last executing test programs: 10m11.223500774s ago: executing program 0 (id=3511): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/nilfs2/features/README\x00', 0x40, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ptrace$auto(0x10, r0, 0x4, 0x7ff) ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r0, 0x3, 0x1) 10m10.943973145s ago: executing program 0 (id=3514): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r1, 0x4008ae6a, r2) 10m10.725390129s ago: executing program 0 (id=3516): close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram5\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, 0x0, 0x0) 10m10.441963395s ago: executing program 0 (id=3518): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 10m10.158272174s ago: executing program 0 (id=3520): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x3, 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x20000, 0x0) read$auto(0x3, 0x0, 0x80) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto(r0, 0x0, 0x9) 10m9.402813359s ago: executing program 0 (id=3528): r0 = socket$nl_generic(0x10, 0x3, 0x10) write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a8", 0x163) r1 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x4000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4040044}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x60, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000080), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 10m9.015867909s ago: executing program 32 (id=3528): r0 = socket$nl_generic(0x10, 0x3, 0x10) write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a8", 0x163) r1 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x4000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4040044}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x60, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000080), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3m3.157182323s ago: executing program 2 (id=6362): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0xffffffffffffffff) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x5, 0x0) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x7ffffffff000}, 0x1) close_range$auto(0x2, 0xa, 0x0) 3m2.773008215s ago: executing program 2 (id=6366): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/misc/hw_random/rng_current\x00', 0x129102, 0x0) sendfile$auto(r0, 0x3, 0x0, 0x7cc) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040), 0x8000, 0x1}, 0x8}, 0x1, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0) 3m2.547526694s ago: executing program 2 (id=6369): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) r0 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x24, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x80) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="090027bd7000fbdbdf250200000008000800", @ANYRES32=r4, @ANYBLOB="140001800800020006000000080001"], 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0xc050) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x3, 0x0, 0x7, 0xa505}, 0x8800}, 0x80000000, 0x4008) 3m2.296334575s ago: executing program 2 (id=6372): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48282, 0x0) ioctl$auto_IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(0xffffffffffffffff, 0x7b0, 0x0) setresuid$auto(0x0, 0x0, 0xffffffffffffffff) prctl$auto_PR_SET_MM_START_STACK(0x80000000, 0x5, 0x0, 0x2, 0x1) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x6) socket(0x2, 0x1, 0x106) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, 0x0, 0x1102, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b58", 0x7) 3m2.154449622s ago: executing program 2 (id=6374): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}}) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 3m2.006743352s ago: executing program 2 (id=6377): mmap$auto(0x6, 0x9, 0x6, 0x32d4, 0x10000, 0x80000001) open(0x0, 0x64842, 0x0) epoll_ctl$auto(0x5, 0x3, 0xffffffffffffffff, 0x0) ioctl$auto(0xc8, 0xffffffff800454dd, 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 2m58.674756491s ago: executing program 4 (id=6405): mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x5) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ip6tnl0/name_assign_type\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x3, 0xae60, 0x10000000000402) r2 = socket$nl_generic(0x10, 0x3, 0x10) statfs$auto(&(0x7f0000000180)='}[,&*}\x00', 0x0) ioctl$auto(r1, 0x4008ae6a, r2) 2m47.038985359s ago: executing program 33 (id=6377): mmap$auto(0x6, 0x9, 0x6, 0x32d4, 0x10000, 0x80000001) open(0x0, 0x64842, 0x0) epoll_ctl$auto(0x5, 0x3, 0xffffffffffffffff, 0x0) ioctl$auto(0xc8, 0xffffffff800454dd, 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 2m47.02635445s ago: executing program 4 (id=6407): close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x18, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_marker_raw\x00', 0x401, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/midi2\x00', 0x280040, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xd, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffe]}, 0x0) 2m46.797967825s ago: executing program 4 (id=6399): mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) io_uring_setup$auto(0x86, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4008ae8a, 0x0) 2m46.342073438s ago: executing program 4 (id=6402): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) shmat$auto(0x0, 0x0, 0xfffffffa) shmdt$auto(0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/failslab/probability\x00', 0x22042, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) write$auto(0x3, 0x0, 0x100082) 2m45.685208764s ago: executing program 4 (id=6406): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x1d, 0x2, 0x1fc7) bind$auto(r1, 0x0, 0x6a) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) statmount$auto(0x0, 0x0, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) 2m45.365269s ago: executing program 4 (id=6411): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105", 0x7af) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x40000006, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r1, 0x0, 0x1ff) 2m30.0128584s ago: executing program 34 (id=6411): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105", 0x7af) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x40000006, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r1, 0x0, 0x1ff) 7.373549447s ago: executing program 6 (id=7156): pread64$auto(0xffffffffffffffff, 0x0, 0x1fffe001, 0xb) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, 0x0) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x2, 0x88) r2 = socket(0x10, 0x2, 0xc) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYBLOB="01"], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 6.92572093s ago: executing program 6 (id=7159): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x40, r4, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x24, 0x3, 0x0, 0x1, [@nested={0x20, 0x1, 0x0, 0x1, [@nested={0x19, 0x12d, 0x0, 0x1, [@typed={0x8, 0xb5, 0x0, 0x0, @pid}, @generic="b04e844ea904ebea19", @nested={0x4, 0x8a}]}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x4000844) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x18, r5, 0x1, 0x70bd31, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}]}, 0x18}}, 0x24048004) socket$nl_generic(0x10, 0x3, 0x10) 6.771725178s ago: executing program 5 (id=7161): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), r0) sendmsg$auto_TIPC_NL_MEDIA_GET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)={0x14, r1, 0x701, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/macvtap0/disable_policy\x00', 0xc0002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0xca, 0x0, 0x2d9) close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x40800) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x7bdb, 0x19) madvise$auto(0x108000, 0x800032, 0x4) madvise$auto(0x0, 0x200007, 0x19) 5.853170907s ago: executing program 6 (id=7163): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x80) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x101000, 0x0) getpid() ioctl$auto_MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, 0x0) 5.014209958s ago: executing program 5 (id=7166): socket(0x15, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = socket(0x23, 0x80805, 0x0) bind$auto(r1, &(0x7f0000000000)=@in={0x2, 0x4e22, @remote}, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x22100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x37, 0xa, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x7, 0x3, 0x800, 0x80000023, 0x200000000000007, 0x6d42, 0xc, 0x2495dae0, 0x6]}, 0x0) 4.43038181s ago: executing program 6 (id=7169): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x71) listen$auto(r1, 0x4) r2 = accept$auto(0x3, 0x0, 0x0) r3 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x7ffe, 0x1}, 0xca15}, 0x8, 0x20000000) close_range$auto(0x2, 0xa, 0x0) write$auto_rb_simple_fops_trace(r2, &(0x7f0000000580)="15798a18f864f015bf33b7fb52ab73a6b4258bafdeb4e5d55dd5eb944701175de4116ac3ebbb8d7342bef9ddde34fd1a33dbf6c0f2ef5fd041ed010071c4f2da0b2387c227c3766394d344ace180217c4388d3843813d5a4ffffffff923d047bd852296409d5aaad4d610753656a6f5885585b2ed09d6f2fcfedebbba05c5d649892b0cf0ad3cff1d96931af4c94cc62892b0b23552ee5326db2129fdcc064ec0d91ee31c50bd1f81065cbff8652b82d084d9057d1718f1d0e9a22b9ae789bda84f8dcd8e5d8b3b8b204f1afbbdeab689228452e3b799733f97cbb681d63e0b02cf21bfa9a055183aff5eb240cdf7e6ebc2f52b076aabe0f83f4a1758797790a9c87555c2e3b8b2c5d14c1784040b2aabf05f107227cfc23a2a52e4dfe72164f1e4e6b3a0dd16b4acea87afc26387e740ff1b9264ebdb690e60256947f3949f626eb93e5f6de5aa8ea7e2ea2750c9e7033e1f4c8d5f352fc4ac1a1a664daf193ecc361e55f880dc4cae3ee752d1deb660000000000000000000000000000000000000000d1fb47f6462d0632bf1ca4b6435769a6eeffde1fa0d681692405cd1de0c5f881387b1075e43eb211508858c3610d0f384e2019c5b66ba2b56fe07391ab17ab2c014b3e8a64e8e1672d1c3d91ab895097b3ce88f3fffc8bd52772ec3b4d1da24858a5c52fd35080cbc13ea12fdd8d2e8de17c9caa1a19779fa48e3f0fb43e0bdc44a3612cfff8371cf16a929be9a12c39bbef9052c69cdc9421ffaa00373cf449daff652b61a9", 0xffffff1d) 3.91102857s ago: executing program 1 (id=7170): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x2, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1ff, r0, @relative_id=0x13, 0xe600}, 0xf) r3 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) r4 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r4, r4, 0x0) 3.576873358s ago: executing program 1 (id=7171): socket(0x2, 0x2, 0x1) setresuid$auto(0x8, 0x8, 0x0) r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x801, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) fsopen$auto(0x0, 0x1) r2 = epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) epoll_ctl$auto(r2, 0x40008, r1, 0x0) 3.352973729s ago: executing program 5 (id=7172): r0 = socket$nl_generic(0x10, 0x3, 0x10) fsconfig$auto(r0, 0x2, 0x0, 0x0, 0x0) pidfd_open$auto(0x0, 0xfffffffe) mmap$auto(0x0, 0x4020009, 0xdb, 0x2000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyr4\x00', 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000840)="13") ioctl$auto_TIOCSTI2(r1, 0x5412, 0x0) 3.330739657s ago: executing program 6 (id=7173): r0 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0) pread64$auto(r1, 0x0, 0x9, 0x1) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x2004c0c4) read$auto(r2, 0x0, 0x100) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D2\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_clone(0x2040000, 0x0, 0x0, 0x0, 0x0, 0x0) execveat$auto(r0, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x11000) 3.111291639s ago: executing program 3 (id=7174): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) adjtimex$auto(&(0x7f0000000000)={0x1ff, 0x0, 0xff, 0x6, 0x8, 0x0, 0x10, 0x0, 0x2, 0xbf, 0x1f6a, {0x0, 0x3}, 0x9, 0x1, 0x2, 0x6, 0x0, 0x8, 0x545, 0x1, 0x0, 0x8}) read$auto(0x3, 0x0, 0x80) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000080)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000000), 0x7f}, 0x6, 0x0) ioctl$auto(0x3, 0xc0585605, 0x38) 2.650458434s ago: executing program 3 (id=7175): mmap$auto(0x0, 0xfe2, 0x7, 0xeb1, 0x404, 0x10008000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) r2 = socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_fd=r2, 0xd}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0x4) r3 = open(0x0, 0x261c2, 0x84) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) 2.446100603s ago: executing program 1 (id=7176): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES8=r3, @ANYBLOB="18000000", @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x40000f0) write$auto(r2, &(0x7f0000000000)='-\x00', 0x30) 2.371179009s ago: executing program 3 (id=7177): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) ioctl$auto_SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045035, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mount$auto(&(0x7f0000000000)='veth1_vlan\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000240)='hfs\x00\x81\xe2\xde\xa8\xb7\xc4G[*}\xaa{\xf1\x86\xf7d@\xe8Y\xea\xb1H\x01\xff\"^\'6\xba\xa9s\x1d\xf4\xe1i\xc5\xb6_B\xa7KFS\xc1\xa7\x8e*h\xe3\x8b\x7f\xca\xfcNEi\x84?\x82\xff\xf2\xac\xd1\xee\xf4\x9a?\xac\x11\x88\aO\x84\xe6k\a\x9bY\xddx\xb8\xdf\vHv\xb5\f\xbc\b\xc0\xfa\xc0\xfe\xa6\xce\xbd\x03\x00\x93\xdc4\x97\xce\xd5&\x93\xae\x05q\xe9\xa8?\x00\xbdi\x88q\xd0w\xfd@\r\xce\xe4\xadrt`\xf8`b\xbf\xeci\x93a\xc6o\x9ej\xe4\xa3\x9d\xaa\xe1\xe1N\n\xbcq\n[\"5\xd4\xa6\x96#).\xbd\x8aD\x88>8J\v\xb5\x99H\xc5\a\xc9\xcf\xbc\x85\xbf\x85\x81\x0f\x7f8\x11\xdbK\xf3\xc2#\x18 \xdf\x05\xcd\xbb\xc03_\xb7Q@\xf2G', 0x7, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x6a742, 0x0) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) 2.272978123s ago: executing program 5 (id=7178): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSA(r0, 0x0, 0x48845) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x8000, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) 1.978310506s ago: executing program 3 (id=7179): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/netfilter/nf_hooks_lwtunnel\x00', 0x101001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x85, 0x10005, 0x0, 0x0, 0x10000007) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r1, 0x11, 0x64, 0x0, 0x8) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @remote}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) 1.865168829s ago: executing program 1 (id=7180): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) socket(0x2, 0x801, 0x106) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0xfffffffe}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x7ff, 0x1, 0x400000000009, 0xc4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x3, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0xd, 0x1, 0x71, 0x0, 0x8, 0x2, 0x3, 0xffffffffffffffff, 0x2d7, 0x1, 0x1, 0x6, 0x2, 0x800000001, 0x6, 0x7, 0x0, 0x6, 0x4, 0x3, 0x40a, 0xd, 0x3fd, 0x8, 0x7, 0xffff, 0x50ce0883, 0xbd9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x1, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x8000002, 0x8, 0x1, 0x3, 0x3, 0x5, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x4, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x100, 0x8001, 0x0, 0x1, 0x7, 0x9, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff8, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}}) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x10, 0x2, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0) 1.241896491s ago: executing program 3 (id=7181): socket(0x15, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = socket(0x23, 0x80805, 0x0) bind$auto(r1, &(0x7f0000000000)=@in={0x2, 0x4e22, @remote}, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x22100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x37, 0xa, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x7, 0x3, 0x800, 0x80000023, 0x200000000000007, 0x6d42, 0xc, 0x2495dae0, 0x6]}, 0x0) 1.241086514s ago: executing program 5 (id=7189): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/0/msr\x00', 0x181f82, 0x0) readv$auto(r0, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) pread64$auto(r2, 0x0, 0x3, 0x5) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card0\x00', 0x109c01, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x4002, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) ioctl$auto(r3, 0x92106451, 0xffffffffffffffff) ioctl$auto_SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, 0x0) 1.081034101s ago: executing program 1 (id=7182): r0 = open(0x0, 0x1, 0x154) write$auto_nsim_psample_enable_fops_psample(0xffffffffffffffff, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x48041, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/scsi_mod/parameters/scan\x00', 0x102, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80402, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1) sendfile$auto(r1, r1, 0x0, 0x3) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 732.918094ms ago: executing program 3 (id=7183): syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) setrlimit$auto(0x0, &(0x7f0000000000)={0x1, 0xfb3}) sigaltstack$auto(&(0x7f0000000180)={0x0, 0x80000001, 0x40b4}, 0x0) sigaltstack$auto(&(0x7f0000000080)={0x0, 0x2, 0x4}, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0x2, 0x9, 0x939, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 322.545535ms ago: executing program 1 (id=7184): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) landlock_create_ruleset$auto(0x0, 0x9, 0x0) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, 0x0, 0x40, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyzb\x00', 0x800, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x40076f3f, 0x38) socket(0xa, 0x2, 0x73) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x682, 0x0) ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r1, 0x80044dfb, &(0x7f0000000040)) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x5c, r2, 0x1, 0x70bd2b, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @multicast2}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 254.142227ms ago: executing program 6 (id=7185): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/pci/drivers/vmwgfx/new_id\x00', 0xa001, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) clone$auto(0x20003b42, 0x8400, 0x0, 0x0, 0xfffffffffffffff9) r0 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000080), 0x41180, 0x0) read$auto(r0, 0x0, 0x58b22256) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) 0s ago: executing program 5 (id=7186): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x3, 0xff) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) kernel console output (not intermixed with test programs): Call Trace: [ 943.072007][T22976] [ 943.072022][T22976] dump_stack_lvl+0x16c/0x1f0 [ 943.072073][T22976] should_fail_ex+0x512/0x640 [ 943.072135][T22976] should_failslab+0xc2/0x120 [ 943.072184][T22976] __kmalloc_cache_noprof+0x72/0x780 [ 943.072220][T22976] ? sctp_add_bind_addr+0xae/0x3f0 [ 943.072264][T22976] ? sctp_add_bind_addr+0xae/0x3f0 [ 943.072301][T22976] sctp_add_bind_addr+0xae/0x3f0 [ 