last executing test programs: 2m27.225857965s ago: executing program 1 (id=1751): r0 = socket(0x10, 0x2, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x9) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) pwritev$auto(r0, &(0x7f0000000100)={&(0x7f0000000080)="99d053649de56b5c7d62a77ff09818be6a9456b6cb564f26c8e0678ed00272f4360b928e674183d83581957e192a6050f157fbd8c3b9c9853e366309df22b13562a4453467b15e59597930", 0x5}, 0x80000001, 0x3, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_tun_fops_tun(0xffffffffffffffff, 0x0, 0x0) madvise$auto(0x300, 0x600009, 0x19) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) ioctl$auto(r1, 0x4b4e, r1) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r2, &(0x7f0000000300)='*o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008011, 0x4, 0x0) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) r4 = socket(0x10, 0x2, 0x0) setuid$auto(0xe) ioctl$auto(r4, 0x8946, 0x24) fanotify_init$auto(0x0, 0x5) 2m24.600401791s ago: executing program 1 (id=1754): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0xfffffffffffffffe, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0x2) open(0x0, 0x6041, 0x0) r1 = gettid() process_vm_readv$auto(r1, &(0x7f0000000080)={&(0x7f0000000040)="0e5165", 0x1}, 0x2, &(0x7f00000001c0)={0x0, 0x7}, 0x2, 0x0) clone3$auto(&(0x7f0000000100)={0x6, 0x7, 0x0, 0x5, 0xd, 0x80000000, 0x3ff, 0x8, 0x2, 0x2, 0x1}, 0x3) ioctl$auto_BLKTRACESETUP32(r0, 0xc0401273, &(0x7f0000000240)={"f63073df8058c302b0d3672f446ffae0e2e72cce81bb817c6c1737b5f32b9d13", 0xaf, 0x2, 0xda, 0xffffffffffffffff, 0x7}) openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000080), 0x2e6100, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(0xffffffffffffffff, 0x805c6103, &(0x7f00000001c0)={"8911bd3a", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6512", "f34cae3a", "10a991b3", ["3ae887a128f1d8c79420d880", "b11feafce4d296d8c985d069", "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]}) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 2m23.043851275s ago: executing program 1 (id=1756): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0xc, &(0x7f0000000100), 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_5={@target_ifindex, 0xffffffffffffffff, 0xe, 0x5, 0xffffffffffffffff, @relative_id, 0x1}, 0x6f3) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000804) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}, 0x1, 0x140}, 0x40000) 2m21.496314069s ago: executing program 1 (id=1757): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) socket(0x1d, 0x2, 0x7) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) socket(0x1d, 0x2, 0x7) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x4) socket(0x1d, 0x3, 0x1) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) 2m20.545881617s ago: executing program 1 (id=1758): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyw5\x00', 0x28341, 0x0) ioctl$auto_TIOCMGET2(r1, 0x5415, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000400)='/dev/amidi2\x00', 0x201, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS64(r2, 0xc0385720, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mknod$auto(&(0x7f0000000280)='X))\x00', 0x63c5, 0x7bf) mknod$auto(&(0x7f0000000340)='\xe1\x9eHU\x00', 0x63c1, 0x7fc) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/workqueue/nf_ft_offload_add/power/runtime_active_time\x00', 0x20042, 0x0) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x66ab80, 0x0) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000400), 0x101000, 0x0) ioctl$auto_UI_SET_EVBIT(r3, 0x40045564, &(0x7f0000000440)=0x1) unshare$auto(0x40000080) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0) close_range$auto(0x2, 0x8, 0x0) bpf$auto(0x2, 0x0, 0xc) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0) 2m18.668331026s ago: executing program 1 (id=1761): r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r1, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x204c0, 0x0) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x2000, 0x0) sysinfo$auto(0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fail-nth\x00', 0x40, 0x0) writev$auto(r3, 0x0, 0x3) getsockopt$auto(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) unshare$auto(0x40000080) ioctl$auto_SNDCTL_DSP_STEREO(r0, 0xc0045003, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0xe8) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, r4, 0x28000) r6 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r6, 0x0, 0x40) 2m3.339434005s ago: executing program 32 (id=1761): r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r1, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x204c0, 0x0) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x2000, 0x0) sysinfo$auto(0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fail-nth\x00', 0x40, 0x0) writev$auto(r3, 0x0, 0x3) getsockopt$auto(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) unshare$auto(0x40000080) ioctl$auto_SNDCTL_DSP_STEREO(r0, 0xc0045003, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0xe8) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, r4, 0x28000) r6 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r6, 0x0, 0x40) 35.543303625s ago: executing program 3 (id=1977): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8004) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mincore$auto(0x0, 0x8000000000005a, 0x0) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) capset$auto(0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x480a41, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) io_uring_setup$auto(0x7, 0x0) prctl$auto(0x23, 0x200000000000009, 0x7fffffffefff, 0x0, 0x0) r1 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/cmdline\x00', 0x60502, 0x0) read$auto_proc_pid_cmdline_ops_base(r1, &(0x7f0000000040)=""/159, 0x9f) preadv$auto(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x100000000005}, 0x3, 0x4, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'veth0_to_bridge\x00'}) 35.457492426s ago: executing program 4 (id=1979): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyab\x00', 0x88c80, 0x0) ioctl$auto_FIDEDUPERANGE(r1, 0xc0189436, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x2, 0x801, 0x6) setsockopt$auto(r2, 0x1, 0x12, 0x0, 0xa4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd9\x00', 0x0, 0x0) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000162bf2e0f7c562c691235555567190a8826fcd0cf756dfacd1464155407bf9b3acb701adf4fefbc1e3c225fda9eb4c4346", @ANYRES16], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x2000c800) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syslog$auto(0x3, 0x0, 0x5) poll$auto(0x0, 0x7f, 0x9) socket(0x25, 0x5, 0x6) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r4, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) 33.085795335s ago: executing program 3 (id=1982): prctl$auto(0x3e, 0x80000000001, 0x0, 0x1, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r0) shmat$auto(0x0, &(0x7f0000000000)='\x9a\x1e2\x8e\xe3\xb95\x98F\xf8Q\x01\x00\x93^', 0xfff) mkdir$auto(0x0, 0x2) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x414000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) syslog$auto(0x3, 0x0, 0x5) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0) sendfile$auto(r3, 0xffffffffffffffff, 0x0, 0x48) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r4, 0x0, 0xfff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0) unshare$auto(0x40000080) madvise$auto(0xfffffffffffffffd, 0xffffffffffff0009, 0x13) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'tunl0\x00'}) 31.689830168s ago: executing program 3 (id=1984): socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8010) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x50b880, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0xffffffff, 0x3, 0xfffffffffffffff9, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x0, 0x2, 0x8, 0xc, 0x66b, 0x4, 0x1}, 0x6f4) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/most/drivers/most_core/components\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000010c0)=""/4096, 0x1000) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x8, 0x7fff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_TTSTAMP(r1, 0x40044103, &(0x7f0000000080)=0x6) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0x20499d, 0x9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0) 31.334735375s ago: executing program 4 (id=1986): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x4, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) ioctl$auto_tracing_buffers_fops_trace(r2, 0x5220, 0x0) poll$auto(&(0x7f0000000040)={r1, 0x1, 0x40}, 0x8, 0x8000) socket(0xa, 0x1, 0x100) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_OTPSELECT(0xffffffffffffffff, 0x80044d0d, &(0x7f00000000c0)=0x10009) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) read$auto(0xffffffffffffffff, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy15/netdev:wlan1/stations/08:02:11:00:00:00/driver_buffered_tids\x00', 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@nl=@kern={0x10, 0x0, 0x0, 0x4000}, 0x6) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa0c82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) socketpair$auto(0x1e, 0x5, 0x6, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001bc0)='/dev/sequencer2\x00', 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) 30.048194117s ago: executing program 4 (id=1989): socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8010) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x50b880, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0xffffffff, 0x3, 0xfffffffffffffff9, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x0, 0x2, 0x8, 0xc, 0x66b, 0x4, 0x1}, 0x6f4) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/most/drivers/most_core/components\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000010c0)=""/4096, 0x1000) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x8, 0x7fff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0x20499d, 0x9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0) 28.86668172s ago: executing program 3 (id=1992): mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) ioctl$auto_BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) ioctl$auto_SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045017, &(0x7f0000000080)) mmap$auto(0x0, 0x200, 0x2, 0x40ebf, 0x401, 0x8300000000000) r0 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), 0xffffffffffffffff) r1 = getpgid$auto(0x0) sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, r0, 0xa01, 0x70bd2b, 0x25dfdbfb, {}, [@TASKSTATS_CMD_ATTR_TGID={0x8, 0x2, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2400c8c1}, 0x20008010) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/lockd/parameters/nlm_grace_period\x00', 0x8001, 0x0) write$auto(r2, 0x0, 0x8) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, 0x0, 0xc800) socket(0xa, 0x1, 0x100) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) 27.927472229s ago: executing program 4 (id=1994): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x5, 0x0) pipe2$auto(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) socket(0x1d, 0x2, 0x7) socket(0x2, 0x1, 0x0) socket(0x2, 0x3, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x1aa, 0x0, 0x6, 0x0, 0x5, 0x101}, 0x5}, 0x2, 0x100) bpf$auto(0xf7fff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x71c, 0xfaae, 0x468, 0xd, 0x2, 0x8, 0x9, 0x4, 0x1fc, 0x5, 0xb5, 0x4, 0x806, 0xd9ee}, 0xa3) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e) 26.86020996s ago: executing program 4 (id=1996): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0xfffffffffffffffd, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010025bd7000ffdbdf25040000000a0016070000000400000000"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0xffffffffffffffff, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) r4 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) open_by_handle_at$auto(r4, &(0x7f0000000000)={0x8, 0x2, 'u\x00\x00\x00\x00\x00\x00\x00'}, 0x2) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) recvmsg$auto(r3, &(0x7f00000005c0)={&(0x7f00000002c0), 0x8, &(0x7f00000004c0)={&(0x7f00000003c0)="444debcb5d4827b41b873d646e2663fb2d4aa24da78f4b3472bd8daf8c57304fe5302fe1869cfca458a5a39bd4006710640f6032088c509f0c082c1b04896afe04d524b8b80ce2949dae1a1d2bec705c343bc92a41212ae3ed0a036e67d0c6d7b35e6cb8956ef9b289a7e42615af9f0470dc70d3deea952a1d85a1a845530a190757f55d6e53993d1e8f22b49f44b8a5b9b989d8ed44e1a1f0002bb9f9c8813bee34cfb9b329b8b45794054ee04fdb17a945013b532f53854704c99cc8f02c1582b9", 0x3}, 0xd3, 0x0, 0xc, 0xffffffff}, 0xfffffff7) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x3, 0xffffffffffff0005, 0xa) madvise$auto(0x0, 0x2003f2, 0x15) 26.797064923s ago: executing program 3 (id=1997): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000001c0), 0x8942, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x18b800, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop7\x00', 0x10f602, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop2/queue/discard_max_hw_bytes\x00', 0x42200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x73) socket(0xa, 0x80803, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) statx$auto(r0, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 26.447907104s ago: executing program 3 (id=2000): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) pread64$auto(0xffffffffffffffff, 0x0, 0x7fc, 0x400) r0 = socket(0x22, 0x1, 0x80000000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) unshare$auto(0x40000080) sendmmsg$auto(r0, 0x0, 0x3b87, 0xa) mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = socket(0xa, 0x2, 0x88) capset$auto(0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x800, 0x100) setsockopt$auto(r1, 0x29, 0x10, 0x0, 0x1) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0xffffffffffffffff, 0x0, 0xffffffe6) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0) 24.532449912s ago: executing program 4 (id=2002): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8) socket(0xa, 0x5, 0x94) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) unshare$auto(0x40000080) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r2, 0x1260, 0x5) 11.445456841s ago: executing program 33 (id=2000): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) pread64$auto(0xffffffffffffffff, 0x0, 0x7fc, 0x400) r0 = socket(0x22, 0x1, 0x80000000) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) unshare$auto(0x40000080) sendmmsg$auto(r0, 0x0, 0x3b87, 0xa) mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = socket(0xa, 0x2, 0x88) capset$auto(0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x800, 0x100) setsockopt$auto(r1, 0x29, 0x10, 0x0, 0x1) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0xffffffffffffffff, 0x0, 0xffffffe6) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0) 9.354215715s ago: executing program 34 (id=2002): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8) socket(0xa, 0x5, 0x94) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) unshare$auto(0x40000080) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r2, 0x1260, 0x5) 8.311899845s ago: executing program 2 (id=2036): prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0xc0d) epoll_pwait2$auto(0x3, 0x0, 0x4, 0x0, 0x0, 0x7ff6) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2800, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) ioctl$auto_BLKSECDISCARD(0xffffffffffffffff, 0x127d, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_METER_CMD_SET(r2, 0x0, 0x40) r3 = open(0x0, 0x22240, 0x154) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000038, 0x0) fsopen$auto(0x0, 0x1) execveat$auto(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) rename$auto(&(0x7f0000000000)='./file0\x00', 0x0) unshare$auto(0x40000080) 6.818507066s ago: executing program 2 (id=2039): mknod$auto(&(0x7f0000000080)=':,\x00', 0xcb, 0xfffffffa) r0 = pidfd_open$auto(0x1, 0x0) mmap$auto(0x0, 0x2, 0x3, 0x7fffffffffffffff, r0, 0x6) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x3, 0x3, 0x0, 0x0, 0x4) socket(0x1d, 0x5, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) lsm_set_self_attr$auto(0x9, 0x0, 0x80, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0xa, 0x1, 0x100) socket(0x1e, 0x1, 0x0) socket(0x2c, 0x3, 0x9) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x8000000}, 0x3, 0x7, 0x10) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0) write$auto(r2, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) fcntl$auto(0x0, 0x407, 0x100000) umount2$auto(&(0x7f00000005c0)='W\xc1\x87\xf2|R\xe5\xa87\xc6\xd9x\xbd\xe9WyU\xd0\xaa.\xbb\xcd\xae\xcf$0c\x95\xe7S`h\x12\xdf\x04\xe9f+\xfa\x98a\x8d\xe2\b\xc8\x85\x84\xcd\xbb\xee\xd2R\xb4\x9c\xf5gCPA\xa9V\xe3r3j\xf2.\x98\x06\xb4\r\xd8X\xe1\x98\xfd\xe6\xb0\x16H]\xe2Z(\xa1\rB\xb7\xc3\x8c\xe0\xe6\x92Q\xe0\xd9\xdc\xc5\xde\xf7k\xc3L\xfe.\xbb\f\x1a\xaf*~\x05n\xc0G<\x8d\xfb\xb9\x12\x0f\n\r~\x0f\x01[\xee\xe1%U\x11\xfc5\xf6.\xb0\xa9/mLme\xd6d\r\x9d\xcbsO\x0e\xe9\x9c\x10Q\xedw\xa4O9[\xfa\x8f\xbd3<\x866\b\xe9\xf6C\x1e\xe6~\xdbf\x16_\xa0\xaf^\x967!