last executing test programs: 4m44.353796454s ago: executing program 3 (id=888): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x106) (async) socketpair$auto(0x20, 0x19, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x55) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4m44.168249655s ago: executing program 3 (id=889): statmount$auto(0x0, &(0x7f0000000380)={0x80000006, 0x1, 0x9, 0x7, 0x7, 0x4, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xb6, 0x6, 0x8, 0x100003, 0xa, 0x7, 0xbe, 0x0, 0x10000005, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xf, 0x100000, 0x0, [0x99, 0x2, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0xcd1, 0xe, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffff5, 0x4, 0x0, 0xfdffffffffffff81, 0x7, 0x0, 0x0, 0x0, 0x200000000000000, 0x80000000001d6, 0x200, 0x0, 0x4, 0x0, 0x0, 0x800000000000000, 0x1]}, 0x1fe, 0x81) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/sda/hctx0/cpu0/default_rq_list\x00', 0x400, 0x0) ioctl$auto_VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x5, r0}) sendfile$auto(0xffffffffffffffff, r1, &(0x7f0000000080)=0x29f, 0xa) r2 = socket(0x10, 0x2, 0x0) getdents64$auto(r2, &(0x7f0000000000)={0x10001, 0x59, 0xa04d, 0x2, "69e39beef461f81b3b6fe1a20b32574168c33cb92a95f3cd9e1c8a5439c92766a4a1"}, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x81) recvfrom$auto(0x4, 0x0, 0x1, 0x3ffffd, 0x0, 0x0) sendmmsg$auto(r2, &(0x7f00000001c0)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200), 0xfc2}, 0x2, &(0x7f0000000380), 0xfe, 0xa505}, 0x10800}, 0x4d, 0x8) setns(r1, 0x8000000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x501000, 0x0) timerfd_settime$auto(r3, 0x101, &(0x7f0000000200)={{0x10001, 0xffffffffffffffff}, {0x6, 0x3}}, &(0x7f00000002c0)={{0x0, 0x1}, {0x2, 0x5}}) 4m44.03108069s ago: executing program 3 (id=890): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/firmware/acpi/hotplug/pci_root/enabled\x00', 0x183941, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000480)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="5da929bd7000fcdbdf2502000000040002000800010005000000"], 0x20}, 0x1, 0x0, 0x0, 0xc0}, 0x40) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3, 0x1ff, 0x1001, 0x5, 0x715e, 0x0, 0x7, 0x200000000000003, 0xd, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0xfffffffffffffffe, 0x7, 0x10002, 0x2000007f, 0x2a2, 0x5, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x400, 0x0, 0x0, [0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffffffffffff, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7fffffff, 0x8000000, 0x0, 0xffffffffffffffff, 0x100000000000]}, 0x1fe, 0xd) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80001, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x10000, 0xff7, 0x14, 0x3, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/net/rose15/address\x00', 0x0, 0x0) r4 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r4, &(0x7f0000000680)={0x0, 0x40200}, 0x3) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r3, &(0x7f0000000640)={{0x0, 0x5ae, &(0x7f0000000100)={&(0x7f0000000780)="4c030000000000002106000000000000005f6bba441810", 0x49}, 0x5, 0x0, 0x9, 0x1}, 0x4}, 0x2, 0x100) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x101202, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x1, 0x7, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffff5ee) lgetxattr$auto(0xfffffffffffffffd, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x8) 4m43.141815902s ago: executing program 3 (id=896): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async) socket(0x29, 0x2, 0x0) (async, rerun: 32) r0 = socket(0x11, 0x3, 0x9) (rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = io_uring_setup$auto(0x6, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) socket(0x26, 0x80805, 0x0) (rerun: 64) socket(0xa, 0x3, 0x6) clone$auto(0x21003b46, 0x2, 0x0, 0x0, 0x6) (async, rerun: 32) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r3, r2, 0x99, 0x8, 0x1, @relative_id=0x4, 0x9}, 0x8a4) (async, rerun: 32) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x6) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535"}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x9, 0xc4, 0x9bc, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x5, 0x401, 0x4, 0x0, 0xa0, 0x5, 0x2, 0x9, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb78, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0xd, 0x3, 0x71, 0x0, 0x8, 0x2, 0x3, 0xffffffffffffffbb, 0x2d7, 0x1, 0x5a, 0x6, 0x2, 0x800000000, 0x6, 0x7, 0x0, 0x6, 0x4, 0x3, 0x40a, 0x9, 0x3ff, 0x8, 0x7, 0xffff, 0x50ce0883, 0x3d9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x2, 0x6, 0x1, 0x3, 0x3, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x6, 0x4, 0x2, 0x3, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x2, 0x2, 0x45f3, 0x2e1, 0x0, 0x4, 0x0, 0x8001, 0x0, 0x1, 0x7, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x6, 0x9, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x8, 0x9, 0xfffffffffffffffb, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async, rerun: 64) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}}) (rerun: 64) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="7f000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040840}, 0x24004000) (async) syz_genetlink_get_family_id$auto_nl80211(0x0, r5) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x20004884) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0) 4m42.640224853s ago: executing program 3 (id=898): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) r1 = socket(0x10, 0x2, 0x14) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x7fff) (async) writev$auto(r1, &(0x7f00000000c0)={0x0, 0x710f}, 0x5) (async) rseq$auto(&(0x7f00000001c0)={0x0, 0x9, 0x8, 0x40, 0x1, 0x9, "a9eed30cbb2c0849b3157ba08888c3532e0dbf956402dc8dd9dccd220b1fb1fcb36ff6173cf33067700dc3eb1080682265a526d30fad7da27dce3d089fa1355feb736ff7172207c37add21d90a42dbb6fe006b5d23f9d4719b20b59183bbdccee121f275b50ac4fad3b3291bdf5db06cb73d067f728bc6c12ecbdac81b36b3a18535f8e20ae47a2ef6e39524926d9568641fd03ae1cf8d48fcdf548bc1f60448"}, 0x9, 0x3, 0x2af3) (async) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64) prctl$auto_PR_SET_MM_ENV_END(0xfffffffa, 0xb, 0xffffffffffffffff, 0x79, 0x5) (async, rerun: 64) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xa, 0x0) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) (async) r3 = pipe$auto(0x0) dup2$auto(0x5, 0x4) (async, rerun: 64) write$auto(0x6, 0x0, 0x100000001) (async, rerun: 64) splice$auto(0x4, 0x0, r3, 0x0, 0x80000001, 0x9) 4m39.804491615s ago: executing program 3 (id=906): timer_create$auto(0x9, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000300)={0x28020400, 0x0, 0x0, 0x0, {0x35}, 0x0, 0x0, 0x0, 0x0}, 0x58) read$auto(0x3, 0x0, 0x8080) timerfd_create$auto(0x7, 0x0) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/security/tomoyo/profile\x00', 0x1, 0x0) write$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r0, &(0x7f0000000300)="38ccf6913c2361f45736f709c989f2850ef8a6b33501e90f8f4fce5a4a0fd64c4f90d3cf9b534fce6ca6a7f1186f3f85e07fbb2b89829ffd8d524a90ba875c405f08cf27108c938422bbcb743c53baaacde3d0606839584e4f0fd5d7ac269108b48cc1622c2d7a809a2784febaacb5ac75c697d956826ae840063a8c88c887f553b4b45e3ca81b9a9e87a9f53e23ba3f9bdda81d0dfec15bba957eb7d20ef9dea96e2e65c3b944f4e3f31e4cff10f9e81d9ce4753bbd40500ff534a08b30bca36f27e4f4fdf487b7ed2b10a4df83c05f6074e7ed9eab5de7bda48d517c6d9b96acd546957e51ef66bc213bb9e6fd6a9fc1ae9094198e4eba6e5677e8c647dbd49753df9e3f8ce97f80dc4b41761af7eeabdf9aae31f2745241b0ff3583c98ab170c513ee1aa3d83bef1f7615526a101b10be705530cd721c2ab8c3541177289568886a988f6b155291e3cfcd96faff1934153283ad04db4d4243e426444a98d7eb9b4b814171e7efab1e2ed36748020ed07e77003e6b20c2840fda105d17518e30ca3b932f369c60c1ae519a5e274ecc3cab9e94bbefd37647583d2b44a4ac3e0d3e0b91bf4aef48502a0878f55b5bea32240ca73e5624af8edbfb633c6756630314b6d9c31565d0de172b3628cbd8ec7214c96bf8db069481e21c477a66dafeed4b48ee370835bf5dff17654bc3ede8b132ebd8d88a26cc5a705c383c629f71333c431c85b6eb6a31ca8929d034e92071a790ef119abe141e1525d080d63ccb12a542afc180bc6d9318bf1afd7265bcecfd02eff090c803ac970ed2a7978ca5a686eac986b6a9087b6f1e06f0c595cdaf80f0343c9713e3c4ec63c95e429438e52ba76ea70ef93383394daeaf36d0a7d0914e80822b81763e7a7979e33d94529ea34e12538d3a8c692c00f2809c9c320eecf5c415ce332ab20b3f0b21bb67add50cd3af214f74f53112cd7a7ffe4f7a22dd9f74ca18993e582602b49f87630f77f38639d4b8d7bed612dab510f113cb299aed0c5b2dfda5d718a3b3feafc12ba0267205141476a51c2ad85b6b34a675dc966856edf864f055dbb7e97345a19757df98ae911d7e0abf78bd5b48364abc0e18b17edac606fa60656b155a8dd85848559c8ee39952ab3f2fba055440359c40fa93e05a1e687912216a3c889808119133928140dff78425e750f4cf11374d54371b0358d471185ff258e54dcc9a2c208e1f30c1251793c0102ddae455313f177fd9d8611b603ae3836fd0783ae7406de37f69235a667196b48fcce4f359a5110ef97fe0c5a964442c801169a83205ba7884852f2b20c50d81d9d50621d49bc2078f80b4fd9cb639163911c518d63a156d5ee1e6b107455d86f969fca195348eeef4c4a5f57b5ccdb12237cd61804496642d1d42f78dbe5428b301db4c7cfdd73fbb2ef5e78abdfd5a561cff1873b3b4e72728a1dc41b51a5d53ac45cf2fd3bb6386d605b5cc0de5badcfac29e994ed1c4f174943f96e5118b9b94e133794a6d11c19469e92dd38e5c77346c2e3f23e889e8cbe990ddc5792987b5ff7581b9437c0b6b0c66ab51f581208d576e836b899853a0ba433fa2e3e81c291937ec0bd4b07e30ca7f3935a9e5e0aeb0202144e55a2f9b591d89f453a39d6c43ddf6d43d6fd270faeb5e1208a48737647099ff2bfbd87f358ace25d4633270d7ff75e186abadc11c430ee4b2714b37189a59bac76a75368fad301ff087c5e94895bfa6cc64eee10c672846c0d700dda791f333d7dd014752df82e588cea4a3d469938f318b2943eb762140ca9434d5bd42f95109aaeedc7d69ddbccfcbd4d61b4f939591545cf1413b1a99db1d12f333a8dfa7c7429d5b8fdc74a320c070edebd66ac3e9bfd04ca291e56dfdb53f9a44a25f1971e017d6a8df8e4afe66b7e26912a41bb950e0d5c34d8132a13013fafaa00dd898db2b9c888b706acab2dc68c4a12b91833b172d66c13e9f084efe76b6f1903561703e61c91c2b796563ea34efe6bd623e793a8abac1979b16bddf25054bef8807d0f1124ff17083fa599857489bbeee3746ff3154a6a32d172d48803c712c9570a5db6ee734d7cff4df4b2f8d4ada713aa143d652f0e814a25f573d232fd52c8a4cce113c73d9bffb50a3e4d000370442d15ce20dfc44c61208df0e4b066f4e08b611596f0b3b2fc1a36a3af692debc59992ba2d91a2017d308dd9aeef18aa903ef3542a348807820d5860f94c9dd6e96bc0742500a39415542f73d4f6c1b002817dc134330503996b1b71ae6c0a037582c0e0cbd339c8ca45583b7fbddc65803e17981b104029b90f5dd58ca2a74c93c1fb2315255985625a7ac9f075df0fc5574b0ab6dfda6502aa3e3dfa92f3cfd472204a84bf7f0bad5dc9757622e0aa5ec2744241a978711c59d73de9b86053205133cfd79fb4266041ae6efc6cc0748868ae7b97493498616335662b7297d0046eed6a5ee216a80b4d58efc4fae8fc0cb693d9cf4dbe53cb740cc9a1a1a04139c5dbcc8fd9a86e163828708556a0062ff1a50916ddb21192a4578b70dc1e8f5f9b5772e9c7eefeda00cdb82d54f4ca526cfd0bb500939109e98f2252fad98560df1d142a9cc8f404f20b22ea187fcb54b98035a22d2f0c10ff9e6cca7e2fb4c8c515ac78964701acdcb86745ce012a9e147098c769bf06c58792b9e068e7257ac5fd3babccc9ddeb8a2e81101a9d13c0cda7a410ec6f8b816959498757221d9bb26c0523d526aa4056a3d27820849addd5ef8ad87da41ee208cbf01690749c4f6ccfd07719bca2942d8986d7fa85f9d0e30afc488ea660d19e183aa91f15d8a849db84e7ab33351d514a90c54475ede718550a0c1199acfe39f097de20d11ce3906f3f75e8b77fcfa9665d1e609a20ce38e6f0cba6e1d803bfcdad0a4135837a9fe4ca5381008384673c5b5293957599bd4235e62734de4cdeb3b68cdb0c086476aa622ab391edc6ff5d5155505da22a2dc030db5828b8a90f304822ed88c3f86a87a1056679902c9ef0731d2163103029eaac9d2c59331be37067d063a9c6c430deae2a696b2c3753513199090377647e2a176033d44beb33fb17ddade1768f8131ccb4c47084efb0ed3e305907349f0973a03838d8c0155bc8424e8223fa2daec6bb6e02366e644a344bade305f4ca5704eaf0c74375a1e1f306298f4729bbcc062021a21408bb4c6808b0882eeb3fe3449264b20035ef4b9f3533c9044a501762d9b98b1d370ab7bf76cabedb3fdf57e2a0e8ee59c3c996d750158eb3ca81f1f8be907fcd5229b21eca09cab5cdfc291b8c03881971e6c9dd57ddea63a9d477279117fccf302b95be78b175c708cf084069afe9075d51c3c90ef305918777f5fa401a73b64ef0d18fb59ed2f3a8c59d739e7ec7781c44742a715f3bb0c2ab979cc4648c2b2343e99badccc52e0c33b13c83aece0a7515b675b43c728e7456718244b43927e93de656d5304d7936300fc6d3f9d3c081847e1da7bc601dc009a4b5fc468f3a85acddc31e104fbcb21e9e378e252d090bf5f6f424a4851870cab782a0b7baa52f0fd0731320c69307e75370270c913d95721495ff5fd295caad9be878679b6c509c832e0755c853e2204f923b475d9a0f4fc6b7c6073f5b1aac9f3869caa590edf1432dbf5aab7894ad9cfe414d36d0aee031fcc7e92fa35e07c7bdf32746bd26c3216a92ac43d85ab2397123b2b1a9bd7a2c3d9ca99282baa92e47b6426758c6f6c820d76f9d266fb05ef6b5e70c5bc9fece7e89f6d4667e48ba67c72f8f4b0c8380df8d04e4a14a8ffdcd82eba95a77f1f7a02888c8dd9282de13674740abc1747317cb048a14a8a216a25dacecf1c0f86e2e89c2b9116190b7b0cc4a7373fd2084e13ad92f805df9e44153189fc246792d359371ca1670f2fd4c61f78049405f57389d2db7fc7ceee4def2e48c068052faf840c1024d2289192024eb7d161d566f42c648671734c4214c20a1405b81ac64c57c9989b28190e6fb003d8dcc0e49841255b90d341571a17a29211e1b32dfe459573e91c52460b3bd1fe3514f9beb583aad50181ad3415c5a12b5378c9c7252669e6bb09e286215033aaedff8a4752992f84b84d262028bdf20a4ac3b126dce2836562357b851a90d8735b45e758c1d987854ac92529754367b4f38f131d650e8ad67788e75c1a79ee58fbae9760db070619e5fd19caad347b3405e9e0d953d721ac0a6018cae9c56ccd1632be2927823cd5cb651e70f14563f93b28fc8615af6406689e23be586b8b5df43b3063004daf258afd64a223f70fb3ff1f55ef6c50b650fbc2c52fe7139832c0c754466b9d0289e4a488d224ffd2a08bc0eaa8b64170f36563710d98a1d82bfdbc6085f6f72d5bc464bd11fd875102d4689b1f54da8b6ead18dfedd045221e3d64d2b1343077a1dd1a9ac87d0dab9a110f6c1a071479a8ff5d2b87f39c4c1ae1188192fa069cc66cf92ce7804405a8848df387b2cffaa3796af7ef14ae5a9d6358a2c659b7d72d1ceb805454fea5ace16534eb778e581a7f80aaa1a45576db20c6fc46330f384e14fc340af42db51a7297853924b4d29f4210a8acae2998a2a991594c5b604e1a7f705c1eb95524dc93d2d2ab101021a91b324aa9166db85bedecf034930d7fb2507c47229b319a45f39bbb50dd03d53cb363259284596c83bdbc369c21e901fef2454de69a0ced6601ddd6db2953392d1bfabe934d31c379d8ca92f2f7caee02eb6a421051aed361272224f2584f2e4afd2b73ece6c3a6ca07686e9093ddad67ee74e7ce3abf736bdfa56a0260b93d88c5af432c5b805c636c72e4d20f3479001972aa6e9bb5a76020993347df51cf346194133a563048dd8544728bc8d82b8b76bbc11207b7416b7f1786a10bee2bc14a6f328c8f25fddbc1da24e96f2164599b2cb4bf674680ca53ea8e226c9df5f358f782555b27d7a219fdded7d254388aec6831d069a133e2655bb8362fdec6b050faf676ae92c880217b2b948598956c73405cbfed7d22aceb010955421de4f63b38d9619c898995f38afc9658e31dbb39cc2dd3c6008d716d9d958a7442960b5f0b1036ab06da0499c007fe5d66290593396bafd9b02affa1d450a7a15bd057a10e299b7bdd0bc79d588625400875b84762ce96e4f576a6ea5c58dae1492da82ab3a4cee2d3f2343233ecd5a06342212c4d81682c2d20e723561b9b137f28de638a7f431073e0a41d801e2a3e0cad94981fa610c1a8321d462064c6665446d8a356a991582ad57fd051c9bad1838f08dbe438af9a3ac00eea2df52cfde8ca63b7c7b3a75cb46162e3d57c8828096361ed84de029a60d05c300d8491a7ccf7b2f5e458457fc43e973b072111ee060ce39cd14f4a75543faae55566a222ddb214ed1de2011564594372e7473c657a6cf8f37043cd8e51a4fc2c78c4204a2a835fcbe179dcfc5fa23703c6eaf0ebc35d167cbb29c98bd0e26dd76b6c180f7f0f4438dee3821d910c18ec9208e4b4210e21d4e831c4cc1522fe6358a963281644281c6cf452ef5079346221f979c4e24820ee77993edad03af311090f1628da915d1ceae1cf99efa6f8b1b648136501821449a69ad1f1e3d508c74173777a6d57aac00c0c8cd368733985b4b1f7a314bb344d8a25e351cb96b5243a542a740e0b55b71e119330f69d2c81cfff046176e8e3d561354f5d031481fc171c5bd9f83ec5f500bf3533e23e55a1a3994c69d2576e6eb6f660fcc12fbdafc1a82dff19c85653cf5dde70732f00850a", 0xff6) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffe}, 0x1) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x0) unshare$auto(0x40000080) connect$auto(0xffffffffffffffff, 0x0, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x40000, 0x0) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2800, 0x0) ioctl$auto_EVIOCGRAB(r1, 0x40044590, &(0x7f0000000000)=0x5) ioctl$auto_EVIOCGMASK(r2, 0x80104592, &(0x7f0000000140)={0x4, 0x800005, 0x400007}) close_range$auto(0x2, 0x8, 0x0) setfsuid$auto(0xee00) r3 = setfsuid$auto(0xee00) r4 = setfsuid$auto(0xee01) setresuid$auto(r3, r4, r3) r5 = setfsuid$auto(r3) shmctl$auto_SHM_INFO(0x39e2, 0xe, &(0x7f0000000280)={{0xfffffff9, 0x0, 0xee01, 0x0, 0xad1, 0xffffff01, 0x7ff}, 0x6, 0x4, 0x10001, 0x5, @raw=0x1, @raw=0xffff8000, 0x3, 0x0, &(0x7f00000001c0)="183c4cd462d1d797958110a4a19c749cc10e78d0350e44aabadfd80ac27d80bc0b3ebec8b780f536dd121e1152c88dda9faac5c9eed2dfb548440f37e0186fe88d154d5ca580f4f782a4f5a5e9ae3ef9ae4561958b7ae9b3e70149ef3e63718a61696a29bbfbbbb8f2ccf949774dab370ae9cdab5e1052f63b5d57d6e9cf05138c9976832e5af487d36fff51bdc5303984ced625ff6b85309e62a290e406fa126a6d47f2050856ade49f5cf9af0c075e", &(0x7f00000000c0)="2b7a995c71b40895323802aabf52"}) stat$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000380)={0x2, 0xb, 0xf, 0x2, r5, r6, 0x0, 0x6, 0x8000, 0x5, 0x6, 0x6, 0xd, 0x26b, 0x401, 0x3, 0xfffffffffffff663}) 4m24.472683894s ago: executing program 32 (id=906): timer_create$auto(0x9, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000300)={0x28020400, 0x0, 0x0, 0x0, {0x35}, 0x0, 0x0, 0x0, 0x0}, 0x58) read$auto(0x3, 0x0, 0x8080) timerfd_create$auto(0x7, 0x0) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/security/tomoyo/profile\x00', 0x1, 0x0) write$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r0, &(0x7f0000000300)="38ccf6913c2361f45736f709c989f2850ef8a6b33501e90f8f4fce5a4a0fd64c4f90d3cf9b534fce6ca6a7f1186f3f85e07fbb2b89829ffd8d524a90ba875c405f08cf27108c938422bbcb743c53baaacde3d0606839584e4f0fd5d7ac269108b48cc1622c2d7a809a2784febaacb5ac75c697d956826ae840063a8c88c887f553b4b45e3ca81b9a9e87a9f53e23ba3f9bdda81d0dfec15bba957eb7d20ef9dea96e2e65c3b944f4e3f31e4cff10f9e81d9ce4753bbd40500ff534a08b30bca36f27e4f4fdf487b7ed2b10a4df83c05f6074e7ed9eab5de7bda48d517c6d9b96acd546957e51ef66bc213bb9e6fd6a9fc1ae9094198e4eba6e5677e8c647dbd49753df9e3f8ce97f80dc4b41761af7eeabdf9aae31f2745241b0ff3583c98ab170c513ee1aa3d83bef1f7615526a101b10be705530cd721c2ab8c3541177289568886a988f6b155291e3cfcd96faff1934153283ad04db4d4243e426444a98d7eb9b4b814171e7efab1e2ed36748020ed07e77003e6b20c2840fda105d17518e30ca3b932f369c60c1ae519a5e274ecc3cab9e94bbefd37647583d2b44a4ac3e0d3e0b91bf4aef48502a0878f55b5bea32240ca73e5624af8edbfb633c6756630314b6d9c31565d0de172b3628cbd8ec7214c96bf8db069481e21c477a66dafeed4b48ee370835bf5dff17654bc3ede8b132ebd8d88a26cc5a705c383c629f71333c431c85b6eb6a31ca8929d034e92071a790ef119abe141e1525d080d63ccb12a542afc180bc6d9318bf1afd7265bcecfd02eff090c803ac970ed2a7978ca5a686eac986b6a9087b6f1e06f0c595cdaf80f0343c9713e3c4ec63c95e429438e52ba76ea70ef93383394daeaf36d0a7d0914e80822b81763e7a7979e33d94529ea34e12538d3a8c692c00f2809c9c320eecf5c415ce332ab20b3f0b21bb67add50cd3af214f74f53112cd7a7ffe4f7a22dd9f74ca18993e582602b49f87630f77f38639d4b8d7bed612dab510f113cb299aed0c5b2dfda5d718a3b3feafc12ba0267205141476a51c2ad85b6b34a675dc966856edf864f055dbb7e97345a19757df98ae911d7e0abf78bd5b48364abc0e18b17edac606fa60656b155a8dd85848559c8ee39952ab3f2fba055440359c40fa93e05a1e687912216a3c889808119133928140dff78425e750f4cf11374d54371b0358d471185ff258e54dcc9a2c208e1f30c1251793c0102ddae455313f177fd9d8611b603ae3836fd0783ae7406de37f69235a667196b48fcce4f359a5110ef97fe0c5a964442c801169a83205ba7884852f2b20c50d81d9d50621d49bc2078f80b4fd9cb639163911c518d63a156d5ee1e6b107455d86f969fca195348eeef4c4a5f57b5ccdb12237cd61804496642d1d42f78dbe5428b301db4c7cfdd73fbb2ef5e78abdfd5a561cff1873b3b4e72728a1dc41b51a5d53ac45cf2fd3bb6386d605b5cc0de5badcfac29e994ed1c4f174943f96e5118b9b94e133794a6d11c19469e92dd38e5c77346c2e3f23e889e8cbe990ddc5792987b5ff7581b9437c0b6b0c66ab51f581208d576e836b899853a0ba433fa2e3e81c291937ec0bd4b07e30ca7f3935a9e5e0aeb0202144e55a2f9b591d89f453a39d6c43ddf6d43d6fd270faeb5e1208a48737647099ff2bfbd87f358ace25d4633270d7ff75e186abadc11c430ee4b2714b37189a59bac76a75368fad301ff087c5e94895bfa6cc64eee10c672846c0d700dda791f333d7dd014752df82e588cea4a3d469938f318b2943eb762140ca9434d5bd42f95109aaeedc7d69ddbccfcbd4d61b4f939591545cf1413b1a99db1d12f333a8dfa7c7429d5b8fdc74a320c070edebd66ac3e9bfd04ca291e56dfdb53f9a44a25f1971e017d6a8df8e4afe66b7e26912a41bb950e0d5c34d8132a13013fafaa00dd898db2b9c888b706acab2dc68c4a12b91833b172d66c13e9f084efe76b6f1903561703e61c91c2b796563ea34efe6bd623e793a8abac1979b16bddf25054bef8807d0f1124ff17083fa599857489bbeee3746ff3154a6a32d172d48803c712c9570a5db6ee734d7cff4df4b2f8d4ada713aa143d652f0e814a25f573d232fd52c8a4cce113c73d9bffb50a3e4d000370442d15ce20dfc44c61208df0e4b066f4e08b611596f0b3b2fc1a36a3af692debc59992ba2d91a2017d308dd9aeef18aa903ef3542a348807820d5860f94c9dd6e96bc0742500a39415542f73d4f6c1b002817dc134330503996b1b71ae6c0a037582c0e0cbd339c8ca45583b7fbddc65803e17981b104029b90f5dd58ca2a74c93c1fb2315255985625a7ac9f075df0fc5574b0ab6dfda6502aa3e3dfa92f3cfd472204a84bf7f0bad5dc9757622e0aa5ec2744241a978711c59d73de9b86053205133cfd79fb4266041ae6efc6cc0748868ae7b97493498616335662b7297d0046eed6a5ee216a80b4d58efc4fae8fc0cb693d9cf4dbe53cb740cc9a1a1a04139c5dbcc8fd9a86e163828708556a0062ff1a50916ddb21192a4578b70dc1e8f5f9b5772e9c7eefeda00cdb82d54f4ca526cfd0bb500939109e98f2252fad98560df1d142a9cc8f404f20b22ea187fcb54b98035a22d2f0c10ff9e6cca7e2fb4c8c515ac78964701acdcb86745ce012a9e147098c769bf06c58792b9e068e7257ac5fd3babccc9ddeb8a2e81101a9d13c0cda7a410ec6f8b816959498757221d9bb26c0523d526aa4056a3d27820849addd5ef8ad87da41ee208cbf01690749c4f6ccfd07719bca2942d8986d7fa85f9d0e30afc488ea660d19e183aa91f15d8a849db84e7ab33351d514a90c54475ede718550a0c1199acfe39f097de20d11ce3906f3f75e8b77fcfa9665d1e609a20ce38e6f0cba6e1d803bfcdad0a4135837a9fe4ca5381008384673c5b5293957599bd4235e62734de4cdeb3b68cdb0c086476aa622ab391edc6ff5d5155505da22a2dc030db5828b8a90f304822ed88c3f86a87a1056679902c9ef0731d2163103029eaac9d2c59331be37067d063a9c6c430deae2a696b2c3753513199090377647e2a176033d44beb33fb17ddade1768f8131ccb4c47084efb0ed3e305907349f0973a03838d8c0155bc8424e8223fa2daec6bb6e02366e644a344bade305f4ca5704eaf0c74375a1e1f306298f4729bbcc062021a21408bb4c6808b0882eeb3fe3449264b20035ef4b9f3533c9044a501762d9b98b1d370ab7bf76cabedb3fdf57e2a0e8ee59c3c996d750158eb3ca81f1f8be907fcd5229b21eca09cab5cdfc291b8c03881971e6c9dd57ddea63a9d477279117fccf302b95be78b175c708cf084069afe9075d51c3c90ef305918777f5fa401a73b64ef0d18fb59ed2f3a8c59d739e7ec7781c44742a715f3bb0c2ab979cc4648c2b2343e99badccc52e0c33b13c83aece0a7515b675b43c728e7456718244b43927e93de656d5304d7936300fc6d3f9d3c081847e1da7bc601dc009a4b5fc468f3a85acddc31e104fbcb21e9e378e252d090bf5f6f424a4851870cab782a0b7baa52f0fd0731320c69307e75370270c913d95721495ff5fd295caad9be878679b6c509c832e0755c853e2204f923b475d9a0f4fc6b7c6073f5b1aac9f3869caa590edf1432dbf5aab7894ad9cfe414d36d0aee031fcc7e92fa35e07c7bdf32746bd26c3216a92ac43d85ab2397123b2b1a9bd7a2c3d9ca99282baa92e47b6426758c6f6c820d76f9d266fb05ef6b5e70c5bc9fece7e89f6d4667e48ba67c72f8f4b0c8380df8d04e4a14a8ffdcd82eba95a77f1f7a02888c8dd9282de13674740abc1747317cb048a14a8a216a25dacecf1c0f86e2e89c2b9116190b7b0cc4a7373fd2084e13ad92f805df9e44153189fc246792d359371ca1670f2fd4c61f78049405f57389d2db7fc7ceee4def2e48c068052faf840c1024d2289192024eb7d161d566f42c648671734c4214c20a1405b81ac64c57c9989b28190e6fb003d8dcc0e49841255b90d341571a17a29211e1b32dfe459573e91c52460b3bd1fe3514f9beb583aad50181ad3415c5a12b5378c9c7252669e6bb09e286215033aaedff8a4752992f84b84d262028bdf20a4ac3b126dce2836562357b851a90d8735b45e758c1d987854ac92529754367b4f38f131d650e8ad67788e75c1a79ee58fbae9760db070619e5fd19caad347b3405e9e0d953d721ac0a6018cae9c56ccd1632be2927823cd5cb651e70f14563f93b28fc8615af6406689e23be586b8b5df43b3063004daf258afd64a223f70fb3ff1f55ef6c50b650fbc2c52fe7139832c0c754466b9d0289e4a488d224ffd2a08bc0eaa8b64170f36563710d98a1d82bfdbc6085f6f72d5bc464bd11fd875102d4689b1f54da8b6ead18dfedd045221e3d64d2b1343077a1dd1a9ac87d0dab9a110f6c1a071479a8ff5d2b87f39c4c1ae1188192fa069cc66cf92ce7804405a8848df387b2cffaa3796af7ef14ae5a9d6358a2c659b7d72d1ceb805454fea5ace16534eb778e581a7f80aaa1a45576db20c6fc46330f384e14fc340af42db51a7297853924b4d29f4210a8acae2998a2a991594c5b604e1a7f705c1eb95524dc93d2d2ab101021a91b324aa9166db85bedecf034930d7fb2507c47229b319a45f39bbb50dd03d53cb363259284596c83bdbc369c21e901fef2454de69a0ced6601ddd6db2953392d1bfabe934d31c379d8ca92f2f7caee02eb6a421051aed361272224f2584f2e4afd2b73ece6c3a6ca07686e9093ddad67ee74e7ce3abf736bdfa56a0260b93d88c5af432c5b805c636c72e4d20f3479001972aa6e9bb5a76020993347df51cf346194133a563048dd8544728bc8d82b8b76bbc11207b7416b7f1786a10bee2bc14a6f328c8f25fddbc1da24e96f2164599b2cb4bf674680ca53ea8e226c9df5f358f782555b27d7a219fdded7d254388aec6831d069a133e2655bb8362fdec6b050faf676ae92c880217b2b948598956c73405cbfed7d22aceb010955421de4f63b38d9619c898995f38afc9658e31dbb39cc2dd3c6008d716d9d958a7442960b5f0b1036ab06da0499c007fe5d66290593396bafd9b02affa1d450a7a15bd057a10e299b7bdd0bc79d588625400875b84762ce96e4f576a6ea5c58dae1492da82ab3a4cee2d3f2343233ecd5a06342212c4d81682c2d20e723561b9b137f28de638a7f431073e0a41d801e2a3e0cad94981fa610c1a8321d462064c6665446d8a356a991582ad57fd051c9bad1838f08dbe438af9a3ac00eea2df52cfde8ca63b7c7b3a75cb46162e3d57c8828096361ed84de029a60d05c300d8491a7ccf7b2f5e458457fc43e973b072111ee060ce39cd14f4a75543faae55566a222ddb214ed1de2011564594372e7473c657a6cf8f37043cd8e51a4fc2c78c4204a2a835fcbe179dcfc5fa23703c6eaf0ebc35d167cbb29c98bd0e26dd76b6c180f7f0f4438dee3821d910c18ec9208e4b4210e21d4e831c4cc1522fe6358a963281644281c6cf452ef5079346221f979c4e24820ee77993edad03af311090f1628da915d1ceae1cf99efa6f8b1b648136501821449a69ad1f1e3d508c74173777a6d57aac00c0c8cd368733985b4b1f7a314bb344d8a25e351cb96b5243a542a740e0b55b71e119330f69d2c81cfff046176e8e3d561354f5d031481fc171c5bd9f83ec5f500bf3533e23e55a1a3994c69d2576e6eb6f660fcc12fbdafc1a82dff19c85653cf5dde70732f00850a", 