943.072346][T22976] sctp_copy_local_addr_list+0x349/0x550 [ 943.072398][T22976] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 943.072449][T22976] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 943.072496][T22976] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 943.072590][T22976] sctp_bind_addr_copy+0xe0/0x530 [ 943.072638][T22976] sctp_connect_new_asoc+0x1c9/0x770 [ 943.072696][T22976] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 943.072753][T22976] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 943.072821][T22976] __sctp_connect+0x3f3/0xc60 [ 943.072885][T22976] ? do_raw_spin_lock+0x12c/0x2b0 [ 943.072941][T22976] ? __pfx___sctp_connect+0x10/0x10 [ 943.072997][T22976] ? __pfx_sctp_inet_connect+0x10/0x10 [ 943.073049][T22976] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 943.073109][T22976] ? __pfx_sctp_inet_connect+0x10/0x10 [ 943.073174][T22976] sctp_inet_connect+0x15f/0x200 [ 943.073226][T22976] __sys_connect_file+0x141/0x1a0 [ 943.073284][T22976] __sys_connect+0x13b/0x160 [ 943.073333][T22976] ? __pfx___sys_connect+0x10/0x10 [ 943.073398][T22976] ? xfd_validate_state+0x61/0x180 [ 943.073458][T22976] __x64_sys_connect+0x72/0xb0 [ 943.073506][T22976] ? lockdep_hardirqs_on+0x7c/0x110 [ 943.073548][T22976] do_syscall_64+0xcd/0xfa0 [ 943.073594][T22976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.073627][T22976] RIP: 0033:0x7f526b58f749 [ 943.073656][T22976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 943.073694][T22976] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 943.073727][T22976] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 943.073749][T22976] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 943.073769][T22976] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 943.073790][T22976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 943.073811][T22976] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 943.073868][T22976] [ 943.654898][T22988] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 945.957127][T23042] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 947.064362][T14997] udevd[14997]: inotify_add_watch(7, /dev/nbd1, 10) failed: No such file or directory [ 947.096055][ T5148] Bluetooth: hci3: Malformed LE Event: 0x1d [ 950.643184][T23154] zswap: compressor not available [ 952.337949][T23204] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6045'. [ 952.367779][T23204] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6045'. [ 952.398380][T23204] netlink: 'syz.4.6045': attribute type 3 has an invalid length. [ 952.439860][T23204] netlink: 290 bytes leftover after parsing attributes in process `syz.4.6045'. [ 952.584141][T23202] zswap: compressor 000 not available [ 952.802807][T23212] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1004 with max blocks 19 with error 117 [ 952.821946][T23212] EXT4-fs (sda1): This should not happen!! Data will be lost [ 952.821946][T23212] [ 955.324129][T23279] netlink: 18 bytes leftover after parsing attributes in process `syz.2.6073'. [ 955.694690][T23293] netlink: 338 bytes leftover after parsing attributes in process `syz.1.6076'. [ 955.719251][T23293] netlink: 338 bytes leftover after parsing attributes in process `syz.1.6076'. [ 955.731202][T23293] netlink: 170 bytes leftover after parsing attributes in process `syz.1.6076'. [ 956.579184][T23306] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 957.820996][T23325] zswap: compressor not available [ 958.597192][T23336] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6091'. [ 958.762523][ T1153] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1449 with max blocks 19 with error 117 [ 958.811825][ T1153] EXT4-fs (sda1): This should not happen!! Data will be lost [ 958.811825][ T1153] [ 958.831214][ T1153] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1002 with max blocks 21 with error 117 [ 958.878603][ T1153] EXT4-fs (sda1): This should not happen!! Data will be lost [ 958.878603][ T1153] [ 958.926272][ T1153] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1001 with max blocks 22 with error 117 [ 959.048792][ T1153] EXT4-fs (sda1): This should not happen!! Data will be lost [ 959.048792][ T1153] [ 959.074741][ T1153] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1012 with max blocks 11 with error 117 [ 959.115097][ T1153] EXT4-fs (sda1): This should not happen!! Data will be lost [ 959.115097][ T1153] [ 960.598694][T23381] netlink: 18 bytes leftover after parsing attributes in process `syz.1.6103'. [ 960.743532][T23383] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6105'. [ 960.773290][T23383] netlink: 302 bytes leftover after parsing attributes in process `syz.3.6105'. [ 960.905371][T23389] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6108'. [ 960.930808][T23389] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6108'. [ 960.948236][T23389] netlink: 250 bytes leftover after parsing attributes in process `syz.4.6108'. [ 961.194034][T23398] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6111'. [ 961.248837][T23398] netlink: 354 bytes leftover after parsing attributes in process `syz.2.6111'. [ 961.828817][T23414] netlink: 18 bytes leftover after parsing attributes in process `syz.4.6115'. [ 962.482816][T23420] zswap: compressor not available [ 964.396554][T23449] kexec: Could not allocate control_code_buffer [ 964.786861][T23466] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6132: iget: checksum invalid [ 964.821893][T23466] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 964.841018][T23466] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6132: iget: checksum invalid [ 964.880888][T23466] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 964.893634][T23466] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6132: iget: checksum invalid [ 964.906851][T23466] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 964.919656][T23466] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6132: iget: checksum invalid [ 964.997189][T23466] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 964.997797][T23469] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 981 with max blocks 42 with error 117 [ 965.029659][T23466] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 965.039996][T23469] EXT4-fs (sda1): This should not happen!! Data will be lost [ 965.039996][T23469] [ 965.072387][T23466] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 965.519910][T23482] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 965.719466][T23482] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 966.311017][T23503] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1006 with max blocks 17 with error 117 [ 966.400374][T23503] EXT4-fs (sda1): This should not happen!! Data will be lost [ 966.400374][T23503] [ 966.492258][T23508] FAULT_INJECTION: forcing a failure. [ 966.492258][T23508] name failslab, interval 1, probability 0, space 0, times 0 [ 966.565903][T23508] CPU: 1 UID: 0 PID: 23508 Comm: syz.1.6148 Tainted: G I syzkaller #0 PREEMPT(full) [ 966.565955][T23508] Tainted: [I]=FIRMWARE_WORKAROUND [ 966.565969][T23508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 966.565989][T23508] Call Trace: [ 966.566000][T23508] [ 966.566013][T23508] dump_stack_lvl+0x16c/0x1f0 [ 966.566059][T23508] should_fail_ex+0x512/0x640 [ 966.566117][T23508] should_failslab+0xc2/0x120 [ 966.566163][T23508] __kmalloc_cache_noprof+0x72/0x780 [ 966.566197][T23508] ? sctp_add_bind_addr+0xae/0x3f0 [ 966.566234][T23508] ? sctp_bind_addr_match+0x193/0x300 [ 966.566274][T23508] ? sctp_add_bind_addr+0xae/0x3f0 [ 966.566310][T23508] sctp_add_bind_addr+0xae/0x3f0 [ 966.566352][T23508] sctp_do_bind+0x2d6/0x700 [ 966.566407][T23508] sctp_connect_new_asoc+0x5e7/0x770 [ 966.566461][T23508] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 966.566516][T23508] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 966.566582][T23508] __sctp_connect+0x3f3/0xc60 [ 966.566639][T23508] ? do_raw_spin_lock+0x12c/0x2b0 [ 966.566707][T23508] ? __pfx___sctp_connect+0x10/0x10 [ 966.566760][T23508] ? __pfx_sctp_inet_connect+0x10/0x10 [ 966.566812][T23508] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 966.566873][T23508] ? __pfx_sctp_inet_connect+0x10/0x10 [ 966.566923][T23508] sctp_inet_connect+0x15f/0x200 [ 966.566977][T23508] __sys_connect_file+0x141/0x1a0 [ 966.567032][T23508] __sys_connect+0x13b/0x160 [ 966.567082][T23508] ? __pfx___sys_connect+0x10/0x10 [ 966.567149][T23508] ? xfd_validate_state+0x61/0x180 [ 966.567206][T23508] __x64_sys_connect+0x72/0xb0 [ 966.567254][T23508] ? lockdep_hardirqs_on+0x7c/0x110 [ 966.567296][T23508] do_syscall_64+0xcd/0xfa0 [ 966.567340][T23508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 966.567375][T23508] RIP: 0033:0x7f526b58f749 [ 966.567402][T23508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 966.567436][T23508] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 966.567468][T23508] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 966.567491][T23508] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 966.567512][T23508] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 966.567532][T23508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 966.567553][T23508] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 966.567600][T23508] [ 967.455663][T23519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 967.481086][T23519] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 967.512894][T23519] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 967.555134][T23519] page_type: f5(slab) [ 967.566639][T23519] raw: 00fff00000000040 ffff888140a94140 dead000000000122 0000000000000000 [ 967.602654][T23519] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000 [ 967.629834][T23519] head: 00fff00000000040 ffff888140a94140 dead000000000122 0000000000000000 [ 967.694309][T23519] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000 [ 967.757973][T23519] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 967.785484][T23519] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 967.800631][T23519] page dumped because: unmovable page [ 967.808903][T23519] page_owner tracks the page as allocated [ 967.815744][ T5180] ERROR: Out of memory at tomoyo_memory_ok. [ 967.822724][T23519] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5201, tgid 5201 (udevd), ts 68627967350, free_ts 68609006553 [ 967.907412][T23519] post_alloc_hook+0x1af/0x220 [ 967.912729][T23519] get_page_from_freelist+0x10a3/0x3a30 [ 967.919334][T23519] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 967.925312][T23519] alloc_pages_mpol+0x1fb/0x550 [ 967.940897][T23519] new_slab+0x24a/0x360 [ 967.945173][T23519] ___slab_alloc+0xd79/0x1a50 [ 967.961124][T23519] __slab_alloc.constprop.0+0x63/0x110 [ 967.967434][T23519] kmem_cache_alloc_lru_noprof+0x443/0x6e0 [ 967.976894][T23519] shmem_alloc_inode+0x25/0x50 [ 967.982008][T23519] alloc_inode+0x64/0x240 [ 968.005289][T23519] new_inode+0x22/0x1c0 [ 968.009897][T23519] shmem_get_inode+0x19a/0xfb0 [ 968.014743][T23519] shmem_mknod+0x1a8/0x450 [ 968.026554][T23519] lookup_open.isra.0+0x11d3/0x1580 [ 968.031962][T23519] path_openat+0x893/0x2cb0 [ 968.037143][T23519] do_filp_open+0x20b/0x470 [ 968.046617][T23519] page last free pid 5208 tgid 5208 stack trace: [ 968.053760][T23519] __free_frozen_pages+0x7df/0x1160 [ 968.063864][T23519] __put_partials+0x130/0x170 [ 968.074057][T23519] qlist_free_all+0x4d/0x120 [ 968.080253][T23519] kasan_quarantine_reduce+0x195/0x1e0 [ 968.093610][T23519] __kasan_slab_alloc+0x69/0x90 [ 968.104216][T23519] kmem_cache_alloc_noprof+0x250/0x6e0 [ 968.110164][T23519] getname_flags.part.0+0x4c/0x550 [ 968.115592][T23519] getname_flags+0x93/0xf0 [ 968.120951][T23519] __x64_sys_rename+0x58/0xa0 [ 968.127816][T23519] do_syscall_64+0xcd/0xfa0 [ 968.132518][T23519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 968.291089][T23540] __nla_validate_parse: 1 callbacks suppressed [ 968.291118][T23540] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6159'. [ 968.456127][T23540] netlink: 274 bytes leftover after parsing attributes in process `syz.2.6159'. [ 969.378231][T23560] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 994 with max blocks 8 with error 117 [ 969.397342][T23560] EXT4-fs (sda1): This should not happen!! Data will be lost [ 969.397342][T23560] [ 969.897247][T23566] zswap: compressor not available [ 971.360934][ T5148] Bluetooth: hci4: unexpected event 0x36 length: 123 > 7 [ 971.669041][T23603] FAULT_INJECTION: forcing a failure. [ 971.669041][T23603] name failslab, interval 1, probability 0, space 0, times 0 [ 971.699720][T23603] CPU: 0 UID: 0 PID: 23603 Comm: syz.1.6179 Tainted: G I syzkaller #0 PREEMPT(full) [ 971.699774][T23603] Tainted: [I]=FIRMWARE_WORKAROUND [ 971.699789][T23603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 971.699809][T23603] Call Trace: [ 971.699820][T23603] [ 971.699833][T23603] dump_stack_lvl+0x16c/0x1f0 [ 971.699883][T23603] should_fail_ex+0x512/0x640 [ 971.699945][T23603] ? fs_reclaim_acquire+0xae/0x150 [ 971.699993][T23603] should_failslab+0xc2/0x120 [ 971.700040][T23603] kmem_cache_alloc_noprof+0x75/0x6e0 [ 971.700076][T23603] ? __kernfs_new_node+0xd2/0x8e0 [ 971.700128][T23603] ? __kernfs_new_node+0xd2/0x8e0 [ 971.700170][T23603] __kernfs_new_node+0xd2/0x8e0 [ 971.700221][T23603] ? __pfx___kernfs_new_node+0x10/0x10 [ 971.700274][T23603] ? find_held_lock+0x2b/0x80 [ 971.700310][T23603] ? kernfs_root+0xee/0x2a0 [ 971.700361][T23603] kernfs_new_node+0x13c/0x1e0 [ 971.700419][T23603] __kernfs_create_file+0x53/0x350 [ 971.700461][T23603] sysfs_add_file_mode_ns+0x207/0x3c0 [ 971.700515][T23603] sysfs_merge_group+0x1aa/0x340 [ 971.700562][T23603] ? __pfx_sysfs_merge_group+0x10/0x10 [ 971.700614][T23603] ? __pfx_dev_add_physical_location+0x10/0x10 [ 971.700667][T23603] ? bus_to_subsys+0x131/0x160 [ 971.700709][T23603] dpm_sysfs_add+0x237/0x280 [ 971.700762][T23603] device_add+0x9a6/0x1aa0 [ 971.700797][T23603] ? __pfx_device_add+0x10/0x10 [ 971.700825][T23603] ? __pfx___might_resched+0x10/0x10 [ 971.700860][T23603] ? lockdep_hardirqs_on+0x7c/0x110 [ 971.700927][T23603] __add_disk+0x457/0xf00 [ 971.700983][T23603] add_disk_fwnode+0x13f/0x5d0 [ 971.701035][T23603] loop_add+0x903/0xb70 [ 971.701074][T23603] ? __pfx_loop_add+0x10/0x10 [ 971.701140][T23603] ? find_held_lock+0x2b/0x80 [ 971.701181][T23603] loop_control_ioctl+0x13e/0x630 [ 971.701220][T23603] ? __pfx_loop_control_ioctl+0x10/0x10 [ 971.701265][T23603] ? __pfx_loop_control_ioctl+0x10/0x10 [ 971.701306][T23603] __x64_sys_ioctl+0x18e/0x210 [ 971.701361][T23603] do_syscall_64+0xcd/0xfa0 [ 971.701405][T23603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.701440][T23603] RIP: 0033:0x7f526b58f749 [ 971.701475][T23603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 971.701509][T23603] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 971.701541][T23603] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 971.701564][T23603] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 971.701585][T23603] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 971.701606][T23603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 971.701627][T23603] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 971.701674][T23603] [ 972.688653][T23618] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6185'. [ 973.025890][T23629] futex_wake_op: syz.2.6191 tries to shift op by -2048; fix this program [ 973.076639][T23629] futex_wake_op: syz.2.6191 tries to shift op by -2048; fix this program [ 976.649790][T23717] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6221'. [ 982.526634][T23806] mkiss: ax0: crc mode is auto. [ 982.686596][T23790] kexec: Could not allocate control_code_buffer [ 984.781118][T23848] netlink: 194 bytes leftover after parsing attributes in process `syz.4.6262'. [ 985.078708][T23854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6265'. [ 985.089065][T23854] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6265'. [ 985.123264][T23851] Invalid ELF header magic: != ELF [ 985.463923][T23858] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 999 with max blocks 24 with error 117 [ 985.477778][T23858] EXT4-fs (sda1): This should not happen!! Data will be lost [ 985.477778][T23858] [ 985.797568][T23867] warning: `syz.1.6267' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 987.797508][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880597dc400: rx timeout, send abort [ 987.808816][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880597dc400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 989.117034][T23904] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 984 with max blocks 39 with error 117 [ 989.147281][T23904] EXT4-fs (sda1): This should not happen!! Data will be lost [ 989.147281][T23904] [ 989.243480][T23917] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.6283: iget: checksum invalid [ 989.387151][T23917] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 989.406224][T23917] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.6283: iget: checksum invalid [ 989.418187][T16191] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1449 with max blocks 19 with error 117 [ 989.453174][T23917] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 989.466167][T23917] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.6283: iget: checksum invalid [ 989.477627][T23917] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 989.484484][T16191] EXT4-fs (sda1): This should not happen!! Data will be lost [ 989.484484][T16191] [ 989.488354][T23917] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.6283: iget: checksum invalid [ 989.509340][T23917] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 989.518995][T23917] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 989.566872][T16191] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1415 with max blocks 50 with error 117 [ 989.598301][T23917] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 989.640769][T16191] EXT4-fs (sda1): This should not happen!! Data will be lost [ 989.640769][T16191] [ 989.712496][T16191] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1001 with max blocks 22 with error 117 [ 989.757141][T16191] EXT4-fs (sda1): This should not happen!! Data will be lost [ 989.757141][T16191] [ 991.723301][T23949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6295'. [ 992.582954][T23962] EXT4-fs: 2 callbacks suppressed [ 992.582991][T23962] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 983 with max blocks 18 with error 117 [ 992.611062][T23962] EXT4-fs (sda1): This should not happen!! Data will be lost [ 992.611062][T23962] [ 994.374936][T23979] netlink: 18 bytes leftover after parsing attributes in process `syz.4.6304'. [ 997.002816][T24026] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6321'. [ 1000.053304][T24084] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.6340: iget: checksum invalid [ 1000.092479][T24084] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1000.127573][T24084] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.6340: iget: checksum invalid [ 