\xcc\xb2\xf9\x84\xfc;q\xbeaf\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001240)={0x1c, r5, 0xb01, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_PEER_MEASUREMENTS={0x8, 0x117, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000084) close_range$auto(0x2, 0x8, 0x0) r6 = socket(0x2b, 0x1, 0x0) ioctl$auto_TCSBRK2(r3, 0x5409, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0x2, 0x5, 0x0) 2.653684885s ago: executing program 2 (id=2046): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listen$auto(0x3, 0x3) eventfd$auto(0x8e) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x22a40, 0x0) mlock$auto(0xfbe8, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x2, 0x0, 0x0) munlock$auto(0xffff, 0x1) 2.043595294s ago: executing program 0 (id=2047): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0xa, 0xa) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x8) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x5, 0x0) io_uring_setup$auto(0x1, 0x0) io_uring_setup$auto(0x59, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2000, 0x0) r0 = open(0x0, 0x149443, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x440, 0x0) socket(0xa, 0x802, 0x3a) socket(0x29, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b82, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) 1.801054495s ago: executing program 0 (id=2048): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x2, 0x1, 0x106) getsockopt$auto_SO_NOFCS(r0, 0x6, 0x2b, 0x0, 0x0) r1 = socket(0xa, 0x801, 0x84) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000040)='/wys/kernel/ru_gen\x00\x00\x00\x00\x00\x00\x00\x00', 0x1003) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x2, 0x0) socket(0xa, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x84, 0x0, 0x90) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x54) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x18, 0x4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(0x0, 0x4) fallocate$auto(0x8000000000000003, 0x0, 0xb, 0x4cbd5d) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) setsockopt$auto(r1, 0x10000000084, 0x22, 0x0, 0x10) 1.12839162s ago: executing program 0 (id=2049): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x0, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) socket(0x2b, 0x1, 0x0) setsockopt$auto(0x3, 0x2, 0x2c, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/all/disable_ipv6\x00', 0x15081, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) sendmsg$auto_VDPA_CMD_DEV_DEL(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, 0x0, 0x100, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) ioctl$auto_EVIOCGKEYCODE(r0, 0x80084504, 0x0) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/input/event0\x00', 0x4c8600, 0x0) ioctl$auto_EVIOCREVOKE(r4, 0x40044591, &(0x7f0000000280)=0x4d4c) 893.152µs ago: executing program 2 (id=2050): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$auto(r1, 0x400454ca, 0x38) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x80900, 0x0) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20a01, 0x0) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000000c0), 0xffffffffffffffff) mmap$auto(0xb2, 0x14, 0xffb, 0x8000000008015, r0, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto_BLKTRACETEARDOWN(r2, 0x1276, 0x0) mmap$auto(0x8000000000002001, 0x20009, 0xdf, 0x15, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0xa, 0x3, 0x3c) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty48\x00', 0x880, 0x0) ioctl$auto(r4, 0x5609, r3) open_tree$auto(0xffffffffffffffff, 0x0, 0x74ee) ioctl$auto_NS_GET_PID_FROM_PIDNS(0xffffffffffffffff, 0x8004b706, &(0x7f0000000180)=0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="000229bd0080fbdbdf"], 0x24}, 0x1, 0x0, 0x0, 0x20000050}, 0x400c0) 0s ago: executing program 0 (id=2056): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x4008804) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) read$auto(0xffffffffffffffff, 0x0, 0x9) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, 0x0) io_uring_setup$auto(0xfa3, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r2, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) keyctl$auto(0x2, 0xffffeffffffffffe, 0x107, 0x803, 0x800000000000c) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, 0x0, 0x4004010) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) r3 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x88c00, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_PAUSE2(r3, 0x40044145, &(0x7f0000000000)=0x3) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): 700.940873][T12845] ksys_read+0x12a/0x250 [ 700.940893][T12845] ? __pfx_ksys_read+0x10/0x10 [ 700.940921][T12845] do_syscall_64+0xcd/0x4c0 [ 700.940939][T12845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 700.940957][T12845] RIP: 0033:0x7f316718eba9 [ 700.940973][T12845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 700.940991][T12845] RSP: 002b:00007f3167f91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 700.941008][T12845] RAX: ffffffffffffffda RBX: 00007f31673d5fa0 RCX: 00007f316718eba9 [ 700.941020][T12845] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 700.941031][T12845] RBP: 00007f3167211e19 R08: 0000000000000000 R09: 0000000000000000 [ 700.941042][T12845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 700.941052][T12845] R13: 00007f31673d6038 R14: 00007f31673d5fa0 R15: 00007ffebad7fb08 [ 700.941075][T12845] [ 700.941135][T12845] ACPI Error: [ 701.187269][ C0] vkms_vblank_simulate: vblank timer overrun [ 702.697646][T12868] net_ratelimit: 62 callbacks suppressed [ 702.697662][T12868] netlink: zone id is out of range [ 702.804519][T12868] netlink: zone id is out of range [ 702.875497][T12868] netlink: zone id is out of range [ 702.940913][T12868] netlink: zone id is out of range [ 702.963857][T12868] netlink: zone id is out of range [ 703.040751][T12845] ffff888079e1e000 walk still has a scope list (20250404/dswstate-694) [ 703.124969][ T3542] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1360 with max blocks 45 with error 117 [ 703.138733][T12868] netlink: zone id is out of range [ 703.181257][T12868] netlink: zone id is out of range [ 703.208583][T12868] netlink: zone id is out of range [ 703.241688][ T3542] EXT4-fs (sda1): This should not happen!! Data will be lost [ 703.241688][ T3542] [ 703.291553][T12868] netlink: zone id is out of range [ 703.316687][T12868] netlink: zone id is out of range [ 705.340206][T12904] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1552'. [ 705.513915][T12904] macvtap0: entered promiscuous mode [ 705.558722][T12904] macvtap0: entered allmulticast mode [ 705.908710][T12902] Process accounting resumed [ 709.100490][T12938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78408 [ 709.294818][T12938] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 709.429236][T12938] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 709.569348][T12938] page_type: f5(slab) [ 709.633175][T12938] raw: 00fff00000000040 ffff88801b842140 dead000000000100 dead000000000122 [ 709.791330][T12938] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 709.902413][T12938] head: 00fff00000000040 ffff88801b842140 dead000000000100 dead000000000122 [ 710.060406][T12938] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 710.230302][T12938] head: 00fff00000000003 ffffea0001e10201 00000000ffffffff 00000000ffffffff [ 710.433390][T12938] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 710.516979][T12938] page dumped because: unmovable page [ 710.522417][T12938] page_owner tracks the page as allocated [ 710.692344][T12938] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5236, tgid 5236 (udevd), ts 188267157383, free_ts 188257871907 [ 710.953579][T12938] post_alloc_hook+0x1c0/0x230 [ 711.025626][T12938] get_page_from_freelist+0x132b/0x38e0 [ 711.154789][T12938] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 711.249848][T12938] alloc_pages_mpol+0x1fb/0x550 [ 711.404261][T12938] new_slab+0x247/0x330 [ 711.483501][T12938] ___slab_alloc+0xcf2/0x1750 [ 711.617918][T12938] __slab_alloc.constprop.0+0x56/0xb0 [ 711.673790][T12938] __kmalloc_noprof+0x2f2/0x510 [ 711.780304][T12938] tomoyo_realpath_from_path+0xc2/0x6e0 [ 711.864609][ T1146] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1393 with max blocks 12 with error 117 [ 711.899110][T12938] tomoyo_check_open_permission+0x2ab/0x3c0 [ 711.972323][ T1146] EXT4-fs (sda1): This should not happen!! Data will be lost [ 711.972323][ T1146] [ 711.992616][T12938] tomoyo_file_open+0x6b/0x90 [ 712.053221][T12938] security_file_open+0x84/0x1e0 [ 712.076076][ T1146] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1013 with max blocks 11 with error 117 [ 712.111853][T12938] do_dentry_open+0x596/0x1530 [ 712.158669][ T1146] EXT4-fs (sda1): This should not happen!! Data will be lost [ 712.158669][ T1146] [ 712.176671][T12938] vfs_open+0x82/0x3f0 [ 712.186870][T12938] path_openat+0x1de4/0x2cb0 [ 712.217213][T12938] do_filp_open+0x20b/0x470 [ 712.253691][T12938] page last free pid 5853 tgid 5853 stack trace: [ 712.351758][T12938] __free_frozen_pages+0x7d5/0x10f0 [ 712.374964][T12938] __folio_put+0x329/0x450 [ 712.408628][T12938] skb_release_data+0x81a/0x9e0 [ 712.437460][T12938] __kfree_skb+0x4f/0x70 [ 712.460867][T12938] tcp_ack+0x19b2/0x5bf0 [ 712.481814][T12938] tcp_rcv_established+0xda2/0x23f0 [ 712.501424][T12938] tcp_v4_do_rcv+0x5ca/0xa90 [ 712.524288][T12938] __release_sock+0x31b/0x400 [ 712.555030][T12938] release_sock+0x5a/0x220 [ 712.602183][T12938] tcp_sendmsg+0x38/0x50 [ 712.652209][T12938] inet_sendmsg+0xb9/0x140 [ 712.688787][T12938] sock_write_iter+0x4aa/0x5b0 [ 712.739107][T12938] vfs_write+0x7d3/0x11d0 [ 712.775580][T12938] ksys_write+0x1f8/0x250 [ 712.823458][T12938] do_syscall_64+0xcd/0x4c0 [ 712.843310][T12938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.246422][ T30] audit: type=1800 audit(4294967467.209:20): pid=12981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1567" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 715.913924][T13013] FAULT_INJECTION: forcing a failure. [ 715.913924][T13013] name failslab, interval 1, probability 0, space 0, times 0 [ 716.059440][T13013] CPU: 0 UID: 0 PID: 13013 Comm: syz.3.1570 Not tainted syzkaller #0 PREEMPT(full) [ 716.059468][T13013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 716.059481][T13013] Call Trace: [ 716.059487][T13013] [ 716.059495][T13013] dump_stack_lvl+0x16c/0x1f0 [ 716.059529][T13013] should_fail_ex+0x512/0x640 [ 716.059546][T13013] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 716.059568][T13013] should_failslab+0xc2/0x120 [ 716.059593][T13013] __kmalloc_cache_noprof+0x6a/0x3e0 [ 716.059611][T13013] ? ip6addrlbl_add+0x69c/0xc40 [ 716.059637][T13013] ? ip6addrlbl_add+0xbb/0xc40 [ 716.059667][T13013] ip6addrlbl_add+0xbb/0xc40 [ 716.059701][T13013] ip6addrlbl_net_init+0x10a/0x380 [ 716.059730][T13013] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 716.059758][T13013] ops_init+0x1df/0x5f0 [ 716.059778][T13013] setup_net+0x10f/0x380 [ 716.059792][T13013] ? lockdep_init_map_type+0x5c/0x280 [ 716.059819][T13013] ? __pfx_setup_net+0x10/0x10 [ 716.059837][T13013] ? debug_mutex_init+0x37/0x70 [ 716.059858][T13013] copy_net_ns+0x2a6/0x5f0 [ 716.059879][T13013] create_new_namespaces+0x3ea/0xa90 [ 716.059906][T13013] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 716.059930][T13013] ksys_unshare+0x45b/0xa40 [ 716.059956][T13013] ? __pfx_ksys_unshare+0x10/0x10 [ 716.059982][T13013] ? xfd_validate_state+0x61/0x180 [ 716.060025][T13013] __x64_sys_unshare+0x31/0x40 [ 716.060050][T13013] do_syscall_64+0xcd/0x4c0 [ 716.060068][T13013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.060088][T13013] RIP: 0033:0x7ff99258eba9 [ 716.060102][T13013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 716.060121][T13013] RSP: 002b:00007ff9907ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 716.060139][T13013] RAX: ffffffffffffffda RBX: 00007ff9927d5fa0 RCX: 00007ff99258eba9 [ 716.060151][T13013] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 716.060162][T13013] RBP: 00007ff992611e19 R08: 0000000000000000 R09: 0000000000000000 [ 716.060173][T13013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.060183][T13013] R13: 00007ff9927d6038 R14: 00007ff9927d5fa0 R15: 00007ffe69730b58 [ 716.060206][T13013] [ 716.293737][ C0] vkms_vblank_simulate: vblank timer overrun [ 717.530228][T13031] ima: policy update failed [ 717.550824][T13031] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1573'. [ 717.581975][ T30] audit: type=1802 audit(4294967470.537:21): pid=13031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1573" res=0 errno=0 [ 720.652009][T13065] FAULT_INJECTION: forcing a failure. [ 720.652009][T13065] name failslab, interval 1, probability 0, space 0, times 0 [ 720.751083][T13065] CPU: 0 UID: 0 PID: 13065 Comm: syz.1.1579 Not tainted syzkaller #0 PREEMPT(full) [ 720.751111][T13065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 720.751122][T13065] Call Trace: [ 720.751129][T13065] [ 720.751136][T13065] dump_stack_lvl+0x16c/0x1f0 [ 720.751172][T13065] should_fail_ex+0x512/0x640 [ 720.751189][T13065] ? __kvmalloc_node_noprof+0x124/0x620 [ 720.751213][T13065] should_failslab+0xc2/0x120 [ 720.751237][T13065] __kvmalloc_node_noprof+0x137/0x620 [ 720.751257][T13065] ? rcu_is_watching+0x12/0xc0 [ 720.751277][T13065] ? kfree+0x24f/0x4d0 [ 720.751293][T13065] ? snd_pcm_plugin_alloc+0x5f8/0x7f0 [ 720.751316][T13065] ? mark_held_locks+0x49/0x80 [ 720.751344][T13065] ? snd_pcm_plugin_alloc+0x5f8/0x7f0 [ 720.751366][T13065] snd_pcm_plugin_alloc+0x5f8/0x7f0 [ 720.751394][T13065] snd_pcm_plug_alloc+0x146/0x330 [ 720.751419][T13065] snd_pcm_oss_change_params_locked+0x19b8/0x3a30 [ 720.751452][T13065] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 720.751493][T13065] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 720.751519][T13065] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 720.751543][T13065] ? hook_file_ioctl_common+0x145/0x410 [ 720.751570][T13065] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 720.751595][T13065] ? __fget_files+0x20e/0x3c0 [ 720.751619][T13065] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 720.751643][T13065] __x64_sys_ioctl+0x18b/0x210 [ 720.751673][T13065] do_syscall_64+0xcd/0x4c0 [ 720.751691][T13065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.751710][T13065] RIP: 0033:0x7f2547f8eba9 [ 720.751725][T13065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 720.751742][T13065] RSP: 002b:00007f2548e32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 720.751760][T13065] RAX: ffffffffffffffda RBX: 00007f25481d5fa0 RCX: 00007f2547f8eba9 [ 720.751772][T13065] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 720.751783][T13065] RBP: 00007f2548011e19 R08: 0000000000000000 R09: 0000000000000000 [ 720.751793][T13065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.751803][T13065] R13: 00007f25481d6038 R14: 00007f25481d5fa0 R15: 00007ffed97cbff8 [ 720.751826][T13065] [ 721.504973][ T1146] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1013 with max blocks 11 with error 117 [ 721.598394][ T1146] EXT4-fs (sda1): This should not happen!! Data will be lost [ 721.598394][ T1146] [ 721.850661][T13077] FAULT_INJECTION: forcing a failure. [ 721.850661][T13077] name failslab, interval 1, probability 0, space 0, times 0 [ 721.931214][ T1146] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 939 with max blocks 74 with error 117 [ 722.016280][ T1146] EXT4-fs (sda1): This should not happen!! Data will be lost [ 722.016280][ T1146] [ 722.135777][T13077] CPU: 0 UID: 0 PID: 13077 Comm: syz.2.1581 Not tainted syzkaller #0 PREEMPT(full) [ 722.135806][T13077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 722.135824][T13077] Call Trace: [ 722.135831][T13077] [ 722.135838][T13077] dump_stack_lvl+0x16c/0x1f0 [ 722.135871][T13077] should_fail_ex+0x512/0x640 [ 722.135888][T13077] ? __kmalloc_noprof+0xbf/0x510 [ 722.135913][T13077] ? handler_new_ref+0x1b0/0xc60 [ 722.135930][T13077] should_failslab+0xc2/0x120 [ 722.135961][T13077] __kmalloc_noprof+0xd2/0x510 [ 722.135982][T13077] ? __asan_memcpy+0x3c/0x60 [ 722.136006][T13077] handler_new_ref+0x1b0/0xc60 [ 722.136029][T13077] v4l2_ctrl_new+0x1963/0x2180 [ 722.136054][T13077] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 722.136078][T13077] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 722.136110][T13077] v4l2_ctrl_new_std+0x1be/0x290 [ 722.136134][T13077] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 722.136155][T13077] ? rcu_is_watching+0x12/0xc0 [ 722.136180][T13077] ? trace_kmalloc+0x2b/0xd0 [ 722.136205][T13077] ? __kvmalloc_node_noprof+0x298/0x620 [ 722.136233][T13077] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 722.136265][T13077] ? media_request_object_init+0x100/0x180 [ 722.136290][T13077] vicodec_open+0x1d0/0xf90 [ 722.136319][T13077] v4l2_open+0x225/0x490 [ 722.136346][T13077] ? __pfx_v4l2_open+0x10/0x10 [ 722.136371][T13077] chrdev_open+0x234/0x6a0 [ 722.136395][T13077] ? __pfx_apparmor_file_open+0x10/0x10 [ 722.136420][T13077] ? __pfx_chrdev_open+0x10/0x10 [ 722.136445][T13077] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 722.136471][T13077] do_dentry_open+0x982/0x1530 [ 722.136494][T13077] ? __pfx_chrdev_open+0x10/0x10 [ 722.136523][T13077] vfs_open+0x82/0x3f0 [ 722.136553][T13077] path_openat+0x1de4/0x2cb0 [ 722.136582][T13077] ? __pfx_path_openat+0x10/0x10 [ 722.136610][T13077] do_filp_open+0x20b/0x470 [ 722.136633][T13077] ? __pfx_do_filp_open+0x10/0x10 [ 722.136676][T13077] ? alloc_fd+0x471/0x7d0 [ 722.136702][T13077] do_sys_openat2+0x11b/0x1d0 [ 722.136730][T13077] ? __pfx_do_sys_openat2+0x10/0x10 [ 722.136768][T13077] __x64_sys_openat+0x174/0x210 [ 722.136784][T13077] ? __pfx___x64_sys_openat+0x10/0x10 [ 722.136810][T13077] do_syscall_64+0xcd/0x4c0 [ 722.136828][T13077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 722.136847][T13077] RIP: 0033:0x7f62ac98eba9 [ 722.136863][T13077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 722.136880][T13077] RSP: 002b:00007f62ad834038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 722.136898][T13077] RAX: ffffffffffffffda RBX: 00007f62acbd6180 RCX: 00007f62ac98eba9 [ 722.136910][T13077] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 722.136921][T13077] RBP: 00007f62aca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 722.136932][T13077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 722.136942][T13077] R13: 00007f62acbd6218 R14: 00007f62acbd6180 R15: 00007ffce2414d68 [ 722.136971][T13077] [ 726.039526][T13115] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1588'. [ 731.781726][T13170] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1599'. [ 732.190857][T13170] bond0: (slave bond_slave_0): Releasing backup interface [ 734.132174][T13192] random: crng reseeded on system resumption [ 735.864283][T13207] nbd: must specify a device to reconfigure [ 736.072592][T13204] Process accounting paused [ 738.900415][T13242] FAULT_INJECTION: forcing a failure. [ 738.900415][T13242] name failslab, interval 1, probability 0, space 0, times 0 [ 739.140359][T13242] CPU: 0 UID: 0 PID: 13242 Comm: syz.1.1613 Not tainted syzkaller #0 PREEMPT(full) [ 739.140388][T13242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 739.140400][T13242] Call Trace: [ 739.140406][T13242] [ 739.140413][T13242] dump_stack_lvl+0x16c/0x1f0 [ 739.140447][T13242] should_fail_ex+0x512/0x640 [ 739.140464][T13242] ? __kvmalloc_node_noprof+0x124/0x620 [ 739.140488][T13242] should_failslab+0xc2/0x120 [ 739.140514][T13242] __kvmalloc_node_noprof+0x137/0x620 [ 739.140536][T13242] ? v4l2_ctrl_new+0x97d/0x2180 [ 739.140553][T13242] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 