481][T18422] vma_modify_policy+0x238/0x300 [ 882.928522][T18422] ? __pfx_vma_modify_policy+0x10/0x10 [ 882.928562][T18422] ? find_held_lock+0x2b/0x80 [ 882.928616][T18422] mbind_range+0x175/0x550 [ 882.928654][T18422] do_mbind+0x7dc/0xfd0 [ 882.928695][T18422] ? __pfx_do_mbind+0x10/0x10 [ 882.928729][T18422] ? ksys_write+0x190/0x250 [ 882.928771][T18422] ? __pfx_get_nodes+0x10/0x10 [ 882.928803][T18422] kernel_mbind+0x1b7/0x200 [ 882.928840][T18422] ? __pfx_kernel_mbind+0x10/0x10 [ 882.928884][T18422] ? rcu_is_watching+0x12/0xc0 [ 882.928918][T18422] do_syscall_64+0x10b/0xf80 [ 882.928959][T18422] ? clear_bhb_loop+0x40/0x90 [ 882.928989][T18422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 882.929014][T18422] RIP: 0033:0x7f59ff59ce59 [ 882.929035][T18422] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 882.929059][T18422] RSP: 002b:00007f59fd7ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 882.929084][T18422] RAX: ffffffffffffffda RBX: 00007f59ff815fa0 RCX: 00007f59ff59ce59 [ 882.929100][T18422] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 882.929116][T18422] RBP: 00007f59ff632d6f R08: 0000000000000006 R09: 0000000000000002 [ 882.929131][T18422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 882.929146][T18422] R13: 00007f59ff816038 R14: 00007f59ff815fa0 R15: 00007ffed26b3a48 [ 882.929177][T18422] [ 884.260216][T18450] zswap: compressor not available [ 886.429536][T18483] netlink: 'syz.6.3727': attribute type 15 has an invalid length. [ 886.499023][T18483] netlink: 'syz.6.3727': attribute type 16 has an invalid length. [ 886.547149][T18483] netlink: 194 bytes leftover after parsing attributes in process `syz.6.3727'. [ 888.703133][T18503] vcan0: tx drop: invalid da for name 0x000000000000003f [ 889.776499][T18527] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3740'. [ 890.454800][T18534] netlink: 'syz.6.3742': attribute type 11 has an invalid length. [ 890.760078][T18537] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3744'. [ 890.828103][T18539] netlink: 25 bytes leftover after parsing attributes in process `syz.5.3744'. [ 891.315690][T18547] FAULT_INJECTION: forcing a failure. [ 891.315690][T18547] name failslab, interval 1, probability 0, space 0, times 0 [ 891.417274][T18547] CPU: 0 UID: 0 PID: 18547 Comm: syz.5.3749 Tainted: G L syzkaller #0 PREEMPT(full) [ 891.417314][T18547] Tainted: [L]=SOFTLOCKUP [ 891.417323][T18547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 891.417338][T18547] Call Trace: [ 891.417347][T18547] [ 891.417357][T18547] dump_stack_lvl+0x100/0x190 [ 891.417388][T18547] should_fail_ex.cold+0x5/0xa [ 891.417419][T18547] should_failslab+0xc2/0x120 [ 891.417448][T18547] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 891.417488][T18547] ? __d_alloc+0x34/0xa40 [ 891.417521][T18547] ? security_inode_alloc+0xcf/0x2c0 [ 891.417549][T18547] __d_alloc+0x34/0xa40 [ 891.417580][T18547] ? __ns_ref_active_get+0x9f/0x1b0 [ 891.417620][T18547] path_from_stashed+0x427/0x750 [ 891.417653][T18547] ? do_raw_spin_unlock+0x145/0x1e0 [ 891.417689][T18547] ns_get_path+0x60/0x80 [ 891.417721][T18547] proc_ns_get_link+0x121/0x230 [ 891.417749][T18547] ? __pfx_proc_ns_get_link+0x10/0x10 [ 891.417778][T18547] ? atime_needs_update+0x8b/0x6b0 [ 891.417805][T18547] pick_link+0xd17/0x13c0 [ 891.417829][T18547] ? __pfx_proc_ns_get_link+0x10/0x10 [ 891.417860][T18547] step_into_slowpath+0x9ba/0xf90 [ 891.417891][T18547] ? __pfx_step_into_slowpath+0x10/0x10 [ 891.417922][T18547] ? find_held_lock+0x2b/0x80 [ 891.417981][T18547] path_openat+0xf95/0x31a0 [ 891.418022][T18547] ? __pfx_path_openat+0x10/0x10 [ 891.418064][T18547] do_file_open+0x20e/0x430 [ 891.418098][T18547] ? __pfx_do_file_open+0x10/0x10 [ 891.418150][T18547] ? alloc_fd+0x476/0x790 [ 891.418182][T18547] ? do_getname+0x191/0x390 [ 891.418221][T18547] do_sys_openat2+0x10d/0x1e0 [ 891.418260][T18547] ? __pfx_do_sys_openat2+0x10/0x10 [ 891.418300][T18547] ? __fget_files+0x21f/0x3d0 [ 891.418335][T18547] __x64_sys_openat+0x12d/0x210 [ 891.418375][T18547] ? __pfx___x64_sys_openat+0x10/0x10 [ 891.418419][T18547] ? rcu_is_watching+0x12/0xc0 [ 891.418452][T18547] do_syscall_64+0x10b/0xf80 [ 891.418491][T18547] ? clear_bhb_loop+0x40/0x90 [ 891.418521][T18547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 891.418546][T18547] RIP: 0033:0x7fbfddf5d68e [ 891.418566][T18547] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 891.418591][T18547] RSP: 002b:00007fbfdeea4ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 891.418615][T18547] RAX: ffffffffffffffda RBX: 00007fbfdeea56c0 RCX: 00007fbfddf5d68e [ 891.418631][T18547] RDX: 0000000000000002 RSI: 00007fbfdeea4f90 RDI: ffffffffffffff9c [ 891.418647][T18547] RBP: 00007fbfde032d6f R08: 0000000000000000 R09: 0000000000000000 [ 891.418663][T18547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 891.418678][T18547] R13: 00007fbfde216038 R14: 00007fbfde215fa0 R15: 00007ffd8db792c8 [ 891.418709][T18547] [ 892.500584][T18552] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3758'. [ 892.558956][T18552] netlink: 13 bytes leftover after parsing attributes in process `syz.4.3758'. [ 892.876260][T18554] vcan0: tx drop: invalid da for name 0x000000000000003f [ 893.215208][T18564] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3752'. [ 893.279564][T18567] netlink: 25 bytes leftover after parsing attributes in process `syz.5.3752'. [ 894.760046][T18596] netlink: 146 bytes leftover after parsing attributes in process `syz.7.3763'. [ 897.387333][T18643] netlink: 146 bytes leftover after parsing attributes in process `syz.5.3775'. [ 902.219274][T18689] FAULT_INJECTION: forcing a failure. [ 902.219274][T18689] name failslab, interval 1, probability 0, space 0, times 0 [ 902.287890][T18689] CPU: 0 UID: 0 PID: 18689 Comm: syz.6.3788 Tainted: G L syzkaller #0 PREEMPT(full) [ 902.287930][T18689] Tainted: [L]=SOFTLOCKUP [ 902.287938][T18689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 902.287953][T18689] Call Trace: [ 902.287961][T18689] [ 902.287971][T18689] dump_stack_lvl+0x100/0x190 [ 902.288003][T18689] should_fail_ex.cold+0x5/0xa [ 902.288033][T18689] should_failslab+0xc2/0x120 [ 902.288063][T18689] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 902.288111][T18689] ? anon_vma_clone+0x2ba/0xcd0 [ 902.288150][T18689] anon_vma_clone+0x2ba/0xcd0 [ 902.288195][T18689] __split_vma+0x51f/0xd90 [ 902.288235][T18689] ? __pfx___split_vma+0x10/0x10 [ 902.288287][T18689] vma_modify+0x12ad/0x25c0 [ 902.288335][T18689] ? __pfx_vma_modify+0x10/0x10 [ 902.288389][T18689] vma_modify_policy+0x238/0x300 [ 902.288430][T18689] ? __pfx_vma_modify_policy+0x10/0x10 [ 902.288469][T18689] ? find_held_lock+0x2b/0x80 [ 902.288524][T18689] mbind_range+0x175/0x550 [ 902.288560][T18689] do_mbind+0x7dc/0xfd0 [ 902.288601][T18689] ? __pfx_do_mbind+0x10/0x10 [ 902.288635][T18689] ? ksys_write+0x190/0x250 [ 902.288677][T18689] ? __pfx_get_nodes+0x10/0x10 [ 902.288709][T18689] kernel_mbind+0x1b7/0x200 [ 902.288745][T18689] ? __pfx_kernel_mbind+0x10/0x10 [ 902.288781][T18689] ? rcu_is_watching+0x12/0xc0 [ 902.288814][T18689] do_syscall_64+0x10b/0xf80 [ 902.288852][T18689] ? clear_bhb_loop+0x40/0x90 [ 902.288882][T18689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 902.288906][T18689] RIP: 0033:0x7f55ca99ce59 [ 902.288926][T18689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 902.288950][T18689] RSP: 002b:00007f55cb842028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 902.288973][T18689] RAX: ffffffffffffffda RBX: 00007f55cac15fa0 RCX: 00007f55ca99ce59 [ 902.288989][T18689] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 902.289004][T18689] RBP: 00007f55caa32d6f R08: 0000000000000006 R09: 0000000000000002 [ 902.289018][T18689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 902.289033][T18689] R13: 00007f55cac16038 R14: 00007f55cac15fa0 R15: 00007ffec3362af8 [ 902.289063][T18689] [ 908.151591][ T31] INFO: task syz-executor:5630 blocked for more than 143 seconds. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 908.225030][ T31] Tainted: G L syzkaller #0 [ 908.289024][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 908.355673][ T31] task:syz-executor state:D stack:21904 pid:5630 tgid:5630 ppid:1 task_flags:0x400140 flags:0x00080002 [ 908.437982][ T31] Call Trace: [ 908.452904][ T31] [ 908.466437][ T31] __schedule+0x1295/0x67a0 [ 908.492702][ T31] ? __pfx___schedule+0x10/0x10 [ 908.517488][ T31] ? find_held_lock+0x2b/0x80 [ 908.542091][ T31] ? schedule+0x2bf/0x390 [ 908.565393][ T31] schedule+0xdd/0x390 [ 908.585319][ T31] schedule_preempt_disabled+0x13/0x30 [ 908.618930][ T31] __mutex_lock+0xced/0x1b10 [ 908.643683][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 908.680027][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 908.697437][ T31] ? net_generic+0xea/0x2a0 [ 908.718488][ T31] ? net_generic+0xea/0x2a0 [ 908.742104][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 908.767967][ T31] nfsd_shutdown_threads+0x5b/0xf0 [ 908.795619][ T31] nfsd_umount+0x3b/0x60 [ 908.818254][ T31] deactivate_locked_super+0xc1/0x1b0 [ 908.845647][ T31] deactivate_super+0xe7/0x110 [ 908.868319][ T31] cleanup_mnt+0x21f/0x450 [ 908.892155][ T31] task_work_run+0x150/0x240 [ 908.921116][ T31] ? __pfx_task_work_run+0x10/0x10 [ 908.947802][ T31] ? rcu_is_watching+0x12/0xc0 [ 908.979380][ T31] exit_to_user_mode_loop+0x107/0x4f0 [ 909.008401][ T31] ? rcu_is_watching+0x12/0xc0 [ 909.036983][ T31] do_syscall_64+0x6f2/0xf80 [ 909.060914][ T31] ? clear_bhb_loop+0x40/0x90 [ 909.086247][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 909.123172][ T31] RIP: 0033:0x7f5d5859e097 [ 909.153342][ T31] RSP: 002b:00007ffd2a29c508 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 909.254074][ T31] RAX: 0000000000000000 RBX: 00007f5d586321ca RCX: 00007f5d5859e097 [ 909.324281][ T31] RDX: 0000000000000004 RSI: 0000000000000009 RDI: 00007ffd2a29d650 [ 909.385422][ T31] RBP: 00007ffd2a29d63c R08: 0000000000000000 R09: 0000000000000000 [ 909.449039][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd2a29d650 [ 909.500564][ T31] R13: 00007f5d586321ca R14: 00000000000ba614 R15: 00007ffd2a29d690 [ 909.548081][ T31] [ 909.573715][ T31] [ 909.573715][ T31] Showing all locks held in the system: [ 909.692090][ T31] 3 locks held by kworker/u8:1/13: [ 909.718255][ T31] #0: ffff8880b843b3e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2c/0x140 [ 909.810537][ T31] #1: ffff888036928008 (&____s->seqcount#17){--.-}-{0:0}, at: trace_ignore_this_task+0xbc/0x100 [ 909.867561][ T31] #2: ffff8880b8426358 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x124/0x1d0 [ 909.909155][ T31] 1 lock held by khungtaskd/31: [ 909.928380][ T31] #0: ffffffff8e7e5420 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 909.967852][ T31] 2 locks held by syz-executor/5630: [ 910.002711][ T31] #0: ffff888012b280d8 (&type->s_umount_key#53){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 910.047211][ T31] #1: ffffffff8ec62340 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 910.083823][ T31] 2 locks held by syz-executor/5631: [ 910.100215][ T31] #0: ffff88807a8a20d8 (&type->s_umount_key#53){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 910.144105][ T31] #1: ffffffff8ec62340 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 910.159091][ T31] 2 locks held by syz-executor/5632: [ 910.165190][ T31] #0: ffff88807c5880d8 (&type->s_umount_key#53){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 910.178111][ T31] #1: ffffffff8ec62340 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 910.189441][ T31] 2 locks held by syz.2.3222/16501: [ 910.195659][ T31] #0: ffffffff906bf148 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 910.204199][ T31] #1: ffffffff8ec62340 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x8ec/0x12b0 [ 910.214667][ T31] 1 lock held by syz-executor/16761: [ 910.220042][ T31] #0: ffffffff90610c60 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 [ 910.236195][ T31] 3 locks held by kworker/0:0/16857: [ 910.246452][ T31] #0: ffff88813fe5b140 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 910.257325][ T31] #1: ffffc900001f7d08 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 