1000.143415][T24084] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1000.188034][T24084] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.6340: iget: checksum invalid [ 1000.199804][T24084] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1000.211312][T24084] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.6340: iget: checksum invalid [ 1000.229342][T24084] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1000.240202][T24084] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1000.273502][T24084] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1000.482924][T24090] netlink: 338 bytes leftover after parsing attributes in process `syz.4.6345'. [ 1002.313853][T24139] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6356'. [ 1002.782903][T24146] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6359: iget: checksum invalid [ 1002.819012][T24146] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1002.831166][T24146] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6359: iget: checksum invalid [ 1002.870205][T24146] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1002.885795][T24146] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6359: iget: checksum invalid [ 1002.917325][T24146] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1002.928367][T24146] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.6359: iget: checksum invalid [ 1002.940393][T24146] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1002.950264][T24146] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1002.961757][T24146] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1003.198319][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.204940][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1003.717229][T24160] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6365'. [ 1004.752971][T24190] netlink: 25 bytes leftover after parsing attributes in process `syz.1.6378'. [ 1004.974487][T24195] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6379'. [ 1007.265573][T24228] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6390'. [ 1007.365183][T24232] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6392'. [ 1007.464939][T24230] random: crng reseeded on system resumption [ 1019.921050][ T1105] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1459 with max blocks 9 with error 117 [ 1020.008749][ T1105] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1020.008749][ T1105] [ 1020.037283][ T1105] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1460 with max blocks 5 with error 117 [ 1020.081901][ T1105] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1020.081901][ T1105] [ 1020.123672][ T1105] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1001 with max blocks 22 with error 117 [ 1020.201906][ T1105] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1020.201906][ T1105] [ 1020.237993][ T1105] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 999 with max blocks 24 with error 117 [ 1020.330930][T24264] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1020.331850][ T1105] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1020.331850][ T1105] [ 1020.360942][T24264] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1020.370212][T24264] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1020.389373][T24264] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1020.403331][T24264] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1020.895655][T24281] netlink: 146 bytes leftover after parsing attributes in process `syz.1.6409'. [ 1021.080758][T24287] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6410'. [ 1021.109057][T24263] chnl_net:caif_netlink_parms(): no params data found [ 1021.309638][T24291] FAULT_INJECTION: forcing a failure. [ 1021.309638][T24291] name failslab, interval 1, probability 393216, space 0, times 0 [ 1021.323520][T24291] CPU: 1 UID: 0 PID: 24291 Comm: syz.1.6412 Tainted: G I syzkaller #0 PREEMPT(full) [ 1021.323572][T24291] Tainted: [I]=FIRMWARE_WORKAROUND [ 1021.323584][T24291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1021.323604][T24291] Call Trace: [ 1021.323616][T24291] [ 1021.323628][T24291] dump_stack_lvl+0x16c/0x1f0 [ 1021.323676][T24291] should_fail_ex+0x512/0x640 [ 1021.323726][T24291] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1021.323768][T24291] should_failslab+0xc2/0x120 [ 1021.323814][T24291] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1021.323850][T24291] ? set_normalized_timespec64+0x69/0xc0 [ 1021.323893][T24291] ? __d_alloc+0x32/0xae0 [ 1021.323939][T24291] ? __d_alloc+0x32/0xae0 [ 1021.323974][T24291] __d_alloc+0x32/0xae0 [ 1021.324015][T24291] d_alloc_pseudo+0x1c/0xc0 [ 1021.324061][T24291] alloc_file_pseudo+0xcf/0x230 [ 1021.324109][T24291] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1021.324161][T24291] ? hugetlbfs_get_inode+0x31f/0x730 [ 1021.324204][T24291] hugetlb_file_setup+0x4ce/0x620 [ 1021.324247][T24291] ksys_mmap_pgoff+0x189/0x5c0 [ 1021.324298][T24291] __x64_sys_mmap+0x125/0x190 [ 1021.324355][T24291] do_syscall_64+0xcd/0xfa0 [ 1021.324400][T24291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.324434][T24291] RIP: 0033:0x7f526b58f749 [ 1021.324470][T24291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1021.324513][T24291] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1021.324545][T24291] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1021.324568][T24291] RDX: 0000000000000002 RSI: 0000000000000006 RDI: 0000000000000000 [ 1021.324587][T24291] RBP: 00007f526b613f91 R08: ffffffffffffffff R09: 0000308000000000 [ 1021.324609][T24291] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 1021.324629][T24291] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1021.324675][T24291] [ 1021.325294][ T1105] netdevsim netdevsim2 netdevsim1 (unregistering): left allmulticast mode [ 1021.454001][T24293] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6413'. [ 1021.456373][ T1105] netdevsim netdevsim2 netdevsim1 (unregistering): left promiscuous mode [ 1021.686858][ T1105] bridge0: port 3(netdevsim1) entered disabled state [ 1022.153603][T24263] bridge0: port 1(bridge_slave_0) entered blocking state [ 1022.162146][T24263] bridge0: port 1(bridge_slave_0) entered disabled state [ 1022.178823][T24263] bridge_slave_0: entered allmulticast mode [ 1022.233819][T24263] bridge_slave_0: entered promiscuous mode [ 1022.317659][T24263] bridge0: port 2(bridge_slave_1) entered blocking state [ 1022.326862][T24263] bridge0: port 2(bridge_slave_1) entered disabled state [ 1022.335271][T24263] bridge_slave_1: entered allmulticast mode [ 1022.347698][T24263] bridge_slave_1: entered promiscuous mode [ 1022.383957][T24306] netlink: 252 bytes leftover after parsing attributes in process `syz.1.6416'. [ 1022.396133][T24306] netlink: 252 bytes leftover after parsing attributes in process `syz.1.6416'. [ 1022.418715][T24263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1022.442305][T24263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1022.463040][T24264] Bluetooth: hci0: command tx timeout [ 1022.504655][T24263] team0: Port device team_slave_0 added [ 1022.515738][T24263] team0: Port device team_slave_1 added [ 1022.602399][T24263] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1022.609719][T24263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1022.639489][T24263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1022.653213][T24263] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1022.661254][T24263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1022.687799][T24263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1022.780328][T24263] hsr_slave_0: entered promiscuous mode [ 1022.787331][T24263] hsr_slave_1: entered promiscuous mode [ 1022.797879][T24263] debugfs: 'hsr0' already exists in 'hsr' [ 1022.804092][T24263] Cannot create hsr debugfs directory [ 1022.823630][T24314] netlink: 334 bytes leftover after parsing attributes in process `syz.3.6419'. [ 1023.200976][T24263] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1023.217864][T24263] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1023.230372][T24263] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1023.242273][T24263] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1023.371901][T24263] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1023.395919][T24263] 8021q: adding VLAN 0 to HW filter on device team0 [ 1023.410927][T16191] bridge0: port 1(bridge_slave_0) entered blocking state [ 1023.418378][T16191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1023.433982][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 1023.441223][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1023.732802][T24343] netlink: 'syz.1.6426': attribute type 35 has an invalid length. [ 1023.802334][T24263] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1024.352622][T24263] veth0_vlan: entered promiscuous mode [ 1024.373515][T24263] veth1_vlan: entered promiscuous mode [ 1024.459237][T24263] veth0_macvtap: entered promiscuous mode [ 1024.509123][T24263] veth1_macvtap: entered promiscuous mode [ 1024.531268][T24264] Bluetooth: hci0: command tx timeout [ 1024.592742][T24263] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1024.633837][T24263] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1024.665697][ T1153] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1024.685900][ T1153] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1024.710941][ T1153] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1024.731867][ T1153] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1024.884728][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1024.892924][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1024.927913][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1024.942787][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1025.252327][T24374] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.6397: iget: checksum invalid [ 1025.277015][T24374] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1025.290714][T24374] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.6397: iget: checksum invalid [ 1025.302521][T24374] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1025.313391][T24374] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.6397: iget: checksum invalid [ 1025.336173][T24374] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1025.349521][T24374] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.6397: iget: checksum invalid [ 1025.364071][T24374] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1025.374667][T24374] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1025.384531][T24374] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1026.601311][T24264] Bluetooth: hci0: command tx timeout [ 1027.237868][T24416] FAULT_INJECTION: forcing a failure. [ 1027.237868][T24416] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1027.262798][T24416] CPU: 1 UID: 0 PID: 24416 Comm: syz.5.6449 Tainted: G I syzkaller #0 PREEMPT(full) [ 1027.262855][T24416] Tainted: [I]=FIRMWARE_WORKAROUND [ 1027.262870][T24416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1027.262890][T24416] Call Trace: [ 1027.262901][T24416] [ 1027.262917][T24416] dump_stack_lvl+0x16c/0x1f0 [ 1027.262965][T24416] should_fail_ex+0x512/0x640 [ 1027.263022][T24416] should_fail_alloc_page+0xe7/0x130 [ 1027.263070][T24416] prepare_alloc_pages+0x3c2/0x610 [ 1027.263121][T24416] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1027.263167][T24416] ? __lock_acquire+0x622/0x1c90 [ 1027.263222][T24416] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1027.263266][T24416] ? find_held_lock+0x2b/0x80 [ 1027.263304][T24416] ? bpf_ksym_find+0x124/0x1c0 [ 1027.263342][T24416] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1027.263384][T24416] ? is_bpf_text_address+0x94/0x1a0 [ 1027.263430][T24416] ? kernel_text_address+0x8d/0x100 [ 1027.263460][T24416] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1027.263516][T24416] ? policy_nodemask+0xea/0x4e0 [ 1027.263565][T24416] alloc_pages_mpol+0x1fb/0x550 [ 1027.263611][T24416] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1027.263679][T24416] alloc_pages_noprof+0x131/0x390 [ 1027.263727][T24416] __pmd_alloc+0x3b/0x8b0 [ 1027.263779][T24416] __handle_mm_fault+0xada/0x2aa0 [ 1027.263840][T24416] ? mt_find+0x3e2/0xa20 [ 1027.263886][T24416] ? __pfx___handle_mm_fault+0x10/0x10 [ 1027.263935][T24416] ? __pfx_mt_find+0x10/0x10 [ 1027.264004][T24416] ? find_vma+0xbf/0x140 [ 1027.264043][T24416] ? __pfx_find_vma+0x10/0x10 [ 1027.264087][T24416] handle_mm_fault+0x589/0xd10 [ 1027.264141][T24416] ? __pkru_allows_pkey+0x21/0xb0 [ 1027.264196][T24416] do_user_addr_fault+0x7a6/0x1370 [ 1027.264233][T24416] ? rcu_is_watching+0x12/0xc0 [ 1027.264276][T24416] exc_page_fault+0x64/0xc0 [ 1027.264318][T24416] asm_exc_page_fault+0x26/0x30 [ 1027.264349][T24416] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 1027.264401][T24416] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 1027.264435][T24416] RSP: 0018:ffffc9000babfd68 EFLAGS: 00050216 [ 1027.264464][T24416] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000020 [ 1027.264483][T24416] RDX: ffffed100f0b06ec RSI: 0000000000000000 RDI: ffff888078583740 [ 1027.264504][T24416] RBP: 0000000000000020 R08: 0000000000000001 R09: ffffed100f0b06eb [ 1027.264523][T24416] R10: ffff88807858375f R11: 0000000000000001 R12: 0000000000000000 [ 1027.264543][T24416] R13: ffff888078583740 R14: 0000000000000002 R15: ffff888071e51b40 [ 1027.264587][T24416] _copy_from_user+0x98/0xd0 [ 1027.264671][T24416] do_mq_notify+0x3bc/0xe70 [ 1027.264719][T24416] ? __might_fault+0xe3/0x190 [ 1027.264755][T24416] ? __pfx_do_mq_notify+0x10/0x10 [ 1027.264815][T24416] __x64_sys_mq_notify+0x100/0x170 [ 1027.264867][T24416] ? __pfx___x64_sys_mq_notify+0x10/0x10 [ 1027.264931][T24416] ? rcu_is_watching+0x12/0xc0 [ 1027.264971][T24416] do_syscall_64+0xcd/0xfa0 [ 1027.265013][T24416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1027.265046][T24416] RIP: 0033:0x7f3b94d8f749 [ 1027.265073][T24416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1027.265107][T24416] RSP: 002b:00007f3b95b47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f4 [ 1027.265138][T24416] RAX: ffffffffffffffda RBX: 00007f3b94fe5fa0 RCX: 00007f3b94d8f749 [ 1027.265161][T24416] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffffff [ 1027.265183][T24416] RBP: 00007f3b94e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1027.265205][T24416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1027.265226][T24416] R13: 00007f3b94fe6038 R14: 00007f3b94fe5fa0 R15: 00007ffe9b9204b8 [ 1027.265274][T24416] [ 1027.871411][ T854] Process accounting resumed [ 1028.215235][T24431] mkiss: ax0: crc mode is auto. [ 1028.671645][T24264] Bluetooth: hci0: command tx timeout [ 1028.849721][T24438] netlink: 146 bytes leftover after parsing attributes in process `syz.3.6458'. [ 1031.439658][T24488] netlink: 62 bytes leftover after parsing attributes in process `syz.1.6475'. [ 1031.781369][T24494] FAULT_INJECTION: forcing a failure. [ 1031.781369][T24494] name failslab, interval 1, probability 393216, space 0, times 0 [ 1031.795134][T24494] CPU: 0 UID: 0 PID: 24494 Comm: syz.1.6478 Tainted: G I syzkaller #0 PREEMPT(full) [ 1031.795187][T24494] Tainted: [I]=FIRMWARE_WORKAROUND [ 1031.795201][T24494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1031.795222][T24494] Call Trace: [ 1031.795234][T24494] [ 1031.795247][T24494] dump_stack_lvl+0x16c/0x1f0 [ 1031.795307][T24494] should_fail_ex+0x512/0x640 [ 1031.795359][T24494] ? __kmalloc_noprof+0xca/0x880 [ 1031.795416][T24494] should_failslab+0xc2/0x120 [ 1031.795461][T24494] __kmalloc_noprof+0xdd/0x880 [ 1031.795514][T24494] ? acpi_ut_trace_ptr+0x1d2/0x2a0 [ 1031.795548][T24494] ? acpi_ex_allocate_name_string+0x8c/0x340 [ 1031.795593][T24494] ? acpi_ex_allocate_name_string+0x8c/0x340 [ 1031.795629][T24494] acpi_ex_allocate_name_string+0x8c/0x340 [ 1031.795673][T24494] acpi_ex_get_name_string+0x297/0xb90 [ 1031.795711][T24494] ? acpi_ut_trace_ptr+0x120/0x2a0 [ 1031.795746][T24494] ? __pfx_acpi_ex_get_name_string+0x10/0x10 [ 1031.795780][T24494] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 1031.795829][T24494] acpi_ds_create_operand+0x3fd/0xc30 [ 1031.795883][T24494] ? __pfx_acpi_ds_create_operand+0x10/0x10 [ 1031.795934][T24494] ? acpi_ut_trace_ptr+0x1d2/0x2a0 [ 1031.795971][T24494] ? __pfx_acpi_ut_trace_ptr+0x10/0x10 [ 1031.796000][T24494] ? __pfx_acpi_ns_lookup+0x10/0x10 [ 1031.796033][T24494] ? acpi_ut_track_stack_ptr+0x114/0x180 [ 1031.796075][T24494] acpi_ds_evaluate_name_path+0x158/0x4b0 [ 1031.796126][T24494] ? __pfx_acpi_ds_evaluate_name_path+0x10/0x10 [ 1031.796180][T24494] ? acpi_ps_get_next_namepath+0x202/0xa10 [ 1031.796229][T24494] ? acpi_ut_trace_ptr+0x121/0x2a0 [ 1031.796268][T24494] acpi_ds_exec_end_op+0xd99/0x1da0 [ 1031.796335][T24494] ? __pfx_acpi_ds_exec_end_op+0x10/0x10 [ 1031.796387][T24494] acpi_ps_parse_loop+0x5a6/0x2470 [ 1031.796454][T24494] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 1031.796509][T24494] ? kmem_cache_alloc_noprof+0x2a1/0x6e0 [ 1031.796545][T24494] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 1031.796576][T24494] ? acpi_ut_create_thread_state+0x6d/0x170 [ 1031.796645][T24494] acpi_ps_parse_aml+0x817/0x1170 [ 1031.796706][T24494] acpi_ps_execute_method+0x5c4/0xe90 [ 1031.796749][T24494] acpi_ns_evaluate+0x98c/0x16d0 [ 1031.796795][T24494] acpi_evaluate_object+0x4ca/0xdf0 [ 1031.796854][T24494] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1031.796905][T24494] ? __mutex_trylock_common+0xe9/0x250 [ 1031.796962][T24494] acpi_evaluate_integer+0xdd/0x200 [ 1031.797004][T24494] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1031.797065][T24494] ? __pfx_status_show+0x10/0x10 [ 1031.797111][T24494] status_show+0xa0/0x120 [ 1031.797159][T24494] ? __pfx_status_show+0x10/0x10 [ 1031.797221][T24494] dev_attr_show+0x56/0xe0 [ 1031.797274][T24494] ? __pfx_dev_attr_show+0x10/0x10 [ 1031.797331][T24494] sysfs_kf_seq_show+0x216/0x3e0 [ 1031.797380][T24494] seq_read_iter+0x50e/0x12d0 [ 1031.797453][T24494] kernfs_fop_read_iter+0x46c/0x610 [ 1031.797490][T24494] ? rw_verify_area+0xcf/0x6c0 [ 1031.797527][T24494] vfs_read+0x8bf/0xcf0 [ 1031.797570][T24494] ? __pfx___mutex_lock+0x10/0x10 [ 1031.797616][T24494] ? __pfx_vfs_read+0x10/0x10 [ 1031.797683][T24494] ksys_read+0x12a/0x250 [ 1031.797719][T24494] ? __pfx_ksys_read+0x10/0x10 [ 1031.797770][T24494] do_syscall_64+0xcd/0xfa0 [ 1031.797816][T24494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1031.797850][T24494] RIP: 0033:0x7f526b58f749 [ 1031.797878][T24494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1031.797914][T24494] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1031.797947][T24494] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1031.797969][T24494] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 1031.797989][T24494] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 1031.798009][T24494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1031.798029][T24494] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1031.798075][T24494] [ 