739.140586][T13242] ? v4l2_ctrl_new+0x97d/0x2180 [ 739.140602][T13242] v4l2_ctrl_new+0x97d/0x2180 [ 739.140628][T13242] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 739.140643][T13242] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 739.140666][T13242] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 739.140696][T13242] v4l2_ctrl_new_std+0x1be/0x290 [ 739.140721][T13242] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 739.140737][T13242] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 739.140757][T13242] ? rcu_is_watching+0x12/0xc0 [ 739.140777][T13242] ? trace_kmalloc+0x2b/0xd0 [ 739.140801][T13242] ? __kvmalloc_node_noprof+0x298/0x620 [ 739.140834][T13242] ? media_request_object_init+0x100/0x180 [ 739.140858][T13242] vicodec_open+0x1f7/0xf90 [ 739.140888][T13242] v4l2_open+0x225/0x490 [ 739.140914][T13242] ? __pfx_v4l2_open+0x10/0x10 [ 739.140940][T13242] chrdev_open+0x234/0x6a0 [ 739.140964][T13242] ? __pfx_apparmor_file_open+0x10/0x10 [ 739.140986][T13242] ? __pfx_chrdev_open+0x10/0x10 [ 739.141011][T13242] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 739.141037][T13242] do_dentry_open+0x982/0x1530 [ 739.141061][T13242] ? __pfx_chrdev_open+0x10/0x10 [ 739.141089][T13242] vfs_open+0x82/0x3f0 [ 739.141119][T13242] path_openat+0x1de4/0x2cb0 [ 739.141148][T13242] ? __pfx_path_openat+0x10/0x10 [ 739.141180][T13242] do_filp_open+0x20b/0x470 [ 739.141202][T13242] ? __pfx_do_filp_open+0x10/0x10 [ 739.141240][T13242] ? alloc_fd+0x471/0x7d0 [ 739.141266][T13242] do_sys_openat2+0x11b/0x1d0 [ 739.141294][T13242] ? __pfx_do_sys_openat2+0x10/0x10 [ 739.141332][T13242] __x64_sys_openat+0x174/0x210 [ 739.141348][T13242] ? __pfx___x64_sys_openat+0x10/0x10 [ 739.141374][T13242] do_syscall_64+0xcd/0x4c0 [ 739.141392][T13242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.141410][T13242] RIP: 0033:0x7f2547f8eba9 [ 739.141425][T13242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 739.141443][T13242] RSP: 002b:00007f2548df0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 739.141461][T13242] RAX: ffffffffffffffda RBX: 00007f25481d6180 RCX: 00007f2547f8eba9 [ 739.141473][T13242] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 739.141484][T13242] RBP: 00007f2548011e19 R08: 0000000000000000 R09: 0000000000000000 [ 739.141495][T13242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 739.141505][T13242] R13: 00007f25481d6218 R14: 00007f25481d6180 R15: 00007ffed97cbff8 [ 739.141527][T13242] [ 739.453718][ C0] vkms_vblank_simulate: vblank timer overrun [ 740.387069][T13252] FAULT_INJECTION: forcing a failure. [ 740.387069][T13252] name failslab, interval 1, probability 0, space 0, times 0 [ 740.450492][T13252] CPU: 0 UID: 0 PID: 13252 Comm: syz.0.1615 Not tainted syzkaller #0 PREEMPT(full) [ 740.450521][T13252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 740.450534][T13252] Call Trace: [ 740.450540][T13252] [ 740.450548][T13252] dump_stack_lvl+0x16c/0x1f0 [ 740.450582][T13252] should_fail_ex+0x512/0x640 [ 740.450600][T13252] ? __kmalloc_noprof+0xbf/0x510 [ 740.450624][T13252] ? vhost_dev_set_owner+0x20c/0xa50 [ 740.450645][T13252] should_failslab+0xc2/0x120 [ 740.450674][T13252] __kmalloc_noprof+0xd2/0x510 [ 740.450701][T13252] vhost_dev_set_owner+0x20c/0xa50 [ 740.450729][T13252] vhost_dev_ioctl+0x2eb/0xe20 [ 740.450750][T13252] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 740.450781][T13252] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 740.450811][T13252] vhost_vsock_dev_ioctl+0x3a5/0xb30 [ 740.450830][T13252] ? hook_file_ioctl_common+0x145/0x410 [ 740.450856][T13252] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 740.450878][T13252] ? __fget_files+0x20e/0x3c0 [ 740.450902][T13252] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 740.450923][T13252] __x64_sys_ioctl+0x18b/0x210 [ 740.450955][T13252] do_syscall_64+0xcd/0x4c0 [ 740.450973][T13252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.450992][T13252] RIP: 0033:0x7f316718eba9 [ 740.451008][T13252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 740.451036][T13252] RSP: 002b:00007f3167f91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 740.451055][T13252] RAX: ffffffffffffffda RBX: 00007f31673d5fa0 RCX: 00007f316718eba9 [ 740.451067][T13252] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000006 [ 740.451078][T13252] RBP: 00007f3167211e19 R08: 0000000000000000 R09: 0000000000000000 [ 740.451089][T13252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 740.451100][T13252] R13: 00007f31673d6038 R14: 00007f31673d5fa0 R15: 00007ffebad7fb08 [ 740.451123][T13252] [ 740.660200][ C0] vkms_vblank_simulate: vblank timer overrun [ 741.221522][T13247] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1614'. [ 747.055038][T13320] FAULT_INJECTION: forcing a failure. [ 747.055038][T13320] name failslab, interval 1, probability 0, space 0, times 0 [ 747.259123][T13320] CPU: 0 UID: 0 PID: 13320 Comm: syz.0.1626 Not tainted syzkaller #0 PREEMPT(full) [ 747.259152][T13320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 747.259164][T13320] Call Trace: [ 747.259170][T13320] [ 747.259177][T13320] dump_stack_lvl+0x16c/0x1f0 [ 747.259212][T13320] should_fail_ex+0x512/0x640 [ 747.259229][T13320] ? __kmalloc_noprof+0xbf/0x510 [ 747.259253][T13320] ? handler_new_ref+0x1b0/0xc60 [ 747.259269][T13320] should_failslab+0xc2/0x120 [ 747.259294][T13320] __kmalloc_noprof+0xd2/0x510 [ 747.259314][T13320] ? __asan_memcpy+0x3c/0x60 [ 747.259338][T13320] handler_new_ref+0x1b0/0xc60 [ 747.259368][T13320] v4l2_ctrl_new+0x1963/0x2180 [ 747.259395][T13320] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 747.259419][T13320] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 747.259450][T13320] v4l2_ctrl_new_std+0x1be/0x290 [ 747.259475][T13320] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 747.259495][T13320] ? rcu_is_watching+0x12/0xc0 [ 747.259515][T13320] ? trace_kmalloc+0x2b/0xd0 [ 747.259541][T13320] ? __kvmalloc_node_noprof+0x298/0x620 [ 747.259563][T13320] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 747.259595][T13320] ? media_request_object_init+0x100/0x180 [ 747.259633][T13320] vicodec_open+0x1d0/0xf90 [ 747.259663][T13320] v4l2_open+0x225/0x490 [ 747.259689][T13320] ? __pfx_v4l2_open+0x10/0x10 [ 747.259718][T13320] chrdev_open+0x234/0x6a0 [ 747.259742][T13320] ? __pfx_apparmor_file_open+0x10/0x10 [ 747.259763][T13320] ? __pfx_chrdev_open+0x10/0x10 [ 747.259789][T13320] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 747.259815][T13320] do_dentry_open+0x982/0x1530 [ 747.259838][T13320] ? __pfx_chrdev_open+0x10/0x10 [ 747.259867][T13320] vfs_open+0x82/0x3f0 [ 747.259897][T13320] path_openat+0x1de4/0x2cb0 [ 747.259926][T13320] ? __pfx_path_openat+0x10/0x10 [ 747.259953][T13320] do_filp_open+0x20b/0x470 [ 747.259976][T13320] ? __pfx_do_filp_open+0x10/0x10 [ 747.260014][T13320] ? alloc_fd+0x471/0x7d0 [ 747.260040][T13320] do_sys_openat2+0x11b/0x1d0 [ 747.260082][T13320] ? __pfx_do_sys_openat2+0x10/0x10 [ 747.260119][T13320] __x64_sys_openat+0x174/0x210 [ 747.260136][T13320] ? __pfx___x64_sys_openat+0x10/0x10 [ 747.260162][T13320] do_syscall_64+0xcd/0x4c0 [ 747.260186][T13320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 747.260210][T13320] RIP: 0033:0x7f316718eba9 [ 747.260225][T13320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 747.260244][T13320] RSP: 002b:00007f3167f4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 747.260263][T13320] RAX: ffffffffffffffda RBX: 00007f31673d6180 RCX: 00007f316718eba9 [ 747.260275][T13320] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 747.260287][T13320] RBP: 00007f3167211e19 R08: 0000000000000000 R09: 0000000000000000 [ 747.260298][T13320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 747.260309][T13320] R13: 00007f31673d6218 R14: 00007f31673d6180 R15: 00007ffebad7fb08 [ 747.260332][T13320] [ 748.713576][T13333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 748.799718][T13333] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 748.882316][T13333] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 748.976137][T13337] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 749.016898][T13333] page_type: f5(slab) [ 749.073931][T13333] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 749.236604][T13333] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 749.334251][T13333] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 749.343083][T13333] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 749.693073][T13333] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 749.840931][T13333] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 749.962985][T13333] page dumped because: unmovable page [ 749.969908][T13333] page_owner tracks the page as freed [ 750.106288][T13333] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3542, tgid 3542 (kworker/u8:9), ts 732635577761, free_ts 749392209417 [ 750.491820][T13333] post_alloc_hook+0x1c0/0x230 [ 750.497133][T13333] get_page_from_freelist+0x132b/0x38e0 [ 750.729630][T13342] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 750.794405][T13333] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 750.871116][T13333] alloc_pages_mpol+0x1fb/0x550 [ 750.956705][T13333] new_slab+0x247/0x330 [ 750.960926][T13333] ___slab_alloc+0xcf2/0x1750 [ 751.042782][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 751.061556][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 751.146890][T13333] __slab_alloc.constprop.0+0x56/0xb0 [ 751.152316][T13333] kmem_cache_alloc_noprof+0xef/0x3b0 [ 751.295980][T13333] getname_flags.part.0+0x4c/0x550 [ 751.301333][T13333] getname_flags+0x93/0xf0 [ 751.399771][T13333] do_sys_openat2+0xb8/0x1d0 [ 751.435131][T13333] __x64_sys_openat+0x174/0x210 [ 751.492578][T13333] do_syscall_64+0xcd/0x4c0 [ 751.539226][T13333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.573443][T13333] page last free pid 5236 tgid 5236 stack trace: [ 751.624943][T13333] __free_frozen_pages+0x7d5/0x10f0 [ 751.644243][T13333] __put_partials+0x165/0x1c0 [ 751.673286][T13333] qlist_free_all+0x4d/0x120 [ 751.708791][T13333] kasan_quarantine_reduce+0x195/0x1e0 [ 751.780872][T13333] __kasan_slab_alloc+0x69/0x90 [ 751.817499][T13333] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 751.851107][T13333] getname_flags.part.0+0x4c/0x550 [ 751.887741][T13333] getname_flags+0x93/0xf0 [ 751.905416][T13333] do_readlinkat+0xb4/0x3a0 [ 751.950649][T13333] __x64_sys_readlink+0x78/0xc0 [ 751.976275][T13333] do_syscall_64+0xcd/0x4c0 [ 752.007669][T13333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.957916][T13366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1635'. [ 755.038483][T13391] netlink: 'syz.0.1639': attribute type 28 has an invalid length. [ 755.089011][T13391] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1639'. [ 755.908821][T13401] netlink: 'syz.0.1650': attribute type 5 has an invalid length. [ 757.091625][T13414] ubi: mtd0 is already attached to ubi0 [ 759.221414][T13437] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1651'. [ 759.374954][T13441] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 766.537759][T13510] FAULT_INJECTION: forcing a failure. [ 766.537759][T13510] name failslab, interval 1, probability 0, space 0, times 0 [ 766.659347][T13510] CPU: 0 UID: 0 PID: 13510 Comm: syz.0.1666 Not tainted syzkaller #0 PREEMPT(full) [ 766.659375][T13510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 766.659387][T13510] Call Trace: [ 766.659394][T13510] [ 766.659401][T13510] dump_stack_lvl+0x16c/0x1f0 [ 766.659437][T13510] should_fail_ex+0x512/0x640 [ 766.659454][T13510] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 766.659480][T13510] should_failslab+0xc2/0x120 [ 766.659504][T13510] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 766.659528][T13510] ? sk_prot_alloc+0x60/0x2a0 [ 766.659551][T13510] sk_prot_alloc+0x60/0x2a0 [ 766.659573][T13510] sk_alloc+0x36/0xc20 [ 766.659601][T13510] __vsock_create.constprop.0+0x3c/0xbb0 [ 766.659627][T13510] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 766.659670][T13510] vsock_create+0x139/0x500 [ 766.659701][T13510] __sock_create+0x335/0x8d0 [ 766.659727][T13510] __sys_socket+0x14d/0x260 [ 766.659751][T13510] ? __pfx___sys_socket+0x10/0x10 [ 766.659774][T13510] ? xfd_validate_state+0x61/0x180 [ 766.659801][T13510] ? __task_pid_nr_ns+0x17c/0x500 [ 766.659832][T13510] __x64_sys_socket+0x72/0xb0 [ 766.659853][T13510] ? lockdep_hardirqs_on+0x7c/0x110 [ 766.659881][T13510] do_syscall_64+0xcd/0x4c0 [ 766.659899][T13510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.659917][T13510] RIP: 0033:0x7f316718eba9 [ 766.659932][T13510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 766.659950][T13510] RSP: 002b:00007f3167f91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 766.659968][T13510] RAX: ffffffffffffffda RBX: 00007f31673d5fa0 RCX: 00007f316718eba9 [ 766.659980][T13510] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028 [ 766.659991][T13510] RBP: 00007f3167211e19 R08: 0000000000000000 R09: 0000000000000000 [ 766.660002][T13510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 766.660012][T13510] R13: 00007f31673d6038 R14: 00007f31673d5fa0 R15: 00007ffebad7fb08 [ 766.660034][T13510] [ 768.799589][T13494] Process accounting resumed [ 769.422882][ T30] audit: type=1804 audit(4294967522.686:22): pid=13524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1667" name="/newroot/414/file0" dev="tmpfs" ino=2199 res=1 errno=0 [ 769.806278][T13535] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input37 [ 770.027155][T13542] Process accounting resumed [ 770.557857][T13523] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 770.626310][T13523] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 772.203798][T13569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1674'. [ 772.675787][T13574] random: crng reseeded on system resumption [ 774.933155][T13599] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 775.738648][T13611] vivid-003: ================= START STATUS ================= [ 775.799016][T13611] vivid-003: Radio HW Seek Mode: Bounded [ 775.845499][T13611] vivid-003: Radio Programmable HW Seek: false [ 775.921760][T13614] vivid-007: ================= START STATUS ================= [ 775.984331][T13611] vivid-003: RDS Rx I/O Mode: Block I/O [ 776.032056][T13614] vivid-007: Generate PTS: true [ 776.067017][T13616] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39 [ 776.081703][T13611] vivid-003: Generate RBDS Instead of RDS: false [ 776.182282][T13614] vivid-007: Generate SCR: true [ 776.249092][T13611] vivid-003: RDS Reception: true [ 776.319740][T13614] tpg source WxH: 320x240 (Y'CbCr) [ 776.379588][T13611] vivid-003: RDS Program Type: 0 inactive [ 776.435491][T13614] tpg field: 1 [ 776.450181][T13614] tpg crop: (0,0)/320x240 [ 776.484806][T13611] vivid-003: RDS PS Name: inactive [ 776.589550][T13614] tpg compose: (0,0)/320x240 [ 776.624741][T13611] vivid-003: RDS Radio Text: inactive [ 776.643756][T13619] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 776.704155][T13614] tpg colorspace: 8 [ 776.723131][T13611] vivid-003: RDS Traffic Announcement: false inactive [ 776.730172][T13611] vivid-003: RDS Traffic Program: false inactive [ 776.806648][T13614] tpg transfer function: 0/0 [ 776.851141][T13614] tpg Y'CbCr encoding: 0/0 [ 776.877319][T13614] tpg quantization: 0/0 [ 776.903501][T13611] vivid-003: RDS Music: false inactive [ 776.951686][T13614] tpg RGB range: 0/2 [ 776.955879][T13614] vivid-007: ================== END STATUS ================== [ 777.051055][T13611] vivid-003: ================== END STATUS ================== [ 779.445977][T13649] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 977 with max blocks 47 with error 117 [ 779.864548][T13649] EXT4-fs (sda1): This should not happen!! Data will be lost [ 779.864548][T13649] [ 781.301872][T13671] ICMPv6: process `syz.1.1691' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 781.451088][T13673] Console: switching to colour VGA+ 80x25 [ 781.495776][T13671] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 781.998318][T13681] ima: policy update failed [ 782.076681][ T30] audit: type=1802 audit(4294967535.402:23): pid=13681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1693" res=0 errno=0 [ 782.095725][T13681] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1693'. [ 782.581894][ T61] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1371 with max blocks 34 with error 117 [ 782.718086][ T61] EXT4-fs (sda1): This should not happen!! Data will be lost [ 782.718086][ T61] [ 783.407855][T13699] random: crng reseeded on system resumption [ 785.275559][ T5198] Trying to write to read-only block-device sda1 [ 786.127411][T13743] Invalid ELF header magic: != ELF [ 787.486071][T11324] Trying to write to read-only block-device sda [ 788.232100][T13771] vivid-003: ================= START STATUS ================= [ 788.239776][T13771] vivid-003: Radio HW Seek Mode: Bounded [ 788.539246][T13771] vivid-003: Radio Programmable HW Seek: false [ 788.630322][T13771] vivid-003: RDS Rx I/O Mode: Block I/O [ 788.635947][T13771] vivid-003: Generate RBDS Instead of RDS: false [ 788.734183][T13771] vivid-003: RDS Reception: true [ 788.812137][T13771] vivid-003: RDS Program Type: 0 inactive [ 789.007896][T13771] vivid-003: RDS PS Name: inactive [ 789.013250][T13771] vivid-003: RDS Radio Text: inactive [ 789.182462][T13771] vivid-003: RDS Traffic Announcement: false inactive [ 789.316770][T13771] vivid-003: RDS Traffic Program: false inactive [ 789.323204][T13771] vivid-003: RDS Music: false inactive [ 789.506145][T13771] vivid-003: ================== END STATUS ================== [ 789.638042][T13779] FAULT_INJECTION: forcing a failure. [ 789.638042][T13779] name failslab, interval 1, probability 0, space 0, times 0 [ 789.732934][T13779] CPU: 0 UID: 0 PID: 13779 Comm: syz.1.1707 Not tainted syzkaller #0 PREEMPT(full) [ 789.732962][T13779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 789.732972][T13779] Call Trace: [ 789.732978][T13779] [ 789.732985][T13779] dump_stack_lvl+0x16c/0x1f0 [ 789.733019][T13779] should_fail_ex+0x512/0x640 [ 789.733037][T13779] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 789.733059][T13779] should_failslab+0xc2/0x120 [ 789.733085][T13779] __kmalloc_cache_noprof+0x6a/0x3e0 [ 789.733104][T13779] ? nd_alloc_stack+0x85/0x110 [ 789.733135][T13779] nd_alloc_stack+0x85/0x110 [ 789.733163][T13779] step_into+0x1ac7/0x2270 [ 789.733187][T13779] ? __pfx_step_into+0x10/0x10 [ 789.733205][T13779] ? __d_lookup+0x266/0x4a0 [ 789.733237][T13779] ? lookup_fast+0x156/0x610 [ 789.733259][T13779] walk_component+0xfc/0x5b0 [ 789.733280][T13779] link_path_walk+0x627/0xe20 [ 789.733306][T13779] path_lookupat+0x15a/0x6d0 [ 789.733324][T13779] ? __lock_acquire+0xb97/0x1ce0 [ 789.733351][T13779] filename_lookup+0x224/0x5f0 [ 789.733373][T13779] ? __pfx_filename_lookup+0x10/0x10 [ 789.733412][T13779] ? getname_flags.part.0+0x1c5/0x550 [ 789.733445][T13779] user_path_at+0x3a/0x60 [ 789.733466][T13779] vfs_open_tree+0x2ca/0x910 [ 789.733491][T13779] ? __pfx_vfs_open_tree+0x10/0x10 [ 789.733522][T13779] ? xfd_validate_state+0x61/0x180 [ 789.733555][T13779] __x64_sys_open_tree+0x84/0x130 [ 789.733580][T13779] do_syscall_64+0xcd/0x4c0 [ 789.733598][T13779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.733617][T13779] RIP: 0033:0x7f2547f8eba9 [ 789.733632][T13779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 789.733650][T13779] RSP: 002b:00007f2548e32038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac [ 789.733668][T13779] RAX: ffffffffffffffda RBX: 00007f25481d5fa0 RCX: 00007f2547f8eba9 [ 789.733680][T13779] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 789.733691][T13779] RBP: 00007f2548011e19 R08: 0000000000000000 R09: 0000000000000000 [ 789.733701][T13779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 789.733711][T13779] R13: 00007f25481d6038 R14: 00007f25481d5fa0 R15: 00007ffed97cbff8 [ 789.733738][T13779] [ 789.960146][ C0] vkms_vblank_simulate: vblank timer overrun [ 790.566325][T13783] netlink: 'syz.3.1709': attribute type 1 has an invalid length. [ 795.058466][T13822] netlink: 'syz.0.1717': attribute type 4 has an invalid length. [ 795.109949][T13822] netlink: 'syz.0.1717': attribute type 5 has an invalid length. [ 795.188668][T13822] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1717'. [ 798.331871][T13856] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1723'. [ 801.898269][T13859] Process accounting paused [ 802.997616][T13884] serio: Serial port pty6 [ 803.590653][T13898] vivid-003: ================= START STATUS ================= [ 803.652306][T13898] vivid-003: Radio HW Seek Mode: Bounded [ 803.693693][T13898] vivid-003: Radio Programmable HW Seek: false [ 803.699949][T13898] vivid-003: RDS Rx I/O Mode: Block I/O [ 803.816510][T13902] vivid-007: ================= START STATUS ================= [ 803.881561][T13898] vivid-003: Generate RBDS Instead of RDS: false [ 803.888478][T13898] vivid-003: RDS Reception: true [ 804.049691][T13902] vivid-007: Generate PTS: true [ 804.054665][T13902] vivid-007: Generate SCR: true [ 804.751486][T13898] vivid-003: RDS Program Type: 0 inactive [ 804.797503][T13902] tpg source WxH: 320x240 (Y'CbCr) [ 804.854320][T13898] vivid-003: RDS PS Name: inactive [ 804.965682][T13902] tpg field: 1 [ 804.969236][T13902] tpg crop: (0,0)/320x240 [ 804.973780][T13902] tpg compose: (0,0)/320x240 [ 805.069682][T13898] vivid-003: RDS Radio Text: inactive [ 805.128395][T13898] vivid-003: RDS Traffic Announcement: false inactive [ 805.191278][T13902] tpg colorspace: 8 [ 805.234493][T13898] vivid-003: RDS Traffic Program: false inactive [ 805.241025][T13898] vivid-003: RDS Music: false inactive [ 805.309046][T13902] tpg transfer function: 0/0 [ 805.347788][T13902] tpg Y'CbCr encoding: 0/0 [ 805.352408][T13902] tpg quantization: 0/0 [ 805.420539][T13898] vivid-003: ================== END STATUS ================== [ 805.473635][T13902] tpg RGB range: 0/2 [ 805.477907][T13902] vivid-007: ================== END STATUS ================== [ 805.781504][ T9] usb usb38-port5: attempt power cycle [ 806.428266][ T9] usb usb38-port5: unable to enumerate USB device [ 810.224575][T13932] netlink: 'syz.1.1737': attribute type 1 has an invalid length. [ 810.560555][T13933] netlink: 93 bytes leftover after parsing attributes in process `syz.1.1737'. [ 812.161541][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 812.168292][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 812.357980][T13943] FAULT_INJECTION: forcing a failure. [ 812.357980][T13943] name failslab, interval 1, probability 0, space 0, times 0 [ 812.386967][T13946] netlink: 'syz.0.1740': attribute type 1 has an invalid length. [ 812.446253][T13943] CPU: 0 UID: 0 PID: 13943 Comm: syz.1.1739 Not tainted syzkaller #0 PREEMPT(full) [ 812.446282][T13943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 812.446293][T13943] Call Trace: [ 812.446299][T13943] [ 812.446316][T13943] dump_stack_lvl+0x16c/0x1f0 [ 812.446350][T13943] should_fail_ex+0x512/0x640 [ 812.446368][T13943] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 812.446391][T13943] should_failslab+0xc2/0x120 [ 812.446420][T13943] __kmalloc_cache_noprof+0x6a/0x3e0 [ 812.446440][T13943] ? sctp_auth_init+0x30d/0x570 [ 812.446471][T13943] sctp_auth_init+0x30d/0x570 [ 812.446509][T13943] sctp_setsockopt+0xa371/0xb870 [ 812.446533][T13943] ? __pfx_sctp_setsockopt+0x10/0x10 [ 812.446552][T13943] ? find_held_lock+0x2b/0x80 [ 812.446573][T13943] ? aa_sock_opt_perm+0xfd/0x1c0 [ 812.446591][T13943] ? sock_common_setsockopt+0x2e/0xf0 [ 812.446611][T13943] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 812.446637][T13943] do_sock_setsockopt+0xf3/0x1d0 [ 812.446661][T13943] __sys_setsockopt+0x120/0x1a0 [ 812.446693][T13943] __x64_sys_setsockopt+0xbd/0x160 [ 812.446719][T13943] ? do_syscall_64+0x91/0x4c0 [ 812.446734][T13943] ? lockdep_hardirqs_on+0x7c/0x110 [ 812.446761][T13943] do_syscall_64+0xcd/0x4c0 [ 812.446779][T13943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 812.446801][T13943] RIP: 0033:0x7f2547f8eba9 [ 812.446820][T13943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 812.446841][T13943] RSP: 002b:00007f2548e11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 812.446863][T13943] RAX: ffffffffffffffda RBX: 00007f25481d6090 RCX: 00007f2547f8eba9 [ 812.446875][T13943] RDX: 0000000000000081 RSI: 0000010000000084 RDI: 0000000000000003 [ 812.446886][T13943] RBP: 00007f2548011e19 R08: 0000000000000008 R09: 0000000000000000 [ 812.446897][T13943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 812.446907][T13943] R13: 00007f25481d6128 R14: 00007f25481d6090 R15: 00007ffed97cbff8 [ 812.446930][T13943] [ 822.677398][T14006] tty tty12: ldisc open failed (-12), clearing slot 11 [ 823.777890][T14026] Invalid ELF header magic: != ELF [ 826.277364][T14037] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1757'. [ 826.378051][T14037] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1757'. [ 829.868141][T14056] FAULT_INJECTION: forcing a failure. [ 829.868141][T14056] name failslab, interval 1, probability 0, space 0, times 0 [ 829.984306][T14056] CPU: 0 UID: 0 PID: 14056 Comm: syz.1.1761 Not tainted syzkaller #0 PREEMPT(full) [ 829.984335][T14056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 829.984346][T14056] Call Trace: [ 829.984353][T14056] [ 829.984360][T14056] dump_stack_lvl+0x16c/0x1f0 [ 829.984394][T14056] should_fail_ex+0x512/0x640 [ 829.984411][T14056] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 829.984440][T14056] should_failslab+0xc2/0x120 [ 829.984465][T14056] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 829.984490][T14056] ? append_filter_err+0x3c0/0x5e0 [ 829.984513][T14056] ? seq_buf_putc+0xde/0x140 [ 829.984542][T14056] kmemdup_nul+0x49/0xf0 [ 829.984566][T14056] append_filter_err+0x3c0/0x5e0 [ 829.984590][T14056] apply_subsystem_event_filter+0x75a/0x17e0 [ 829.984622][T14056] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 829.984651][T14056] ? _copy_from_user+0x59/0xd0 [ 829.984674][T14056] subsystem_filter_write+0x95/0x120 [ 829.984699][T14056] ? __pfx_subsystem_filter_write+0x10/0x10 [ 829.984722][T14056] vfs_write+0x2a0/0x11d0 [ 829.984747][T14056] ? __pfx___mutex_lock+0x10/0x10 [ 829.984763][T14056] ? __pfx_vfs_write+0x10/0x10 [ 829.984791][T14056] ? __fget_files+0x20e/0x3c0 [ 829.984819][T14056] ksys_write+0x12a/0x250 [ 829.984840][T14056] ? __pfx_ksys_write+0x10/0x10 [ 829.984868][T14056] do_syscall_64+0xcd/0x4c0 [ 829.984886][T14056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 829.984905][T14056] RIP: 0033:0x7f2547f8eba9 [ 829.984920][T14056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 829.984938][T14056] RSP: 002b:00007f2548e11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 829.984956][T14056] RAX: ffffffffffffffda RBX: 00007f25481d6090 RCX: 00007f2547f8eba9 [ 829.984990][T14056] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007 [ 829.985001][T14056] RBP: 00007f2548011e19 R08: 0000000000000000 R09: 0000000000000000 [ 829.985013][T14056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 829.985024][T14056] R13: 00007f25481d6128 R14: 00007f25481d6090 R15: 00007ffed97cbff8 [ 829.985048][T14056] [ 830.208981][ C0] vkms_vblank_simulate: vblank timer overrun [ 832.025089][T14067] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1765'. [ 833.183816][T14078] Process accounting resumed [ 833.536678][T14083] Invalid ELF header magic: != ELF [ 840.485369][T14097] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 841.597683][T14122] FAULT_INJECTION: forcing a failure. [ 841.597683][T14122] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 842.170371][T14122] CPU: 0 UID: 0 PID: 14122 Comm: syz.3.1773 Not tainted syzkaller #0 PREEMPT(full) [ 842.170399][T14122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 842.170411][T14122] Call Trace: [ 842.170417][T14122] [ 842.170425][T14122] dump_stack_lvl+0x16c/0x1f0 [ 842.170462][T14122] should_fail_ex+0x512/0x640 [ 842.170484][T14122] should_fail_alloc_page+0xe7/0x130 [ 842.170512][T14122] prepare_alloc_pages+0x3c2/0x610 [ 842.170544][T14122] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 842.170568][T14122] ? stack_trace_save+0x8e/0xc0 [ 842.170589][T14122] ? __pfx_stack_trace_save+0x10/0x10 [ 842.170609][T14122] ? rcu_is_watching+0x12/0xc0 [ 842.170628][T14122] ? stack_depot_save_flags+0x29/0x9c0 [ 842.170651][T14122] ? kasan_save_stack+0x42/0x60 [ 842.170670][T14122] ? kasan_save_stack+0x33/0x60 [ 842.170690][T14122] ? kasan_save_track+0x14/0x30 [ 842.170711][T14122] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 842.170733][T14122] ? walk_pgd_range+0x88b/0x1f50 [ 842.170754][T14122] ? walk_page_range_mm+0x461/0xb40 [ 842.170777][T14122] ? madvise_walk_vmas+0x31f/0x9c0 [ 842.170802][T14122] ? madvise_do_behavior+0x1e2/0x530 [ 842.170827][T14122] ? do_madvise+0x176/0x240 [ 842.170851][T14122] ? __x64_sys_madvise+0xa9/0x110 [ 842.170876][T14122] ? do_syscall_64+0xcd/0x4c0 [ 842.170891][T14122] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.170920][T14122] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 842.170949][T14122] ? policy_nodemask+0xea/0x4e0 [ 842.170975][T14122] alloc_pages_mpol+0x1fb/0x550 [ 842.171001][T14122] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 842.171042][T14122] alloc_pages_noprof+0x131/0x390 [ 842.171068][T14122] pte_alloc_one+0x1c/0x3a0 [ 842.171090][T14122] __pte_alloc+0x6d/0x3c0 [ 842.171117][T14122] ? __pfx___pte_alloc+0x10/0x10 [ 842.171142][T14122] ? _raw_spin_unlock+0x28/0x50 [ 842.171166][T14122] ? __pmd_alloc+0x3fb/0x930 [ 842.171197][T14122] walk_pgd_range+0xb84/0x1f50 [ 842.171226][T14122] ? __pfx_guard_install_set_pte+0x10/0x10 [ 842.171251][T14122] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 842.171277][T14122] ? __pfx_guard_install_set_pte+0x10/0x10 [ 842.171307][T14122] ? __pfx_guard_install_set_pte+0x10/0x10 [ 842.171333][T14122] ? __pfx_guard_install_set_pte+0x10/0x10 [ 842.171358][T14122] ? __pfx_walk_pgd_range+0x10/0x10 [ 842.171388][T14122] __walk_page_range+0x163/0x820 [ 842.171413][T14122] ? find_vma+0xbf/0x140 [ 842.171436][T14122] ? __pfx_find_vma+0x10/0x10 [ 842.171462][T14122] ? walk_page_test+0x9b/0x180 [ 842.171486][T14122] walk_page_range_mm+0x461/0xb40 [ 842.171513][T14122] ? __pfx_walk_page_range_mm+0x10/0x10 [ 842.171543][T14122] ? __anon_vma_prepare+0x2e2/0x5e0 [ 842.171565][T14122] madvise_vma_behavior+0xa62/0x2d60 [ 842.171596][T14122] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 842.171624][T14122] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 842.171653][T14122] ? __pfx_mas_prev+0x10/0x10 [ 842.171687][T14122] ? find_vma_prev+0xda/0x160 [ 842.171712][T14122] ? find_held_lock+0x2b/0x80 [ 842.171730][T14122] ? __pfx_find_vma_prev+0x10/0x10 [ 842.171756][T14122] ? futex_unqueue+0x133/0x2c0 [ 842.171785][T14122] ? __futex_wait+0x24c/0x2f0 [ 842.171824][T14122] madvise_walk_vmas+0x31f/0x9c0 [ 842.171856][T14122] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 842.171890][T14122] madvise_do_behavior+0x1e2/0x530 [ 842.171917][T14122] ? futex_private_hash_put+0x18a/0x300 [ 842.171941][T14122] ? __pfx_madvise_do_behavior+0x10/0x10 [ 842.171970][T14122] ? down_read+0x13d/0x480 [ 842.172000][T14122] do_madvise+0x176/0x240 [ 842.172026][T14122] ? __pfx_do_madvise+0x10/0x10 [ 842.172057][T14122] ? do_futex+0x122/0x350 [ 842.172095][T14122] ? xfd_validate_state+0x61/0x180 [ 842.172121][T14122] ? __pfx_ksys_write+0x10/0x10 [ 842.172148][T14122] __x64_sys_madvise+0xa9/0x110 [ 842.172174][T14122] ? lockdep_hardirqs_on+0x7c/0x110 [ 842.172200][T14122] do_syscall_64+0xcd/0x4c0 [ 842.172219][T14122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.172238][T14122] RIP: 0033:0x7ff99258eba9 [ 842.172254][T14122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 842.172272][T14122] RSP: 002b:00007ff9907ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 842.172293][T14122] RAX: ffffffffffffffda RBX: 00007ff9927d5fa0 RCX: 00007ff99258eba9 [ 842.172305][T14122] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 842.172316][T14122] RBP: 00007ff992611e19 R08: 0000000000000000 R09: 0000000000000000 [ 842.172326][T14122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 842.172336][T14122] R13: 00007ff9927d6038 R14: 00007ff9927d5fa0 R15: 00007ffe69730b58 [ 842.172360][T14122] [ 843.130191][ T30] audit: type=1800 audit(4294967596.532:24): pid=14127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1773" name="features" dev="configfs" ino=121589 res=0 errno=0 [ 844.301881][T14142] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 844.367445][T14142] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 844.432334][T14142] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 846.105451][T13958] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 846.116080][T13958] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 846.124357][T13958] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 846.138199][T13958] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 846.146940][T13958] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 848.025448][T14157] chnl_net:caif_netlink_parms(): no params data found [ 848.205284][T13958] Bluetooth: hci4: command tx timeout [ 848.870462][T14157] bridge0: port 1(bridge_slave_0) entered blocking state [ 849.042887][T14157] bridge0: port 1(bridge_slave_0) entered disabled state [ 849.240701][T14157] bridge_slave_0: entered allmulticast mode [ 849.453240][T14157] bridge_slave_0: entered promiscuous mode [ 849.533090][T14157] bridge0: port 2(bridge_slave_1) entered blocking state [ 849.641250][T14157] bridge0: port 2(bridge_slave_1) entered disabled state [ 849.767482][T14157] bridge_slave_1: entered allmulticast mode [ 849.956576][T14157] bridge_slave_1: entered promiscuous mode [ 850.274227][T13958] Bluetooth: hci4: command tx timeout [ 851.315269][T14157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 851.391361][T14157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 852.046081][T14157] team0: Port device team_slave_0 added [ 852.053792][T14157] team0: Port device team_slave_1 added [ 852.345589][T13958] Bluetooth: hci4: command tx timeout [ 852.726824][T14157] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 852.798587][T14157] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 853.071612][T14157] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 853.411504][T14157] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 853.429737][T14157] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 853.554635][T14157] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 853.827195][T14157] hsr_slave_0: entered promiscuous mode [ 853.853939][T14157] hsr_slave_1: entered promiscuous mode [ 854.209256][T14207] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.1788: iget: checksum invalid [ 854.395336][T14207] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 854.412194][T13958] Bluetooth: hci4: command tx timeout [ 854.617271][T14210] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 854.643904][T14207] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.1788: iget: checksum invalid [ 854.674236][T14210] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 854.923996][T14210] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 855.142000][T14207] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 855.166401][T14157] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 855.218403][T14210] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 855.475927][T14157] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 855.527839][T14157] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 855.551952][T14210] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 855.586774][T14157] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 855.638480][T14207] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.1788: iget: checksum invalid [ 855.767237][T14207] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 855.832925][T14210] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 855.912526][T14207] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.1788: iget: checksum invalid [ 855.938250][T14157] 8021q: adding VLAN 0 to HW filter on device bond0 [ 856.001086][T14157] 8021q: adding VLAN 0 to HW filter on device team0 [ 856.050089][T14031] bridge0: port 1(bridge_slave_0) entered blocking state [ 856.057368][T14031] bridge0: port 1(bridge_slave_0) entered forwarding state [ 856.084456][T14207] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 856.137953][T14031] bridge0: port 2(bridge_slave_1) entered blocking state [ 856.145201][T14031] bridge0: port 2(bridge_slave_1) entered forwarding state [ 856.266190][T14207] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 856.288737][T14157] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 