last executing test programs: 11m50.748492715s ago: executing program 3 (id=559): syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0xc050) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/netdevsim/netdevsim1/hwstats/l3/enable_ifindex\x00', 0x4001a2, 0x0) symlink$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000001f40)='/sys/kernel/tracing/tracing_cpumask\x00', 0x2002, 0x0) write$auto(r0, 0x0, 0xe) socket(0xa, 0x2, 0x73) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) set_mempolicy$auto(0x1, 0x0, 0x803) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) msync$auto(0x0, 0xe0, 0x6) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) mmap$auto(0x0, 0x8001, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0xc3) 11m42.474852998s ago: executing program 3 (id=568): r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_ADD_LINK_STA(r3, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000740)={0x30, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_HE_CAPABILITY={0x1a, 0x10d, "e2d1b2c3e0f4246df8a3901298f8aa701033e4ad8868"}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x40004) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r2, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_COLOR_CHANGE_COUNT={0x5, 0x12f, 0x6}, @NL80211_ATTR_HW_TIMESTAMP_ENABLED={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000040) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x6fc, 0x4dbb2, 0x0, 0x0, 0x4000c1a) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r4, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) r5 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D1p\x00', 0x800, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_TSTAMP(r5, 0x40044102, 0x0) 11m38.900318679s ago: executing program 3 (id=571): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0xffffffffffffffff, 0x1, 0x6, 0x0, 0xc089) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e22, @broadcast}, 0x55) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 11m37.631564004s ago: executing program 3 (id=574): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) write$auto_ecryptfs_miscdev_fops_miscdev(r1, &(0x7f00000001c0)="239cb836edc0", 0x6) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r2 = io_uring_setup$auto(0x1, 0x0) r3 = prctl$auto_PR_SET_MM_ARG_END(0x5, 0x9, 0xffffffffffffffff, 0x2, 0xc760) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE_OLD2(r3, 0xc1004110, &(0x7f0000000280)={0x4, [0xce, 0xfffffff7, 0xc1b8], [{0x6, 0xdd6, 0x0, 0x1, 0x1}, {0x4, 0x7aa, 0x0, 0x0, 0x0, 0x1}, {0x800, 0x1000, 0x1, 0x1, 0x1, 0x1}, {0x80, 0x3, 0x1, 0x1, 0x1, 0x1}, {0x1, 0x8, 0x1, 0x0, 0x1}, {0x8, 0x7, 0x1, 0x1, 0x0, 0x1}, {0x4f57, 0x2, 0x0, 0x0, 0x1}, {0x6, 0x5, 0x0, 0x1}, {0x8, 0x1, 0x0, 0x1, 0x1, 0x1}, {0x8, 0x80000001, 0x1}, {0x1085, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x0, 0xd1aa, 0x1, 0x1, 0x0, 0x1}], 0x6, 0x8, 0xa827218a, 0x5, 0xfffffffa, 0x5, 0x10a, "2330cd5a9eb83b344a22af7508bb3464a5c1cecd39bd08022266ddeb973d81b836a6cc712c12afaec0b19b08c68bd53b0c3f05447eed79c0bc937ae983e96122"}) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) write$auto(r0, &(0x7f0000000000)='/dev/loop6\x00', 0x6) write$auto_fops_init_pkru_pkeys(r2, &(0x7f0000000280), 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) write$auto_uhid_fops_uhid(r2, &(0x7f0000000200)="2f3016091ddb557ae3eb877a5bf641323246bfbc4bbf72896590af308a3091dc0f72eebbf5a444f88c2023f5108ec6a9f124524f1dd328eaa9a8c8f27f40795299", 0x41) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_register$auto_IORING_REGISTER_NAPI(r2, 0x1b, &(0x7f0000000080)="544bca095236ae0caf332a34378c9c28c173d9bf688b69291406a215", 0x2) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/neigh/team0/gc_stale_time\x00', 0x404800, 0x0) pread64$auto(r4, &(0x7f0000000180)=')\x00', 0x5, 0x68a000000000) 11m34.788081005s ago: executing program 3 (id=578): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r0) sendmsg$auto_NL802154_CMD_SET_MAX_ASSOCIATIONS(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0xe0, r1, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x8}, @NL802154_ATTR_SEC_OUT_KEY_ID={0xb3, 0x2b, 0x0, 0x1, [@generic="8df49982229261cc5b540f22cca3062b357cfa32bb6513983257c68997babfb4e14523f5d353bcb6a9d85f73fa39bafb100825d6a158ffd8f867f441204413788663e2c21cab5d9cb575239ea6ba5c11f2120baeed64495a1d92ccdcec31205c40c7855682d7db71baf91a3c6f0f9e19796fda05", @generic="ffff9db12693efa178b124a74b481b7cea1fff7398edee796a07b0131dedd37f376672355cf0c3f7336ddf54974be787742a6e90a11a6b465c659a"]}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x6}, @NL802154_ATTR_SEC_ENABLED={0x5}]}, 0xe0}, 0x1, 0x0, 0x0, 0x20000000}, 0x8005) r2 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x6a) listen$auto(0x3, 0x81) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x34000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) close_range$auto(0x2, 0x8000, 0x0) 11m33.296855594s ago: executing program 3 (id=582): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800000000000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0x4000e6e) openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0xc0, 0xe}, 0x18) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) mmap$auto(0x0, 0x400008, 0x201, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/msr/msr0/uevent\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/123, 0x7b) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r2 = fanotify_init$auto(0x1f53, 0x2000000000002) r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) unlink$auto(&(0x7f00000001c0)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2DW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xea\xa5\xff \xec\xe8\xca\xbf\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\v\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4N\xbb\xc2\xf8\x9c\xd0+t\x87r\x02\x05\xdb\xe4\xde\xed\x02\x00\x00\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00M\x83\xdb\xaf\xc4\xf23l\xae\xc5\x1d\xc4\xb0\x06\xd06\x1dX\x03\xe3\x9e\xd3\xd96\xcf\xd9\xa3\xcb\xd6B\xc3\x0f#\xd2\x1a\xf9L\xf5\x87My\xce\x19*\xde\x8d+#\x13\x15\xd3Y\x98\xe1\xc3@\x0e\x9c\xc2\xf8\b\xaf\x89\xe5\x00\x89-pWD\xb5&\xc9\x8e\x8d,\xb7}1\x84U\x18y\xa90\xf5\x80\x981U\x17\x14]\xc56j\xe7\x0e\xecBr\xa9]\"\xd36^m\x12\xb6\xbc\x80\xa4h{\xde\xcf\xf7d\x87rl\x11\xf7\x15\xcb~\xb9\x01\x0e\xd7O_\x91\xe1\xead\xee\xed]/p\xd6\xff\x17\xe4\aV\"I\xca\x90\xc7i\'\xa3R\x81\xf1}4\xbeU\x00\xa4\x1d\xea!Z\xd4|\xbe\x987\n!\x9b?\xb9l_\xd8$av\xfe%\xa2\xda\x82\x14\xc311;\xa4ob\x87\xdbY\xe2\x00') r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000000c0)) read$auto_deferred_devs_fops_(r2, &(0x7f00000007c0)=""/154, 0x9a) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0xfffffc96) 11m18.192967772s ago: executing program 32 (id=582): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800000000000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0x4000e6e) openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0xc0, 0xe}, 0x18) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) mmap$auto(0x0, 0x400008, 0x201, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/msr/msr0/uevent\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/123, 0x7b) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r2 = fanotify_init$auto(0x1f53, 0x2000000000002) r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) unlink$auto(&(0x7f00000001c0)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2DW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xea\xa5\xff \xec\xe8\xca\xbf\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\v\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4N\xbb\xc2\xf8\x9c\xd0+t\x87r\x02\x05\xdb\xe4\xde\xed\x02\x00\x00\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00M\x83\xdb\xaf\xc4\xf23l\xae\xc5\x1d\xc4\xb0\x06\xd06\x1dX\x03\xe3\x9e\xd3\xd96\xcf\xd9\xa3\xcb\xd6B\xc3\x0f#\xd2\x1a\xf9L\xf5\x87My\xce\x19*\xde\x8d+#\x13\x15\xd3Y\x98\xe1\xc3@\x0e\x9c\xc2\xf8\b\xaf\x89\xe5\x00\x89-pWD\xb5&\xc9\x8e\x8d,\xb7}1\x84U\x18y\xa90\xf5\x80\x981U\x17\x14]\xc56j\xe7\x0e\xecBr\xa9]\"\xd36^m\x12\xb6\xbc\x80\xa4h{\xde\xcf\xf7d\x87rl\x11\xf7\x15\xcb~\xb9\x01\x0e\xd7O_\x91\xe1\xead\xee\xed]/p\xd6\xff\x17\xe4\aV\"I\xca\x90\xc7i\'\xa3R\x81\xf1}4\xbeU\x00\xa4\x1d\xea!Z\xd4|\xbe\x987\n!\x9b?\xb9l_\xd8$av\xfe%\xa2\xda\x82\x14\xc311;\xa4ob\x87\xdbY\xe2\x00') r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000000c0)) read$auto_deferred_devs_fops_(r2, &(0x7f00000007c0)=""/154, 0x9a) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0xfffffc96) 17.092864324s ago: executing program 1 (id=1764): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x31}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto(0x3, 0x541b, 0x38) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) dup3$auto(0x8000000000000001, 0x5, 0x800080000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/bonding/arp_missed_max\x00', 0x63102, 0x0) sendfile$auto(r0, r0, 0x0, 0x2) recvmmsg$auto(0x3, 0x0, 0xc43e, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto(r1, 0x400c55cb, 0xffffffffffffffff) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) write$auto(0x3, 0x0, 0x6) write$auto(0x3, 0x0, 0xfffffdef) 14.417503618s ago: executing program 1 (id=1767): mmap$auto(0xffffffffffffffff, 0x2a, 0xdf, 0x9b73, 0x1000, 0x28000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) (async) socket(0x2, 0x2, 0x0) (async) removexattr$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='}\x00') bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) (async) socket(0x10, 0x3, 0xa) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x101400, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x6) r0 = openat$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffff9c, &(0x7f0000000880), 0x80c01, 0x0) ioctl$auto_FIONREAD(r0, 0x541b, 0x2) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x20000045}, 0x24000044) (async) ioctl$auto_SNDRV_PCM_IOCTL_TSTAMP(0xffffffffffffffff, 0x40044102, &(0x7f0000000200)=0x5) (async) write$auto(r1, &(0x7f0000000100)='\x00', 0xfffffffffffffffa) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/vhci_hcd.12/usb33/33-0:1.0/ep_81/type\x00', 0x1ca80, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x100000008, 0x2100000000, 0x0, 0x6, 0xfffffffe) madvise$auto(0x110c230000, 0x8031ca, 0x9) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/admmidi2\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x40000) (async) r3 = io_uring_setup$auto(0x6, 0x0) (async) setsockopt$auto(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x6) (async) capset$auto(0x0, &(0x7f0000000340)={0x1, 0x4, 0x5e}) (async) sendmmsg$auto(r2, &(0x7f0000000300)={{&(0x7f0000000000), 0x4, &(0x7f0000000100)={&(0x7f0000000200), 0x4}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x0, 0x100) renameat$auto(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r3, &(0x7f00000001c0)='./file0\x00') (async) bpf$auto(0x7fffffe, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3, 0x80, 0x8, 0x4, 0x1, 0x7, 0x8, 0x401, 0x1, 0xe2, 0x4, 0xd}, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 12.865062835s ago: executing program 1 (id=1768): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4bfa, 0x1) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r2 = fcntl$auto(r1, 0x400, 0x1) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRESOCT=r2, @ANYRESDEC=r0], 0x14}, 0x1, 0x0, 0x0, 0x20008850}, 0xc09c) close_range$auto(0x2, 0x8, 0x0) socket(0x3, 0x6, 0x2000073) socket(0x25, 0x4, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) acct$auto(&(0x7f0000000000)='/dev/tty\x00`Mx\x9d\xfa\xb3\x1f\xc6k\x01\x13\x9b\x15[\xf7\xaan\x1fOgo\xbb(\xcbx\x9bJ\x91*\xa5a\x02\xf3\x1b\x9d\xddy\xef\xee\xe4h\xd5\nH\x80\x8a\xd7Y\xb8\xcb\x90') socket(0x2, 0x1, 0x106) r4 = prctl$auto(0xffffffff, 0x1, 0x0, 0xcef, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r5, 0x0, 0x4) bind$auto(r5, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@ax25={0x3, @null, 0x5}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r6 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f00000001c0), 0x10d103, 0x0) recvmmsg$auto(r5, 0x0, 0x4, 0xfffff7fc, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ram4\x00', 0x102400, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="a001ee", @ANYRES32=r4, @ANYBLOB, @ANYRES16=r6, @ANYRESOCT=0x0], 0x1a0}, 0x1, 0x0, 0x0, 0x4040004}, 0x24048000) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000300), r3) sendmsg$auto_IPVS_CMD_DEL_DEST(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xffffffffffffff1e, &(0x7f0000000480)={&(0x7f0000000840)=ANY=[], 0x1120}, 0x1, 0x0, 0x0, 0xc000}, 0x24000000) mmap$auto(0xfffffffffffffffc, 0x8000000000400007, 0x8000040000000df, 0xf6, 0x2, 0x3) socket(0x18, 0x2, 0xfffffffc) socket$nl_generic(0x10, 0x3, 0x10) 12.676955886s ago: executing program 2 (id=1769): r0 = syz_clone(0x0, &(0x7f0000000000)="056eb7f5e7f2e77d09fe7a9c182e41d73cc941a90cbd7bc58a73494794ef38bd295529f35df0361306c3f6e14e9bb17e77dad450e3afc1cf01987858f3763fbf46dbfff8d71bd98d8068986f69143c84362d894d1be0182404e48b316cccc7207fd570b8983d2fa27753d4044476250a0151f24dc295bde03f5fb7f88a55bb5a", 0x80, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000180)="0357212ae82e1726b1e968dfc6f8d14dd6bbdbdf34b7b79370f78934ab78d2c07e4be78412e85998c7ffb5e38f4e993a729c1fc6614583022838864bceabfe325ee28f5294a9c14dc87fc73e73b75a529f8167940b46ee001cb9c5e70ae5ff36d75b3034b77a78") syz_clone3(&(0x7f00000003c0)={0x80008000, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)=0x0, {0x1}, &(0x7f00000002c0)=""/122, 0x7a, &(0x7f0000000340)=""/1, &(0x7f0000000380)=[0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x7}, 0x58) kcmp$auto_KCMP_IO(r0, r1, 0x5, 0x3, 0x400) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/nbd9/queue/iosched/read_expire\x00', 0x206a1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)='-7', 0x2) fcntl$auto_F_GET_SEALS(r2, 0x40a, 0x7fffffffffffffff) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 12.319215899s ago: executing program 4 (id=1770): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0x7ffd, r0, 0x7) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x2a) r1 = socket(0x2, 0x3, 0x2) setsockopt$auto(r1, 0x0, 0xd1, 0xfffffffffffffffc, 0x3) r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r2, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x0) ioctl$auto(r3, 0xaf01, 0xe) socket(0x2a, 0x2, 0x1) ioctl$auto(0x3, 0x10, 0xfffffffffffff4e0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x140, 0x0) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fchmod$auto(r5, 0xa) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r6) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0"], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) r8 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/loop4/hctx0/tags_bitmap\x00', 0x101800, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r8, &(0x7f00000001c0)=""/70, 0x46) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000000240)=ANY=[@ANYBLOB="08010000", @ANYRES16=r7, @ANYBLOB="080027bd7000fddbdf2569000000060065000900000006004f01090000001700130013c366f9244357d432f6e44cc4bf4e5878fe5d00080002002f247b0005006000080000000500a3000200000045001f00ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e90000005c007580ba6aeb15a3f761572ca4eb336e5dfaa39a4e112524144c26d5a6468d0f3a3919ee7a2bf863f683c121bc3b2170c49b100b274baaf7e35af6d0f2356f99129b14dfb3c040f557f81b08003800000400000800e600", @ANYRES32=r4, @ANYBLOB="05008a00080042000500f600071a0000000bc38e66a8950ee3ab259a4dffde2016f61a9d1a71fdd267b60e8be22f016b650bbcaa453fb002bcf118f0e96d4b6248efe1352050bde81bcec7d7d37591a1304ff17feb"], 0x108}, 0x1, 0x0, 0x0, 0x91}, 0x10) 12.049445337s ago: executing program 2 (id=1771): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r1, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) fanotify_init$auto(0x65, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)={0x274, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x15, 0x7, "f6ff64389b62872b26f97bc80d052696ab"}, @NL80211_ATTR_MESH_ID={0x22, 0x18, "3eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71"}, @NL80211_ATTR_SAR_SPEC={0x210, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0x12c, 0x2, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xa}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x48}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x10}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x401}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x200}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfffffffd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xffff1e6d}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x452}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7f}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}]}, {0x4}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xbb02}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xb19}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x20}]}]}, @NL80211_SAR_ATTR_SPECS={0xe0, 0x2, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x497819ce}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xc59b}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x18}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7ff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xc6000000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x20000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7fff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7fff}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}]}]}]}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x3}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x4}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}]}, 0x274}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00@\x00'/21, 0x100000002, 0x100000001) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) r3 = prctl$auto(0x42, 0x0, 0x0, 0x1, 0x0) ioctl$auto_BLKROSET(r3, 0x125d, 0x0) mmap$auto(0xfffffffffffffffc, 0x40009, 0xdf, 0x9b72, r2, 0xfffffffffffffc01) madvise$auto(0x6, 0x1, 0x7fffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) 11.512928343s ago: executing program 1 (id=1772): keyctl$auto_KEYCTL_PKEY_QUERY(0x18, 0x7ff, 0x8, 0x4, 0x80) r0 = bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4) write$auto_split_huge_pages_fops_huge_memory(r0, &(0x7f0000000080)="cba31d55a211b07be610c6a6fc32f2432fc451503ba0b35b722663164ca6037218465f5f9bfa2fd51cce3355bd7dc68c0f5f31e8190436c9c391759380bf2c45798eff51fb31ab0c00951d02d25f65b60869a1e8969a5d169125fa3a380452e3d4666389f8c3ea1015a6a127cfa5ccca65acbd71826e0e2300950877a1", 0x7d) close_range$auto(r1, r2, 0x6) r3 = socket(0x2, 0x1, 0x106) bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, 0x0, 0x54) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/pressure/memory\x00', 0xa2102, 0x0) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/dsp\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r5, 0x80045035, 0x0) pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88d\x11\x00\x00\x00\x00\x00\x02\x83\x02\xba\xae\xb8-\x14\xe4\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf6\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9\xc5\x93\x1dD\x811\xb9_\xdd*j\xfd\xeb\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;\x9e\x83\x120\x81\x11\x9a?g`sFh\x00\x00\xda,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xdex\xd8\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/228, 0xfdef, 0x2) write$auto(r4, 0x0, 0xa) 11.313843781s ago: executing program 0 (id=1773): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0) bpf$auto_BPF_PROG_DETACH(0x9, &(0x7f00000000c0)=@raw_tracepoint={0x9, r1, 0x0, 0x6}, 0xa) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) close_range$auto(0x2, 0xa, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r2, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') getcwd$auto(0x0, 0xffffffffffffffff) rename$auto(&(0x7f0000000280)='./file1\x00', 0x0) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') rename$auto(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00') 10.764523736s ago: executing program 1 (id=1774): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x1, 0x401) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x2200, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x242e40, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r2, 0x540a, 0x0) unshare$auto(0x40000080) open(&(0x7f00000000c0)='./file0\x00', 0x4020c0, 0x140) r3 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/statistics/dot11RTSSuccessCount\x00', 0x800, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r3, 0x0, 0x0) semctl$auto(0x201, 0x2, 0x13, 0x1) setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x5, 0x20000084) init_module$auto(0x0, 0xffff9, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) 9.976714024s ago: executing program 4 (id=1775): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x31}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto(0x3, 0x541b, 0x38) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) dup3$auto(0x8000000000000001, 0x5, 0x800080000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/bonding/arp_missed_max\x00', 0x63102, 0x0) sendfile$auto(r0, r0, 0x0, 0x2) recvmmsg$auto(0x3, 0x0, 0xc43e, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto(r1, 0x400c55cb, 0xffffffffffffffff) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) write$auto(0x3, 0x0, 0x6) write$auto(0x3, 0x0, 0xfffffdef) 8.569264209s ago: executing program 0 (id=1776): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x250800, 0x0) r1 = socket(0x23, 0x80805, 0x0) listen$auto(r1, 0x4) r2 = accept$auto(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r3 = socket(0x29, 0x2, 0x0) ioctl$auto_FBIOBLANK(r2, 0x4611, &(0x7f0000000300)="9175d2d838b6fde1bd904bd48d5e1bf573a7dde9306bfb5e717de3c7498efb722dbfdcce4bc0fb6cd63e60ff37a1dfeb5c526fe1be1a374320e378b8808cff8b2fdd9383058c23598de64b162c6ca499f55d94a478208a3b9d5347af9eaf") listen$auto(r0, 0xe3) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x10008, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0) openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000280), 0x80800, 0x0) ioctl$auto(r3, 0x89a3, 0x24) setsockopt$auto_SO_KEEPALIVE(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000040)='\x00', 0x3) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x2c, r5, 0x1, 0x70bd29, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@nested={0x8, 0xb, 0x0, 0x1, [@nested={0x4, 0x144}]}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) preadv2$auto(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000140)="d82ba7801966be64e564893251af3b760558a37ab797d39955fd4a34fbdd35574a055d673c0e"}, 0x6, 0x9, 0x3, 0x4) 8.204602702s ago: executing program 2 (id=1777): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto(r0, 0x5606, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x29, 0x2, 0x0, 0x2) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0) r4 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci1/rfkill6/power\x00', 0x0, 0x0) ioctl$auto_BTRFS_IOC_SUBVOL_CREATE_V2(r4, 0x50009418, &(0x7f00000001c0)={@raw=0x5, 0xfffffffffffffffa, 0x28fb, @btrfs_ioctl_vol_args_v2_3_0={0x7, &(0x7f0000000100)={0x100, 0x802, 0x7, 0x4, {0x80000005, 0xfffffffffffffff9, 0x2, 0xc426, 0x100000000}, [0x80000000, 0x10001, 0x5, 0xe, 0x80000000, 0x1d, 0xffd, 0x200, 0x3ff]}}, @name="dd8313067a09a0a3e78090f5a1d505fed78f39ce28eadf342d4b46bb22673e44b226dd97c0ca33c8c6a6b9b83fca4af1aabfe5d409f54d357b123571da30acd3984a2a60b59bc5752c4bdb9c4cbc89ae2c79cadc5ea55abfa8d70f170bc821c5c8361d32bcc9ef4f7335623210d1932f7a885ff3663e268e3efaa4299612599d67a4777c70f0545cfd771af8301581ba15251ce3af71e3bc8a3f7d1a3e739ced4683743eb5b5da83f468eb656502ce4841b1db55a3af7200cf1aee1459a66774afd4182c5a04a1de7db2cf6b8054eae319c3ba68a484f0dfb53d93043e3ed02d778ed8f77fb40085162405e94a19d0230d3afc5b2b5cb5c3fb02ca8c1b1c9098f05b9dc09a559b04a7e7c72ead36d3ec918c70b41aa44f5d698ed4505ff860c82a7bade9202cb56dcf3a81cf85f52289815b47d481685cdb0be64cdfb1c7f8bd35707e8eaa6e2d0473f03bea69ad0bf1e510643eee0ae7e3f61f4a067f1bc01793c8d8773d18967a3c0be82c10d972f2534fdf7196845d15bba3cb050c2b9777d0a9e2b1cff8e2145bb4077837abcc5a5d97fdb04b25112508fc9f1f693ea5b13d5b86a200b9f8316c0f4d5558ea82cc19f7615377234c533b991223f82b792ca8a4c3b5ca7f52fa4c1795f5435942cb36f178831a07f8687ebf6d568f55f5bba126eae243f5763e366ef00f50bd118cc4ba824b5f2fc6f6dfe1bf4f0843b2986f16ee44f69cc743b6c9c677d03374d0fec40efde944b80c4d43db3afb3e412297120e0e5a63cd55fdf1705e47469241d64c1fa158d86030e6cc4885f0d1f584f9afeb546976a4c0fdf67c422192397be2f14d2a6a9ce8296f37f8a30660b1e975f816de488faecf638715ecdb851a98a6cc9600621d4dc4c683c60b934f1e251930e79f3cc94d24bc745b0acf561c4136b67eeca61c2e5d269125e1a8e37e64a487f8b24b119b3d70e499ecdcf2edd12a0738e4475b78a0097c26581d79af4b02362a1d1d6773c0889dcb23f48b5bf3b5089829f3f00d91f4f0402c079df7a970ae6de8736e63f6df99b79d6b11100be1be099a5327b2007db3882e83edaa571039f8380139b3ba5ecb462452d78bf4494b6b91f4699c975da4de1f1e37a723a517f168018b2235bf1dae5c8ee6215ae5517ab2934a42829290f5af9c18740acfaf439e56585d7654ebb6939ec1f502bff50a17b01e399fc3c883975fb12a2ad67fb1e87f06a08f113766a5d9d94d4375e5ad318297ec175e38d774e53c4d441354b6b72d188a1dfe47534b01b6d89f806104680798a4590b08540dd2c71452b2b445285bd421a24e627b8e8fb4d5647508c5e6bd33f4925dbbea18089d0a809a037f76fdded6b5abf2a83732906c039ae2a8c0a27b7d2e6354a2d74e8b022c9d98b96722d6046845fc6878d8d3f755416d5eb90e85946bf27fb821dc11c34e6668600a534b591e0fca09e01906b9c44e728d705b4d8dee5371ee3e50cb0334990c0035104763e9aef39921796002de151d9b0b70faf3a1f52c733eb184a2c381d033bda8098878f0829f466daea539c451faa3cd1c4f3c57143bbed651596419ae3901b37862f069893f53cad38229eee57d9b2c3812eed3ec7161e41bfbe45583f407944fecea09cf961fbb777d249132f50e8f8d4870e947cc441df63bd14e6cb56ddfac59a24f874b759f0b42f643ffdeb0c443fe91da470582ef409d4a5c8ce70d766b02571973a7c69d2235b04d3003e1934aa29c3972fd3c8650b586338181e489ef9f39a3bf5f722e6bcd39e31b84608451342bf96bdd115c57389cdc3920a9caa9c3044f8c6c9414cae3ee569f4ca866cceb629a3623265ac851bcfa7890aad8ce0e158c1f94e2caabbfb83d3136f4261ed858d9ef20a1bf7109728c82060e7ad4f1d33aadcadf50c28f84818a6a87e45a09062b78b123331706b573bd8afbdc80d6ae089e398e966245a2b084402d6b5010bf9547a95d8a72f72741df4d7e274e6ed10b824800480675e136d0368752d7d27e7aff7e333730824cd3d4d04b66ec049c5c9fda6b0512f9fac65983668c194c1c6ad21eaa26ca351976f5e75eb665d30fc840ecdf5b3c8313300abd6aa562836190f0e78d02eb67480503e830f91d67a1e48cbdfef25eef36e738ea897d2d49aa42f7cd313942bd7fee2844df34a5f4838d75f96dc531bbada4a220dddcbe3c20bf3aa474311e4a7df1d5154a863c829754436d56b7c7cbeb9ea239322655fd726a2ff6e36eccd75d51f69859cb2a861e544267f975b6c64adfea3b14940e3fe353f2cea6f11310f6ece295bed33d7919d13559ca29eddb5528002de549696e2a1ff6dd895a9a96deafb1ba5074cf39beb32f6923bd8c500c45dcebbe791bef63fe7fc1fa85eac9f6b16a8dde90db4fc2011a46ebe1dd6a469ece789e68b6295cb0975eb1bc5e7712a8005a37dfee0ab5a6a925e97ea9f324fef3911397c953a6fc3aa2d1fa5721d896241252ba914d8d302610a305800ff87bfa1177be418e51e9b1d0dbf52d303da29da6ca35d7cf98328d6c6c3d7c38007fcdd909233236ceca93f7e8ad637c183a8cb09649df1655946700429667cf98aef5b6a89429d9bb09527ff4a66c4dff6d2086c222c58ea131c9a1254e3c06ba79d5561dab005680893253c350ad52a384009406be57128f70bf87e270d4026695398afb8abfa01450f55cb3927aaad6ceb8ab06b4587ffa49b3d9a7341953d410e6a5e06f4d2713aed4d02995c6ffdd8f4ceb65926aee2a10c85e11bc156e4b811bf172399ae27b3bb23e7903e792dd0328ca541e3e6431faea26f51302012897e82dc688efae9ffd5007b05c76d135044c72b862069b5f29443bebd7703857a8cdab64298c10c88caf5947d487cce3cd4c467863c2deebf1c31cd6eeee27f697260432e381f43a6b513893377395aff6662c906ef642ff0fb77252253176ad22f7f655f9cd40a6467bf4032dfeafd49b9626afc6fccbbd48c750715395a2353858a904f06b70d099fffadb670cbbf4e3bdb58bc29f83e3f5829f19f50b5bf745a4dd70c5fa78d2ca1434b900bb52f33bab8310370c56f457bd4b137a5e66497807ead15bb1cae929409647730c77a4caa940710bf66b7c5515cd45e05b11dfc7cb607f73d24e411ddf6e5025cc0c5b2d16dac5b0b2b4b4b0947c6767df3cbadd310e14be8d698328d773808faae1b1d95239a295c1ae61ce6773c43dad831611ef0aebd3526999dfea3fc0d5a067e9c236ac3c40794f11e3d29b3b243ecd6bb145eaae2e8d1f8f835075d9346601d0f6f25ee320ed379ae3913bb73d2b9794a2877ac35ac29d3e39b2886da9460a0dd1344ab0e6465a71cd561ff9833cf62bcfad0de4f1554eb46f18a2469e83d345d2de22dedbc004a25e056b3757a00d3bc2bcc6d8bef96e4d77ec6b4d7c71249584f53a2750db500c39cb56ca20cf5301e8f253183a10c85f46d6b2f17fc85dd369ffc90d96e953fcb3cb66e5847ac7f07921c6eb716276f4aea8d91df333ff95df5bd11fd78562be01a4c1df242733a194b711648450c604a90c480fe111b60a738837c26c3e88b337017fa89ae27ef1977e33a9efbcd45c369e90088b3c8a1362fd549c55c17c7a623efcfbd544ece805b4a9e5d722f58bc3214c9f22b71bd1947c9a09ed93bf1a79a94588db368e99b924b8e6d2cf8d34eaeb41972d0e609be0143fddc9f522c683749d5fdde29eb3da7d99743df70ee721279ef3805020c378162571a7cf4040788cee9034c6796b6bd6110660cffa6ff49699a3aaed5003a1ee4d35cf00f87e04e93f907ef21e468d7a4a33f4908297882ece84c9d0a4ef980ea21a1405ce10279748058722fd952c1303ba7907baecfbada6cef2406faaae2eac898af4456c774ec2ce294e2a4439bdcc961a50572cd2355ec29a771a6f4d17c84971da451dc2f520c26d475a2f125d5a93743628b1f3ce49f3b41186499ad7f03f9f5a392a7203e370649d1b52dec37cc76fa4039a5ad18e21c8e29f19ffdf795a988bd7a61f4088b47f5f72f903a29058965617e7f1ec29d532bce767ebf2c64da880305b9c5eb07f45b125728bea001230338f01b1c234730045cb60e987bad9ed8c08f1babd62c2324ebcd10962c454ffc65ec390ed6523f63697705dcab932f49769de002f4ed6ce4281f28a1cb2a7f76d3f31308d57e9d788fff07bd72b31794e024feda82752c1bffc739ca6f3946f63ba3d29c9dde7885b68d0744ef1df7a7daa19f267e5fd6eff7b316774076b82f842bd59e29b3e404ee4af3a74e41c726b5d91f729007e92ee790362a02f025a393a8cf474e7a08bca1bc42edb6bf07dc732db7c5ab4cd6d7b01006a60c361a1164ee7d34b21d6a36433fbadb0e3544dd162053e1bb0b349fc8434d01044fdab5e8f80b3674f69c5356ae5823b65fc971f094ee87194c3b7b1ae7fe61f9bb60a7ddd67f92c673cbbcfc4886fdf8756d4adaef13fadbd0ab7ec2dd115936d91fce317cc12075d857a4d20504da36cb2e7bee0d86cd676415a84cf509415b08c0181cb54c941c77ce52fde6107c9fa7c9d1a34c2a6ceec35cb763cda6e144b6828883624768c9ca8a3e1837489c1189a63b0a333ca185a12ae02c6d4a7855551ae75ec9eb08c0a90eabe021d1fb4a9d76b7b7647a698731a315f94712985a7d9adf502e5bfc6aec94f36dd111204ba4408284a61233d7a6ec2886047d73295e4f837b32e892228a60ddc26af2f17ea4d55e782c536951a4b25cea96cb87a47fea4a5fd353a9dde4b2a636bd14b985ab6d8f07c5176d32abdb120647c43dcced933c0d0fd1d326449d43dfa4857d65e3b1043a74f6add9dccd9d721a34ceca7f6fad84708c2cdcf86ed57052db18eed051cd38a370d9abbdde4ed4724f3defc0309fea5d2c495aba9fd41ecbb435b63580d32dc67b37ac00c2d0aa1694c07dc2ab02c1be584db41ec7a97d7256228ed39f53179f1e2d94fcef75fb38cd74e151761c27334202f3b51484572239e61b749e91853eccdfe63d9d26cb18c39d25ca144aaada7d4fe824aa331500f4955b72128b045f08ee71970894baa79b805982aa8c266732b012402ca2a58d495c8121061a251a6956f2096a5880d8d2436826c4698a4dca8d1d35b99097de3e19d96b9690137f55f3b1c7039a467cd717b9bb4f0137d70c65d73b588cce49358aecd4ba0669b4d57d1ffd1c5d63d64a91a37ff515f2b7a9b8cb340300cd3cf532f41f5c75ddd862473801882718bd63ef58c9863ac543d9f5d0481134fd2c96058da9322124d8e435959635aabc1d2dadf116dd6ea99d6941ab67cdbf2931049d45eb0d75e1e5a9342e6f8d9a868ecb9cfb9ea1d0dfe8cf8405ec91c18b0012f4301fdd5429ae00b977095d5189607394eedb9cab56d1d2e957a4808b1ceb956334ef9bb796d5375c1334dc0df0bbe2495bee0aa5ed5bc7c2a8fbc510cbf343bd0a0fcda4bf6308b8513d20591ff005aea1ac0854e400132a0ff0b55a8a52d42ce0eeee8bddf4b751bec04bb2e7ba768897644ae6be7f6bc0d056ba717b579d22cbfa4dc3a74a1ad40cc363ee813bbc6ee93c583549425707f780dadeb866c7c93688de6d425610fb6d7d90fd9798b499a2de59bc592182302beab7cee42d66f98ac6489dffeca11c91ab6a177cc16a52f310e53f3106ac0a8a22da154f418a8381a21b07d3a04"}) ioctl$auto_FIOCLEX(r3, 0x5451, 0x4) r5 = open(&(0x7f0000000540)='./file0\x00', 0x641c0, 0xae) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x2) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/net/bond0/bonding/mii_status\x00', 0x80000, 0x0) setfsuid$auto(0xee00) fchown$auto(r8, 0x0, 0xee01) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r7, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0x10) r9 = socket(0xa, 0x2, 0x88) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r9, 0x0, 0x3}, 0xc) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) 5.439320205s ago: executing program 4 (id=1778): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) statmount$auto(0x0, 0x0, 0x202, 0x81) setfsuid$auto(0xee00) sysfs$auto(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r2, 0x0, 0x400000000006) mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0) 5.361285912s ago: executing program 0 (id=1779): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) r0 = socket(0x15, 0x5, 0x0) getsockopt$auto(r0, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) mbind$auto(0x10000000000000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x20499d, 0x9) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80400, 0x0) close_range$auto(0x2, r2, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/ext4/sda1/err_ratelimit_burst\x00', 0x103841, 0x0) write$auto(r3, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x7}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) r5 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, 0x0, 0x42000, 0x0) read$auto_proc_pid_smaps_operations_internal(r5, &(0x7f00000002c0)=""/190, 0xfffffe39) write$auto(r1, 0x0, 0x8) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_NEW(r6, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x14, r7, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040010}, 0x800) read$auto(0x3, 0x0, 0x7fffffff) 4.971925758s ago: executing program 1 (id=1780): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00'}) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_normal\x00', 0x10b142, 0x0) write$auto(0x3, 0x0, 0x5c8) r3 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x300, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000980), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r4, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a40)={0x14, r5, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}}, 0x40000) read$auto_tracing_entries_fops_trace(r3, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) mq_timedreceive$auto(r2, 0x0, 0x10000000000000, 0x0, 0x0) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x14, r1, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}}, 0x810) 4.707117023s ago: executing program 2 (id=1781): mmap$auto(0x0, 0x5, 0x3, 0x17, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) ioprio_set$auto(0x2, 0x800000000, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x24, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x80) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {0x1, 0x0, 0xfeff}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) 3.913219152s ago: executing program 4 (id=1782): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0) bpf$auto_BPF_PROG_DETACH(0x9, &(0x7f00000000c0)=@raw_tracepoint={0x9, r1, 0x0, 0x6}, 0xa) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40001, 0x0) fallocate$auto(0xffffffffffffffff, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') getcwd$auto(0x0, 0xffffffffffffffff) rename$auto(&(0x7f0000000280)='./file1\x00', 0x0) sysfs$auto(0x2, 0x10, 0x0) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') 3.900712838s ago: executing program 2 (id=1783): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0x7ffd, r0, 0x7) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x2a) r1 = socket(0x2, 0x3, 0x2) setsockopt$auto(r1, 0x0, 0xd1, 0xfffffffffffffffc, 0x3) r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r2, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x0) ioctl$auto(r3, 0xaf01, 0xe) socket(0x2a, 0x2, 0x1) ioctl$auto(0x3, 0x10, 0xfffffffffffff4e0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x140, 0x0) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fchmod$auto(r4, 0xa) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r5) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) 2.966915517s ago: executing program 4 (id=1784): syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TCP_METRICS_CMD_GET(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000040)={0x14, r1, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfd3f9}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000040)={0x14, r1, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfd3f9}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) ioctl$auto(r4, 0x400454d0, 0x6f) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/error_log\x00', 0x40280, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/dynamic_events\x00', 0x181, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000680)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82902, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0c/sub4/info\x00', 0x0, 0x0) getsockopt$auto_SO_TIMESTAMPNS_OLD(r5, 0x2000, 0x23, &(0x7f0000000180)='\x00', &(0x7f0000000080)=0xc) 2.698844964s ago: executing program 0 (id=1785): r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) ioctl$auto_RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000040)={0x6, 0x8, 0x8, 0x1c00000, 0xffff3e7b, 0x6, 0xb, 0x5, 0x4500}) 2.407883469s ago: executing program 0 (id=1786): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x31}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto(0x3, 0x541b, 0x38) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) dup3$auto(0x8000000000000001, 0x5, 0x800080000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/bonding/arp_missed_max\x00', 0x63102, 0x0) sendfile$auto(r0, r0, 0x0, 0x2) recvmmsg$auto(0x3, 0x0, 0xc43e, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto(r1, 0x400c55cb, 0xffffffffffffffff) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) write$auto(0x3, 0x0, 0x6) write$auto(0x3, 0x0, 0xfffffdef) 625.152159ms ago: executing program 0 (id=1787): write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x74f603, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020018, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x1, 0x202000a, 0xfffffffc, 0xdc, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x100101, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0xa, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0xb, 0x80000, 0x400000ff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) madvise$auto(0x0, 0x200007, 0x19) 434.463058ms ago: executing program 4 (id=1788): syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0xc050) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/netdevsim/netdevsim1/hwstats/l3/enable_ifindex\x00', 0x4001a2, 0x0) symlink$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000001f40)='/sys/kernel/tracing/tracing_cpumask\x00', 0x2002, 0x0) write$auto(r0, 0x0, 0xe) r1 = socket(0xa, 0x2, 0x73) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) set_mempolicy$auto(0x1, 0x0, 0x803) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) msync$auto(0x0, 0xe0, 0x6) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) mmap$auto(0x0, 0x8001, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0xc3) getsockopt$auto_SO_PRIORITY(r1, 0x7, 0xc, &(0x7f0000000000)='nl80211\x00', &(0x7f0000000100)=0x2) 0s ago: executing program 2 (id=1789): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) uname$auto(0x0) setsockopt$auto(0x3, 0x10000000084, 0x84, 0x0, 0x90) shutdown$auto(0x200000003, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) r1 = io_uring_setup$auto(0x56, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x2, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0xc, 0x29f, 0x3, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}}) io_uring_enter$auto(r1, 0x9, 0x820e, 0x6, 0x0, 0x18) ioctl$auto_EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x0, r0, 0x2, 0x2, 0x1, 0x2}) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0xfffffffffffffffd, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) getsockopt$auto_SO_RCVMARK(r2, 0x0, 0x4b, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r3, 0x0, 0x800007, 0x9) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fb4a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f00", 0xa}) ioctl$auto_UI_DEV_CREATE(r4, 0x5501, 0x0) writev$auto(r4, &(0x7f0000000340)={0x0, 0x500000}, 0x9) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) kernel console output (not intermixed with test programs): 0 [ 630.537512][T10661] handle_mm_fault+0x36d/0xa20 [ 630.537550][T10661] __get_user_pages+0xf9c/0x34d0 [ 630.537587][T10661] ? __pfx___get_user_pages+0x10/0x10 [ 630.537622][T10661] populate_vma_page_range+0x267/0x3f0 [ 630.537653][T10661] ? __pfx_populate_vma_page_range+0x10/0x10 [ 630.537681][T10661] ? __pfx_find_vma_intersection+0x10/0x10 [ 630.537708][T10661] ? do_mmap+0x93f/0x12f0 [ 630.537736][T10661] __mm_populate+0x107/0x3a0 [ 630.537765][T10661] ? __pfx___mm_populate+0x10/0x10 [ 630.537796][T10661] ? up_write+0x290/0x4f0 [ 630.537833][T10661] vm_mmap_pgoff+0x37f/0x470 [ 630.537862][T10661] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 630.537892][T10661] ? __fget_files+0x215/0x3d0 [ 630.537916][T10661] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 630.537962][T10661] ksys_mmap_pgoff+0xe1/0x650 [ 630.537990][T10661] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 630.538013][T10661] ? fput+0x79/0x100 [ 630.538039][T10661] ? ksys_write+0x1ac/0x250 [ 630.538060][T10661] ? __pfx_ksys_write+0x10/0x10 [ 630.538085][T10661] __x64_sys_mmap+0x125/0x190 [ 630.538123][T10661] do_syscall_64+0x106/0xf80 [ 630.538156][T10661] ? clear_bhb_loop+0x40/0x90 [ 630.538184][T10661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 630.538209][T10661] RIP: 0033:0x7f1743f9c799 [ 630.538227][T10661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 630.538250][T10661] RSP: 002b:00007f1744ead028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 630.538271][T10661] RAX: ffffffffffffffda RBX: 00007f1744215fa0 RCX: 00007f1743f9c799 [ 630.538287][T10661] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 630.538301][T10661] RBP: 00007f1744ead090 R08: 0000000000000002 R09: 0000000000008000 [ 630.538315][T10661] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001 [ 630.538329][T10661] R13: 00007f1744216038 R14: 00007f1744215fa0 R15: 00007ffeec26b638 [ 630.538358][T10661] [ 634.703610][T10689] zram: Cannot change disksize for initialized device [ 634.820888][T10682] Invalid ELF header magic: != ELF [ 637.045658][T10702] zram: Cannot change disksize for initialized device [ 637.180475][ T8755] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 637.180508][ T8755] Bluetooth: hci0: unexpected subevent 0x06 length: 725 > 10 [ 639.028440][ T8755] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 639.028472][ T8755] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15 [ 639.043489][ T8755] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 639.248066][ T8755] Bluetooth: hci0: command 0x0c1a tx timeout [ 641.344728][T10764] hub 1-0:1.0: USB hub found [ 641.425680][T10764] hub 1-0:1.0: 1 port detected [ 641.889612][T10769] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 643.513382][T10789] FAULT_INJECTION: forcing a failure. [ 643.513382][T10789] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 643.607353][T10789] CPU: 0 UID: 0 PID: 10789 Comm: syz.4.1024 Tainted: G L syzkaller #0 PREEMPT(full) [ 643.607393][T10789] Tainted: [L]=SOFTLOCKUP [ 643.607402][T10789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 643.607418][T10789] Call Trace: [ 643.607427][T10789] [ 643.607436][T10789] dump_stack_lvl+0x100/0x190 [ 643.607478][T10789] should_fail_ex.cold+0x5/0xa [ 643.607502][T10789] ? prepare_alloc_pages+0x16d/0x5f0 [ 643.607534][T10789] should_fail_alloc_page+0xeb/0x140 [ 643.607563][T10789] prepare_alloc_pages+0x1f0/0x5f0 [ 643.607596][T10789] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 643.607642][T10789] ? __pfx_css_rstat_updated+0x10/0x10 [ 643.607673][T10789] ? set_next_entity+0x11e/0x9c0 [ 643.607711][T10789] ? rcu_is_watching+0x12/0xc0 [ 643.607750][T10789] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 643.607795][T10789] ? lru_gen_add_folio+0x20f/0x13e0 [ 643.607844][T10789] ? lock_acquire+0x1cf/0x380 [ 643.607876][T10789] ? find_held_lock+0x2b/0x80 [ 643.607898][T10789] ? page_table_check_set+0x49a/0xa10 [ 643.607922][T10789] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 643.607966][T10789] ? policy_nodemask+0xed/0x4f0 [ 643.607995][T10789] alloc_pages_mpol+0x1fb/0x550 [ 643.608032][T10789] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 643.608066][T10789] folio_alloc_mpol_noprof+0x36/0x340 [ 643.608100][T10789] vma_alloc_folio_noprof+0xed/0x1d0 [ 643.608131][T10789] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 643.608172][T10789] do_anonymous_page+0xb3a/0x1fb0 [ 643.608216][T10789] __handle_mm_fault+0x1d42/0x2b60 [ 643.608259][T10789] ? __pfx___handle_mm_fault+0x10/0x10 [ 643.608294][T10789] ? pte_offset_map_lock+0x174/0x320 [ 643.608320][T10789] ? find_held_lock+0x2b/0x80 [ 643.608351][T10789] ? follow_page_pte+0x5b3/0x1400 [ 643.608385][T10789] handle_mm_fault+0x36d/0xa20 [ 643.608424][T10789] __get_user_pages+0xf9c/0x34d0 [ 643.608463][T10789] ? __pfx___get_user_pages+0x10/0x10 [ 643.608499][T10789] populate_vma_page_range+0x267/0x3f0 [ 643.608531][T10789] ? __pfx_populate_vma_page_range+0x10/0x10 [ 643.608561][T10789] ? __pfx_find_vma_intersection+0x10/0x10 [ 643.608589][T10789] ? do_mmap+0x93f/0x12f0 [ 643.608619][T10789] __mm_populate+0x107/0x3a0 [ 643.608649][T10789] ? __pfx___mm_populate+0x10/0x10 [ 643.608681][T10789] ? up_write+0x290/0x4f0 [ 643.608719][T10789] vm_mmap_pgoff+0x37f/0x470 [ 643.608751][T10789] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 643.608781][T10789] ? do_futex+0x192/0x350 [ 643.608814][T10789] ? __pfx_do_futex+0x10/0x10 [ 643.608844][T10789] ? __pfx_do_sys_openat2+0x10/0x10 [ 643.608882][T10789] ksys_mmap_pgoff+0xe1/0x650 [ 643.608908][T10789] ? __x64_sys_futex+0x34f/0x4d0 [ 643.608939][T10789] ? __x64_sys_futex+0x358/0x4d0 [ 643.608972][T10789] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 643.609000][T10789] ? xfd_validate_state+0x129/0x190 [ 643.609046][T10789] __x64_sys_mmap+0x125/0x190 [ 643.609085][T10789] do_syscall_64+0x106/0xf80 [ 643.609119][T10789] ? clear_bhb_loop+0x40/0x90 [ 643.609148][T10789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.609173][T10789] RIP: 0033:0x7f806ab9c799 [ 643.609193][T10789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 643.609216][T10789] RSP: 002b:00007f806bad3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 643.609239][T10789] RAX: ffffffffffffffda RBX: 00007f806ae15fa0 RCX: 00007f806ab9c799 [ 643.609255][T10789] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 643.609269][T10789] RBP: 00007f806ac32c99 R08: 0000000000000002 R09: 0000000000008000 [ 643.609284][T10789] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 643.609298][T10789] R13: 00007f806ae16038 R14: 00007f806ae15fa0 R15: 00007fffafea4258 [ 643.609329][T10789] [ 644.577492][T10790] Invalid ELF header magic: != ELF [ 645.009010][T10806] FAULT_INJECTION: forcing a failure. [ 645.009010][T10806] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 645.120208][T10806] CPU: 0 UID: 0 PID: 10806 Comm: syz.0.1028 Tainted: G L syzkaller #0 PREEMPT(full) [ 645.120246][T10806] Tainted: [L]=SOFTLOCKUP [ 645.120255][T10806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 645.120268][T10806] Call Trace: [ 645.120276][T10806] [ 645.120284][T10806] dump_stack_lvl+0x100/0x190 [ 645.120325][T10806] should_fail_ex.cold+0x5/0xa [ 645.120352][T10806] _copy_from_user+0x2e/0xd0 [ 645.120380][T10806] snd_seq_oss_write+0x395/0x7f0 [ 645.120416][T10806] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 645.120449][T10806] ? apparmor_file_permission+0x13f/0x1c0 [ 645.120477][T10806] ? bpf_lsm_file_permission+0x9/0x10 [ 645.120519][T10806] odev_write+0x51/0xa0 [ 645.120542][T10806] vfs_write+0x2aa/0x1070 [ 645.120565][T10806] ? __pfx_odev_write+0x10/0x10 [ 645.120589][T10806] ? __pfx_vfs_write+0x10/0x10 [ 645.120625][T10806] ? find_held_lock+0x2b/0x80 [ 645.120647][T10806] ? __fget_files+0x215/0x3d0 [ 645.120669][T10806] ? __fget_files+0x215/0x3d0 [ 645.120695][T10806] ? __fget_files+0x21f/0x3d0 [ 645.120724][T10806] ksys_write+0x12a/0x250 [ 645.120746][T10806] ? __pfx_ksys_write+0x10/0x10 [ 645.120775][T10806] do_syscall_64+0x106/0xf80 [ 645.120807][T10806] ? clear_bhb_loop+0x40/0x90 [ 645.120836][T10806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.120860][T10806] RIP: 0033:0x7f046099c799 [ 645.120878][T10806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 645.120901][T10806] RSP: 002b:00007f0461860028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 645.120930][T10806] RAX: ffffffffffffffda RBX: 00007f0460c15fa0 RCX: 00007f046099c799 [ 645.120946][T10806] RDX: 00000000000002f8 RSI: 0000200000000040 RDI: 0000000000000002 [ 645.120960][T10806] RBP: 00007f0461860090 R08: 0000000000000000 R09: 0000000000000000 [ 645.120974][T10806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 645.120987][T10806] R13: 00007f0460c16038 R14: 00007f0460c15fa0 R15: 00007ffe6c363808 [ 645.121017][T10806] [ 646.006277][T10810] hub 1-0:1.0: USB hub found [ 646.060737][T10810] hub 1-0:1.0: 1 port detected [ 646.291553][T10815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1037'. [ 646.417456][T10816] netlink: 'syz.0.1037': attribute type 1 has an invalid length. [ 646.665553][T10816] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1037'. [ 651.941174][T10870] FAULT_INJECTION: forcing a failure. [ 651.941174][T10870] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 652.159972][T10870] CPU: 0 UID: 0 PID: 10870 Comm: syz.4.1039 Tainted: G L syzkaller #0 PREEMPT(full) [ 652.160012][T10870] Tainted: [L]=SOFTLOCKUP [ 652.160026][T10870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 652.160042][T10870] Call Trace: [ 652.160050][T10870] [ 652.160060][T10870] dump_stack_lvl+0x100/0x190 [ 652.160102][T10870] should_fail_ex.cold+0x5/0xa [ 652.160125][T10870] ? prepare_alloc_pages+0x16d/0x5f0 [ 652.160157][T10870] should_fail_alloc_page+0xeb/0x140 [ 652.160185][T10870] prepare_alloc_pages+0x1f0/0x5f0 [ 652.160218][T10870] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 652.160259][T10870] ? stack_trace_save+0x8e/0xc0 [ 652.160283][T10870] ? __pfx_stack_trace_save+0x10/0x10 [ 652.160308][T10870] ? stack_depot_save_flags+0x27/0x9d0 [ 652.160345][T10870] ? kasan_save_stack+0x3f/0x50 [ 652.160383][T10870] ? kasan_save_stack+0x30/0x50 [ 652.160420][T10870] ? kasan_save_track+0x14/0x30 [ 652.160459][T10870] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 652.160498][T10870] ? __handle_mm_fault+0xa99/0x2b60 [ 652.160531][T10870] ? handle_mm_fault+0x36d/0xa20 [ 652.160562][T10870] ? do_user_addr_fault+0x74c/0x12f0 [ 652.160603][T10870] ? asm_exc_page_fault+0x26/0x30 [ 652.160627][T10870] ? strndup_user+0x27/0xe0 [ 652.160648][T10870] ? __x64_sys_fsopen+0x9e/0x220 [ 652.160679][T10870] ? do_syscall_64+0x106/0xf80 [ 652.160713][T10870] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.160753][T10870] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 652.160797][T10870] ? policy_nodemask+0xed/0x4f0 [ 652.160825][T10870] alloc_pages_mpol+0x1fb/0x550 [ 652.160853][T10870] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 652.160887][T10870] alloc_pages_noprof+0x131/0x390 [ 652.160915][T10870] pte_alloc_one+0x1c/0x3d0 [ 652.160942][T10870] do_fault+0x88e/0x1990 [ 652.160974][T10870] ? __pmd_alloc+0x3fb/0x950 [ 652.161005][T10870] __handle_mm_fault+0x180f/0x2b60 [ 652.161048][T10870] ? mt_find+0x45e/0x8e0 [ 652.161088][T10870] ? __pfx___handle_mm_fault+0x10/0x10 [ 652.161121][T10870] ? __pfx_mt_find+0x10/0x10 [ 652.161175][T10870] ? find_vma+0xbf/0x140 [ 652.161198][T10870] ? __pfx_find_vma+0x10/0x10 [ 652.161225][T10870] handle_mm_fault+0x36d/0xa20 [ 652.161265][T10870] do_user_addr_fault+0x74c/0x12f0 [ 652.161315][T10870] exc_page_fault+0x6f/0xd0 [ 652.161350][T10870] asm_exc_page_fault+0x26/0x30 [ 652.161375][T10870] RIP: 0010:strnlen_user+0x55/0x190 [ 652.161401][T10870] Code: fc 4d 85 ff 0f 8e 49 01 00 00 e8 66 ce df fc 48 b8 00 f0 ff ff ff 7f 00 00 48 39 c3 48 0f 47 d8 0f 01 cb 49 89 dd 49 83 e5 f8 <4d> 8b 75 00 e8 42 ce df fc 48 8b 4c 24 10 83 e3 07 b8 01 00 00 00 [ 652.161427][T10870] RSP: 0018:ffffc90003917e60 EFLAGS: 00050246 [ 652.161446][T10870] RAX: 00007ffffffff000 RBX: 0000000000000000 RCX: ffffc9001a1cc000 [ 652.161463][T10870] RDX: 0000000000080000 RSI: ffffffff852849fa RDI: ffff888026a8db80 [ 652.161479][T10870] RBP: 0000000000001000 R08: 0000000000000007 R09: 0000000000000000 [ 652.161494][T10870] R10: 0000000000001000 R11: 0000000000000000 R12: fffffffffffffff2 [ 652.161510][T10870] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000001000 [ 652.161534][T10870] ? strnlen_user+0x3a/0x190 [ 652.161569][T10870] strndup_user+0x27/0xe0 [ 652.161593][T10870] __x64_sys_fsopen+0x9e/0x220 [ 652.161627][T10870] do_syscall_64+0x106/0xf80 [ 652.161661][T10870] ? clear_bhb_loop+0x40/0x90 [ 652.161691][T10870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.161716][T10870] RIP: 0033:0x7f806ab9c799 [ 652.161736][T10870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 652.161760][T10870] RSP: 002b:00007f806bab2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 652.161782][T10870] RAX: ffffffffffffffda RBX: 00007f806ae16090 RCX: 00007f806ab9c799 [ 652.161798][T10870] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 652.161813][T10870] RBP: 00007f806ac32c99 R08: 0000000000000000 R09: 0000000000000000 [ 652.161828][T10870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.161843][T10870] R13: 00007f806ae16128 R14: 00007f806ae16090 R15: 00007fffafea4258 [ 652.161874][T10870] [ 652.945437][T10869] kexec: Could not allocate control_code_buffer [ 653.829035][T10883] zram0: detected capacity change from 16 to 0 [ 654.510842][T10891] FAULT_INJECTION: forcing a failure. [ 654.510842][T10891] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 654.679898][T10891] CPU: 0 UID: 0 PID: 10891 Comm: syz.4.1043 Tainted: G L syzkaller #0 PREEMPT(full) [ 654.679939][T10891] Tainted: [L]=SOFTLOCKUP [ 654.679949][T10891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 654.679964][T10891] Call Trace: [ 654.679972][T10891] [ 654.679982][T10891] dump_stack_lvl+0x100/0x190 [ 654.680024][T10891] should_fail_ex.cold+0x5/0xa [ 654.680052][T10891] _copy_from_user+0x2e/0xd0 [ 654.680081][T10891] memdup_user+0x6b/0xe0 [ 654.680105][T10891] strndup_user+0x78/0xe0 [ 654.680128][T10891] __x64_sys_fsopen+0x9e/0x220 [ 654.680163][T10891] do_syscall_64+0x106/0xf80 [ 654.680197][T10891] ? clear_bhb_loop+0x40/0x90 [ 654.680234][T10891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.680261][T10891] RIP: 0033:0x7f806ab9c799 [ 654.680280][T10891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 654.680305][T10891] RSP: 002b:00007f806bab2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 654.680329][T10891] RAX: ffffffffffffffda RBX: 00007f806ae16090 RCX: 00007f806ab9c799 [ 654.680345][T10891] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 654.680360][T10891] RBP: 00007f806ac32c99 R08: 0000000000000000 R09: 0000000000000000 [ 654.680375][T10891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 654.680390][T10891] R13: 00007f806ae16128 R14: 00007f806ae16090 R15: 00007fffafea4258 [ 654.680420][T10891] [ 656.515986][T10899] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1045'. [ 656.718400][T10902] futex_wake_op: syz.0.1046 tries to shift op by -2048; fix this program [ 656.888448][T10903] 0x000000000001-0x000000020000 : "" [ 657.176329][T10903] ftl_cs: FTL header corrupt! [ 658.909075][T10927] FAULT_INJECTION: forcing a failure. [ 658.909075][T10927] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 659.303136][T10927] CPU: 0 UID: 0 PID: 10927 Comm: syz.0.1050 Tainted: G L syzkaller #0 PREEMPT(full) [ 659.303177][T10927] Tainted: [L]=SOFTLOCKUP [ 659.303186][T10927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 659.303201][T10927] Call Trace: [ 659.303209][T10927] [ 659.303220][T10927] dump_stack_lvl+0x100/0x190 [ 659.303263][T10927] should_fail_ex.cold+0x5/0xa [ 659.303287][T10927] ? prepare_alloc_pages+0x16d/0x5f0 [ 659.303319][T10927] should_fail_alloc_page+0xeb/0x140 [ 659.303347][T10927] prepare_alloc_pages+0x1f0/0x5f0 [ 659.303376][T10927] ? set_next_entity+0x11e/0x9c0 [ 659.303411][T10927] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 659.303454][T10927] ? __lock_acquire+0x4a5/0x2630 [ 659.303485][T10927] ? update_cfs_rq_load_avg+0x51/0x550 [ 659.303523][T10927] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 659.303562][T10927] ? find_held_lock+0x2b/0x80 [ 659.303585][T10927] ? finish_task_switch.isra.0+0x200/0xb80 [ 659.303612][T10927] ? finish_task_switch.isra.0+0x200/0xb80 [ 659.303640][T10927] ? rcu_is_watching+0x12/0xc0 [ 659.303679][T10927] ? finish_task_switch.isra.0+0x205/0xb80 [ 659.303709][T10927] ? rcu_is_watching+0x12/0xc0 [ 659.303748][T10927] ? trace_sched_exit_tp+0x13a/0x180 [ 659.303777][T10927] ? __schedule+0x1000/0x6120 [ 659.303809][T10927] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 659.303853][T10927] ? policy_nodemask+0xed/0x4f0 [ 659.303881][T10927] alloc_pages_mpol+0x1fb/0x550 [ 659.303909][T10927] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 659.303952][T10927] alloc_pages_noprof+0x131/0x390 [ 659.303980][T10927] __pmd_alloc+0x3b/0x950 [ 659.304012][T10927] __handle_mm_fault+0xa99/0x2b60 [ 659.304051][T10927] ? mt_find+0x45e/0x8e0 [ 659.304090][T10927] ? __pfx___handle_mm_fault+0x10/0x10 [ 659.304123][T10927] ? __pfx_mt_find+0x10/0x10 [ 659.304180][T10927] ? find_vma+0xbf/0x140 [ 659.304203][T10927] ? __pfx_find_vma+0x10/0x10 [ 659.304229][T10927] handle_mm_fault+0x36d/0xa20 [ 659.304269][T10927] do_user_addr_fault+0x74c/0x12f0 [ 659.304319][T10927] exc_page_fault+0x6f/0xd0 [ 659.304354][T10927] asm_exc_page_fault+0x26/0x30 [ 659.304379][T10927] RIP: 0010:strnlen_user+0x55/0x190 [ 659.304406][T10927] Code: fc 4d 85 ff 0f 8e 49 01 00 00 e8 66 ce df fc 48 b8 00 f0 ff ff ff 7f 00 00 48 39 c3 48 0f 47 d8 0f 01 cb 49 89 dd 49 83 e5 f8 <4d> 8b 75 00 e8 42 ce df fc 48 8b 4c 24 10 83 e3 07 b8 01 00 00 00 [ 659.304431][T10927] RSP: 0018:ffffc900035e7e60 EFLAGS: 00050246 [ 659.304452][T10927] RAX: 00007ffffffff000 RBX: 0000000000000000 RCX: ffffc900113ad000 [ 659.304468][T10927] RDX: 0000000000080000 RSI: ffffffff852849fa RDI: ffff888034c83d00 [ 659.304484][T10927] RBP: 0000000000001000 R08: 0000000000000007 R09: 0000000000000000 [ 659.304500][T10927] R10: 0000000000001000 R11: 0000000000000000 R12: fffffffffffffff2 [ 659.304516][T10927] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000001000 [ 659.304540][T10927] ? strnlen_user+0x3a/0x190 [ 659.304575][T10927] strndup_user+0x27/0xe0 [ 659.304599][T10927] __x64_sys_fsopen+0x9e/0x220 [ 659.304633][T10927] do_syscall_64+0x106/0xf80 [ 659.304667][T10927] ? clear_bhb_loop+0x40/0x90 [ 659.304697][T10927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.304722][T10927] RIP: 0033:0x7f046099c799 [ 659.304741][T10927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 659.304765][T10927] RSP: 002b:00007f046183f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 659.304787][T10927] RAX: ffffffffffffffda RBX: 00007f0460c16090 RCX: 00007f046099c799 [ 659.304803][T10927] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 659.304818][T10927] RBP: 00007f0460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 659.304832][T10927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.304847][T10927] R13: 00007f0460c16128 R14: 00007f0460c16090 R15: 00007ffe6c363808 [ 659.304879][T10927] [ 659.704122][T10925] kexec: Could not allocate control_code_buffer [ 661.690306][ T8755] Bluetooth: hci4: Unable to find connection for big 0xd2 [ 662.567260][T10967] HfR: entered promiscuous mode [ 663.442218][T10965] blkio.reset_stats is deprecated [ 664.587547][T10982] kexec: Could not allocate control_code_buffer [ 671.431861][T11008] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 672.401730][T11044] FAULT_INJECTION: forcing a failure. [ 672.401730][T11044] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 672.613339][T11044] CPU: 0 UID: 0 PID: 11044 Comm: syz.4.1077 Tainted: G L syzkaller #0 PREEMPT(full) [ 672.613380][T11044] Tainted: [L]=SOFTLOCKUP [ 672.613389][T11044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 672.613405][T11044] Call Trace: [ 672.613413][T11044] [ 672.613422][T11044] dump_stack_lvl+0x100/0x190 [ 672.613465][T11044] should_fail_ex.cold+0x5/0xa [ 672.613488][T11044] ? prepare_alloc_pages+0x16d/0x5f0 [ 672.613520][T11044] should_fail_alloc_page+0xeb/0x140 [ 672.613548][T11044] prepare_alloc_pages+0x1f0/0x5f0 [ 672.613581][T11044] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 672.613627][T11044] ? __lock_acquire+0x4a5/0x2630 [ 672.613668][T11044] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 672.613711][T11044] ? do_raw_spin_lock+0x128/0x260 [ 672.613748][T11044] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 672.613786][T11044] ? find_held_lock+0x2b/0x80 [ 672.613817][T11044] ? __lock_acquire+0x4a5/0x2630 [ 672.613848][T11044] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 672.613893][T11044] ? policy_nodemask+0xed/0x4f0 [ 672.613921][T11044] alloc_pages_mpol+0x1fb/0x550 [ 672.613949][T11044] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 672.613975][T11044] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 672.614016][T11044] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 672.614061][T11044] folio_alloc_mpol_noprof+0x36/0x340 [ 672.614095][T11044] shmem_alloc_folio+0x135/0x160 [ 672.614135][T11044] shmem_alloc_and_add_folio+0x371/0xd40 [ 672.614182][T11044] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 672.614224][T11044] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 672.614262][T11044] ? __lock_acquire+0x400/0x2630 [ 672.614299][T11044] shmem_get_folio_gfp+0x6ab/0x1900 [ 672.614344][T11044] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 672.614385][T11044] ? __pfx___might_resched+0x10/0x10 [ 672.614422][T11044] ? noop_dirty_folio+0xfd/0x160 [ 672.614450][T11044] shmem_fallocate+0x6d7/0x1060 [ 672.614502][T11044] ? __pfx_shmem_fallocate+0x10/0x10 [ 672.614540][T11044] ? aa_file_perm+0x7f3/0x14d0 [ 672.614582][T11044] ? __lock_acquire+0x4a5/0x2630 [ 672.614636][T11044] ? __pfx_shmem_fallocate+0x10/0x10 [ 672.614676][T11044] vfs_fallocate+0x576/0x10d0 [ 672.614703][T11044] ? __pfx_vfs_fallocate+0x10/0x10 [ 672.614736][T11044] __x64_sys_fallocate+0xd5/0x140 [ 672.614767][T11044] do_syscall_64+0x106/0xf80 [ 672.614801][T11044] ? clear_bhb_loop+0x40/0x90 [ 672.614832][T11044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 672.614858][T11044] RIP: 0033:0x7f806ab9c799 [ 672.614878][T11044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 672.614903][T11044] RSP: 002b:00007f806bad3028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 672.614927][T11044] RAX: ffffffffffffffda RBX: 00007f806ae15fa0 RCX: 00007f806ab9c799 [ 672.614943][T11044] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000006 [ 672.614959][T11044] RBP: 00007f806ac32c99 R08: 0000000000000000 R09: 0000000000000000 [ 672.614974][T11044] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000 [ 672.614989][T11044] R13: 00007f806ae16038 R14: 00007f806ae15fa0 R15: 00007fffafea4258 [ 672.615021][T11044] [ 673.269331][T11048] random: crng reseeded on system resumption [ 674.039041][T11054] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 674.131940][T11055] FAULT_INJECTION: forcing a failure. [ 674.131940][T11055] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 674.345814][T11055] CPU: 0 UID: 0 PID: 11055 Comm: syz.4.1078 Tainted: G L syzkaller #0 PREEMPT(full) [ 674.345855][T11055] Tainted: [L]=SOFTLOCKUP [ 674.345864][T11055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 674.345879][T11055] Call Trace: [ 674.345887][T11055] [ 674.345896][T11055] dump_stack_lvl+0x100/0x190 [ 674.345939][T11055] should_fail_ex.cold+0x5/0xa [ 674.345963][T11055] ? prepare_alloc_pages+0x16d/0x5f0 [ 674.345994][T11055] should_fail_alloc_page+0xeb/0x140 [ 674.346022][T11055] prepare_alloc_pages+0x1f0/0x5f0 [ 674.346056][T11055] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 674.346102][T11055] ? stack_trace_save+0x8e/0xc0 [ 674.346126][T11055] ? __pfx_stack_trace_save+0x10/0x10 [ 674.346151][T11055] ? stack_depot_save_flags+0x27/0x9d0 [ 674.346182][T11055] ? is_bpf_text_address+0x8a/0x1a0 [ 674.346220][T11055] ? is_bpf_text_address+0x8a/0x1a0 [ 674.346260][T11055] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 674.346300][T11055] ? kasan_save_stack+0x3f/0x50 [ 674.346338][T11055] ? kasan_save_track+0x14/0x30 [ 674.346377][T11055] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 674.346415][T11055] ? alloc_vmap_area+0x186c/0x2bd0 [ 674.346453][T11055] ? __get_vm_area_node+0x1ca/0x330 [ 674.346479][T11055] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 674.346510][T11055] ? __vmalloc_node_noprof+0xad/0xf0 [ 674.346539][T11055] ? copy_process+0x5ec/0x7a40 [ 674.346566][T11055] ? kernel_clone+0xfc/0x9a0 [ 674.346593][T11055] ? __do_sys_clone+0xd9/0x120 [ 674.346620][T11055] ? do_syscall_64+0x106/0xf80 [ 674.346667][T11055] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 674.346711][T11055] ? policy_nodemask+0xed/0x4f0 [ 674.346739][T11055] alloc_pages_mpol+0x1fb/0x550 [ 674.346766][T11055] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 674.346800][T11055] alloc_pages_noprof+0x131/0x390 [ 674.346828][T11055] get_free_pages_noprof+0x10/0xb0 [ 674.346858][T11055] __kasan_populate_vmalloc+0xa0/0x210 [ 674.346902][T11055] alloc_vmap_area+0x95d/0x2bd0 [ 674.346939][T11055] ? __pfx_alloc_vmap_area+0x10/0x10 [ 674.346973][T11055] __get_vm_area_node+0x1ca/0x330 [ 674.347006][T11055] __vmalloc_node_range_noprof+0x213/0x1530 [ 674.347038][T11055] ? kernel_clone+0xfc/0x9a0 [ 674.347065][T11055] ? find_held_lock+0x2b/0x80 [ 674.347088][T11055] ? local_lock_release+0x99/0x130 [ 674.347116][T11055] ? local_lock_release+0x99/0x130 [ 674.347149][T11055] ? kernel_clone+0xfc/0x9a0 [ 674.347178][T11055] ? find_held_lock+0x2b/0x80 [ 674.347200][T11055] ? rcu_read_unlock+0x17/0x60 [ 674.347226][T11055] ? rcu_read_unlock+0x17/0x60 [ 674.347253][T11055] ? obj_cgroup_charge_account+0x46d/0x640 [ 674.347281][T11055] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 674.347316][T11055] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 674.347349][T11055] ? rcu_is_watching+0x12/0xc0 [ 674.347386][T11055] ? trace_kmem_cache_alloc+0xf3/0x120 [ 674.347415][T11055] ? kernel_clone+0xfc/0x9a0 [ 674.347447][T11055] __vmalloc_node_noprof+0xad/0xf0 [ 674.347478][T11055] ? kernel_clone+0xfc/0x9a0 [ 674.347509][T11055] copy_process+0x5ec/0x7a40 [ 674.347539][T11055] ? __pfx___futex_wait+0x10/0x10 [ 674.347577][T11055] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 674.347610][T11055] ? lockdep_hardirqs_on+0x78/0x100 [ 674.347653][T11055] ? __pfx_copy_process+0x10/0x10 [ 674.347682][T11055] ? find_held_lock+0x2b/0x80 [ 674.347716][T11055] kernel_clone+0xfc/0x9a0 [ 674.347743][T11055] ? __pfx_futex_wait+0x10/0x10 [ 674.347783][T11055] ? __pfx_kernel_clone+0x10/0x10 [ 674.347827][T11055] __do_sys_clone+0xd9/0x120 [ 674.347856][T11055] ? __pfx___do_sys_clone+0x10/0x10 [ 674.347909][T11055] do_syscall_64+0x106/0xf80 [ 674.347943][T11055] ? clear_bhb_loop+0x40/0x90 [ 674.347973][T11055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.348000][T11055] RIP: 0033:0x7f806ab9c799 [ 674.348021][T11055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 674.348045][T11055] RSP: 002b:00007f806ba91028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 674.348069][T11055] RAX: ffffffffffffffda RBX: 00007f806ae16180 RCX: 00007f806ab9c799 [ 674.348086][T11055] RDX: 0000200000000080 RSI: 000000000000000b RDI: 0000000000000008 [ 674.348101][T11055] RBP: 00007f806ac32c99 R08: 0000000000000002 R09: 0000000000000000 [ 674.348116][T11055] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 674.348131][T11055] R13: 00007f806ae16218 R14: 00007f806ae16180 R15: 00007fffafea4258 [ 674.348162][T11055] [ 675.300560][T11055] syz.4.1078: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 675.379274][T11055] CPU: 0 UID: 0 PID: 11055 Comm: syz.4.1078 Tainted: G L syzkaller #0 PREEMPT(full) [ 675.379316][T11055] Tainted: [L]=SOFTLOCKUP [ 675.379325][T11055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 675.379340][T11055] Call Trace: [ 675.379348][T11055] [ 675.379357][T11055] dump_stack_lvl+0x100/0x190 [ 675.379399][T11055] warn_alloc.cold+0x95/0x1c1 [ 675.379444][T11055] ? __pfx_warn_alloc+0x10/0x10 [ 675.379480][T11055] ? lockdep_hardirqs_on+0x78/0x100 [ 675.379519][T11055] ? __get_vm_area_node+0x2c5/0x330 [ 675.379556][T11055] ? __get_vm_area_node+0x208/0x330 [ 675.379590][T11055] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 675.379622][T11055] ? find_held_lock+0x2b/0x80 [ 675.379645][T11055] ? local_lock_release+0x99/0x130 [ 675.379673][T11055] ? local_lock_release+0x99/0x130 [ 675.379706][T11055] ? kernel_clone+0xfc/0x9a0 [ 675.379735][T11055] ? find_held_lock+0x2b/0x80 [ 675.379758][T11055] ? rcu_read_unlock+0x17/0x60 [ 675.379784][T11055] ? rcu_read_unlock+0x17/0x60 [ 675.379811][T11055] ? obj_cgroup_charge_account+0x46d/0x640 [ 675.379839][T11055] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 675.379879][T11055] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 675.379911][T11055] ? rcu_is_watching+0x12/0xc0 [ 675.379950][T11055] ? trace_kmem_cache_alloc+0xf3/0x120 [ 675.379979][T11055] ? kernel_clone+0xfc/0x9a0 [ 675.380006][T11055] __vmalloc_node_noprof+0xad/0xf0 [ 675.380037][T11055] ? kernel_clone+0xfc/0x9a0 [ 675.380068][T11055] copy_process+0x5ec/0x7a40 [ 675.380099][T11055] ? __pfx___futex_wait+0x10/0x10 [ 675.380136][T11055] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 675.380169][T11055] ? lockdep_hardirqs_on+0x78/0x100 [ 675.380211][T11055] ? __pfx_copy_process+0x10/0x10 [ 675.380241][T11055] ? find_held_lock+0x2b/0x80 [ 675.380275][T11055] kernel_clone+0xfc/0x9a0 [ 675.380302][T11055] ? __pfx_futex_wait+0x10/0x10 [ 675.380341][T11055] ? __pfx_kernel_clone+0x10/0x10 [ 675.380386][T11055] __do_sys_clone+0xd9/0x120 [ 675.380415][T11055] ? __pfx___do_sys_clone+0x10/0x10 [ 675.380468][T11055] do_syscall_64+0x106/0xf80 [ 675.380502][T11055] ? clear_bhb_loop+0x40/0x90 [ 675.380532][T11055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.380558][T11055] RIP: 0033:0x7f806ab9c799 [ 675.380578][T11055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 675.380602][T11055] RSP: 002b:00007f806ba91028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 675.380627][T11055] RAX: ffffffffffffffda RBX: 00007f806ae16180 RCX: 00007f806ab9c799 [ 675.380643][T11055] RDX: 0000200000000080 RSI: 000000000000000b RDI: 0000000000000008 [ 675.380659][T11055] RBP: 00007f806ac32c99 R08: 0000000000000002 R09: 0000000000000000 [ 675.380674][T11055] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 675.380690][T11055] R13: 00007f806ae16218 R14: 00007f806ae16180 R15: 00007fffafea4258 [ 675.380720][T11055] [ 678.744284][T11055] Mem-Info: [ 678.796424][T11055] active_anon:96734 inactive_anon:17 isolated_anon:0 [ 678.796424][T11055] active_file:4087 inactive_file:55865 isolated_file:0 [ 678.796424][T11055] unevictable:768 dirty:492 writeback:0 [ 678.796424][T11055] slab_reclaimable:14963 slab_unreclaimable:96552 [ 678.796424][T11055] mapped:59321 shmem:89379 pagetables:1441 [ 678.796424][T11055] sec_pagetables:0 bounce:0 [ 678.796424][T11055] kernel_misc_reclaimable:0 [ 678.796424][T11055] free:1223788 free_pcp:10785 free_cma:0 [ 679.471705][T11055] Node 0 active_anon:391816kB inactive_anon:68kB active_file:16348kB inactive_file:223268kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:254848kB dirty:2080kB writeback:0kB shmem:355348kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12096kB pagetables:5620kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 679.984778][T11055] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 680.464523][T11055] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 680.862478][T11055] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 680.930783][T11055] Node 0 DMA32 free:928436kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:400984kB inactive_anon:68kB active_file:16348kB inactive_file:223268kB unevictable:1536kB writepending:2468kB zspages:0kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:45384kB local_pcp:45384kB free_cma:0kB [ 681.422709][T11055] lowmem_reserve[]: 0 0 1 1 1 [ 681.546239][T11055] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 681.923064][T11055] lowmem_reserve[]: 0 0 0 0 0 [ 681.961926][T11055] Node 1 Normal free:3936960kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 682.413245][T11055] lowmem_reserve[]: 0 0 0 0 0 [ 682.418019][T11055] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 682.618383][T11055] Node 0 DMA32: 984*4kB (UE) 2106*8kB (U) 828*16kB (UE) 16*32kB (UE) 237*64kB (UE) 603*128kB (UME) 711*256kB (UME) 305*512kB (UME) 96*1024kB (UM) 1*2048kB (U) 85*4096kB (M) = 913584kB [ 682.838060][T11055] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 683.014125][T11104] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 683.063461][T11055] Node 1 Normal: 2*4kB (UM) 9*8kB (UM) 11*16kB (UM) 14*32kB (UM) 6*64kB (UM) 9*128kB (UM) 4*256kB (UM) 5*512kB (UM) 3*1024kB (UM) 2*2048kB (UM) 958*4096kB (M) = 3936960kB [ 683.326014][T11055] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 683.522237][T11055] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 683.675735][T11055] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 683.846044][T11055] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 683.957275][T11055] 155545 total pagecache pages [ 683.996109][T11055] 0 pages in swap cache [ 684.000306][T11055] Free swap = 124996kB [ 684.103976][T11055] Total swap = 124996kB [ 684.108268][T11055] 2097051 pages RAM [ 684.254253][T11055] 0 pages HighMem/MovableOnly [ 684.259076][T11055] 430825 pages reserved [ 684.263233][T11055] 0 pages cma reserved [ 684.467230][T11100] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 685.545910][T11120] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1090'. [ 685.660448][T11121] FAULT_INJECTION: forcing a failure. [ 685.660448][T11121] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 685.924897][T11121] CPU: 0 UID: 0 PID: 11121 Comm: syz.4.1091 Tainted: G L syzkaller #0 PREEMPT(full) [ 685.924940][T11121] Tainted: [L]=SOFTLOCKUP [ 685.924949][T11121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 685.924964][T11121] Call Trace: [ 685.924972][T11121] [ 685.924981][T11121] dump_stack_lvl+0x100/0x190 [ 685.925023][T11121] should_fail_ex.cold+0x5/0xa [ 685.925051][T11121] _copy_from_user+0x2e/0xd0 [ 685.925081][T11121] memdup_user+0x6b/0xe0 [ 685.925104][T11121] strndup_user+0x78/0xe0 [ 685.925132][T11121] __x64_sys_fsopen+0x9e/0x220 [ 685.925168][T11121] do_syscall_64+0x106/0xf80 [ 685.925202][T11121] ? clear_bhb_loop+0x40/0x90 [ 685.925233][T11121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.925265][T11121] RIP: 0033:0x7f806ab9c799 [ 685.925285][T11121] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 685.925310][T11121] RSP: 002b:00007f806bab2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 685.925334][T11121] RAX: ffffffffffffffda RBX: 00007f806ae16090 RCX: 00007f806ab9c799 [ 685.925351][T11121] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 685.925366][T11121] RBP: 00007f806ac32c99 R08: 0000000000000000 R09: 0000000000000000 [ 685.925381][T11121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 685.925395][T11121] R13: 00007f806ae16128 R14: 00007f806ae16090 R15: 00007fffafea4258 [ 685.925426][T11121] [ 686.345480][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.351830][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.552988][T11119] kexec: Could not allocate control_code_buffer [ 688.256209][T11152] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input21 [ 691.580912][T11182] FAULT_INJECTION: forcing a failure. [ 691.580912][T11182] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 691.728172][T11182] CPU: 0 UID: 0 PID: 11182 Comm: syz.0.1105 Tainted: G L syzkaller #0 PREEMPT(full) [ 691.728213][T11182] Tainted: [L]=SOFTLOCKUP [ 691.728221][T11182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 691.728237][T11182] Call Trace: [ 691.728244][T11182] [ 691.728253][T11182] dump_stack_lvl+0x100/0x190 [ 691.728296][T11182] should_fail_ex.cold+0x5/0xa [ 691.728324][T11182] _copy_from_user+0x2e/0xd0 [ 691.728354][T11182] memdup_user+0x6b/0xe0 [ 691.728378][T11182] strndup_user+0x78/0xe0 [ 691.728401][T11182] __x64_sys_fsopen+0x9e/0x220 [ 691.728436][T11182] do_syscall_64+0x106/0xf80 [ 691.728471][T11182] ? clear_bhb_loop+0x40/0x90 [ 691.728501][T11182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 691.728526][T11182] RIP: 0033:0x7f046099c799 [ 691.728546][T11182] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 691.728571][T11182] RSP: 002b:00007f046183f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 691.728594][T11182] RAX: ffffffffffffffda RBX: 00007f0460c16090 RCX: 00007f046099c799 [ 691.728611][T11182] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 691.728626][T11182] RBP: 00007f0460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 691.728641][T11182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 691.728655][T11182] R13: 00007f0460c16128 R14: 00007f0460c16090 R15: 00007ffe6c363808 [ 691.728686][T11182] [ 693.427854][T11180] kexec: Could not allocate control_code_buffer [ 696.630793][T11216] program syz.4.1108 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 697.048376][T11236] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1116'. [ 703.507432][T11302] vcan0: tx drop: invalid sa for name 0x0000fffd00000000 [ 703.954310][T11307] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1132'. [ 704.037524][T11307] i: entered promiscuous mode [ 704.106228][T11309] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 708.088131][T11314] program syz.2.1131 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 710.288988][T11367] zram0: detected capacity change from 0 to 16 [ 713.063288][T11381] usb usb3: usbfs: process 11381 (syz.4.1147) did not claim interface 0 before use [ 717.264001][T11435] vivid-007: ================= START STATUS ================= [ 717.387962][T11435] vivid-007: Generate PTS: true [ 717.496977][T11435] vivid-007: Generate SCR: true [ 717.602517][T11435] tpg source WxH: 320x240 (Y'CbCr) [ 717.607683][T11435] tpg field: 1 [ 717.711674][T11435] tpg crop: (0,0)/320x240 [ 717.716142][T11435] tpg compose: (0,0)/320x240 [ 717.892382][T11435] tpg colorspace: 8 [ 717.896323][T11435] tpg transfer function: 0/0 [ 718.111485][T11435] tpg Y'CbCr encoding: 0/0 [ 718.116042][T11435] tpg quantization: 0/0 [ 718.120215][T11435] tpg RGB range: 0/2 [ 718.341105][T11435] vivid-007: ================== END STATUS ================== [ 723.811833][T11471] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 723.980504][T11471] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 724.264218][T11471] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 724.270391][T11471] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 725.664596][T11492] FAULT_INJECTION: forcing a failure. [ 725.664596][T11492] name failslab, interval 1, probability 0, space 0, times 0 [ 725.836957][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout [ 726.000621][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 726.074714][T11492] CPU: 0 UID: 0 PID: 11492 Comm: syz.1.1169 Tainted: G L syzkaller #0 PREEMPT(full) [ 726.074754][T11492] Tainted: [L]=SOFTLOCKUP [ 726.074762][T11492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 726.074776][T11492] Call Trace: [ 726.074784][T11492] [ 726.074792][T11492] dump_stack_lvl+0x100/0x190 [ 726.074833][T11492] should_fail_ex.cold+0x5/0xa [ 726.074864][T11492] should_failslab+0xc2/0x120 [ 726.074890][T11492] __kmalloc_cache_noprof+0x7a/0x6f0 [ 726.074921][T11492] ? vb2_vmalloc_alloc+0xf9/0x410 [ 726.074946][T11492] ? trace_kmalloc+0x101/0x130 [ 726.074970][T11492] ? __kasan_kmalloc+0xaa/0xb0 [ 726.075010][T11492] vb2_vmalloc_alloc+0xf9/0x410 [ 726.075043][T11492] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 726.075072][T11492] __vb2_queue_alloc+0x8d5/0x1160 [ 726.075110][T11492] vb2_core_reqbufs+0x899/0xf30 [ 726.075145][T11492] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 726.075186][T11492] __vb2_init_fileio+0x32d/0x1000 [ 726.075210][T11492] ? lockdep_hardirqs_on+0x78/0x100 [ 726.075245][T11492] ? __pollwait+0x276/0x470 [ 726.075285][T11492] vb2_core_poll+0x611/0x740 [ 726.075313][T11492] vb2_poll+0x4b/0xe0 [ 726.075351][T11492] vb2_fop_poll+0x10e/0x350 [ 726.075375][T11492] ? __pfx_vb2_fop_poll+0x10/0x10 [ 726.075412][T11492] v4l2_poll+0x15f/0x220 [ 726.075449][T11492] ? __pfx_v4l2_poll+0x10/0x10 [ 726.075484][T11492] do_sys_poll+0x6e5/0xeb0 [ 726.075532][T11492] ? __pfx_do_sys_poll+0x10/0x10 [ 726.075597][T11492] ? __lock_acquire+0x4a5/0x2630 [ 726.075626][T11492] ? __pfx___pollwait+0x10/0x10 [ 726.075666][T11492] ? __pfx_pollwake+0x10/0x10 [ 726.075745][T11492] ? ktime_get_ts64+0x2d2/0x3f0 [ 726.075772][T11492] ? read_tsc+0x9/0x20 [ 726.075797][T11492] ? ktime_get_ts64+0x256/0x3f0 [ 726.075825][T11492] ? poll_select_set_timeout+0xcc/0x160 [ 726.075868][T11492] __x64_sys_poll+0x1b3/0x420 [ 726.075890][T11492] ? __pfx___x64_sys_poll+0x10/0x10 [ 726.075921][T11492] do_syscall_64+0x106/0xf80 [ 726.075953][T11492] ? clear_bhb_loop+0x40/0x90 [ 726.075982][T11492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.076006][T11492] RIP: 0033:0x7f540b99c799 [ 726.076029][T11492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 726.076052][T11492] RSP: 002b:00007f540c861028 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 726.076074][T11492] RAX: ffffffffffffffda RBX: 00007f540bc15fa0 RCX: 00007f540b99c799 [ 726.076089][T11492] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 726.076103][T11492] RBP: 00007f540c861090 R08: 0000000000000000 R09: 0000000000000000 [ 726.076117][T11492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 726.076131][T11492] R13: 00007f540bc16038 R14: 00007f540bc15fa0 R15: 00007fffd7efb3d8 [ 726.076161][T11492] [ 726.786305][T11501] FAULT_INJECTION: forcing a failure. [ 726.786305][T11501] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 726.814792][ T5142] Bluetooth: hci4: command 0x0c1a tx timeout [ 726.820907][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 727.006923][T11501] CPU: 0 UID: 0 PID: 11501 Comm: syz.0.1172 Tainted: G L syzkaller #0 PREEMPT(full) [ 727.006964][T11501] Tainted: [L]=SOFTLOCKUP [ 727.006973][T11501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 727.006988][T11501] Call Trace: [ 727.006996][T11501] [ 727.007005][T11501] dump_stack_lvl+0x100/0x190 [ 727.007047][T11501] should_fail_ex.cold+0x5/0xa [ 727.007076][T11501] _copy_from_user+0x2e/0xd0 [ 727.007105][T11501] memdup_user+0x6b/0xe0 [ 727.007129][T11501] strndup_user+0x78/0xe0 [ 727.007152][T11501] __x64_sys_fsopen+0x9e/0x220 [ 727.007186][T11501] do_syscall_64+0x106/0xf80 [ 727.007221][T11501] ? clear_bhb_loop+0x40/0x90 [ 727.007251][T11501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.007276][T11501] RIP: 0033:0x7f046099c799 [ 727.007296][T11501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 727.007321][T11501] RSP: 002b:00007f046183f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 727.007345][T11501] RAX: ffffffffffffffda RBX: 00007f0460c16090 RCX: 00007f046099c799 [ 727.007361][T11501] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 727.007376][T11501] RBP: 00007f0460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 727.007391][T11501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.007405][T11501] R13: 00007f0460c16128 R14: 00007f0460c16090 R15: 00007ffe6c363808 [ 727.007436][T11501] [ 727.488312][T11497] kexec: Could not allocate control_code_buffer [ 727.938567][T11505] ======================================================= [ 727.938567][T11505] WARNING: The mand mount option has been deprecated and [ 727.938567][T11505] and is ignored by this kernel. Remove the mand [ 727.938567][T11505] option from the mount to silence this warning. [ 727.938567][T11505] ======================================================= [ 728.552052][ T8755] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 728.552085][ T8755] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 728.571768][ T8755] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 728.595175][T11499] can: request_module (can-proto-4) failed. [ 732.699133][T11534] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 732.848390][T11534] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 732.998792][T11534] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 734.759571][T11549] zram: Cannot change disksize for initialized device [ 735.327616][T11545] vivid-007: ================= START STATUS ================= [ 735.409913][T11545] vivid-007: Generate PTS: true [ 735.414838][T11545] vivid-007: Generate SCR: true [ 735.580066][T11545] tpg source WxH: 320x240 (Y'CbCr) [ 735.585323][T11545] tpg field: 1 [ 735.721511][ T29] audit: type=1804 audit(4294968866.852:11): pid=11551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1187" name="/newroot/311/file0" dev="tmpfs" ino=1718 res=1 errno=0 [ 735.820990][T11545] tpg crop: (0,0)/320x240 [ 735.825380][T11545] tpg compose: (0,0)/320x240 [ 735.881723][ T29] audit: type=1804 audit(4294968866.892:12): pid=11556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1187" name="/newroot/311/file0" dev="tmpfs" ino=1718 res=1 errno=0 [ 736.013808][T11545] tpg colorspace: 8 [ 736.017664][T11545] tpg transfer function: 0/0 [ 736.127655][T11545] tpg Y'CbCr encoding: 0/0 [ 736.277225][T11545] tpg quantization: 0/0 [ 736.361758][T11545] tpg RGB range: 0/2 [ 736.462957][T11545] vivid-007: ================== END STATUS ================== [ 736.751042][ T8755] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 736.751077][ T8755] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15 [ 736.766061][ T8755] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 740.592263][T11592] can: request_module (can-proto-4) failed. [ 743.043136][ T8755] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 743.043168][ T8755] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 743.057974][ T8755] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 743.324217][T11624] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 744.405140][T11634] FAULT_INJECTION: forcing a failure. [ 744.405140][T11634] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 744.550479][T11634] CPU: 0 UID: 0 PID: 11634 Comm: syz.4.1205 Tainted: G L syzkaller #0 PREEMPT(full) [ 744.550516][T11634] Tainted: [L]=SOFTLOCKUP [ 744.550524][T11634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 744.550537][T11634] Call Trace: [ 744.550545][T11634] [ 744.550553][T11634] dump_stack_lvl+0x100/0x190 [ 744.550592][T11634] should_fail_ex.cold+0x5/0xa [ 744.550618][T11634] _copy_from_user+0x2e/0xd0 [ 744.550645][T11634] snd_seq_oss_write+0x4f6/0x7f0 [ 744.550681][T11634] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 744.550731][T11634] ? apparmor_file_permission+0x13f/0x1c0 [ 744.550759][T11634] ? bpf_lsm_file_permission+0x9/0x10 [ 744.550814][T11634] odev_write+0x51/0xa0 [ 744.550836][T11634] vfs_write+0x2aa/0x1070 [ 744.550857][T11634] ? __pfx_odev_write+0x10/0x10 [ 744.550881][T11634] ? __pfx_vfs_write+0x10/0x10 [ 744.550916][T11634] ? find_held_lock+0x2b/0x80 [ 744.550938][T11634] ? __fget_files+0x215/0x3d0 [ 744.550958][T11634] ? __fget_files+0x215/0x3d0 [ 744.550984][T11634] ? __fget_files+0x21f/0x3d0 [ 744.551013][T11634] ksys_write+0x12a/0x250 [ 744.551033][T11634] ? __pfx_ksys_write+0x10/0x10 [ 744.551062][T11634] do_syscall_64+0x106/0xf80 [ 744.551094][T11634] ? clear_bhb_loop+0x40/0x90 [ 744.551123][T11634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.551147][T11634] RIP: 0033:0x7f806ab9c799 [ 744.551166][T11634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 744.551188][T11634] RSP: 002b:00007f806bad3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 744.551211][T11634] RAX: ffffffffffffffda RBX: 00007f806ae15fa0 RCX: 00007f806ab9c799 [ 744.551226][T11634] RDX: 00000000000002f8 RSI: 0000200000000040 RDI: 0000000000000002 [ 744.551241][T11634] RBP: 00007f806bad3090 R08: 0000000000000000 R09: 0000000000000000 [ 744.551255][T11634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 744.551269][T11634] R13: 00007f806ae16038 R14: 00007f806ae15fa0 R15: 00007fffafea4258 [ 744.551299][T11634] [ 746.779404][ T8755] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 746.779435][ T8755] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15 [ 746.796722][ T8755] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 746.840098][T11654] random: crng reseeded on system resumption [ 747.452892][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.460449][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.727856][T11667] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1214'. [ 747.821939][T11669] FAULT_INJECTION: forcing a failure. [ 747.821939][T11669] name failslab, interval 1, probability 0, space 0, times 0 [ 747.967910][T11669] CPU: 0 UID: 0 PID: 11669 Comm: syz.0.1214 Tainted: G L syzkaller #0 PREEMPT(full) [ 747.967957][T11669] Tainted: [L]=SOFTLOCKUP [ 747.967966][T11669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 747.967981][T11669] Call Trace: [ 747.967990][T11669] [ 747.967999][T11669] dump_stack_lvl+0x100/0x190 [ 747.968049][T11669] should_fail_ex.cold+0x5/0xa [ 747.968077][T11669] ? lsm_blob_alloc+0x68/0x90 [ 747.968111][T11669] should_failslab+0xc2/0x120 [ 747.968142][T11669] __kmalloc_noprof+0xe0/0x850 [ 747.968179][T11669] ? trace_kmem_cache_alloc+0xf3/0x120 [ 747.968210][T11669] lsm_blob_alloc+0x68/0x90 [ 747.968246][T11669] security_prepare_creds+0x2d/0x290 [ 747.968281][T11669] prepare_creds+0x5d6/0x950 [ 747.968322][T11669] __sys_setuid+0x9c/0x440 [ 747.968347][T11669] do_syscall_64+0x106/0xf80 [ 747.968381][T11669] ? clear_bhb_loop+0x40/0x90 [ 747.968411][T11669] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 747.968437][T11669] RIP: 0033:0x7f046099c799 [ 747.968456][T11669] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 747.968481][T11669] RSP: 002b:00007f046183f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000069 [ 747.968504][T11669] RAX: ffffffffffffffda RBX: 00007f0460c16090 RCX: 00007f046099c799 [ 747.968521][T11669] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 747.968536][T11669] RBP: 00007f0460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 747.968551][T11669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 747.968565][T11669] R13: 00007f0460c16128 R14: 00007f0460c16090 R15: 00007ffe6c363808 [ 747.968596][T11669] [ 751.799486][T11694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1220'. [ 752.414365][T11679] program syz.2.1217 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 754.820790][T11726] FAULT_INJECTION: forcing a failure. [ 754.820790][T11726] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 754.979674][T11726] CPU: 0 UID: 0 PID: 11726 Comm: syz.0.1228 Tainted: G L syzkaller #0 PREEMPT(full) [ 754.979714][T11726] Tainted: [L]=SOFTLOCKUP [ 754.979723][T11726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 754.979739][T11726] Call Trace: [ 754.979747][T11726] [ 754.979756][T11726] dump_stack_lvl+0x100/0x190 [ 754.979798][T11726] should_fail_ex.cold+0x5/0xa [ 754.979827][T11726] _copy_from_user+0x2e/0xd0 [ 754.979857][T11726] memdup_user+0x6b/0xe0 [ 754.979880][T11726] strndup_user+0x78/0xe0 [ 754.979904][T11726] __x64_sys_fsopen+0x9e/0x220 [ 754.979939][T11726] do_syscall_64+0x106/0xf80 [ 754.979973][T11726] ? clear_bhb_loop+0x40/0x90 [ 754.980003][T11726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.980029][T11726] RIP: 0033:0x7f046099c799 [ 754.980049][T11726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 754.980073][T11726] RSP: 002b:00007f046183f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 754.980097][T11726] RAX: ffffffffffffffda RBX: 00007f0460c16090 RCX: 00007f046099c799 [ 754.980114][T11726] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 754.980129][T11726] RBP: 00007f0460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 754.980144][T11726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.980159][T11726] R13: 00007f0460c16128 R14: 00007f0460c16090 R15: 00007ffe6c363808 [ 754.980190][T11726] [ 758.464009][T11724] kexec: Could not allocate control_code_buffer [ 758.931940][T11737] netlink: 350 bytes leftover after parsing attributes in process `syz.4.1230'. [ 760.191843][T11748] FAULT_INJECTION: forcing a failure. [ 760.191843][T11748] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 760.316435][T11748] CPU: 0 UID: 0 PID: 11748 Comm: syz.4.1234 Tainted: G L syzkaller #0 PREEMPT(full) [ 760.316476][T11748] Tainted: [L]=SOFTLOCKUP [ 760.316485][T11748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 760.316501][T11748] Call Trace: [ 760.316509][T11748] [ 760.316519][T11748] dump_stack_lvl+0x100/0x190 [ 760.316561][T11748] should_fail_ex.cold+0x5/0xa [ 760.316584][T11748] ? prepare_alloc_pages+0x16d/0x5f0 [ 760.316616][T11748] should_fail_alloc_page+0xeb/0x140 [ 760.316644][T11748] prepare_alloc_pages+0x1f0/0x5f0 [ 760.316672][T11748] ? is_bpf_text_address+0x8a/0x1a0 [ 760.316714][T11748] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 760.316755][T11748] ? kernel_text_address+0x8d/0x100 [ 760.316793][T11748] ? __kernel_text_address+0xd/0x30 [ 760.316830][T11748] ? unwind_get_return_address+0x59/0xa0 [ 760.316857][T11748] ? arch_stack_walk+0xa6/0xf0 [ 760.316889][T11748] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 760.316930][T11748] ? stack_trace_save+0x8e/0xc0 [ 760.316954][T11748] ? __pfx_stack_trace_save+0x10/0x10 [ 760.316979][T11748] ? stack_depot_save_flags+0x27/0x9d0 [ 760.317021][T11748] ? __lock_acquire+0x4a5/0x2630 [ 760.317052][T11748] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 760.317097][T11748] ? policy_nodemask+0xed/0x4f0 [ 760.317126][T11748] alloc_pages_mpol+0x1fb/0x550 [ 760.317153][T11748] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 760.317181][T11748] ? __lock_acquire+0x4a5/0x2630 [ 760.317228][T11748] alloc_pages_noprof+0x131/0x390 [ 760.317256][T11748] pte_alloc_one+0x1c/0x3d0 [ 760.317286][T11748] do_fault+0x88e/0x1990 [ 760.317319][T11748] __handle_mm_fault+0x180f/0x2b60 [ 760.317358][T11748] ? mt_find+0x45e/0x8e0 [ 760.317397][T11748] ? __pfx___handle_mm_fault+0x10/0x10 [ 760.317429][T11748] ? __pfx_mt_find+0x10/0x10 [ 760.317483][T11748] ? find_vma+0xbf/0x140 [ 760.317505][T11748] ? __pfx_find_vma+0x10/0x10 [ 760.317532][T11748] handle_mm_fault+0x36d/0xa20 [ 760.317572][T11748] do_user_addr_fault+0x74c/0x12f0 [ 760.317621][T11748] exc_page_fault+0x6f/0xd0 [ 760.317657][T11748] asm_exc_page_fault+0x26/0x30 [ 760.317681][T11748] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 760.317708][T11748] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 [ 760.317733][T11748] RSP: 0018:ffffc90004d57938 EFLAGS: 00050202 [ 760.317752][T11748] RAX: 0000000000000001 RBX: ffff88807f7e8028 RCX: 0000000000000007 [ 760.317768][T11748] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88807f7e8028 [ 760.317784][T11748] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100fefd005 [ 760.317799][T11748] R10: ffff88807f7e802e R11: 0000000000000000 R12: ffffc90004d57c40 [ 760.317816][T11748] R13: 0000000000000000 R14: 0000000000000007 R15: 0000000000000000 [ 760.317846][T11748] _copy_from_iter+0x355/0x1690 [ 760.317878][T11748] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 760.317906][T11748] ? __pfx__copy_from_iter+0x10/0x10 [ 760.317935][T11748] ? __sk_mem_raise_allocated+0x789/0x15a0 [ 760.317986][T11748] mptcp_sendmsg+0x100d/0x1e40 [ 760.318032][T11748] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 760.318073][T11748] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 760.318108][T11748] inet_sendmsg+0x11c/0x140 [ 760.318135][T11748] sock_write_iter+0x4ea/0x5a0 [ 760.318160][T11748] ? __pfx_inet_sendmsg+0x10/0x10 [ 760.318186][T11748] ? __pfx_sock_write_iter+0x10/0x10 [ 760.318227][T11748] ? bpf_lsm_file_permission+0x9/0x10 [ 760.318268][T11748] ? security_file_permission+0x76/0x210 [ 760.318300][T11748] ? rw_verify_area+0xce/0x6d0 [ 760.318339][T11748] vfs_write+0x6ac/0x1070 [ 760.318363][T11748] ? __pfx_sock_write_iter+0x10/0x10 [ 760.318391][T11748] ? __pfx_vfs_write+0x10/0x10 [ 760.318429][T11748] ? find_held_lock+0x2b/0x80 [ 760.318470][T11748] ksys_write+0x1f8/0x250 [ 760.318492][T11748] ? __pfx_ksys_write+0x10/0x10 [ 760.318523][T11748] do_syscall_64+0x106/0xf80 [ 760.318557][T11748] ? clear_bhb_loop+0x40/0x90 [ 760.318588][T11748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 760.318613][T11748] RIP: 0033:0x7f806ab9c799 [ 760.318632][T11748] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 760.318657][T11748] RSP: 002b:00007f806bad3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 760.318679][T11748] RAX: ffffffffffffffda RBX: 00007f806ae15fa0 RCX: 00007f806ab9c799 [ 760.318695][T11748] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003 [ 760.318710][T11748] RBP: 00007f806ac32c99 R08: 0000000000000000 R09: 0000000000000000 [ 760.318725][T11748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 760.318741][T11748] R13: 00007f806ae16038 R14: 00007f806ae15fa0 R15: 00007fffafea4258 [ 760.318772][T11748] [ 765.775284][T11766] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 765.807160][T11766] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 765.908414][T11766] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 766.063120][T11766] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 767.491095][T11787] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1242'. [ 767.855863][ T8755] Bluetooth: hci1: command 0x0c1a tx timeout [ 767.861908][ T8755] Bluetooth: hci0: command 0x0c1a tx timeout [ 767.944263][T11797] Bluetooth: hci3: command 0x0c1a tx timeout [ 768.096045][T11797] Bluetooth: hci4: command 0x0c1a tx timeout [ 768.782409][T11778] kexec: Could not allocate control_code_buffer [ 772.478169][T11827] netlink: 'syz.0.1250': attribute type 2 has an invalid length. [ 772.790407][T11826] FAULT_INJECTION: forcing a failure. [ 772.790407][T11826] name fail_futex, interval 1, probability 0, space 0, times 0 [ 772.888863][T11826] CPU: 0 UID: 0 PID: 11826 Comm: syz.0.1250 Tainted: G L syzkaller #0 PREEMPT(full) [ 772.888901][T11826] Tainted: [L]=SOFTLOCKUP [ 772.888909][T11826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 772.888923][T11826] Call Trace: [ 772.888930][T11826] [ 772.888939][T11826] dump_stack_lvl+0x100/0x190 [ 772.888980][T11826] should_fail_ex.cold+0x5/0xa [ 772.889007][T11826] get_futex_key+0x295/0x1620 [ 772.889039][T11826] ? __pfx_get_futex_key+0x10/0x10 [ 772.889065][T11826] ? lock_acquire+0x1cf/0x380 [ 772.889105][T11826] futex_wake+0xea/0x530 [ 772.889143][T11826] ? __pfx_futex_wake+0x10/0x10 [ 772.889179][T11826] ? exit_mm_release+0x19/0x30 [ 772.889215][T11826] do_futex+0x32b/0x350 [ 772.889246][T11826] ? __pfx_do_futex+0x10/0x10 [ 772.889275][T11826] ? __might_fault+0xc5/0x140 [ 772.889326][T11826] mm_release+0x24a/0x2f0 [ 772.889349][T11826] do_exit+0x704/0x2b60 [ 772.889384][T11826] ? __pfx_do_exit+0x10/0x10 [ 772.889414][T11826] ? do_raw_spin_lock+0x128/0x260 [ 772.889447][T11826] ? find_held_lock+0x2b/0x80 [ 772.889467][T11826] ? get_signal+0x7e0/0x21e0 [ 772.889494][T11826] do_group_exit+0xd5/0x2a0 [ 772.889527][T11826] get_signal+0x1ec7/0x21e0 [ 772.889562][T11826] ? __pfx_get_signal+0x10/0x10 [ 772.889588][T11826] ? do_futex+0x192/0x350 [ 772.889620][T11826] arch_do_signal_or_restart+0x91/0x770 [ 772.889649][T11826] ? kfree+0x2ec/0x6b0 [ 772.889678][T11826] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 772.889715][T11826] ? __pfx___x64_sys_futex+0x10/0x10 [ 772.889755][T11826] exit_to_user_mode_loop+0x86/0x4a0 [ 772.889789][T11826] do_syscall_64+0x668/0xf80 [ 772.889821][T11826] ? clear_bhb_loop+0x40/0x90 [ 772.889850][T11826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.889874][T11826] RIP: 0033:0x7f046099c799 [ 772.889893][T11826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 772.889916][T11826] RSP: 002b:00007f04618600e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 772.889939][T11826] RAX: fffffffffffffe00 RBX: 00007f0460c15fa8 RCX: 00007f046099c799 [ 772.889954][T11826] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0460c15fa8 [ 772.889969][T11826] RBP: 00007f0460c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 772.889983][T11826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 772.889997][T11826] R13: 00007f0460c16038 R14: 00007ffe6c363720 R15: 00007ffe6c363808 [ 772.890026][T11826] [ 775.357242][T11840] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1253'. [ 776.471246][T11849] input: jJǸ-9%vJ86 as /devices/virtual/input/input22 [ 782.610887][T11885] kexec: Could not allocate control_code_buffer [ 787.651113][T11925] kexec: Could not allocate control_code_buffer [ 789.722280][T11939] netlink: 'syz.1.1274': attribute type 27 has an invalid length. [ 789.861176][T11939] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1274'. [ 799.132457][T12006] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1288'. [ 799.281819][T12005] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 799.560796][T12010] netlink: 'syz.1.1287': attribute type 2 has an invalid length. [ 806.034014][T12045] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 808.931666][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.956476][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.983630][T12064] zswap: compressor not available [ 813.130034][T12093] bridge0: port 3(syz_tun) entered blocking state [ 813.248703][T12093] bridge0: port 3(syz_tun) entered disabled state [ 813.303891][T12093] syz_tun: entered allmulticast mode [ 813.409808][T12093] syz_tun: entered promiscuous mode [ 813.487287][T12093] bridge0: port 3(syz_tun) entered blocking state [ 813.493938][T12093] bridge0: port 3(syz_tun) entered forwarding state [ 831.781070][T12232] futex_wake_op: syz.1.1328 tries to shift op by -2048; fix this program [ 831.919213][T12232] futex_wake_op: syz.1.1328 tries to shift op by -2048; fix this program [ 837.609049][T12273] FAULT_INJECTION: forcing a failure. [ 837.609049][T12273] name failslab, interval 1, probability 0, space 0, times 0 [ 837.772574][T12273] CPU: 0 UID: 0 PID: 12273 Comm: syz.1.1336 Tainted: G L syzkaller #0 PREEMPT(full) [ 837.772614][T12273] Tainted: [L]=SOFTLOCKUP [ 837.772624][T12273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 837.772639][T12273] Call Trace: [ 837.772647][T12273] [ 837.772656][T12273] dump_stack_lvl+0x100/0x190 [ 837.772701][T12273] should_fail_ex.cold+0x5/0xa [ 837.772730][T12273] should_failslab+0xc2/0x120 [ 837.772755][T12273] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 837.772793][T12273] ? alloc_empty_file+0x55/0x1c0 [ 837.772840][T12273] alloc_empty_file+0x55/0x1c0 [ 837.772872][T12273] alloc_file_pseudo+0x13a/0x230 [ 837.772905][T12273] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 837.772946][T12273] __anon_inode_getfile+0xe8/0x280 [ 837.772976][T12273] ? kasan_save_track+0x14/0x30 [ 837.773018][T12273] sync_file_alloc+0x65/0x160 [ 837.773042][T12273] sync_file_create+0x17/0xf0 [ 837.773067][T12273] sw_sync_ioctl+0x849/0xf80 [ 837.773098][T12273] ? find_held_lock+0x2b/0x80 [ 837.773121][T12273] ? __pfx_sw_sync_ioctl+0x10/0x10 [ 837.773159][T12273] ? __pfx_sw_sync_ioctl+0x10/0x10 [ 837.773188][T12273] __x64_sys_ioctl+0x18e/0x210 [ 837.773227][T12273] do_syscall_64+0x106/0xf80 [ 837.773261][T12273] ? clear_bhb_loop+0x40/0x90 [ 837.773292][T12273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 837.773317][T12273] RIP: 0033:0x7f540b99c799 [ 837.773342][T12273] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 837.773370][T12273] RSP: 002b:00007f540c861028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 837.773393][T12273] RAX: ffffffffffffffda RBX: 00007f540bc15fa0 RCX: 00007f540b99c799 [ 837.773410][T12273] RDX: 0000200000000080 RSI: 00000000c0285700 RDI: 000000000000000b [ 837.773426][T12273] RBP: 00007f540ba32c99 R08: 0000000000000000 R09: 0000000000000000 [ 837.773441][T12273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 837.773456][T12273] R13: 00007f540bc16038 R14: 00007f540bc15fa0 R15: 00007fffd7efb3d8 [ 837.773487][T12273] [ 838.875068][T12292] Invalid ELF header magic: != ELF [ 838.885560][T12291] netlink: 'syz.2.1342': attribute type 2 has an invalid length. [ 842.690528][T12327] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 843.834775][T12339] FAULT_INJECTION: forcing a failure. [ 843.834775][T12339] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 843.928112][T12339] CPU: 0 UID: 0 PID: 12339 Comm: syz.0.1353 Tainted: G L syzkaller #0 PREEMPT(full) [ 843.928149][T12339] Tainted: [L]=SOFTLOCKUP [ 843.928157][T12339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 843.928171][T12339] Call Trace: [ 843.928178][T12339] [ 843.928186][T12339] dump_stack_lvl+0x100/0x190 [ 843.928226][T12339] should_fail_ex.cold+0x5/0xa [ 843.928253][T12339] _copy_from_user+0x2e/0xd0 [ 843.928281][T12339] snd_seq_oss_write+0x395/0x7f0 [ 843.928317][T12339] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 843.928350][T12339] ? apparmor_file_permission+0x13f/0x1c0 [ 843.928377][T12339] ? bpf_lsm_file_permission+0x9/0x10 [ 843.928420][T12339] odev_write+0x51/0xa0 [ 843.928443][T12339] vfs_write+0x2aa/0x1070 [ 843.928464][T12339] ? __pfx_odev_write+0x10/0x10 [ 843.928489][T12339] ? __pfx_vfs_write+0x10/0x10 [ 843.928534][T12339] ? find_held_lock+0x2b/0x80 [ 843.928555][T12339] ? __fget_files+0x215/0x3d0 [ 843.928576][T12339] ? __fget_files+0x215/0x3d0 [ 843.928602][T12339] ? __fget_files+0x21f/0x3d0 [ 843.928630][T12339] ksys_write+0x12a/0x250 [ 843.928651][T12339] ? __pfx_ksys_write+0x10/0x10 [ 843.928680][T12339] do_syscall_64+0x106/0xf80 [ 843.928712][T12339] ? clear_bhb_loop+0x40/0x90 [ 843.928741][T12339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 843.928764][T12339] RIP: 0033:0x7f046099c799 [ 843.928783][T12339] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 843.928806][T12339] RSP: 002b:00007f0461860028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 843.928828][T12339] RAX: ffffffffffffffda RBX: 00007f0460c15fa0 RCX: 00007f046099c799 [ 843.928843][T12339] RDX: 00000000000002f8 RSI: 0000200000000040 RDI: 0000000000000002 [ 843.928857][T12339] RBP: 00007f0461860090 R08: 0000000000000000 R09: 0000000000000000 [ 843.928871][T12339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 843.928885][T12339] R13: 00007f0460c16038 R14: 00007f0460c15fa0 R15: 00007ffe6c363808 [ 843.928914][T12339] [ 844.152171][T12339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1353'. [ 845.539109][T12350] Invalid ELF header magic: != ELF [ 846.731931][T12349] tipc: can't start tipc receive workqueue [ 847.474530][T12362] FAULT_INJECTION: forcing a failure. [ 847.474530][T12362] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 847.779904][T12362] CPU: 0 UID: 0 PID: 12362 Comm: syz.4.1356 Tainted: G L syzkaller #0 PREEMPT(full) [ 847.779945][T12362] Tainted: [L]=SOFTLOCKUP [ 847.779954][T12362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 847.779970][T12362] Call Trace: [ 847.779977][T12362] [ 847.779986][T12362] dump_stack_lvl+0x100/0x190 [ 847.780028][T12362] should_fail_ex.cold+0x5/0xa [ 847.780052][T12362] ? prepare_alloc_pages+0x16d/0x5f0 [ 847.780083][T12362] should_fail_alloc_page+0xeb/0x140 [ 847.780111][T12362] prepare_alloc_pages+0x1f0/0x5f0 [ 847.780144][T12362] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 847.780186][T12362] ? __pfx_css_rstat_updated+0x10/0x10 [ 847.780223][T12362] ? rcu_is_watching+0x12/0xc0 [ 847.780262][T12362] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 847.780317][T12362] ? lru_gen_add_folio+0x20f/0x13e0 [ 847.780366][T12362] ? lock_acquire+0x1cf/0x380 [ 847.780398][T12362] ? find_held_lock+0x2b/0x80 [ 847.780421][T12362] ? page_table_check_set+0x49a/0xa10 [ 847.780444][T12362] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 847.780489][T12362] ? policy_nodemask+0xed/0x4f0 [ 847.780517][T12362] alloc_pages_mpol+0x1fb/0x550 [ 847.780544][T12362] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 847.780578][T12362] folio_alloc_mpol_noprof+0x36/0x340 [ 847.780611][T12362] vma_alloc_folio_noprof+0xed/0x1d0 [ 847.780642][T12362] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 847.780682][T12362] do_anonymous_page+0xb3a/0x1fb0 [ 847.780726][T12362] __handle_mm_fault+0x1d42/0x2b60 [ 847.780768][T12362] ? __pfx___handle_mm_fault+0x10/0x10 [ 847.780804][T12362] ? pte_offset_map_lock+0x174/0x320 [ 847.780829][T12362] ? find_held_lock+0x2b/0x80 [ 847.780861][T12362] ? follow_page_pte+0x5b3/0x1400 [ 847.780894][T12362] handle_mm_fault+0x36d/0xa20 [ 847.780933][T12362] __get_user_pages+0xf9c/0x34d0 [ 847.780972][T12362] ? __pfx___get_user_pages+0x10/0x10 [ 847.781008][T12362] populate_vma_page_range+0x267/0x3f0 [ 847.781040][T12362] ? __pfx_populate_vma_page_range+0x10/0x10 [ 847.781070][T12362] ? __pfx_find_vma_intersection+0x10/0x10 [ 847.781097][T12362] ? do_mmap+0x93f/0x12f0 [ 847.781128][T12362] __mm_populate+0x107/0x3a0 [ 847.781159][T12362] ? __pfx___mm_populate+0x10/0x10 [ 847.781190][T12362] ? up_write+0x290/0x4f0 [ 847.781229][T12362] vm_mmap_pgoff+0x37f/0x470 [ 847.781260][T12362] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 847.781290][T12362] ? do_futex+0x192/0x350 [ 847.781329][T12362] ? __pfx_do_futex+0x10/0x10 [ 847.781359][T12362] ? __pfx_do_sys_openat2+0x10/0x10 [ 847.781397][T12362] ksys_mmap_pgoff+0xe1/0x650 [ 847.781423][T12362] ? __x64_sys_futex+0x34f/0x4d0 [ 847.781454][T12362] ? __x64_sys_futex+0x358/0x4d0 [ 847.781487][T12362] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 847.781514][T12362] ? xfd_validate_state+0x129/0x190 [ 847.781555][T12362] __x64_sys_mmap+0x125/0x190 [ 847.781595][T12362] do_syscall_64+0x106/0xf80 [ 847.781630][T12362] ? clear_bhb_loop+0x40/0x90 [ 847.781660][T12362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.781685][T12362] RIP: 0033:0x7f806ab9c799 [ 847.781704][T12362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 847.781726][T12362] RSP: 002b:00007f806bad3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 847.781749][T12362] RAX: ffffffffffffffda RBX: 00007f806ae15fa0 RCX: 00007f806ab9c799 [ 847.781765][T12362] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 847.781780][T12362] RBP: 00007f806ac32c99 R08: 0000000000000002 R09: 0000000000008000 [ 847.781794][T12362] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 847.781808][T12362] R13: 00007f806ae16038 R14: 00007f806ae15fa0 R15: 00007fffafea4258 [ 847.781839][T12362] [ 849.043025][T12373] Invalid ELF header magic: != ELF [ 855.162912][T12428] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 855.243823][T12428] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 855.298757][T12428] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 858.102103][T12450] zram0: detected capacity change from 16 to 0 [ 862.455672][T11797] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 862.455707][T11797] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15 [ 862.472169][T11797] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 862.986383][T12491] : Can't lookup blockdev [ 863.034798][T11797] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 865.879935][T12519] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input24 [ 870.398624][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.404949][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.942763][T12560] capability: warning: `syz.1.1400' uses 32-bit capabilities (legacy support in use) [ 876.916583][T12616] FAULT_INJECTION: forcing a failure. [ 876.916583][T12616] name failslab, interval 1, probability 0, space 0, times 0 [ 877.121025][T12616] CPU: 0 UID: 0 PID: 12616 Comm: syz.1.1411 Tainted: G L syzkaller #0 PREEMPT(full) [ 877.121066][T12616] Tainted: [L]=SOFTLOCKUP [ 877.121075][T12616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 877.121090][T12616] Call Trace: [ 877.121098][T12616] [ 877.121107][T12616] dump_stack_lvl+0x100/0x190 [ 877.121148][T12616] should_fail_ex.cold+0x5/0xa [ 877.121176][T12616] should_failslab+0xc2/0x120 [ 877.121209][T12616] __kmalloc_cache_noprof+0x7a/0x6f0 [ 877.121243][T12616] ? nfs_init_fs_context+0x4f/0x1510 [ 877.121285][T12616] nfs_init_fs_context+0x4f/0x1510 [ 877.121324][T12616] alloc_fs_context+0x60c/0xf40 [ 877.121358][T12616] __x64_sys_fsopen+0xed/0x220 [ 877.121391][T12616] do_syscall_64+0x106/0xf80 [ 877.121426][T12616] ? clear_bhb_loop+0x40/0x90 [ 877.121455][T12616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 877.121480][T12616] RIP: 0033:0x7f540b99c799 [ 877.121501][T12616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 877.121525][T12616] RSP: 002b:00007f540c840028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 877.121549][T12616] RAX: ffffffffffffffda RBX: 00007f540bc16090 RCX: 00007f540b99c799 [ 877.121565][T12616] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 877.121580][T12616] RBP: 00007f540ba32c99 R08: 0000000000000000 R09: 0000000000000000 [ 877.121594][T12616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 877.121609][T12616] R13: 00007f540bc16128 R14: 00007f540bc16090 R15: 00007fffd7efb3d8 [ 877.121639][T12616] [ 877.863421][T12615] kexec: Could not allocate control_code_buffer [ 878.401512][T12628] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input25 [ 886.128551][T12711] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1426'. [ 886.296176][T12711] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1426'. [ 887.807757][T12725] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 887.848689][T12725] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 887.880658][T12725] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 887.913832][T12725] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 889.325094][T12746] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1433'. [ 889.837361][T11797] Bluetooth: hci0: command 0x0c1a tx timeout [ 889.917046][T11797] Bluetooth: hci4: command 0x0c1a tx timeout [ 889.923707][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 889.929826][T11797] Bluetooth: hci1: command 0x0c1a tx timeout [ 890.383257][T12756] Bluetooth: hci4: unexpected event 0x34 length: 11 > 6 [ 905.735011][T12908] Invalid ELF header magic: != ELF [ 907.253776][T12922] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1462'. [ 907.328293][T12922] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1462'. [ 917.540999][T13021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1478'. [ 917.871974][T13024] FAULT_INJECTION: forcing a failure. [ 917.871974][T13024] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 918.553278][T13024] CPU: 0 UID: 0 PID: 13024 Comm: syz.0.1477 Tainted: G L syzkaller #0 PREEMPT(full) [ 918.553320][T13024] Tainted: [L]=SOFTLOCKUP [ 918.553328][T13024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 918.553344][T13024] Call Trace: [ 918.553351][T13024] [ 918.553360][T13024] dump_stack_lvl+0x100/0x190 [ 918.553403][T13024] should_fail_ex.cold+0x5/0xa [ 918.553433][T13024] ? prepare_alloc_pages+0x16d/0x5f0 [ 918.553465][T13024] should_fail_alloc_page+0xeb/0x140 [ 918.553493][T13024] prepare_alloc_pages+0x1f0/0x5f0 [ 918.553527][T13024] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 918.553570][T13024] ? __pfx_css_rstat_updated+0x10/0x10 [ 918.553601][T13024] ? mark_held_locks+0x40/0x70 [ 918.553639][T13024] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 918.553693][T13024] ? lock_acquire+0x1cf/0x380 [ 918.553725][T13024] ? find_held_lock+0x2b/0x80 [ 918.553747][T13024] ? page_table_check_set+0x49a/0xa10 [ 918.553770][T13024] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 918.553815][T13024] ? policy_nodemask+0xed/0x4f0 [ 918.553843][T13024] alloc_pages_mpol+0x1fb/0x550 [ 918.553870][T13024] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 918.553905][T13024] folio_alloc_mpol_noprof+0x36/0x340 [ 918.553937][T13024] vma_alloc_folio_noprof+0xed/0x1d0 [ 918.553968][T13024] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 918.554008][T13024] do_anonymous_page+0xb3a/0x1fb0 [ 918.554053][T13024] __handle_mm_fault+0x1d42/0x2b60 [ 918.554096][T13024] ? __pfx___handle_mm_fault+0x10/0x10 [ 918.554132][T13024] ? pte_offset_map_lock+0x174/0x320 [ 918.554157][T13024] ? find_held_lock+0x2b/0x80 [ 918.554189][T13024] ? follow_page_pte+0x5b3/0x1400 [ 918.554222][T13024] handle_mm_fault+0x36d/0xa20 [ 918.554262][T13024] __get_user_pages+0xf9c/0x34d0 [ 918.554301][T13024] ? __pfx___get_user_pages+0x10/0x10 [ 918.554337][T13024] populate_vma_page_range+0x267/0x3f0 [ 918.554369][T13024] ? __pfx_populate_vma_page_range+0x10/0x10 [ 918.554399][T13024] ? __pfx_find_vma_intersection+0x10/0x10 [ 918.554431][T13024] ? do_mmap+0x93f/0x12f0 [ 918.554460][T13024] __mm_populate+0x107/0x3a0 [ 918.554491][T13024] ? __pfx___mm_populate+0x10/0x10 [ 918.554523][T13024] ? up_write+0x290/0x4f0 [ 918.554566][T13024] vm_mmap_pgoff+0x37f/0x470 [ 918.554597][T13024] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 918.554627][T13024] ? do_futex+0x192/0x350 [ 918.554660][T13024] ? __pfx_do_futex+0x10/0x10 [ 918.554697][T13024] ksys_mmap_pgoff+0xe1/0x650 [ 918.554724][T13024] ? __x64_sys_futex+0x34f/0x4d0 [ 918.554755][T13024] ? __x64_sys_futex+0x358/0x4d0 [ 918.554788][T13024] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 918.554815][T13024] ? xfd_validate_state+0x129/0x190 [ 918.554856][T13024] __x64_sys_mmap+0x125/0x190 [ 918.554896][T13024] do_syscall_64+0x106/0xf80 [ 918.554932][T13024] ? clear_bhb_loop+0x40/0x90 [ 918.554962][T13024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.554989][T13024] RIP: 0033:0x7f046099c799 [ 918.555010][T13024] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 918.555035][T13024] RSP: 002b:00007f0461860028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 918.555059][T13024] RAX: ffffffffffffffda RBX: 00007f0460c15fa0 RCX: 00007f046099c799 [ 918.555076][T13024] RDX: 00000000000000e2 RSI: 0000000000040009 RDI: 0000000000000000 [ 918.555091][T13024] RBP: 00007f0460a32c99 R08: 0000000000000007 R09: 0000000000028000 [ 918.555106][T13024] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 918.555122][T13024] R13: 00007f0460c16038 R14: 00007f0460c15fa0 R15: 00007ffe6c363808 [ 918.555152][T13024] [ 920.859201][T13052] openvswitch: HfR: Dropping previously announced user features [ 921.123036][T13055] FAULT_INJECTION: forcing a failure. [ 921.123036][T13055] name failslab, interval 1, probability 0, space 0, times 0 [ 921.263209][T13055] CPU: 0 UID: 0 PID: 13055 Comm: syz.4.1487 Tainted: G L syzkaller #0 PREEMPT(full) [ 921.263258][T13055] Tainted: [L]=SOFTLOCKUP [ 921.263267][T13055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 921.263283][T13055] Call Trace: [ 921.263291][T13055] [ 921.263300][T13055] dump_stack_lvl+0x100/0x190 [ 921.263342][T13055] should_fail_ex.cold+0x5/0xa [ 921.263372][T13055] should_failslab+0xc2/0x120 [ 921.263398][T13055] __kmalloc_cache_noprof+0x7a/0x6f0 [ 921.263431][T13055] ? snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 921.263468][T13055] snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 921.263505][T13055] ? __mutex_lock+0x26a/0x1b90 [ 921.263545][T13055] ? snd_pcm_oss_sync+0x243/0x840 [ 921.263573][T13055] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 921.263607][T13055] ? __pfx___mutex_lock+0x10/0x10 [ 921.263649][T13055] ? __fsnotify_parent+0x2b4/0xca0 [ 921.263682][T13055] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 921.263714][T13055] snd_pcm_oss_sync+0x265/0x840 [ 921.263746][T13055] snd_pcm_oss_release+0x238/0x300 [ 921.263776][T13055] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 921.263805][T13055] __fput+0x3ff/0xb40 [ 921.263841][T13055] task_work_run+0x150/0x240 [ 921.263878][T13055] ? __pfx_task_work_run+0x10/0x10 [ 921.263923][T13055] exit_to_user_mode_loop+0x100/0x4a0 [ 921.263959][T13055] do_syscall_64+0x668/0xf80 [ 921.263993][T13055] ? clear_bhb_loop+0x40/0x90 [ 921.264023][T13055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.264048][T13055] RIP: 0033:0x7f806ab9c799 [ 921.264068][T13055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 921.264092][T13055] RSP: 002b:00007f806bad3028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 921.264117][T13055] RAX: 0000000000000000 RBX: 00007f806ae15fa0 RCX: 00007f806ab9c799 [ 921.264133][T13055] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 921.264147][T13055] RBP: 00007f806ac32c99 R08: 0000000000000000 R09: 0000000000000000 [ 921.264162][T13055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 921.264177][T13055] R13: 00007f806ae16038 R14: 00007f806ae15fa0 R15: 00007fffafea4258 [ 921.264212][T13055] [ 922.086001][T13072] openvswitch: HfR: Dropping previously announced user features [ 922.544138][T13076] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1492'. [ 931.888997][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.895336][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.420354][T13154] netlink: 'syz.4.1511': attribute type 1 has an invalid length. [ 933.206721][T13162] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1513'. [ 933.381431][T13162] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 933.443557][T13162] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 933.742598][T13162] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 933.825756][T13162] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 933.891935][ T9018] Process accounting resumed [ 935.249740][T13173] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 935.339614][T13173] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 935.569655][T13173] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 935.762922][T13173] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 936.609936][T13190] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input28 [ 937.300499][T12756] Bluetooth: hci1: command 0x0c1a tx timeout [ 937.306658][ T8755] Bluetooth: hci0: command 0x0c1a tx timeout [ 937.380796][ T8755] Bluetooth: hci3: command 0x0c1a tx timeout [ 937.622242][ T8755] Bluetooth: hci4: command 0x0c1a tx timeout [ 938.015944][T13206] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1522'. [ 942.425064][T13232] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1528'. [ 943.121558][T13238] FAULT_INJECTION: forcing a failure. [ 943.121558][T13238] name failslab, interval 1, probability 0, space 0, times 0 [ 943.313654][T13238] CPU: 0 UID: 0 PID: 13238 Comm: syz.4.1531 Tainted: G L syzkaller #0 PREEMPT(full) [ 943.313696][T13238] Tainted: [L]=SOFTLOCKUP [ 943.313704][T13238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 943.313719][T13238] Call Trace: [ 943.313728][T13238] [ 943.313738][T13238] dump_stack_lvl+0x100/0x190 [ 943.313782][T13238] should_fail_ex.cold+0x5/0xa [ 943.313810][T13238] should_failslab+0xc2/0x120 [ 943.313838][T13238] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 943.313894][T13238] ? __pmd_alloc+0xbf/0x950 [ 943.313928][T13238] __pmd_alloc+0xbf/0x950 [ 943.313961][T13238] __handle_mm_fault+0xa99/0x2b60 [ 943.314000][T13238] ? mt_find+0x45e/0x8e0 [ 943.314039][T13238] ? __pfx___handle_mm_fault+0x10/0x10 [ 943.314072][T13238] ? __pfx_mt_find+0x10/0x10 [ 943.314132][T13238] handle_mm_fault+0x36d/0xa20 [ 943.314174][T13238] __get_user_pages+0xf9c/0x34d0 [ 943.314213][T13238] ? __pfx___get_user_pages+0x10/0x10 [ 943.314250][T13238] populate_vma_page_range+0x267/0x3f0 [ 943.314282][T13238] ? __pfx_populate_vma_page_range+0x10/0x10 [ 943.314313][T13238] ? __pfx_find_vma_intersection+0x10/0x10 [ 943.314341][T13238] ? do_mmap+0x93f/0x12f0 [ 943.314374][T13238] __mm_populate+0x107/0x3a0 [ 943.314406][T13238] ? __pfx___mm_populate+0x10/0x10 [ 943.314438][T13238] ? up_write+0x290/0x4f0 [ 943.314478][T13238] vm_mmap_pgoff+0x37f/0x470 [ 943.314510][T13238] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 943.314540][T13238] ? do_futex+0x192/0x350 [ 943.314574][T13238] ? __pfx_do_futex+0x10/0x10 [ 943.314612][T13238] ksys_mmap_pgoff+0xe1/0x650 [ 943.314638][T13238] ? __x64_sys_futex+0x34f/0x4d0 [ 943.314670][T13238] ? __x64_sys_futex+0x358/0x4d0 [ 943.314703][T13238] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 943.314730][T13238] ? xfd_validate_state+0x129/0x190 [ 943.314771][T13238] __x64_sys_mmap+0x125/0x190 [ 943.314812][T13238] do_syscall_64+0x106/0xf80 [ 943.314847][T13238] ? clear_bhb_loop+0x40/0x90 [ 943.314885][T13238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.314912][T13238] RIP: 0033:0x7f806ab9c799 [ 943.314932][T13238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 943.314957][T13238] RSP: 002b:00007f806bad3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 943.314981][T13238] RAX: ffffffffffffffda RBX: 00007f806ae15fa0 RCX: 00007f806ab9c799 [ 943.314998][T13238] RDX: 00000000000000dc RSI: 0000000000000008 RDI: 0000000000000000 [ 943.315013][T13238] RBP: 00007f806ac32c99 R08: 0000000000000002 R09: 0000000000008000 [ 943.315028][T13238] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 943.315043][T13238] R13: 00007f806ae16038 R14: 00007f806ae15fa0 R15: 00007fffafea4258 [ 943.315076][T13238] [ 943.315217][T13232] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 944.151537][T13236] Invalid ELF header magic: != ELF [ 945.035339][T13250] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1533'. [ 945.699909][T13256] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input29 [ 946.882062][T13232] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 947.040170][T13232] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 947.098593][T13232] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 948.651098][T13270] netlink: 'syz.2.1539': attribute type 11 has an invalid length. [ 948.705803][T13270] netlink: 'syz.2.1539': attribute type 11 has an invalid length. [ 948.796288][T13270] netlink: 'syz.2.1539': attribute type 11 has an invalid length. [ 950.066210][T13286] zram0: detected capacity change from 0 to 16 [ 954.202812][T13316] can: request_module (can-proto-4) failed. [ 962.057640][T13396] zswap: compressor not available [ 965.189084][T13431] futex_wake_op: syz.2.1573 tries to shift op by -2048; fix this program [ 965.246905][T13431] futex_wake_op: syz.2.1573 tries to shift op by -2048; fix this program [ 974.391957][T13490] netlink: 'syz.4.1586': attribute type 15 has an invalid length. [ 974.512405][T13490] netlink: 'syz.4.1586': attribute type 16 has an invalid length. [ 974.639890][T13490] netlink: 194 bytes leftover after parsing attributes in process `syz.4.1586'. [ 975.626758][T13500] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1583'. [ 979.531783][ T29] audit: type=1806 audit(4294969110.530:13): xattr="." res=0 [ 989.970203][ T8755] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 992.288174][ T8755] Bluetooth: hci0: command 0x0c1a tx timeout [ 992.298184][T13601] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 992.562381][T13617] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 992.679430][T13617] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1608'. [ 992.718304][T13601] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 992.831057][T13601] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 992.895721][T13601] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 993.021636][T13617] team0 (unregistering): Port device team_slave_0 removed [ 993.146906][T13617] team0 (unregistering): Port device team_slave_1 removed [ 993.336921][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.344127][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 994.372463][ T8755] Bluetooth: hci1: command 0x0c1a tx timeout [ 994.769703][ T8755] Bluetooth: hci3: command 0x0c1a tx timeout [ 994.933863][ T8755] Bluetooth: hci4: command 0x0c1a tx timeout [ 996.272127][T13625] program syz.2.1609 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 996.890913][T13651] misc userio: Invalid payload size [ 997.809302][T13653] FAULT_INJECTION: forcing a failure. [ 997.809302][T13653] name failslab, interval 1, probability 0, space 0, times 0 [ 998.062913][T13653] CPU: 0 UID: 0 PID: 13653 Comm: syz.2.1615 Tainted: G L syzkaller #0 PREEMPT(full) [ 998.062955][T13653] Tainted: [L]=SOFTLOCKUP [ 998.062963][T13653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 998.062978][T13653] Call Trace: [ 998.062987][T13653] [ 998.062996][T13653] dump_stack_lvl+0x100/0x190 [ 998.063038][T13653] should_fail_ex.cold+0x5/0xa [ 998.063067][T13653] should_failslab+0xc2/0x120 [ 998.063093][T13653] __kmalloc_cache_noprof+0x7a/0x6f0 [ 998.063138][T13653] ? fsnotify_alloc_group+0x92/0x330 [ 998.063171][T13653] fsnotify_alloc_group+0x92/0x330 [ 998.063199][T13653] __do_sys_fanotify_init+0x342/0xe50 [ 998.063242][T13653] do_syscall_64+0x106/0xf80 [ 998.063277][T13653] ? clear_bhb_loop+0x40/0x90 [ 998.063307][T13653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 998.063333][T13653] RIP: 0033:0x7f1743f9c799 [ 998.063353][T13653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 998.063377][T13653] RSP: 002b:00007f1744ead028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 998.063400][T13653] RAX: ffffffffffffffda RBX: 00007f1744215fa0 RCX: 00007f1743f9c799 [ 998.063417][T13653] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 998.063432][T13653] RBP: 00007f1744032c99 R08: 0000000000000000 R09: 0000000000000000 [ 998.063447][T13653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 998.063462][T13653] R13: 00007f1744216038 R14: 00007f1744215fa0 R15: 00007ffeec26b638 [ 998.063492][T13653] [ 1000.686796][T13687] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1622'. [ 1012.088273][T13764] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1638'. [ 1012.232577][T13764] team0 (unregistering): Port device team_slave_0 removed [ 1012.334554][T13764] team0 (unregistering): Port device team_slave_1 removed [ 1013.109358][T13774] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1642'. [ 1013.913781][T13785] FAULT_INJECTION: forcing a failure. [ 1013.913781][T13785] name failslab, interval 1, probability 0, space 0, times 0 [ 1014.014841][T13786] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input36 [ 1014.034600][T13785] CPU: 0 UID: 0 PID: 13785 Comm: syz.4.1645 Tainted: G L syzkaller #0 PREEMPT(full) [ 1014.034639][T13785] Tainted: [L]=SOFTLOCKUP [ 1014.034647][T13785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1014.034662][T13785] Call Trace: [ 1014.034670][T13785] [ 1014.034678][T13785] dump_stack_lvl+0x100/0x190 [ 1014.034720][T13785] should_fail_ex.cold+0x5/0xa [ 1014.034747][T13785] should_failslab+0xc2/0x120 [ 1014.034772][T13785] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1014.034808][T13785] ? alloc_empty_file+0x55/0x1c0 [ 1014.034838][T13785] ? __pfx_stack_trace_save+0x10/0x10 [ 1014.034866][T13785] alloc_empty_file+0x55/0x1c0 [ 1014.034896][T13785] path_openat+0xe8/0x31a0 [ 1014.034919][T13785] ? kasan_save_stack+0x3f/0x50 [ 1014.034955][T13785] ? kasan_save_stack+0x30/0x50 [ 1014.034990][T13785] ? kasan_save_track+0x14/0x30 [ 1014.035031][T13785] ? __kasan_slab_alloc+0x89/0x90 [ 1014.035051][T13785] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1014.035086][T13785] ? do_getname+0x35/0x390 [ 1014.035113][T13785] ? do_sys_openat2+0xc5/0x1e0 [ 1014.035142][T13785] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1014.035171][T13785] ? __pfx_path_openat+0x10/0x10 [ 1014.035206][T13785] do_file_open+0x20e/0x430 [ 1014.035232][T13785] ? __pfx_do_file_open+0x10/0x10 [ 1014.035280][T13785] ? alloc_fd+0x476/0x790 [ 1014.035305][T13785] ? do_getname+0x191/0x390 [ 1014.035336][T13785] do_sys_openat2+0x10d/0x1e0 [ 1014.035367][T13785] ? __pfx_do_sys_openat2+0x10/0x10 [ 1014.035396][T13785] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1014.035435][T13785] ? __fget_files+0x21f/0x3d0 [ 1014.035461][T13785] __x64_sys_openat+0x12d/0x210 [ 1014.035494][T13785] ? __pfx___x64_sys_openat+0x10/0x10 [ 1014.035524][T13785] ? ksys_write+0x1ac/0x250 [ 1014.035555][T13785] do_syscall_64+0x106/0xf80 [ 1014.035588][T13785] ? clear_bhb_loop+0x40/0x90 [ 1014.035617][T13785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1014.035641][T13785] RIP: 0033:0x7f806ab9c799 [ 1014.035660][T13785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1014.035683][T13785] RSP: 002b:00007f806bad3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1014.035705][T13785] RAX: ffffffffffffffda RBX: 00007f806ae15fa0 RCX: 00007f806ab9c799 [ 1014.035720][T13785] RDX: 1a6b75d63882a792 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1014.035735][T13785] RBP: 00007f806bad3090 R08: 0000000000000000 R09: 0000000000000000 [ 1014.035749][T13785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1014.035762][T13785] R13: 00007f806ae16038 R14: 00007f806ae15fa0 R15: 00007fffafea4258 [ 1014.035792][T13785] [ 1014.619643][T13787] FAULT_INJECTION: forcing a failure. [ 1014.619643][T13787] name failslab, interval 1, probability 0, space 0, times 0 [ 1014.740343][T13787] CPU: 0 UID: 0 PID: 13787 Comm: syz.2.1644 Tainted: G L syzkaller #0 PREEMPT(full) [ 1014.740385][T13787] Tainted: [L]=SOFTLOCKUP [ 1014.740394][T13787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1014.740409][T13787] Call Trace: [ 1014.740416][T13787] [ 1014.740426][T13787] dump_stack_lvl+0x100/0x190 [ 1014.740469][T13787] should_fail_ex.cold+0x5/0xa [ 1014.740498][T13787] should_failslab+0xc2/0x120 [ 1014.740524][T13787] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1014.740561][T13787] ? dup_fd+0x4d/0xd10 [ 1014.740584][T13787] ? trace_kmalloc+0x101/0x130 [ 1014.740613][T13787] dup_fd+0x4d/0xd10 [ 1014.740641][T13787] ? apparmor_task_alloc+0x2c1/0x3b0 [ 1014.740686][T13787] copy_process+0x268f/0x7a40 [ 1014.740730][T13787] ? __pfx_copy_process+0x10/0x10 [ 1014.740759][T13787] ? find_held_lock+0x2b/0x80 [ 1014.740794][T13787] kernel_clone+0xfc/0x9a0 [ 1014.740821][T13787] ? __pfx_futex_wait+0x10/0x10 [ 1014.740862][T13787] ? __pfx_kernel_clone+0x10/0x10 [ 1014.740907][T13787] __do_sys_clone+0xd9/0x120 [ 1014.740936][T13787] ? __pfx___do_sys_clone+0x10/0x10 [ 1014.740989][T13787] do_syscall_64+0x106/0xf80 [ 1014.741032][T13787] ? clear_bhb_loop+0x40/0x90 [ 1014.741063][T13787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1014.741089][T13787] RIP: 0033:0x7f1743f9c799 [ 1014.741109][T13787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1014.741134][T13787] RSP: 002b:00007f1744e6b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1014.741158][T13787] RAX: ffffffffffffffda RBX: 00007f1744216180 RCX: 00007f1743f9c799 [ 1014.741175][T13787] RDX: 0000200000000080 RSI: 000000000000000b RDI: 0000000000000008 [ 1014.741190][T13787] RBP: 00007f1744032c99 R08: 0000000000000002 R09: 0000000000000000 [ 1014.741206][T13787] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 1014.741221][T13787] R13: 00007f1744216218 R14: 00007f1744216180 R15: 00007ffeec26b638 [ 1014.741252][T13787] [ 1019.645522][T13830] FAULT_INJECTION: forcing a failure. [ 1019.645522][T13830] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.943229][T13830] CPU: 0 UID: 0 PID: 13830 Comm: syz.0.1652 Tainted: G L syzkaller #0 PREEMPT(full) [ 1019.943271][T13830] Tainted: [L]=SOFTLOCKUP [ 1019.943279][T13830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1019.943295][T13830] Call Trace: [ 1019.943302][T13830] [ 1019.943312][T13830] dump_stack_lvl+0x100/0x190 [ 1019.943353][T13830] should_fail_ex.cold+0x5/0xa [ 1019.943382][T13830] should_failslab+0xc2/0x120 [ 1019.943409][T13830] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1019.943442][T13830] ? nfs_init_fs_context+0x4f/0x1510 [ 1019.943485][T13830] nfs_init_fs_context+0x4f/0x1510 [ 1019.943527][T13830] alloc_fs_context+0x60c/0xf40 [ 1019.943561][T13830] __x64_sys_fsopen+0xed/0x220 [ 1019.943595][T13830] do_syscall_64+0x106/0xf80 [ 1019.943638][T13830] ? clear_bhb_loop+0x40/0x90 [ 1019.943669][T13830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1019.943695][T13830] RIP: 0033:0x7f046099c799 [ 1019.943715][T13830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1019.943739][T13830] RSP: 002b:00007f046183f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1019.943762][T13830] RAX: ffffffffffffffda RBX: 00007f0460c16090 RCX: 00007f046099c799 [ 1019.943778][T13830] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1019.943793][T13830] RBP: 00007f0460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 1019.943808][T13830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1019.943823][T13830] R13: 00007f0460c16128 R14: 00007f0460c16090 R15: 00007ffe6c363808 [ 1019.943853][T13830] [ 1021.065869][T13827] kexec: Could not allocate control_code_buffer [ 1022.860633][T13863] FAULT_INJECTION: forcing a failure. [ 1022.860633][T13863] name failslab, interval 1, probability 0, space 0, times 0 [ 1023.025502][T13863] CPU: 0 UID: 0 PID: 13863 Comm: syz.4.1663 Tainted: G L syzkaller #0 PREEMPT(full) [ 1023.025544][T13863] Tainted: [L]=SOFTLOCKUP [ 1023.025552][T13863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1023.025568][T13863] Call Trace: [ 1023.025576][T13863] [ 1023.025586][T13863] dump_stack_lvl+0x100/0x190 [ 1023.025628][T13863] should_fail_ex.cold+0x5/0xa [ 1023.025656][T13863] should_failslab+0xc2/0x120 [ 1023.025683][T13863] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1023.025722][T13863] ? __d_alloc+0x34/0xa80 [ 1023.025756][T13863] __d_alloc+0x34/0xa80 [ 1023.025787][T13863] d_alloc_pseudo+0x1c/0xc0 [ 1023.025823][T13863] alloc_file_pseudo+0xcf/0x230 [ 1023.025856][T13863] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1023.025897][T13863] __shmem_file_setup+0x221/0x490 [ 1023.025932][T13863] ? __pfx___shmem_file_setup+0x10/0x10 [ 1023.025972][T13863] ? vm_area_alloc+0x1f/0x160 [ 1023.026009][T13863] shmem_zero_setup+0x96/0x1b0 [ 1023.026051][T13863] __mmap_region+0x2198/0x29e0 [ 1023.026092][T13863] ? __pfx___mmap_region+0x10/0x10 [ 1023.026160][T13863] ? sched_clock+0x38/0x60 [ 1023.026206][T13863] ? lockdep_hardirqs_on+0x78/0x100 [ 1023.026242][T13863] ? finish_task_switch.isra.0+0x205/0xb80 [ 1023.026271][T13863] ? rcu_is_watching+0x12/0xc0 [ 1023.026345][T13863] ? rcu_is_watching+0x12/0xc0 [ 1023.026383][T13863] ? cap_capable+0x107/0x460 [ 1023.026436][T13863] mmap_region+0x180/0x3e0 [ 1023.026480][T13863] do_mmap+0xc63/0x12f0 [ 1023.026512][T13863] ? __pfx_do_mmap+0x10/0x10 [ 1023.026540][T13863] ? __pfx_down_write_killable+0x10/0x10 [ 1023.026587][T13863] vm_mmap_pgoff+0x29e/0x470 [ 1023.026620][T13863] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1023.026650][T13863] ? do_futex+0x192/0x350 [ 1023.026683][T13863] ? __pfx_do_futex+0x10/0x10 [ 1023.026720][T13863] ksys_mmap_pgoff+0xe1/0x650 [ 1023.026747][T13863] ? __x64_sys_futex+0x34f/0x4d0 [ 1023.026778][T13863] ? __x64_sys_futex+0x358/0x4d0 [ 1023.026811][T13863] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1023.026838][T13863] ? xfd_validate_state+0x129/0x190 [ 1023.026879][T13863] __x64_sys_mmap+0x125/0x190 [ 1023.026919][T13863] do_syscall_64+0x106/0xf80 [ 1023.026954][T13863] ? clear_bhb_loop+0x40/0x90 [ 1023.026984][T13863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1023.027010][T13863] RIP: 0033:0x7f806ab9c799 [ 1023.027030][T13863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1023.027054][T13863] RSP: 002b:00007f806bab2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1023.027077][T13863] RAX: ffffffffffffffda RBX: 00007f806ae16090 RCX: 00007f806ab9c799 [ 1023.027094][T13863] RDX: 00000000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 1023.027109][T13863] RBP: 00007f806ac32c99 R08: 00000000000003fd R09: 0000000000008000 [ 1023.027124][T13863] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1023.027139][T13863] R13: 00007f806ae16128 R14: 00007f806ae16090 R15: 00007fffafea4258 [ 1023.027171][T13863] [ 1023.735352][T13860] kexec: Could not allocate control_code_buffer [ 1023.897474][T13853] vcan0: tx drop: invalid sa for name 0xffff030000000000 [ 1027.525951][T13932] kAFS: Invalid Command on /proc/fs/afs/cells file [ 1030.456887][T13966] ecryptfs_miscdev_write: Invalid packet size [192] [ 1032.321177][T13987] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input39 [ 1035.791106][ T29] audit: type=1800 audit(4294970189.773:14): pid=14030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1700" name="features" dev="configfs" ino=362566 res=0 errno=0 [ 1036.118966][T14030] hub 1-0:1.0: USB hub found [ 1036.195383][T14030] hub 1-0:1.0: 1 port detected [ 1042.242948][T14092] can: request_module (can-proto-4) failed. [ 1043.304731][T14117] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1721'. [ 1044.844671][T14133] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1725'. [ 1046.432365][T14151] FAULT_INJECTION: forcing a failure. [ 1046.432365][T14151] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1046.754432][T14151] CPU: 0 UID: 0 PID: 14151 Comm: syz.1.1729 Tainted: G L syzkaller #0 PREEMPT(full) [ 1046.754471][T14151] Tainted: [L]=SOFTLOCKUP [ 1046.754479][T14151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1046.754494][T14151] Call Trace: [ 1046.754501][T14151] [ 1046.754510][T14151] dump_stack_lvl+0x100/0x190 [ 1046.754550][T14151] should_fail_ex.cold+0x5/0xa [ 1046.754582][T14151] _copy_from_user+0x2e/0xd0 [ 1046.754611][T14151] core_sys_select+0x472/0xbb0 [ 1046.754656][T14151] ? __pfx_core_sys_select+0x10/0x10 [ 1046.754721][T14151] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1046.754758][T14151] ? __fget_files+0x215/0x3d0 [ 1046.754781][T14151] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1046.754822][T14151] kern_select+0x20c/0x270 [ 1046.754862][T14151] ? __pfx_kern_select+0x10/0x10 [ 1046.754909][T14151] ? __pfx_ksys_write+0x10/0x10 [ 1046.754935][T14151] __x64_sys_select+0xbd/0x160 [ 1046.754955][T14151] ? do_syscall_64+0x95/0xf80 [ 1046.754986][T14151] ? lockdep_hardirqs_on+0x78/0x100 [ 1046.755019][T14151] do_syscall_64+0x106/0xf80 [ 1046.755053][T14151] ? clear_bhb_loop+0x40/0x90 [ 1046.755081][T14151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1046.755105][T14151] RIP: 0033:0x7f540b99c799 [ 1046.755123][T14151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1046.755146][T14151] RSP: 002b:00007f540c840028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1046.755167][T14151] RAX: ffffffffffffffda RBX: 00007f540bc16090 RCX: 00007f540b99c799 [ 1046.755183][T14151] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 1046.755197][T14151] RBP: 00007f540c840090 R08: 0000000000000000 R09: 0000000000000000 [ 1046.755211][T14151] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 1046.755225][T14151] R13: 00007f540bc16128 R14: 00007f540bc16090 R15: 00007fffd7efb3d8 [ 1046.755255][T14151] [ 1050.662870][T14184] FAULT_INJECTION: forcing a failure. [ 1050.662870][T14184] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1050.841515][T14184] CPU: 0 UID: 0 PID: 14184 Comm: syz.0.1735 Tainted: G L syzkaller #0 PREEMPT(full) [ 1050.841556][T14184] Tainted: [L]=SOFTLOCKUP [ 1050.841564][T14184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1050.841580][T14184] Call Trace: [ 1050.841588][T14184] [ 1050.841597][T14184] dump_stack_lvl+0x100/0x190 [ 1050.841646][T14184] should_fail_ex.cold+0x5/0xa [ 1050.841671][T14184] ? prepare_alloc_pages+0x16d/0x5f0 [ 1050.841705][T14184] should_fail_alloc_page+0xeb/0x140 [ 1050.841734][T14184] prepare_alloc_pages+0x1f0/0x5f0 [ 1050.841767][T14184] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1050.841809][T14184] ? __pfx_stack_trace_save+0x10/0x10 [ 1050.841835][T14184] ? stack_depot_save_flags+0x27/0x9d0 [ 1050.841866][T14184] ? kasan_save_stack+0x3f/0x50 [ 1050.841905][T14184] ? kasan_save_stack+0x30/0x50 [ 1050.841943][T14184] ? kasan_save_track+0x14/0x30 [ 1050.841986][T14184] ? __lock_acquire+0x4a5/0x2630 [ 1050.842020][T14184] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1050.842064][T14184] ? __lock_acquire+0x4a5/0x2630 [ 1050.842093][T14184] ? look_up_lock_class+0x64/0x120 [ 1050.842136][T14184] ? lock_acquire+0x1cf/0x380 [ 1050.842168][T14184] ? find_held_lock+0x2b/0x80 [ 1050.842190][T14184] ? page_table_check_set+0x49a/0xa10 [ 1050.842214][T14184] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1050.842258][T14184] ? policy_nodemask+0xed/0x4f0 [ 1050.842286][T14184] alloc_pages_mpol+0x1fb/0x550 [ 1050.842314][T14184] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1050.842348][T14184] folio_alloc_mpol_noprof+0x36/0x340 [ 1050.842381][T14184] vma_alloc_folio_noprof+0xed/0x1d0 [ 1050.842412][T14184] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1050.842451][T14184] do_anonymous_page+0xb3a/0x1fb0 [ 1050.842496][T14184] __handle_mm_fault+0x1d42/0x2b60 [ 1050.842542][T14184] ? __pfx___handle_mm_fault+0x10/0x10 [ 1050.842579][T14184] ? pte_offset_map_lock+0x174/0x320 [ 1050.842604][T14184] ? find_held_lock+0x2b/0x80 [ 1050.842641][T14184] ? follow_page_pte+0x5b3/0x1400 [ 1050.842675][T14184] handle_mm_fault+0x36d/0xa20 [ 1050.842716][T14184] __get_user_pages+0xf9c/0x34d0 [ 1050.842756][T14184] ? __pfx___get_user_pages+0x10/0x10 [ 1050.842793][T14184] populate_vma_page_range+0x267/0x3f0 [ 1050.842826][T14184] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1050.842856][T14184] ? __pfx_find_vma_intersection+0x10/0x10 [ 1050.842884][T14184] ? do_mmap+0x93f/0x12f0 [ 1050.842914][T14184] __mm_populate+0x107/0x3a0 [ 1050.842945][T14184] ? __pfx___mm_populate+0x10/0x10 [ 1050.842977][T14184] ? up_write+0x290/0x4f0 [ 1050.843015][T14184] vm_mmap_pgoff+0x37f/0x470 [ 1050.843046][T14184] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1050.843075][T14184] ? do_futex+0x192/0x350 [ 1050.843107][T14184] ? __pfx_do_futex+0x10/0x10 [ 1050.843145][T14184] ksys_mmap_pgoff+0xe1/0x650 [ 1050.843171][T14184] ? __x64_sys_futex+0x34f/0x4d0 [ 1050.843205][T14184] ? __x64_sys_futex+0x358/0x4d0 [ 1050.843238][T14184] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1050.843264][T14184] ? xfd_validate_state+0x129/0x190 [ 1050.843306][T14184] __x64_sys_mmap+0x125/0x190 [ 1050.843346][T14184] do_syscall_64+0x106/0xf80 [ 1050.843381][T14184] ? clear_bhb_loop+0x40/0x90 [ 1050.843412][T14184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1050.843438][T14184] RIP: 0033:0x7f046099c799 [ 1050.843470][T14184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1050.843495][T14184] RSP: 002b:00007f0461860028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1050.843520][T14184] RAX: ffffffffffffffda RBX: 00007f0460c15fa0 RCX: 00007f046099c799 [ 1050.843536][T14184] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 1050.843552][T14184] RBP: 00007f0460a32c99 R08: 0000000000000002 R09: 0000000000008000 [ 1050.843568][T14184] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1050.843583][T14184] R13: 00007f0460c16038 R14: 00007f0460c15fa0 R15: 00007ffe6c363808 [ 1050.843614][T14184] [ 1052.516244][T14194] random: crng reseeded on system resumption [ 1054.827261][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.838294][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1062.546469][T14277] zswap: compressor not available [ 1062.583480][T14279] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 1062.728511][T14279] CPU: 0 UID: 0 PID: 14279 Comm: syz.4.1756 Tainted: G L syzkaller #0 PREEMPT(full) [ 1062.728553][T14279] Tainted: [L]=SOFTLOCKUP [ 1062.728561][T14279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1062.728577][T14279] Call Trace: [ 1062.728584][T14279] [ 1062.728594][T14279] dump_stack_lvl+0x100/0x190 [ 1062.728636][T14279] sysfs_warn_dup.cold+0x1c/0x28 [ 1062.728672][T14279] sysfs_do_create_link_sd+0x113/0x140 [ 1062.728711][T14279] sysfs_create_link+0x61/0xc0 [ 1062.728746][T14279] device_add+0x675/0x1950 [ 1062.728778][T14279] ? __pfx_device_add+0x10/0x10 [ 1062.728807][T14279] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1062.728852][T14279] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 1062.728893][T14279] wiphy_register+0x1e5b/0x2d30 [ 1062.728931][T14279] ? __rtnl_unlock+0xb9/0xf0 [ 1062.728971][T14279] ? netdev_run_todo+0x7a0/0x12c0 [ 1062.729015][T14279] ? __pfx_wiphy_register+0x10/0x10 [ 1062.729056][T14279] ? __asan_memset+0x23/0x50 [ 1062.729092][T14279] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 1062.729142][T14279] ieee80211_register_hw+0x2cfd/0x4140 [ 1062.729197][T14279] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1062.729245][T14279] ? __pfx___debug_object_init+0x10/0x10 [ 1062.729292][T14279] ? find_held_lock+0x2b/0x80 [ 1062.729317][T14279] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1062.729361][T14279] ? __hrtimer_setup+0x178/0x280 [ 1062.729397][T14279] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 1062.729458][T14279] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1062.729509][T14279] hwsim_new_radio_nl+0xc1f/0x1340 [ 1062.729556][T14279] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1062.729607][T14279] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 1062.729635][T14279] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 1062.729669][T14279] genl_family_rcv_msg_doit+0x214/0x300 [ 1062.729698][T14279] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1062.729724][T14279] ? genl_get_cmd+0x3ef/0x720 [ 1062.729754][T14279] ? bpf_lsm_capable+0x9/0x10 [ 1062.729780][T14279] ? security_capable+0x80/0x260 [ 1062.729820][T14279] ? ns_capable+0xd2/0xf0 [ 1062.729846][T14279] genl_rcv_msg+0x560/0x800 [ 1062.729874][T14279] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1062.729900][T14279] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1062.729952][T14279] netlink_rcv_skb+0x159/0x420 [ 1062.729991][T14279] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1062.730018][T14279] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1062.730069][T14279] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1062.730111][T14279] genl_rcv+0x28/0x40 [ 1062.730131][T14279] netlink_unicast+0x5aa/0x870 [ 1062.730175][T14279] ? __pfx_netlink_unicast+0x10/0x10 [ 1062.730213][T14279] ? __pfx___might_resched+0x10/0x10 [ 1062.730256][T14279] ? __lock_acquire+0x4a5/0x2630 [ 1062.730296][T14279] netlink_sendmsg+0x8b0/0xda0 [ 1062.730341][T14279] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1062.730379][T14279] ? __import_iovec+0x1d2/0x640 [ 1062.730412][T14279] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1062.730457][T14279] ____sys_sendmsg+0x9e1/0xb70 [ 1062.730481][T14279] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1062.730523][T14279] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1062.730553][T14279] ? try_to_wake_up+0x644/0x1a80 [ 1062.730584][T14279] ___sys_sendmsg+0x190/0x1e0 [ 1062.730613][T14279] ? __pfx____sys_sendmsg+0x10/0x10 [ 1062.730640][T14279] ? futex_private_hash_put+0x107/0x1c0 [ 1062.730705][T14279] __sys_sendmsg+0x170/0x220 [ 1062.730741][T14279] ? __pfx___sys_sendmsg+0x10/0x10 [ 1062.730777][T14279] ? __x64_sys_futex+0x34f/0x4d0 [ 1062.730827][T14279] do_syscall_64+0x106/0xf80 [ 1062.730862][T14279] ? clear_bhb_loop+0x40/0x90 [ 1062.730893][T14279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1062.730922][T14279] RIP: 0033:0x7f806ab9c799 [ 1062.730942][T14279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1062.730968][T14279] RSP: 002b:00007f806bab2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1062.730992][T14279] RAX: ffffffffffffffda RBX: 00007f806ae16090 RCX: 00007f806ab9c799 [ 1062.731009][T14279] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000005 [ 1062.731024][T14279] RBP: 00007f806ac32c99 R08: 0000000000000000 R09: 0000000000000000 [ 1062.731040][T14279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1062.731054][T14279] R13: 00007f806ae16128 R14: 00007f806ae16090 R15: 00007fffafea4258 [ 1062.731087][T14279] [ 1064.949443][T14286] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1066.577195][T14302] FAULT_INJECTION: forcing a failure. [ 1066.577195][T14302] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1066.827701][T14309] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1762'. [ 1066.935461][T14302] CPU: 0 UID: 0 PID: 14302 Comm: syz.1.1762 Tainted: G L syzkaller #0 PREEMPT(full) [ 1066.935499][T14302] Tainted: [L]=SOFTLOCKUP [ 1066.935507][T14302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1066.935521][T14302] Call Trace: [ 1066.935528][T14302] [ 1066.935537][T14302] dump_stack_lvl+0x100/0x190 [ 1066.935576][T14302] should_fail_ex.cold+0x5/0xa [ 1066.935604][T14302] _copy_from_user+0x2e/0xd0 [ 1066.935632][T14302] snd_seq_oss_write+0x395/0x7f0 [ 1066.935668][T14302] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 1066.935701][T14302] ? apparmor_file_permission+0x13f/0x1c0 [ 1066.935728][T14302] ? bpf_lsm_file_permission+0x9/0x10 [ 1066.935770][T14302] odev_write+0x51/0xa0 [ 1066.935793][T14302] vfs_write+0x2aa/0x1070 [ 1066.935815][T14302] ? __pfx_odev_write+0x10/0x10 [ 1066.935839][T14302] ? __pfx_vfs_write+0x10/0x10 [ 1066.935876][T14302] ? find_held_lock+0x2b/0x80 [ 1066.935897][T14302] ? __fget_files+0x215/0x3d0 [ 1066.935919][T14302] ? __fget_files+0x215/0x3d0 [ 1066.935951][T14302] ? __fget_files+0x21f/0x3d0 [ 1066.935981][T14302] ksys_write+0x12a/0x250 [ 1066.936002][T14302] ? __pfx_ksys_write+0x10/0x10 [ 1066.936031][T14302] do_syscall_64+0x106/0xf80 [ 1066.936063][T14302] ? clear_bhb_loop+0x40/0x90 [ 1066.936091][T14302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1066.936115][T14302] RIP: 0033:0x7f540b99c799 [ 1066.936134][T14302] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1066.936156][T14302] RSP: 002b:00007f540c861028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1066.936180][T14302] RAX: ffffffffffffffda RBX: 00007f540bc15fa0 RCX: 00007f540b99c799 [ 1066.936196][T14302] RDX: 00000000000002f8 RSI: 0000200000000040 RDI: 0000000000000002 [ 1066.936210][T14302] RBP: 00007f540c861090 R08: 0000000000000000 R09: 0000000000000000 [ 1066.936224][T14302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1066.936238][T14302] R13: 00007f540bc16038 R14: 00007f540bc15fa0 R15: 00007fffd7efb3d8 [ 1066.936267][T14302] [ 1076.343836][T14363] FAULT_INJECTION: forcing a failure. [ 1076.343836][T14363] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1076.694837][T14363] CPU: 0 UID: 0 PID: 14363 Comm: syz.1.1774 Tainted: G L syzkaller #0 PREEMPT(full) [ 1076.694878][T14363] Tainted: [L]=SOFTLOCKUP [ 1076.694887][T14363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1076.694902][T14363] Call Trace: [ 1076.694910][T14363] [ 1076.694919][T14363] dump_stack_lvl+0x100/0x190 [ 1076.694961][T14363] should_fail_ex.cold+0x5/0xa [ 1076.694985][T14363] ? prepare_alloc_pages+0x16d/0x5f0 [ 1076.695016][T14363] should_fail_alloc_page+0xeb/0x140 [ 1076.695044][T14363] prepare_alloc_pages+0x1f0/0x5f0 [ 1076.695077][T14363] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1076.695120][T14363] ? __pfx_css_rstat_updated+0x10/0x10 [ 1076.695147][T14363] ? lock_acquire+0x1cf/0x380 [ 1076.695180][T14363] ? find_held_lock+0x2b/0x80 [ 1076.695202][T14363] ? free_unref_folios+0xd3f/0x1790 [ 1076.695237][T14363] ? free_unref_folios+0xd3f/0x1790 [ 1076.695275][T14363] ? rcu_is_watching+0x12/0xc0 [ 1076.695321][T14363] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1076.695367][T14363] ? lru_gen_add_folio+0x20f/0x13e0 [ 1076.695414][T14363] ? lock_acquire+0x1cf/0x380 [ 1076.695452][T14363] ? find_held_lock+0x2b/0x80 [ 1076.695475][T14363] ? page_table_check_set+0x49a/0xa10 [ 1076.695499][T14363] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1076.695543][T14363] ? policy_nodemask+0xed/0x4f0 [ 1076.695572][T14363] alloc_pages_mpol+0x1fb/0x550 [ 1076.695599][T14363] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1076.695633][T14363] folio_alloc_mpol_noprof+0x36/0x340 [ 1076.695665][T14363] vma_alloc_folio_noprof+0xed/0x1d0 [ 1076.695696][T14363] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1076.695736][T14363] do_anonymous_page+0xb3a/0x1fb0 [ 1076.695781][T14363] __handle_mm_fault+0x1d42/0x2b60 [ 1076.695824][T14363] ? __pfx___handle_mm_fault+0x10/0x10 [ 1076.695860][T14363] ? pte_offset_map_lock+0x174/0x320 [ 1076.695885][T14363] ? find_held_lock+0x2b/0x80 [ 1076.695918][T14363] ? follow_page_pte+0x5b3/0x1400 [ 1076.695951][T14363] handle_mm_fault+0x36d/0xa20 [ 1076.695991][T14363] __get_user_pages+0xf9c/0x34d0 [ 1076.696030][T14363] ? __pfx___get_user_pages+0x10/0x10 [ 1076.696066][T14363] populate_vma_page_range+0x267/0x3f0 [ 1076.696099][T14363] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1076.696129][T14363] ? __pfx_find_vma_intersection+0x10/0x10 [ 1076.696157][T14363] ? do_mmap+0x93f/0x12f0 [ 1076.696187][T14363] __mm_populate+0x107/0x3a0 [ 1076.696218][T14363] ? __pfx___mm_populate+0x10/0x10 [ 1076.696250][T14363] ? up_write+0x290/0x4f0 [ 1076.696288][T14363] vm_mmap_pgoff+0x37f/0x470 [ 1076.696320][T14363] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1076.696350][T14363] ? do_futex+0x192/0x350 [ 1076.696383][T14363] ? __pfx_do_futex+0x10/0x10 [ 1076.696413][T14363] ? __pfx_do_sys_openat2+0x10/0x10 [ 1076.696457][T14363] ksys_mmap_pgoff+0xe1/0x650 [ 1076.696484][T14363] ? __x64_sys_futex+0x34f/0x4d0 [ 1076.696514][T14363] ? __x64_sys_futex+0x358/0x4d0 [ 1076.696547][T14363] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1076.696573][T14363] ? xfd_validate_state+0x129/0x190 [ 1076.696614][T14363] __x64_sys_mmap+0x125/0x190 [ 1076.696654][T14363] do_syscall_64+0x106/0xf80 [ 1076.696688][T14363] ? clear_bhb_loop+0x40/0x90 [ 1076.696719][T14363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1076.696744][T14363] RIP: 0033:0x7f540b99c799 [ 1076.696764][T14363] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1076.696788][T14363] RSP: 002b:00007f540c861028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1076.696810][T14363] RAX: ffffffffffffffda RBX: 00007f540bc15fa0 RCX: 00007f540b99c799 [ 1076.696826][T14363] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 1076.696840][T14363] RBP: 00007f540ba32c99 R08: 0000000000000002 R09: 0000000000008000 [ 1076.696855][T14363] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1076.696869][T14363] R13: 00007f540bc16038 R14: 00007f540bc15fa0 R15: 00007fffd7efb3d8 [ 1076.696900][T14363] [ 1082.230254][T14392] HfR: entered promiscuous mode [ 1086.864624][T14430] BUG: using __this_cpu_add() in preemptible [00000000] code: syz.2.1789/14430 [ 1086.874738][T14430] caller is iptunnel_xmit+0x1cd/0xb80 [ 1086.880295][T14430] CPU: 0 UID: 0 PID: 14430 Comm: syz.2.1789 Tainted: G L syzkaller #0 PREEMPT(full) [ 1086.880333][T14430] Tainted: [L]=SOFTLOCKUP [ 1086.880342][T14430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1086.880357][T14430] Call Trace: [ 1086.880365][T14430] [ 1086.880374][T14430] dump_stack_lvl+0x100/0x190 [ 1086.880414][T14430] check_preemption_disabled+0xd8/0xe0 [ 1086.880457][T14430] iptunnel_xmit+0x1cd/0xb80 [ 1086.880493][T14430] sctp_v4_xmit+0x75f/0x1060 [ 1086.880540][T14430] sctp_packet_transmit+0x22ec/0x3060 [ 1086.880588][T14430] sctp_packet_singleton+0x19e/0x370 [ 1086.880614][T14430] ? __pfx_sctp_packet_singleton+0x10/0x10 [ 1086.880649][T14430] ? sctp_outq_select_transport+0x20d/0x720 [ 1086.880680][T14430] sctp_outq_flush+0x315/0x3350 [ 1086.880703][T14430] ? _raw_spin_unlock_bh+0x11/0x30 [ 1086.880742][T14430] ? __pfx_sctp_outq_flush+0x10/0x10 [ 1086.880772][T14430] ? sctp_outq_tail+0x68c/0xa90 [ 1086.880802][T14430] sctp_do_sm+0xce1/0x5be0 [ 1086.880837][T14430] ? sctp_ulpevent_notify_peer_addr_change+0xf3/0xb70 [ 1086.880880][T14430] ? __pfx_sctp_do_sm+0x10/0x10 [ 1086.880937][T14430] ? sctp_connect_new_asoc+0x41e/0x770 [ 1086.880964][T14430] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1086.880995][T14430] sctp_primitive_ASSOCIATE+0x9c/0xd0 [ 1086.881027][T14430] __sctp_connect+0x9fc/0xc70 [ 1086.881071][T14430] ? __pfx___sctp_connect+0x10/0x10 [ 1086.881098][T14430] ? __pfx_sctp_inet_connect+0x10/0x10 [ 1086.881144][T14430] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1086.881189][T14430] ? __pfx_sctp_inet_connect+0x10/0x10 [ 1086.881213][T14430] sctp_inet_connect+0x15f/0x220 [ 1086.881240][T14430] __sys_connect_file+0x141/0x1a0 [ 1086.881275][T14430] __sys_connect+0x141/0x170 [ 1086.881305][T14430] ? __pfx___sys_connect+0x10/0x10 [ 1086.881355][T14430] __x64_sys_connect+0x72/0xb0 [ 1086.881386][T14430] ? lockdep_hardirqs_on+0x78/0x100 [ 1086.881421][T14430] do_syscall_64+0x106/0xf80 [ 1086.881455][T14430] ? clear_bhb_loop+0x40/0x90 [ 1086.881486][T14430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.881511][T14430] RIP: 0033:0x7f1743f9c799 [ 1086.881532][T14430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1086.881556][T14430] RSP: 002b:00007f1744ead028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1086.881580][T14430] RAX: ffffffffffffffda RBX: 00007f1744215fa0 RCX: 00007f1743f9c799 [ 1086.881596][T14430] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 1086.881612][T14430] RBP: 00007f1744032c99 R08: 0000000000000000 R09: 0000000000000000 [ 1086.881627][T14430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1086.881642][T14430] R13: 00007f1744216038 R14: 00007f1744215fa0 R15: 00007ffeec26b638 [ 1086.881673][T14430] [ 1087.758665][T14430] BUG: using __this_cpu_add() in preemptible [00000000] code: syz.2.1789/14430 [ 1087.767760][T14430] caller is iptunnel_xmit+0x7d8/0xb80 [ 1087.773225][T14430] CPU: 0 UID: 0 PID: 14430 Comm: syz.2.1789 Tainted: G L syzkaller #0 PREEMPT(full) [ 1087.773262][T14430] Tainted: [L]=SOFTLOCKUP [ 1087.773271][T14430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1087.773286][T14430] Call Trace: [ 1087.773295][T14430] [ 1087.773304][T14430] dump_stack_lvl+0x100/0x190 [ 1087.773344][T14430] check_preemption_disabled+0xd8/0xe0 [ 1087.773386][T14430] iptunnel_xmit+0x7d8/0xb80 [ 1087.773423][T14430] sctp_v4_xmit+0x75f/0x1060 [ 1087.773469][T14430] sctp_packet_transmit+0x22ec/0x3060 [ 1087.773518][T14430] sctp_packet_singleton+0x19e/0x370 [ 1087.773545][T14430] ? __pfx_sctp_packet_singleton+0x10/0x10 [ 1087.773580][T14430] ? sctp_outq_select_transport+0x20d/0x720 [ 1087.773611][T14430] sctp_outq_flush+0x315/0x3350 [ 1087.773635][T14430] ? _raw_spin_unlock_bh+0x11/0x30 [ 1087.773674][T14430] ? __pfx_sctp_outq_flush+0x10/0x10 [ 1087.773705][T14430] ? sctp_outq_tail+0x68c/0xa90 [ 1087.773735][T14430] sctp_do_sm+0xce1/0x5be0 [ 1087.773770][T14430] ? sctp_ulpevent_notify_peer_addr_change+0xf3/0xb70 [ 1087.773813][T14430] ? __pfx_sctp_do_sm+0x10/0x10 [ 1087.773870][T14430] ? sctp_connect_new_asoc+0x41e/0x770 [ 1087.773896][T14430] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1087.773928][T14430] sctp_primitive_ASSOCIATE+0x9c/0xd0 [ 1087.773959][T14430] __sctp_connect+0x9fc/0xc70 [ 1087.773990][T14430] ? __pfx___sctp_connect+0x10/0x10 [ 1087.774017][T14430] ? __pfx_sctp_inet_connect+0x10/0x10 [ 1087.774043][T14430] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1087.774088][T14430] ? __pfx_sctp_inet_connect+0x10/0x10 [ 1087.774112][T14430] sctp_inet_connect+0x15f/0x220 [ 1087.774139][T14430] __sys_connect_file+0x141/0x1a0 [ 1087.774175][T14430] __sys_connect+0x141/0x170 [ 1087.774211][T14430] ? __pfx___sys_connect+0x10/0x10 [ 1087.774261][T14430] __x64_sys_connect+0x72/0xb0 [ 1087.774291][T14430] ? lockdep_hardirqs_on+0x78/0x100 [ 1087.774326][T14430] do_syscall_64+0x106/0xf80 [ 1087.774362][T14430] ? clear_bhb_loop+0x40/0x90 [ 1087.774392][T14430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1087.774418][T14430] RIP: 0033:0x7f1743f9c799 [ 1087.774440][T14430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1087.774464][T14430] RSP: 002b:00007f1744ead028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1087.774487][T14430] RAX: ffffffffffffffda RBX: 00007f1744215fa0 RCX: 00007f1743f9c799 [ 1087.774503][T14430] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 1087.774518][T14430] RBP: 00007f1744032c99 R08: 0000000000000000 R09: 0000000000000000 [ 1087.774533][T14430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1087.774548][T14430] R13: 00007f1744216038 R14: 00007f1744215fa0 R15: 00007ffeec26b638 [ 1087.774579][T14430] [ 1088.479783][T14430] input: jJǸ-9%vJ86 as /devices/virtual/input/input45