1031.798579][T24478] kexec: Could not allocate control_code_buffer [ 1031.818468][T24494] ACPI Error: Could not allocate size 7 (20250807/exnames-68) [ 1032.216881][T24494] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529) [ 1032.610064][T24511] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6483'. [ 1032.696352][T24511] netlink: 'syz.1.6483': attribute type 1 has an invalid length. [ 1032.706036][T24511] netlink: 254 bytes leftover after parsing attributes in process `syz.1.6483'. [ 1033.548881][T24537] netlink: set zone limit has 8 unknown bytes [ 1034.421534][T24559] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1034.441971][T24559] FAULT_INJECTION: forcing a failure. [ 1034.441971][T24559] name failslab, interval 1, probability 393216, space 0, times 0 [ 1034.464550][T24559] CPU: 0 UID: 0 PID: 24559 Comm: syz.5.6498 Tainted: G I syzkaller #0 PREEMPT(full) [ 1034.464605][T24559] Tainted: [I]=FIRMWARE_WORKAROUND [ 1034.464619][T24559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1034.464639][T24559] Call Trace: [ 1034.464650][T24559] [ 1034.464663][T24559] dump_stack_lvl+0x16c/0x1f0 [ 1034.464711][T24559] should_fail_ex+0x512/0x640 [ 1034.464761][T24559] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1034.464803][T24559] should_failslab+0xc2/0x120 [ 1034.464849][T24559] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1034.464890][T24559] ? alloc_inode+0x64/0x240 [ 1034.464943][T24559] ? __pfx_rpc_alloc_inode+0x10/0x10 [ 1034.464993][T24559] ? alloc_inode+0x64/0x240 [ 1034.465037][T24559] alloc_inode+0x64/0x240 [ 1034.465081][T24559] new_inode+0x22/0x1c0 [ 1034.465132][T24559] rpc_new_dir+0xa1/0x440 [ 1034.465190][T24559] rpc_populate.constprop.0+0x51/0x1d0 [ 1034.465234][T24559] ? d_instantiate+0x77/0x90 [ 1034.465279][T24559] ? __pfx_rpc_fill_super+0x10/0x10 [ 1034.465313][T24559] rpc_fill_super+0x2b9/0x4f0 [ 1034.465350][T24559] ? __pfx_rpc_fill_super+0x10/0x10 [ 1034.465383][T24559] get_tree_keyed+0x10e/0x1d0 [ 1034.465423][T24559] vfs_get_tree+0x8e/0x340 [ 1034.465474][T24559] vfs_cmd_create+0xd7/0x2a0 [ 1034.465522][T24559] __do_sys_fsconfig+0x7b8/0xbe0 [ 1034.465574][T24559] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 1034.465642][T24559] do_syscall_64+0xcd/0xfa0 [ 1034.465686][T24559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1034.465720][T24559] RIP: 0033:0x7f3b94d8f749 [ 1034.465747][T24559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1034.465781][T24559] RSP: 002b:00007f3b95b47038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 1034.465814][T24559] RAX: ffffffffffffffda RBX: 00007f3b94fe5fa0 RCX: 00007f3b94d8f749 [ 1034.465836][T24559] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005 [ 1034.465856][T24559] RBP: 00007f3b94e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1034.465876][T24559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1034.465894][T24559] R13: 00007f3b94fe6038 R14: 00007f3b94fe5fa0 R15: 00007ffe9b9204b8 [ 1034.465941][T24559] [ 1034.466345][T24559] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 1034.888291][T24561] ERROR: Out of memory at tomoyo_memory_ok. [ 1037.198895][ T5148] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1037.209923][ T5148] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1037.219821][ T5148] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1037.228843][ T5148] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1037.236845][ T5148] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1037.491457][T24597] ERROR: Out of memory at tomoyo_memory_ok. [ 1037.648802][T24600] chnl_net:caif_netlink_parms(): no params data found [ 1037.981685][T24600] bridge0: port 1(bridge_slave_0) entered blocking state [ 1037.990152][T24600] bridge0: port 1(bridge_slave_0) entered disabled state [ 1037.997467][T24600] bridge_slave_0: entered allmulticast mode [ 1038.005914][T24600] bridge_slave_0: entered promiscuous mode [ 1038.015378][T24600] bridge0: port 2(bridge_slave_1) entered blocking state [ 1038.023294][T24600] bridge0: port 2(bridge_slave_1) entered disabled state [ 1038.031120][T24600] bridge_slave_1: entered allmulticast mode [ 1038.039285][T24600] bridge_slave_1: entered promiscuous mode [ 1038.190511][T24600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1038.239077][T24600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1038.369419][T24600] team0: Port device team_slave_0 added [ 1038.397223][T24600] team0: Port device team_slave_1 added [ 1038.493783][T24600] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1038.503234][T24600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1038.548118][T24600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1038.586260][T24600] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1038.593297][T24600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1038.620396][T24600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1038.715964][T24600] hsr_slave_0: entered promiscuous mode [ 1038.725819][T24600] hsr_slave_1: entered promiscuous mode [ 1038.742767][T24600] debugfs: 'hsr0' already exists in 'hsr' [ 1038.748717][T24600] Cannot create hsr debugfs directory [ 1039.242586][T24600] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1039.254492][T24600] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1039.269884][T24600] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1039.272596][ T5148] Bluetooth: hci2: command tx timeout [ 1039.289529][T24600] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1039.416236][T24600] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1039.455813][T24600] 8021q: adding VLAN 0 to HW filter on device team0 [ 1039.470308][ T1153] bridge0: port 1(bridge_slave_0) entered blocking state [ 1039.477589][ T1153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1039.503774][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 1039.511043][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1039.840345][T24600] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1040.242361][T24600] veth0_vlan: entered promiscuous mode [ 1040.260355][T24600] veth1_vlan: entered promiscuous mode [ 1040.313937][T24600] veth0_macvtap: entered promiscuous mode [ 1040.328929][T24600] veth1_macvtap: entered promiscuous mode [ 1040.356122][T24600] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1040.382127][T24600] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1040.405589][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.415905][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.438225][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.468064][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.594708][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.619694][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1040.670197][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.678973][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1040.923568][T24648] netlink: 138 bytes leftover after parsing attributes in process `syz.5.6527'. [ 1041.332531][ T5148] Bluetooth: hci2: command tx timeout [ 1042.088862][T24661] netlink: 194 bytes leftover after parsing attributes in process `syz.5.6521'. [ 1042.268395][T24668] futex_wake_op: syz.3.6530 tries to shift op by -9; fix this program [ 1043.007971][T24688] FAULT_INJECTION: forcing a failure. [ 1043.007971][T24688] name failslab, interval 1, probability 393216, space 0, times 0 [ 1043.034826][T24688] CPU: 1 UID: 0 PID: 24688 Comm: syz.5.6531 Tainted: G I syzkaller #0 PREEMPT(full) [ 1043.034879][T24688] Tainted: [I]=FIRMWARE_WORKAROUND [ 1043.034891][T24688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1043.034909][T24688] Call Trace: [ 1043.034920][T24688] [ 1043.034932][T24688] dump_stack_lvl+0x16c/0x1f0 [ 1043.034979][T24688] should_fail_ex+0x512/0x640 [ 1043.035046][T24688] should_failslab+0xc2/0x120 [ 1043.035091][T24688] __kmalloc_cache_noprof+0x72/0x780 [ 1043.035123][T24688] ? __pfx___might_resched+0x10/0x10 [ 1043.035160][T24688] ? nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 1043.035224][T24688] ? nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 1043.035274][T24688] nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 1043.035330][T24688] notifier_call_chain+0xbc/0x410 [ 1043.035372][T24688] ? __pfx_nfc_genl_rcv_nl_event+0x10/0x10 [ 1043.035432][T24688] blocking_notifier_call_chain+0x69/0xa0 [ 1043.035480][T24688] netlink_release+0x16cf/0x2080 [ 1043.035528][T24688] ? netlink_release+0x1e4/0x2080 [ 1043.035571][T24688] ? __pfx_netlink_release+0x10/0x10 [ 1043.035613][T24688] ? __pfx_locks_remove_file+0x10/0x10 [ 1043.035652][T24688] __sock_release+0xb3/0x270 [ 1043.035691][T24688] ? __pfx_sock_close+0x10/0x10 [ 1043.035725][T24688] sock_close+0x1c/0x30 [ 1043.035760][T24688] __fput+0x402/0xb70 [ 1043.035825][T24688] task_work_run+0x150/0x240 [ 1043.035878][T24688] ? __pfx_task_work_run+0x10/0x10 [ 1043.035933][T24688] ? __pfx___do_sys_close_range+0x10/0x10 [ 1043.035981][T24688] exit_to_user_mode_loop+0xec/0x130 [ 1043.036037][T24688] do_syscall_64+0x426/0xfa0 [ 1043.036081][T24688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1043.036115][T24688] RIP: 0033:0x7f3b94d8f749 [ 1043.036142][T24688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1043.036178][T24688] RSP: 002b:00007f3b92ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1043.036217][T24688] RAX: 0000000000000000 RBX: 00007f3b94fe6090 RCX: 00007f3b94d8f749 [ 1043.036238][T24688] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1043.036263][T24688] RBP: 00007f3b94e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1043.036289][T24688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1043.036309][T24688] R13: 00007f3b94fe6128 R14: 00007f3b94fe6090 R15: 00007ffe9b9204b8 [ 1043.036355][T24688] [ 1043.280181][ C1] vkms_vblank_simulate: vblank timer overrun [ 1043.412141][ T5148] Bluetooth: hci2: command tx timeout [ 1043.450767][T24680] ERROR: Out of memory at tomoyo_memory_ok. [ 1043.557202][T24684] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 981 with max blocks 42 with error 117 [ 1043.594505][T24684] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1043.594505][T24684] [ 1044.510524][T24712] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1045.474303][ T5148] Bluetooth: hci2: command tx timeout [ 1046.149521][T24744] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1047.182205][T24764] netlink: 238 bytes leftover after parsing attributes in process `syz.3.6560'. [ 1047.193849][T24764] netlink: 298 bytes leftover after parsing attributes in process `syz.3.6560'. [ 1048.122857][T24777] FAULT_INJECTION: forcing a failure. [ 1048.122857][T24777] name failslab, interval 1, probability 393216, space 0, times 0 [ 1048.151871][T24777] CPU: 0 UID: 0 PID: 24777 Comm: syz.5.6565 Tainted: G I syzkaller #0 PREEMPT(full) [ 1048.151927][T24777] Tainted: [I]=FIRMWARE_WORKAROUND [ 1048.151939][T24777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1048.151957][T24777] Call Trace: [ 1048.151970][T24777] [ 1048.151983][T24777] dump_stack_lvl+0x16c/0x1f0 [ 1048.152032][T24777] should_fail_ex+0x512/0x640 [ 1048.152083][T24777] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1048.152130][T24777] should_failslab+0xc2/0x120 [ 1048.152177][T24777] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1048.152219][T24777] ? addrconf_init_net+0x1e9/0x8e0 [ 1048.152265][T24777] ? __pfx_addrconf_init_net+0x10/0x10 [ 1048.152307][T24777] ? kmemdup_noprof+0x29/0x60 [ 1048.152340][T24777] kmemdup_noprof+0x29/0x60 [ 1048.152378][T24777] addrconf_init_net+0x1e9/0x8e0 [ 1048.152419][T24777] ? ip6addrlbl_net_init+0x142/0x380 [ 1048.152473][T24777] ? __pfx_addrconf_init_net+0x10/0x10 [ 1048.152516][T24777] ops_init+0x1e2/0x5f0 [ 1048.152557][T24777] setup_net+0x100/0x390 [ 1048.152594][T24777] ? __pfx_setup_net+0x10/0x10 [ 1048.152633][T24777] ? debug_mutex_init+0x37/0x70 [ 1048.152674][T24777] copy_net_ns+0x2f8/0x690 [ 1048.152719][T24777] create_new_namespaces+0x3ea/0xa90 [ 1048.152786][T24777] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1048.152828][T24777] ksys_unshare+0x45b/0xa40 [ 1048.152879][T24777] ? __pfx_ksys_unshare+0x10/0x10 [ 1048.152924][T24777] ? xfd_validate_state+0x61/0x180 [ 1048.152986][T24777] __x64_sys_unshare+0x31/0x40 [ 1048.153031][T24777] do_syscall_64+0xcd/0xfa0 [ 1048.153076][T24777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1048.153110][T24777] RIP: 0033:0x7f3b94d8f749 [ 1048.153137][T24777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1048.153169][T24777] RSP: 002b:00007f3b95b47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1048.153201][T24777] RAX: ffffffffffffffda RBX: 00007f3b94fe5fa0 RCX: 00007f3b94d8f749 [ 1048.153221][T24777] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1048.153241][T24777] RBP: 00007f3b94e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1048.153260][T24777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1048.153279][T24777] R13: 00007f3b94fe6038 R14: 00007f3b94fe5fa0 R15: 00007ffe9b9204b8 [ 1048.153324][T24777] [ 1048.625901][T24783] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6571'. [ 1048.639906][T24783] netlink: 274 bytes leftover after parsing attributes in process `syz.1.6571'. [ 1048.775278][T24785] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1048.804285][T24785] FAULT_INJECTION: forcing a failure. [ 1048.804285][T24785] name failslab, interval 1, probability 393216, space 0, times 0 [ 1048.877742][T24785] CPU: 0 UID: 0 PID: 24785 Comm: syz.6.6569 Tainted: G I syzkaller #0 PREEMPT(full) [ 1048.877800][T24785] Tainted: [I]=FIRMWARE_WORKAROUND [ 1048.877814][T24785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1048.877836][T24785] Call Trace: [ 1048.877848][T24785] [ 1048.877863][T24785] dump_stack_lvl+0x16c/0x1f0 [ 1048.877916][T24785] should_fail_ex+0x512/0x640 [ 1048.877981][T24785] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1048.878028][T24785] should_failslab+0xc2/0x120 [ 1048.878079][T24785] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1048.878124][T24785] ? alloc_inode+0x64/0x240 [ 1048.878182][T24785] ? __pfx_rpc_alloc_inode+0x10/0x10 [ 1048.878237][T24785] ? alloc_inode+0x64/0x240 [ 1048.878286][T24785] alloc_inode+0x64/0x240 [ 1048.878336][T24785] new_inode+0x22/0x1c0 [ 1048.878392][T24785] rpc_new_dir+0xa1/0x440 [ 1048.878455][T24785] rpc_populate.constprop.0+0x51/0x1d0 [ 1048.878493][T24785] ? d_instantiate+0x77/0x90 [ 1048.878537][T24785] ? __pfx_rpc_fill_super+0x10/0x10 [ 1048.878574][T24785] rpc_fill_super+0x2b9/0x4f0 [ 1048.878611][T24785] ? __pfx_rpc_fill_super+0x10/0x10 [ 1048.878646][T24785] get_tree_keyed+0x10e/0x1d0 [ 1048.878688][T24785] vfs_get_tree+0x8e/0x340 [ 1048.878744][T24785] vfs_cmd_create+0xd7/0x2a0 [ 1048.878795][T24785] __do_sys_fsconfig+0x7b8/0xbe0 [ 1048.878851][T24785] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 1048.878924][T24785] do_syscall_64+0xcd/0xfa0 [ 1048.878983][T24785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1048.879022][T24785] RIP: 0033:0x7f4d1018f749 [ 1048.879052][T24785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1048.879089][T24785] RSP: 002b:00007f4d10f40038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 1048.879126][T24785] RAX: ffffffffffffffda RBX: 00007f4d103e5fa0 RCX: 00007f4d1018f749 [ 1048.879151][T24785] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005 [ 1048.879174][T24785] RBP: 00007f4d10213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1048.879198][T24785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1048.879220][T24785] R13: 00007f4d103e6038 R14: 00007f4d103e5fa0 R15: 00007fff064b6a08 [ 1048.879272][T24785] [ 1048.879323][T24785] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 1050.650100][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1461 with max blocks 7 with error 117 [ 1050.693397][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1050.693397][ T13] [ 1050.838175][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1462 with max blocks 3 with error 117 [ 1050.883177][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1050.883177][ T13] [ 1050.896284][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1001 with max blocks 22 with error 117 [ 1050.907281][T24824] FAULT_INJECTION: forcing a failure. [ 1050.907281][T24824] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1050.922487][T24824] CPU: 1 UID: 0 PID: 24824 Comm: syz.1.6584 Tainted: G I syzkaller #0 PREEMPT(full) [ 1050.922541][T24824] Tainted: [I]=FIRMWARE_WORKAROUND [ 1050.922554][T24824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1050.922575][T24824] Call Trace: [ 1050.922586][T24824] [ 1050.922599][T24824] dump_stack_lvl+0x16c/0x1f0 [ 1050.922647][T24824] should_fail_ex+0x512/0x640 [ 1050.922704][T24824] should_fail_futex+0x4c/0x60 [ 1050.922757][T24824] futex_lock_pi_atomic+0x148/0xd50 [ 1050.922819][T24824] futex_lock_pi+0x23f/0x7c0 [ 1050.922882][T24824] ? __pfx_futex_lock_pi+0x10/0x10 [ 1050.922932][T24824] ? __futex_wait+0x24b/0x2f0 [ 1050.922999][T24824] ? futex_private_hash_put+0xd5/0x190 [ 1050.923046][T24824] ? __pfx_futex_wake_mark+0x10/0x10 [ 1050.923111][T24824] ? ksys_write+0x190/0x250 [ 1050.923158][T24824] do_futex+0x11a/0x350 [ 1050.923205][T24824] ? __pfx_do_futex+0x10/0x10 [ 1050.923262][T24824] __x64_sys_futex+0x1e0/0x4c0 [ 1050.923311][T24824] ? fput+0x9b/0xd0 [ 1050.923356][T24824] ? __pfx___x64_sys_futex+0x10/0x10 [ 1050.923401][T24824] ? xfd_validate_state+0x61/0x180 [ 1050.923448][T24824] ? __pfx_ksys_write+0x10/0x10 [ 1050.923497][T24824] do_syscall_64+0xcd/0xfa0 [ 1050.923542][T24824] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1050.923576][T24824] RIP: 0033:0x7f526b58f749 [ 1050.923603][T24824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1050.923637][T24824] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1050.923669][T24824] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1050.923690][T24824] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 1050.923709][T24824] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 000000008000fff5 [ 1050.923730][T24824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1050.923757][T24824] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1050.923803][T24824] [ 1051.176116][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1051.176116][ T13] [ 1051.193554][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 999 with max blocks 24 with error 117 [ 1051.216338][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1051.216338][ T13] [ 1052.097780][T24839] netlink: 126 bytes leftover after parsing attributes in process `syz.1.6588'. [ 1052.131672][T24839] netlink: 298 bytes leftover after parsing attributes in process `syz.1.6588'. [ 1052.279069][T24844] netlink: 'syz.6.6591': attribute type 27 has an invalid length. [ 1052.298832][T24844] netlink: 146 bytes leftover after parsing attributes in process `syz.6.6591'. [ 1053.407462][T24863] random: crng reseeded on system resumption [ 1053.977399][T24873] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6602'. [ 1054.014295][T24873] : renamed