856.357984][T14157] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 856.403732][T13958] Bluetooth: hci2: command 0x0c1a tx timeout [ 856.456829][T14207] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 856.720200][T13958] Bluetooth: hci0: command 0x0c1a tx timeout [ 856.961761][T13958] Bluetooth: hci1: command 0x0c1a tx timeout [ 857.073339][T14157] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 857.280157][T13958] Bluetooth: hci4: command 0x0c1a tx timeout [ 858.032061][T14157] veth0_vlan: entered promiscuous mode [ 858.087878][T14157] veth1_vlan: entered promiscuous mode [ 858.189339][T14157] veth0_macvtap: entered promiscuous mode [ 858.225531][T14157] veth1_macvtap: entered promiscuous mode [ 858.290396][T14157] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 858.338178][T14157] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 858.427292][T13968] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 858.473809][T14031] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 858.525172][T14031] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 858.567905][T14031] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 858.868807][T14031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 858.917119][T14031] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 859.040875][T14075] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 859.080821][T14075] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 859.346088][T13958] Bluetooth: hci4: command 0x0c1a tx timeout [ 861.104584][T14293] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1800'. [ 861.415071][T13958] Bluetooth: hci4: command 0x0c1a tx timeout [ 864.054212][T14312] Process accounting paused [ 864.658315][T14329] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 864.950947][T14325] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 865.565644][T14339] FAULT_INJECTION: forcing a failure. [ 865.565644][T14339] name failslab, interval 1, probability 0, space 0, times 0 [ 865.610216][T14339] CPU: 0 UID: 0 PID: 14339 Comm: syz.2.1809 Not tainted syzkaller #0 PREEMPT(full) [ 865.610244][T14339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 865.610256][T14339] Call Trace: [ 865.610263][T14339] [ 865.610270][T14339] dump_stack_lvl+0x16c/0x1f0 [ 865.610305][T14339] should_fail_ex+0x512/0x640 [ 865.610323][T14339] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 865.610347][T14339] should_failslab+0xc2/0x120 [ 865.610373][T14339] __kmalloc_cache_node_noprof+0x6d/0x420 [ 865.610394][T14339] ? sbitmap_init_node+0x2ca/0x770 [ 865.610417][T14339] ? sbitmap_queue_init_node+0x291/0x4a0 [ 865.610444][T14339] sbitmap_queue_init_node+0x291/0x4a0 [ 865.610471][T14339] blk_mq_init_tags+0x12d/0x2b0 [ 865.610491][T14339] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 865.610522][T14339] ? rcu_is_watching+0x12/0xc0 [ 865.610545][T14339] __blk_mq_alloc_map_and_rqs+0x128/0x1f0 [ 865.610575][T14339] blk_mq_alloc_tag_set+0x778/0x1260 [ 865.610609][T14339] loop_add+0x3b2/0xb70 [ 865.610633][T14339] ? __pfx_loop_add+0x10/0x10 [ 865.610670][T14339] ? find_held_lock+0x2b/0x80 [ 865.610692][T14339] loop_control_ioctl+0x13e/0x630 [ 865.610716][T14339] ? __pfx_loop_control_ioctl+0x10/0x10 [ 865.610743][T14339] ? __pfx_loop_control_ioctl+0x10/0x10 [ 865.610768][T14339] __x64_sys_ioctl+0x18b/0x210 [ 865.610799][T14339] do_syscall_64+0xcd/0x4c0 [ 865.610817][T14339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 865.610836][T14339] RIP: 0033:0x7f62ac98eba9 [ 865.610850][T14339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 865.610868][T14339] RSP: 002b:00007f62ad876038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 865.610895][T14339] RAX: ffffffffffffffda RBX: 00007f62acbd5fa0 RCX: 00007f62ac98eba9 [ 865.610907][T14339] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000b [ 865.610918][T14339] RBP: 00007f62aca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 865.610929][T14339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 865.610940][T14339] R13: 00007f62acbd6038 R14: 00007f62acbd5fa0 R15: 00007ffce2414d68 [ 865.610962][T14339] [ 865.611092][T14339] blk-mq: reduced tag depth (128 -> 64) [ 866.231636][T13819] syz.3.1715 (13819) used greatest stack depth: 18456 bytes left [ 872.266357][T14429] nbd: socks must be embedded in a SOCK_ITEM attr [ 872.403027][T14429] FAULT_INJECTION: forcing a failure. [ 872.403027][T14429] name fail_futex, interval 1, probability 0, space 0, times 0 [ 872.480377][T14429] CPU: 0 UID: 0 PID: 14429 Comm: syz.2.1826 Not tainted syzkaller #0 PREEMPT(full) [ 872.480406][T14429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 872.480417][T14429] Call Trace: [ 872.480424][T14429] [ 872.480430][T14429] dump_stack_lvl+0x16c/0x1f0 [ 872.480465][T14429] should_fail_ex+0x512/0x640 [ 872.480483][T14429] ? bpf_token_put+0xe/0x170 [ 872.480504][T14429] get_futex_key+0x1d0/0x1560 [ 872.480535][T14429] ? __pfx_get_futex_key+0x10/0x10 [ 872.480557][T14429] ? __pfx_map_create+0x10/0x10 [ 872.480582][T14429] ? __might_fault+0xe3/0x190 [ 872.480603][T14429] ? __might_fault+0xe3/0x190 [ 872.480623][T14429] ? __might_fault+0x13b/0x190 [ 872.480648][T14429] futex_wake+0xea/0x530 [ 872.480678][T14429] ? __pfx_futex_wake+0x10/0x10 [ 872.480716][T14429] do_futex+0x1e3/0x350 [ 872.480740][T14429] ? __pfx_do_futex+0x10/0x10 [ 872.480770][T14429] __x64_sys_futex+0x1e0/0x4c0 [ 872.480795][T14429] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 872.480830][T14429] ? __pfx___x64_sys_futex+0x10/0x10 [ 872.480855][T14429] ? xfd_validate_state+0x61/0x180 [ 872.480890][T14429] do_syscall_64+0xcd/0x4c0 [ 872.480909][T14429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 872.480928][T14429] RIP: 0033:0x7f62ac98eba9 [ 872.480943][T14429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 872.480962][T14429] RSP: 002b:00007f62ad8760e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 872.480980][T14429] RAX: ffffffffffffffda RBX: 00007f62acbd5fa8 RCX: 00007f62ac98eba9 [ 872.480992][T14429] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f62acbd5fac [ 872.481003][T14429] RBP: 00007f62acbd5fa0 R08: 00007f62ad877000 R09: 0000000000000000 [ 872.481015][T14429] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 872.481025][T14429] R13: 00007f62acbd6038 R14: 00007ffce2414c80 R15: 00007ffce2414d68 [ 872.481048][T14429] [ 872.684160][ C0] vkms_vblank_simulate: vblank timer overrun [ 872.711553][T14433] Invalid ELF header magic: != ELF [ 873.302574][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 873.311997][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 873.402114][T14442] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1829'. [ 873.464575][T14442] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1829'. [ 873.959831][T14445] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1830'. [ 876.974529][T14477] bond0: option all_slaves_active: invalid value () [ 877.829079][T14498] can0: slcan on ttyS2. [ 878.188070][T14497] can0 (unregistered): slcan off ttyS2. [ 879.151901][T14531] FAULT_INJECTION: forcing a failure. [ 879.151901][T14531] name failslab, interval 1, probability 0, space 0, times 0 [ 879.401736][T14517] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input42 [ 879.419793][T14531] CPU: 0 UID: 0 PID: 14531 Comm: syz.4.1844 Not tainted syzkaller #0 PREEMPT(full) [ 879.419830][T14531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 879.419841][T14531] Call Trace: [ 879.419848][T14531] [ 879.419855][T14531] dump_stack_lvl+0x16c/0x1f0 [ 879.419888][T14531] should_fail_ex+0x512/0x640 [ 879.419905][T14531] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 879.419929][T14531] should_failslab+0xc2/0x120 [ 879.419955][T14531] __kmalloc_cache_noprof+0x6a/0x3e0 [ 879.419975][T14531] ? netdev_create_hash+0x3c/0xc0 [ 879.419996][T14531] ? __pfx_netdev_init+0x10/0x10 [ 879.420015][T14531] netdev_create_hash+0x3c/0xc0 [ 879.420035][T14531] ? __pfx_netdev_init+0x10/0x10 [ 879.420053][T14531] netdev_init+0xa5/0x230 [ 879.420079][T14531] ops_init+0x1df/0x5f0 [ 879.420106][T14531] setup_net+0x10f/0x380 [ 879.420124][T14531] ? lockdep_init_map_type+0x5c/0x280 [ 879.420151][T14531] ? __pfx_setup_net+0x10/0x10 [ 879.420168][T14531] ? debug_mutex_init+0x37/0x70 [ 879.420189][T14531] copy_net_ns+0x2a6/0x5f0 [ 879.420211][T14531] create_new_namespaces+0x3ea/0xa90 [ 879.420238][T14531] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 879.420262][T14531] ksys_unshare+0x45b/0xa40 [ 879.420288][T14531] ? __pfx_ksys_unshare+0x10/0x10 [ 879.420313][T14531] ? xfd_validate_state+0x61/0x180 [ 879.420348][T14531] __x64_sys_unshare+0x31/0x40 [ 879.420372][T14531] do_syscall_64+0xcd/0x4c0 [ 879.420390][T14531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 879.420408][T14531] RIP: 0033:0x7f572b98eba9 [ 879.420423][T14531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 879.420441][T14531] RSP: 002b:00007f572c779038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 879.420459][T14531] RAX: ffffffffffffffda RBX: 00007f572bbd6090 RCX: 00007f572b98eba9 [ 879.420471][T14531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 879.420482][T14531] RBP: 00007f572ba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 879.420493][T14531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 879.420503][T14531] R13: 00007f572bbd6128 R14: 00007f572bbd6090 R15: 00007ffeaa0cd988 [ 879.420525][T14531] [ 879.957507][T14517] FAULT_INJECTION: forcing a failure. [ 879.957507][T14517] name failslab, interval 1, probability 0, space 0, times 0 [ 880.052591][T14517] CPU: 0 UID: 0 PID: 14517 Comm: syz.2.1843 Not tainted syzkaller #0 PREEMPT(full) [ 880.052621][T14517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 880.052632][T14517] Call Trace: [ 880.052638][T14517] [ 880.052646][T14517] dump_stack_lvl+0x16c/0x1f0 [ 880.052680][T14517] should_fail_ex+0x512/0x640 [ 880.052697][T14517] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 880.052723][T14517] should_failslab+0xc2/0x120 [ 880.052748][T14517] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 880.052770][T14517] ? __kernfs_new_node+0xd2/0x8e0 [ 880.052798][T14517] __kernfs_new_node+0xd2/0x8e0 [ 880.052833][T14517] ? __pfx___kernfs_new_node+0x10/0x10 [ 880.052863][T14517] ? find_held_lock+0x2b/0x80 [ 880.052883][T14517] ? kernfs_root+0xee/0x2a0 [ 880.052911][T14517] kernfs_new_node+0x13c/0x1e0 [ 880.052943][T14517] __kernfs_create_file+0x53/0x350 [ 880.052965][T14517] sysfs_add_file_mode_ns+0x207/0x3c0 [ 880.052994][T14517] sysfs_create_file_ns+0x13d/0x1d0 [ 880.053021][T14517] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 880.053046][T14517] ? mark_held_locks+0x49/0x80 [ 880.053074][T14517] device_create_file+0xf2/0x1e0 [ 880.053100][T14517] device_add+0xa2b/0x1aa0 [ 880.053122][T14517] ? __pfx_device_add+0x10/0x10 [ 880.053142][T14517] ? __pfx_exact_lock+0x10/0x10 [ 880.053168][T14517] ? kobject_get+0xbb/0x150 [ 880.053187][T14517] cdev_device_add+0xc2/0x1e0 [ 880.053213][T14517] evdev_connect+0x3a4/0x4c0 [ 880.053238][T14517] input_attach_handler.isra.0+0x176/0x250 [ 880.053262][T14517] input_register_device+0xab9/0x1180 [ 880.053285][T14517] ? input_ff_create+0x191/0x350 [ 880.053314][T14517] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 880.053345][T14517] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 880.053373][T14517] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 880.053408][T14517] ? find_held_lock+0x2b/0x80 [ 880.053439][T14517] ? __pfx_uinput_ioctl+0x10/0x10 [ 880.053468][T14517] __x64_sys_ioctl+0x18b/0x210 [ 880.053499][T14517] do_syscall_64+0xcd/0x4c0 [ 880.053517][T14517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 880.053535][T14517] RIP: 0033:0x7f62ac98eba9 [ 880.053551][T14517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 880.053570][T14517] RSP: 002b:00007f62ad876038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 880.053588][T14517] RAX: ffffffffffffffda RBX: 00007f62acbd5fa0 RCX: 00007f62ac98eba9 [ 880.053600][T14517] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003 [ 880.053611][T14517] RBP: 00007f62aca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 880.053622][T14517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 880.053632][T14517] R13: 00007f62acbd6038 R14: 00007f62acbd5fa0 R15: 00007ffce2414d68 [ 880.053655][T14517] [ 881.173528][T14517] input: failed to attach handler evdev to device input42, error: -12 [ 881.787420][T14560] FAULT_INJECTION: forcing a failure. [ 881.787420][T14560] name failslab, interval 1, probability 0, space 0, times 0 [ 881.872546][T14560] CPU: 0 UID: 0 PID: 14560 Comm: syz.3.1847 Not tainted syzkaller #0 PREEMPT(full) [ 881.872576][T14560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 881.872587][T14560] Call Trace: [ 881.872594][T14560] [ 881.872601][T14560] dump_stack_lvl+0x16c/0x1f0 [ 881.872636][T14560] should_fail_ex+0x512/0x640 [ 881.872652][T14560] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 881.872675][T14560] should_failslab+0xc2/0x120 [ 881.872713][T14560] __kmalloc_cache_noprof+0x6a/0x3e0 [ 881.872731][T14560] ? lockdep_init_map_type+0x5c/0x280 [ 881.872758][T14560] ? nci_hci_allocate+0x45/0x330 [ 881.872791][T14560] nci_hci_allocate+0x45/0x330 [ 881.872820][T14560] nci_allocate_device+0x26f/0x430 [ 881.872846][T14560] virtual_ncidev_open+0x6f/0x220 [ 881.872872][T14560] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 881.872897][T14560] misc_open+0x35d/0x420 [ 881.872921][T14560] ? __pfx_misc_open+0x10/0x10 [ 881.872943][T14560] chrdev_open+0x234/0x6a0 [ 881.872967][T14560] ? __pfx_apparmor_file_open+0x10/0x10 [ 881.872989][T14560] ? __pfx_chrdev_open+0x10/0x10 [ 881.873014][T14560] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 881.873039][T14560] do_dentry_open+0x982/0x1530 [ 881.873062][T14560] ? __pfx_chrdev_open+0x10/0x10 [ 881.873091][T14560] vfs_open+0x82/0x3f0 [ 881.873121][T14560] path_openat+0x1de4/0x2cb0 [ 881.873151][T14560] ? __pfx_path_openat+0x10/0x10 [ 881.873179][T14560] do_filp_open+0x20b/0x470 [ 881.873201][T14560] ? __pfx_do_filp_open+0x10/0x10 [ 881.873240][T14560] ? alloc_fd+0x471/0x7d0 [ 881.873266][T14560] do_sys_openat2+0x11b/0x1d0 [ 881.873295][T14560] ? __pfx_do_sys_openat2+0x10/0x10 [ 881.873332][T14560] __x64_sys_openat+0x174/0x210 [ 881.873349][T14560] ? __pfx___x64_sys_openat+0x10/0x10 [ 881.873374][T14560] do_syscall_64+0xcd/0x4c0 [ 881.873392][T14560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 881.873411][T14560] RIP: 0033:0x7ff99258eba9 [ 881.873426][T14560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 881.873444][T14560] RSP: 002b:00007ff9907cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 881.873463][T14560] RAX: ffffffffffffffda RBX: 00007ff9927d6090 RCX: 00007ff99258eba9 [ 881.873474][T14560] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 881.873485][T14560] RBP: 00007ff992611e19 R08: 0000000000000000 R09: 0000000000000000 [ 881.873496][T14560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 881.873507][T14560] R13: 00007ff9927d6128 R14: 00007ff9927d6090 R15: 00007ffe69730b58 [ 881.873534][T14560] [ 882.816848][T14574] ima: policy update failed [ 882.852177][T14574] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1852'. [ 882.908241][ T30] audit: type=1802 audit(4294967636.705:25): pid=14574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1852" res=0 errno=0 [ 882.968202][T14575] Invalid ELF header magic: != ELF [ 883.829098][T14592] random: crng reseeded on system resumption [ 887.191920][T14629] kAFS: Invalid Command on /proc/fs/afs/cells file [ 887.335634][T14635] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1863'. [ 888.527315][T14651] FAULT_INJECTION: forcing a failure. [ 888.527315][T14651] name failslab, interval 1, probability 0, space 0, times 0 [ 888.623266][T14651] CPU: 0 UID: 0 PID: 14651 Comm: syz.2.1867 Not tainted syzkaller #0 PREEMPT(full) [ 888.623294][T14651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 888.623305][T14651] Call Trace: [ 888.623311][T14651] [ 888.623318][T14651] dump_stack_lvl+0x16c/0x1f0 [ 888.623352][T14651] should_fail_ex+0x512/0x640 [ 888.623369][T14651] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 888.623397][T14651] should_failslab+0xc2/0x120 [ 888.623423][T14651] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 888.623446][T14651] ? lockdep_init_map_type+0x5c/0x280 [ 888.623473][T14651] ? __ip_vs_lblc_init+0x77/0x340 [ 888.623500][T14651] ? __pfx___ip_vs_lblc_init+0x10/0x10 [ 888.623526][T14651] kmemdup_noprof+0x29/0x60 [ 888.623549][T14651] __ip_vs_lblc_init+0x77/0x340 [ 888.623574][T14651] ? __pfx___ip_vs_lblc_init+0x10/0x10 [ 888.623598][T14651] ops_init+0x1df/0x5f0 [ 888.623618][T14651] setup_net+0x10f/0x380 [ 888.623632][T14651] ? lockdep_init_map_type+0x5c/0x280 [ 888.623658][T14651] ? __pfx_setup_net+0x10/0x10 [ 888.623676][T14651] ? debug_mutex_init+0x37/0x70 [ 888.623710][T14651] copy_net_ns+0x2a6/0x5f0 [ 888.623742][T14651] create_new_namespaces+0x3ea/0xa90 [ 888.623771][T14651] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 888.623795][T14651] ksys_unshare+0x45b/0xa40 [ 888.623822][T14651] ? __pfx_ksys_unshare+0x10/0x10 [ 888.623849][T14651] ? xfd_validate_state+0x61/0x180 [ 888.623884][T14651] __x64_sys_unshare+0x31/0x40 [ 888.623909][T14651] do_syscall_64+0xcd/0x4c0 [ 888.623928][T14651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 888.623946][T14651] RIP: 0033:0x7f62ac98eba9 [ 888.623961][T14651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 888.623979][T14651] RSP: 002b:00007f62ad876038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 888.623997][T14651] RAX: ffffffffffffffda RBX: 00007f62acbd5fa0 RCX: 00007f62ac98eba9 [ 888.624009][T14651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 888.624020][T14651] RBP: 00007f62aca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 888.624031][T14651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 888.624042][T14651] R13: 00007f62acbd6038 R14: 00007f62acbd5fa0 R15: 00007ffce2414d68 [ 888.624064][T14651] [ 890.478461][T13958] Bluetooth: hci1: unexpected event 0x17 length: 440 > 6 [ 892.539013][T14706] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 892.713805][T14714] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 894.729893][T14703] Process accounting resumed [ 895.981639][T14746] FAULT_INJECTION: forcing a failure. [ 895.981639][T14746] name failslab, interval 1, probability 0, space 0, times 