910.267319][ T31] #2: ffffffff8e7f0f68 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 910.277661][ T31] 2 locks held by getty/16991: [ 910.284666][ T31] #0: ffff888037f760a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 910.296261][ T31] #1: ffffc900001e62e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x14f0 [ 910.307551][ T31] 4 locks held by syz-executor/17387: [ 910.314906][ T31] #0: ffff8880845c0ea0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0 [ 910.324991][ T31] #1: ffff8880845c00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240 [ 910.337405][ T31] #2: ffffffff908978e0 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280 [ 910.352835][ T31] #3: ffff888096f172f8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x95/0x710 [ 910.362744][ T31] 1 lock held by syz.6.3812/18775: [ 910.367991][ T31] #0: ffffffff8e7f0f68 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 910.399686][ T31] [ 910.405715][ T31] ============================================= [ 910.405715][ T31] [ 910.476979][ T31] NMI backtrace for cpu 0 [ 910.477005][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 910.477038][ T31] Tainted: [L]=SOFTLOCKUP [ 910.477047][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 910.477061][ T31] Call Trace: [ 910.477069][ T31] [ 910.477079][ T31] dump_stack_lvl+0x100/0x190 [ 910.477110][ T31] nmi_cpu_backtrace.cold+0x12d/0x151 [ 910.477139][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 910.477165][ T31] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 910.477209][ T31] sys_info+0x141/0x190 [ 910.477234][ T31] watchdog+0xcb1/0x1030 [ 910.477274][ T31] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 910.477310][ T31] ? __pfx_watchdog+0x10/0x10 [ 910.477344][ T31] ? __kthread_parkme+0x18c/0x230 [ 910.477380][ T31] ? kthread+0x13a/0x450 [ 910.477398][ T31] ? __pfx_watchdog+0x10/0x10 [ 910.477431][ T31] kthread+0x370/0x450 [ 910.477450][ T31] ? __pfx_kthread+0x10/0x10 [ 910.477473][ T31] ret_from_fork+0x72b/0xd50 [ 910.477501][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 910.477528][ T31] ? __switch_to+0x800/0x1100 [ 910.477589][ T31] ? __switch_to_asm+0x39/0x70 [ 910.477620][ T31] ? __pfx_kthread+0x10/0x10 [ 910.477642][ T31] ret_from_fork_asm+0x1a/0x30 [ 910.477686][ T31] [ 911.199605][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 911.206519][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 911.217224][ T31] Tainted: [L]=SOFTLOCKUP [ 911.221558][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 911.231794][ T31] Call Trace: [ 911.235099][ T31] [ 911.238041][ T31] dump_stack_lvl+0x100/0x190 [ 911.242736][ T31] vpanic+0x552/0x970 [ 911.246734][ T31] ? __pfx_vpanic+0x10/0x10 [ 911.251269][ T31] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 911.257445][ T31] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 911.263616][ T31] panic+0xd1/0xe0 [ 911.267348][ T31] ? __pfx_panic+0x10/0x10 [ 911.271792][ T31] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 911.277966][ T31] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 911.284224][ T31] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 911.290398][ T31] ? watchdog.cold+0x1ec/0x234 [ 911.295186][ T31] ? watchdog+0xcc1/0x1030 [ 911.299630][ T31] watchdog.cold+0x1fd/0x234 [ 911.304241][ T31] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 911.310078][ T31] ? __pfx_watchdog+0x10/0x10 [ 911.314786][ T31] ? __kthread_parkme+0x18c/0x230 [ 911.319839][ T31] ? kthread+0x13a/0x450 [ 911.324094][ T31] ? __pfx_watchdog+0x10/0x10 [ 911.328795][ T31] kthread+0x370/0x450 [ 911.332878][ T31] ? __pfx_kthread+0x10/0x10 [ 911.337495][ T31] ret_from_fork+0x72b/0xd50 [ 911.342102][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 911.347233][ T31] ? __switch_to+0x800/0x1100 [ 911.352027][ T31] ? __switch_to_asm+0x39/0x70 [ 911.356849][ T31] ? __pfx_kthread+0x10/0x10 [ 911.361453][ T31] ret_from_fork_asm+0x1a/0x30 [ 911.366250][ T31] [ 911.369359][ T31] Kernel Offset: disabled [ 911.373704][ T31] Rebooting in 86400 seconds..