from vlan0 (while UP) [ 1054.048812][T24873] : entered allmulticast mode [ 1054.057839][T24873] veth0_vlan: entered allmulticast mode [ 1054.489218][T24889] FAULT_INJECTION: forcing a failure. [ 1054.489218][T24889] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1054.522420][T24889] CPU: 1 UID: 0 PID: 24889 Comm: syz.5.6607 Tainted: G I syzkaller #0 PREEMPT(full) [ 1054.522479][T24889] Tainted: [I]=FIRMWARE_WORKAROUND [ 1054.522493][T24889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1054.522514][T24889] Call Trace: [ 1054.522526][T24889] [ 1054.522539][T24889] dump_stack_lvl+0x16c/0x1f0 [ 1054.522586][T24889] should_fail_ex+0x512/0x640 [ 1054.522644][T24889] _copy_from_iter+0x29f/0x1720 [ 1054.522703][T24889] ? __build_skb_around+0x278/0x3b0 [ 1054.522753][T24889] ? __pfx__copy_from_iter+0x10/0x10 [ 1054.522807][T24889] ? __pfx___alloc_skb+0x10/0x10 [ 1054.522859][T24889] ? aa_af_perm+0x1e0/0x240 [ 1054.522891][T24889] ? import_ubuf+0x1b6/0x220 [ 1054.522952][T24889] pfkey_sendmsg+0x1d1/0x850 [ 1054.523002][T24889] ____sys_sendmsg+0xa98/0xc70 [ 1054.523048][T24889] ? copy_msghdr_from_user+0x10a/0x160 [ 1054.523081][T24889] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1054.523122][T24889] ? preempt_schedule_thunk+0x16/0x30 [ 1054.523186][T24889] ? try_to_wake_up+0xa67/0x1870 [ 1054.523229][T24889] ___sys_sendmsg+0x134/0x1d0 [ 1054.523261][T24889] ? find_held_lock+0x2b/0x80 [ 1054.523299][T24889] ? __pfx____sys_sendmsg+0x10/0x10 [ 1054.523330][T24889] ? __lock_acquire+0x622/0x1c90 [ 1054.523440][T24889] __sys_sendmsg+0x16d/0x220 [ 1054.523478][T24889] ? __pfx___sys_sendmsg+0x10/0x10 [ 1054.523512][T24889] ? __x64_sys_futex+0x1e0/0x4c0 [ 1054.523585][T24889] do_syscall_64+0xcd/0xfa0 [ 1054.523630][T24889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1054.523665][T24889] RIP: 0033:0x7f3b94d8f749 [ 1054.523693][T24889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1054.523729][T24889] RSP: 002b:00007f3b92ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1054.523761][T24889] RAX: ffffffffffffffda RBX: 00007f3b94fe6090 RCX: 00007f3b94d8f749 [ 1054.523783][T24889] RDX: 0000000000040000 RSI: 0000200000001640 RDI: 0000000000000004 [ 1054.523804][T24889] RBP: 00007f3b94e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1054.523824][T24889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1054.523843][T24889] R13: 00007f3b94fe6128 R14: 00007f3b94fe6090 R15: 00007ffe9b9204b8 [ 1054.523889][T24889] [ 1054.760282][T24894] futex_wake_op: syz.6.6605 tries to shift op by -9; fix this program [ 1056.067497][T24913] sp0: Synchronizing with TNC [ 1056.442319][T24921] FAULT_INJECTION: forcing a failure. [ 1056.442319][T24921] name failslab, interval 1, probability 393216, space 0, times 0 [ 1056.511562][T24921] CPU: 1 UID: 0 PID: 24921 Comm: syz.1.6619 Tainted: G I syzkaller #0 PREEMPT(full) [ 1056.511618][T24921] Tainted: [I]=FIRMWARE_WORKAROUND [ 1056.511631][T24921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1056.511651][T24921] Call Trace: [ 1056.511663][T24921] [ 1056.511677][T24921] dump_stack_lvl+0x16c/0x1f0 [ 1056.511726][T24921] should_fail_ex+0x512/0x640 [ 1056.511776][T24921] ? fs_reclaim_acquire+0xae/0x150 [ 1056.511825][T24921] should_failslab+0xc2/0x120 [ 1056.511872][T24921] __kmalloc_noprof+0xdd/0x880 [ 1056.511927][T24921] ? tomoyo_encode2+0x100/0x3e0 [ 1056.511972][T24921] ? tomoyo_encode2+0x100/0x3e0 [ 1056.512008][T24921] tomoyo_encode2+0x100/0x3e0 [ 1056.512051][T24921] tomoyo_encode+0x29/0x50 [ 1056.512087][T24921] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1056.512140][T24921] tomoyo_get_exe+0x63/0xa0 [ 1056.512191][T24921] tomoyo_write_control+0x689/0x1430 [ 1056.512264][T24921] ? __pfx_tomoyo_write_control+0x10/0x10 [ 1056.512328][T24921] ? __pfx_tomoyo_write+0x10/0x10 [ 1056.512367][T24921] vfs_write+0x2a0/0x11d0 [ 1056.512412][T24921] ? __pfx___mutex_lock+0x10/0x10 [ 1056.512457][T24921] ? __pfx_vfs_write+0x10/0x10 [ 1056.512507][T24921] ? __fget_files+0x20e/0x3c0 [ 1056.512555][T24921] ksys_write+0x12a/0x250 [ 1056.512593][T24921] ? __pfx_ksys_write+0x10/0x10 [ 1056.512643][T24921] do_syscall_64+0xcd/0xfa0 [ 1056.512688][T24921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1056.512722][T24921] RIP: 0033:0x7f526b58f749 [ 1056.512748][T24921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1056.512781][T24921] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1056.512814][T24921] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1056.512837][T24921] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 1056.512857][T24921] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 1056.512878][T24921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1056.512898][T24921] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1056.512945][T24921] [ 1056.739253][T24921] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1057.156532][T24942] futex_wake_op: syz.5.6620 tries to shift op by -9; fix this program [ 1057.272833][T24947] netlink: 186 bytes leftover after parsing attributes in process `syz.1.6625'. [ 1057.284229][T24947] netlink: 186 bytes leftover after parsing attributes in process `syz.1.6625'. [ 1057.635784][T24953] netlink: 334 bytes leftover after parsing attributes in process `syz.6.6638'. [ 1058.061043][T24963] input: f¬ as /devices/virtual/input/input20 [ 1058.135065][ T5183] ERROR: Out of memory at tomoyo_memory_ok. [ 1059.151242][T24979] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 974 with max blocks 49 with error 117 [ 1059.194079][T24979] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1059.194079][T24979] [ 1060.641878][T25013] FAULT_INJECTION: forcing a failure. [ 1060.641878][T25013] name failslab, interval 1, probability 393216, space 0, times 0 [ 1060.655420][T25013] CPU: 1 UID: 0 PID: 25013 Comm: syz.1.6647 Tainted: G I syzkaller #0 PREEMPT(full) [ 1060.655478][T25013] Tainted: [I]=FIRMWARE_WORKAROUND [ 1060.655492][T25013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1060.655514][T25013] Call Trace: [ 1060.655526][T25013] [ 1060.655540][T25013] dump_stack_lvl+0x16c/0x1f0 [ 1060.655599][T25013] should_fail_ex+0x512/0x640 [ 1060.655648][T25013] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1060.655690][T25013] should_failslab+0xc2/0x120 [ 1060.655734][T25013] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1060.655770][T25013] ? __alloc_skb+0x2b2/0x380 [ 1060.655829][T25013] ? __alloc_skb+0x2b2/0x380 [ 1060.655879][T25013] __alloc_skb+0x2b2/0x380 [ 1060.655931][T25013] ? __pfx___alloc_skb+0x10/0x10 [ 1060.655991][T25013] ? aa_label_sk_perm+0x195/0x600 [ 1060.656034][T25013] alloc_skb_with_frags+0xe0/0x860 [ 1060.656084][T25013] sock_alloc_send_pskb+0x7f9/0x980 [ 1060.656135][T25013] ? lock_acquire+0x179/0x350 [ 1060.656195][T25013] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1060.656249][T25013] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1060.656290][T25013] ? rcu_is_watching+0x12/0xc0 [ 1060.656337][T25013] caif_stream_sendmsg+0x43a/0x7f0 [ 1060.656394][T25013] ? __pfx_caif_stream_sendmsg+0x10/0x10 [ 1060.656438][T25013] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1060.656496][T25013] sock_write_iter+0x566/0x610 [ 1060.656540][T25013] ? __pfx_sock_write_iter+0x10/0x10 [ 1060.656608][T25013] ? __futex_wait+0x24b/0x2f0 [ 1060.656640][T25013] ? copy_iovec_from_user+0x131/0x170 [ 1060.656697][T25013] do_iter_readv_writev+0x662/0x9e0 [ 1060.656735][T25013] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1060.656777][T25013] ? bpf_lsm_file_permission+0x9/0x10 [ 1060.656817][T25013] ? security_file_permission+0x71/0x210 [ 1060.656857][T25013] ? rw_verify_area+0xcf/0x6c0 [ 1060.656892][T25013] vfs_writev+0x35f/0xde0 [ 1060.656937][T25013] ? __pfx_vfs_writev+0x10/0x10 [ 1060.657002][T25013] ? __fget_files+0x20e/0x3c0 [ 1060.657047][T25013] ? do_writev+0x28c/0x340 [ 1060.657078][T25013] do_writev+0x28c/0x340 [ 1060.657112][T25013] ? __pfx_do_writev+0x10/0x10 [ 1060.657158][T25013] do_syscall_64+0xcd/0xfa0 [ 1060.657203][T25013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1060.657237][T25013] RIP: 0033:0x7f526b58f749 [ 1060.657265][T25013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1060.657298][T25013] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1060.657331][T25013] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1060.657353][T25013] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 1060.657373][T25013] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 1060.657393][T25013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1060.657412][T25013] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1060.657457][T25013] [ 1061.390929][T25020] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6651'. [ 1061.418710][T25021] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6653'. [ 1061.430448][T25020] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6651'. [ 1062.075673][T25039] FAULT_INJECTION: forcing a failure. [ 1062.075673][T25039] name failslab, interval 1, probability 393216, space 0, times 0 [ 1062.092214][T25039] CPU: 0 UID: 0 PID: 25039 Comm: syz.6.6657 Tainted: G I syzkaller #0 PREEMPT(full) [ 1062.092294][T25039] Tainted: [I]=FIRMWARE_WORKAROUND [ 1062.092308][T25039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1062.092329][T25039] Call Trace: [ 1062.092340][T25039] [ 1062.092354][T25039] dump_stack_lvl+0x16c/0x1f0 [ 1062.092404][T25039] should_fail_ex+0x512/0x640 [ 1062.092457][T25039] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1062.092499][T25039] should_failslab+0xc2/0x120 [ 1062.092547][T25039] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1062.092584][T25039] ? __alloc_skb+0x2b2/0x380 [ 1062.092646][T25039] ? __alloc_skb+0x2b2/0x380 [ 1062.092697][T25039] __alloc_skb+0x2b2/0x380 [ 1062.092760][T25039] ? __pfx___alloc_skb+0x10/0x10 [ 1062.092813][T25039] ? skb_page_frag_refill+0x100/0x5c0 [ 1062.092856][T25039] ? sk_page_frag_refill+0x6c/0x2f0 [ 1062.092901][T25039] kcm_sendmsg+0x611/0x2ca0 [ 1062.092958][T25039] ? __pfx_kcm_sendmsg+0x10/0x10 [ 1062.092993][T25039] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1062.093044][T25039] sock_sendmsg+0x3cc/0x470 [ 1062.093086][T25039] ? __pfx_sock_sendmsg+0x10/0x10 [ 1062.093122][T25039] ? ktime_get_coarse_real_ts64_mg+0x1d4/0x300 [ 1062.093197][T25039] splice_to_socket+0xaf4/0x1110 [ 1062.093263][T25039] ? __pfx_splice_to_socket+0x10/0x10 [ 1062.093357][T25039] ? lockdep_init_map_type+0x5c/0x280 [ 1062.093410][T25039] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1062.093449][T25039] ? __pfx_splice_to_socket+0x10/0x10 [ 1062.093485][T25039] direct_splice_actor+0x192/0x6c0 [ 1062.093526][T25039] splice_direct_to_actor+0x345/0xa30 [ 1062.093562][T25039] ? __pfx_direct_splice_actor+0x10/0x10 [ 1062.093599][T25039] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1062.093632][T25039] ? lock_acquire+0x179/0x350 [ 1062.093690][T25039] do_splice_direct+0x174/0x240 [ 1062.093719][T25039] ? __pfx_do_splice_direct+0x10/0x10 [ 1062.093762][T25039] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1062.093811][T25039] ? bpf_lsm_file_permission+0x9/0x10 [ 1062.093846][T25039] ? security_file_permission+0x71/0x210 [ 1062.093879][T25039] ? rw_verify_area+0xcf/0x6c0 [ 1062.093910][T25039] do_sendfile+0xb06/0xe50 [ 1062.093946][T25039] ? __pfx_do_sendfile+0x10/0x10 [ 1062.093981][T25039] ? __x64_sys_futex+0x1e0/0x4c0 [ 1062.094020][T25039] ? __x64_sys_futex+0x1e9/0x4c0 [ 1062.094062][T25039] __x64_sys_sendfile64+0x1d8/0x220 [ 1062.094101][T25039] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1062.094151][T25039] do_syscall_64+0xcd/0xfa0 [ 1062.094190][T25039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1062.094220][T25039] RIP: 0033:0x7f4d1018f749 [ 1062.094244][T25039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1062.094276][T25039] RSP: 002b:00007f4d10f40038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1062.094306][T25039] RAX: ffffffffffffffda RBX: 00007f4d103e5fa0 RCX: 00007f4d1018f749 [ 1062.094327][T25039] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 1062.094347][T25039] RBP: 00007f4d10213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1062.094365][T25039] R10: 000000007ffff011 R11: 0000000000000246 R12: 0000000000000000 [ 1062.094385][T25039] R13: 00007f4d103e6038 R14: 00007f4d103e5fa0 R15: 00007fff064b6a08 [ 1062.094431][T25039] [ 1062.481532][T25043] ERROR: Out of memory at tomoyo_memory_ok. [ 1062.632571][T25036] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 981 with max blocks 42 with error 117 [ 1062.661841][T25036] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1062.661841][T25036] [ 1062.694915][T25045] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 978 with max blocks 45 with error 117 [ 1062.801091][T25045] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1062.801091][T25045] [ 1063.132770][T25058] netlink: 13 bytes leftover after parsing attributes in process `syz.1.6664'. [ 1063.407305][ T30] audit: type=1800 audit(8277292072.133:20): pid=25069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6677" name="features" dev="configfs" ino=112524 res=0 errno=0 [ 1063.899412][T25077] netlink: 'syz.5.6673': attribute type 27 has an invalid length. [ 1063.913975][T25077] netlink: 146 bytes leftover after parsing attributes in process `syz.5.6673'. [ 1064.352123][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1064.359144][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1065.114954][T25092] FAULT_INJECTION: forcing a failure. [ 1065.114954][T25092] name failslab, interval 1, probability 393216, space 0, times 0 [ 1065.128606][T25092] CPU: 0 UID: 0 PID: 25092 Comm: syz.5.6675 Tainted: G I syzkaller #0 PREEMPT(full) [ 1065.128660][T25092] Tainted: [I]=FIRMWARE_WORKAROUND [ 1065.128674][T25092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1065.128694][T25092] Call Trace: [ 1065.128707][T25092] [ 1065.128721][T25092] dump_stack_lvl+0x16c/0x1f0 [ 1065.128769][T25092] should_fail_ex+0x512/0x640 [ 1065.128818][T25092] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1065.128859][T25092] should_failslab+0xc2/0x120 [ 1065.128905][T25092] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1065.128940][T25092] ? __alloc_skb+0x2b2/0x380 [ 1065.129002][T25092] ? __alloc_skb+0x2b2/0x380 [ 1065.129050][T25092] __alloc_skb+0x2b2/0x380 [ 1065.129099][T25092] ? __pfx___alloc_skb+0x10/0x10 [ 1065.129151][T25092] ? skb_page_frag_refill+0x100/0x5c0 [ 1065.129199][T25092] ? sk_page_frag_refill+0x6c/0x2f0 [ 1065.129250][T25092] kcm_sendmsg+0x611/0x2ca0 [ 1065.129313][T25092] ? __pfx_kcm_sendmsg+0x10/0x10 [ 1065.129354][T25092] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1065.129419][T25092] sock_sendmsg+0x3cc/0x470 [ 1065.129466][T25092] ? __pfx_sock_sendmsg+0x10/0x10 [ 1065.129507][T25092] ? ktime_get_coarse_real_ts64_mg+0x1d4/0x300 [ 1065.129589][T25092] splice_to_socket+0xaf4/0x1110 [ 1065.129655][T25092] ? __pfx_splice_to_socket+0x10/0x10 [ 1065.129746][T25092] ? lockdep_init_map_type+0x5c/0x280 [ 1065.129796][T25092] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1065.129833][T25092] ? __pfx_splice_to_socket+0x10/0x10 [ 1065.129872][T25092] direct_splice_actor+0x192/0x6c0 [ 1065.129912][T25092] splice_direct_to_actor+0x345/0xa30 [ 1065.129949][T25092] ? __pfx_direct_splice_actor+0x10/0x10 [ 1065.129991][T25092] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1065.130027][T25092] ? futex_private_hash_put+0xd5/0x190 [ 1065.130072][T25092] do_splice_direct+0x174/0x240 [ 1065.130106][T25092] ? __pfx_do_splice_direct+0x10/0x10 [ 1065.130141][T25092] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1065.130198][T25092] ? bpf_lsm_file_permission+0x9/0x10 [ 1065.130239][T25092] ? security_file_permission+0x71/0x210 [ 1065.130276][T25092] ? rw_verify_area+0xcf/0x6c0 [ 1065.130311][T25092] do_sendfile+0xb06/0xe50 [ 1065.130353][T25092] ? __pfx_do_sendfile+0x10/0x10 [ 1065.130395][T25092] ? __x64_sys_futex+0x1e0/0x4c0 [ 1065.130447][T25092] ? __x64_sys_futex+0x1e9/0x4c0 [ 1065.130497][T25092] __x64_sys_sendfile64+0x1d8/0x220 [ 1065.130544][T25092] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1065.130603][T25092] do_syscall_64+0xcd/0xfa0 [ 1065.130648][T25092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.130681][T25092] RIP: 0033:0x7f3b94d8f749 [ 1065.130709][T25092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1065.130743][T25092] RSP: 002b:00007f3b95b47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1065.130777][T25092] RAX: ffffffffffffffda RBX: 00007f3b94fe5fa0 RCX: 00007f3b94d8f749 [ 1065.130798][T25092] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 1065.130817][T25092] RBP: 00007f3b94e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1065.130837][T25092] R10: 000000007ffff011 R11: 0000000000000246 R12: 0000000000000000 [ 1065.130857][T25092] R13: 00007f3b94fe6038 R14: 00007f3b94fe5fa0 R15: 00007ffe9b9204b8 [ 1065.130903][T25092] [ 1065.805829][T25097] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6679'. [ 1065.921809][T25097] netlink: 298 bytes leftover after parsing attributes in process `syz.1.6679'. [ 1066.413135][T25103] netlink: 'syz.5.6682': attribute type 10 has an invalid length. [ 1066.443962][T25103] netlink: 230 bytes leftover after parsing attributes in process `syz.5.6682'. [ 1067.031356][ T5148] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11 [ 1068.630235][T25128] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 990 with max blocks 33 with error 117 [ 1068.681664][T25128] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1068.681664][T25128] [ 1073.425138][T25204] random: crng reseeded on system resumption [ 1077.409175][T25227] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 1078.431129][T25235] random: crng reseeded on system resumption [ 1079.225045][T25245] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 965 with max blocks 58 with error 117 [ 1079.296804][T25245] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1079.296804][T25245] [ 1079.379848][T25251] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 991 with max blocks 32 with error 117 [ 1079.569910][T25251] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1079.569910][T25251] [ 1080.337213][T25264] netlink: zone id is out of range [ 1080.566384][T25262] netlink: set zone limit has 8 unknown bytes [ 1081.303278][T25278] FAULT_INJECTION: forcing a failure. [ 1081.303278][T25278] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1081.414752][T25278] CPU: 1 UID: 0 PID: 25278 Comm: syz.6.6733 Tainted: G I syzkaller #0 PREEMPT(full) [ 1081.414813][T25278] Tainted: [I]=FIRMWARE_WORKAROUND [ 1081.414828][T25278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1081.414850][T25278] Call Trace: [ 1081.414862][T25278] [ 1081.414876][T25278] dump_stack_lvl+0x16c/0x1f0 [ 1081.414930][T25278] should_fail_ex+0x512/0x640 [ 1081.414991][T25278] _copy_from_iter+0x29f/0x1720 [ 1081.415050][T25278] ? __build_skb_around+0x278/0x3b0 [ 1081.415103][T25278] ? __pfx__copy_from_iter+0x10/0x10 [ 1081.415160][T25278] ? __pfx___alloc_skb+0x10/0x10 [ 