0xff6) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffe}, 0x1) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x1, 0x0) unshare$auto(0x40000080) connect$auto(0xffffffffffffffff, 0x0, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x40000, 0x0) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2800, 0x0) ioctl$auto_EVIOCGRAB(r1, 0x40044590, &(0x7f0000000000)=0x5) ioctl$auto_EVIOCGMASK(r2, 0x80104592, &(0x7f0000000140)={0x4, 0x800005, 0x400007}) close_range$auto(0x2, 0x8, 0x0) setfsuid$auto(0xee00) r3 = setfsuid$auto(0xee00) r4 = setfsuid$auto(0xee01) setresuid$auto(r3, r4, r3) r5 = setfsuid$auto(r3) shmctl$auto_SHM_INFO(0x39e2, 0xe, &(0x7f0000000280)={{0xfffffff9, 0x0, 0xee01, 0x0, 0xad1, 0xffffff01, 0x7ff}, 0x6, 0x4, 0x10001, 0x5, @raw=0x1, @raw=0xffff8000, 0x3, 0x0, &(0x7f00000001c0)="183c4cd462d1d797958110a4a19c749cc10e78d0350e44aabadfd80ac27d80bc0b3ebec8b780f536dd121e1152c88dda9faac5c9eed2dfb548440f37e0186fe88d154d5ca580f4f782a4f5a5e9ae3ef9ae4561958b7ae9b3e70149ef3e63718a61696a29bbfbbbb8f2ccf949774dab370ae9cdab5e1052f63b5d57d6e9cf05138c9976832e5af487d36fff51bdc5303984ced625ff6b85309e62a290e406fa126a6d47f2050856ade49f5cf9af0c075e", &(0x7f00000000c0)="2b7a995c71b40895323802aabf52"}) stat$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000380)={0x2, 0xb, 0xf, 0x2, r5, r6, 0x0, 0x6, 0x8000, 0x5, 0x6, 0x6, 0xd, 0x26b, 0x401, 0x3, 0xfffffffffffff663}) 18.529355433s ago: executing program 1 (id=1906): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) r0 = syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x200, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001280)={&(0x7f0000000240)=ANY=[@ANYBLOB="08010000b9089c5a3e73005b9ce9ba5ecaf9fa7a7e", @ANYRES16=r4, @ANYBLOB="080025bd7000fddbdf256900000008009a000100010006004f01090000001700130013c366f9244357d432f6e44cc4bf4e5878fe5d00080002002f247b0005006000080000000500a3000200000045001f00ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e90000005c007580ba6aeb15a3f761572ca4eb336e5dfaa39a4e112524144c26d5a6468d0f3a3919ee7a2bf863f683c121bc3b2170c49b100b274baaf7e35af6d0f2356f99129b14dfb3c040f557f81b08003800000400000800e600", @ANYRES32=r1, @ANYBLOB="05008a00080000000500f60007000000"], 0x108}, 0x1, 0x0, 0x0, 0x91}, 0x10) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) mlockall$auto(0x7) mprotect$auto(0x0, 0x806121, 0x6) mmap$auto(0x0, 0x40000f, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r5, 0x0, 0x7) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x9}, 0x3) socket(0x25, 0x6, 0x80000000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x80000000, 0x3000}, 0x4) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) ptrace$auto(0x10, r0, 0x2, 0x1007ff) 10.9153852s ago: executing program 1 (id=1924): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r0, &(0x7f0000007b00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000007a80)={0x14, r1, 0x311, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0xfffff000, 0x0, 0x40000}, 0x20000000) 10.482071769s ago: executing program 1 (id=1925): close_range$auto(0x2, 0x8, 0x0) epoll_wait$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4dd}, 0x4, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000880), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000940)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000280)={0x24, r1, 0x3abba0b2ae0bab93, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0xc811}, 0x10) select$auto(0x7, 0x0, &(0x7f0000000000)={[0x209c, 0x40, 0x8, 0x19, 0xffffffffffffeff7, 0x47, 0xc, 0x200000f, 0x0, 0x0, 0x12, 0xd59, 0x100000000101, 0x9b, 0x2, 0xffffffffffffffff]}, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)={0x28, r5, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_SCAN_SSIDS={0xc, 0x2d, 0x0, 0x1, [@typed={0x8, 0xeb, 0x0, 0x0, @uid}]}]}, 0x28}}, 0x4000000) 8.819655439s ago: executing program 1 (id=1933): unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000040)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x8000000000000, 0x2f) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r2, 0x0, 0x1ff) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/fs/xfs/stats_clear\x00', 0x1, 0x0) write$auto(r3, 0x0, 0x3) listen$auto(0x3, 0x81) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) close_range$auto(0xffffffffffffffff, 0xa, 0x0) mmap$auto(0x0, 0x6, 0x3, 0x4000000000000eb1, 0x7, 0x8000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) r4 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0) ioctl$auto_BLKPG2(r4, 0x1269, 0x0) ioctl$auto_MEMGETINFO(r4, 0x80204d01, 0x0) mmap$auto(0x0, 0x402000b, 0x4af, 0xeb1, 0x401, 0x69c6e201) read$auto(0x3, 0x0, 0xfffffdef) syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x100000e983, 0x21000, 0x10, 0xffffffffffffffff, 0x8000) getsockopt$auto_SO_SNDBUF(0xffffffffffffffff, 0x73, 0x7, &(0x7f0000000100)='SEG\x85\x00', &(0x7f0000000140)=0x9d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x1c0000, 0x800097, 0x1, 0x0, 0x3, 0x1) mbind$auto(0x0, 0x800605, 0x1, &(0x7f0000000180)=0xffff, 0xa, 0x3) 8.376420304s ago: executing program 0 (id=1936): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x485, 0x7, 0xe08}]}) connect$auto(0x3, 0x0, 0x54) faccessat2$auto(0xffffffffffffffff, 0x0, 0x3, 0xb) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x2882, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) mmap$auto(0x0, 0x2000a, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r3 = getpid() sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYRESHEX], 0x14}, 0x1, 0x0, 0x0, 0x24044024}, 0x800) process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r4 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0x103001, 0x0) ioctl$auto_I2C_RDWR(r4, 0x707, 0x0) read$auto(r2, 0x0, 0x20) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = socket(0xa, 0x1, 0x84) setsockopt$auto(r5, 0x0, 0x60, 0x0, 0x6f7250c4) syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000100), 0xffffffffffffffff) mmap$auto(0x1, 0x7, 0x4000000000df, 0x11, 0xffffffffffffffff, 0x5) setsockopt$auto(0x3, 0x84, 0x16, 0xfffffffffffffffd, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyp6\x00', 0xa0102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/set_event_pid\x00', 0xa0241, 0x0) ioctl$auto(0x3, 0x541b, 0x10000000000402) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) socket(0x10, 0x2, 0x0) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) 7.594217071s ago: executing program 0 (id=1938): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x4020009, 0x800000000000df, 0x400000000e31, 0xffffffffffffffff, 0x0) (async, rerun: 64) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xfffffffa) (async) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/thread-self/net/pppol2tp\x00', 0x0, 0x0) pread64$auto(r0, 0x0, 0xd, 0x6e9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) sysfs$auto(0x2, 0x100000000000038, 0x0) (async) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) (async, rerun: 32) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) (async, rerun: 32) getrandom$auto(0x0, 0x6000000, 0x3) (async, rerun: 32) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async, rerun: 32) futex$auto(&(0x7f0000000180)=0xffffffff, 0x9, 0x47e7, &(0x7f00000001c0)={0x8, 0xacff}, &(0x7f0000000200)=0x9723, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) (rerun: 64) setresuid$auto(0x0, 0x0, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) mmap$auto(0x0, 0x2008, 0x1ff, 0x10, 0x401, 0x2ffffffffffd) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x2062, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) (async) sched_setattr$auto(0x0, 0x0, 0x7b) (async, rerun: 64) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0) (async) set_mempolicy_home_node$auto(0x1, 0x4, 0x1000, 0x8) (async) write$auto_tomoyo_operations_securityfs_if(0xffffffffffffffff, 0x0, 0x33) getdents$auto(0xffffffffffffffff, 0x0, 0x400018) (async) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) 7.311887341s ago: executing program 0 (id=1939): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D3\x00', 0x200a41, 0x0) r1 = bpf$auto(0x8000000, 0x0, 0x0) (async) mmap$auto(0x7, 0x2000000000000401, 0x97ff, 0x1d, r0, 0x5) (async, rerun: 32) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) (async, rerun: 32) prctl$auto(0x3e, 0x3, 0x0, 0x200000000003, 0xffffffffffffffff) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/mem\x00', 0x40, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1d\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"P\x8a\xbbY8@Z5`\xa2\x9aSVd\x1d\xac\xe8\x90e\x9d\x03tm\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7.\xbe\x01\x98\xd7l\x00\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\xf0\xd9\xc0K\x8b\xa3c\x00'/160, 0xa9) (async) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x20000054) (async) write$auto(0xffffffffffffffff, 0x0, 0x81) write$auto(0xffffffffffffffff, 0x0, 0x98c7) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x2000d, 0x4, 0xeb1, 0xffffffffffffffff, 0x6000000000) (async) shmctl$auto_SHM_LOCK(0x2, 0xb, 0x0) (async, rerun: 64) write$auto_console_fops_tty_io(r1, &(0x7f0000000100)="0500008dd349480c48fa0c2db69e8731428fc46e31a6323c98b1b58fe4b8df15ec3fb64006642a51e0a3494f33ed3d9f09f70a73c89776e0", 0x5a) (async, rerun: 64) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4c2080, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20004000) (async, rerun: 64) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x400008000) (async, rerun: 64) r3 = socketpair$auto(0x0, 0x1000, 0x7fffffff, &(0x7f0000000040)=0x4) (rerun: 64) close_range$auto(r3, 0xffffffffffffffff, 0x0) (async) open(0x0, 0x22240, 0x55) pidfd_send_signal$auto_PIDFD_SELF_THREAD(0xffffffffffffd8ef, 0x3, 0x0, 0x8b) (async) ioctl$auto(0x3, 0x6f50, 0xffffffffffffffff) (async) getrandom$auto(0x0, 0x6000000, 0x3) (async) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r2, 0x8000) ioctl$auto_BLKRRPART(r2, 0x125f, 0x0) (async) madvise$auto(0x0, 0x400053, 0x9) 4.200215944s ago: executing program 4 (id=1944): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = getpid() process_vm_readv$auto(r0, 0x0, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000380), 0x10d040, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) io_uring_setup$auto(0x401, 0x0) read$auto(0x3, 0x0, 0xfdef) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) 3.828808099s ago: executing program 2 (id=1945): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = io_uring_setup$auto(0x401, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_to_batadv\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r2, 0x400, 0x70bd25, 0x25dfdbff, {}, [@OVS_DP_ATTR_NAME={0x9, 0x1, ']:#(\x00'}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r3}, @OVS_DP_ATTR_NAME={0xd, 0x1, '$}:+&]!%\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/smbd_send_credit_target\x00', 0x141001, 0x0) write$auto(r4, &(0x7f0000000040)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x6) linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x400) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x10, 0x2, 0x4) r5 = socket(0x2, 0x1, 0x106) bind$auto(r5, 0x0, 0x6a) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="ffa2"], 0x44}, 0x1, 0x0, 0x0, 0x10000000}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x7, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x8, 0x20016, 0x8020000000f, 0x10000, 0x5f, 0x20000000000804, 0x2}, 0x6f0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xa}, 0x7}, 0x3, 0x2) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/capabilities/key\x00', 0x80000, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) read$auto(r6, 0x0, 0x10000006) write$auto(0x3, 0x0, 0xfdef) getsockopt$auto(r0, 0x84, 0x75, 0x0, 0x0) 3.777105745s ago: executing program 4 (id=1946): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002a80), r0) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(r3, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001280)={0x28, r4, 0x929, 0x70bd28, 0x25dfdbff, {}, [@HSR_A_IFINDEX={0x8, 0x2, r5}, @HSR_A_NODE_ADDR={0xa, 0x1, @multicast}]}, 0x28}, 0x1, 0x0, 0x0, 0x240008c5}, 0x4054) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'ip6tnl0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_MODULE_SET(r0, &(0x7f0000002b80)={0x0, 0x0, &(0x7f0000002b40)={&(0x7f0000000340)={0xdc, r1, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_MODULE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_MODULE_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xc819}]}, @ETHTOOL_A_MODULE_HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x200}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}, @ETHTOOL_A_MODULE_POWER_MODE_POLICY={0x5, 0x2, 0x8}]}, 0xdc}, 0x1, 0x0, 0x0, 0x881}, 0xc810) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) unshare$auto(0x40000080) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x10000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/rxrpc/calls\x00', 0x40280, 0x0) (async) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109400, 0x0) ioctl$auto(r7, 0x540a, r7) (async) close_range$auto(0x2, 0x8, 0x0) (async) r8 = socket(0x2, 0x3, 0x100) sendmsg$auto_MACSEC_CMD_UPD_RXSC(r8, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@MACSEC_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000080}, 0x20000040) (async) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='#\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) r9 = getpgid$auto(0xffffffffffffffff) ptrace$auto_PTRACE_GETREGS(0xc, r9, 0x10000, 0x385) 3.259610682s ago: executing program 1 (id=1947): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/dummy0/mtu\x00', 0xe3102, 0x0) mmap$auto(0x0, 0x8001, 0x4000000000df, 0xeb5, r0, 0xd1) ioctl$auto_MON_IOCX_GET(0xffffffffffffffff, 0x40189206, 0x0) (async) r1 = open(&(0x7f0000000040)='./file0\x00', 0xa2240, 0x110) (async) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000080)='/dev/usbmon10\x00', 0x92242, 0x0) (async) shmctl$auto_SHM_STAT(0x6, 0xd, &(0x7f0000000440)={{0x0, 0xee00, 0x0, 0x3, 0xfd8, 0x6, 0xe}, 0x8001, 0x7, 0x8000, 0x45d, @inferred, @inferred=0xffffffffffffffff, 0x401, 0x0, &(0x7f0000000240)="88da492d540d0b140659a8ae9d68be48940c99e74bf54ca9bbc16ee835a73d119175b354b97a7d6bf72eddce768dd42c972002950e35acfaf822c0362ae524592dfc2bcf25c8175fdf3ad666aaeb10e2914b7e4fac51022d1a67ced38c93f7986a86638ea4d6d97c656340825c5ec7d3889c95149cfab722b4f7340367484f2aa51a7607505f6e8cc82462e6dbaf1f285196a34113647e5715139e590efaf214be42c3658941669bb7ca5a804e3d2046d272e1df4a4e27e9680ea0f5ba4187e36fa6226a47d22cea1b24e01b2539a0c9b9f0e0a1b6581b5ed8c94124b8", &(0x7f0000000340)="3e8a24ccea6d2b1ae61f4fa40fe5eb4e45960bacb030fdaec2bb6b7f5747cf1d18116b31acda825fe6bd52b5bbe518e2bffa66118d6a140cf934ac15e5c82bc3cd12ef15fe8d1f2478f2805e78137e93ec1f228e25f98657f474e53c0df7ce35ce5b317d79486084a17138e3869f86d3d9d341f6cee0e1cbe636fee586ec04a2975475c27b3bee7f419a3d4c65d30e98a1edbf4b7925183c669df534197ede69246b3a01c7a5ad905017106930bb2ce5c0e2fd6a9c601f21cdf805af50f93c0ea2ca9e0b5c654afe2e17"}) ioprio_set$auto(0x9, r2, 0x8001) (async) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D1p\x00', 0x40, 0x0) fcntl$auto(r1, 0xb, 0x0) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_severities_coverage_fops_severity(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000500)='/proc/irq/12/effective_affinity\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r4, &(0x7f0000000180)=""/250, 0xfa) (async) read$auto_severities_coverage_fops_severity(r3, 0x0, 0x0) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x1, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) munlock$auto(0xf, 0x6) gettid() (async) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) (async) ioctl$auto_PPPIOCSMRRU(r5, 0x4004743b, 0x0) (async) ioperm$auto(0x3, 0x5, 0x149) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8040) (async) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x7fffffff, 0x3ef) (async) mmap$auto(0xeffffffffffffffd, 0x810006, 0xffb, 0x8000000008015, r1, 0x0) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x8202, 0x0) 3.235809586s ago: executing program 2 (id=1948): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x20280, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a0080"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='J'], 0x1ac}}, 0x40000) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r1, 0xfffffffffffff000, 0x2) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/027/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f00000001c0)={0x0, 0x5517, 0x0}) timerfd_create$auto(0x9, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto(0x3, 0x40085400, 0x5) rt_sigtimedwait$auto(&(0x7f0000000100)={0x9}, &(0x7f0000000140)={@_si_pad}, &(0x7f00000001c0)={0x1, 0x6}, 0x8) fcntl$auto_F_SETFD(r1, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0xfffffffe, &(0x7f00000002c0)={0x0, 0xc5}, 0x1, 0x0, 0x0, 0x9}, 0x107}, 0x3, 0x0) 3.120498724s ago: executing program 4 (id=1949): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) (async) r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci5/rfkill30/state\x00', 0x644000, 0x0) (async) unshare$auto(0x20000080) (async) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) (async) read$auto_gpiolib_fops_(r0, &(0x7f0000000040)=""/173, 0xad) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2b, 0x1, 0x0) (async) socket(0xa, 0x2, 0x88) (async) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) 2.911156855s ago: executing program 4 (id=1950): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r0 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_prog_fd=0x77, 0xa, @old_map_fd=r0}, 0x10) bpf$auto(0x2, 0x0, 0xc) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf) 2.788967356s ago: executing program 0 (id=1951): ioctl$auto_XFS_IOC_EXCHANGE_RANGE(0xffffffffffffffff, 0x40285881, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0xd297, 0x6, 0x4, 0x2000000c3c7}) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100f9020000fbdbdf250100000008000b00ac141420080001"], 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x11, 0x3, 0x9) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0\x00', 0x20800, 0x0) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) ioctl$auto_MEMGETREGIONCOUNT(r1, 0x80044d07, &(0x7f0000000040)=0x51) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) r4 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) read$auto(r4, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) ppoll$auto(&(0x7f00000000c0)={r0, 0x1, 0x296}, 0xa7e2, &(0x7f0000000180)={0x3, 0xffffffff}, &(0x7f00000001c0)={0x100}, 0x8) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0xc413) write$auto(0xffffffffffffffff, &(0x7f0000000000)='-\x00', 0xfdef) ioctl$auto_USB_RAW_IOCTL_EP_READ(r0, 0xc0085508, &(0x7f0000000080)={0x8000, 0x0, 0xd39}) close_range$auto(0x2, 0x8, 0x0) 2.681371614s ago: executing program 4 (id=1952): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/dummy0/mtu\x00', 0xe3102, 0x0) sendfile$auto(r0, r0, 0x0, 0x2) socket(0x2, 0x5, 0x0) mmap$auto(0x2, 0x9, 0x102, 0xebc, 0x401, 0x0) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) mmap$auto(0x8001, 0x400008, 0xdf, 0x9b78, 0x2, 0x7ffc) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r3, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x581402, 0x0) r5 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r5, 0xc0403d11, 0x0) mmap$auto(0x0, 0x5, 0x3, 0x14, r5, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) ioctl$auto_XFS_IOC_ERROR_INJECTION(r4, 0x40085874, &(0x7f0000000040)={r2, 0x8001}) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) ioctl$auto_MON_IOCQ_RING_SIZE(r1, 0x9205, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x8202, 0x0) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) bind$auto(0x3, 0x0, 0x6a) write$auto_fops_init_pkru_pkeys(0xffffffffffffffff, &(0x7f0000000080)="e7c2da8ba23469d9b78d2e257333bedaec957355b8c2c4c78f4a98e7180aa3b6d8afaf53abd64bf02defddb935038a6350c6259409250cc647e2e31b634e6db34c973bc76b3cea", 0x47) 2.289346461s ago: executing program 0 (id=1953): open(&(0x7f0000000140)='./file0\x00', 0x50da43, 0x4) mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x0, 0x20005, 0x7f, 0x14}, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_7={@link_id=0x1, 0x3, 0x3, 0xffffffffffffffff}, 0x6f3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x0, 0x34, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x3, 0x6) socket(0x11, 0x80003, 0x300) socket(0x10, 0x2, 0x0) socket(0x2, 0x3, 0x2) socket(0x2, 0x3, 0x104) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4040, 0x0) landlock_add_rule$auto(r0, 