0 [ 896.046673][T14746] CPU: 0 UID: 0 PID: 14746 Comm: syz.3.1885 Not tainted syzkaller #0 PREEMPT(full) [ 896.046704][T14746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 896.046716][T14746] Call Trace: [ 896.046723][T14746] [ 896.046730][T14746] dump_stack_lvl+0x16c/0x1f0 [ 896.046765][T14746] should_fail_ex+0x512/0x640 [ 896.046782][T14746] ? fs_reclaim_acquire+0xae/0x150 [ 896.046814][T14746] should_failslab+0xc2/0x120 [ 896.046838][T14746] __kmalloc_cache_noprof+0x6a/0x3e0 [ 896.046858][T14746] ? __lock_acquire+0x62e/0x1ce0 [ 896.046885][T14746] ? usb_control_msg+0xbc/0x4a0 [ 896.046916][T14746] usb_control_msg+0xbc/0x4a0 [ 896.046946][T14746] ? __pfx_usb_control_msg+0x10/0x10 [ 896.047012][T14746] hub_ext_port_status+0x14e/0x670 [ 896.047048][T14746] hub_activate+0x6e5/0x1d60 [ 896.047084][T14746] ? __pfx_hub_activate+0x10/0x10 [ 896.047111][T14746] ? find_held_lock+0x2b/0x80 [ 896.047130][T14746] ? usbdev_notify+0x260/0x370 [ 896.047161][T14746] hub_resume+0xa8/0x3f0 [ 896.047190][T14746] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 896.047222][T14746] ? __pfx_hub_resume+0x10/0x10 [ 896.047251][T14746] ? __pfx_hcd_bus_resume+0x10/0x10 [ 896.047281][T14746] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 896.047307][T14746] usb_resume_both+0x273/0x800 [ 896.047330][T14746] ? __pfx_usb_resume_both+0x10/0x10 [ 896.047353][T14746] ? __pfx_usb_runtime_resume+0x10/0x10 [ 896.047378][T14746] ? __pfx_usb_runtime_resume+0x10/0x10 [ 896.047403][T14746] __rpm_callback+0xc8/0x610 [ 896.047433][T14746] ? __pfx_usb_runtime_resume+0x10/0x10 [ 896.047458][T14746] rpm_callback+0x1b7/0x200 [ 896.047486][T14746] ? __pfx_usb_runtime_resume+0x10/0x10 [ 896.047510][T14746] rpm_resume+0xd0a/0x1310 [ 896.047550][T14746] ? __pfx_rpm_resume+0x10/0x10 [ 896.047577][T14746] ? do_raw_spin_lock+0x12c/0x2b0 [ 896.047605][T14746] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 896.047654][T14746] __pm_runtime_resume+0xb6/0x170 [ 896.047673][T14746] usb_autoresume_device+0x23/0xe0 [ 896.047699][T14746] usbdev_open+0x228/0x8b0 [ 896.047725][T14746] ? do_raw_spin_lock+0x12c/0x2b0 [ 896.047753][T14746] ? __pfx_usbdev_open+0x10/0x10 [ 896.047783][T14746] ? chrdev_open+0x58c/0x6a0 [ 896.047813][T14746] ? __pfx_usbdev_open+0x10/0x10 [ 896.047841][T14746] chrdev_open+0x234/0x6a0 [ 896.047866][T14746] ? __pfx_chrdev_open+0x10/0x10 [ 896.047892][T14746] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 896.047918][T14746] do_dentry_open+0x982/0x1530 [ 896.047942][T14746] ? __pfx_chrdev_open+0x10/0x10 [ 896.047970][T14746] vfs_open+0x82/0x3f0 [ 896.048005][T14746] path_openat+0x1de4/0x2cb0 [ 896.048035][T14746] ? __pfx_path_openat+0x10/0x10 [ 896.048063][T14746] do_filp_open+0x20b/0x470 [ 896.048086][T14746] ? __pfx_do_filp_open+0x10/0x10 [ 896.048124][T14746] ? alloc_fd+0x471/0x7d0 [ 896.048150][T14746] do_sys_openat2+0x11b/0x1d0 [ 896.048179][T14746] ? __pfx_do_sys_openat2+0x10/0x10 [ 896.048216][T14746] __x64_sys_openat+0x174/0x210 [ 896.048232][T14746] ? __pfx___x64_sys_openat+0x10/0x10 [ 896.048258][T14746] do_syscall_64+0xcd/0x4c0 [ 896.048277][T14746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 896.048296][T14746] RIP: 0033:0x7ff99258eba9 [ 896.048312][T14746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 896.048331][T14746] RSP: 002b:00007ff9907ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 896.048349][T14746] RAX: ffffffffffffffda RBX: 00007ff9927d5fa0 RCX: 00007ff99258eba9 [ 896.048361][T14746] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 896.048373][T14746] RBP: 00007ff992611e19 R08: 0000000000000000 R09: 0000000000000000 [ 896.048384][T14746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 896.048395][T14746] R13: 00007ff9927d6038 R14: 00007ff9927d5fa0 R15: 00007ffe69730b58 [ 896.048419][T14746] [ 896.048431][T14746] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 900.208326][T14817] ima: policy update failed [ 900.208446][ T30] audit: type=1802 audit(4294967297.562:26): pid=14817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1899" res=0 errno=0 [ 900.228679][T14817] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1899'. [ 902.746582][ T30] audit: type=1326 audit(4294967300.126:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14862 comm="syz.4.1905" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f572b98eba9 code=0x0 [ 909.595416][T14967] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1920'. [ 909.723940][T14967] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.1920: iget: checksum invalid [ 909.886050][T14967] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 910.006519][T14967] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.1920: iget: checksum invalid [ 910.145230][T14967] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 910.272684][T14967] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.1920: iget: checksum invalid [ 910.400714][T14968] ima: policy update failed [ 910.416444][ T30] audit: type=1802 audit(4294967307.825:28): pid=14968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1922" res=0 errno=0 [ 910.446775][T14967] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 910.458291][T14975] futex_wake_op: syz.0.1923 tries to shift op by -9; fix this program [ 910.541468][T14967] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.1920: iget: checksum invalid [ 910.606727][T14967] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 910.655805][T14967] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 910.690591][T14967] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 910.860597][ T30] audit: type=1800 audit(4294967308.278:29): pid=14983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1924" name="features" dev="configfs" ino=125919 res=0 errno=0 [ 911.454866][T14991] vivid-003: ================= START STATUS ================= [ 911.537372][T14991] vivid-003: Radio HW Seek Mode: Bounded [ 911.640081][T15000] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 911.661054][T14991] vivid-003: Radio Programmable HW Seek: false [ 911.667563][T14991] vivid-003: RDS Rx I/O Mode: Block I/O [ 911.985358][T14991] vivid-003: Generate RBDS Instead of RDS: false [ 912.148833][T14991] vivid-003: RDS Reception: true [ 912.261324][T14991] vivid-003: RDS Program Type: 0 inactive [ 912.331603][T15002] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 912.379943][T14991] vivid-003: RDS PS Name: inactive [ 912.482794][T14991] vivid-003: RDS Radio Text: inactive [ 912.629341][T14991] vivid-003: RDS Traffic Announcement: false inactive [ 912.784897][T14991] vivid-003: RDS Traffic Program: false inactive [ 912.920483][T14991] vivid-003: RDS Music: false inactive [ 912.988311][T14991] vivid-003: ================== END STATUS ================== [ 913.514122][T15023] random: crng reseeded on system resumption [ 916.789067][T15063] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1941'. [ 917.763237][T13962] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1381 with max blocks 24 with error 117 [ 917.803599][T13962] EXT4-fs (sda1): This should not happen!! Data will be lost [ 917.803599][T13962] [ 918.580163][T15082] net_ratelimit: 1 callbacks suppressed [ 918.580180][T15082] openvswitch: netlink: IPv4 tunnel dst address is zero [ 919.176088][T15092] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45 [ 919.778073][T15095] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46 [ 919.790070][ T30] audit: type=1800 audit(4294967317.254:30): pid=15103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=126573 res=0 errno=0 [ 919.892139][T15099] HfR: entered promiscuous mode [ 920.051862][T15092] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1946'. [ 920.206737][T15092] HfR: left promiscuous mode [ 921.404514][T15112] hugetlbfs: syz.2.1950 (15112): Using mlock ulimits for SHM_HUGETLB is obsolete [ 922.541930][T15134] FAULT_INJECTION: forcing a failure. [ 922.541930][T15134] name fail_futex, interval 1, probability 0, space 0, times 0 [ 922.698621][T15134] CPU: 0 UID: 0 PID: 15134 Comm: syz.0.1955 Not tainted syzkaller #0 PREEMPT(full) [ 922.698648][T15134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 922.698660][T15134] Call Trace: [ 922.698665][T15134] [ 922.698673][T15134] dump_stack_lvl+0x16c/0x1f0 [ 922.698706][T15134] should_fail_ex+0x512/0x640 [ 922.698726][T15134] get_futex_key+0x1d0/0x1560 [ 922.698753][T15134] ? __pfx_get_futex_key+0x10/0x10 [ 922.698778][T15134] ? do_raw_spin_lock+0x12c/0x2b0 [ 922.698811][T15134] futex_wake+0xea/0x530 [ 922.698837][T15134] ? find_held_lock+0x2b/0x80 [ 922.698857][T15134] ? __pfx_futex_wake+0x10/0x10 [ 922.698882][T15134] ? rcu_is_watching+0x12/0xc0 [ 922.698902][T15134] ? lockdep_hardirqs_on+0x7c/0x110 [ 922.698930][T15134] ? posix_timer_unhash_and_free+0x375/0x400 [ 922.698955][T15134] ? posix_cpu_timer_create+0x257/0x4a0 [ 922.698991][T15134] do_futex+0x1e3/0x350 [ 922.699017][T15134] ? __pfx_do_futex+0x10/0x10 [ 922.699046][T15134] __x64_sys_futex+0x1e0/0x4c0 [ 922.699072][T15134] ? __pfx___x64_sys_timer_create+0x10/0x10 [ 922.699105][T15134] ? __pfx___x64_sys_futex+0x10/0x10 [ 922.699130][T15134] ? xfd_validate_state+0x61/0x180 [ 922.699157][T15134] ? __task_pid_nr_ns+0x17c/0x500 [ 922.699191][T15134] do_syscall_64+0xcd/0x4c0 [ 922.699209][T15134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.699227][T15134] RIP: 0033:0x7f316718eba9 [ 922.699243][T15134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 922.699260][T15134] RSP: 002b:00007f3167f910e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 922.699279][T15134] RAX: ffffffffffffffda RBX: 00007f31673d5fa8 RCX: 00007f316718eba9 [ 922.699290][T15134] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f31673d5fac [ 922.699301][T15134] RBP: 00007f31673d5fa0 R08: 00007f3167f92000 R09: 0000000000000000 [ 922.699312][T15134] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 922.699323][T15134] R13: 00007f31673d6038 R14: 00007ffebad7fa20 R15: 00007ffebad7fb08 [ 922.699345][T15134] [ 923.222197][T15146] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 923.822436][T15145] kexec: Could not allocate control_code_buffer [ 924.118456][T15153] blktrace: Concurrent blktraces are not allowed on ram7 [ 924.807428][T15153] Process accounting paused [ 927.221757][T15184] netlink: set zone limit has 8 unknown bytes [ 929.713900][T15203] 0x000200000001-0xa29656a63616329 : "" [ 929.745544][T15203] mtd: partition "" is out of reach -- disabled [ 929.835457][T15203] ftl_cs: FTL header not found. [ 930.568488][T15235] deleting an unspecified loop device is not supported. [ 934.395034][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 934.404941][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 936.995472][ C0] vcan0: j1939_tp_rxtimer: 0xffff888055a33800: rx timeout, send abort [ 937.501970][ C0] vcan0: j1939_tp_rxtimer: 0xffff888055a33800: abort rx timeout. Force session deactivation [ 938.128020][T15344] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163fc29 (__mcheck_cpu_init_clear_banks+0x109/0x1f0) [ 938.144167][T15344] Call Trace: [ 938.147465][T15344] [ 938.150501][T15344] mce_cpu_restart+0x98/0xb0 [ 938.155205][T15344] ? __pfx_mce_cpu_restart+0x10/0x10 [ 938.160598][T15344] smp_call_function_many_cond+0x122a/0x1600 [ 938.166866][T15344] ? __pfx_mce_cpu_restart+0x10/0x10 [ 938.172213][T15344] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 938.178097][T15344] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 938.184527][T15344] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 938.190536][T15344] ? __pfx_mce_cpu_restart+0x10/0x10 [ 938.196004][T15344] on_each_cpu_cond_mask+0x40/0x90 [ 938.201316][T15344] set_bank+0x240/0x3a0 [ 938.205512][T15344] ? __pfx_set_bank+0x10/0x10 [ 938.210206][T15344] ? find_held_lock+0x2b/0x80 [ 938.214915][T15344] ? __pfx_set_bank+0x10/0x10 [ 938.219693][T15344] dev_attr_store+0x58/0x80 [ 938.224201][T15344] ? __pfx_dev_attr_store+0x10/0x10 [ 938.229414][T15344] sysfs_kf_write+0xef/0x150 [ 938.234196][T15344] kernfs_fop_write_iter+0x351/0x510 [ 938.239565][T15344] ? __pfx_sysfs_kf_write+0x10/0x10 [ 938.244783][T15344] vfs_write+0x7d3/0x11d0 [ 938.249123][T15344] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 938.255312][T15344] ? __pfx___mutex_lock+0x10/0x10 [ 938.260617][T15344] ? __pfx_vfs_write+0x10/0x10 [ 938.265404][T15344] ksys_write+0x12a/0x250 [ 938.269845][T15344] ? __pfx_ksys_write+0x10/0x10 [ 938.275002][T15344] do_syscall_64+0xcd/0x4c0 [ 938.279834][T15344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 938.285842][T15344] RIP: 0033:0x7f62ac98eba9 [ 938.290535][T15344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 938.310601][T15344] RSP: 002b:00007f62ad855038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 938.319023][T15344] RAX: ffffffffffffffda RBX: 00007f62acbd6090 RCX: 00007f62ac98eba9 [ 938.327171][T15344] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000004 [ 938.335238][T15344] RBP: 00007f62aca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 938.343307][T15344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 938.351428][T15344] R13: 00007f62acbd6128 R14: 00007f62acbd6090 R15: 00007ffce2414d68 [ 938.359415][T15344] [ 939.670257][T13958] Bluetooth: hci4: unexpected event 0x16 length: 440 > 6 [ 940.342586][T15344] zswap: compressor not available [ 941.126209][T15385] FAULT_INJECTION: forcing a failure. [ 941.126209][T15385] name failslab, interval 1, probability 0, space 0, times 0 [ 941.348747][T15385] CPU: 0 UID: 0 PID: 15385 Comm: syz.4.1996 Not tainted syzkaller #0 PREEMPT(full) [ 941.348775][T15385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 941.348786][T15385] Call Trace: [ 941.348793][T15385] [ 941.348799][T15385] dump_stack_lvl+0x16c/0x1f0 [ 941.348833][T15385] should_fail_ex+0x512/0x640 [ 941.348855][T15385] should_failslab+0xc2/0x120 [ 941.348880][T15385] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 941.348903][T15385] ? zswap_store+0x839/0x25a0 [ 941.348934][T15385] zswap_store+0x839/0x25a0 [ 941.348972][T15385] ? __pfx_zswap_store+0x10/0x10 [ 941.349000][T15385] ? do_raw_spin_lock+0x12c/0x2b0 [ 941.349029][T15385] ? find_held_lock+0x2b/0x80 [ 941.349049][T15385] ? folio_free_swap+0x171/0x580 [ 941.349073][T15385] ? do_raw_spin_unlock+0x172/0x230 [ 941.349100][T15385] ? swp_swap_info+0xce/0x130 [ 941.349125][T15385] ? __pfx_swp_swap_info+0x10/0x10 [ 941.349151][T15385] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 941.349172][T15385] swap_writeout+0x3b2/0xfe0 [ 941.349188][T15385] ? mark_held_locks+0x49/0x80 [ 941.349211][T15385] ? _raw_spin_unlock_irq+0x23/0x50 [ 941.349238][T15385] shmem_writeout+0xc29/0x1140 [ 941.349263][T15385] ? __pfx_shmem_writeout+0x10/0x10 [ 941.349295][T15385] ? inode_to_bdi+0x9e/0x160 [ 941.349319][T15385] ? folio_clear_dirty_for_io+0x112/0x810 [ 941.349358][T15385] shrink_folio_list+0x2f4c/0x4880 [ 941.349386][T15385] ? __pfx_shrink_folio_list+0x10/0x10 [ 941.349403][T15385] ? xas_create+0x72b/0x1460 [ 941.349420][T15385] ? xas_store+0x90/0x1910 [ 941.349436][T15385] ? shmem_add_to_page_cache+0x7ae/0xa70 [ 941.349455][T15385] ? shmem_get_folio_gfp+0x67f/0x1600 [ 941.349485][T15385] ? __lock_acquire+0x62e/0x1ce0 [ 941.349517][T15385] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 941.349546][T15385] ? lock_acquire+0x179/0x350 [ 941.349571][T15385] ? find_held_lock+0x2b/0x80 [ 941.349615][T15385] reclaim_folio_list+0xda/0x5d0 [ 941.349634][T15385] ? __pfx_css_rstat_updated+0x10/0x10 [ 941.349657][T15385] ? __pfx_reclaim_folio_list+0x10/0x10 [ 941.349686][T15385] ? lru_gen_update_size+0x543/0xe10 [ 941.349711][T15385] ? lru_gen_del_folio+0x32b/0x540 [ 941.349732][T15385] reclaim_pages+0x47b/0x650 [ 941.349755][T15385] ? __pfx_reclaim_pages+0x10/0x10 [ 941.349774][T15385] ? find_held_lock+0x2b/0x80 [ 941.349793][T15385] ? madvise_cold_or_pageout_pte_range+0x749/0x2120 [ 941.349825][T15385] madvise_cold_or_pageout_pte_range+0x1546/0x2120 [ 941.349864][T15385] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 941.349898][T15385] ? __lock_acquire+0xb97/0x1ce0 [ 941.349921][T15385] ? css_rstat_updated+0x1c2/0x510 [ 941.349941][T15385] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 941.349971][T15385] walk_pgd_range+0xc05/0x1f50 [ 941.350010][T15385] ? __pfx_walk_pgd_range+0x10/0x10 [ 941.350039][T15385] __walk_page_range+0x163/0x820 [ 941.350066][T15385] ? __lock_acquire+0xb97/0x1ce0 [ 941.350095][T15385] walk_page_range_vma+0x2c7/0xa20 [ 941.350121][T15385] ? __pfx_walk_page_range_vma+0x10/0x10 [ 941.350145][T15385] ? find_held_lock+0x2b/0x80 [ 941.350172][T15385] madvise_pageout+0x257/0x540 [ 941.350198][T15385] ? __pfx_madvise_pageout+0x10/0x10 [ 941.350221][T15385] ? finish_task_switch.isra.0+0x21c/0xc10 [ 941.350259][T15385] madvise_vma_behavior+0xb22/0x2d60 [ 941.350295][T15385] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 941.350323][T15385] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 941.350352][T15385] ? __pfx_mas_prev+0x10/0x10 [ 941.350385][T15385] ? find_vma_prev+0xda/0x160 [ 941.350410][T15385] ? find_held_lock+0x2b/0x80 [ 941.350427][T15385] ? __pfx_find_vma_prev+0x10/0x10 [ 941.350453][T15385] ? futex_unqueue+0x133/0x2c0 [ 941.350483][T15385] ? __futex_wait+0x24c/0x2f0 [ 941.350514][T15385] madvise_walk_vmas+0x31f/0x9c0 [ 941.350545][T15385] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 941.350579][T15385] madvise_do_behavior+0x1e2/0x530 [ 941.350605][T15385] ? futex_private_hash_put+0x18a/0x300 [ 941.350628][T15385] ? __pfx_madvise_do_behavior+0x10/0x10 [ 941.350656][T15385] ? down_read+0x13d/0x480 [ 941.350685][T15385] do_madvise+0x176/0x240 [ 941.350711][T15385] ? __pfx_do_madvise+0x10/0x10 [ 941.350737][T15385] ? do_futex+0x122/0x350 [ 941.350777][T15385] ? syscall_user_dispatch+0x78/0x140 [ 941.350810][T15385] __x64_sys_madvise+0xa9/0x110 [ 941.350837][T15385] do_syscall_64+0xcd/0x4c0 [ 941.350856][T15385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 941.350874][T15385] RIP: 0033:0x7f572b98eba9 [ 941.350890][T15385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 941.350908][T15385] RSP: 002b:00007f572c737038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 941.350926][T15385] RAX: ffffffffffffffda RBX: 00007f572bbd6270 RCX: 00007f572b98eba9 [ 941.350938][T15385] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000 [ 941.350949][T15385] RBP: 00007f572ba11e19 R08: 0000000000000000 R09: 0000000000000000 [ 