1081.415218][T25278] ? aa_af_perm+0x1e0/0x240 [ 1081.415257][T25278] ? import_ubuf+0x1b6/0x220 [ 1081.415322][T25278] pfkey_sendmsg+0x1d1/0x850 [ 1081.415374][T25278] ____sys_sendmsg+0xa98/0xc70 [ 1081.415421][T25278] ? copy_msghdr_from_user+0x10a/0x160 [ 1081.415457][T25278] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1081.415501][T25278] ? preempt_schedule_thunk+0x16/0x30 [ 1081.415567][T25278] ? try_to_wake_up+0xa67/0x1870 [ 1081.415613][T25278] ___sys_sendmsg+0x134/0x1d0 [ 1081.415655][T25278] ? find_held_lock+0x2b/0x80 [ 1081.415696][T25278] ? __pfx____sys_sendmsg+0x10/0x10 [ 1081.415729][T25278] ? __lock_acquire+0x622/0x1c90 [ 1081.415852][T25278] __sys_sendmsg+0x16d/0x220 [ 1081.415888][T25278] ? __pfx___sys_sendmsg+0x10/0x10 [ 1081.415923][T25278] ? __x64_sys_futex+0x1e0/0x4c0 [ 1081.415996][T25278] do_syscall_64+0xcd/0xfa0 [ 1081.416042][T25278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1081.416076][T25278] RIP: 0033:0x7f4d1018f749 [ 1081.416104][T25278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1081.416138][T25278] RSP: 002b:00007f4d0e3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1081.416190][T25278] RAX: ffffffffffffffda RBX: 00007f4d103e6090 RCX: 00007f4d1018f749 [ 1081.416213][T25278] RDX: 0000000000040000 RSI: 0000200000001640 RDI: 0000000000000004 [ 1081.416234][T25278] RBP: 00007f4d10213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1081.416254][T25278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1081.416276][T25278] R13: 00007f4d103e6128 R14: 00007f4d103e6090 R15: 00007fff064b6a08 [ 1081.416323][T25278] [ 1081.478574][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1461 with max blocks 7 with error 117 [ 1081.775258][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1081.775258][ T12] [ 1081.786470][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1462 with max blocks 3 with error 117 [ 1081.800179][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1081.800179][ T12] [ 1081.843149][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1001 with max blocks 22 with error 117 [ 1081.941065][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1081.941065][ T12] [ 1082.982808][T25299] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6740'. [ 1083.773539][T25313] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6745'. [ 1087.931713][T25388] netlink: 'syz.1.6769': attribute type 28 has an invalid length. [ 1088.012816][T25388] netlink: 'syz.1.6769': attribute type 3 has an invalid length. [ 1088.049092][T25388] netlink: 306 bytes leftover after parsing attributes in process `syz.1.6769'. [ 1088.433927][T25396] FAULT_INJECTION: forcing a failure. [ 1088.433927][T25396] name failslab, interval 1, probability 393216, space 0, times 0 [ 1088.480757][T25396] CPU: 0 UID: 0 PID: 25396 Comm: syz.1.6772 Tainted: G I syzkaller #0 PREEMPT(full) [ 1088.480813][T25396] Tainted: [I]=FIRMWARE_WORKAROUND [ 1088.480828][T25396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1088.480848][T25396] Call Trace: [ 1088.480859][T25396] [ 1088.480873][T25396] dump_stack_lvl+0x16c/0x1f0 [ 1088.480921][T25396] should_fail_ex+0x512/0x640 [ 1088.480981][T25396] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1088.481030][T25396] should_failslab+0xc2/0x120 [ 1088.481078][T25396] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1088.481120][T25396] ? __kthread_create_on_node+0x186/0x3f0 [ 1088.481172][T25396] ? kvasprintf+0xbc/0x160 [ 1088.481201][T25396] kvasprintf+0xbc/0x160 [ 1088.481233][T25396] ? __pfx_kvasprintf+0x10/0x10 [ 1088.481278][T25396] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 1088.481309][T25396] __kthread_create_on_node+0x186/0x3f0 [ 1088.481357][T25396] ? __pfx___kthread_create_on_node+0x10/0x10 [ 1088.481425][T25396] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 1088.481460][T25396] kthread_create_on_node+0xc7/0x100 [ 1088.481506][T25396] ? __pfx_kthread_create_on_node+0x10/0x10 [ 1088.481550][T25396] ? kasan_quarantine_put+0x10a/0x240 [ 1088.481593][T25396] ? find_held_lock+0x2b/0x80 [ 1088.481630][T25396] ? tomoyo_notify_gc+0xc6/0x470 [ 1088.481670][T25396] tomoyo_notify_gc+0xea/0x470 [ 1088.481699][T25396] ? ima_iint_find+0xea/0x130 [ 1088.481746][T25396] ? __pfx_tomoyo_release+0x10/0x10 [ 1088.481785][T25396] tomoyo_release+0x31/0x40 [ 1088.481821][T25396] __fput+0x402/0xb70 [ 1088.481876][T25396] task_work_run+0x150/0x240 [ 1088.481929][T25396] ? __pfx_task_work_run+0x10/0x10 [ 1088.482012][T25396] ? __pfx___do_sys_close_range+0x10/0x10 [ 1088.482060][T25396] exit_to_user_mode_loop+0xec/0x130 [ 1088.482113][T25396] do_syscall_64+0x426/0xfa0 [ 1088.482156][T25396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1088.482189][T25396] RIP: 0033:0x7f526b58f749 [ 1088.482216][T25396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1088.482250][T25396] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1088.482283][T25396] RAX: 0000000000000000 RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1088.482304][T25396] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 1088.482324][T25396] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 1088.482344][T25396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1088.482363][T25396] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1088.482407][T25396] [ 1090.561347][T25413] EXT4-fs: 2 callbacks suppressed [ 1090.561375][T25413] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 992 with max blocks 7 with error 117 [ 1090.610414][T25413] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1090.610414][T25413] [ 1091.688243][T25430] zswap: compressor not available [ 1092.602561][T25444] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1093.441545][T25457] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6790'. [ 1093.987561][ T5148] Bluetooth: hci2: unexpected event 0x06 length: 439 > 3 [ 1095.201563][T25472] netlink: 62 bytes leftover after parsing attributes in process `syz.5.6796'. [ 1095.492992][T25481] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1096.135144][T25491] FAULT_INJECTION: forcing a failure. [ 1096.135144][T25491] name failslab, interval 1, probability 393216, space 0, times 0 [ 1096.198909][T25491] CPU: 1 UID: 0 PID: 25491 Comm: syz.1.6805 Tainted: G I syzkaller #0 PREEMPT(full) [ 1096.198964][T25491] Tainted: [I]=FIRMWARE_WORKAROUND [ 1096.198978][T25491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1096.198998][T25491] Call Trace: [ 1096.199009][T25491] [ 1096.199023][T25491] dump_stack_lvl+0x16c/0x1f0 [ 1096.199071][T25491] should_fail_ex+0x512/0x640 [ 1096.199126][T25491] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1096.199167][T25491] should_failslab+0xc2/0x120 [ 1096.199213][T25491] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1096.199259][T25491] ? __might_fault+0xe3/0x190 [ 1096.199292][T25491] ? __do_sys_getcwd+0xe0/0x930 [ 1096.199346][T25491] ? __do_sys_getcwd+0xe0/0x930 [ 1096.199392][T25491] __do_sys_getcwd+0xe0/0x930 [ 1096.199435][T25491] ? rcu_is_watching+0x12/0xc0 [ 1096.199475][T25491] ? blkcg_maybe_throttle_current+0x650/0xf30 [ 1096.199521][T25491] ? __pfx___do_sys_getcwd+0x10/0x10 [ 1096.199566][T25491] ? __pfx___rseq_handle_notify_resume+0x10/0x10 [ 1096.199609][T25491] ? xfd_validate_state+0x61/0x180 [ 1096.199656][T25491] ? __pfx_do_writev+0x10/0x10 [ 1096.199705][T25491] do_syscall_64+0xcd/0xfa0 [ 1096.199751][T25491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1096.199785][T25491] RIP: 0033:0x7f526b58f749 [ 1096.199813][T25491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1096.199848][T25491] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 1096.199881][T25491] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1096.199904][T25491] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 1096.199925][T25491] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 1096.199947][T25491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1096.199968][T25491] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1096.200014][T25491] [ 1097.050332][T25502] netlink: zone id is out of range [ 1097.076501][T25499] netlink: set zone limit has 8 unknown bytes [ 1097.120263][T25488] Invalid ELF header magic: != ELF [ 1097.930932][T25507] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1099.615035][T25529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 1099.647014][T25529] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1099.687686][T25529] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1099.698173][T25529] page_type: f5(slab) [ 1099.726678][T25529] raw: 00fff00000000040 ffff888140a94140 dead000000000122 0000000000000000 [ 1099.757353][T25529] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000 [ 1099.787999][T25529] head: 00fff00000000040 ffff888140a94140 dead000000000122 0000000000000000 [ 1099.817326][T25529] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000 [ 1099.839866][T25529] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 1099.886873][T25529] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1099.916635][T25529] page dumped because: unmovable page [ 1099.932358][T25529] page_owner tracks the page as allocated [ 1099.949191][ T5180] ERROR: Out of memory at tomoyo_memory_ok. [ 1099.955959][T25529] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5201, tgid 5201 (udevd), ts 68627967350, free_ts 68609006553 [ 1100.026179][T25529] post_alloc_hook+0x1af/0x220 [ 1100.046275][T25529] get_page_from_freelist+0x10a3/0x3a30 [ 1100.066441][T25529] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 1100.082757][T25529] alloc_pages_mpol+0x1fb/0x550 [ 1100.093380][T25529] new_slab+0x24a/0x360 [ 1100.105686][T25529] ___slab_alloc+0xd79/0x1a50 [ 1100.125603][T25529] __slab_alloc.constprop.0+0x63/0x110 [ 1100.164876][T25529] kmem_cache_alloc_lru_noprof+0x443/0x6e0 [ 1100.175334][T25529] shmem_alloc_inode+0x25/0x50 [ 1100.205281][T25529] alloc_inode+0x64/0x240 [ 1100.215345][T25529] new_inode+0x22/0x1c0 [ 1100.275044][T25529] shmem_get_inode+0x19a/0xfb0 [ 1100.279949][T25529] shmem_mknod+0x1a8/0x450 [ 1100.284441][T25529] lookup_open.isra.0+0x11d3/0x1580 [ 1100.343179][T25529] path_openat+0x893/0x2cb0 [ 1100.354508][T25529] do_filp_open+0x20b/0x470 [ 1100.369650][T25529] page last free pid 5208 tgid 5208 stack trace: [ 1100.394437][T25529] __free_frozen_pages+0x7df/0x1160 [ 1100.435111][T25529] __put_partials+0x130/0x170 [ 1100.439905][T25529] qlist_free_all+0x4d/0x120 [ 1100.473595][T25529] kasan_quarantine_reduce+0x195/0x1e0 [ 1100.489750][T25529] __kasan_slab_alloc+0x69/0x90 [ 1100.522585][T25529] kmem_cache_alloc_noprof+0x250/0x6e0 [ 1100.528484][T25529] getname_flags.part.0+0x4c/0x550 [ 1100.554674][T25529] getname_flags+0x93/0xf0 [ 1100.559384][T25529] __x64_sys_rename+0x58/0xa0 [ 1100.583474][T25529] do_syscall_64+0xcd/0xfa0 [ 1100.588289][T25529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1102.276892][T25551] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 1102.447088][T25556] netlink: 25 bytes leftover after parsing attributes in process `syz.1.6826'. [ 1104.574839][ T30] audit: type=1806 audit(8277292113.487:21): xattr="." res=0 [ 1105.140066][T25582] zswap: compressor not available [ 1105.203592][T25597] Invalid ELF header magic: != ELF [ 1105.349546][T25587] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6836'. [ 1105.481298][T25587] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1105.549491][T25587] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1105.705701][T25587] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1105.729518][T25587] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1109.352524][T25645] zswap: compressor not available [ 1110.040337][T25659] futex_wake_op: syz.1.6855 tries to shift op by -2048; fix this program [ 1110.062153][T25659] futex_wake_op: syz.1.6855 tries to shift op by -2048; fix this program [ 1112.068270][T25684] netlink: 'syz.5.6863': attribute type 10 has an invalid length. [ 1112.071314][T25682] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6862'. [ 1112.108949][T25682] netlink: 25 bytes leftover after parsing attributes in process `syz.3.6862'. [ 1112.139209][T25684] netlink: 230 bytes leftover after parsing attributes in process `syz.5.6863'. [ 1112.150901][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 984 with max blocks 39 with error 117 [ 1112.170090][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1112.170090][ T12] [ 1112.193635][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 992 with max blocks 31 with error 117 [ 1112.216750][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1112.216750][ T12] [ 1112.229922][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1001 with max blocks 22 with error 117 [ 1112.280041][T25684] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 1112.461613][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1112.461613][ T12] [ 1112.522754][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1 with max blocks 1 with error 117 [ 1112.606985][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1112.606985][ T12] [ 1112.677608][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 999 with max blocks 24 with error 117 [ 1112.708204][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1112.708204][ T12] [ 1114.025778][T25693] kexec: Could not allocate control_code_buffer [ 1115.460051][T25720] zswap: compressor not available [ 1116.285976][T25745] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.6881: iget: checksum invalid [ 1116.301406][T25745] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1116.346811][T25745] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.6881: iget: checksum invalid [ 1116.430306][T25745] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1116.475654][T25745] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.6881: iget: checksum invalid [ 1116.549095][T25745] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1116.599564][T25745] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.6881: iget: checksum invalid [ 1116.693215][T25745] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1116.799722][T25745] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1116.827226][T25745] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1118.320370][T25768] zswap: compressor not available [ 1118.886910][T25787] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6894'. [ 1121.148585][T25818] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 1 with max blocks 1 with error 117 [ 1121.163771][T25818] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1121.163771][T25818] [ 1121.595004][T25822] Invalid ELF header magic: != ELF [ 1123.908989][T25860] netlink: 'syz.3.6914': attribute type 10 has an invalid length. [ 1123.929384][T25860] netlink: 'syz.3.6914': attribute type 13 has an invalid length. [ 1125.289334][T25885] FAULT_INJECTION: forcing a failure. [ 1125.289334][T25885] name failslab, interval 1, probability 393216, space 0, times 0 [ 1125.501669][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1125.508936][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1125.521507][T25885] CPU: 0 UID: 0 PID: 25885 Comm: syz.1.6924 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 1125.521579][T25885] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1125.521596][T25885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1125.521611][T25885] Call Trace: [ 1125.521619][T25885] [ 1125.521629][T25885] dump_stack_lvl+0x16c/0x1f0 [ 1125.521665][T25885] should_fail_ex+0x512/0x640 [ 1125.521704][T25885] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1125.521734][T25885] should_failslab+0xc2/0x120 [ 1125.521768][T25885] __kmalloc_cache_noprof+0x72/0x780 [ 1125.521793][T25885] ? drm_atomic_helper_setup_commit+0x8d7/0x15d0 [ 1125.521837][T25885] ? drm_atomic_helper_setup_commit+0x8d7/0x15d0 [ 1125.521874][T25885] drm_atomic_helper_setup_commit+0x8d7/0x15d0 [ 1125.521924][T25885] drm_atomic_helper_commit+0xa9/0x380 [ 1125.521980][T25885] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 1125.522018][T25885] drm_atomic_commit+0x234/0x300 [ 1125.522056][T25885] ? __pfx_drm_atomic_commit+0x10/0x10 [ 1125.522093][T25885] ? __pfx___drm_printfn_info+0x10/0x10 [ 1125.522124][T25885] ? drm_client_rotation+0x4da/0x6a0 [ 1125.522168][T25885] drm_client_modeset_commit_atomic+0x69d/0x7e0 [ 1125.522218][T25885] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1125.522259][T25885] ? rcu_is_watching+0x12/0xc0 [ 1125.522315][T25885] drm_client_modeset_commit_locked+0x14d/0x580 [ 1125.522360][T25885] drm_client_modeset_commit+0x4f/0x80 [ 1125.522401][T25885] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 1125.522441][T25885] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1125.522481][T25885] drm_fbdev_client_restore+0x2c/0x40 [ 1125.522516][T25885] drm_client_dev_restore+0x1f6/0x2a0 [ 1125.522560][T25885] drm_release+0x2c4/0x360 [ 1125.522612][T25885] ? __pfx_drm_release+0x10/0x10 [ 1125.522658][T25885] __fput+0x402/0xb70 [ 1125.522707][T25885] task_work_run+0x150/0x240 [ 1125.522750][T25885] ? __pfx_task_work_run+0x10/0x10 [ 1125.522791][T25885] ? __pfx___do_sys_close_range+0x10/0x10 [ 1125.522828][T25885] exit_to_user_mode_loop+0xec/0x130 [ 1125.522868][T25885] do_syscall_64+0x426/0xfa0 [ 1125.522902][T25885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1125.522928][T25885] RIP: 0033:0x7f526b58f749 [ 1125.522948][T25885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1125.522974][T25885] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1125.522998][T25885] RAX: 0000000000000000 RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1125.523015][T25885] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1125.523030][T25885] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 1125.523045][T25885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1125.523061][T25885] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1125.523095][T25885] [ 1129.154407][T25927] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1398 with max blocks 70 with error 117 [ 1129.181082][T25927] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1129.181082][T25927] [ 1130.493764][T25944] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6942'. [ 1132.003224][T25969] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.6946: iget: checksum invalid [ 1132.125698][T25969] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1132.195064][T25969] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.6946: iget: checksum invalid [ 1132.300849][T25969] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1132.384601][T25968] could not allocate digest TFM handle [ 1132.384939][T25969] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.6946: iget: checksum invalid [ 1132.494087][T25969] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1132.576726][T25969] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.6946: iget: checksum invalid [ 1132.742896][T25969] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1132.810301][T25969] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1132.951165][T25969] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1134.478040][T25994] netlink: 