0x2, &(0x7f0000000400)="195b270b5269590d4f83e590c27307812c34f8584d51ec3ead731c13e82f1ce4136fb0792843459bb7173404b0ff279486322687b511376f33b7a56e1121469aee76374455cb7a6fa76200f2654fe99934553682eae81904b5510eb9b24c3daed555e5123deebb9bfa7ddae87e20f3d57199aaa363dd40e6a73cef6253e3f6ff1234b54863007c4be535c3025c548499e405369a636d8b380e993216380f12341f4b754e064c56734890d42395e8ce63e7d84dfbb2b559b897dbee4e6adddc6f218c36fbac23797023e09f248c888bd03cf9d5018875b268ac8c40d1077743dfbbe5e53e9ab9dcba71529617e879ebf123295d150c316950f6ac2e6928cdab0b3db87b6c04cde107a9f0a8ce674718181239e084f634950cff85d2eeae49e19a476d89146ceb1466e3cf8846ad0a9052bbdc17a785300d580802799973ff595f0c1a68b62fdd32b9d1648096484a923b4646260bd0677fa7ce1477429f4a16620ffa98d15b87bb9d4976e4470f2b42cda22daa477326f90b7b20deb840804b9f1abd6e62ea34555c332c36484e284482160937f2336a90fd52b086c0bb6fe22192ffafe4187897176a28b67eba2b8a0c5a4f1003379af112b7b10d7b802bb9bfbfcc181ca9df01cbb62f3c456d139aab4e8bbc37e221604d2780e863f61fe9ddf9c2f02019b7621f3a5928895beebc8cdf2832df2081378f2bc484edaca31bebe38c11f56ca52be5aa9ea0a4794be6d25c4e32cf9faf7dfc7d68982e7b495dd71bcef880b57cd28821d3b38345e3c911025548729dcb284be593196e754d6b6908051d8d645d0c8daa5b0588231a96b5eac83fd37835b98ffb3547bb40bc36ac976d5278752974cf2ab3a539b5a6cb42970753e52348c56810658acc762b0f563d52a7d38bb9c1b123b0258fb86714d1d24145247421a48813d99b486994c332f94d4e8dbeaed9386053a2ec10a5091677c9829acd327c4d6879e269cbf7d9606240614df1f235ec8f92998c9b73002b586a6f7bfae9c5a807a69290286312ade004d31f375e6c4682eb8344b77bb8cde2305c538da4ef70b96c7060986d22dcd75576382b77f4801f00e719d67b0603c43187c4abc65dc2c198ed0a8155bb085e934adff31920a1dc1d8d24b6071999d1f0d081f668e57e1561a4bafa89c284f7e894e22c79859a9d7cab01e8603e8f92651a29becdae033ad9c42e55ce25d36d653443a15a3c6380a304ae0359d448e578f148ad0b357455fda25482974013af201cbfd137afa93799ab37d7067dcb3254fa2d049811c9b39d49988f11c721eb3bf77401a7da75ec946fe493fbd0097820591ef43e55a84cd7954236260818110f9ade2288cfc5c34cc0f1940dc57c8d0d87d473ebfeb10d6e4ad90ce6131be9c7cc5ab04f46f8d53eefe0b86de629b718f6068ac75cbff609ab3fb49a9c4bcd921475cc25bc599970ea2a8b227a7d2be859aed31d89ac312d7c67448f3ac6d0dd4e31a3ac9114f2fede5a1e1c0109931bca2c0053674821c58083449fe4125bc211ea3859871fd73deb00a8b715a2ad2ac7b4646409b15e226a57a5044c211ba45b87cfe9b358a2da7d3e7a3ca18222a034d3f31e56b9cb18d27ff86031ef17ddf9a7c47f9357470880e8384ba84368f892b98af983953c51082084427086d04fe15e8a1126bc25b9256db225c6b1e92a0f70a9ba36d6aa3450b0a0c9a76877cb99ce47690d805cf2114ae802689f2064f4be27e8f1df2b4d19371da36402cf35e0138e359c216232fe024121b8e65c2eeb417c54d75ad1708658757c9fdf7705a5b5b564ffbc1299f5bbe4bdb01315502ce1a7487224d27bd9b5226582dcbd8c354ba00909193ecbb918db45ba93314059481b685499bb848e06be31cae10e663a018b6d9aea34a50a38fefd6dc642b8169f8e28ca418b479e836dcb93edf82462f32c58e429b1463b40d2ac081053a268064e2cac74f18fe4ff933545ff156c7f28ed14c032d7583c898612fa03e0e85fef0fa9fda9b9ecc27b71fad0a02bfcdabf3310932111e752f081c2d203ecea799f2c39146095eae77b3cd8f834161d6eb0cae61db77aaee3530a74128de0681346d97ddd627efe4693e1291518bf3d24c6f6d6912979d685f13e9b6f9656ca62e5ab9ffe50beacca8d140842a32154a3ece857c9c4ee41541a54468518ffd0249af30b0d4c94a7dc2be2ecd6c122b02e4e6a760e3671936d6dc3e8e210e94561a9379fba168888a4c6ffef61a45afe9a0a98626129d7aa644774a45a81f9046dc5c9e72d91f3dfe4bed29a483b59572ee2c54a8163b176722aa6e849bed551d23610b50416562eae80d00d72d8eea1d40cb3df419e73cfea031b953fd81adf99807c545de1f757dc80296b2555c5f2d2974897c9d5e6a4ec6b32879d7ecaf3b13e233dc1f2437c3ef8f4cde4eda847724889df92b73a122861b8dd5a1bd44bf162cf20a0e9cf4d2edbb43b64296ad910d7c66dd4256afee77edf8a6d7e1052f7afbf796bcd7a81f70a34af223fe63828edf6d25b2309e4197db2dab92cce30c54da61f2d74f83ef2f5e3fcaefce3989f6b03018c693ea5f2c42d4b8cf726176e55365b5639848acb8b1127eab246ca58efded3c01d48868be6e7b7d5bed2453f165f70bc339a5e03dac31383d1869fba232ac8a43f2ae89bc87c82ae5d8b8539d52a386f54df8a2b958f29c4064b0b9d733f1acf42e110468ac68ba0a31847eaf0750779fc2201d6a934e5764d3e55e124ed163e9186018fda7e9731680edb9161bf13d8541d84285a37c67595a22de6dd97086673397fbd11a4fcde3890104ec075365484471f11bc96fddc6f875473de768f5377420cd6b4eeae3e4511c9c91f81c3178e112d7a5979b02a987beb112bbf539b7db4cd7178cd06b20e2a60d855270b33f00df0605555ab0fd0493de18f33c4d6a823db92fc6af5898f65f6de79e9e1630a688538d3ee42634b344add642cc785cf100a7c0a2680be417ca9af048fdc247ec913139fee2a5bf7127631276e2934ab75ef785820492b83a2ab39ad2e371538e706137db55244d10ebad4a34c386ee0e84cf8ee7d723aae4cadb5d412fa3157cb86d64579272ffba2b2528352d63151a687494a4e8e667052ac1baa0c1ba731706ac06275c7d28abf3dbd57ab41768aca8faecf4280854be77563f7939b1ebda1e7008d1e17d5ccda651d01a0b6d4c75331232d51d5d6f74f20d4ef33d4714acf1e8dff1f13040437e36112b74b99fd32fe98ade0162ef58b2c2a34688046dff9f3c56646b2f35a569da96234bac26e0336521833afc6e41b3b9fb0b0d3aea6f551b74638ce1ff46975cea4e7be06ce084f03185e5bc1749d2bfa9dde979500500814b0b948c0a57aa496a6d6ea002d63e390c67aa7562928d7c3d8469c9d2dea67e45c54cf460f1b41163caebaa153ddd9cb40c941496be87c100bffa271f36bb4d70a1668248179a49c93a8d2177ade576cbefc4fe60240e1c9b1f30f0accafaa620c5dd260ed0f0ccf4573b05ad2190c333ce524245e10f813e88f1b965615f6253ef90787d05685e8a31163deffcde771c618bfbbed14c55592091ab3f7c929db5712c822144d3045c2067165f74c5ef90b96517b13dfc9452125909fb6825b58cf7356acd123720ac13ccef4805eb6046a6324ea846ba45d1e98893e098d14f2e8160f1f4e388f1a163f034bf0b2cc06a5f4771430be33955068fe4c18fb83a87dc889f43c60af57b9f1791449cdc280e1b66b56ea0552fabeb109da0e1ec339e6728978a0660967f79d1c44c1097d644f51de5fac05fabb001e12c50ad916adba832c8d7db6c6e03cd3857282fde7befe8ad4a9a02a29a92b70cc51e18df2f65ae85747f878720838da28bb7fbb280282568955029848bafe7d88e842d92d8ae98e29f53319e59c5f20fdfc7fa30ee5a3b133b6d37d0b59fa9d42bba986a42cebee48ba5da06648a7693b6b5a7f127329e6793874c168da51ddaea3d6620cc06fd269dc3b509d20f0639c1a6a46312a9b50f8a1944687699d5d5b8c95675e44238138f1c4e988a6fed56c51913bb04143beec076e6f0d7f4deab04e1a0f40cc26b9f97b4b1420464c9b01fc7f1794308993f77e7f688ae3bf3a38580d3c9329c694aac6ad87afb42f787477de4471db6c96396e94dc06ba17cb4bc33a12c1c49c1d70d3c821d49fa2be24e0ce5adc2e0c1644a12ba9b064bfd36885c38a119777474a792445c1cf801671fab4c51eb971023f8170d03c4b4fd47856a5e7a08457519c987044af8569b91fdcc51ca56e532bd895ddaf29f09c0292f167337b18fb0bd6b52f781a9f02cdb5bc9900f263293bd44afa3e6a183bb773071b04e11fd1fb4667488191ae4e013880bde29649a593f7c8ed346385af0cfaf330616b7023a2d7c9f8192e2a7a003b5b597cd9255ce23c2605893e1ab01888641aba1608540be001549fb4d085bf4fa89a79084c6377340c5a1559426bdc3bb87eda6f64a3df40c8a2f1724c208e2eb8b7c441fd8ceb7e2e3151e5cd4db8b67d05f23759f27cb688a623f61cfa1b163c75071867b81332a191fcb72407a10a3ddc510259f7950a8001da006a5539e8b252860bf34ee29e357f763f7f818af17f1977fe042bfa7adfe8793733e96c19395f234befd536b0489e6a00b0a37b7e29b5dcca5ff180b8564ca49065c3217514ee4ef179a3d0b577df59214610ce1e974a8bf74d4b8182cdc36d47a2f26472f3c3430763755a504900913b8f2cd6e97b5aea6d7fd7cf882ae1d2d0c2a6ad0879963e460e215758aa47037329c8bdbbe5e1fea9c513a59c99c66cd1e683ec84e3e32c2e3feecd4455c2bc7a06ae3362250ba73a771ecd546f5cf8354aa508f7a5feaf040bb49c80d40e295b10a97c1ac3201508647ec5dc4217baf8e4a3ba0948b8b6347b18de8324f7b4a34307ab6a314bb6d33f20b28e7db6b24203c0099d895470818cedee138ae98cbec0a48e92f5efe6afd287f8a94bbc2e2b6ef8f501cfc48a536b9b65680ebbee344ffe342f534b21e7e70d4609796a7209a36ec85c4c83910bd6763622e3fffc084f392ca6389fffe668c1ed49d9bca129a15c81c9d35c684568508b02f29dffb996766aba18da63c75eb511f3c08eaf16a5484bb2af98ff58c1abb06566da0bc26dc5389e6fad1156411af70c882362a375f67d7955e6d361d300e8ef97d830840d9df7f39fe7c44bff3a35348dd7546bc807e7b41f08a1f0df0b169541a3c07ee556a0fb27066a2028ad8c6678ee3d53d511e5d77340fa3b6546baebe2cc55d4a9fc2c1e2303cfbf8887f8e0d8c4ac842902575404aa540237b655bee9930ff4aee0fbc21c64c4d5246c2eb7b57b5cd8de4ed34649ba30e33cbd0527da9da2fc7927af7307c1fbe345e751ed0f32b20b2e6b1571a55b6488a0fb3fe79b75219711447905399d86eb026b80b724bd00675e8921def9bfaaf3354b5f23c850fc20aa2b4d01e24a5a6d7063ca6aeb6cd433a2028fa3193b25529d94665a912b8e5fba20c675678c625f4a426406b10a6a70868f3a4d8dbe9e8bfa12cf6eece144a8b3441514c3e1de21ad5482b5b2051fd377720feab7e2ef28c15a8b7e341e12e3979ef1620e0a7621c8af93417614748224935f1a92664d78417f0636ae7c61661b93cdcab872eabf4e0ae354b14f9e3b5895810f0250310fad56cb4ea2943eb2335d657d5face4cc21040bc41be2c85a99b6d7a1c0cc68cf89c1ec02c5dfd76c825a6896675fc39461019a483e94", 0xfffffffb) ioctl$auto(0x3, 0x5309, 0x38) ioprio_set$auto(0x2, 0x800000000, 0x8) r2 = socket(0x10, 0x2, 0xc) r3 = syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="3401000015d32db05734802f680ddbe9885f3c377faf4ae52f9f60d9b64940", @ANYRES16=r3, @ANYBLOB="10002cbd7000fadbdf250a00000a00000200252f00e2a85c41e75a02715b2d0000005cdcdf28fffe65c31770799fdab838aaf6712a82e628c9e6429a4a38320b2d692863927bd744b4f7b409b29862d3257675d4fd09d74a831929b1005bdd28ef3fc5ae2884ef6a78fedbebbc656141771e57124268c37932c90ec99923926a97bb444f6903a41102463c79baf78c35827f46efb37be97277d81130bd43e31c60347610f3e65f3d60d3d1e231c0cc23ad56ff23565d95cfafc7a92a64da18c0c01c0600010006000000"], 0x51}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010) r4 = openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) read$auto_transactions_fops_(r4, &(0x7f0000000080)=""/18, 0x12) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x200, &(0x7f00000001c0)) 2.269823929s ago: executing program 2 (id=1954): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x4) bpf$auto(0x6, &(0x7f00000001c0)=@test={r0, 0x10004, 0x0, 0x3e, 0x106, 0x0, 0x0, 0xfff, 0x800, 0x9, 0x0, 0x4, 0x7, 0x2, 0xfffeffff}, 0x1) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/class/ubi/version\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/58, 0x3a) sysfs$auto(0x2, 0x1b, 0x0) fsopen$auto(0x0, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x103, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000100)='/d-:\xe7J\x00'/23, 0x1eb0800) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x5, 0x2, 0x1, 0x948b, 0x7, 0x15f4da0e, 0x4, 0x3, 0x11000000, 0x300000000000000, 0x7, 0x200000006d3c, 0x5, 0x10, 0xfffffffffffffffc]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) mount$auto(0x0, &(0x7f00000001c0)='}[,&*}\x00', 0x0, 0x7fff, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0xa6) 1.017605705s ago: executing program 2 (id=1955): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) r1 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000001280)='/dev/mixer\x00', 0x88041, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC(r1, 0x80044dff, &(0x7f00000012c0)) ioctl$auto_BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_4={0x17, 0xffffffffffffffff, 0x4}, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x20040, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r0) 849.582259ms ago: executing program 0 (id=1956): unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000040)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x8000000000000, 0x2f) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r2, 0x0, 0x1ff) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/fs/xfs/stats_clear\x00', 0x1, 0x0) write$auto(r3, 0x0, 0x3) listen$auto(0x3, 0x81) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) close_range$auto(0xffffffffffffffff, 0xa, 0x0) mmap$auto(0x0, 0x6, 0x3, 0x4000000000000eb1, 0x7, 0x8000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) r4 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0) ioctl$auto_BLKPG2(r4, 0x1269, 0x0) r5 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x40200, 0x0) mmap$auto(0x0, 0x402000b, 0x4af, 0xeb1, 0x401, 0x69c6e201) read$auto(0x3, 0x0, 0xfffffdef) syz_genetlink_get_family_id$auto_batadv(&(0x7f00000002c0), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x100000e983, 0x21000, 0x10, 0xffffffffffffffff, 0x8000) getsockopt$auto_SO_SNDBUF(r5, 0x73, 0x7, &(0x7f0000000100)='SEG\x85\x00', &(0x7f0000000140)=0x9d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x1c0000, 0x800097, 0x1, 0x0, 0x3, 0x1) mbind$auto(0x0, 0x800605, 0x1, &(0x7f0000000180)=0xffff, 0xa, 0x3) 702.52338ms ago: executing program 2 (id=1957): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video37\x00', 0x68881, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xae00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4018aebd, r0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_GETISPACE(r3, 0x8010500d, &(0x7f0000000040)) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x20040, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) madvise$auto(0x80000000, 0x100000, 0xfff) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) 514.851413ms ago: executing program 4 (id=1958): r0 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x0, 0x20008, 0xfffffffffffffffe, 0x12, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bpq4/statistics/rx_packets\x00', 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0xb31) mmap$auto(0x0, 0xe97f, 0xdf, 0x3780516, 0x401, 0x8000) unshare$auto(0x40000080) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) lstat$auto(0x0, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r3, &(0x7f0000000200)={0x0, 0x3, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="030028bd7000fedbdf251c1900001800018014009afa15051e3abbb3020064756d6f793000000000000000000000a30a49407cedf5d94ae08087581b82f6aa04bf56cf97e72512940f45f37a172d1b2b1a0632a361e67abb3939f5381acecfa7a2d4ac782c0db5c621a1f79a0246f6c91d50c1dff079fe03277055ca8f6574066056b03d4db6fe5f9045fa3d74502f35ab14a63dd799f09730e36c1c939bd13cd9ce0613c24fc839b9febd30d3582eed79472f689fbb1827aac2c16aa14b5e73f8ecfc67c8706d5aabe924b170c8a499da4a890cd91c740d974bd25a2992c3d48e2e7c4978e5"], 0x2c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) socket(0x10, 0x1, 0x9) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/uts\x00') ioctl$NS_GET_PARENT(r5, 0xb701, 0x0) mmap$auto(0x0, 0x0, 0x3, 0xeb1, r2, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x0, 0x0, 0xff, 0x2000006) unshare$auto(0x40000080) r6 = pidfd_open$auto(0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000) sysfs$auto(0x2, 0x100001000000032, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(0xffffffffffffffff, 0x9, 0x0, 0x0, 0xee00) setns(r6, 0x60020000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) pivot_root$auto(&(0x7f0000000100)='..\x00', &(0x7f0000000340)='.\x00z\x86E\xb8\xf1\xcbx\xf6cu<\x0e\xd8\xa5\xcd~\xaf\x80\xd3\xf4\xe5\x02\xf9q p\xe2\x8b\xc0\xedf\xba\x16*\x8ar\xa0\'$A\xe5\xc5\x89\xcb\xd5\xac\x98,\xd4Pycv\xdd\xa1\x84\xfb\xe9\r\x82\x15P*IM\xf7.\xf3v\x85Q\xbc:\xef\xd5\x1a\x9e\xbck\x1d\x114^\x1b\x02\xa1\xb0(\xa2\xdb\xbc\x1a\t\x94\x14\xbb\xc8\xfa\x18I\xff\x7f\xab\xf0\x8f\xd3Gr\xfb5\xf1,\x11\x052u&\xde\x9aF\n\xf0\x06\xfc\x1b\x17\x82%\x14\xb3\x19\x13\f\xbe_\xfdi\x17\xfcv\x82*\xbf<\xfa5\xfd\x8b\x1d\x99\a`\xde\xf4\x8a,\tP) \xf4\xdc\r\x17x\xc6\x18Y\xeaaUY\xeb\xd2\x81\xbare\x00\x8e\xfdA\x93\xb9\xac\xf1\x0eq\x85\xd9\x90\x8a%K\x95\x8fm\v\x98y\x9bc-\xa7;\x117\x19)\x04\xb4\nJ\x0e\x1b\x97e\xee\xdb\xc3\xca\xfe\xa7y\x12\xff\xce') 12.507176ms ago: executing program 1 (id=1959): close_range$auto(0x2, 0x8, 0x0) (async) socket(0x10, 0x2, 0xc) (async) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x15, 0x5, 0x0) setsockopt$auto(r0, 0x114, 0x8, 0x0, 0x4) (async, rerun: 64) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) (async, rerun: 64) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x1, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/protocols\x00', 0x100, 0x0) (async) unshare$auto(0x5) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) socket(0x10, 0x2, 0xc) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5) (async) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x4000009f, 0x400, 0x9}]}) (async) pread64$auto(r1, 0x0, 0x40000000f42c, 0x585) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x121002, 0x0) (async) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async) r4 = semctl$auto(0x2, 0x10000, 0x8, 0x4) prctl$auto(0x7, 0x1, r4, 0x3, 0x5) (async) mmap$auto(0x897, 0x40009, 0x4, 0x9b72, 0x7, 0x28000) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 0s ago: executing program 2 (id=1960): socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async) read$auto_vhci_fops_hci_vhci(r0, 0x0, 0x0) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x20044850) r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) (async) close_range$auto(0x0, 0xfffff004, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) r2 = socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x10, 0x2, 0x15) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0xf, 0xffffffffffffffff, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) (async) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0) (async) open(&(0x7f0000000040)='./file0\x00', 0x361041, 0x101) (async) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x100000000, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async, rerun: 64) request_key$auto_KEY_SPEC_GROUP_KEYRING(0x0, 0x0, 0x0, 0xfffffffffffffffa) (rerun: 64) kernel console output (not intermixed with test programs): 11.260296][T11692] dump_stack_lvl+0x100/0x190 [ 411.260337][T11692] should_fail_ex.cold+0x5/0xa [ 411.260383][T11692] should_failslab+0xc2/0x120 [ 411.260424][T11692] __kmalloc_cache_noprof+0x80/0x810 [ 411.260455][T11692] ? call_usermodehelper_setup+0xaf/0x360 [ 411.260483][T11692] ? __kmalloc_node_track_caller_noprof+0x373/0x9d0 [ 411.260520][T11692] ? __pfx_free_modprobe_argv+0x10/0x10 [ 411.260564][T11692] ? call_usermodehelper_setup+0xaf/0x360 [ 411.260592][T11692] call_usermodehelper_setup+0xaf/0x360 [ 411.260627][T11692] __request_module+0x3c7/0x650 [ 411.260670][T11692] ? __pfx___request_module+0x10/0x10 [ 411.260728][T11692] ? find_held_lock+0x2b/0x80 [ 411.260756][T11692] ? inet_create+0xa72/0x1060 [ 411.260797][T11692] inet_create+0xd45/0x1060 [ 411.260828][T11692] ? inet_create+0x94/0x1060 [ 411.260865][T11692] __sock_create+0x339/0x860 [ 411.260915][T11692] __sys_socket+0x14d/0x260 [ 411.260948][T11692] ? fput+0x79/0x100 [ 411.260985][T11692] ? __pfx___sys_socket+0x10/0x10 [ 411.261017][T11692] ? xfd_validate_state+0x129/0x190 [ 411.261071][T11692] __x64_sys_socket+0x72/0xb0 [ 411.261103][T11692] ? lockdep_hardirqs_on+0x78/0x100 [ 411.261135][T11692] do_syscall_64+0xc9/0xf80 [ 411.261168][T11692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 411.261196][T11692] RIP: 0033:0x7f441999aeb9 [ 411.261211][T11692] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 411.261226][T11692] RSP: 002b:00007f441a7b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 411.261243][T11692] RAX: ffffffffffffffda RBX: 00007f4419c15fa0 RCX: 00007f441999aeb9 [ 411.261254][T11692] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 411.261263][T11692] RBP: 00007f4419a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 411.261272][T11692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 411.261280][T11692] R13: 00007f4419c16038 R14: 00007f4419c15fa0 R15: 00007fffb11b2848 [ 411.261300][T11692] [ 412.800445][T11715] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1284'. [ 413.435821][T11725] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1286'. [ 413.451535][T11711] ima: policy update failed [ 413.470067][ T30] audit: type=1802 audit(4294967373.630:19): pid=11711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1283" res=0 errno=0 [ 413.596530][T11727] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1288'. [ 413.629648][T11730] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1287'. [ 413.915779][T11727] veth1_macvtap: left promiscuous mode [ 414.880875][T11754] nbd: couldn't find device at index 33904 [ 416.226805][ T30] audit: type=1326 audit(4294967376.400:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11794 comm="syz.1.1303" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff41899aeb9 code=0x0 [ 416.262189][ T9127] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 417.116108][T11813] FAULT_INJECTION: forcing a failure. [ 417.116108][T11813] name failslab, interval 1, probability 0, space 0, times 0 [ 417.140714][T11813] CPU: 1 UID: 0 PID: 11813 Comm: syz.1.1306 Tainted: G U L syzkaller #0 PREEMPT(full) [ 417.140765][T11813] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 417.140776][T11813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 417.140794][T11813] Call Trace: [ 417.140803][T11813] [ 417.140813][T11813] dump_stack_lvl+0x100/0x190 [ 417.140854][T11813] should_fail_ex.cold+0x5/0xa [ 417.140902][T11813] should_failslab+0xc2/0x120 [ 417.140944][T11813] __kmalloc_cache_noprof+0x80/0x810 [ 417.140975][T11813] ? call_usermodehelper_setup+0xaf/0x360 [ 417.141002][T11813] ? __kmalloc_node_track_caller_noprof+0x373/0x9d0 [ 417.141038][T11813] ? __pfx_free_modprobe_argv+0x10/0x10 [ 417.141082][T11813] ? call_usermodehelper_setup+0xaf/0x360 [ 417.141111][T11813] call_usermodehelper_setup+0xaf/0x360 [ 417.141146][T11813] __request_module+0x3c7/0x650 [ 417.141189][T11813] ? __pfx___request_module+0x10/0x10 [ 417.141248][T11813] ? find_held_lock+0x2b/0x80 [ 417.141275][T11813] ? inet_create+0xa72/0x1060 [ 417.141324][T11813] inet_create+0xd45/0x1060 [ 417.141357][T11813] ? inet_create+0x94/0x1060 [ 417.141396][T11813] __sock_create+0x339/0x860 [ 417.141436][T11813] __sys_socket+0x14d/0x260 [ 417.141468][T11813] ? fput+0x79/0x100 [ 417.141504][T11813] ? __pfx___sys_socket+0x10/0x10 [ 417.141535][T11813] ? xfd_validate_state+0x129/0x190 [ 417.141588][T11813] __x64_sys_socket+0x72/0xb0 [ 417.141620][T11813] ? lockdep_hardirqs_on+0x78/0x100 [ 417.141654][T11813] do_syscall_64+0xc9/0xf80 [ 417.141691][T11813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.141720][T11813] RIP: 0033:0x7ff41899aeb9 [ 417.141744][T11813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 417.141771][T11813] RSP: 002b:00007ff4197d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 417.141798][T11813] RAX: ffffffffffffffda RBX: 00007ff418c15fa0 RCX: 00007ff41899aeb9 [ 417.141817][T11813] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 417.141833][T11813] RBP: 00007ff418a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 417.141850][T11813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.141867][T11813] R13: 00007ff418c16038 R14: 00007ff418c15fa0 R15: 00007ffc950ada18 [ 417.141905][T11813] [ 417.973861][T11832] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 418.732505][T11844] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1316'. [ 419.159893][T11853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1319'. [ 419.738428][T11870] netlink: 'syz.4.1323': attribute type 1 has an invalid length. [ 419.964595][T11871] random: crng reseeded on system resumption [ 420.208163][T11880] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1325'. [ 421.024254][T11898] bridge0: port 5(dummy0) entered blocking state [ 421.037829][T11898] bridge0: port 5(dummy0) entered disabled state [ 421.051545][T11898] dummy0: entered allmulticast mode [ 421.065627][T11898] dummy0: entered promiscuous mode [ 421.101971][T11898] bridge0: port 5(dummy0) entered blocking state [ 421.108537][T11898] bridge0: port 5(dummy0) entered forwarding state [ 422.625229][T11915] bridge0: port 6(team0) entered blocking state [ 422.670926][T11915] bridge0: port 6(team0) entered disabled state [ 422.677424][T11915] team0: entered allmulticast mode [ 422.719200][T11915] team_slave_0: entered allmulticast mode [ 422.739877][T11915] team_slave_1: entered allmulticast mode [ 422.761387][T11915] team0: entered promiscuous mode [ 422.768433][T11915] team_slave_0: entered promiscuous mode [ 422.787295][T11915] team_slave_1: entered promiscuous mode [ 422.794480][T11915] bridge0: port 6(team0) entered blocking state [ 422.800915][T11915] bridge0: port 6(team0) entered forwarding state [ 422.869389][T11917] ima: policy update failed [ 422.880886][ T30] audit: type=1802 audit(4294967383.060:21): pid=11917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1336" res=0 errno=0 [ 423.141741][T11925] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1338'. [ 423.179003][T11925] veth1_macvtap: left promiscuous mode [ 424.620094][T11959] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1345'. [ 424.831117][T11962] MTRR 1 not used [ 425.163093][T11974] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1352'. [ 426.546163][T12008] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1359'. [ 427.094465][T12023] ima: policy update failed [ 427.119406][ T30] audit: type=1802 audit(4294967387.270:22): pid=12023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1363" res=0 errno=0 [ 427.440706][T12030] futex_wake_op: syz.1.1364 tries to shift op by -2048; fix this program [ 427.449366][T12030] futex_wake_op: syz.1.1364 tries to shift op by -2048; fix this program [ 427.463392][T12030] ubi1: attaching mtd0 [ 427.472254][T12030] ubi1: scanning is finished [ 427.476907][T12030] ubi1: empty MTD device detected [ 427.782443][T12030] ubi1: attached mtd0 (name "mtdram test device", size 0 MiB) [ 427.803035][T12030] ubi1: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 427.814727][T12030] ubi1: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 427.823696][T12030] ubi1: VID header offset: 64 (aligned 64), data offset: 128 [ 427.855502][T12030] ubi1: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 427.865741][T12030] ubi1: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 427.925087][T12030] ubi1: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1826935825 [ 427.937035][T12030] ubi1: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 427.978010][T12049] ubi1: background thread "ubi_bgt1d" started, PID 12049 [ 428.046553][T12055] FAULT_INJECTION: forcing a failure. [ 428.046553][T12055] name fail_futex, interval 1, probability 0, space 0, times 0 [ 428.046598][T12052] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 428.092790][T12055] CPU: 0 UID: 0 PID: 12055 Comm: syz.4.1370 Tainted: G U L syzkaller #0 PREEMPT(full) [ 428.092840][T12055] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 428.092851][T12055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 428.092870][T12055] Call Trace: [ 428.092879][T12055] [ 428.092891][T12055] dump_stack_lvl+0x100/0x190 [ 428.092931][T12055] should_fail_ex.cold+0x5/0xa [ 428.092980][T12055] get_futex_key+0x1d2/0x1620 [ 428.093021][T12055] ? __pfx_get_futex_key+0x10/0x10 [ 428.093071][T12055] futex_wake+0xea/0x530 [ 428.093118][T12055] ? __pfx_futex_wake+0x10/0x10 [ 428.093181][T12055] ? __pfx_poll_select_finish+0x10/0x10 [ 428.093219][T12055] do_futex+0x32b/0x350 [ 428.093257][T12055] ? __pfx_do_futex+0x10/0x10 [ 428.093295][T12055] ? do_pselect.constprop.0+0x196/0x270 [ 428.093331][T12055] __x64_sys_futex+0x34f/0x4d0 [ 428.093374][T12055] ? __pfx___x64_sys_futex+0x10/0x10 [ 428.093410][T12055] ? xfd_validate_state+0x129/0x190 [ 428.093452][T12055] ? __task_pid_nr_ns+0x1f5/0x500 [ 428.093496][T12055] do_syscall_64+0xc9/0xf80 [ 428.093528][T12055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.093555][T12055] RIP: 0033:0x7f441999aeb9 [ 428.093576][T12055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 428.093601][T12055] RSP: 002b:00007f441a7b90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 428.093626][T12055] RAX: ffffffffffffffda RBX: 00007f4419c15fa8 RCX: 00007f441999aeb9 [ 428.093644][T12055] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4419c15fac [ 428.093660][T12055] RBP: 00007f4419c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 428.093675][T12055] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 428.093690][T12055] R13: 00007f4419c16038 R14: 00007fffb11b2760 R15: 00007fffb11b2848 [ 428.093723][T12055] [ 428.341901][T12055] &#$@\]\-: entered promiscuous mode [ 428.592085][T12065] netlink: del zone limit has 8 unknown bytes [ 428.879665][T12074] FAULT_INJECTION: forcing a failure. [ 428.879665][T12074] name failslab, interval 1, probability 0, space 0, times 0 [ 428.923146][T12074] CPU: 1 UID: 0 PID: 12074 Comm: syz.4.1374 Tainted: G U L syzkaller #0 PREEMPT(full) [ 428.923200][T12074] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 428.923211][T12074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 428.923228][T12074] Call Trace: [ 428.923238][T12074] [ 428.923249][T12074] dump_stack_lvl+0x100/0x190 [ 428.923291][T12074] should_fail_ex.cold+0x5/0xa [ 428.923337][T12074] should_failslab+0xc2/0x120 [ 428.923388][T12074] __kmalloc_cache_noprof+0x80/0x810 [ 428.923420][T12074] ? ovs_dp_cmd_new+0x404/0xdf0 [ 428.923457][T12074] ? ovs_dp_cmd_new+0x404/0xdf0 [ 428.923486][T12074] ovs_dp_cmd_new+0x404/0xdf0 [ 428.923526][T12074] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 428.923569][T12074] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 428.923604][T12074] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 428.923645][T12074] genl_family_rcv_msg_doit+0x214/0x300 [ 428.923680][T12074] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 428.923711][T12074] ? genl_get_cmd+0x3ef/0x720 [ 428.923744][T12074] ? bpf_lsm_capable+0x9/0x10 [ 428.923766][T12074] ? security_capable+0x80/0x260 [ 428.923802][T12074] ? ns_capable+0xd2/0xf0 [ 428.923835][T12074] genl_rcv_msg+0x560/0x800 [ 428.923868][T12074] ? __pfx_genl_rcv_msg+0x10/0x10 [ 428.923896][T12074] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 428.923939][T12074] netlink_rcv_skb+0x159/0x420 [ 428.923981][T12074] ? __pfx_genl_rcv_msg+0x10/0x10 [ 428.924013][T12074] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 428.924066][T12074] ? netlink_deliver_tap+0x1ae/0xcc0 [ 428.924107][T12074] genl_rcv+0x28/0x40 [ 428.924130][T12074] netlink_unicast+0x5aa/0x870 [ 428.924176][T12074] ? __pfx_netlink_unicast+0x10/0x10 [ 428.924232][T12074] netlink_sendmsg+0x8b0/0xda0 [ 428.924277][T12074] ? __pfx_netlink_sendmsg+0x10/0x10 [ 428.924316][T12074] ? __import_iovec+0x1d2/0x640 [ 428.924369][T12074] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 428.924410][T12074] ____sys_sendmsg+0xa54/0xc30 [ 428.924445][T12074] ? __pfx_____sys_sendmsg+0x10/0x10 [ 428.924474][T12074] ? __pfx___futex_wait+0x10/0x10 [ 428.924507][T12074] ? __pfx_futex_wake_mark+0x10/0x10 [ 428.924557][T12074] ___sys_sendmsg+0x190/0x1e0 [ 428.924591][T12074] ? __pfx____sys_sendmsg+0x10/0x10 [ 428.924641][T12074] ? find_held_lock+0x2b/0x80 [ 428.924692][T12074] __sys_sendmsg+0x170/0x220 [ 428.924735][T12074] ? __pfx___sys_sendmsg+0x10/0x10 [ 428.924775][T12074] ? __x64_sys_futex+0x34f/0x4d0 [ 428.924833][T12074] do_syscall_64+0xc9/0xf80 [ 428.924870][T12074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.924899][T12074] RIP: 0033:0x7f441999aeb9 [ 428.924923][T12074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 428.924952][T12074] RSP: 002b:00007f441a7b9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 428.924980][T12074] RAX: ffffffffffffffda RBX: 00007f4419c15fa0 RCX: 00007f441999aeb9 [ 428.924999][T12074] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000008 [ 428.925016][T12074] RBP: 00007f4419a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 428.925033][T12074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.925049][T12074] R13: 00007f4419c16038 R14: 00007f4419c15fa0 R15: 00007fffb11b2848 [ 428.925088][T12074] [ 431.174177][T12108] futex_wake_op: syz.4.1381 tries to shift op by -2048; fix this program [ 431.182845][T12108] futex_wake_op: syz.4.1381 tries to shift op by -2048; fix this program [ 431.194160][T12108] 0x000000000001-0x000000020000 : "" [ 431.214968][T12108] ftl_cs: FTL header corrupt! [ 431.650419][ T9127] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 432.459818][T12130] Invalid ELF header magic: != ELF [ 432.545313][T12139] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1388'. [ 432.610608][T12141] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1388'. [ 432.622761][T12141] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1388'. [ 432.632093][T12141] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1388'. [ 432.659036][T12139] netlink: 306 bytes leftover after parsing attributes in process `syz.2.1388'. [ 432.717027][T12141] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1388'. [ 432.738681][T12141] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1388'. [ 432.813536][T12141] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1388'. [ 432.862748][T12141] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1388'. [ 433.203984][T12150] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1391'. [ 433.851863][T12145] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 433.877378][T12145] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 433.960315][T12145] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 433.983150][T12145] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 434.560851][T12164] binder: 12158:12164 ioctl c0506107 0 returned -22 [ 435.330705][ T9127] Bluetooth: hci0: command 0x0c1a tx timeout [ 435.763726][T12184] zswap: compressor not available [ 435.894901][ T9127] Bluetooth: hci1: command 0x0c1a tx timeout [ 435.970112][ T9127] Bluetooth: hci3: command 0x0c1a tx timeout [ 436.050173][ T9127] Bluetooth: hci4: command 0x0c1a tx timeout [ 437.682705][T12216] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 437.811431][T12222] FAULT_INJECTION: forcing a failure. [ 437.811431][T12222] name failslab, interval 1, probability 0, space 0, times 0 [ 437.893990][T12222] CPU: 0 UID: 0 PID: 12222 Comm: syz.0.1404 Tainted: G U L syzkaller #0 PREEMPT(full) [ 437.894036][T12222] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 437.894046][T12222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 437.894062][T12222] Call Trace: [ 437.894071][T12222] [ 437.894081][T12222] dump_stack_lvl+0x100/0x190 [ 437.894122][T12222] should_fail_ex.cold+0x5/0xa [ 437.894165][T12222] should_failslab+0xc2/0x120 [ 437.894204][T12222] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 437.894255][T12222] ? stack_trace_save+0x8e/0xc0 [ 437.894288][T12222] ? __d_alloc+0x34/0xa80 [ 437.894326][T12222] ? __d_alloc+0x34/0xa80 [ 437.894357][T12222] __d_alloc+0x34/0xa80 [ 437.894395][T12222] d_alloc_parallel+0x111/0x14e0 [ 437.894432][T12222] ? find_held_lock+0x2b/0x80 [ 437.894457][T12222] ? __d_lookup+0x25c/0x4a0 [ 437.894482][T12222] ? __pfx_d_alloc_parallel+0x10/0x10 [ 437.894530][T12222] ? __d_lookup+0x266/0x4a0 [ 437.894563][T12222] lookup_open.isra.0+0x633/0x1890 [ 437.894596][T12222] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 437.894641][T12222] ? mnt_get_write_access+0x1e9/0x2f0 [ 437.894689][T12222] path_openat+0xa9b/0x3120 [ 437.894736][T12222] ? __pfx_path_openat+0x10/0x10 [ 437.894783][T12222] do_filp_open+0x1f7/0x420 [ 437.894820][T12222] ? __pfx_do_filp_open+0x10/0x10 [ 437.894881][T12222] ? _raw_spin_unlock+0x28/0x50 [ 437.894910][T12222] ? alloc_fd+0x476/0x790 [ 437.894953][T12222] do_sys_openat2+0x12e/0x220 [ 437.894999][T12222] ? __pfx_do_sys_openat2+0x10/0x10 [ 437.895055][T12222] __x64_sys_openat+0x12d/0x210 [ 437.895098][T12222] ? __pfx___x64_sys_openat+0x10/0x10 [ 437.895141][T12222] ? xfd_validate_state+0x129/0x190 [ 437.895199][T12222] do_syscall_64+0xc9/0xf80 [ 437.895245][T12222] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.895276][T12222] RIP: 0033:0x7fc79a39aeb9 [ 437.895300][T12222] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 437.895328][T12222] RSP: 002b:00007fc79b1c4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 437.895355][T12222] RAX: ffffffffffffffda RBX: 00007fc79a616090 RCX: 00007fc79a39aeb9 [ 437.895375][T12222] RDX: 0000000000000b02 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 437.895393][T12222] RBP: 00007fc79a408c1f R08: 0000000000000000 R09: 0000000000000000 [ 437.895410][T12222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 437.895427][T12222] R13: 00007fc79a616128 R14: 00007fc79a616090 R15: 00007ffe5b65e038 [ 437.895466][T12222] [ 438.822396][T12234] __nla_validate_parse: 2 callbacks suppressed [ 438.822421][T12234] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1407'. [ 438.863226][T12233] FAULT_INJECTION: forcing a failure. [ 438.863226][T12233] name failslab, interval 1, probability 0, space 0, times 0 [ 438.893359][T12233] CPU: 1 UID: 0 PID: 12233 Comm: syz.4.1408 Tainted: G U L syzkaller #0 PREEMPT(full) [ 438.893412][T12233] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 438.893422][T12233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 438.893438][T12233] Call Trace: [ 438.893447][T12233] [ 438.893458][T12233] dump_stack_lvl+0x100/0x190 [ 438.893500][T12233] should_fail_ex.cold+0x5/0xa [ 438.893549][T12233] should_failslab+0xc2/0x120 [ 438.893591][T12233] kmem_cache_alloc_noprof+0x83/0x780 [ 438.893629][T12233] ? __proc_create+0xc2/0x8c0 [ 438.893672][T12233] ? __proc_create+0x2cb/0x8c0 [ 438.893723][T12233] ? __proc_create+0x2cb/0x8c0 [ 438.893764][T12233] __proc_create+0x2cb/0x8c0 [ 438.893826][T12233] ? __pfx___proc_create+0x10/0x10 [ 438.893868][T12233] ? pcpu_chunk_relocate+0x134/0x1a0 [ 438.893917][T12233] _proc_mkdir+0xb9/0x210 [ 438.893944][T12233] ? __pfx__proc_mkdir+0x10/0x10 [ 438.893981][T12233] sctp_proc_init+0x59/0x270 [ 438.894021][T12233] ? __pfx_sctp_defaults_init+0x10/0x10 [ 438.894060][T12233] sctp_defaults_init+0x758/0xd90 [ 438.894103][T12233] ? __pfx_sctp_defaults_init+0x10/0x10 [ 438.894158][T12233] ops_init+0x1e2/0x5f0 [ 438.894213][T12233] setup_net+0x118/0x3a0 [ 438.894240][T12233] ? __pfx_setup_net+0x10/0x10 [ 438.894283][T12233] ? lockdep_init_map_type+0x5c/0x250 [ 438.894323][T12233] ? mutex_init_lockep+0x110/0x150 [ 438.894377][T12233] copy_net_ns+0x46f/0x7c0 [ 438.894411][T12233] create_new_namespaces+0x3ea/0xab0 [ 438.894453][T12233] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 438.894491][T12233] ksys_unshare+0x455/0xab0 [ 438.894534][T12233] ? __pfx_ksys_unshare+0x10/0x10 [ 438.894573][T12233] ? xfd_validate_state+0x129/0x190 [ 438.894629][T12233] __x64_sys_unshare+0x31/0x40 [ 438.894668][T12233] do_syscall_64+0xc9/0xf80 [ 438.894705][T12233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.894734][T12233] RIP: 0033:0x7f441999aeb9 [ 438.894758][T12233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 438.894785][T12233] RSP: 002b:00007f441a798028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 438.894812][T12233] RAX: ffffffffffffffda RBX: 00007f4419c16090 RCX: 00007f441999aeb9 [ 438.894831][T12233] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 438.894848][T12233] RBP: 00007f4419a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 438.894866][T12233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.894883][T12233] R13: 00007f4419c16128 R14: 00007f4419c16090 R15: 00007fffb11b2848 [ 438.894921][T12233] [ 440.151079][T12255] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1412'. [ 440.218448][T12255] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1412'. [ 440.680800][T12269] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 440.696394][T12269] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1415'. [ 440.886804][T12271] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1416'. [ 441.252176][T12276] XFS: Clearing xfsstats [ 441.272256][T12276] futex_wake_op: syz.4.1417 tries to shift op by -2048; fix this program [ 441.281006][T12276] futex_wake_op: syz.4.1417 tries to shift op by -2048; fix this program [ 441.330289][T12276] 0x000000000001-0x000000020000 : "" [ 441.365962][T12276] ftl_cs: FTL header corrupt! [ 443.597263][T12319] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1426'. [ 445.340733][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.347257][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.897190][T12360] sd 0:0:1:0: PR command failed: 1026 [ 446.902907][T12360] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 446.909667][T12360] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 449.433642][T12422] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1448'. [ 452.001159][T12458] XFS: Clearing xfsstats [ 452.070403][T12458] futex_wake_op: syz.0.1452 tries to shift op by -2048; fix this program [ 452.089707][T12458] futex_wake_op: syz.0.1452 tries to shift op by -2048; fix this program [ 452.195171][T12458] 0x000000000001-0x000000020000 : "" [ 452.252073][T12458] ftl_cs: FTL header corrupt! [ 453.114767][T12470] hub 1-0:1.0: USB hub found [ 453.596535][T12470] hub 1-0:1.0: 1 port detected [ 453.942227][T12479] bond0: no command found in slaves file - use +ifname or -ifname [ 454.314348][T12487] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1458'. [ 454.584366][ T9127] Bluetooth: hci1: ISO packet too small [ 454.726980][ T30] audit: type=1800 audit(4294967414.900:23): pid=12499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1463" name="dbroot" dev="configfs" ino=48326 res=0 errno=0 [ 455.330517][T12522] binder: 12521:12522 ioctl c018620c 0 returned -1 [ 455.440926][T12527] sg_write: data in/out 942682642/64965 bytes for SCSI command 0x0-- guessing data in; [ 455.440926][T12527] program syz.1.1469 not setting count and/or reply_len properly [ 455.647797][T12533] kvm_intel: kvm [12529]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3 [ 455.907635][T12535] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1470'. [ 455.960251][T12535] bridge0: port 2(bridge_slave_1) entered disabled state [ 456.107788][T12535] bridge_slave_1 (unregistering): left allmulticast mode [ 456.123420][T12535] bridge_slave_1 (unregistering): left promiscuous mode [ 456.130977][T12535] bridge0: port 2(bridge_slave_1) entered disabled state [ 457.153636][T12566] XFS: Clearing xfsstats [ 457.237336][T12566] futex_wake_op: syz.2.1475 tries to shift op by -2048; fix this program [ 457.246156][T12566] futex_wake_op: syz.2.1475 tries to shift op by -2048; fix this program [ 457.270635][T12568] sd 0:0:1:0: PR command failed: 1026 [ 457.276112][T12568] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 457.290586][T12568] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 457.302448][T12566] 0x000000000001-0x000000020000 : "" [ 457.387568][T12566] ftl_cs: FTL header corrupt! [ 458.465094][T12591] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1482'. [ 458.484666][T12591] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1482'. [ 458.530955][T12591] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1482'. [ 458.554206][T12591] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1482'. [ 458.560936][T12595] netlink: 306 bytes leftover after parsing attributes in process `syz.2.1482'. [ 458.600106][T12591] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1482'. [ 458.659124][T12591] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1482'. [ 459.397773][T12591] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1482'. [ 459.407375][T12591] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1482'. [ 459.880465][T12617] futex_wake_op: syz.4.1486 tries to shift op by -2048; fix this program [ 459.889015][T12617] futex_wake_op: syz.4.1486 tries to shift op by -2048; fix this program [ 460.076341][T12607] FAULT_INJECTION: forcing a failure. [ 460.076341][T12607] name failslab, interval 1, probability 0, space 0, times 0 [ 460.097681][T12607] CPU: 0 UID: 0 PID: 12607 Comm: syz.1.1487 Tainted: G U L syzkaller #0 PREEMPT(full) [ 460.097729][T12607] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 460.097739][T12607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 460.097755][T12607] Call Trace: [ 460.097763][T12607] [ 460.097774][T12607] dump_stack_lvl+0x100/0x190 [ 460.097812][T12607] should_fail_ex.cold+0x5/0xa [ 460.097855][T12607] should_failslab+0xc2/0x120 [ 460.097893][T12607] __kvmalloc_node_noprof+0x101/0xac0 [ 460.097922][T12607] ? __pfx___mutex_lock+0x10/0x10 [ 460.097955][T12607] ? traverse.part.0.constprop.0+0x397/0x650 [ 460.098000][T12607] ? traverse.part.0.constprop.0+0x397/0x650 [ 460.098029][T12607] traverse.part.0.constprop.0+0x397/0x650 [ 460.098071][T12607] seq_lseek+0x2fb/0x430 [ 460.098120][T12607] full_proxy_llseek+0x123/0x190 [ 460.098160][T12607] ksys_lseek+0xf3/0x1b0 [ 460.098184][T12607] do_syscall_64+0xc9/0xf80 [ 460.098213][T12607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.098235][T12607] RIP: 0033:0x7ff41899aeb9 [ 460.098254][T12607] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 460.098278][T12607] RSP: 002b:00007ff4197d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000008 [ 460.098304][T12607] RAX: ffffffffffffffda RBX: 00007ff418c15fa0 RCX: 00007ff41899aeb9 [ 460.098321][T12607] RDX: 0000000000000001 RSI: 7fffffffffffffff RDI: 00000000000000e7 [ 460.098335][T12607] RBP: 00007ff418a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 460.098351][T12607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 460.098367][T12607] R13: 00007ff418c16038 R14: 00007ff418c15fa0 R15: 00007ffc950ada18 [ 460.098403][T12607] [ 460.685100][T12625] XFS: Clearing xfsstats [ 460.699038][T12625] futex_wake_op: syz.4.1488 tries to shift op by -2048; fix this program [ 460.730106][T12625] futex_wake_op: syz.4.1488 tries to shift op by -2048; fix this program [ 460.756910][T12625] 0x000000000001-0x000000020000 : "" [ 460.815490][T12625] ftl_cs: FTL header corrupt! [ 460.862036][T12634] XFS: Clearing xfsstats [ 460.869004][T12634] futex_wake_op: syz.0.1489 tries to shift op by -2048; fix this program [ 460.877595][T12634] futex_wake_op: syz.0.1489 tries to shift op by -2048; fix this program [ 461.103832][T12632] zswap: compressor not available [ 461.592664][T12651] warning: `syz.4.1492' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 462.084043][T12655] hub 1-0:1.0: USB hub found [ 462.171325][T12655] hub 1-0:1.0: 1 port detected [ 462.601388][T12672] Invalid ELF header magic: != ELF [ 462.645443][T12676] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1497'. [ 463.648655][ T30] audit: type=1800 audit(4294967334.040:24): pid=12695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1501" name="dbroot" dev="configfs" ino=50006 res=0 errno=0 [ 463.837890][T12699] random: crng reseeded on system resumption [ 463.884677][ T9127] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 464.428781][T12715] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 465.081445][T12736] mkiss: ax0: crc mode is auto. [ 466.258514][T12760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1517'. [ 466.293602][T12760] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1517'. [ 466.751384][T12775] bridge0: port 3(bond0) entered blocking state [ 466.763653][T12775] bridge0: port 3(bond0) entered disabled state [ 466.779081][T12775] bond0: entered allmulticast mode [ 466.800082][T12775] bond_slave_0: entered allmulticast mode [ 466.805862][T12775] bond_slave_1: entered allmulticast mode [ 466.845076][T12775] bond0: entered promiscuous mode [ 466.922513][T12775] bond_slave_0: entered promiscuous mode [ 466.953865][T12775] bond_slave_1: entered promiscuous mode [ 466.967404][T12775] bridge0: port 3(bond0) entered blocking state [ 466.973898][T12775] bridge0: port 3(bond0) entered forwarding state [ 471.977989][T12874] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1542'. [ 472.015532][T12874] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1542'. [ 472.026974][T12875] XFS: Clearing xfsstats [ 472.064658][T12875] futex_wake_op: syz.2.1541 tries to shift op by -2048; fix this program [ 472.067943][T12874] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1542'. [ 472.084249][T12875] futex_wake_op: syz.2.1541 tries to shift op by -2048; fix this program [ 472.164062][T12878] FAULT_INJECTION: forcing a failure. [ 472.164062][T12878] name failslab, interval 1, probability 0, space 0, times 0 [ 472.179248][T12878] CPU: 1 UID: 0 PID: 12878 Comm: syz.4.1543 Tainted: G U L syzkaller #0 PREEMPT(full) [ 472.179296][T12878] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 472.179306][T12878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 472.179323][T12878] Call Trace: [ 472.179333][T12878] [ 472.179343][T12878] dump_stack_lvl+0x100/0x190 [ 472.179379][T12878] should_fail_ex.cold+0x5/0xa [ 472.179420][T12878] should_failslab+0xc2/0x120 [ 472.179456][T12878] ? tomoyo_realpath_from_path+0xb6/0x690 [ 472.179484][T12878] __kmalloc_noprof+0xf6/0x9c0 [ 472.179520][T12878] ? tomoyo_realpath_from_path+0xb6/0x690 [ 472.179544][T12878] tomoyo_realpath_from_path+0xb6/0x690 [ 472.179579][T12878] tomoyo_path_number_perm+0x23c/0x580 [ 472.179617][T12878] ? tomoyo_path_number_perm+0x22e/0x580 [ 472.179659][T12878] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 472.179733][T12878] ? find_held_lock+0x2b/0x80 [ 472.179759][T12878] ? hook_file_ioctl_common+0x146/0x410 [ 472.179798][T12878] ? __fget_files+0x215/0x3d0 [ 472.179833][T12878] ? __fget_files+0x21f/0x3d0 [ 472.179866][T12878] security_file_ioctl+0xd3/0x230 [ 472.179904][T12878] __x64_sys_ioctl+0xb7/0x210 [ 472.179948][T12878] do_syscall_64+0xc9/0xf80 [ 472.179982][T12878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.180009][T12878] RIP: 0033:0x7f441999aeb9 [ 472.180037][T12878] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 472.180062][T12878] RSP: 002b:00007f441a7b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 472.180089][T12878] RAX: ffffffffffffffda RBX: 00007f4419c15fa0 RCX: 00007f441999aeb9 [ 472.180106][T12878] RDX: 0000000000000000 RSI: 00000000000007a6 RDI: 0000000000000003 [ 472.180121][T12878] RBP: 00007f441a7b9090 R08: 0000000000000000 R09: 0000000000000000 [ 472.180136][T12878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 472.180152][T12878] R13: 00007f4419c16038 R14: 00007f4419c15fa0 R15: 00007fffb11b2848 [ 472.180186][T12878] [ 472.215587][T12875] 0x000000000001-0x000000020000 : "" [ 472.397129][T12878] ERROR: Out of memory at tomoyo_realpath_from_path. [ 472.475228][T12875] ftl_cs: FTL header corrupt! [ 472.501849][T12874] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1542'. [ 472.519140][T12874] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1542'. [ 472.565498][T12874] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1542'. [ 472.630986][T12874] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1542'. [ 472.694565][T12874] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1542'. [ 475.071569][T12905] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1550'. [ 476.263194][T12937] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1557'. [ 476.499853][T12935] ipvlan1: entered promiscuous mode [ 476.531546][T12935] ipvlan1: entered allmulticast mode [ 476.537335][T12935] veth0_vlan: entered allmulticast mode [ 479.116639][T12995] ima: policy update failed [ 479.184446][ T30] audit: type=1802 audit(4294967349.640:25): pid=12995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1573" res=0 errno=0 [ 479.942164][T13016] netlink: 'syz.1.1576': attribute type 1 has an invalid length. [ 480.653471][T13045] FAULT_INJECTION: forcing a failure. [ 480.653471][T13045] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 480.735010][T13045] CPU: 0 UID: 0 PID: 13045 Comm: syz.0.1581 Tainted: G U L syzkaller #0 PREEMPT(full) [ 480.735062][T13045] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 480.735074][T13045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 480.735091][T13045] Call Trace: [ 480.735101][T13045] [ 480.735111][T13045] dump_stack_lvl+0x100/0x190 [ 480.735162][T13045] should_fail_ex.cold+0x5/0xa [ 480.735211][T13045] _copy_to_user+0x32/0xd0 [ 480.735259][T13045] snd_pcm_oss_read2+0x294/0x400 [ 480.735299][T13045] ? __pfx_snd_pcm_oss_read2+0x10/0x10 [ 480.735348][T13045] snd_pcm_oss_read+0x5aa/0x730 [ 480.735390][T13045] ? __pfx_snd_pcm_oss_read+0x10/0x10 [ 480.735427][T13045] vfs_read+0x1e4/0xb30 [ 480.735465][T13045] ? __pfx_vfs_read+0x10/0x10 [ 480.735494][T13045] ? find_held_lock+0x2b/0x80 [ 480.735522][T13045] ? __fget_files+0x215/0x3d0 [ 480.735551][T13045] ? __fget_files+0x215/0x3d0 [ 480.735589][T13045] ? __fget_files+0x21f/0x3d0 [ 480.735630][T13045] ksys_read+0x12a/0x250 [ 480.735662][T13045] ? __pfx_ksys_read+0x10/0x10 [ 480.735704][T13045] do_syscall_64+0xc9/0xf80 [ 480.735743][T13045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 480.735771][T13045] RIP: 0033:0x7fc79a39aeb9 [ 480.735793][T13045] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 480.735825][T13045] RSP: 002b:00007fc79b182028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 480.735853][T13045] RAX: ffffffffffffffda RBX: 00007fc79a616270 RCX: 00007fc79a39aeb9 [ 480.735873][T13045] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003 [ 480.735888][T13045] RBP: 00007fc79a408c1f R08: 0000000000000000 R09: 0000000000000000 [ 480.735903][T13045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 480.735919][T13045] R13: 00007fc79a616308 R14: 00007fc79a616270 R15: 00007ffe5b65e038 [ 480.735957][T13045] [ 483.638876][T13097] __nla_validate_parse: 1 callbacks suppressed [ 483.638901][T13097] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1588'. [ 486.452230][ T9127] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 487.950101][T13198] XFS: Clearing xfsstats [ 488.013459][T13198] futex_wake_op: syz.1.1607 tries to shift op by -2048; fix this program [ 488.045558][T13198] futex_wake_op: syz.1.1607 tries to shift op by -2048; fix this program [ 488.103483][T13198] 0x000000000001-0x000000020000 : "" [ 488.111499][T13198] ftl_cs: FTL header corrupt! [ 491.614000][T13256] XFS: Clearing xfsstats [ 491.892749][T13265] random: crng reseeded on system resumption [ 491.935242][T13251] futex_wake_op: syz.0.1617 tries to shift op by -2048; fix this program [ 491.980360][T13251] futex_wake_op: syz.0.1617 tries to shift op by -2048; fix this program [ 492.001050][T13251] 0x000000000001-0x000000020000 : "" [ 492.041726][T13251] ftl_cs: FTL header corrupt! [ 492.559253][T13279] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1623'. [ 493.945125][T13303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1628'. [ 493.989618][T13303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1628'. [ 494.000277][T13303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1628'. [ 494.036678][T13303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1628'. [ 494.078729][T13303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1628'. [ 494.110868][T13303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1628'. [ 494.153776][T13303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1628'. [ 494.187586][T13303] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1628'. [ 494.668293][T13320] sd 0:0:1:0: device reset [ 495.666570][T13338] FAULT_INJECTION: forcing a failure. [ 495.666570][T13338] name failslab, interval 1, probability 0, space 0, times 0 [ 495.695851][T13338] CPU: 0 UID: 0 PID: 13338 Comm: syz.4.1635 Tainted: G U L syzkaller #0 PREEMPT(full) [ 495.695901][T13338] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 495.695912][T13338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 495.695928][T13338] Call Trace: [ 495.695936][T13338] [ 495.695946][T13338] dump_stack_lvl+0x100/0x190 [ 495.695989][T13338] should_fail_ex.cold+0x5/0xa [ 495.696033][T13338] should_failslab+0xc2/0x120 [ 495.696072][T13338] __kvmalloc_node_noprof+0x101/0xac0 [ 495.696109][T13338] ? lockdep_init_map_type+0x5c/0x250 [ 495.696149][T13338] ? open_substream+0x311/0x9e0 [ 495.696188][T13338] ? open_substream+0x311/0x9e0 [ 495.696221][T13338] ? open_substream+0x19a/0x9e0 [ 495.696254][T13338] open_substream+0x311/0x9e0 [ 495.696293][T13338] rawmidi_open_priv+0x595/0x6f0 [ 495.696338][T13338] snd_rawmidi_open+0x4c9/0xba0 [ 495.696385][T13338] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 495.696426][T13338] ? __pfx_default_wake_function+0x10/0x10 [ 495.696471][T13338] ? kobject_get_unless_zero+0x156/0x200 [ 495.696515][T13338] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 495.696556][T13338] snd_open+0x22d/0x4c0 [ 495.696590][T13338] ? __pfx_snd_open+0x10/0x10 [ 495.696618][T13338] chrdev_open+0x234/0x6a0 [ 495.696650][T13338] ? __pfx_apparmor_file_open+0x10/0x10 [ 495.696687][T13338] ? __pfx_chrdev_open+0x10/0x10 [ 495.696725][T13338] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 495.696771][T13338] do_dentry_open+0x73e/0x1570 [ 495.696804][T13338] ? __pfx_chrdev_open+0x10/0x10 [ 495.696840][T13338] ? security_inode_permission+0xbf/0x250 [ 495.696886][T13338] vfs_open+0x82/0x3f0 [ 495.696929][T13338] path_openat+0x21dc/0x3120 [ 495.696976][T13338] ? __pfx_path_openat+0x10/0x10 [ 495.697023][T13338] do_filp_open+0x1f7/0x420 [ 495.697060][T13338] ? __pfx_do_filp_open+0x10/0x10 [ 495.697118][T13338] ? _raw_spin_unlock+0x28/0x50 [ 495.697146][T13338] ? alloc_fd+0x476/0x790 [ 495.697189][T13338] do_sys_openat2+0x12e/0x220 [ 495.697233][T13338] ? __pfx_do_sys_openat2+0x10/0x10 [ 495.697277][T13338] ? __fget_files+0x21f/0x3d0 [ 495.697316][T13338] __x64_sys_openat+0x12d/0x210 [ 495.697360][T13338] ? __pfx___x64_sys_openat+0x10/0x10 [ 495.697401][T13338] ? xfd_validate_state+0x129/0x190 [ 495.697467][T13338] do_syscall_64+0xc9/0xf80 [ 495.697506][T13338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 495.697536][T13338] RIP: 0033:0x7f441999aeb9 [ 495.697559][T13338] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 495.697587][T13338] RSP: 002b:00007f441a7b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 495.697612][T13338] RAX: ffffffffffffffda RBX: 00007f4419c15fa0 RCX: 00007f441999aeb9 [ 495.697630][T13338] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 495.697648][T13338] RBP: 00007f4419a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 495.697662][T13338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 495.697678][T13338] R13: 00007f4419c16038 R14: 00007f4419c15fa0 R15: 00007fffb11b2848 [ 495.697715][T13338] [ 496.551536][T13353] XFS: Clearing xfsstats [ 496.604633][T13353] futex_wake_op: syz.2.1638 tries to shift op by -2048; fix this program [ 496.636704][T13353] futex_wake_op: syz.2.1638 tries to shift op by -2048; fix this program [ 496.663024][T13355] XFS: Clearing xfsstats [ 496.710436][T13355] futex_wake_op: syz.4.1640 tries to shift op by -2048; fix this program [ 496.728866][T13355] futex_wake_op: syz.4.1640 tries to shift op by -2048; fix this program [ 496.789691][T13353] 0x000000000001-0x000000020000 : "" [ 496.949054][T13353] ftl_cs: FTL header corrupt! [ 498.447210][T13400] XFS: Clearing xfsstats [ 498.497372][T13400] futex_wake_op: syz.1.1651 tries to shift op by -2048; fix this program [ 498.497728][T13400] futex_wake_op: syz.1.1651 tries to shift op by -2048; fix this program [ 498.528265][T13400] 0x000000000001-0x000000020000 : "" [ 498.564306][T13400] ftl_cs: FTL header corrupt! [ 498.631983][T13406] netlink: 'syz.4.1654': attribute type 11 has an invalid length. [ 498.632013][T13406] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1654'. [ 498.711635][T13410] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1654'. [ 499.421961][ T9127] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9 [ 500.044185][T13439] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1660'. [ 500.303251][T13439] team0: left allmulticast mode [ 500.319470][T13439] team_slave_0: left allmulticast mode [ 500.335703][T13447] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1663'. [ 500.346648][T13439] team_slave_1: left allmulticast mode [ 500.357105][T13439] team0: left promiscuous mode [ 500.378386][T13439] team_slave_0: left promiscuous mode [ 500.411009][T13439] team_slave_1: left promiscuous mode [ 500.454381][T13439] bridge0: port 6(team0) entered disabled state [ 500.534525][T13439] dummy0: left allmulticast mode [ 500.560127][T13439] dummy0: left promiscuous mode [ 500.565334][T13439] bridge0: port 5(dummy0) entered disabled state [ 500.624447][T13439] netdevsim netdevsim0 netdevsim1: left allmulticast mode [ 500.671612][T13439] netdevsim netdevsim0 netdevsim1: left promiscuous mode [ 500.694156][T13439] bridge0: port 4(netdevsim1) entered disabled state [ 500.722474][T13439] vlan0: left allmulticast mode [ 500.730061][T13439] veth0_vlan: left allmulticast mode [ 500.738987][T13439] vlan0: left promiscuous mode [ 500.752709][T13439] bridge0: port 3(vlan0) entered disabled state [ 500.763297][T13439] bridge_slave_1: left allmulticast mode [ 500.822293][T13439] bridge_slave_1: left promiscuous mode [ 500.828139][T13439] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.843941][T13439] bridge_slave_0: left allmulticast mode [ 500.849777][T13439] bridge_slave_0: left promiscuous mode [ 500.859744][T13439] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.879901][T13440] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1661'. [ 501.794872][T13475] FAULT_INJECTION: forcing a failure. [ 501.794872][T13475] name failslab, interval 1, probability 0, space 0, times 0 [ 501.838599][T13475] CPU: 0 UID: 0 PID: 13475 Comm: syz.0.1671 Tainted: G U L syzkaller #0 PREEMPT(full) [ 501.838650][T13475] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 501.838660][T13475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 501.838677][T13475] Call Trace: [ 501.838686][T13475] [ 501.838696][T13475] dump_stack_lvl+0x100/0x190 [ 501.838739][T13475] should_fail_ex.cold+0x5/0xa [ 501.838812][T13475] should_failslab+0xc2/0x120 [ 501.838863][T13475] __kmalloc_cache_noprof+0x80/0x810 [ 501.838895][T13475] ? call_usermodehelper_setup+0xaf/0x360 [ 501.838923][T13475] ? __kmalloc_node_track_caller_noprof+0x373/0x9d0 [ 501.838962][T13475] ? __pfx_free_modprobe_argv+0x10/0x10 [ 501.839006][T13475] ? call_usermodehelper_setup+0xaf/0x360 [ 501.839034][T13475] call_usermodehelper_setup+0xaf/0x360 [ 501.839070][T13475] __request_module+0x3c7/0x650 [ 501.839113][T13475] ? __pfx___request_module+0x10/0x10 [ 501.839172][T13475] ? find_held_lock+0x2b/0x80 [ 501.839199][T13475] ? inet_create+0xa72/0x1060 [ 501.839241][T13475] inet_create+0xd45/0x1060 [ 501.839274][T13475] ? inet_create+0x94/0x1060 [ 501.839312][T13475] __sock_create+0x339/0x860 [ 501.839352][T13475] __sys_socket+0x14d/0x260 [ 501.839384][T13475] ? fput+0x79/0x100 [ 501.839420][T13475] ? __pfx___sys_socket+0x10/0x10 [ 501.839451][T13475] ? xfd_validate_state+0x129/0x190 [ 501.839505][T13475] __x64_sys_socket+0x72/0xb0 [ 501.839537][T13475] ? lockdep_hardirqs_on+0x78/0x100 [ 501.839569][T13475] do_syscall_64+0xc9/0xf80 [ 501.839603][T13475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.839630][T13475] RIP: 0033:0x7fc79a39aeb9 [ 501.839652][T13475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 501.839681][T13475] RSP: 002b:00007fc79b1e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 501.839711][T13475] RAX: ffffffffffffffda RBX: 00007fc79a615fa0 RCX: 00007fc79a39aeb9 [ 501.839732][T13475] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 501.839749][T13475] RBP: 00007fc79a408c1f R08: 0000000000000000 R09: 0000000000000000 [ 501.839767][T13475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 501.839784][T13475] R13: 00007fc79a616038 R14: 00007fc79a615fa0 R15: 00007ffe5b65e038 [ 501.839822][T13475] [ 502.756436][T13470] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 502.778551][T13470] File: /dev/nullb0 PID: 13470 Comm: syz.1.1668 [ 503.918413][T13504] __vm_enough_memory: pid: 13504, comm: syz.1.1668, bytes: 4398046511104 not enough memory for the allocation [ 505.414155][T13528] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1677'. [ 506.105946][T13556] sctp: [Deprecated]: syz.4.1680 (pid 13556) Use of struct sctp_assoc_value in delayed_ack socket option. [ 506.105946][T13556] Use struct sctp_sack_info instead [ 506.138706][T13562] XFS: Clearing xfsstats [ 506.188105][T13562] futex_wake_op: syz.0.1679 tries to shift op by -2048; fix this program [ 506.230173][T13562] futex_wake_op: syz.0.1679 tries to shift op by -2048; fix this program [ 506.420906][T13562] 0x000000000001-0x000000020000 : "" [ 506.546150][T13562] ftl_cs: FTL header corrupt! [ 506.772734][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.779404][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.093463][T13581] XFS: Clearing xfsstats [ 507.152826][T13581] futex_wake_op: syz.4.1683 tries to shift op by -2048; fix this program [ 507.185347][T13581] futex_wake_op: syz.4.1683 tries to shift op by -2048; fix this program [ 507.267842][T13581] 0x000000000001-0x000000020000 : "" [ 507.353001][T13581] ftl_cs: FTL header corrupt! [ 508.040851][ T919] usb usb40-port2: attempt power cycle [ 508.407710][T13618] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1688'. [ 508.826637][T13625] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1689'. [ 509.039534][ T30] audit: type=1800 audit(4294967379.490:26): pid=13625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1689" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 509.040770][ T919] usb usb40-port2: unable to enumerate USB device [ 509.825302][T13642] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1692'. [ 509.975002][T13639] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1692'. [ 510.030518][T13641] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1692'. [ 510.076753][T13641] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1692'. [ 510.097928][T13641] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1692'. [ 510.143143][T13641] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1692'. [ 510.203181][T13641] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1692'. [ 510.737609][T13650] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 510.838651][T13656] FAULT_INJECTION: forcing a failure. [ 510.838651][T13656] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 510.854220][T13656] CPU: 1 UID: 0 PID: 13656 Comm: syz.4.1693 Tainted: G U L syzkaller #0 PREEMPT(full) [ 510.854270][T13656] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 510.854283][T13656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 510.854301][T13656] Call Trace: [ 510.854310][T13656] [ 510.854320][T13656] dump_stack_lvl+0x100/0x190 [ 510.854364][T13656] should_fail_ex.cold+0x5/0xa [ 510.854407][T13656] ? prepare_alloc_pages+0x16d/0x5f0 [ 510.854454][T13656] should_fail_alloc_page+0xeb/0x140 [ 510.854498][T13656] prepare_alloc_pages+0x1f0/0x5f0 [ 510.854547][T13656] __alloc_frozen_pages_noprof+0x193/0x2410 [ 510.854585][T13656] ? __lock_acquire+0x4a5/0x2630 [ 510.854625][T13656] ? rcu_is_watching+0x12/0xc0 [ 510.854652][T13656] ? trace_mm_page_alloc+0x10e/0x160 [ 510.854697][T13656] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 510.854736][T13656] ? find_held_lock+0x2b/0x80 [ 510.854762][T13656] ? page_table_check_set+0x49a/0xa10 [ 510.854791][T13656] ? page_table_check_set+0x49a/0xa10 [ 510.854830][T13656] ? page_table_check_set+0x4a9/0xa10 [ 510.854867][T13656] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 510.854900][T13656] ? policy_nodemask+0xed/0x4f0 [ 510.854954][T13656] alloc_pages_mpol+0x1fb/0x550 [ 510.854997][T13656] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 510.855036][T13656] ? find_held_lock+0x2b/0x80 [ 510.855063][T13656] ? filemap_map_pages+0x965/0x2110 [ 510.855109][T13656] folio_alloc_mpol_noprof+0x36/0x340 [ 510.855157][T13656] vma_alloc_folio_noprof+0xed/0x1d0 [ 510.855197][T13656] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 510.855236][T13656] ? rcu_read_unlock+0x2d/0xb0 [ 510.855262][T13656] ? rcu_read_unlock+0x2d/0xb0 [ 510.855290][T13656] ? __lock_acquire+0x4a5/0x2630 [ 510.855332][T13656] do_wp_page+0x1eb4/0x4c10 [ 510.855386][T13656] ? __pfx_do_wp_page+0x10/0x10 [ 510.855433][T13656] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 510.855487][T13656] __handle_mm_fault+0x1ac0/0x2b50 [ 510.855527][T13656] ? reacquire_held_locks+0xce/0x1e0 [ 510.855566][T13656] ? __pfx___handle_mm_fault+0x10/0x10 [ 510.855597][T13656] ? lock_vma_under_rcu+0x17c/0x5a0 [ 510.855648][T13656] handle_mm_fault+0x36d/0xa20 [ 510.855687][T13656] do_user_addr_fault+0x5a3/0x12f0 [ 510.855731][T13656] exc_page_fault+0x6f/0xd0 [ 510.855766][T13656] asm_exc_page_fault+0x26/0x30 [ 510.855796][T13656] RIP: 0033:0x7f441995ad45 [ 510.855820][T13656] Code: 00 00 00 66 90 8b 57 18 64 8b 04 25 d0 02 00 00 39 c2 0f 84 1d 01 00 00 41 54 55 53 83 7f 30 02 48 89 fb 74 28 b8 08 00 00 00 0f c1 03 83 c0 08 85 c0 0f 88 0c 01 00 00 a8 01 0f 85 84 00 00 [ 510.855848][T13656] RSP: 002b:00007f441a775de0 EFLAGS: 00010293 [ 510.855873][T13656] RAX: 0000000000000008 RBX: 00007f441a747e20 RCX: 0000000000000000 [ 510.855892][T13656] RDX: 0000000000000000 RSI: 00007f4419a4a0bc RDI: 00007f441a747e20 [ 510.855911][T13656] RBP: ffffffffffffffff R08: 0000000000000000 R09: 0000000000000005 [ 510.855941][T13656] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4419a49dd0 [ 510.855960][T13656] R13: ffffffffffffffe8 R14: 0000000000000016 R15: 00007f4419a4a0bc [ 510.855999][T13656] [ 510.856265][T13656] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 510.947369][T13657] nfs: Unknown parameter 'BålY¶ 7³w±·E»É®H¶âs[åØu` ]‹§e©©6z¦c§ÚÞ•â[$(‡uÊ×ÃÒÃÒž€ô%ÏE¹ƒtO–÷2*è‚pãè[ˆÄÁOugÇãɧr©ts÷þ¤QZ×€z' [ 511.950772][T13677] XFS: Clearing xfsstats [ 511.982336][T13677] futex_wake_op: syz.2.1700 tries to shift op by -2048; fix this program [ 511.993530][T13677] futex_wake_op: syz.2.1700 tries to shift op by -2048; fix this program [ 512.035128][T13677] 0x000000000001-0x000000020000 : "" [ 512.084885][T13677] ftl_cs: FTL header corrupt! [ 512.777473][T13667] nvme_fabrics: missing parameter 'transport=%s' [ 512.790201][T13667] nvme_fabrics: missing parameter 'nqn=%s' [ 514.567157][T13720] __nla_validate_parse: 2 callbacks suppressed [ 514.567169][ T30] audit: type=1800 audit(4294967385.020:27): pid=13720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1709" name="dbroot" dev="configfs" ino=56179 res=0 errno=0 [ 514.567181][T13720] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1709'. [ 514.567207][T13720] openvswitch: netlink: Flow key attr not present in new flow. [ 514.767868][T13725] futex_wake_op: syz.1.1711 tries to shift op by -2048; fix this program [ 514.800206][T13725] futex_wake_op: syz.1.1711 tries to shift op by -2048; fix this program [ 514.841359][T13725] 0x000000000001-0x000000020000 : "" [ 514.860606][T13725] ftl_cs: FTL header corrupt! [ 516.876230][T13778] XFS: Clearing xfsstats [ 516.912817][T13778] futex_wake_op: syz.1.1721 tries to shift op by -2048; fix this program [ 516.929499][T13778] futex_wake_op: syz.1.1721 tries to shift op by -2048; fix this program [ 516.973051][T13778] 0x000000000001-0x000000020000 : "" [ 516.994814][T13778] ftl_cs: FTL header corrupt! [ 517.095869][T13783] netlink: 314 bytes leftover after parsing attributes in process `syz.4.1723'. [ 517.206040][T13781] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1723'. [ 517.378875][T13785] XFS: Clearing xfsstats [ 517.502589][T13785] futex_wake_op: syz.0.1720 tries to shift op by -2048; fix this program [ 517.659116][T13782] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1723'. [ 517.717143][T13782] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1723'. [ 517.729560][T13785] futex_wake_op: syz.0.1720 tries to shift op by -2048; fix this program [ 517.784441][T13785] 0x000000000001-0x000000020000 : "" [ 517.837712][T13785] ftl_cs: FTL header corrupt! [ 517.878396][T13782] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1723'. [ 517.900321][T13782] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1723'. [ 517.994773][T13782] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1723'. [ 518.005581][T13782] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1723'. [ 518.207281][T13782] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1723'. [ 518.916225][T10797] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 910 with max blocks 18 with error 117 [ 518.962977][T10797] EXT4-fs (sda1): This should not happen!! Data will be lost [ 518.962977][T10797] [ 519.372912][T13804] FAULT_INJECTION: forcing a failure. [ 519.372912][T13804] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 519.422319][T13804] CPU: 0 UID: 0 PID: 13804 Comm: syz.1.1727 Tainted: G U L syzkaller #0 PREEMPT(full) [ 519.422372][T13804] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 519.422382][T13804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 519.422397][T13804] Call Trace: [ 519.422407][T13804] [ 519.422417][T13804] dump_stack_lvl+0x100/0x190 [ 519.422475][T13804] should_fail_ex.cold+0x5/0xa [ 519.422521][T13804] _copy_from_user+0x2e/0xd0 [ 519.422561][T13804] snd_seq_oss_write+0x395/0x7f0 [ 519.422600][T13804] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 519.422631][T13804] ? common_file_perm+0x1ab/0x4f0 [ 519.422671][T13804] ? bpf_lsm_file_permission+0x9/0x10 [ 519.422711][T13804] odev_write+0x51/0xa0 [ 519.422739][T13804] vfs_write+0x2aa/0x1070 [ 519.422772][T13804] ? __pfx_odev_write+0x10/0x10 [ 519.422801][T13804] ? __pfx_vfs_write+0x10/0x10 [ 519.422824][T13804] ? find_held_lock+0x2b/0x80 [ 519.422850][T13804] ? __fget_files+0x215/0x3d0 [ 519.422877][T13804] ? __fget_files+0x215/0x3d0 [ 519.422912][T13804] ? __fget_files+0x21f/0x3d0 [ 519.422949][T13804] ksys_write+0x12a/0x250 [ 519.422977][T13804] ? __pfx_ksys_write+0x10/0x10 [ 519.423019][T13804] do_syscall_64+0xc9/0xf80 [ 519.423056][T13804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.423086][T13804] RIP: 0033:0x7ff41899aeb9 [ 519.423109][T13804] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 519.423135][T13804] RSP: 002b:00007ff4197d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 519.423164][T13804] RAX: ffffffffffffffda RBX: 00007ff418c15fa0 RCX: 00007ff41899aeb9 [ 519.423251][T13804] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 519.423271][T13804] RBP: 00007ff4197d7090 R08: 0000000000000000 R09: 0000000000000000 [ 519.423285][T13804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 519.423298][T13804] R13: 00007ff418c16038 R14: 00007ff418c15fa0 R15: 00007ffc950ada18 [ 519.423347][T13804] [ 519.699402][T13814] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1731'. [ 521.520881][T13854] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1742'. [ 521.615393][T13857] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1743'. [ 522.339193][T13880] XFS: Clearing xfsstats [ 522.377680][T13880] futex_wake_op: syz.2.1751 tries to shift op by -2048; fix this program [ 522.406744][T13880] futex_wake_op: syz.2.1751 tries to shift op by -2048; fix this program [ 522.444609][T13880] 0x000000000001-0x000000020000 : "" [ 522.570228][T13880] ftl_cs: FTL header corrupt! [ 523.910801][T13901] FAULT_INJECTION: forcing a failure. [ 523.910801][T13901] name failslab, interval 1, probability 0, space 0, times 0 [ 523.944978][T13901] CPU: 1 UID: 0 PID: 13901 Comm: syz.2.1758 Tainted: G U L syzkaller #0 PREEMPT(full) [ 523.945027][T13901] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 523.945037][T13901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 523.945055][T13901] Call Trace: [ 523.945152][T13901] [ 523.945165][T13901] dump_stack_lvl+0x100/0x190 [ 523.945208][T13901] should_fail_ex.cold+0x5/0xa [ 523.945257][T13901] should_failslab+0xc2/0x120 [ 523.945297][T13901] kmem_cache_alloc_noprof+0x83/0x780 [ 523.945333][T13901] ? d_instantiate+0x90/0xb0 [ 523.945366][T13901] ? alloc_empty_file+0x55/0x1c0 [ 523.945411][T13901] ? alloc_empty_file+0x55/0x1c0 [ 523.945447][T13901] alloc_empty_file+0x55/0x1c0 [ 523.945485][T13901] alloc_file_pseudo+0x13a/0x230 [ 523.945522][T13901] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 523.945576][T13901] ? alloc_fd+0x476/0x790 [ 523.945635][T13901] ? do_raw_spin_unlock+0x145/0x1e0 [ 523.945682][T13901] __anon_inode_getfile+0xe8/0x280 [ 523.945720][T13901] anon_inode_getfile_fmode+0x37/0xa0 [ 523.945758][T13901] __do_sys_fanotify_init+0xa79/0xe50 [ 523.945790][T13901] do_syscall_64+0xc9/0xf80 [ 523.945828][T13901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.945857][T13901] RIP: 0033:0x7f37c779aeb9 [ 523.945880][T13901] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 523.945906][T13901] RSP: 002b:00007f37c85fe028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 523.945931][T13901] RAX: ffffffffffffffda RBX: 00007f37c7a15fa0 RCX: 00007f37c779aeb9 [ 523.945947][T13901] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 523.945962][T13901] RBP: 00007f37c7808c1f R08: 0000000000000000 R09: 0000000000000000 [ 523.945977][T13901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 523.945993][T13901] R13: 00007f37c7a16038 R14: 00007f37c7a15fa0 R15: 00007ffc53ea7578 [ 523.946025][T13901] [ 525.839574][T13953] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1768'. [ 527.978266][ T9127] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 528.111169][T13978] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1775'. [ 528.138570][T13948] syz.1.1767 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=2, oom_score_adj=1000 [ 528.160211][T13948] CPU: 0 UID: 0 PID: 13948 Comm: syz.1.1767 Tainted: G U L syzkaller #0 PREEMPT(full) [ 528.160259][T13948] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 528.160270][T13948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 528.160287][T13948] Call Trace: [ 528.160297][T13948] [ 528.160308][T13948] dump_stack_lvl+0x100/0x190 [ 528.160346][T13948] dump_header+0xfb/0x606 [ 528.160377][T13948] oom_kill_process.cold+0xd/0x321 [ 528.160411][T13948] out_of_memory+0x340/0x14f0 [ 528.160457][T13948] ? __pfx_out_of_memory+0x10/0x10 [ 528.160517][T13948] mem_cgroup_out_of_memory+0xc6/0x130 [ 528.160550][T13948] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 528.160580][T13948] ? find_held_lock+0x2b/0x80 [ 528.160617][T13948] ? do_raw_spin_unlock+0x145/0x1e0 [ 528.160665][T13948] ? _raw_spin_unlock+0x28/0x50 [ 528.160699][T13948] try_charge_memcg+0x652/0xc90 [ 528.160746][T13948] ? __pfx_try_charge_memcg+0x10/0x10 [ 528.160785][T13948] ? rcu_read_unlock+0x17/0x60 [ 528.160827][T13948] ? rcu_read_unlock+0x17/0x60 [ 528.160886][T13948] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 528.160925][T13948] obj_cgroup_charge_account+0x335/0x7e0 [ 528.160976][T13948] __memcg_slab_post_alloc_hook+0x2e4/0x880 [ 528.161035][T13948] __kmalloc_cache_noprof+0x62a/0x810 [ 528.161072][T13948] ? ipv6_add_dev+0x670/0x1520 [ 528.161124][T13948] ? ipv6_add_dev+0x670/0x1520 [ 528.161165][T13948] ipv6_add_dev+0x670/0x1520 [ 528.161215][T13948] addrconf_notify+0x563/0x19c0 [ 528.161245][T13948] ? ip6mr_device_event+0x1bc/0x230 [ 528.161284][T13948] notifier_call_chain+0x99/0x3b0 [ 528.161334][T13948] call_netdevice_notifiers_info+0xbe/0x110 [ 528.161372][T13948] register_netdevice+0x16b9/0x21d0 [ 528.161409][T13948] ? __pfx_register_netdevice+0x10/0x10 [ 528.161523][T13948] register_netdev+0x34/0x50 [ 528.161560][T13948] ip6gre_init_net+0x2aa/0x420 [ 528.161591][T13948] ? __pfx_ip6gre_init_net+0x10/0x10 [ 528.161708][T13948] ops_init+0x1e2/0x5f0 [ 528.161768][T13948] setup_net+0x118/0x3a0 [ 528.161793][T13948] ? __pfx_setup_net+0x10/0x10 [ 528.161831][T13948] ? lockdep_init_map_type+0x5c/0x250 [ 528.161870][T13948] ? mutex_init_lockep+0x110/0x150 [ 528.161909][T13948] copy_net_ns+0x46f/0x7c0 [ 528.161938][T13948] create_new_namespaces+0x3ea/0xab0 [ 528.161978][T13948] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 528.162015][T13948] ksys_unshare+0x455/0xab0 [ 528.162059][T13948] ? rcu_is_watching+0x12/0xc0 [ 528.162090][T13948] ? __pfx_ksys_unshare+0x10/0x10 [ 528.162132][T13948] ? kcov_ioctl+0x16a/0x720 [ 528.162164][T13948] ? kcov_ioctl+0x16a/0x720 [ 528.162194][T13948] ? fput+0x79/0x100 [ 528.162240][T13948] __x64_sys_unshare+0x31/0x40 [ 528.162282][T13948] do_syscall_64+0xc9/0xf80 [ 528.162324][T13948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.162410][T13948] RIP: 0033:0x7ff41899aeb9 [ 528.162439][T13948] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 528.162467][T13948] RSP: 002b:00007ff4197d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 528.162494][T13948] RAX: ffffffffffffffda RBX: 00007ff418c15fa0 RCX: 00007ff41899aeb9 [ 528.162514][T13948] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 528.162532][T13948] RBP: 00007ff418a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 528.162550][T13948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 528.162569][T13948] R13: 00007ff418c16038 R14: 00007ff418c15fa0 R15: 00007ffc950ada18 [ 528.162668][T13948] [ 528.162809][T13948] memory: usage 3072kB, limit 3072kB, failcnt 36607 [ 528.527038][T13948] memory+swap: usage 7092kB, limit 9007199254740988kB, failcnt 0 [ 528.535581][T13948] kmem: usage 2848kB, limit 9007199254740988kB, failcnt 0 [ 528.543069][T13948] Memory cgroup stats for /syz1: [ 528.543443][T13948] cache 4096 [ 528.552074][T13948] rss 0 [ 528.555582][T13948] rss_huge 0 [ 528.559351][T13948] shmem 4096 [ 528.563737][T13948] mapped_file 0 [ 528.567378][T13948] dirty 0 [ 528.571379][T13948] writeback 0 [ 528.575123][T13948] workingset_refault_anon 5869 [ 528.580307][T13948] workingset_refault_file 8438 [ 528.585309][T13948] swap 4116480 [ 528.589285][T13948] swapcached 225280 [ 528.593542][T13948] pgpgin 350317 [ 528.597364][T13948] pgpgout 374055 [ 528.602872][T13948] pgfault 253744 [ 528.606578][T13948] pgmajfault 2849 [ 528.611740][T13948] inactive_anon 135168 [ 528.616008][T13948] active_anon 0 [ 528.620634][T13948] inactive_file 0 [ 528.624417][T13948] active_file 0 [ 528.628685][T13948] unevictable 0 [ 528.636061][T13948] hierarchical_memory_limit 3145728 [ 528.646904][T13948] hierarchical_memsw_limit 9223372036854771712 [ 528.661065][T13948] total_cache 4096 [ 528.664851][T13948] total_rss 0 [ 528.668166][T13948] total_rss_huge 0 [ 528.672496][T13948] total_shmem 4096 [ 528.676314][T13948] total_mapped_file 0 [ 528.680976][T13948] total_dirty 0 [ 528.684481][T13948] total_writeback 0 [ 528.688315][T13948] total_workingset_refault_anon 5869 [ 528.694564][T13948] total_workingset_refault_file 8438 [ 528.701405][T13948] total_swap 4116480 [ 528.705774][T13948] total_swapcached 225280 [ 528.710429][T13948] total_pgpgin 350317 [ 528.714418][T13948] total_pgpgout 374055 [ 528.718480][T13948] total_pgfault 253744 [ 528.722941][T13948] total_pgmajfault 2849 [ 528.727102][T13948] total_inactive_anon 135168 [ 528.731943][T13948] total_active_anon 0 [ 528.735932][T13948] total_inactive_file 0 [ 528.743897][T13948] total_active_file 0 [ 528.747926][T13948] total_unevictable 0 [ 528.752735][T13948] anon_cost 6 [ 528.756143][T13948] file_cost 0 [ 528.760863][T13948] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1764,pid=13933,uid=0 [ 528.778535][T13948] Memory cgroup out of memory: Killed process 13933 (syz.1.1764) total-vm:139596kB, anon-rss:1208kB, file-rss:26664kB, shmem-rss:128kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 529.745737][T13991] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1780'. [ 529.979547][T13999] XFS: Clearing xfsstats [ 530.067349][T13999] futex_wake_op: syz.0.1779 tries to shift op by -2048; fix this program [ 530.282084][T13999] futex_wake_op: syz.0.1779 tries to shift op by -2048; fix this program [ 530.332775][T13999] 0x000000000001-0x000000020000 : "" [ 530.393137][T13999] ftl_cs: FTL header corrupt! [ 530.978897][T14026] zswap: compressor not available [ 531.119201][T14033] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1788'. [ 531.440207][T14028] zswap: compressor not available [ 534.348764][T14078] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1805'. [ 534.394501][T14078] netlink: 314 bytes leftover after parsing attributes in process `syz.0.1805'. [ 535.076211][T14093] zswap: compressor not available [ 535.079266][T14096] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1807'. [ 535.237126][T14105] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1807'. [ 535.259243][T14105] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1807'. [ 535.311011][T14105] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1807'. [ 535.330940][T14105] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1807'. [ 535.347488][T14105] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1807'. [ 535.398035][T14105] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1807'. [ 536.275062][T14128] sd 0:0:1:0: PR command failed: 1026 [ 536.294697][T14116] bond0: invalid ARP target specified [ 536.296948][T14128] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 536.332422][T14128] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 538.766458][T14195] XFS: Clearing xfsstats [ 538.855003][T14195] futex_wake_op: syz.2.1824 tries to shift op by -2048; fix this program [ 538.890146][T14195] futex_wake_op: syz.2.1824 tries to shift op by -2048; fix this program [ 539.068649][T14195] 0x000000000001-0x000000020000 : "" [ 539.195438][T14195] ftl_cs: FTL header corrupt! [ 540.383988][T14205] FAULT_INJECTION: forcing a failure. [ 540.383988][T14205] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 540.444182][T14205] CPU: 0 UID: 0 PID: 14205 Comm: syz.0.1827 Tainted: G U L syzkaller #0 PREEMPT(full) [ 540.444232][T14205] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 540.444244][T14205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 540.444263][T14205] Call Trace: [ 540.444273][T14205] [ 540.444291][T14205] dump_stack_lvl+0x100/0x190 [ 540.444334][T14205] should_fail_ex.cold+0x5/0xa [ 540.444374][T14205] ? prepare_alloc_pages+0x16d/0x5f0 [ 540.444421][T14205] should_fail_alloc_page+0xeb/0x140 [ 540.444467][T14205] prepare_alloc_pages+0x1f0/0x5f0 [ 540.444513][T14205] ? __lock_acquire+0x4a5/0x2630 [ 540.444555][T14205] __alloc_frozen_pages_noprof+0x193/0x2410 [ 540.444605][T14205] ? find_held_lock+0x2b/0x80 [ 540.444631][T14205] ? unwind_next_frame+0x3be/0x1ea0 [ 540.444664][T14205] ? unwind_next_frame+0x3be/0x1ea0 [ 540.444698][T14205] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 540.444738][T14205] ? unwind_next_frame+0x3c8/0x1ea0 [ 540.444771][T14205] ? __x64_sys_openat+0x12d/0x210 [ 540.444821][T14205] ? __lock_acquire+0x4a5/0x2630 [ 540.444863][T14205] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 540.444897][T14205] ? policy_nodemask+0xed/0x4f0 [ 540.444940][T14205] alloc_pages_mpol+0x1fb/0x550 [ 540.444983][T14205] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 540.445033][T14205] alloc_pages_noprof+0x131/0x390 [ 540.445075][T14205] pte_alloc_one+0x1e/0x3e0 [ 540.445112][T14205] do_huge_pmd_anonymous_page+0x836/0x1c00 [ 540.445156][T14205] __handle_mm_fault+0x1e96/0x2b50 [ 540.445194][T14205] ? mt_find+0x45e/0x8e0 [ 540.445233][T14205] ? __pfx___handle_mm_fault+0x10/0x10 [ 540.445262][T14205] ? __pfx_mt_find+0x10/0x10 [ 540.445337][T14205] handle_mm_fault+0x36d/0xa20 [ 540.445374][T14205] __get_user_pages+0xf9c/0x34d0 [ 540.445422][T14205] ? down_read_killable+0x30e/0x4c0 [ 540.445445][T14205] ? __lock_acquire+0x4a5/0x2630 [ 540.445464][T14205] ? __pfx___get_user_pages+0x10/0x10 [ 540.445492][T14205] __gup_longterm_locked+0x87d/0x16f0 [ 540.445520][T14205] ? __pfx___gup_longterm_locked+0x10/0x10 [ 540.445544][T14205] ? try_get_folio+0x262/0x750 [ 540.445563][T14205] ? pmd_write+0xd3/0x150 [ 540.445582][T14205] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 540.445607][T14205] gup_fast_fallback+0x18c6/0x2460 [ 540.445643][T14205] ? __pfx_gup_fast_fallback+0x10/0x10 [ 540.445665][T14205] ? ksys_write+0x12a/0x250 [ 540.445681][T14205] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.445706][T14205] pin_user_pages_fast+0xa7/0xf0 [ 540.445728][T14205] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 540.445756][T14205] iov_iter_extract_pages+0xa0d/0x1ef0 [ 540.445786][T14205] ? pfn_valid+0x98/0x4e0 [ 540.445806][T14205] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 540.445828][T14205] ? bvec_try_merge_page+0x1cd/0x290 [ 540.445851][T14205] ? bio_add_page+0x162/0x760 [ 540.445871][T14205] ? iov_iter_revert+0x252/0x5b0 [ 540.445895][T14205] bio_iov_iter_get_pages+0x35e/0x12c0 [ 540.445929][T14205] ? __pfx_bio_iov_iter_get_pages+0x10/0x10 [ 540.445953][T14205] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 540.445977][T14205] ? iov_iter_npages+0xf8/0x500 [ 540.445999][T14205] blkdev_direct_IO+0x1302/0x1fb0 [ 540.446026][T14205] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 540.446051][T14205] ? filemap_check_errors+0xa9/0x150 [ 540.446079][T14205] blkdev_write_iter+0x703/0xd70 [ 540.446101][T14205] vfs_write+0x6ac/0x1070 [ 540.446119][T14205] ? __pfx_blkdev_write_iter+0x10/0x10 [ 540.446139][T14205] ? __pfx_vfs_write+0x10/0x10 [ 540.446154][T14205] ? find_held_lock+0x2b/0x80 [ 540.446181][T14205] ksys_write+0x12a/0x250 [ 540.446198][T14205] ? __pfx_ksys_write+0x10/0x10 [ 540.446221][T14205] do_syscall_64+0xc9/0xf80 [ 540.446241][T14205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.446257][T14205] RIP: 0033:0x7fc79a39aeb9 [ 540.446298][T14205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 540.446313][T14205] RSP: 002b:00007fc79b1e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 540.446329][T14205] RAX: ffffffffffffffda RBX: 00007fc79a615fa0 RCX: 00007fc79a39aeb9 [ 540.446340][T14205] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000004 [ 540.446350][T14205] RBP: 00007fc79a408c1f R08: 0000000000000000 R09: 0000000000000000 [ 540.446359][T14205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 540.446368][T14205] R13: 00007fc79a616038 R14: 00007fc79a615fa0 R15: 00007ffe5b65e038 [ 540.446390][T14205] [ 541.240933][T14224] FAULT_INJECTION: forcing a failure. [ 541.240933][T14224] name failslab, interval 1, probability 0, space 0, times 0 [ 541.255023][T14224] CPU: 0 UID: 0 PID: 14224 Comm: syz.4.1831 Tainted: G U L syzkaller #0 PREEMPT(full) [ 541.255072][T14224] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 541.255083][T14224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 541.255100][T14224] Call Trace: [ 541.255108][T14224] [ 541.255120][T14224] dump_stack_lvl+0x100/0x190 [ 541.255158][T14224] should_fail_ex.cold+0x5/0xa [ 541.255204][T14224] should_failslab+0xc2/0x120 [ 541.255242][T14224] __kmalloc_cache_noprof+0x80/0x810 [ 541.255271][T14224] ? trace_kmem_cache_alloc+0x80/0xb0 [ 541.255308][T14224] ? kmem_cache_alloc_noprof+0x2ff/0x780 [ 541.255343][T14224] ? copy_net_ns+0x135/0x7c0 [ 541.255379][T14224] ? copy_net_ns+0x135/0x7c0 [ 541.255406][T14224] copy_net_ns+0x135/0x7c0 [ 541.255432][T14224] ? copy_cgroup_ns+0x71/0x970 [ 541.255470][T14224] create_new_namespaces+0x3ea/0xab0 [ 541.255511][T14224] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 541.255547][T14224] ksys_unshare+0x455/0xab0 [ 541.255589][T14224] ? __pfx_ksys_unshare+0x10/0x10 [ 541.255626][T14224] ? xfd_validate_state+0x129/0x190 [ 541.255681][T14224] __x64_sys_unshare+0x31/0x40 [ 541.255718][T14224] do_syscall_64+0xc9/0xf80 [ 541.255755][T14224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.255784][T14224] RIP: 0033:0x7f441999aeb9 [ 541.255807][T14224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 541.255835][T14224] RSP: 002b:00007f441a798028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 541.255863][T14224] RAX: ffffffffffffffda RBX: 00007f4419c16090 RCX: 00007f441999aeb9 [ 541.255882][T14224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 541.255900][T14224] RBP: 00007f4419a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 541.255924][T14224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 541.255941][T14224] R13: 00007f4419c16128 R14: 00007f4419c16090 R15: 00007fffb11b2848 [ 541.255983][T14224] [ 545.097126][T14282] __nla_validate_parse: 2 callbacks suppressed [ 545.097160][T14282] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1844'. [ 548.077102][ T5822] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 548.190156][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: syz-executor Tainted: G U L syzkaller #0 PREEMPT(full) [ 548.190199][ T5822] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 548.190216][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 548.190232][ T5822] Call Trace: [ 548.190241][ T5822] [ 548.190252][ T5822] dump_stack_lvl+0x100/0x190 [ 548.190292][ T5822] dump_header+0xfb/0x606 [ 548.190323][ T5822] oom_kill_process.cold+0xd/0x321 [ 548.190355][ T5822] out_of_memory+0x340/0x14f0 [ 548.190399][ T5822] ? __pfx_out_of_memory+0x10/0x10 [ 548.190446][ T5822] mem_cgroup_out_of_memory+0xc6/0x130 [ 548.190476][ T5822] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 548.190505][ T5822] ? find_held_lock+0x2b/0x80 [ 548.190540][ T5822] ? do_raw_spin_unlock+0x145/0x1e0 [ 548.190581][ T5822] ? _raw_spin_unlock+0x28/0x50 [ 548.190613][ T5822] try_charge_memcg+0x652/0xc90 [ 548.190657][ T5822] ? __pfx_try_charge_memcg+0x10/0x10 [ 548.190704][ T5822] ? find_held_lock+0x2b/0x80 [ 548.190730][ T5822] ? rcu_read_unlock+0x17/0x60 [ 548.190768][ T5822] ? rcu_read_unlock+0x17/0x60 [ 548.190812][ T5822] charge_memcg+0xa6/0x280 [ 548.190850][ T5822] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 548.190899][ T5822] __read_swap_cache_async+0x449/0x610 [ 548.190935][ T5822] ? __pfx___read_swap_cache_async+0x10/0x10 [ 548.190967][ T5822] ? rcu_is_watching+0x12/0xc0 [ 548.190995][ T5822] ? finish_task_switch.isra.0+0x204/0xb70 [ 548.191030][ T5822] ? finish_task_switch.isra.0+0x2c5/0xb70 [ 548.191069][ T5822] swap_cluster_readahead+0x414/0x770 [ 548.191100][ T5822] ? __schedule+0xff6/0x5e10 [ 548.191137][ T5822] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 548.191171][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 548.191206][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 548.191265][ T5822] ? get_vma_policy+0x23f/0x3b0 [ 548.191309][ T5822] swapin_readahead+0x14b/0x12e0 [ 548.191352][ T5822] ? __pfx_swapin_readahead+0x10/0x10 [ 548.191384][ T5822] ? find_held_lock+0x2b/0x80 [ 548.191412][ T5822] ? swap_cache_get_folio+0x272/0x920 [ 548.191447][ T5822] ? swap_cache_get_folio+0x272/0x920 [ 548.191475][ T5822] ? swap_cache_get_folio+0x1f/0x920 [ 548.191503][ T5822] ? swap_cache_get_folio+0x2a2/0x920 [ 548.191536][ T5822] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 548.191566][ T5822] ? __pfx_get_swap_device+0x10/0x10 [ 548.191612][ T5822] ? do_swap_page+0x9ba/0x6810 [ 548.191640][ T5822] do_swap_page+0x9ba/0x6810 [ 548.191676][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 548.191722][ T5822] ? __pfx_do_swap_page+0x10/0x10 [ 548.191755][ T5822] ? __pfx_default_wake_function+0x10/0x10 [ 548.191790][ T5822] ? rcu_is_watching+0x12/0xc0 [ 548.191816][ T5822] ? __free_object+0x2a8/0x400 [ 548.191853][ T5822] ? rcu_is_watching+0x12/0xc0 [ 548.191881][ T5822] ? ___pte_offset_map+0x179/0x310 [ 548.191925][ T5822] __handle_mm_fault+0x18b9/0x2b50 [ 548.191964][ T5822] ? reacquire_held_locks+0xce/0x1e0 [ 548.192001][ T5822] ? __pfx___handle_mm_fault+0x10/0x10 [ 548.192039][ T5822] ? lock_vma_under_rcu+0x17c/0x5a0 [ 548.192080][ T5822] ? get_timespec64+0x136/0x1b0 [ 548.192125][ T5822] handle_mm_fault+0x36d/0xa20 [ 548.192164][ T5822] do_user_addr_fault+0x5a3/0x12f0 [ 548.192207][ T5822] exc_page_fault+0x6f/0xd0 [ 548.192248][ T5822] asm_exc_page_fault+0x26/0x30 [ 548.192275][ T5822] RIP: 0033:0x7ff41895b78e [ 548.192299][ T5822] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 548.192326][ T5822] RSP: 002b:00007ffc950adcf8 EFLAGS: 00010246 [ 548.192350][ T5822] RAX: 0000000000000000 RBX: 0000555586f3f500 RCX: 00007ff41895b78e [ 548.192370][ T5822] RDX: 00007ffc950add50 RSI: 0000000000000000 RDI: 0000000000000000 [ 548.192387][ T5822] RBP: 00007ffc950addbc R08: 0000000000000000 R09: 0000000000000000 [ 548.192405][ T5822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 548.192422][ T5822] R13: 00000000000927c0 R14: 0000000000085785 R15: 00007ffc950ade10 [ 548.192460][ T5822] [ 548.192471][ T5822] memory: usage 3072kB, limit 3072kB, failcnt 51229 [ 548.670074][ T5822] memory+swap: usage 31692kB, limit 9007199254740988kB, failcnt 0 [ 548.678043][ T5822] kmem: usage 2820kB, limit 9007199254740988kB, failcnt 0 [ 548.730050][ T5822] Memory cgroup stats for /syz1: [ 548.732502][ T5822] cache 4096 [ 548.748694][ T5822] rss 0 [ 548.770404][ T5822] rss_huge 0 [ 548.795207][ T5822] shmem 4096 [ 548.840045][ T5822] mapped_file 0 [ 548.843535][ T5822] dirty 0 [ 548.846462][ T5822] writeback 0 [ 548.849750][ T5822] workingset_refault_anon 6889 [ 548.900330][ T5822] workingset_refault_file 8438 [ 548.905120][ T5822] swap 29306880 [ 548.908565][ T5822] swapcached 253952 [ 548.940148][ T5822] pgpgin 368854 [ 548.943676][ T5822] pgpgout 392585 [ 548.947238][ T5822] pgfault 267294 [ 548.951015][ T5822] pgmajfault 3460 [ 548.954647][ T5822] inactive_anon 258048 [ 548.958712][ T5822] active_anon 0 [ 548.962617][ T5822] inactive_file 0 [ 548.967172][ T5822] active_file 0 [ 548.992631][ T5822] unevictable 0 [ 548.996128][ T5822] hierarchical_memory_limit 3145728 [ 549.001560][ T5822] hierarchical_memsw_limit 9223372036854771712 [ 549.007791][ T5822] total_cache 4096 [ 549.011683][ T5822] total_rss 0 [ 549.014989][ T5822] total_rss_huge 0 [ 549.018715][ T5822] total_shmem 4096 [ 549.022846][ T5822] total_mapped_file 0 [ 549.026835][ T5822] total_dirty 0 [ 549.092763][ T5822] total_writeback 0 [ 549.130060][ T5822] total_workingset_refault_anon 6889 [ 549.180355][ T5822] total_workingset_refault_file 8438 [ 549.190058][ T5822] total_swap 29306880 [ 549.194117][ T5822] total_swapcached 253952 [ 549.198450][ T5822] total_pgpgin 368854 [ 549.208825][ T5822] total_pgpgout 392585 [ 549.213113][ T5822] total_pgfault 267294 [ 549.217480][ T5822] total_pgmajfault 3460 [ 549.222187][ T5822] total_inactive_anon 258048 [ 549.226779][ T5822] total_active_anon 0 [ 549.231524][ T5822] total_inactive_file 0 [ 549.235677][ T5822] total_active_file 0 [ 549.240797][ T5822] total_unevictable 0 [ 549.244780][ T5822] anon_cost 22 [ 549.248130][ T5822] file_cost 0 [ 549.254376][ T5822] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1797,pid=14061,uid=0 [ 549.272616][ T5822] Memory cgroup out of memory: Killed process 14061 (syz.1.1797) total-vm:135096kB, anon-rss:1336kB, file-rss:21788kB, shmem-rss:128kB, UID:0 pgtables:192kB oom_score_adj:1000 [ 549.687641][T14061] syz.1.1797 (14061) used greatest stack depth: 19176 bytes left [ 550.041906][T14306] FAULT_INJECTION: forcing a failure. [ 550.041906][T14306] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 550.192931][T14306] CPU: 1 UID: 0 PID: 14306 Comm: syz.1.1851 Tainted: G U L syzkaller #0 PREEMPT(full) [ 550.192985][T14306] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 550.192998][T14306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 550.193017][T14306] Call Trace: [ 550.193026][T14306] [ 550.193038][T14306] dump_stack_lvl+0x100/0x190 [ 550.193084][T14306] should_fail_ex.cold+0x5/0xa [ 550.193133][T14306] _copy_from_user+0x2e/0xd0 [ 550.193180][T14306] sctp_setsockopt+0x8cc/0xb370 [ 550.193215][T14306] ? __pfx_aa_sk_perm+0x10/0x10 [ 550.193271][T14306] ? __pfx_sctp_setsockopt+0x10/0x10 [ 550.193306][T14306] ? aa_sock_opt_perm+0xfe/0x1b0 [ 550.193343][T14306] ? sock_common_setsockopt+0x2e/0xf0 [ 550.193374][T14306] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 550.193409][T14306] do_sock_setsockopt+0xf3/0x1d0 [ 550.193444][T14306] __sys_setsockopt+0x119/0x190 [ 550.193499][T14306] __x64_sys_setsockopt+0xbd/0x160 [ 550.193539][T14306] ? do_syscall_64+0x94/0xf80 [ 550.193574][T14306] ? lockdep_hardirqs_on+0x78/0x100 [ 550.193608][T14306] do_syscall_64+0xc9/0xf80 [ 550.193647][T14306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.193677][T14306] RIP: 0033:0x7ff41899aeb9 [ 550.193702][T14306] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 550.193731][T14306] RSP: 002b:00007ff4197d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 550.193761][T14306] RAX: ffffffffffffffda RBX: 00007ff418c15fa0 RCX: 00007ff41899aeb9 [ 550.193785][T14306] RDX: 0000000000000009 RSI: 0000010000000084 RDI: 0000000000000003 [ 550.193803][T14306] RBP: 00007ff418a08c1f R08: 000000000000009c R09: 0000000000000000 [ 550.193820][T14306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 550.193838][T14306] R13: 00007ff418c16038 R14: 00007ff418c15fa0 R15: 00007ffc950ada18 [ 550.193877][T14306] [ 553.580109][T14350] FAULT_INJECTION: forcing a failure. [ 553.580109][T14350] name fail_futex, interval 1, probability 0, space 0, times 0 [ 553.594059][T14350] CPU: 1 UID: 0 PID: 14350 Comm: syz.4.1861 Tainted: G U L syzkaller #0 PREEMPT(full) [ 553.594109][T14350] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 553.594121][T14350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 553.594138][T14350] Call Trace: [ 553.594148][T14350] [ 553.594157][T14350] dump_stack_lvl+0x100/0x190 [ 553.594197][T14350] should_fail_ex.cold+0x5/0xa [ 553.594240][T14350] get_futex_key+0x1d2/0x1620 [ 553.594282][T14350] ? __pfx_get_futex_key+0x10/0x10 [ 553.594319][T14350] ? trace_ignore_this_task+0xbc/0x100 [ 553.594360][T14350] futex_wait_setup+0x81/0x500 [ 553.594395][T14350] __futex_wait+0x19f/0x300 [ 553.594422][T14350] ? __pfx___futex_wait+0x10/0x10 [ 553.594453][T14350] ? __pfx_futex_wake_mark+0x10/0x10 [ 553.594498][T14350] ? find_held_lock+0x2b/0x80 [ 553.594524][T14350] ? futex_wake+0x456/0x530 [ 553.594570][T14350] futex_wait+0xed/0x380 [ 553.594595][T14350] ? __pfx_futex_wait+0x10/0x10 [ 553.594627][T14350] ? sctp_setsockopt+0x962/0xb370 [ 553.594656][T14350] ? sctp_setsockopt+0x168/0xb370 [ 553.594691][T14350] do_futex+0x1ef/0x350 [ 553.594728][T14350] ? __pfx_do_futex+0x10/0x10 [ 553.594761][T14350] ? kfree+0x2a9/0x690 [ 553.594789][T14350] ? aa_sock_opt_perm+0xfe/0x1b0 [ 553.594828][T14350] __x64_sys_futex+0x34f/0x4d0 [ 553.594873][T14350] ? __pfx___x64_sys_futex+0x10/0x10 [ 553.594912][T14350] ? xfd_validate_state+0x129/0x190 [ 553.594972][T14350] ? __sys_setsockopt+0x139/0x190 [ 553.595025][T14350] do_syscall_64+0xc9/0xf80 [ 553.595063][T14350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 553.595088][T14350] RIP: 0033:0x7f441999aeb9 [ 553.595109][T14350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 553.595137][T14350] RSP: 002b:00007f441a7b90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 553.595163][T14350] RAX: ffffffffffffffda RBX: 00007f4419c15fa8 RCX: 00007f441999aeb9 [ 553.595179][T14350] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4419c15fa8 [ 553.595194][T14350] RBP: 00007f4419c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 553.595208][T14350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 553.595222][T14350] R13: 00007f4419c16038 R14: 00007fffb11b2760 R15: 00007fffb11b2848 [ 553.595252][T14350] [ 554.110986][T10797] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 923 with max blocks 5 with error 117 [ 554.196252][T10797] EXT4-fs (sda1): This should not happen!! Data will be lost [ 554.196252][T10797] [ 554.446897][T10797] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 922 with max blocks 1 with error 117 [ 554.462108][T10797] EXT4-fs (sda1): This should not happen!! Data will be lost [ 554.462108][T10797] [ 554.672640][T10786] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 921 with max blocks 1 with error 117 [ 554.709100][T10786] EXT4-fs (sda1): This should not happen!! Data will be lost [ 554.709100][T10786] [ 554.742780][T14358] netlink: zone id is out of range [ 554.747968][T14358] netlink: zone id is out of range [ 554.795309][T14358] netlink: zone id is out of range [ 554.856803][T14358] netlink: zone id is out of range [ 554.873804][T14358] netlink: zone id is out of range [ 554.908592][T14358] netlink: zone id is out of range [ 554.934011][T14358] netlink: zone id is out of range [ 554.953412][T14358] netlink: zone id is out of range [ 554.974754][T14358] netlink: zone id is out of range [ 554.990169][T14358] netlink: zone id is out of range [ 555.102634][T14369] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1866'. [ 555.487048][T10797] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 920 with max blocks 1 with error 117 [ 555.510980][T10797] EXT4-fs (sda1): This should not happen!! Data will be lost [ 555.510980][T10797] [ 555.716972][T14382] netlink: 'syz.0.1869': attribute type 1 has an invalid length. [ 555.945011][T14372] syz.1.1867 invoked oom-killer: gfp_mask=0x400c40(GFP_NOFS|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 555.958426][T14372] CPU: 1 UID: 0 PID: 14372 Comm: syz.1.1867 Tainted: G U L syzkaller #0 PREEMPT(full) [ 555.958473][T14372] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 555.958485][T14372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 555.958509][T14372] Call Trace: [ 555.958518][T14372] [ 555.958529][T14372] dump_stack_lvl+0x100/0x190 [ 555.958570][T14372] dump_header+0xfb/0x606 [ 555.958604][T14372] oom_kill_process.cold+0xd/0x321 [ 555.958638][T14372] out_of_memory+0x340/0x14f0 [ 555.958685][T14372] ? __pfx_out_of_memory+0x10/0x10 [ 555.958735][T14372] mem_cgroup_out_of_memory+0xc6/0x130 [ 555.958767][T14372] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 555.958798][T14372] ? find_held_lock+0x2b/0x80 [ 555.958836][T14372] ? do_raw_spin_unlock+0x145/0x1e0 [ 555.958883][T14372] ? _raw_spin_unlock+0x28/0x50 [ 555.958919][T14372] try_charge_memcg+0x652/0xc90 [ 555.958969][T14372] ? __pfx_try_charge_memcg+0x10/0x10 [ 555.959008][T14372] ? rcu_read_unlock+0x17/0x60 [ 555.959049][T14372] ? rcu_read_unlock+0x17/0x60 [ 555.959099][T14372] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 555.959137][T14372] obj_cgroup_charge_account+0x335/0x7e0 [ 555.959187][T14372] __memcg_slab_post_alloc_hook+0x2e4/0x880 [ 555.959237][T14372] ? kasan_save_track+0x14/0x30 [ 555.959366][T14372] kmem_cache_alloc_lru_noprof+0x606/0x7d0 [ 555.959409][T14372] ? xas_nomem+0x101/0x2c0 [ 555.959448][T14372] ? xas_nomem+0x101/0x2c0 [ 555.959473][T14372] xas_nomem+0x101/0x2c0 [ 555.959499][T14372] ? _raw_spin_unlock_irq+0x23/0x50 [ 555.959532][T14372] __filemap_add_folio+0xb1c/0x1220 [ 555.959575][T14372] ? __pfx___filemap_add_folio+0x10/0x10 [ 555.959623][T14372] ? __pfx_workingset_update_node+0x10/0x10 [ 555.959671][T14372] filemap_add_folio+0x1d8/0x690 [ 555.959708][T14372] ? __pfx_filemap_add_folio+0x10/0x10 [ 555.959754][T14372] __filemap_get_folio_mpol+0x5d5/0xe70 [ 555.959805][T14372] iomap_write_begin+0x15c3/0x22b0 [ 555.959843][T14372] ? fault_in_readable+0xde/0x190 [ 555.959881][T14372] ? fault_in_readable+0xde/0x190 [ 555.959921][T14372] ? __pfx_iomap_write_begin+0x10/0x10 [ 555.959943][T14372] ? fault_in_readable+0x14c/0x190 [ 555.959975][T14372] ? __pfx_fault_in_readable+0x10/0x10 [ 555.960009][T14372] ? rcu_is_cpu_rrupt_from_idle+0x260/0x270 [ 555.960036][T14372] ? I_BDEV+0xd/0x20 [ 555.960075][T14372] ? inode_to_bdi+0x9e/0x160 [ 555.960125][T14372] iomap_file_buffered_write+0x48b/0xac0 [ 555.960172][T14372] ? __pfx_iomap_file_buffered_write+0x10/0x10 [ 555.960203][T14372] ? inode_set_ctime_current+0x283/0x7d0 [ 555.960263][T14372] ? __pfx_down_read+0x10/0x10 [ 555.960299][T14372] ? mnt_put_write_access_file+0x4e/0x100 [ 555.960333][T14372] ? file_update_time_flags+0x31f/0x510 [ 555.960380][T14372] blkdev_write_iter+0x575/0xd70 [ 555.960427][T14372] vfs_write+0x6ac/0x1070 [ 555.960464][T14372] ? __pfx_blkdev_write_iter+0x10/0x10 [ 555.960504][T14372] ? __pfx_vfs_write+0x10/0x10 [ 555.960535][T14372] ? find_held_lock+0x2b/0x80 [ 555.960621][T14372] ksys_write+0x12a/0x250 [ 555.960654][T14372] ? __pfx_ksys_write+0x10/0x10 [ 555.960703][T14372] do_syscall_64+0xc9/0xf80 [ 555.960744][T14372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.960776][T14372] RIP: 0033:0x7ff41899aeb9 [ 555.960803][T14372] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 555.960833][T14372] RSP: 002b:00007ff4197b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 555.960862][T14372] RAX: ffffffffffffffda RBX: 00007ff418c16090 RCX: 00007ff41899aeb9 [ 555.960883][T14372] RDX: 0000000080000000 RSI: 0000200000000000 RDI: 0000000000000002 [ 555.960903][T14372] RBP: 00007ff418a08c1f R08: 0000000000000000 R09: 0000000000000000 [ 555.960922][T14372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 555.960940][T14372] R13: 00007ff418c16128 R14: 00007ff418c16090 R15: 00007ffc950ada18 [ 555.960981][T14372] [ 556.430348][T14372] memory: usage 3072kB, limit 3072kB, failcnt 52802 [ 556.437052][T14372] memory+swap: usage 3484kB, limit 9007199254740988kB, failcnt 0 [ 556.455799][T14372] kmem: usage 2684kB, limit 9007199254740988kB, failcnt 0 [ 556.616182][T14372] Memory cgroup stats for /syz1: [ 556.616526][T14372] cache 0 [ 556.685661][T14372] rss 4096 [ 556.688749][T14372] rss_huge 0 [ 556.728410][T14372] shmem 0 [ 556.738845][T14372] mapped_file 0 [ 556.780053][T14372] dirty 0 [ 556.783065][T14372] writeback 0 [ 556.786356][T14372] workingset_refault_anon 7229 [ 556.801077][T14372] workingset_refault_file 8724 [ 556.818223][T14372] swap 438272 [ 556.830029][T14372] swapcached 249856 [ 556.833915][T14372] pgpgin 370755 [ 556.837394][T14372] pgpgout 394487 [ 556.880026][T14372] pgfault 270405 [ 556.883661][T14372] pgmajfault 3704 [ 556.887322][T14372] inactive_anon 131072 [ 556.911103][T14372] active_anon 118784 [ 556.915075][T14372] inactive_file 0 [ 556.944974][T14392] XFS: Clearing xfsstats [ 556.952427][T14372] active_file 0 [ 556.959812][T14392] futex_wake_op: syz.2.1872 tries to shift op by -2048; fix this program [ 556.968265][T14372] unevictable 0 [ 556.968369][T14372] hierarchical_memory_limit 3145728 [ 556.968384][T14372] hierarchical_memsw_limit 9223372036854771712 [ 556.968397][T14372] total_cache 0 [ 556.968407][T14372] total_rss 4096 [ 556.968418][T14372] total_rss_huge 0 [ 556.968430][T14372] total_shmem 0 [ 556.968441][T14372] total_mapped_file 0 [ 556.968453][T14372] total_dirty 0 [ 557.006112][T14372] total_writeback 0 [ 557.010662][T14372] total_workingset_refault_anon 7229 [ 557.015989][T14372] total_workingset_refault_file 8724 [ 557.023714][T14372] total_swap 438272 [ 557.027645][T14372] total_swapcached 249856 [ 557.032964][T14372] total_pgpgin 370755 [ 557.037221][T14372] total_pgpgout 394487 [ 557.045273][T14372] total_pgfault 270405 [ 557.049421][T14372] total_pgmajfault 3704 [ 557.053784][T14372] total_inactive_anon 131072 [ 557.059439][T14372] total_active_anon 118784 [ 557.070293][T14392] futex_wake_op: syz.2.1872 tries to shift op by -2048; fix this program [ 557.105516][T14372] total_inactive_file 0 [ 557.109735][T14372] total_active_file 0 [ 557.115671][T14393] 0x000000000001-0x000000020000 : "" [ 557.136555][T14372] total_unevictable 0 [ 557.158227][T14372] anon_cost 65 [ 557.162038][T14385] FAULT_INJECTION: forcing a failure. [ 557.162038][T14385] name failslab, interval 1, probability 0, space 0, times 0 [ 557.191734][T14372] file_cost 0 [ 557.195072][T14372] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1867,pid=14370,uid=0 [ 557.229446][T14393] ftl_cs: FTL header corrupt! [ 557.266654][T14372] Memory cgroup out of memory: Killed process 14371 (syz.1.1867) total-vm:104508kB, anon-rss:1208kB, file-rss:22592kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 557.311469][T14385] CPU: 0 UID: 0 PID: 14385 Comm: syz.4.1870 Tainted: G U L syzkaller #0 PREEMPT(full) [ 557.311516][T14385] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 557.311526][T14385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 557.311543][T14385] Call Trace: [ 557.311553][T14385] [ 557.311564][T14385] dump_stack_lvl+0x100/0x190 [ 557.311604][T14385] should_fail_ex.cold+0x5/0xa [ 557.311645][T14385] ? sk_filter_trim_cap+0x571/0xde0 [ 557.311678][T14385] should_failslab+0xc2/0x120 [ 557.311722][T14385] kmem_cache_alloc_noprof+0x83/0x780 [ 557.311761][T14385] ? skb_clone+0x190/0x400 [ 557.311811][T14385] ? skb_clone+0x190/0x400 [ 557.311849][T14385] skb_clone+0x190/0x400 [ 557.311891][T14385] netlink_deliver_tap+0xaed/0xcc0 [ 557.311938][T14385] netlink_unicast+0x70c/0x870 [ 557.311986][T14385] ? __pfx_netlink_unicast+0x10/0x10 [ 557.312029][T14385] ? genl_rcv_msg+0x4be/0x800 [ 557.312064][T14385] netlink_ack+0x655/0xb80 [ 557.312108][T14385] netlink_rcv_skb+0x333/0x420 [ 557.312131][T14385] ? __pfx_genl_rcv_msg+0x10/0x10 [ 557.312148][T14385] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 557.312179][T14385] ? netlink_deliver_tap+0x1ae/0xcc0 [ 557.312203][T14385] genl_rcv+0x28/0x40 [ 557.312217][T14385] netlink_unicast+0x5aa/0x870 [ 557.312242][T14385] ? __pfx_netlink_unicast+0x10/0x10 [ 557.312281][T14385] netlink_sendmsg+0x8b0/0xda0 [ 557.312308][T14385] ? __pfx_netlink_sendmsg+0x10/0x10 [ 557.312335][T14385] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 557.312358][T14385] __sys_sendto+0x4aa/0x520 [ 557.312379][T14385] ? __pfx___sys_sendto+0x10/0x10 [ 557.312406][T14385] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 557.312442][T14385] __x64_sys_sendto+0xe0/0x1c0 [ 557.312461][T14385] ? do_syscall_64+0x94/0xf80 [ 557.312479][T14385] ? lockdep_hardirqs_on+0x78/0x100 [ 557.312497][T14385] do_syscall_64+0xc9/0xf80 [ 557.312520][T14385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.312537][T14385] RIP: 0033:0x7f441995b78e [ 557.312551][T14385] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 557.312566][T14385] RSP: 002b:00007f441a7b7e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 557.312582][T14385] RAX: ffffffffffffffda RBX: 00007f441a7b96c0 RCX: 00007f441995b78e [ 557.312593][T14385] RDX: 0000000000000020 RSI: 00007f441a7b8000 RDI: 0000000000000007 [ 557.312603][T14385] RBP: 0000000000000000 R08: 00007f441a7b7f04 R09: 000000000000000c [ 557.312612][T14385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 557.312622][T14385] R13: 00007f441a7b7f58 R14: 00007f441a7b8000 R15: 0000000000000000 [ 557.312642][T14385] [ 558.442267][T14403] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1873'. [ 559.205100][T14417] netlink: 'syz.0.1879': attribute type 1 has an invalid length. [ 560.189405][T14435] sysfs_service_op_store: Client not running :-5: [ 560.203050][T14439] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1886'. [ 561.802030][T14454] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1889'. [ 562.303877][T14470] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1892'. [ 562.660763][T14483] XFS: Clearing xfsstats [ 562.696971][T14483] futex_wake_op: syz.2.1894 tries to shift op by -2048; fix this program [ 562.740339][T14483] futex_wake_op: syz.2.1894 tries to shift op by -2048; fix this program [ 562.756057][T14483] 0x000000000001-0x000000020000 : "" [ 562.812960][T14483] ftl_cs: FTL header corrupt! [ 563.212476][T14481] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 563.697121][T14481] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 563.923859][T14481] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.115905][T14481] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.420477][T14526] XFS: Clearing xfsstats [ 566.485017][T14529] XFS: Clearing xfsstats [ 566.505353][T14529] futex_wake_op: syz.4.1905 tries to shift op by -2048; fix this program [ 566.514085][T14529] futex_wake_op: syz.4.1905 tries to shift op by -2048; fix this program [ 566.523637][T14529] 0x000000000001-0x000000020000 : "" [ 566.610670][T14529] ftl_cs: FTL header corrupt! [ 566.652631][T14533] futex_wake_op: syz.2.1904 tries to shift op by -2048; fix this program [ 566.754272][T14533] futex_wake_op: syz.2.1904 tries to shift op by -2048; fix this program [ 566.848569][T14526] 0x000000000001-0x000000020000 : "" [ 567.003345][T14526] ftl_cs: FTL header corrupt! [ 567.628667][T14550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1910'. [ 567.674201][T14550] random: crng reseeded on system resumption [ 568.020743][T14556] FAULT_INJECTION: forcing a failure. [ 568.020743][T14556] name failslab, interval 1, probability 0, space 0, times 0 [ 568.070579][T14556] CPU: 0 UID: 0 PID: 14556 Comm: syz.4.1911 Tainted: G U L syzkaller #0 PREEMPT(full) [ 568.070629][T14556] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 568.070640][T14556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 568.070658][T14556] Call Trace: [ 568.070668][T14556] [ 568.070679][T14556] dump_stack_lvl+0x100/0x190 [ 568.070719][T14556] should_fail_ex.cold+0x5/0xa [ 568.070764][T14556] should_failslab+0xc2/0x120 [ 568.070802][T14556] __kvmalloc_node_noprof+0x101/0xac0 [ 568.070833][T14556] ? __pfx___mutex_lock+0x10/0x10 [ 568.070858][T14556] ? traverse.part.0.constprop.0+0x397/0x650 [ 568.070879][T14556] ? traverse.part.0.constprop.0+0x397/0x650 [ 568.070894][T14556] traverse.part.0.constprop.0+0x397/0x650 [ 568.070910][T14556] ? find_held_lock+0x2b/0x80 [ 568.070926][T14556] ? aa_file_perm+0x268/0x1540 [ 568.070941][T14556] ? aa_file_perm+0x268/0x1540 [ 568.070958][T14556] seq_read_iter+0x93f/0x1270 [ 568.070982][T14556] seq_read+0x33b/0x4c0 [ 568.070997][T14556] ? __pfx_seq_read+0x10/0x10 [ 568.071023][T14556] ? __pfx_seq_read+0x10/0x10 [ 568.071038][T14556] proc_reg_read+0x240/0x330 [ 568.071060][T14556] ? __pfx_proc_reg_read+0x10/0x10 [ 568.071083][T14556] vfs_read+0x1e4/0xb30 [ 568.071103][T14556] ? __pfx_vfs_read+0x10/0x10 [ 568.071118][T14556] ? find_held_lock+0x2b/0x80 [ 568.071132][T14556] ? __fget_files+0x215/0x3d0 [ 568.071148][T14556] ? __fget_files+0x215/0x3d0 [ 568.071167][T14556] ? __fget_files+0x21f/0x3d0 [ 568.071188][T14556] __x64_sys_pread64+0x1eb/0x250 [ 568.071207][T14556] ? __pfx___x64_sys_pread64+0x10/0x10 [ 568.071231][T14556] do_syscall_64+0xc9/0xf80 [ 568.071251][T14556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.071267][T14556] RIP: 0033:0x7f441999aeb9 [ 568.071282][T14556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 568.071296][T14556] RSP: 002b:00007f441a7b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 568.071311][T14556] RAX: ffffffffffffffda RBX: 00007f4419c15fa0 RCX: 00007f441999aeb9 [ 568.071321][T14556] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003 [ 568.071330][T14556] RBP: 00007f441a7b9090 R08: 0000000000000000 R09: 0000000000000000 [ 568.071339][T14556] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 568.071347][T14556] R13: 00007f4419c16038 R14: 00007f4419c15fa0 R15: 00007fffb11b2848 [ 568.071367][T14556] [ 568.646816][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.654886][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.837091][T14561] netlink: 158 bytes leftover after parsing attributes in process `syz.4.1912'. [ 568.861895][T14561] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1912'. [ 569.958997][ T5822] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 570.079308][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: syz-executor Tainted: G U L syzkaller #0 PREEMPT(full) [ 570.079358][ T5822] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 570.079368][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 570.079385][ T5822] Call Trace: [ 570.079394][ T5822] [ 570.079406][ T5822] dump_stack_lvl+0x100/0x190 [ 570.079447][ T5822] dump_header+0xfb/0x606 [ 570.079478][ T5822] oom_kill_process.cold+0xd/0x321 [ 570.079510][ T5822] out_of_memory+0x340/0x14f0 [ 570.079554][ T5822] ? __pfx_out_of_memory+0x10/0x10 [ 570.079600][ T5822] mem_cgroup_out_of_memory+0xc6/0x130 [ 570.079631][ T5822] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 570.079659][ T5822] ? find_held_lock+0x2b/0x80 [ 570.079695][ T5822] ? do_raw_spin_unlock+0x145/0x1e0 [ 570.079737][ T5822] ? _raw_spin_unlock+0x28/0x50 [ 570.079770][ T5822] try_charge_memcg+0x652/0xc90 [ 570.079817][ T5822] ? __pfx_try_charge_memcg+0x10/0x10 [ 570.079863][ T5822] ? find_held_lock+0x2b/0x80 [ 570.079890][ T5822] ? rcu_read_unlock+0x17/0x60 [ 570.079930][ T5822] ? rcu_read_unlock+0x17/0x60 [ 570.079967][ T5822] charge_memcg+0xa6/0x280 [ 570.080006][ T5822] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 570.080051][ T5822] __read_swap_cache_async+0x449/0x610 [ 570.080089][ T5822] ? __pfx___read_swap_cache_async+0x10/0x10 [ 570.080122][ T5822] ? rcu_is_watching+0x12/0xc0 [ 570.080150][ T5822] ? finish_task_switch.isra.0+0x204/0xb70 [ 570.080183][ T5822] ? lockdep_hardirqs_on+0x78/0x100 [ 570.080216][ T5822] ? finish_task_switch.isra.0+0x204/0xb70 [ 570.080254][ T5822] swap_cluster_readahead+0x414/0x770 [ 570.080284][ T5822] ? __schedule+0xff6/0x5e10 [ 570.080321][ T5822] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 570.080353][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 570.080388][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 570.080440][ T5822] ? get_vma_policy+0x23f/0x3b0 [ 570.080484][ T5822] swapin_readahead+0x14b/0x12e0 [ 570.080529][ T5822] ? __pfx_swapin_readahead+0x10/0x10 [ 570.080561][ T5822] ? find_held_lock+0x2b/0x80 [ 570.080589][ T5822] ? swap_cache_get_folio+0x272/0x920 [ 570.080624][ T5822] ? swap_cache_get_folio+0x272/0x920 [ 570.080652][ T5822] ? swap_cache_get_folio+0x1f/0x920 [ 570.080680][ T5822] ? swap_cache_get_folio+0x2a2/0x920 [ 570.080713][ T5822] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 570.080742][ T5822] ? __pfx_get_swap_device+0x10/0x10 [ 570.080788][ T5822] ? do_swap_page+0x9ba/0x6810 [ 570.080815][ T5822] do_swap_page+0x9ba/0x6810 [ 570.080851][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 570.080915][ T5822] ? __pfx_do_swap_page+0x10/0x10 [ 570.080949][ T5822] ? __pfx_default_wake_function+0x10/0x10 [ 570.080985][ T5822] ? rcu_is_watching+0x12/0xc0 [ 570.081018][ T5822] ? __free_object+0x2a8/0x400 [ 570.081055][ T5822] ? rcu_is_watching+0x12/0xc0 [ 570.081082][ T5822] ? ___pte_offset_map+0x179/0x310 [ 570.081126][ T5822] __handle_mm_fault+0x18b9/0x2b50 [ 570.081165][ T5822] ? reacquire_held_locks+0xce/0x1e0 [ 570.081203][ T5822] ? __pfx___handle_mm_fault+0x10/0x10 [ 570.081240][ T5822] ? lock_vma_under_rcu+0x17c/0x5a0 [ 570.081281][ T5822] ? get_timespec64+0x136/0x1b0 [ 570.081325][ T5822] handle_mm_fault+0x36d/0xa20 [ 570.081363][ T5822] do_user_addr_fault+0x5a3/0x12f0 [ 570.081407][ T5822] exc_page_fault+0x6f/0xd0 [ 570.081440][ T5822] asm_exc_page_fault+0x26/0x30 [ 570.081467][ T5822] RIP: 0033:0x7ff41895b78e [ 570.081490][ T5822] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 570.081516][ T5822] RSP: 002b:00007ffc950adcf8 EFLAGS: 00010246 [ 570.081539][ T5822] RAX: 0000000000000000 RBX: 0000555586f3f500 RCX: 00007ff41895b78e [ 570.081558][ T5822] RDX: 00007ffc950add50 RSI: 0000000000000000 RDI: 0000000000000000 [ 570.081575][ T5822] RBP: 00007ffc950addbc R08: 0000000000000000 R09: 0000000000000000 [ 570.081592][ T5822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 570.081609][ T5822] R13: 00000000000927c0 R14: 000000000008a9b8 R15: 00007ffc950ade10 [ 570.081648][ T5822] [ 570.540287][ T5822] memory: usage 3072kB, limit 3072kB, failcnt 59647 [ 570.546939][ T5822] memory+swap: usage 13840kB, limit 9007199254740988kB, failcnt 0 [ 570.560544][ T5822] kmem: usage 2736kB, limit 9007199254740988kB, failcnt 0 [ 570.567844][ T5822] Memory cgroup stats for /syz1: [ 570.568026][ T5822] cache 0 [ 570.576511][ T5822] rss 73728 [ 570.579842][ T5822] rss_huge 0 [ 570.583136][ T5822] shmem 0 [ 570.586172][ T5822] mapped_file 0 [ 570.589653][ T5822] dirty 0 [ 570.592827][ T5822] writeback 0 [ 570.596137][ T5822] workingset_refault_anon 8896 [ 570.601298][ T5822] workingset_refault_file 8724 [ 570.606229][ T5822] swap 11026432 [ 570.609707][ T5822] swapcached 303104 [ 570.613754][ T5822] pgpgin 380744 [ 570.617375][ T5822] pgpgout 404454 [ 570.621037][ T5822] pgfault 278395 [ 570.624613][ T5822] pgmajfault 4250 [ 570.628424][ T5822] inactive_anon 131072 [ 570.920483][ T5822] active_anon 4096 [ 570.924261][ T5822] inactive_file 0 [ 570.927902][ T5822] active_file 0 [ 570.951114][ T5822] unevictable 73728 [ 570.954954][ T5822] hierarchical_memory_limit 3145728 [ 570.985547][ T5822] hierarchical_memsw_limit 9223372036854771712 [ 571.022206][ T5822] total_cache 0 [ 571.025695][ T5822] total_rss 73728 [ 571.029311][ T5822] total_rss_huge 0 [ 571.090236][ T5822] total_shmem 0 [ 571.129354][ T5822] total_mapped_file 0 [ 571.133592][ T5822] total_dirty 0 [ 571.137241][ T5822] total_writeback 0 [ 571.141961][ T5822] total_workingset_refault_anon 8896 [ 571.148552][ T5822] total_workingset_refault_file 8724 [ 571.157785][T14587] XFS: Clearing xfsstats [ 571.164526][ T5822] total_swap 11026432 [ 571.168625][ T5822] total_swapcached 303104 [ 571.173407][ T5822] total_pgpgin 380744 [ 571.179426][T14587] futex_wake_op: syz.2.1918 tries to shift op by -2048; fix this program [ 571.188739][T14587] futex_wake_op: syz.2.1918 tries to shift op by -2048; fix this program [ 571.200277][T14587] 0x000000000001-0x000000020000 : "" [ 571.206930][ T5822] total_pgpgout 404454 [ 571.233405][ T5822] total_pgfault 278395 [ 571.233909][T14587] ftl_cs: FTL header corrupt! [ 571.275097][ T5822] total_pgmajfault 4250 [ 571.310054][ T5822] total_inactive_anon 131072 [ 571.353072][ T5822] total_active_anon 4096 [ 571.365962][ T5822] total_inactive_file 0 [ 571.386059][ T5822] total_active_file 0 [ 571.401682][ T5822] total_unevictable 73728 [ 571.406057][ T5822] anon_cost 22 [ 571.409440][ T5822] file_cost 0 [ 571.448604][ T5822] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1906,pid=14537,uid=0 [ 571.494173][ T5822] Memory cgroup out of memory: Killed process 14537 (syz.1.1906) total-vm:180708kB, anon-rss:1312kB, file-rss:34876kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000 [ 572.882857][T14602] FAULT_INJECTION: forcing a failure. [ 572.882857][T14602] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 572.900281][T14602] CPU: 1 UID: 0 PID: 14602 Comm: syz.4.1922 Tainted: G U L syzkaller #0 PREEMPT(full) [ 572.900329][T14602] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 572.900340][T14602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 572.900366][T14602] Call Trace: [ 572.900376][T14602] [ 572.900387][T14602] dump_stack_lvl+0x100/0x190 [ 572.900426][T14602] should_fail_ex.cold+0x5/0xa [ 572.900471][T14602] _copy_to_iter+0x5a4/0x1720 [ 572.900515][T14602] ? rxrpc_peer_seq_stop+0x31/0xb0 [ 572.900546][T14602] ? __pfx__copy_to_iter+0x10/0x10 [ 572.900675][T14602] ? traverse.part.0.constprop.0+0x2c5/0x650 [ 572.900717][T14602] seq_read_iter+0x691/0x1270 [ 572.900760][T14602] seq_read+0x33b/0x4c0 [ 572.900788][T14602] ? __pfx_seq_read+0x10/0x10 [ 572.900839][T14602] ? __pfx_seq_read+0x10/0x10 [ 572.900867][T14602] proc_reg_read+0x240/0x330 [ 572.900907][T14602] ? __pfx_proc_reg_read+0x10/0x10 [ 572.901034][T14602] vfs_read+0x1e4/0xb30 [ 572.901070][T14602] ? __pfx_vfs_read+0x10/0x10 [ 572.901096][T14602] ? find_held_lock+0x2b/0x80 [ 572.901124][T14602] ? __fget_files+0x215/0x3d0 [ 572.901154][T14602] ? __fget_files+0x215/0x3d0 [ 572.901194][T14602] ? __fget_files+0x21f/0x3d0 [ 572.901240][T14602] __x64_sys_pread64+0x1eb/0x250 [ 572.901276][T14602] ? __pfx___x64_sys_pread64+0x10/0x10 [ 572.901322][T14602] do_syscall_64+0xc9/0xf80 [ 572.901357][T14602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 572.901387][T14602] RIP: 0033:0x7f441999aeb9 [ 572.901408][T14602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 572.901433][T14602] RSP: 002b:00007f441a7b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 572.901458][T14602] RAX: ffffffffffffffda RBX: 00007f4419c15fa0 RCX: 00007f441999aeb9 [ 572.901476][T14602] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003 [ 572.901491][T14602] RBP: 00007f441a7b9090 R08: 0000000000000000 R09: 0000000000000000 [ 572.901505][T14602] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 572.901521][T14602] R13: 00007f4419c16038 R14: 00007f4419c15fa0 R15: 00007fffb11b2848 [ 572.901554][T14602] [ 573.654719][ T32] oom_reaper: reaped process 14537 (syz.1.1906), now anon-rss:0kB, file-rss:33612kB, shmem-rss:0kB [ 575.955267][T14641] syz.4.1931(14641): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 576.653298][T14662] FAULT_INJECTION: forcing a failure. [ 576.653298][T14662] name failslab, interval 1, probability 0, space 0, times 0 [ 576.668587][T14662] CPU: 1 UID: 0 PID: 14662 Comm: syz.0.1936 Tainted: G U L syzkaller #0 PREEMPT(full) [ 576.668634][T14662] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 576.668645][T14662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 576.668659][T14662] Call Trace: [ 576.668665][T14662] [ 576.668672][T14662] dump_stack_lvl+0x100/0x190 [ 576.668698][T14662] should_fail_ex.cold+0x5/0xa [ 576.668724][T14662] should_failslab+0xc2/0x120 [ 576.668747][T14662] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 576.668769][T14662] ? __d_alloc+0x34/0xa80 [ 576.668792][T14662] ? __d_alloc+0x34/0xa80 [ 576.668809][T14662] __d_alloc+0x34/0xa80 [ 576.668830][T14662] d_alloc_pseudo+0x1c/0xc0 [ 576.668853][T14662] alloc_file_pseudo+0xcf/0x230 [ 576.668876][T14662] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 576.668898][T14662] ? alloc_fd+0x476/0x790 [ 576.668918][T14662] sock_alloc_file+0x50/0x210 [ 576.668942][T14662] __sys_socket+0x1c0/0x260 [ 576.668960][T14662] ? __pfx___sys_socket+0x10/0x10 [ 576.668977][T14662] ? xfd_validate_state+0x129/0x190 [ 576.669004][T14662] __x64_sys_socket+0x72/0xb0 [ 576.669021][T14662] ? lockdep_hardirqs_on+0x78/0x100 [ 576.669039][T14662] do_syscall_64+0xc9/0xf80 [ 576.669059][T14662] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.669075][T14662] RIP: 0033:0x7fc79a39aeb9 [ 576.669089][T14662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 576.669104][T14662] RSP: 002b:00007fc79b1e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 576.669120][T14662] RAX: ffffffffffffffda RBX: 00007fc79a615fa0 RCX: 00007fc79a39aeb9 [ 576.669130][T14662] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 576.669139][T14662] RBP: 00007fc79a408c1f R08: 0000000000000000 R09: 0000000000000000 [ 576.669148][T14662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 576.669157][T14662] R13: 00007fc79a616038 R14: 00007fc79a615fa0 R15: 00007ffe5b65e038 [ 576.669177][T14662] [ 577.136102][T14660] ima: policy update failed [ 577.141435][ T30] audit: type=1802 audit(4294967447.600:28): pid=14660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1936" res=0 errno=0 [ 577.395743][T14664] random: crng reseeded on system resumption [ 579.484182][ T5822] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 579.551822][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: syz-executor Tainted: G U L syzkaller #0 PREEMPT(full) [ 579.551857][ T5822] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 579.551863][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 579.551873][ T5822] Call Trace: [ 579.551878][ T5822] [ 579.551884][ T5822] dump_stack_lvl+0x100/0x190 [ 579.551908][ T5822] dump_header+0xfb/0x606 [ 579.551926][ T5822] oom_kill_process.cold+0xd/0x321 [ 579.551943][ T5822] out_of_memory+0x340/0x14f0 [ 579.551967][ T5822] ? __pfx_out_of_memory+0x10/0x10 [ 579.551991][ T5822] mem_cgroup_out_of_memory+0xc6/0x130 [ 579.552009][ T5822] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 579.552024][ T5822] ? find_held_lock+0x2b/0x80 [ 579.552042][ T5822] ? do_raw_spin_unlock+0x145/0x1e0 [ 579.552066][ T5822] ? _raw_spin_unlock+0x28/0x50 [ 579.552084][ T5822] try_charge_memcg+0x652/0xc90 [ 579.552109][ T5822] ? __pfx_try_charge_memcg+0x10/0x10 [ 579.552139][ T5822] ? find_held_lock+0x2b/0x80 [ 579.552153][ T5822] ? rcu_read_unlock+0x17/0x60 [ 579.552175][ T5822] ? rcu_read_unlock+0x17/0x60 [ 579.552198][ T5822] charge_memcg+0xa6/0x280 [ 579.552219][ T5822] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 579.552245][ T5822] __read_swap_cache_async+0x449/0x610 [ 579.552265][ T5822] ? __pfx___read_swap_cache_async+0x10/0x10 [ 579.552282][ T5822] ? mlock_drain_local+0x254/0x4e0 [ 579.552300][ T5822] ? mlock_drain_local+0x254/0x4e0 [ 579.552323][ T5822] swap_cluster_readahead+0x541/0x770 [ 579.552340][ T5822] ? __schedule+0xff6/0x5e10 [ 579.552359][ T5822] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 579.552377][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 579.552397][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 579.552424][ T5822] ? get_vma_policy+0x23f/0x3b0 [ 579.552448][ T5822] swapin_readahead+0x14b/0x12e0 [ 579.552464][ T5822] ? rcu_is_watching+0x12/0xc0 [ 579.552484][ T5822] ? __pfx_swapin_readahead+0x10/0x10 [ 579.552501][ T5822] ? find_held_lock+0x2b/0x80 [ 579.552516][ T5822] ? swap_cache_get_folio+0x272/0x920 [ 579.552534][ T5822] ? swap_cache_get_folio+0x272/0x920 [ 579.552549][ T5822] ? swap_cache_get_folio+0x1f/0x920 [ 579.552563][ T5822] ? swap_cache_get_folio+0x2a2/0x920 [ 579.552580][ T5822] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 579.552595][ T5822] ? __pfx_get_swap_device+0x10/0x10 [ 579.552619][ T5822] ? do_swap_page+0x9ba/0x6810 [ 579.552634][ T5822] do_swap_page+0x9ba/0x6810 [ 579.552652][ T5822] ? __lock_acquire+0x4a5/0x2630 [ 579.552676][ T5822] ? __pfx_do_swap_page+0x10/0x10 [ 579.552694][ T5822] ? __pfx_default_wake_function+0x10/0x10 [ 579.552712][ T5822] ? rcu_is_watching+0x12/0xc0 [ 579.552726][ T5822] ? __free_object+0x2a8/0x400 [ 579.552746][ T5822] ? rcu_is_watching+0x12/0xc0 [ 579.552760][ T5822] ? ___pte_offset_map+0x179/0x310 [ 579.552784][ T5822] __handle_mm_fault+0x18b9/0x2b50 [ 579.552804][ T5822] ? reacquire_held_locks+0xce/0x1e0 [ 579.552824][ T5822] ? __pfx___handle_mm_fault+0x10/0x10 [ 579.552844][ T5822] ? lock_vma_under_rcu+0x17c/0x5a0 [ 579.552866][ T5822] ? get_timespec64+0x136/0x1b0 [ 579.552890][ T5822] handle_mm_fault+0x36d/0xa20 [ 579.552909][ T5822] do_user_addr_fault+0x5a3/0x12f0 [ 579.552932][ T5822] exc_page_fault+0x6f/0xd0 [ 579.552951][ T5822] asm_exc_page_fault+0x26/0x30 [ 579.552966][ T5822] RIP: 0033:0x7ff41895b78e [ 579.552980][ T5822] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 579.552994][ T5822] RSP: 002b:00007ffc950adcf8 EFLAGS: 00010246 [ 579.553007][ T5822] RAX: 0000000000000000 RBX: 0000555586f3f500 RCX: 00007ff41895b78e [ 579.553017][ T5822] RDX: 00007ffc950add50 RSI: 0000000000000000 RDI: 0000000000000000 [ 579.553026][ T5822] RBP: 00007ffc950addbc R08: 0000000000000000 R09: 0000000000000000 [ 579.553035][ T5822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 579.553043][ T5822] R13: 00000000000927c0 R14: 000000000008d2eb R15: 00007ffc950ade10 [ 579.553063][ T5822] [ 579.553069][ T5822] memory: usage 3072kB, limit 3072kB, failcnt 68640 [ 579.968324][ T5822] memory+swap: usage 30352kB, limit 9007199254740988kB, failcnt 0 [ 579.976478][ T5822] kmem: usage 2824kB, limit 9007199254740988kB, failcnt 0 [ 579.983915][ T5822] Memory cgroup stats for /syz1: [ 579.984022][ T5822] cache 4096 [ 579.992267][ T5822] rss 0 [ 579.995673][ T5822] rss_huge 0 [ 579.998890][ T5822] shmem 4096 [ 580.002237][ T5822] mapped_file 0 [ 580.005835][ T5822] dirty 0 [ 580.009451][ T5822] writeback 0 [ 580.012873][ T5822] workingset_refault_anon 9403 [ 580.017664][ T5822] workingset_refault_file 8756 [ 580.022556][ T5822] swap 27934720 [ 580.026050][ T5822] swapcached 249856 [ 580.029876][ T5822] pgpgin 390686 [ 580.033489][ T5822] pgpgout 414418 [ 580.037053][ T5822] pgfault 284845 [ 580.040732][ T5822] pgmajfault 4568 [ 580.044775][ T5822] inactive_anon 32768 [ 580.048767][ T5822] active_anon 221184 [ 580.052968][ T5822] inactive_file 0 [ 580.056625][ T5822] active_file 0 [ 580.072117][ T5822] unevictable 0 [ 580.075632][ T5822] hierarchical_memory_limit 3145728 [ 580.080949][ T5822] hierarchical_memsw_limit 9223372036854771712 [ 580.087133][ T5822] total_cache 4096 [ 580.091332][ T5822] total_rss 0 [ 580.095895][ T5822] total_rss_huge 0 [ 580.099616][ T5822] total_shmem 4096 [ 580.103421][ T5822] total_mapped_file 0 [ 580.107541][ T5822] total_dirty 0 [ 580.111664][ T5822] total_writeback 0 [ 580.115473][ T5822] total_workingset_refault_anon 9403 [ 580.120958][ T5822] total_workingset_refault_file 8756 [ 580.126341][ T5822] total_swap 27934720 [ 580.131096][ T5822] total_swapcached 249856 [ 580.135483][ T5822] total_pgpgin 390686 [ 580.139488][ T5822] total_pgpgout 414418 [ 580.143791][ T5822] total_pgfault 284845 [ 580.147881][ T5822] total_pgmajfault 4568 [ 580.152167][ T5822] total_inactive_anon 32768 [ 580.156695][ T5822] total_active_anon 221184 [ 580.161212][ T5822] total_inactive_file 0 [ 580.167321][ T5822] total_active_file 0 [ 580.173304][ T5822] total_unevictable 0 [ 580.177337][ T5822] anon_cost 21 [ 580.182807][ T5822] file_cost 0 [ 580.186318][ T5822] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1891,pid=14468,uid=0 [ 580.202223][ T5822] Memory cgroup out of memory: Killed process 14468 (syz.1.1891) total-vm:135228kB, anon-rss:1312kB, file-rss:22176kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000 [ 581.798260][T14721] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1948'. [ 584.423552][T14750] XFS: Clearing xfsstats [ 584.520081][T14750] futex_wake_op: syz.0.1956 tries to shift op by -2048; fix this program [ 584.567976][T14750] futex_wake_op: syz.0.1956 tries to shift op by -2048; fix this program [ 584.702236][T14750] 0x000000000001-0x000000020000 : "" [ 584.780323][T14750] ftl_cs: FTL header corrupt! [ 585.464169][T14750] ------------[ cut here ]------------ [ 585.470233][T14750] wbt_init(disk) [ 585.470260][T14750] WARNING: block/blk-wbt.c:741 at wbt_init_enable_default+0x53/0x60, CPU#1: syz.0.1956/14750 [ 585.484099][T14750] Modules linked in: [ 585.488572][T14750] CPU: 1 UID: 0 PID: 14750 Comm: syz.0.1956 Tainted: G U L syzkaller #0 PREEMPT(full) [ 585.499685][T14750] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 585.505083][T14750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 585.515378][T14750] RIP: 0010:wbt_init_enable_default+0x53/0x60 [ 585.521573][T14750] Code: fd 5b 5d c3 cc cc cc cc e8 7a d8 2e fd 48 89 ef e8 a2 fa ff ff 31 ff 89 c3 89 c6 e8 17 d3 2e fd 85 db 74 d8 e8 5e d8 2e fd 90 <0f> 0b 90 eb cd 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 [ 585.541460][T14750] RSP: 0018:ffffc90004b1f5a0 EFLAGS: 00010283 [ 585.547778][T14750] RAX: 000000000001fb1c RBX: 00000000fffffff4 RCX: ffffc9000e0bb000 [ 585.556175][T14750] RDX: 0000000000080000 RSI: ffffffff84d77262 RDI: ffff888029db8000 [ 585.564208][T14750] RBP: ffff88802b9d1000 R08: 0000000000000005 R09: 0000000000000000 [ 585.572268][T14750] R10: 00000000fffffff4 R11: ffffffff8b738149 R12: ffff88802970cc40 [ 585.580359][T14750] R13: ffff88802b9d1390 R14: ffff88802970cc50 R15: ffff88802b9d1090 [ 585.588426][T14750] FS: 00007fc79b1a36c0(0000) GS:ffff8881246e3000(0000) knlGS:0000000000000000 [ 585.597758][T14750] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 585.604697][T14750] CR2: 00007f37c77e8600 CR3: 000000003bbd4000 CR4: 00000000003526f0 [ 585.612805][T14750] Call Trace: [ 585.616094][T14750] [ 585.619026][T14750] blk_register_queue+0x39e/0x4e0 [ 585.624225][T14750] __add_disk+0x73f/0xe40 [ 585.628962][T14750] add_disk_fwnode+0x118/0x5c0 [ 585.634068][T14750] add_mtd_blktrans_dev+0xd0b/0x1520 [ 585.639424][T14750] ? __pfx_add_mtd_blktrans_dev+0x10/0x10 [ 585.645434][T14750] mtdblock_add_mtd+0x1cc/0x270 [ 585.650528][T14750] blktrans_notify_add+0xa2/0xf0 [ 585.655520][T14750] add_mtd_device+0xbe3/0x1750 [ 585.660411][T14750] ? __pfx_add_mtd_device+0x10/0x10 [ 585.665673][T14750] mtd_add_partition+0x30a/0x660 [ 585.670760][T14750] ? __pfx_mtd_add_partition+0x10/0x10 [ 585.676273][T14750] ? __might_fault+0xc5/0x140 [ 585.681067][T14750] ? __might_fault+0xc5/0x140 [ 585.685837][T14750] mtdchar_blkpg_ioctl+0x207/0x250 [ 585.691054][T14750] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 585.696759][T14750] mtdchar_ioctl+0x1670/0x1fd0 [ 585.701626][T14750] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 585.706782][T14750] ? lock_acquire+0x17c/0x330 [ 585.711562][T14750] ? __pfx___might_resched+0x10/0x10 [ 585.716906][T14750] ? trace_contention_end+0xd6/0x110 [ 585.722298][T14750] ? do_vfs_ioctl+0x226/0x13e0 [ 585.727352][T14750] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 585.732960][T14750] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 585.738061][T14750] ? __pfx___mutex_lock+0x10/0x10 [ 585.743167][T14750] ? hook_file_ioctl_common+0x146/0x410 [ 585.748744][T14750] ? __fget_files+0x21f/0x3d0 [ 585.753670][T14750] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 585.758958][T14750] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 585.764892][T14750] __x64_sys_ioctl+0x18e/0x210 [ 585.769754][T14750] do_syscall_64+0xc9/0xf80 [ 585.774404][T14750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.781080][T14750] RIP: 0033:0x7fc79a39aeb9 [ 585.785697][T14750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 585.805638][T14750] RSP: 002b:00007fc79b1a3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 585.814230][T14750] RAX: ffffffffffffffda RBX: 00007fc79a616180 RCX: 00007fc79a39aeb9 [ 585.822282][T14750] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000008 [ 585.830528][T14750] RBP: 00007fc79a408c1f R08: 0000000000000000 R09: 0000000000000000 [ 585.838514][T14750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 585.846797][T14750] R13: 00007fc79a616218 R14: 00007fc79a616180 R15: 00007ffe5b65e038 [ 585.854853][T14750] [ 585.857988][T14750] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 585.865271][T14750] CPU: 1 UID: 0 PID: 14750 Comm: syz.0.1956 Tainted: G U L syzkaller #0 PREEMPT(full) [ 585.877115][T14750] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 585.882302][T14750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 585.892448][T14750] Call Trace: [ 585.895738][T14750] [ 585.898689][T14750] dump_stack_lvl+0x100/0x190 [ 585.903402][T14750] vpanic+0x20d/0x630 [ 585.907389][T14750] panic+0xd1/0xd1 [ 585.911111][T14750] ? __pfx_panic+0x10/0x10 [ 585.915528][T14750] check_panic_on_warn.cold+0x19/0x34 [ 585.920918][T14750] ? wbt_init_enable_default+0x53/0x60 [ 585.926777][T14750] __warn.cold+0x191/0x2f8 [ 585.931414][T14750] __report_bug+0x296/0x3d0 [ 585.936018][T14750] ? wbt_init_enable_default+0x53/0x60 [ 585.941478][T14750] ? __pfx___report_bug+0x10/0x10 [ 585.946519][T14750] ? wbt_init_enable_default+0x53/0x60 [ 585.952114][T14750] report_bug+0xb2/0x220 [ 585.956348][T14750] ? wbt_init_enable_default+0x53/0x60 [ 585.961812][T14750] handle_bug+0x166/0x2a0 [ 585.966152][T14750] exc_invalid_op+0x17/0x50 [ 585.970667][T14750] asm_exc_invalid_op+0x1a/0x20 [ 585.975533][T14750] RIP: 0010:wbt_init_enable_default+0x53/0x60 [ 585.981625][T14750] Code: fd 5b 5d c3 cc cc cc cc e8 7a d8 2e fd 48 89 ef e8 a2 fa ff ff 31 ff 89 c3 89 c6 e8 17 d3 2e fd 85 db 74 d8 e8 5e d8 2e fd 90 <0f> 0b 90 eb cd 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 [ 586.001241][T14750] RSP: 0018:ffffc90004b1f5a0 EFLAGS: 00010283 [ 586.007496][T14750] RAX: 000000000001fb1c RBX: 00000000fffffff4 RCX: ffffc9000e0bb000 [ 586.015480][T14750] RDX: 0000000000080000 RSI: ffffffff84d77262 RDI: ffff888029db8000 [ 586.023541][T14750] RBP: ffff88802b9d1000 R08: 0000000000000005 R09: 0000000000000000 [ 586.031605][T14750] R10: 00000000fffffff4 R11: ffffffff8b738149 R12: ffff88802970cc40 [ 586.039778][T14750] R13: ffff88802b9d1390 R14: ffff88802970cc50 R15: ffff88802b9d1090 [ 586.047786][T14750] ? do_syscall_64+0xc9/0xf80 [ 586.052481][T14750] ? wbt_init_enable_default+0x52/0x60 [ 586.057955][T14750] blk_register_queue+0x39e/0x4e0 [ 586.063006][T14750] __add_disk+0x73f/0xe40 [ 586.067361][T14750] add_disk_fwnode+0x118/0x5c0 [ 586.072156][T14750] add_mtd_blktrans_dev+0xd0b/0x1520 [ 586.077475][T14750] ? __pfx_add_mtd_blktrans_dev+0x10/0x10 [ 586.083267][T14750] mtdblock_add_mtd+0x1cc/0x270 [ 586.088151][T14750] blktrans_notify_add+0xa2/0xf0 [ 586.093110][T14750] add_mtd_device+0xbe3/0x1750 [ 586.097904][T14750] ? __pfx_add_mtd_device+0x10/0x10 [ 586.103117][T14750] mtd_add_partition+0x30a/0x660 [ 586.108071][T14750] ? __pfx_mtd_add_partition+0x10/0x10 [ 586.113691][T14750] ? __might_fault+0xc5/0x140 [ 586.118408][T14750] ? __might_fault+0xc5/0x140 [ 586.123106][T14750] mtdchar_blkpg_ioctl+0x207/0x250 [ 586.128237][T14750] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 586.133894][T14750] mtdchar_ioctl+0x1670/0x1fd0 [ 586.138665][T14750] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 586.143783][T14750] ? lock_acquire+0x17c/0x330 [ 586.148474][T14750] ? __pfx___might_resched+0x10/0x10 [ 586.153772][T14750] ? trace_contention_end+0xd6/0x110 [ 586.159177][T14750] ? do_vfs_ioctl+0x226/0x13e0 [ 586.163942][T14750] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 586.169351][T14750] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 586.174402][T14750] ? __pfx___mutex_lock+0x10/0x10 [ 586.179429][T14750] ? hook_file_ioctl_common+0x146/0x410 [ 586.184983][T14750] ? __fget_files+0x21f/0x3d0 [ 586.189690][T14750] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 586.194899][T14750] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 586.200817][T14750] __x64_sys_ioctl+0x18e/0x210 [ 586.205610][T14750] do_syscall_64+0xc9/0xf80 [ 586.210149][T14750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.216082][T14750] RIP: 0033:0x7fc79a39aeb9 [ 586.220522][T14750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 586.240150][T14750] RSP: 002b:00007fc79b1a3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 586.248636][T14750] RAX: ffffffffffffffda RBX: 00007fc79a616180 RCX: 00007fc79a39aeb9 [ 586.256620][T14750] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000008 [ 586.264601][T14750] RBP: 00007fc79a408c1f R08: 0000000000000000 R09: 0000000000000000 [ 586.272588][T14750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 586.280617][T14750] R13: 00007fc79a616218 R14: 00007fc79a616180 R15: 00007ffe5b65e038 [ 586.288619][T14750] [ 586.292072][T14750] Kernel Offset: disabled [ 586.296516][T14750] Rebooting in 86400 seconds..