941.350960][T15385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 941.350970][T15385] R13: 00007f572bbd6308 R14: 00007f572bbd6270 R15: 00007ffeaa0cd988 [ 941.350993][T15385] [ 941.943470][T15379] random: crng reseeded on system resumption [ 943.158105][T15401] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 943.258682][T15403] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 944.169915][T15417] FAULT_INJECTION: forcing a failure. [ 944.169915][T15417] name failslab, interval 1, probability 0, space 0, times 0 [ 944.260684][T15417] CPU: 0 UID: 0 PID: 15417 Comm: syz.2.2005 Not tainted syzkaller #0 PREEMPT(full) [ 944.260714][T15417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 944.260726][T15417] Call Trace: [ 944.260732][T15417] [ 944.260739][T15417] dump_stack_lvl+0x16c/0x1f0 [ 944.260773][T15417] should_fail_ex+0x512/0x640 [ 944.260789][T15417] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 944.260814][T15417] should_failslab+0xc2/0x120 [ 944.260840][T15417] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 944.260863][T15417] ? security_file_alloc+0x34/0x2b0 [ 944.260893][T15417] security_file_alloc+0x34/0x2b0 [ 944.260919][T15417] init_file+0x93/0x4c0 [ 944.260947][T15417] alloc_empty_file+0x73/0x1e0 [ 944.260975][T15417] path_openat+0xda/0x2cb0 [ 944.260997][T15417] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 944.261029][T15417] ? __pfx_path_openat+0x10/0x10 [ 944.261058][T15417] do_filp_open+0x20b/0x470 [ 944.261080][T15417] ? __pfx_do_filp_open+0x10/0x10 [ 944.261117][T15417] ? alloc_fd+0x471/0x7d0 [ 944.261143][T15417] do_sys_openat2+0x11b/0x1d0 [ 944.261171][T15417] ? __pfx_do_sys_openat2+0x10/0x10 [ 944.261198][T15417] ? find_held_lock+0x2b/0x80 [ 944.261217][T15417] ? handle_mm_fault+0x2ab/0xd10 [ 944.261241][T15417] __x64_sys_openat+0x174/0x210 [ 944.261258][T15417] ? __pfx___x64_sys_openat+0x10/0x10 [ 944.261278][T15417] ? do_user_addr_fault+0x843/0x1370 [ 944.261313][T15417] do_syscall_64+0xcd/0x4c0 [ 944.261346][T15417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 944.261365][T15417] RIP: 0033:0x7f62ac98d510 [ 944.261381][T15417] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 944.261399][T15417] RSP: 002b:00007f62ad875f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 944.261424][T15417] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f62ac98d510 [ 944.261437][T15417] RDX: 0000000000000000 RSI: 00007f62ad875fa0 RDI: 00000000ffffff9c [ 944.261448][T15417] RBP: 00007f62ad875fa0 R08: 0000000000000000 R09: 0000000000000000 [ 944.261459][T15417] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 944.261470][T15417] R13: 00007f62acbd6038 R14: 00007f62acbd5fa0 R15: 00007ffce2414d68 [ 944.261492][T15417] [ 945.740340][T15441] FAULT_INJECTION: forcing a failure. [ 945.740340][T15441] name failslab, interval 1, probability 0, space 0, times 0 [ 945.785992][T15441] CPU: 0 UID: 0 PID: 15441 Comm: syz.0.2008 Not tainted syzkaller #0 PREEMPT(full) [ 945.786021][T15441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 945.786031][T15441] Call Trace: [ 945.786038][T15441] [ 945.786045][T15441] dump_stack_lvl+0x16c/0x1f0 [ 945.786079][T15441] should_fail_ex+0x512/0x640 [ 945.786095][T15441] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 945.786122][T15441] should_failslab+0xc2/0x120 [ 945.786147][T15441] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 945.786170][T15441] ? __d_alloc+0x32/0xae0 [ 945.786197][T15441] __d_alloc+0x32/0xae0 [ 945.786222][T15441] d_alloc_pseudo+0x1c/0xc0 [ 945.786250][T15441] alloc_file_pseudo+0xcf/0x230 [ 945.786291][T15441] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 945.786320][T15441] ? _raw_spin_unlock+0x28/0x50 [ 945.786344][T15441] ? alloc_fd+0x471/0x7d0 [ 945.786365][T15441] __anon_inode_getfile+0xe8/0x280 [ 945.786391][T15441] anon_inode_getfd+0x52/0xb0 [ 945.786415][T15441] __x64_sys_fsopen+0x18b/0x240 [ 945.786442][T15441] do_syscall_64+0xcd/0x4c0 [ 945.786461][T15441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 945.786479][T15441] RIP: 0033:0x7f316718eba9 [ 945.786493][T15441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 945.786511][T15441] RSP: 002b:00007f3167f70038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 945.786530][T15441] RAX: ffffffffffffffda RBX: 00007f31673d6090 RCX: 00007f316718eba9 [ 945.786541][T15441] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 945.786552][T15441] RBP: 00007f3167211e19 R08: 0000000000000000 R09: 0000000000000000 [ 945.786563][T15441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 945.786573][T15441] R13: 00007f31673d6128 R14: 00007f31673d6090 R15: 00007ffebad7fb08 [ 945.786595][T15441] [ 947.162134][T15456] can: request_module (can-proto-0) failed. [ 947.318574][T15459] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2012'. [ 947.691424][T15469] vivid-003: ================= START STATUS ================= [ 947.741597][T15469] vivid-003: Radio HW Seek Mode: Bounded [ 947.774240][T15469] vivid-003: Radio Programmable HW Seek: false [ 947.830426][T15469] vivid-003: RDS Rx I/O Mode: Block I/O [ 947.869819][T15469] vivid-003: Generate RBDS Instead of RDS: false [ 947.921363][T15469] vivid-003: RDS Reception: true [ 947.944609][T15469] vivid-003: RDS Program Type: 0 inactive [ 947.974580][T15469] vivid-003: RDS PS Name: inactive [ 948.008043][T15469] vivid-003: RDS Radio Text: inactive [ 948.035649][T15469] vivid-003: RDS Traffic Announcement: false inactive [ 948.057200][T15469] vivid-003: RDS Traffic Program: false inactive [ 948.070410][T15469] vivid-003: RDS Music: false inactive [ 948.085591][T15469] vivid-003: ================== END STATUS ================== [ 950.518208][T15491] bond0: option all_slaves_active: invalid value () [ 952.269540][T14268] usb usb38-port5: attempt power cycle [ 952.841603][T14268] usb usb38-port5: unable to enumerate USB device [ 953.799535][T15522] FAULT_INJECTION: forcing a failure. [ 953.799535][T15522] name failslab, interval 1, probability 0, space 0, times 0 [ 953.879214][T15522] CPU: 0 UID: 0 PID: 15522 Comm: syz.2.2023 Not tainted syzkaller #0 PREEMPT(full) [ 953.879241][T15522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 953.879252][T15522] Call Trace: [ 953.879260][T15522] [ 953.879269][T15522] dump_stack_lvl+0x16c/0x1f0 [ 953.879301][T15522] should_fail_ex+0x512/0x640 [ 953.879319][T15522] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 953.879345][T15522] should_failslab+0xc2/0x120 [ 953.879370][T15522] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 953.879393][T15522] ? acpi_ut_create_thread_state+0x63/0x170 [ 953.879422][T15522] acpi_ut_create_thread_state+0x63/0x170 [ 953.879447][T15522] acpi_ps_parse_aml+0x79/0xcb0 [ 953.879479][T15522] acpi_ps_execute_method+0x55a/0xb30 [ 953.879521][T15522] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 953.879544][T15522] acpi_ns_evaluate+0x76c/0xca0 [ 953.879563][T15522] ? kasan_save_track+0x14/0x30 [ 953.879587][T15522] acpi_evaluate_object+0x1fa/0xa90 [ 953.879615][T15522] ? do_syscall_64+0xcd/0x4c0 [ 953.879630][T15522] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 953.879650][T15522] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 953.879676][T15522] ? __mutex_trylock_common+0xe9/0x250 [ 953.879706][T15522] acpi_evaluate_integer+0xdd/0x200 [ 953.879728][T15522] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 953.879761][T15522] ? __pfx_status_show+0x10/0x10 [ 953.879786][T15522] status_show+0xa0/0x120 [ 953.879811][T15522] ? __pfx_status_show+0x10/0x10 [ 953.879843][T15522] dev_attr_show+0x53/0xe0 [ 953.879864][T15522] ? __pfx_dev_attr_show+0x10/0x10 [ 953.879881][T15522] sysfs_kf_seq_show+0x213/0x3e0 [ 953.879906][T15522] seq_read_iter+0x509/0x12c0 [ 953.879926][T15522] ? __mutex_trylock_common+0xe9/0x250 [ 953.879959][T15522] kernfs_fop_read_iter+0x40f/0x5a0 [ 953.879977][T15522] ? rw_verify_area+0xcf/0x6c0 [ 953.879998][T15522] vfs_read+0x8bc/0xcf0 [ 953.880021][T15522] ? __pfx___mutex_lock+0x10/0x10 [ 953.880038][T15522] ? __pfx_vfs_read+0x10/0x10 [ 953.880074][T15522] ksys_read+0x12a/0x250 [ 953.880095][T15522] ? __pfx_ksys_read+0x10/0x10 [ 953.880128][T15522] do_syscall_64+0xcd/0x4c0 [ 953.880146][T15522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 953.880165][T15522] RIP: 0033:0x7f62ac98eba9 [ 953.880180][T15522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 953.880199][T15522] RSP: 002b:00007f62ad876038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 953.880217][T15522] RAX: ffffffffffffffda RBX: 00007f62acbd5fa0 RCX: 00007f62ac98eba9 [ 953.880229][T15522] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 953.880240][T15522] RBP: 00007f62aca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 953.880251][T15522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 953.880261][T15522] R13: 00007f62acbd6038 R14: 00007f62acbd5fa0 R15: 00007ffce2414d68 [ 953.880285][T15522] [ 954.930412][T15524] netlink: zone id is out of range [ 954.967698][T15524] netlink: zone id is out of range [ 954.972848][T15524] netlink: zone id is out of range [ 955.004724][T15524] netlink: zone id is out of range [ 955.010044][T15524] netlink: zone id is out of range [ 955.061901][T15524] netlink: zone id is out of range [ 955.079964][T15524] netlink: zone id is out of range [ 955.106391][T15524] netlink: zone id is out of range [ 955.111791][T15524] netlink: zone id is out of range [ 955.149463][T15524] netlink: zone id is out of range [ 955.302956][T15535] FAULT_INJECTION: forcing a failure. [ 955.302956][T15535] name fail_futex, interval 1, probability 0, space 0, times 0 [ 955.361560][T15535] CPU: 0 UID: 0 PID: 15535 Comm: syz.0.2026 Not tainted syzkaller #0 PREEMPT(full) [ 955.361590][T15535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 955.361602][T15535] Call Trace: [ 955.361608][T15535] [ 955.361615][T15535] dump_stack_lvl+0x16c/0x1f0 [ 955.361647][T15535] should_fail_ex+0x512/0x640 [ 955.361668][T15535] get_futex_key+0x1d0/0x1560 [ 955.361692][T15535] ? get_pid_task+0x106/0x250 [ 955.361718][T15535] ? __pfx_get_futex_key+0x10/0x10 [ 955.361738][T15535] ? rcu_is_watching+0x12/0xc0 [ 955.361758][T15535] ? kfree+0x24f/0x4d0 [ 955.361782][T15535] futex_wake+0xea/0x530 [ 955.361812][T15535] ? __pfx_futex_wake+0x10/0x10 [ 955.361839][T15535] ? __pfx_vfs_writev+0x10/0x10 [ 955.361857][T15535] ? __mutex_lock+0x1c5/0x1060 [ 955.361875][T15535] ? do_writev+0x218/0x340 [ 955.361898][T15535] do_futex+0x1e3/0x350 [ 955.361921][T15535] ? __pfx_do_futex+0x10/0x10 [ 955.361943][T15535] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 955.361978][T15535] __x64_sys_futex+0x1e0/0x4c0 [ 955.362005][T15535] ? __pfx___x64_sys_futex+0x10/0x10 [ 955.362029][T15535] ? __pfx_do_writev+0x10/0x10 [ 955.362060][T15535] do_syscall_64+0xcd/0x4c0 [ 955.362078][T15535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 955.362096][T15535] RIP: 0033:0x7f316718eba9 [ 955.362110][T15535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 955.362128][T15535] RSP: 002b:00007f3167f700e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 955.362146][T15535] RAX: ffffffffffffffda RBX: 00007f31673d6098 RCX: 00007f316718eba9 [ 955.362158][T15535] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f31673d609c [ 955.362169][T15535] RBP: 00007f31673d6090 R08: 00007f3167f92000 R09: 0000000000000000 [ 955.362180][T15535] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 955.362191][T15535] R13: 00007f31673d6128 R14: 00007ffebad7fa20 R15: 00007ffebad7fb08 [ 955.362214][T15535] [ 955.706702][T15522] ACPI Error: ffff8880415b7000 walk still has a scope list (20250404/dswstate-694) [ 955.787923][T15522] Process accounting resumed [ 956.057345][T13958] Bluetooth: hci2: unexpected event 0x0f length: 440 > 4 [ 956.058340][T13958] Bluetooth: hci2: unexpected event for opcode 0x0010 [ 956.578946][T15548] binder: 15543:15548 ioctl c0306201 200000001040 returned -14 [ 956.682551][T13958] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 956.693299][T13958] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 956.701770][T13958] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 956.718076][T13958] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 956.729300][T13958] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 956.843983][T15544] random: crng reseeded on system resumption [ 957.333994][T15551] chnl_net:caif_netlink_parms(): no params data found [ 957.884054][T15551] bridge0: port 1(bridge_slave_0) entered blocking state [ 957.919720][T15551] bridge0: port 1(bridge_slave_0) entered disabled state [ 957.927159][T15551] bridge_slave_0: entered allmulticast mode [ 957.982657][T15551] bridge_slave_0: entered promiscuous mode [ 958.051898][T15551] bridge0: port 2(bridge_slave_1) entered blocking state [ 958.088680][T15551] bridge0: port 2(bridge_slave_1) entered disabled state [ 958.123821][T15551] bridge_slave_1: entered allmulticast mode [ 958.172501][T15551] bridge_slave_1: entered promiscuous mode [ 958.362880][T15551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 958.422842][T15551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 958.527724][T15572] netlink: 146 bytes leftover after parsing attributes in process `syz.2.2035'. [ 958.698371][T15573] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2035'. [ 958.737847][T15551] team0: Port device team_slave_0 added [ 958.771171][T15551] team0: Port device team_slave_1 added [ 958.825745][T13958] Bluetooth: hci5: command tx timeout [ 958.860542][T15576] netlink: 146 bytes leftover after parsing attributes in process `syz.2.2035'. [ 958.888401][T13965] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 958.902542][T13965] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 958.913172][T13965] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 958.923686][T13965] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 958.932255][T13965] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 958.995082][T15551] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 959.015656][T15551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 959.085679][T15551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 959.127584][T15551] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 959.150040][T15551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 959.233760][T15551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 959.387840][T15580] FAULT_INJECTION: forcing a failure. [ 959.387840][T15580] name failslab, interval 1, probability 0, space 0, times 0 [ 959.421193][T15583] FAULT_INJECTION: forcing a failure. [ 959.421193][T15583] name failslab, interval 1, probability 0, space 0, times 0 [ 959.458350][T15551] hsr_slave_0: entered promiscuous mode [ 959.466891][T15583] CPU: 0 UID: 0 PID: 15583 Comm: syz.0.2037 Not tainted syzkaller #0 PREEMPT(full) [ 959.466920][T15583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 959.466932][T15583] Call Trace: [ 959.466938][T15583] [ 959.466945][T15583] dump_stack_lvl+0x16c/0x1f0 [ 959.466978][T15583] should_fail_ex+0x512/0x640 [ 959.466995][T15583] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 959.467024][T15583] should_failslab+0xc2/0x120 [ 959.467050][T15583] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 959.467075][T15583] ? ip_vs_est_add_kthread+0x5b7/0x850 [ 959.467110][T15583] krealloc_noprof+0x1ff/0x3a0 [ 959.467135][T15583] ip_vs_est_add_kthread+0x5b7/0x850 [ 959.467177][T15583] ip_vs_start_estimator+0x250/0x430 [ 959.467197][T15583] ip_vs_control_net_init+0x158c/0x1d20 [ 959.467225][T15583] __ip_vs_init+0x217/0x520 [ 959.467250][T15583] ? __pfx___ip_vs_init+0x10/0x10 [ 959.467274][T15583] ops_init+0x1df/0x5f0 [ 959.467294][T15583] setup_net+0x10f/0x380 [ 959.467309][T15583] ? lockdep_init_map_type+0x5c/0x280 [ 959.467336][T15583] ? __pfx_setup_net+0x10/0x10 [ 959.467354][T15583] ? debug_mutex_init+0x37/0x70 [ 959.467379][T15583] copy_net_ns+0x2a6/0x5f0 [ 959.467402][T15583] create_new_namespaces+0x3ea/0xa90 [ 959.467429][T15583] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 959.467452][T15583] ksys_unshare+0x45b/0xa40 [ 959.467478][T15583] ? __pfx_ksys_unshare+0x10/0x10 [ 959.467505][T15583] ? xfd_validate_state+0x61/0x180 [ 959.467538][T15583] __x64_sys_unshare+0x31/0x40 [ 959.467563][T15583] do_syscall_64+0xcd/0x4c0 [ 959.467581][T15583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 959.467600][T15583] RIP: 0033:0x7f316718eba9 [ 959.467614][T15583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 959.467632][T15583] RSP: 002b:00007f3167f91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 959.467650][T15583] RAX: ffffffffffffffda RBX: 00007f31673d5fa0 RCX: 00007f316718eba9 [ 959.467661][T15583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 959.467672][T15583] RBP: 00007f3167211e19 R08: 0000000000000000 R09: 0000000000000000 [ 959.467683][T15583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 959.467694][T15583] R13: 00007f31673d6038 R14: 00007f31673d5fa0 R15: 00007ffebad7fb08 [ 959.467716][T15583] [ 959.707737][T15580] CPU: 0 UID: 0 PID: 15580 Comm: syz.2.2036 Not tainted syzkaller #0 PREEMPT(full) [ 959.707766][T15580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 959.707778][T15580] Call Trace: [ 959.707784][T15580] [ 959.707791][T15580] dump_stack_lvl+0x16c/0x1f0 [ 959.707825][T15580] should_fail_ex+0x512/0x640 [ 959.707843][T15580] ? __kmalloc_noprof+0xbf/0x510 [ 959.707867][T15580] ? fib6_info_alloc+0x40/0x160 [ 959.707887][T15580] should_failslab+0xc2/0x120 [ 959.707912][T15580] __kmalloc_noprof+0xd2/0x510 [ 959.707931][T15580] ? lockdep_hardirqs_on+0x7c/0x110 [ 959.707960][T15580] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 959.707990][T15580] ? __percpu_counter_init_many+0x2c1/0x3b0 [ 959.708023][T15580] fib6_info_alloc+0x40/0x160 [ 959.708044][T15580] ip6_route_net_init+0x85/0x8b0 [ 959.708062][T15580] ? inet_peer_base_init+0x76/0x120 [ 959.708088][T15580] ? __pfx_ip6_route_net_init+0x10/0x10 [ 959.708106][T15580] ops_init+0x1df/0x5f0 [ 959.708126][T15580] setup_net+0x10f/0x380 [ 959.708141][T15580] ? lockdep_init_map_type+0x5c/0x280 [ 959.708168][T15580] ? __pfx_setup_net+0x10/0x10 [ 959.708186][T15580] ? debug_mutex_init+0x37/0x70 [ 959.708206][T15580] copy_net_ns+0x2a6/0x5f0 [ 959.708237][T15580] create_new_namespaces+0x3ea/0xa90 [ 959.708264][T15580] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 959.708288][T15580] ksys_unshare+0x45b/0xa40 [ 959.708315][T15580] ? __pfx_ksys_unshare+0x10/0x10 [ 959.708341][T15580] ? xfd_validate_state+0x61/0x180 [ 959.708377][T15580] __x64_sys_unshare+0x31/0x40 [ 959.708402][T15580] do_syscall_64+0xcd/0x4c0 [ 959.708421][T15580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 959.708439][T15580] RIP: 0033:0x7f62ac98eba9 [ 959.708454][T15580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 959.708472][T15580] RSP: 002b:00007f62ad876038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 959.708491][T15580] RAX: ffffffffffffffda RBX: 00007f62acbd5fa0 RCX: 00007f62ac98eba9 [ 959.708502][T15580] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 959.708513][T15580] RBP: 00007f62aca11e19 R08: 0000000000000000 R09: 0000000000000000 [ 959.708524][T15580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 959.708534][T15580] R13: 00007f62acbd6038 R14: 00007f62acbd5fa0 R15: 00007ffce2414d68 [ 959.708557][T15580] [ 960.308585][T13965] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 960.318832][T13965] Bluetooth: hci2: Injecting HCI hardware error event [ 960.330645][T13965] Bluetooth: hci2: hardware error 0x00 [ 960.417285][T15551] hsr_slave_1: entered promiscuous mode [ 960.426088][T15551] debugfs: 'hsr0' already exists in 'hsr' [ 960.432888][T15551] Cannot create hsr debugfs directory [ 960.894003][T13958] Bluetooth: hci5: command tx timeout [ 960.900311][T15593] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 960.973757][T13958] Bluetooth: hci6: command tx timeout [ 961.141232][T15577] chnl_net:caif_netlink_parms(): no params data found [ 961.631464][T15577] bridge0: port 1(bridge_slave_0) entered blocking state [ 961.670228][T15577] bridge0: port 1(bridge_slave_0) entered disabled state [ 961.677472][T15577] bridge_slave_0: entered allmulticast mode [ 961.720973][T15577] bridge_slave_0: entered promiscuous mode [ 961.755154][T15577] bridge0: port 2(bridge_slave_1) entered blocking state [ 961.796090][T15577] bridge0: port 2(bridge_slave_1) entered disabled state [ 961.836041][T15577] bridge_slave_1: entered allmulticast mode [ 961.852454][T15577] bridge_slave_1: entered promiscuous mode [ 961.994783][T15577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 962.060561][T15577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 962.097947][T15551] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 962.148901][T15551] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 962.294738][T15551] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 962.337158][T15577] team0: Port device team_slave_0 added [ 962.355895][T15551] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 962.407643][T13965] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 962.415670][T15577] team0: Port device team_slave_1 added [ 962.581754][T15577] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 962.602736][T15577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 962.666271][T15577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 962.701457][T15577] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 962.722255][T15577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 962.794199][T15577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 962.907521][T15577] hsr_slave_0: entered promiscuous mode [ 962.928423][T15577] hsr_slave_1: entered promiscuous mode [ 962.956433][T15577] debugfs: 'hsr0' already exists in 'hsr' [ 962.964505][T13958] Bluetooth: hci5: command tx timeout [ 962.987558][T15577] Cannot create hsr debugfs directory [ 963.043434][T13958] Bluetooth: hci6: command tx timeout [ 963.322701][T15551] 8021q: adding VLAN 0 to HW filter on device bond0 [ 963.438804][T15551] 8021q: adding VLAN 0 to HW filter on device team0 [ 963.533816][T15081] bridge0: port 1(bridge_slave_0) entered blocking state [ 963.541230][T15081] bridge0: port 1(bridge_slave_0) entered forwarding state [ 963.595445][T14031] bridge0: port 2(bridge_slave_1) entered blocking state [ 963.602679][T14031] bridge0: port 2(bridge_slave_1) entered forwarding state [ 963.661043][T15577] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 963.707011][T15577] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 963.754265][T15577] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 963.796039][T15577] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 963.855382][T15620] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 963.869539][T15620] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 963.892329][T15620] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 963.917029][T15620] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 963.936253][T15551] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 963.959447][T15620] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 963.972379][T15620] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 964.044280][T15620] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 964.065260][T15620] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 964.126840][T15620] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 964.277327][T15577] 8021q: adding VLAN 0 to HW filter on device bond0 [ 964.368898][T15577] 8021q: adding VLAN 0 to HW filter on device team0 [ 964.430497][T13957] bridge0: port 1(bridge_slave_0) entered blocking state [ 964.437672][T13957] bridge0: port 1(bridge_slave_0) entered forwarding state [ 964.521176][T13957] bridge0: port 2(bridge_slave_1) entered blocking state [ 964.528370][T13957] bridge0: port 2(bridge_slave_1) entered forwarding state [ 964.649065][T15551] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 964.683372][T15644] FAULT_INJECTION: forcing a failure. [ 964.683372][T15644] name failslab, interval 1, probability 0, space 0, times 0 [ 964.773993][T15644] CPU: 0 UID: 0 PID: 15644 Comm: syz.0.2045 Not tainted syzkaller #0 PREEMPT(full) [ 964.774022][T15644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 964.774033][T15644] Call Trace: [ 964.774039][T15644] [ 964.774046][T15644] dump_stack_lvl+0x16c/0x1f0 [ 964.774090][T15644] should_fail_ex+0x512/0x640 [ 964.774109][T15644] ? fs_reclaim_acquire+0xae/0x150 [ 964.774139][T15644] ? tomoyo_open_control+0x51f/0xa30 [ 964.774157][T15644] should_failslab+0xc2/0x120 [ 964.774182][T15644] __kmalloc_noprof+0xd2/0x510 [ 964.774210][T15644] tomoyo_open_control+0x51f/0xa30 [ 964.774232][T15644] do_dentry_open+0x982/0x1530 [ 964.774256][T15644] ? __pfx_tomoyo_open+0x10/0x10 [ 964.774289][T15644] vfs_open+0x82/0x3f0 [ 964.774318][T15644] path_openat+0x1de4/0x2cb0 [ 964.774347][T15644] ? __pfx_path_openat+0x10/0x10 [ 964.774375][T15644] do_filp_open+0x20b/0x470 [ 964.774397][T15644] ? __pfx_do_filp_open+0x10/0x10 [ 964.774434][T15644] ? alloc_fd+0x471/0x7d0 [ 964.774459][T15644] do_sys_openat2+0x11b/0x1d0 [ 964.774487][T15644] ? __pfx_do_sys_openat2+0x10/0x10 [ 964.774524][T15644] __x64_sys_openat+0x174/0x210 [ 964.774540][T15644] ? __pfx___x64_sys_openat+0x10/0x10 [ 964.774565][T15644] do_syscall_64+0xcd/0x4c0 [ 964.774583][T15644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.774602][T15644] RIP: 0033:0x7f316718eba9 [ 964.774617][T15644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 964.774635][T15644] RSP: 002b:00007f3167f91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 964.774652][T15644] RAX: ffffffffffffffda RBX: 00007f31673d5fa0 RCX: 00007f316718eba9 [ 964.774664][T15644] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 964.774675][T15644] RBP: 00007f3167211e19 R08: 0000000000000000 R09: 0000000000000000 [ 964.774686][T15644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 964.774696][T15644] R13: 00007f31673d6038 R14: 00007f31673d5fa0 R15: 00007ffebad7fb08 [ 964.774718][T15644] [ 965.427807][T15654] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2047'. [ 965.466831][T13958] Bluetooth: hci0: command 0x0c1a tx timeout [ 965.695675][T15577] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 965.908799][T13958] Bluetooth: hci5: command 0x0c1a tx timeout [ 965.914864][T13965] Bluetooth: hci4: command 0x0c1a tx timeout [ 965.925193][T13965] Bluetooth: hci1: command 0x0c1a tx timeout [ 966.068320][T15664] Bluetooth: hci6: command 0x0419 tx timeout [ 966.810180][T15551] veth0_vlan: entered promiscuous mode [ 966.841051][T15577] veth0_vlan: entered promiscuous mode [ 966.864244][T15551] veth1_vlan: entered promiscuous mode [ 966.897058][T15577] veth1_vlan: entered promiscuous mode [ 966.954178][T15551] veth0_macvtap: entered promiscuous mode [ 966.988975][T15551] veth1_macvtap: entered promiscuous mode [ 967.042830][T15577] veth0_macvtap: entered promiscuous mode [ 967.074169][T15577] veth1_macvtap: entered promiscuous mode [ 967.106225][T15551] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 967.144626][T15551] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 967.203638][T15577] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 967.214654][T13968] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.232129][T13968] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.269223][T15577] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 967.289312][T13968] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.336985][T13968] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.366212][T15081] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.420443][T15081] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.429446][T15081] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.482030][T15081] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.751422][T13957] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 967.781548][T13957] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 967.817359][T14075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 967.862918][T14075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 967.978287][T15664] Bluetooth: hci5: command 0x0c1a tx timeout [ 968.040843][T13968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 968.079394][T13957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 968.092834][T13968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 968.123093][T13957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 968.137041][ T31] INFO: task kworker/u10:1:13960 blocked for more than 142 seconds. [ 968.148010][T15664] Bluetooth: hci6: command 0x0419 tx timeout SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 968.189218][ T31] Not tainted syzkaller #0 [ 968.242746][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 968.307582][ T31] task:kworker/u10:1 state:D stack:26952 pid:13960 tgid:13960 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 968.350070][T13968] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1404 with max blocks 1 with error 117 [ 968.395039][ T31] Workqueue: netns cleanup_net [ 968.399863][ T31] Call Trace: [ 968.422603][T13968] EXT4-fs (sda1): This should not happen!! Data will be lost [ 968.422603][T13968] [ 968.446852][ T31] [ 968.449821][ T31] __schedule+0x1190/0x5de0 [ 968.573576][ T31] ? __lock_acquire+0x62e/0x1ce0 [ 968.593819][ T31] ? __pfx___schedule+0x10/0x10 [ 968.599454][ T31] ? find_held_lock+0x2b/0x80 [ 968.643638][ T31] ? schedule+0x2d7/0x3a0 [ 968.648330][ T31] schedule+0xe7/0x3a0 [ 968.652582][ T31] schedule_timeout+0x257/0x290 [ 968.692453][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 968.700795][ T31] ? mark_held_locks+0x49/0x80 [ 968.716854][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 968.722475][ T31] __wait_for_common+0x2fc/0x4e0 [ 968.753114][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 968.758639][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 968.789365][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 968.804245][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 968.816176][ T31] __flush_workqueue+0x3e2/0x1230 [ 968.821429][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 968.829177][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 968.835029][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 968.840690][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 968.846523][ T31] rds_tcp_listen_stop+0x104/0x150 [ 968.851651][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 968.858353][ T31] rds_tcp_exit_net+0xcb/0x810 [ 968.863484][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 968.868867][ T31] ? __pfx___might_resched+0x10/0x10 [ 968.875384][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 968.882879][ T31] ops_undo_list+0x2eb/0xab0 [ 968.887585][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 968.896850][ T31] ? cleanup_net+0x334/0x890 [ 968.901462][ T31] ? idr_destroy+0x62/0x2e0 [ 968.906511][ T31] cleanup_net+0x408/0x890 [ 968.911197][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 968.918218][ T31] ? rcu_is_watching+0x12/0xc0 [ 968.923685][ T31] process_one_work+0x9cf/0x1b70 [ 968.929924][ T31] ? __pfx_process_one_work+0x10/0x10 [ 968.937233][ T31] ? assign_work+0x1a0/0x250 [ 968.942203][ T31] worker_thread+0x6c8/0xf10 [ 968.946894][ T31] ? __pfx_worker_thread+0x10/0x10 [ 968.952525][ T31] kthread+0x3c5/0x780 [ 968.956786][ T31] ? __pfx_kthread+0x10/0x10 [ 968.961477][ T31] ? rcu_is_watching+0x12/0xc0 [ 968.966680][ T31] ? __pfx_kthread+0x10/0x10 [ 968.971300][ T31] ret_from_fork+0x56d/0x730 [ 968.976604][ T31] ? __pfx_kthread+0x10/0x10 [ 968.984171][ T31] ret_from_fork_asm+0x1a/0x30 [ 968.989066][ T31] [ 969.050038][ T31] [ 969.050038][ T31] Showing all locks held in the system: [ 969.095969][ T31] 1 lock held by khungtaskd/31: [ 969.109021][ T31] #0: ffffffff8e5c1420 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 969.135653][ T31] 3 locks held by kworker/u10:1/13960: [ 969.151137][ T31] #0: ffff88801c6fe948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 969.180780][ T31] #1: ffffc90003cdfd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 969.201607][ T31] #2: ffffffff90372510 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 969.230585][ T31] 1 lock held by syz.1.1761/14053: [ 969.238732][ T31] #0: ffffffff90372510 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 969.270568][ T31] 3 locks held by kworker/u10:5/14075: [ 969.276052][ T31] #0: ffff88801b889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 969.300462][ T31] #1: ffffc900036c7d10 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 969.330650][ T31] #2: ffffffff90388808 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0 [ 969.342068][ T31] 3 locks held by kworker/u10:7/15081: [ 969.347646][ T31] #0: ffff88814cd03948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 969.380749][ T31] #1: ffffc900047afd10 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 969.396230][ T31] #2: ffffffff90388808 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x120/0x14e0 [ 969.406952][ T31] 1 lock held by syz.3.2000/15391: [ 969.416597][ T31] #0: ffffffff90372510 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 969.426876][ T31] 1 lock held by syz.3.2000/15393: [ 969.433073][ T31] #0: ffffffff90372510 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 969.444084][ T31] 1 lock held by syz.4.2002/15413: [ 969.449217][ T31] #0: ffffffff90372510 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 969.459196][ T31] 2 locks held by getty/15434: [ 969.464426][ T31] #0: ffff88814da050a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 969.478100][ T31] #1: ffffc90002f902f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 969.492755][ T31] 1 lock held by syz-executor/15577: [ 969.498117][ T31] #0: ffffffff8e5cc9b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 969.509866][ T31] 1 lock held by syz.0.2056/15678: [ 969.515078][ T31] #0: ffffffff90388808 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 969.524913][ T31] 1 lock held by syz.2.2050/15685: [ 969.532133][ T31] #0: ffffffff90388808 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 969.609520][ T31] [ 969.611884][ T31] ============================================= [ 969.611884][ T31] [ 969.672674][ T31] NMI backtrace for cpu 0 [ 969.672693][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 969.672714][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 969.672725][ T31] Call Trace: [ 969.672731][ T31] [ 969.672738][ T31] dump_stack_lvl+0x116/0x1f0 [ 969.672770][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 969.672791][ T31] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 969.672818][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 969.672846][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 969.672871][ T31] watchdog+0xf0e/0x1260 [ 969.672901][ T31] ? __pfx_watchdog+0x10/0x10 [ 969.672927][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 969.672954][ T31] ? __kthread_parkme+0x19e/0x250 [ 969.672979][ T31] ? __pfx_watchdog+0x10/0x10 [ 969.673005][ T31] kthread+0x3c5/0x780 [ 969.673032][ T31] ? __pfx_kthread+0x10/0x10 [ 969.673060][ T31] ? rcu_is_watching+0x12/0xc0 [ 969.673079][ T31] ? __pfx_kthread+0x10/0x10 [ 969.673106][ T31] ret_from_fork+0x56d/0x730 [ 969.673133][ T31] ? __pfx_kthread+0x10/0x10 [ 969.673160][ T31] ret_from_fork_asm+0x1a/0x30 [ 969.673190][ T31] [ 969.673199][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 969.798732][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 969.808236][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 969.818567][ T31] Call Trace: [ 969.821973][ T31] [ 969.824930][ T31] dump_stack_lvl+0x3d/0x1f0 [ 969.829652][ T31] vpanic+0x6e8/0x7a0 [ 969.833664][ T31] ? __pfx_vpanic+0x10/0x10 [ 969.838221][ T31] panic+0xca/0xd0 [ 969.841979][ T31] ? __pfx_panic+0x10/0x10 [ 969.846528][ T31] ? nmi_backtrace_stall_check+0x6e/0x540 [ 969.852537][ T31] ? irq_work_queue+0xce/0x100 [ 969.857322][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 969.863418][ T31] ? __wake_up_klogd.part.0+0x99/0xf0 [ 969.868817][ T31] ? watchdog+0xd78/0x1260 [ 969.873320][ T31] ? watchdog+0xd6b/0x1260 [ 969.877836][ T31] watchdog+0xd89/0x1260 [ 969.882119][ T31] ? __pfx_watchdog+0x10/0x10 [ 969.886803][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 969.892012][ T31] ? __kthread_parkme+0x19e/0x250 [ 969.897054][ T31] ? __pfx_watchdog+0x10/0x10 [ 969.901848][ T31] kthread+0x3c5/0x780 [ 969.906057][ T31] ? __pfx_kthread+0x10/0x10 [ 969.910826][ T31] ? rcu_is_watching+0x12/0xc0 [ 969.915685][ T31] ? __pfx_kthread+0x10/0x10 [ 969.920380][ T31] ret_from_fork+0x56d/0x730 [ 969.925081][ T31] ? __pfx_kthread+0x10/0x10 [ 969.929862][ T31] ret_from_fork_asm+0x1a/0x30 [ 969.934667][ T31] [ 969.937746][ T31] Kernel Offset: disabled [ 969.942199][ T31] Rebooting in 86400 seconds..