'syz.1.6955': attribute type 19 has an invalid length. [ 1134.516057][T25994] netlink: 226 bytes leftover after parsing attributes in process `syz.1.6955'. [ 1135.040547][T26010] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6960'. [ 1135.977591][T26019] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 974 with max blocks 49 with error 117 [ 1136.131720][T26016] sp0: Synchronizing with TNC [ 1136.156352][T26019] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1136.156352][T26019] [ 1136.952574][T26026] sp0: Synchronizing with TNC [ 1137.223943][T26031] FAULT_INJECTION: forcing a failure. [ 1137.223943][T26031] name failslab, interval 1, probability 393216, space 0, times 0 [ 1137.244160][T26031] CPU: 0 UID: 0 PID: 26031 Comm: syz.1.6965 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 1137.244245][T26031] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1137.244269][T26031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1137.244290][T26031] Call Trace: [ 1137.244303][T26031] [ 1137.244318][T26031] dump_stack_lvl+0x16c/0x1f0 [ 1137.244374][T26031] should_fail_ex+0x512/0x640 [ 1137.244437][T26031] ? __kmalloc_noprof+0xca/0x880 [ 1137.244498][T26031] should_failslab+0xc2/0x120 [ 1137.244546][T26031] __kmalloc_noprof+0xdd/0x880 [ 1137.244602][T26031] ? trace_parser_get_init+0x30/0xc0 [ 1137.244648][T26031] ? trace_parser_get_init+0x30/0xc0 [ 1137.244680][T26031] trace_parser_get_init+0x30/0xc0 [ 1137.244716][T26031] ftrace_event_write+0x177/0x2c0 [ 1137.244760][T26031] ? __pfx_ftrace_event_write+0x10/0x10 [ 1137.244867][T26031] ? __pfx_ftrace_event_write+0x10/0x10 [ 1137.244909][T26031] vfs_writev+0x5df/0xde0 [ 1137.244961][T26031] ? __pfx_vfs_writev+0x10/0x10 [ 1137.244993][T26031] ? __mutex_lock+0x1c5/0x1060 [ 1137.245050][T26031] ? __pfx___mutex_lock+0x10/0x10 [ 1137.245111][T26031] ? __fget_files+0x20e/0x3c0 [ 1137.245157][T26031] ? do_writev+0x132/0x340 [ 1137.245189][T26031] do_writev+0x132/0x340 [ 1137.245225][T26031] ? __pfx_do_writev+0x10/0x10 [ 1137.245270][T26031] do_syscall_64+0xcd/0xfa0 [ 1137.245320][T26031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1137.245354][T26031] RIP: 0033:0x7f526b58f749 [ 1137.245381][T26031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1137.245415][T26031] RSP: 002b:00007f526c34f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1137.245449][T26031] RAX: ffffffffffffffda RBX: 00007f526b7e5fa0 RCX: 00007f526b58f749 [ 1137.245471][T26031] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 1137.245491][T26031] RBP: 00007f526b613f91 R08: 0000000000000000 R09: 0000000000000000 [ 1137.245510][T26031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1137.245528][T26031] R13: 00007f526b7e6038 R14: 00007f526b7e5fa0 R15: 00007ffcc4acaa98 [ 1137.245571][T26031] [ 1139.626151][T26064] netlink: 246 bytes leftover after parsing attributes in process `syz.3.6974'. [ 1140.424958][T26075] sp0: Synchronizing with TNC [ 1141.988624][T26108] netlink: 'syz.1.6993': attribute type 11 has an invalid length. [ 1142.855403][T24264] Bluetooth: hci0: command 0x0406 tx timeout [ 1142.905287][T26115] [U] [ 1142.908187][T26115] [U] [ 1142.910979][T26115] [U] [ 1142.913746][T26115] [U] [ 1142.972624][T26115] [U] [ 1142.975454][T26115] [U] [ 1142.978220][T26115] [U] [ 1142.981291][T26115] [U] [ 1143.004710][T26115] [U] [ 1143.007524][T26115] [U] [ 1143.010299][T26115] [U] [ 1143.013069][T26115] [U] [ 1143.017183][T16191] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 984 with max blocks 39 with error 117 [ 1143.060957][T16191] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1143.060957][T16191] [ 1143.085121][T16191] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 992 with max blocks 31 with error 117 [ 1143.109111][T16191] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1143.109111][T16191] [ 1143.163892][T16191] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1001 with max blocks 22 with error 117 [ 1143.206201][T16191] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1143.206201][T16191] [ 1143.246720][T16191] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1 with max blocks 1 with error 117 [ 1143.313481][T16191] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1143.313481][T16191] [ 1143.335678][T16191] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 999 with max blocks 24 with error 117 [ 1143.373356][T16191] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1143.373356][T16191] [ 1143.410748][T26114] [U] [ 1143.634712][T26133] Invalid ELF header magic: != ELF [ 1144.213056][T26144] netlink: 298 bytes leftover after parsing attributes in process `syz.3.7004'. [ 1144.757485][T26150] netlink: 306 bytes leftover after parsing attributes in process `syz.5.7007'. [ 1147.724467][T26191] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1148.810711][T26203] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 986 with max blocks 15 with error 117 [ 1148.824674][T26203] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1148.824674][T26203] [ 1152.453836][T26243] FAULT_INJECTION: forcing a failure. [ 1152.453836][T26243] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1152.549147][T26243] CPU: 0 UID: 0 PID: 26243 Comm: syz.5.7041 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 1152.549228][T26243] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1152.549250][T26243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1152.549269][T26243] Call Trace: [ 1152.549280][T26243] [ 1152.549293][T26243] dump_stack_lvl+0x16c/0x1f0 [ 1152.549338][T26243] should_fail_ex+0x512/0x640 [ 1152.549393][T26243] should_fail_alloc_page+0xe7/0x130 [ 1152.549439][T26243] prepare_alloc_pages+0x3c2/0x610 [ 1152.549480][T26243] ? is_bpf_text_address+0x94/0x1a0 [ 1152.549530][T26243] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1152.549563][T26243] ? arch_stack_walk+0xa6/0x100 [ 1152.549610][T26243] ? stack_trace_save+0x8e/0xc0 [ 1152.549647][T26243] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1152.549679][T26243] ? rcu_is_watching+0x12/0xc0 [ 1152.549723][T26243] ? kasan_save_track+0x14/0x30 [ 1152.549758][T26243] ? __kasan_slab_alloc+0x89/0x90 [ 1152.549794][T26243] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 1152.549841][T26243] ? __pmd_alloc+0xbf/0x8b0 [ 1152.549879][T26243] ? __handle_mm_fault+0xada/0x2aa0 [ 1152.549921][T26243] ? handle_mm_fault+0x589/0xd10 [ 1152.549962][T26243] ? __get_user_pages+0x54e/0x3530 [ 1152.550016][T26243] ? populate_vma_page_range+0x267/0x3f0 [ 1152.550059][T26243] ? __mm_populate+0x1d8/0x380 [ 1152.550099][T26243] ? vm_mmap_pgoff+0x37f/0x470 [ 1152.550134][T26243] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 1152.550169][T26243] ? __x64_sys_mmap+0x125/0x190 [ 1152.550212][T26243] ? do_syscall_64+0xcd/0xfa0 [ 1152.550249][T26243] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1152.550308][T26243] ? policy_nodemask+0xea/0x4e0 [ 1152.550352][T26243] alloc_pages_mpol+0x1fb/0x550 [ 1152.550395][T26243] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1152.550446][T26243] alloc_pages_noprof+0x131/0x390 [ 1152.550488][T26243] pte_alloc_one+0x1e/0x350 [ 1152.550522][T26243] __pte_alloc+0x6d/0x380 [ 1152.550558][T26243] ? __pfx___pte_alloc+0x10/0x10 [ 1152.550597][T26243] ? do_raw_spin_lock+0x12c/0x2b0 [ 1152.550647][T26243] do_pte_missing+0x282c/0x3ba0 [ 1152.550696][T26243] ? do_raw_spin_unlock+0x172/0x230 [ 1152.550724][T26243] ? _raw_spin_unlock+0x28/0x50 [ 1152.550754][T26243] ? __pmd_alloc+0x64f/0x8b0 [ 1152.550799][T26243] __handle_mm_fault+0x1556/0x2aa0 [ 1152.550857][T26243] ? __pfx___handle_mm_fault+0x10/0x10 [ 1152.550935][T26243] handle_mm_fault+0x589/0xd10 [ 1152.551034][T26243] __get_user_pages+0x54e/0x3530 [ 1152.551096][T26243] ? __pfx___get_user_pages+0x10/0x10 [ 1152.551148][T26243] populate_vma_page_range+0x267/0x3f0 [ 1152.551196][T26243] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1152.551240][T26243] ? __pfx_find_vma_intersection+0x10/0x10 [ 1152.551285][T26243] ? do_mmap+0x69c/0x1210 [ 1152.551327][T26243] __mm_populate+0x1d8/0x380 [ 1152.551371][T26243] ? __pfx___mm_populate+0x10/0x10 [ 1152.551417][T26243] ? up_write+0x1b2/0x520 [ 1152.551466][T26243] vm_mmap_pgoff+0x37f/0x470 [ 1152.551508][T26243] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1152.551556][T26243] ? __x64_sys_futex+0x1e0/0x4c0 [ 1152.551594][T26243] ? __x64_sys_futex+0x1e9/0x4c0 [ 1152.551640][T26243] ksys_mmap_pgoff+0x7d/0x5c0 [ 1152.551676][T26243] ? xfd_validate_state+0x61/0x180 [ 1152.551717][T26243] ? __pfx_ksys_write+0x10/0x10 [ 1152.551754][T26243] __x64_sys_mmap+0x125/0x190 [ 1152.551804][T26243] do_syscall_64+0xcd/0xfa0 [ 1152.551843][T26243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1152.551874][T26243] RIP: 0033:0x7f3b94d8f749 [ 1152.551900][T26243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1152.551930][T26243] RSP: 002b:00007f3b95b47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1152.551960][T26243] RAX: ffffffffffffffda RBX: 00007f3b94fe5fa0 RCX: 00007f3b94d8f749 [ 1152.551981][T26243] RDX: 00000000000000df RSI: 0000000000000008 RDI: 0000000000000000 [ 1152.552010][T26243] RBP: 00007f3b94e13f91 R08: 0000000000000002 R09: 0000000000008000 [ 1152.552030][T26243] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1152.552049][T26243] R13: 00007f3b94fe6038 R14: 00007f3b94fe5fa0 R15: 00007ffe9b9204b8 [ 1152.552090][T26243] [ 1153.888620][T26256] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7044'. [ 1153.954152][T26256] netlink: 25 bytes leftover after parsing attributes in process `syz.6.7044'. [ 1154.898920][T26274] netlink: 'syz.3.7050': attribute type 15 has an invalid length. [ 1154.898957][T26274] netlink: 'syz.3.7050': attribute type 16 has an invalid length. [ 1154.898979][T26274] netlink: 194 bytes leftover after parsing attributes in process `syz.3.7050'. [ 1155.834342][T26281] futex_wake_op: syz.1.7053 tries to shift op by -2048; fix this program [ 1156.005067][T26287] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7055'. [ 1156.161275][T26291] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7057'. [ 1156.325313][T26291] team0: Port device team_slave_0 removed [ 1157.917248][T26317] netlink: 186 bytes leftover after parsing attributes in process `syz.1.7066'. [ 1157.934178][T26317] netlink: 186 bytes leftover after parsing attributes in process `syz.1.7066'. [ 1158.937468][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 1159.332920][T26321] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1159.349698][T26321] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1159.397166][T26321] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1159.417517][T26321] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1159.440752][T26321] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1159.452888][T26321] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1159.483502][T26321] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1159.690593][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802a73e400: rx timeout, send abort [ 1159.721596][T26321] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1159.884943][T26335] netlink: 330 bytes leftover after parsing attributes in process `syz.6.7072'. [ 1159.998687][T26333] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 972 with max blocks 51 with error 117 [ 1160.011551][T26333] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1160.011551][T26333] [ 1160.196763][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802a73e400: abort rx timeout. Force session deactivation [ 1161.089884][ T5148] Bluetooth: hci1: command 0x0406 tx timeout [ 1161.414958][ T5148] Bluetooth: hci4: command 0x0c1a tx timeout [ 1161.415031][ T5148] Bluetooth: hci3: command 0x0c1a tx timeout [ 1161.487725][T24264] Bluetooth: hci2: command 0x0c1a tx timeout [ 1161.487984][ T5148] Bluetooth: hci0: command 0x0406 tx timeout [ 1161.680063][T26361] ima: policy update failed [ 1161.684872][ T30] audit: type=1802 audit(4294967338.744:22): pid=26361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.7082" res=0 errno=0 [ 1162.150085][T26367] netlink: 62 bytes leftover after parsing attributes in process `syz.6.7091'. [ 1163.557594][ T5148] Bluetooth: hci0: command 0x0406 tx timeout [ 1163.557773][T24264] Bluetooth: hci2: command 0x0c1a tx timeout [ 1164.417439][T26406] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 980 with max blocks 43 with error 117 [ 1164.421399][T26409] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7098'. [ 1164.439407][T26406] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1164.439407][T26406] [ 1164.718095][T26409] team0: Port device team_slave_0 removed [ 1165.628270][T24264] Bluetooth: hci2: command 0x0c1a tx timeout [ 1166.549405][T26422] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1166.596654][T26422] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1166.613531][T26422] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1166.650661][T26422] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1166.681284][T26422] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1168.335884][T24264] Bluetooth: hci1: command 0x0406 tx timeout [ 1168.568261][T26441] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7110'. [ 1168.657020][T24264] Bluetooth: hci0: command 0x0406 tx timeout [ 1168.657041][ T5148] Bluetooth: hci4: command 0x0c1a tx timeout [ 1168.657314][ T5148] Bluetooth: hci3: command 0x0c1a tx timeout [ 1168.741834][T26448] Bluetooth: hci2: command 0x0c1a tx timeout [ 1168.754316][T26447] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1 with max blocks 1 with error 117 [ 1168.768899][T26447] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1168.768899][T26447] [ 1168.979770][T26441] team0: Port device team_slave_0 removed [ 1170.099722][T26470] binder: 26468:26470 ioctl c0306201 0 returned -14 [ 1170.541842][T26476] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 976 with max blocks 47 with error 117 [ 1170.555232][T26476] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1170.555232][T26476] [ 1173.677905][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1001 with max blocks 22 with error 117 [ 1173.758723][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1173.758723][ T12] [ 1173.850047][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 1003 with max blocks 20 with error 117 [ 1174.177585][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1174.177585][ T12] [ 1174.198879][T26526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7136'. [ 1174.213191][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1001 with max blocks 22 with error 117 [ 1174.328790][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1174.328790][ T12] [ 1174.357638][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1421 with max blocks 43 with error 117 [ 1174.373311][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1174.373311][ T12] [ 1176.310966][T26548] FAULT_INJECTION: forcing a failure. [ 1176.310966][T26548] name failslab, interval 1, probability 393216, space 0, times 0 [ 1176.378398][T26548] CPU: 0 UID: 0 PID: 26548 Comm: syz.6.7150 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 1176.378479][T26548] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1176.378502][T26548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1176.378522][T26548] Call Trace: [ 1176.378534][T26548] [ 1176.378548][T26548] dump_stack_lvl+0x16c/0x1f0 [ 1176.378601][T26548] should_fail_ex+0x512/0x640 [ 1176.378653][T26548] ? fs_reclaim_acquire+0xae/0x150 [ 1176.378705][T26548] should_failslab+0xc2/0x120 [ 1176.378752][T26548] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1176.378785][T26548] ? __pfx_map_id_range_down+0x10/0x10 [ 1176.378815][T26548] ? security_inode_alloc+0x3b/0x2b0 [ 1176.378875][T26548] ? security_inode_alloc+0x3b/0x2b0 [ 1176.378925][T26548] security_inode_alloc+0x3b/0x2b0 [ 1176.378987][T26548] inode_init_always_gfp+0xce4/0x1030 [ 1176.379031][T26548] alloc_inode+0x86/0x240 [ 1176.379078][T26548] new_inode+0x22/0x1c0 [ 1176.379133][T26548] debugfs_create_dir+0xdd/0x5f0 [ 1176.379167][T26548] ? device_create_file+0xfa/0x1e0 [ 1176.379206][T26548] nbd_start_device+0x3e3/0xd70 [ 1176.379273][T26548] nbd_genl_connect+0x134b/0x1c60 [ 1176.379331][T26548] ? __pfx_nbd_genl_connect+0x10/0x10 [ 1176.379393][T26548] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1176.379439][T26548] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1176.379496][T26548] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1176.379543][T26548] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1176.379587][T26548] ? genl_get_cmd+0x194/0x580 [ 1176.379639][T26548] ? __radix_tree_lookup+0x21f/0x2c0 [ 1176.379681][T26548] genl_rcv_msg+0x55c/0x800 [ 1176.379729][T26548] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1176.379772][T26548] ? __pfx_nbd_genl_connect+0x10/0x10 [ 1176.379842][T26548] netlink_rcv_skb+0x158/0x420 [ 1176.379880][T26548] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1176.379925][T26548] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1176.380014][T26548] ? netlink_deliver_tap+0x1ae/0xd30 [ 1176.380059][T26548] genl_rcv+0x28/0x40 [ 1176.380095][T26548] netlink_unicast+0x5aa/0x870 [ 1176.380139][T26548] ? __pfx_netlink_unicast+0x10/0x10 [ 1176.380193][T26548] netlink_sendmsg+0x8c8/0xdd0 [ 1176.380238][T26548] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1176.380280][T26548] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1176.380336][T26548] ____sys_sendmsg+0xa98/0xc70 [ 1176.380376][T26548] ? copy_msghdr_from_user+0x10a/0x160 [ 1176.380405][T26548] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1176.380451][T26548] ? __pfx_futex_wake_mark+0x10/0x10 [ 1176.380505][T26548] ___sys_sendmsg+0x134/0x1d0 [ 1176.380537][T26548] ? __pfx____sys_sendmsg+0x10/0x10 [ 1176.380566][T26548] ? futex_private_hash_put+0xd5/0x190 [ 1176.380635][T26548] ? do_futex+0x122/0x350 [ 1176.380684][T26548] __sys_sendmsg+0x16d/0x220 [ 1176.380720][T26548] ? __pfx___sys_sendmsg+0x10/0x10 [ 1176.380756][T26548] ? __x64_sys_futex+0x1e0/0x4c0 [ 1176.380831][T26548] do_syscall_64+0xcd/0xfa0 [ 1176.380875][T26548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1176.380908][T26548] RIP: 0033:0x7f4d1018f749 [ 1176.380935][T26548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1176.380990][T26548] RSP: 002b:00007f4d10f40038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1176.381024][T26548] RAX: ffffffffffffffda RBX: 00007f4d103e5fa0 RCX: 00007f4d1018f749 [ 1176.381048][T26548] RDX: 0000000000008880 RSI: 0000200000001e00 RDI: 0000000000000001 [ 1176.381069][T26548] RBP: 00007f4d10213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1176.381090][T26548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1176.381111][T26548] R13: 00007f4d103e6038 R14: 00007f4d103e5fa0 R15: 00007fff064b6a08 [ 1176.381159][T26548] [ 1176.804690][T26548] debugfs: out of free dentries, can not create directory 'nbd3' [ 1176.814436][T26548] block nbd3: Failed to create debugfs dir for 'nbd3' [ 1176.888664][T26448] block nbd3: Receive control failed (result -107) [ 1178.597244][T26574] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7149'. [ 1178.628671][T26574] netlink: 25 bytes leftover after parsing attributes in process `syz.6.7149'. [ 1178.841089][T26576] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7151'. [ 1178.895553][T26578] netlink: 252 bytes leftover after parsing attributes in process `syz.5.7153'. [ 1178.934603][T26578] netlink: 252 bytes leftover after parsing attributes in process `syz.5.7153'. [ 1179.335398][T26580] vhci_hcd: invalid port number 9 [ 1179.368440][T26587] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7156'. [ 1179.420403][T26590] netlink: 25 bytes leftover after parsing attributes in process `syz.6.7156'. [ 1181.004854][T26602] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1005 with max blocks 18 with error 117 [ 1181.115321][T26602] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1181.115321][T26602] [ 1184.390666][T26649] netlink: 13 bytes leftover after parsing attributes in process `syz.1.7176'. [ 1185.167400][T26662] netlink: 62 bytes leftover after parsing attributes in process `syz.1.7180'. [ 1185.939834][T26634] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1186.009695][T26669] zswap: compressor not available [ 1186.649183][ T31] INFO: task kworker/u8:6:1105 blocked for more than 163 seconds. [ 1186.658541][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1186.664937][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1186.671567][ T31] Tainted: G U W I L XTNJ syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1186.709482][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1186.782863][ T31] task:kworker/u8:6 state:D stack:24104 pid:1105 tgid:1105 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 1186.826541][ T31] Workqueue: netns cleanup_net [ 1186.834027][ T31] Call Trace: [ 1186.872109][ T31] [ 1186.875235][ T31] __schedule+0x1190/0x5de0 [ 1187.224843][ T31] ? __pfx___schedule+0x10/0x10 [ 1187.229886][ T31] ? find_held_lock+0x2b/0x80 [ 1187.264334][ T31] ? schedule+0x2d7/0x3a0 [ 1187.299569][ T31] schedule+0xe7/0x3a0 [ 1187.303727][ T31] schedule_timeout+0x257/0x290 [ 1187.331160][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1187.383743][ T31] ? mark_held_locks+0x49/0x80 [ 1187.388654][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1187.433632][ T31] __wait_for_common+0x2fc/0x4e0 [ 1187.445128][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1187.463147][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 1187.468855][ T31] remove_one+0x312/0x420 [ 1187.504120][ T31] ? find_next_child+0x18f/0x280 [ 1187.509186][ T31] __simple_recursive_removal+0x15b/0x610 [ 1187.533301][ T31] ? __pfx_remove_one+0x10/0x10 [ 1187.543672][ T31] debugfs_remove+0x5d/0x80 [ 1187.548264][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 1187.597098][ T31] nsim_dev_reload_destroy+0x144/0x4d0 [ 1187.612700][ T31] ? __pfx_nsim_dev_reload_down+0x10/0x10 [ 1187.632483][ T31] nsim_dev_reload_down+0x6e/0xd0 [ 1187.637600][ T31] devlink_reload+0x1a1/0x7c0 [ 1187.682212][ T31] ? __pfx_devlink_reload+0x10/0x10 [ 1187.742134][ T31] devlink_pernet_pre_exit+0x1a0/0x2b0 [ 1187.791464][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 1187.798638][ T31] ? up_write+0x1b2/0x520 [ 1187.831386][ T31] ? kobject_put+0xab/0x5a0 [ 1187.836173][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 1187.871231][ T31] ops_undo_list+0x187/0xab0 [ 1187.901201][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 1187.906521][ T31] ? cleanup_net+0x347/0x8b0 [ 1187.920799][ T31] ? idr_destroy+0x62/0x2e0 [ 1187.925425][ T31] cleanup_net+0x41b/0x8b0 [ 1187.929937][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 1187.962461][ T31] ? rcu_is_watching+0x12/0xc0 [ 1187.967347][ T31] process_one_work+0x9cf/0x1b70 [ 1188.030574][ T31] ? __pfx_batadv_iv_send_outstanding_bat_ogm_packet+0x10/0x10 [ 1188.038259][ T31] ? __pfx_process_one_work+0x10/0x10 [ 1188.090416][ T31] ? assign_work+0x1a0/0x250 [ 1188.095133][ T31] worker_thread+0x6c8/0xf10 [ 1188.130013][ T31] ? __kthread_parkme+0x19e/0x250 [ 1188.135160][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1188.169710][ T31] kthread+0x3c5/0x780 [ 1188.173907][ T31] ? __pfx_kthread+0x10/0x10 [ 1188.178593][ T31] ? rcu_is_watching+0x12/0xc0 [ 1188.219306][ T31] ? __pfx_kthread+0x10/0x10 [ 1188.224105][ T31] ret_from_fork+0x675/0x7d0 [ 1188.228786][ T31] ? __pfx_kthread+0x10/0x10 [ 1188.279220][ T31] ret_from_fork_asm+0x1a/0x30 [ 1188.284182][ T31] [ 1188.287498][ T31] INFO: task syz.4.6411:24294 blocked for more than 165 seconds. [ 1188.319039][ T31] Tainted: G U W I L XTNJ syzkaller #0 [ 1188.339483][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1188.348339][ T31] task:syz.4.6411 state:D stack:27064 pid:24294 tgid:24288 ppid:15807 task_flags:0x400140 flags:0x00080002 [ 1188.399263][ T31] Call Trace: [ 1188.403162][ T31] [ 1188.406148][ T31] __schedule+0x1190/0x5de0 [ 1188.428227][ T31] ? check_path.constprop.0+0x24/0x50 [ 1188.433755][ T31] ? __pfx___schedule+0x10/0x10 [ 1188.457075][ T31] ? find_held_lock+0x2b/0x80 [ 1188.462179][ T31] ? schedule+0x2d7/0x3a0 [ 1188.466611][ T31] ? devlink_health_report+0x6b4/0xb00 [ 1188.511126][ T31] schedule+0xe7/0x3a0 [ 1188.515305][ T31] schedule_preempt_disabled+0x13/0x30 [ 1188.538035][ T31] __mutex_lock+0x818/0x1060 [ 1188.542749][ T31] ? devlink_health_report+0x6b4/0xb00 [ 1188.599580][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1188.606762][ T31] ? devlink_health_report+0x6b4/0xb00 [ 1188.706413][ T31] devlink_health_report+0x6b4/0xb00 [ 1188.728423][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 1188.734371][ T31] ? _copy_from_user+0x59/0xd0 [ 1188.766452][ T31] nsim_dev_health_break_write+0x166/0x210 [ 1188.772476][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 1188.801416][ T31] full_proxy_write+0x131/0x1a0 [ 1188.826087][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 1188.831787][ T31] vfs_write+0x2a0/0x11d0 [ 1188.855997][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1188.861132][ T31] ? __pfx_vfs_write+0x10/0x10 [ 1188.906086][ T31] ? __fget_files+0x20e/0x3c0 [ 1188.911470][ T31] ksys_write+0x12a/0x250 [ 1188.945847][ T31] ? __pfx_ksys_write+0x10/0x10 [ 1188.950820][ T31] do_syscall_64+0xcd/0xfa0 [ 1188.961023][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1188.975692][ T31] RIP: 0033:0x7fdbf338f749 [ 1188.981767][ T31] RSP: 002b:00007fdbf41a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1189.018683][ T31] RAX: ffffffffffffffda RBX: 00007fdbf35e6090 RCX: 00007fdbf338f749 [ 1189.084782][ T31] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000002 [ 1189.093498][ T31] RBP: 00007fdbf3413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1189.144771][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1189.152993][ T31] R13: 00007fdbf35e6128 R14: 00007fdbf35e6090 R15: 00007ffc99497a78 [ 1189.244126][ T31] [ 1189.247428][ T31] [ 1189.247428][ T31] Showing all locks held in the system: [ 1189.273842][ T31] 1 lock held by khungtaskd/31: [ 1189.278949][ T31] #0: ffffffff8e3c45e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 1189.323556][ T31] 7 locks held by kworker/u8:4/60: [ 1189.329528][ T31] 6 locks held by kworker/u8:6/1105: [ 1189.339180][ T31] #0: ffff88801ba9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1189.388467][ T31] #1: ffffc90003d2fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1189.413123][ T31] #2: ffffffff900d5010 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x8b0 [ 1189.424339][ T31] #3: ffff888059d5e0e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0 [ 1189.456323][ T31] #4: ffff888059d5f250 (&devlink->lock_key#4){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x136/0x2b0 [ 1189.562499][ T31] #5: ffff888067d41568 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 [ 1189.602138][ T31] 2 locks held by getty/20229: [ 1189.606993][ T31] #0: ffff88814d73d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1189.645309][ T31] #1: ffffc9000ac1e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 1189.671689][ T31] 1 lock held by syz.3.5337/21024: [ 1189.676887][ T31] 2 locks held by syz.1.6161/23554: [ 1189.691594][ T31] 1 lock held by syz.3.6273/23886: [ 1189.696793][ T31] 1 lock held by syz-executor/24249: [ 1189.708028][T24249] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz-executor: Error -117 reading block bitmap for 3 [ 1189.731498][ T31] 2 locks held by syz-executor/24263: [ 1189.737672][ T31] #0: ffffffff900eb448 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 1189.764632][T24249] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1189.776713][ T31] #1: ffffffff8e3cfb78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 1189.804714][T24249] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz-executor: Error -117 reading block bitmap for 2 [ 1189.820255][ T31] 3 locks held by syz.4.6411/24294: [ 1189.831808][ T31] #0: ffff888033d0a2b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 1189.853385][ T31] #1: ffff888141ab0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1189.890547][ T31] #2: ffff888059d5f250 (&devlink->lock_key#4){+.+.}-{4:4}, at: devlink_health_report+0x6b4/0xb00 [ 1189.922226][ T31] 2 locks held by syz.1.7148/26572: [ 1189.927509][ T31] 2 locks held by syz.3.7175/26647: [ 1189.942482][T24249] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1189.960227][ T31] 2 locks held by syz.3.7183/26676: [ 1189.970236][ T31] [ 1189.972639][ T31] ============================================= [ 1189.972639][ T31] [ 1189.999973][ T31] NMI backtrace for cpu 1 [ 1190.000004][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 1190.000070][ T31] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1190.000091][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1190.000111][ T31] Call Trace: [ 1190.000121][ T31] [ 1190.000134][ T31] dump_stack_lvl+0x116/0x1f0 [ 1190.000179][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 1190.000226][ T31] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 1190.000266][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1190.000313][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1190.000368][ T31] watchdog+0xf3f/0x1170 [ 1190.000406][ T31] ? rcu_is_watching+0x12/0xc0 [ 1190.000443][ T31] ? __pfx_watchdog+0x10/0x10 [ 1190.000487][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1190.000532][ T31] ? __kthread_parkme+0x19e/0x250 [ 1190.000581][ T31] ? __pfx_watchdog+0x10/0x10 [ 1190.000613][ T31] kthread+0x3c5/0x780 [ 1190.000662][ T31] ? __pfx_kthread+0x10/0x10 [ 1190.000729][ T31] ? rcu_is_watching+0x12/0xc0 [ 1190.000763][ T31] ? __pfx_kthread+0x10/0x10 [ 1190.000811][ T31] ret_from_fork+0x675/0x7d0 [ 1190.000857][ T31] ? __pfx_kthread+0x10/0x10 [ 1190.000906][ T31] ret_from_fork_asm+0x1a/0x30 [ 1190.000971][ T31] [ 1190.000983][ T31] Sending NMI from CPU 1 to CPUs 0: [ 1190.147767][ C0] NMI backtrace for cpu 0 [ 1190.147795][ C0] CPU: 0 UID: 0 PID: 24500 Comm: kworker/u8:5 Tainted: G U W I L XTNJ syzkaller #0 PREEMPT(full) [ 1190.147860][ C0] Tainted: [U]=USER, [W]=WARN, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1190.147881][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1190.147902][ C0] Workqueue: krdsd rds_connect_worker [ 1190.147952][ C0] RIP: 0010:lock_release+0x0/0x2f0 [ 1190.147996][ C0] Code: 8b 4c 24 20 44 8b 44 24 1c 44 8b 4c 24 18 4c 8b 54 24 10 44 8b 5c 24 0c eb 8c 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 41 57 41 56 41 55 41 54 49 89 f4 53 48 89 fb 48 83 ec [ 1190.148026][ C0] RSP: 0018:ffffc90000007320 EFLAGS: 00000246 [ 1190.148048][ C0] RAX: 0000000000000000 RBX: 1ffff92000000e65 RCX: ffffffff89bce202 [ 1190.148068][ C0] RDX: ffff888027fc9e40 RSI: ffffffff89bce199 RDI: ffffffff8e3c45e0 [ 1190.148089][ C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 1190.148107][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880a244f900 [ 1190.148126][ C0] R13: ffff888054394900 R14: ffffc90000007358 R15: 0000000000000000 [ 1190.148147][ C0] FS: 0000000000000000(0000) GS:ffff888124a0d000(0000) knlGS:0000000000000000 [ 1190.148176][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1190.148197][ C0] CR2: 00007f2721a65f98 CR3: 000000000e182000 CR4: 00000000003526f0 [ 1190.148217][ C0] Call Trace: [ 1190.148226][ C0] [ 1190.148235][ C0] ip_route_output_key_hash+0x13e/0x2b0 [ 1190.148286][ C0] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 1190.148337][ C0] ? lock_acquire+0x179/0x350 [ 1190.148382][ C0] ip_route_output_flow+0x27/0x150 [ 1190.148430][ C0] inet_csk_route_req+0x72e/0xd60 [ 1190.148470][ C0] tcp_v4_route_req+0x389/0x460 [ 1190.148508][ C0] tcp_conn_request+0xfeb/0x34e0 [ 1190.148550][ C0] ? ip_protocol_deliver_rcu+0xba/0x4c0 [ 1190.148581][ C0] ? process_backlog+0x38b/0x15e0 [ 1190.148628][ C0] ? __local_bh_enable_ip+0x40/0x120 [ 1190.148671][ C0] ? ip_output+0x300/0xa90 [ 1190.148706][ C0] ? __pfx_tcp_conn_request+0x10/0x10 [ 1190.148748][ C0] ? inet_release+0xed/0x200 [ 1190.148791][ C0] ? rds_tcp_accept_worker+0x59/0x80 [ 1190.148820][ C0] ? process_one_work+0x9cf/0x1b70 [ 1190.148865][ C0] ? worker_thread+0x6c8/0xf10 [ 1190.148890][ C0] ? kthread+0x3c5/0x780 [ 1190.148931][ C0] ? ret_from_fork+0x675/0x7d0 [ 1190.148985][ C0] ? mark_held_locks+0x49/0x80 [ 1190.149031][ C0] ? tcp_v4_conn_request+0xc5/0x310 [ 1190.149072][ C0] ? __lock_acquire+0x622/0x1c90 [ 1190.149111][ C0] tcp_v4_conn_request+0xc5/0x310 [ 1190.149162][ C0] tcp_v6_conn_request+0x33c/0x510 [ 1190.149210][ C0] tcp_rcv_state_process+0xa64/0x6490 [ 1190.149262][ C0] ? lock_acquire+0x179/0x350 [ 1190.149312][ C0] ? __pfx_tcp_rcv_state_process+0x10/0x10 [ 1190.149366][ C0] ? sk_filter_trim_cap+0x11a/0xd90 [ 1190.149440][ C0] ? __pfx_tcp_inbound_hash+0x10/0x10 [ 1190.149478][ C0] ? __pfx_sk_filter_trim_cap+0x10/0x10 [ 1190.149527][ C0] ? tcp_v4_do_rcv+0x68e/0x10a0 [ 1190.149578][ C0] tcp_v4_do_rcv+0x68e/0x10a0 [ 1190.149631][ C0] tcp_v4_rcv+0x4204/0x4db0 [ 1190.149705][ C0] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 1190.149764][ C0] ? __pfx_raw_local_deliver+0x10/0x10 [ 1190.149821][ C0] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 1190.149867][ C0] ip_protocol_deliver_rcu+0xba/0x4c0 [ 1190.149899][ C0] ip_local_deliver_finish+0x3f2/0x720 [ 1190.149932][ C0] ip_local_deliver+0x18e/0x1f0 [ 1190.149962][ C0] ip_rcv+0x2e0/0x600 [ 1190.149989][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 1190.150014][ C0] __netif_receive_skb_one_core+0x197/0x1e0 [ 1190.150061][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 1190.150109][ C0] ? lock_acquire+0x179/0x350 [ 1190.150153][ C0] ? process_backlog+0x3e7/0x15e0 [ 1190.150196][ C0] __netif_receive_skb+0x1d/0x160 [ 1190.150242][ C0] process_backlog+0x439/0x15e0 [ 1190.150292][ C0] __napi_poll.constprop.0+0xba/0x550 [ 1190.150337][ C0] ? skb_defer_free_flush+0x149/0x280 [ 1190.150373][ C0] net_rx_action+0x97f/0xef0 [ 1190.150426][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 1190.150471][ C0] ? sched_balance_domains+0x283/0xee0 [ 1190.150506][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 1190.150540][ C0] ? sched_clock+0x38/0x60 [ 1190.150576][ C0] ? sched_clock_cpu+0x6c/0x530 [ 1190.150624][ C0] ? mark_held_locks+0x49/0x80 [ 1190.150670][ C0] handle_softirqs+0x219/0x8e0 [ 1190.150708][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 1190.150744][ C0] ? __dev_queue_xmit+0xaf1/0x4490 [ 1190.150788][ C0] do_softirq+0xb2/0xf0 [ 1190.150819][ C0] [ 1190.150830][ C0] [ 1190.150840][ C0] __local_bh_enable_ip+0x100/0x120 [ 1190.150874][ C0] ? __dev_queue_xmit+0xaf1/0x4490 [ 1190.150916][ C0] __dev_queue_xmit+0xb06/0x4490 [ 1190.150977][ C0] ? __local_bh_enable_ip+0x40/0x120 [ 1190.151012][ C0] ? __pfx___dev_queue_xmit+0x10/0x10 [ 1190.151064][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 1190.151122][ C0] ip_finish_output2+0xc38/0x21a0 [ 1190.151163][ C0] ? __pfx_ip_finish_output2+0x10/0x10 [ 1190.151200][ C0] ? __pfx_ip_skb_dst_mtu+0x10/0x10 [ 1190.151234][ C0] ? __pfx_ip_finish_output+0x10/0x10 [ 1190.151275][ C0] __ip_finish_output.part.0+0x1b4/0x350 [ 1190.151314][ C0] ip_output+0x35f/0xa90 [ 1190.151351][ C0] __ip_queue_xmit+0x1bee/0x2330 [ 1190.151392][ C0] ? __pfx_ip_queue_xmit+0x10/0x10 [ 1190.151430][ C0] __tcp_transmit_skb+0x2caf/0x44d0 [ 1190.151462][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 1190.151504][ C0] ? __pfx___tcp_transmit_skb+0x10/0x10 [ 1190.151532][ C0] ? __build_skb_around+0x278/0x3b0 [ 1190.151595][ C0] ? ktime_get+0x200/0x310 [ 1190.151629][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 1190.151675][ C0] tcp_connect+0x2f34/0x5210 [ 1190.151710][ C0] ? __pfx_tcp_connect+0x10/0x10 [ 1190.151734][ C0] ? get_random_u16+0x58a/0x7e0 [ 1190.151776][ C0] ? tcp_fastopen_cookie_check+0x2ba/0x310 [ 1190.151823][ C0] tcp_v4_connect+0x1588/0x1c10 [ 1190.151870][ C0] ? __pfx_tcp_v4_connect+0x10/0x10 [ 1190.151910][ C0] ? __lock_acquire+0xb8a/0x1c90 [ 1190.151952][ C0] __inet_stream_connect+0x915/0xf50 [ 1190.152000][ C0] ? __pfx___inet_stream_connect+0x10/0x10 [ 1190.152043][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1190.152093][ C0] ? __local_bh_enable_ip+0xa4/0x120 [ 1190.152128][ C0] inet_stream_connect+0x57/0xa0 [ 1190.152171][ C0] kernel_connect+0x107/0x180 [ 1190.152205][ C0] ? __pfx_kernel_connect+0x10/0x10 [ 1190.152247][ C0] ? __local_bh_enable_ip+0xa4/0x120 [ 1190.152283][ C0] rds_tcp_conn_path_connect+0x43e/0x7f0 [ 1190.152319][ C0] ? __pfx_rds_tcp_conn_path_connect+0x10/0x10 [ 1190.152352][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1190.152385][ C0] ? debug_object_deactivate+0x1ec/0x3a0 [ 1190.152433][ C0] rds_connect_worker+0x1af/0x2c0 [ 1190.152478][ C0] process_one_work+0x9cf/0x1b70 [ 1190.152530][ C0] ? __pfx_rds_shutdown_worker+0x10/0x10 [ 1190.152575][ C0] ? __pfx_process_one_work+0x10/0x10 [ 1190.152626][ C0] ? assign_work+0x1a0/0x250 [ 1190.152676][ C0] worker_thread+0x6c8/0xf10 [ 1190.152707][ C0] ? __kthread_parkme+0x19e/0x250 [ 1190.152744][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1190.152769][ C0] kthread+0x3c5/0x780 [ 1190.152810][ C0] ? __pfx_kthread+0x10/0x10 [ 1190.152854][ C0] ? rcu_is_watching+0x12/0xc0 [ 1190.152884][ C0] ? __pfx_kthread+0x10/0x10 [ 1190.152926][ C0] ret_from_fork+0x675/0x7d0 [ 1190.152968][ C0] ? __pfx_kthread+0x10/0x10 [ 1190.153010][ C0] ret_from_fork_asm+0x1a/0x30 [ 1190.153060][ C0] [ 1191.665241][T26647] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz.3.7175: Error -117 reading block bitmap for 3 [ 1191.685782][T26647] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1191.699136][T26647] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz.3.7175: Error -117 reading block bitmap for 2 [ 1191.740423][T26647] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1191.994480][T26572] EXT4-fs error (device sda1): ext4_discard_preallocations:5681: comm syz.1.7148: Error -117 reading block bitmap for 3 [ 1192.013459][T26572] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem