last executing test programs: 18.977759378s ago: executing program 2 (id=2607): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000140), 0xffffffffffffffff) setsockopt$auto_SO_RCVTIMEO_OLD(r0, 0x5, 0x14, &(0x7f0000000040)='/proc/self/net/fib_triestat\x00', 0x2737) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="0000374ebc5bb7d1eeb3c41c6b02499b2c4a90ed47814db5884c808b19bac7ac3ee78927a8656ae81fa969d8cffb5a15dc65fff5ff26aa74e91c4fd60ef8a99fa83828853a2211ae666bc84175bed82f436520d2771d9991e2c4fab759557fba4bd7bd3167e454579a89a80340f7130fd27cdb9f253ef73f89f009e4ff1fc7b51267a467c651", @ANYRES16=r1, @ANYBLOB="010027bd7000ffdbdf2502000000", @ANYRES64], 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x20009, 0x3, 0x40000000000eb1, 0x401, 0x8000) socket(0x11, 0x3, 0x2) getsockopt$auto(r0, 0x4010a, 0x12, 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) read$auto(r2, &(0x7f00000001c0)='\xa4x\xd9\x8ak}\xd3\xd2\xa9\xaf\xbd\xb9\x8e/\x99\a\xb74\a\x95\xcf\x1bLa(g\x90\xa2\xc1P\x1b[\xdb\xfb\xc1G\xf2\x9e\x9d\n\xbb\xbbR\x18\xf9`\xde\x1e\t\xd3\x8b(\xb8\xfaR\xd4\xa6\x80lx@Ath\xbe\xc6\xd5\'R\x00\xc0\xd4\xd3\x8e\xe1b+o+\x83O\xca@\xd1\x14n\xba\x7f\x98\xcb\x1dm+\xedy\xe8t\xf9R\xc1D_V@\xf4\xe1\x1e\xe1\xfc_[(\xdd],\xeb7)\f\x99\xd3\x19\xdb\vC\xf0\xb4\xa8\x0e\x9b\f2\xd4>\xeb\xd1o\xe8*2#\x8f\xdae\xdd\xe7\xe1\x9b\xdfb\xa5{\x7f\xa1\x19\x1e]\x89gv\x0fd\xf3\xa0E\xd4\xe8F\x84\xad\xf1S}\xbc\xa2a\x18\xcd\x95y\xfb\x0f>\xd0\xba\xf8\x93!\xc9\xd0\xc2}U\x9c\x1e\x1e\xcb\x12`\xe90e\x96(\xecC\x1a\xf6\xa3*\xc4:F\xdc_(\x01A_\xa4t\x9a\x18\xe3\xc6\x8e\xb8;I\x04\xb5\xd0b\"\xcfq\xff\x80q\xa9\xaf\x9aq\xbc\x04\xda\x11[\xeb\xe2\xdah\x02\x91\xd5', 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) statx$auto(r3, 0x0, 0x200, 0x6, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/tty60\x00', 0x161203, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x20b42, 0x0) close_range$auto(r3, r4, 0x1000) io_uring_setup$auto(0xb, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4004, 0x2, 0xfff, 0x0) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) write$auto(r5, 0x0, 0x1) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x34) 18.469112767s ago: executing program 2 (id=2611): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/Stats\x00', 0x20002, 0x0) write$auto(r0, &(0x7f0000000300)='N\x00\x1c\x84\x04Y\x03\b\xc7k\x00\x00\x00\x00|x\xc8\v\xa3\"\xd7kp\\\xb8\xe1\x81\xdaR\xbc\xd0\xa0\xa1;l\x7f\x85D\r\x893_\xd4\xdf\xa5\xe6Vg\x8c\xce\f\xfa\xf3;\xed\xbd\xf8y\xb8\x92\xac\x97\xcb#\xd0R\x9a{\x02wCJ\r8\x11\v7\r\x82#\xd1\xc1\x9djK\x7f\xd7y@\v#\xfc)\x06\x9a\x81\x7fIz\x825\v \xdd\xb2<\xa9\xd1\x7f\xbfw\xfeq\xc9\xce\x86\x04\xe2j\x86\xf3\xd1\x85\xd9\x9e\x19\x1c\x9a\xa4\xcd\xbb\xd3\x99\xeb\x16\x0e\xde>\x10\x88{\xb1\xc4\xe0\x97\x92\xabd \xfdGsxA\x84\xfco\a\x1a\x94u\xe5\xe0%>\a\xaa\xf9kwwdb\xd0\xa0', 0x7ff) socket(0x21, 0x806, 0x7) 18.153441256s ago: executing program 2 (id=2614): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyzd\x00', 0x0, 0x0) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video8\x00', 0x802, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) openat$auto_trace_fops_debugfs(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20461, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) setresuid$auto(0x8, 0x8, 0x0) socketpair$auto(0x5b, 0x2, 0x420000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 17.741313577s ago: executing program 2 (id=2617): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x2) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) utime$auto(&(0x7f0000000040)='./file0\x00', 0x0) r1 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) rt_sigqueueinfo$auto(0x0, 0x2, &(0x7f0000000000)={@siginfo_0_0={0x8, 0x5, 0x3, @_rt={0x0, 0xffffffffffffffff, @sival_int=0x1}}}) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/platform/vivid.0/video4linux/radio9/dev\x00', 0x0, 0x0) sendfile$auto(r2, r3, 0x0, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x2020009, 0x40000003, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vivid.0/video4linux/video62/name\x00', 0x100, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r1, 0x40285881, &(0x7f0000000080)={r5, 0x0, 0x6d1, 0x3be62966, 0x5, 0x7}) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x0, 0x0) ioctl$auto(r6, 0xc0c0128e, r6) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) landlock_restrict_self$auto(r1, 0xb) memfd_secret$auto(0x3c0) 17.317529484s ago: executing program 2 (id=2619): r0 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) socket(0xa, 0x3, 0x0) landlock_restrict_self$auto(r0, 0xb) (fail_nth: 2) get_robust_list$auto(0x0, 0x0, 0x0) 16.573909793s ago: executing program 2 (id=2624): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x4000008000) (async, rerun: 32) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async, rerun: 32) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) (async, rerun: 64) r0 = setfsuid$auto(0xee00) (rerun: 64) r1 = setfsuid$auto(r0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd10/queue/iosched/read_expire\x00', 0x1c2b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) setresuid$auto(r0, r1, r0) (async) ioctl$auto(0x3, 0x400454ca, 0x38) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) r3 = open$auto(&(0x7f0000000040)='./file0\x00', 0xffffffff, 0xe094) (rerun: 32) sendmsg$auto(r3, &(0x7f0000000280)={&(0x7f0000000080)="a5be21194d1d292fe679294d044adc486e6271984bc6ef6af1e3d392420a815c3f134fbf6d9d204ae4fd42db50e3a75aa28f78e53d38ab4aa731adcd4fda90e06c2757127ad2233d0f7169509d78ad6037c38a1ba107eea058a0212fb489", 0x9, &(0x7f0000000140)={&(0x7f0000000100)="ff6a15850774", 0x2}, 0x9, &(0x7f0000000180)="6050f5a178dd4d7897f8fe07bf517c3a4de832d395711a0c207b99668d737892aed1cd78d748e3e7647f90759dbc1ce6449a9ed0ca73de133c2e7564f3560ff12c818d0fa35262e38ecc179401cb9b81a4153519413c60de4dc2e0857e87538faf32a027505e3600942e758c967a752237d1767a6e5fe7952a5f385871ae36938d2a73be8bd2200823fe3c5c0563b279b30af3b0739de0f2a91b0c42945a442ca1b51a930d3e4de54d6911da5196c8474e6411d7d9b16e9d5e5156878729b29d44bca8b3ed0acb866c388ba661634bdfe72a7f3e8d508642c8a25eff7dd6dee78f9d333da8376503fd45e5005135f335f352ee4b3f4696cebdc1f4", 0x300000, 0xfffffff8}, 0x8) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="05082dbd7000fbdbdf257e000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) r6 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x163881, 0x0) ioctl$auto(r6, 0xc0305302, 0x38) socket(0xa, 0x1, 0x84) (async) setsockopt$auto(0x3, 0x10000000084, 0x82, 0x0, 0x8) (async, rerun: 64) socket(0xa, 0x1, 0x84) (async, rerun: 64) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66) (async, rerun: 64) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (rerun: 64) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) uname$auto(0x0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) sendto$auto(0x3, 0x0, 0x2000f, 0xfee00, &(0x7f0000000000)=@in={0x2, 0x4e22, @empty}, 0x1c) r7 = ioctl$auto_userfaultfd_dev_fops_userfaultfd(r3, 0x101, &(0x7f00000002c0)="54c148edc38e361d437c31173d6fe02faa") getsockopt$auto_SO_REUSEPORT(r7, 0x7, 0xf, &(0x7f0000000300)='*%\x00', &(0x7f0000000340)=0x3) 7.17129255s ago: executing program 0 (id=2650): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/oom_adj\x00', 0x49402, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000100)={0x0, 0x7}, 0x4000000000007) memfd_secret$auto(0x4) getsockopt$auto_SO_NOFCS(r0, 0x68c, 0x2b, 0x0, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000002c0)={{@raw=0x5, 0x7aabb7ea, 0x0, 0x400a2, "c6e47a44a36664a5e709f0e4c97056bc9fa32c617bb88dc98fa7591aefc4647f5af349f8e1e79c823b22958f"}, 0x1, @enumerated=@item=[0x5, 0x1, 0x1, 0xc, 0x4, 0x6, 0x0, 0x8, 0x4, 0x3, 0x8001, 0x0, 0x3, 0x40, 0x40, 0x9, 0x5, 0x4, 0x8, 0x7, 0x8, 0x3, 0x6820, 0xb3, 0x9efe, 0x6, 0x72, 0x8, 0x5, 0x931c, 0x2f, 0x3, 0xff, 0xfffffffb, 0x80000000, 0x74814ca1, 0x1000000, 0xd0, 0x20, 0x3, 0x6, 0x10001, 0x5, 0x0, 0xffffffd9, 0x9, 0x3, 0x10, 0x3, 0x12, 0x6578, 0xfffffff9, 0x2, 0x1b, 0xa9, 0x6, 0x7, 0x5, 0xca92, 0x82, 0x9, 0x9, 0xa, 0xb4b3, 0x2, 0x7, 0x3ff, 0x6, 0x5, 0x9, 0x63a4183b, 0x0, 0x4d84, 0x3bc, 0x2, 0x0, 0x8, 0x10, 0x10000, 0x30f5, 0x8000, 0x56f, 0x7, 0x4, 0x1ff, 0x10001, 0x3, 0xffff, 0x40, 0x17, 0x8, 0x6, 0x6, 0x5, 0x1ff, 0x65bb, 0x29, 0x7, 0xfffffffe, 0x1, 0x5, 0x2, 0x3, 0xf2, 0xe, 0x0, 0x6, 0xffffffff, 0x0, 0xa896, 0x2, 0x1, 0x200, 0x7, 0x2, 0x8, 0x4, 0xf04, 0x6, 0x3, 0xe9b, 0x12d, 0x9, 0x4, 0x5, 0x3, 0x8, 0x40000000], "4570dcfd140074f863fc1385c4fd7abe6fce96c0b442897f58fd7d975d164deff4eef5b9f9173fa400163669eae95125d4bd68ca00000000000000008d501b1329af8d4108ac0400000000040000a1b2dfae0f309c6ea588833d7d134b13d8cb3ef95bf5ed43801c280c02a5a853512e6f730d43226f00af1c5ac268ecc1d18f"}) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/v4l-touch3\x00', 0x88382, 0x0) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c00001efd160f6c0200b53149d420ff00", @ANYRES16, @ANYBLOB="020025bd7000ffdbdf251400000008000300ffffff7f"], 0x1c}, 0x1, 0x0, 0x0, 0x8011}, 0x8000) 6.555054718s ago: executing program 0 (id=2655): mmap$auto(0x0, 0x5, 0x0, 0x8ff, 0x2, 0x800008000) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/clear_refs\x00', 0x200880, 0x0) close_range$auto(0x2, 0x8, 0xfffffffe) r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x400c40, 0x0) write$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffffff, &(0x7f0000000000)="706f3a82d9e5cc7c2ceda8d50bfc94be9fe6c22ffaf8493a38", 0x19) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(r1, r1, 0xbf25974) r2 = socket(0x2, 0x3, 0x100) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0) timer_create$auto(0x2, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xfff, 0xeb1, 0x401, 0x8000) mmap$auto(0x101, 0xffffffffffffffff, 0xc, 0x17, r0, 0x8000) unshare$auto(0x40000080) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) close_range$auto(0x0, 0x5, 0x0) socket(0x10, 0x2, 0xc) openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/bluetooth/hci2/force_wakeup\x00', 0x8742, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r1, 0x10000, &(0x7f0000000080)="c966") openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x60580, 0x0) r3 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) clone$auto(0x20003b14, 0x8, 0x0, 0x0, 0x9) write$auto(r3, 0x0, 0xe) socket(0x10, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x1000000003b, 0x1, 0x4, 0x9, 0x7) bpf$auto(0x5, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r2, r4, 0x8, 0x1, 0xffffffffffffffff, @relative_id=0x8, 0xe600}, 0xf) bpf$auto(0x0, &(0x7f00000001c0)=@enable_stats={0x80000000}, 0xffffffff) recvmmsg$auto(r0, 0x0, 0x3, 0x7, 0x0) 4.077552341s ago: executing program 0 (id=2660): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x43102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0) fallocate$auto(r0, 0x3, 0x4e88, 0x4cbd5d) socket(0xa, 0x5, 0x84) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda\x00', 0x14fa02, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r1, 0x0, 0x6, 0xfffffffffffffffb, 0x4, 0x5) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) open$dir(0x0, 0x10000, 0x6) close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20008800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x80}, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x181302, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0xfffffffc, &(0x7f0000000100)={0x0, 0xfc0}, 0x8, 0x0, 0x8, 0x3}, 0x3}, 0xc, 0x4008) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 3.774392975s ago: executing program 3 (id=2662): mmap$auto(0x0, 0x20009, 0x7, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x1, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) read$auto(r0, 0x0, 0x39b8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) clock_adjtime$auto(0xfffffffffffffffb, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mincore$auto(0x1000, 0x8001, 0x0) 2.798064292s ago: executing program 3 (id=2664): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) sysfs$auto(0x2, 0x19, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x1, &(0x7f0000000200)='I\xee\"\xe3\xb7\xcfD\xe5\xb1\x05\x1e#\xff1<\xd9h[e\xdf\xc0M\xa2\x00\v\x97\xb5\xd4\x94\x99u\x9e\xf4O\x1a\xb1\x05\xb8\xcb\x96\fd\xa3\xf9&\xc9~\x10\x06X\a\xc8\xb7\x97\xc7M\x83\'^\xc9\x9e\xccAsv\xce8sw\v\xac\xcd\xa2B\xf8.\xce\xe6n\xfe\xd6\xc8^W>Rz`C+\x0e\x8c<\xc5\x8f\xe6\x0f\x14\xfa\x9ea4>\xd8O[{\xede\xfd\xbc\xc7\xbd4_\xbc\xc6\x06\xe5h\x9e\xf5/4\xe8\xcfc\x95\xbb~\xd9.\xb3\x84\xb8K\xa7\xca\xda\xc8\x11u\xa1\x1d\x9d\xe1%\xc0m\xf6%1\xba\xe7^\xed0\xdc\x86\xeaG)?p,Up \xe9\b\x14\xaf\xbf\xd9\xc3,\xb8\x17\x10\x9f\x92\x95@),A\xb4\x92Q\x86\xbe\xed=p\x1b\x9d\xd4\x99_]K\xce.\x00\x00\x00\x8eDv\x0fl\xed\x93ey\xf9\x19\xf0\x9d\xf5\xfe\xed\xc7Q\xc0ZJ\xc9*7\xf2\x1a\xa7\xb3\xc6v\v\xe1u\x16:\x15\xefel\xf0\x8c/\xa2\x95\xc1\xacd\xc9\a\xe5\x888F\xaa\xce\x94\xa2zsx\xea\x96\x7f~]\xdbj\xd1#\x94K\xcf\x11l\xe5Z\xec\xa6B\x90\xb6\xa3`\x88\xd4\x87\x17\x8a\xedFx\x95#\x83\x99\x00\xc6Z\x1au\x8e\xa7}\xa7\xe9\x83X\xa3\xad\xe2T\xea\xa0\xba\xd7R8T\x00\x8e0h\x8ck4\x15\xf3sh0\xd3\x1e\xedU@\xab\xc0g\xeeT\xc5\x8d\x9b\x188x)\xf0i]\xdcf\xdd\xf9\xffA\"ZQ\x8d\x15\xff\xf3WYX\x8a/\xb36\x1d\x8e7\xb2d3\xe8\xf4\x1e3\xec\xfe\xbf\xbbo\xbb\xd2Z\x89:\xa2\xc8n8k\xa8\xba\xa5E\x9f\xbe>3,\xcb\xa2\xa7q \xe2', &(0x7f0000000280), 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xebf, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x23, 0x3, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) socket(0x1d, 0x2, 0x2) setresuid$auto(0x0, 0x8, 0x8000) shmget$auto(0x8, 0x10564, 0x568d1aef) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x71, 0x0, &(0x7f0000000280)=0x22a) write$auto(0x3, 0x0, 0x1) unshare$auto(0x8000000) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_DETACH(r2, 0x7aa, 0x0) semget$auto(0x0, 0x2e4a, 0x8000) r3 = getpgid(0x0) pidfd_open$auto(r3, 0x0) prctl$auto_PR_SCHED_CORE(0x3e, 0x7fffffff, r3, 0x2, 0x7ff) 2.550182159s ago: executing program 1 (id=2665): close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f00000001c0)={0x5, 0x7a01, [{0x199, 0x8, 0x45}]}) 2.487544516s ago: executing program 3 (id=2666): mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) connect$auto(0x3, 0x0, 0x54) sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x211}, 0x7) semctl$auto(0x7, 0x6, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xa13, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0xff00) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r0 = socket(0x2, 0x3, 0x73) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000100)=""/92, 0x5c) setsockopt$auto(r0, 0xff, 0x400, 0x0, 0x200) 2.28345734s ago: executing program 1 (id=2667): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/oom_adj\x00', 0x49402, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000100)={0x0, 0x7}, 0x4000000000007) memfd_secret$auto(0x4) getsockopt$auto_SO_NOFCS(r0, 0x68c, 0x2b, 0x0, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000002c0)={{@raw=0x5, 0x7aabb7ea, 0x0, 0x400a2, "c6e47a44a36664a5e709f0e4c97056bc9fa32c617bb88dc98fa7591aefc4647f5af349f8e1e79c823b22958f"}, 0x1, @enumerated=@item=[0x5, 0x1, 0x1, 0xc, 0x4, 0x6, 0x0, 0x8, 0x4, 0x3, 0x8001, 0x0, 0x3, 0x40, 0x40, 0x9, 0x5, 0x4, 0x8, 0x7, 0x8, 0x3, 0x6820, 0xb3, 0x9efe, 0x6, 0x72, 0x8, 0x5, 0x931c, 0x2f, 0x3, 0xff, 0xfffffffb, 0x80000000, 0x74814ca1, 0x1000000, 0xd0, 0x20, 0x3, 0x6, 0x10001, 0x5, 0x0, 0xffffffd9, 0x9, 0x3, 0x10, 0x3, 0x12, 0x6578, 0xfffffff9, 0x2, 0x1b, 0xa9, 0x6, 0x7, 0x5, 0xca92, 0x82, 0x9, 0x9, 0xa, 0xb4b3, 0x2, 0x7, 0x3ff, 0x6, 0x5, 0x9, 0x63a4183b, 0x0, 0x4d84, 0x3bc, 0x2, 0x0, 0x8, 0x10, 0x10000, 0x30f5, 0x8000, 0x56f, 0x7, 0x4, 0x1ff, 0x10001, 0x3, 0xffff, 0x40, 0x17, 0x8, 0x6, 0x6, 0x5, 0x1ff, 0x65bb, 0x29, 0x7, 0xfffffffe, 0x1, 0x5, 0x2, 0x3, 0xf2, 0xe, 0x0, 0x6, 0xffffffff, 0x0, 0xa896, 0x2, 0x1, 0x200, 0x7, 0x2, 0x8, 0x4, 0xf04, 0x6, 0x3, 0xe9b, 0x12d, 0x9, 0x4, 0x5, 0x3, 0x8, 0x40000000], "4570dcfd140074f863fc1385c4fd7abe6fce96c0b442897f58fd7d975d164deff4eef5b9f9173fa400163669eae95125d4bd68ca00000000000000008d501b1329af8d4108ac0400000000040000a1b2dfae0f309c6ea588833d7d134b13d8cb3ef95bf5ed43801c280c02a5a853512e6f730d43226f00af1c5ac268ecc1d18f"}) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/v4l-touch3\x00', 0x88382, 0x0) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c00001efd160f6c0200b53149d420ff00", @ANYRES16, @ANYBLOB="020025bd7000ffdbdf251400000008000300ffffff7f"], 0x1c}, 0x1, 0x0, 0x0, 0x8011}, 0x8000) 2.094239528s ago: executing program 0 (id=2668): r0 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/valid_links\x00', 0x88000, 0x0) read$auto(r0, &(0x7f0000001200)='\x00', 0x4) (async) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) (async) prctl$auto(0x1, 0xfffffffffffffffe, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) madvise$auto(0x0, 0xff7fffffffff0001, 0x15) close_range$auto(r1, 0x8, 0x0) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x802, 0x0) (async, rerun: 64) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) (async, rerun: 64) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) (async, rerun: 32) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x700000000000000) (async, rerun: 32) mmap$auto(0x0, 0x202000d, 0x6, 0x16, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0x1eb1, r0, 0x8000) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x430740, 0x0) mmap$auto(0x0, 0x400008, 0xe1, 0x9b73, r4, 0x8000) io_uring_setup$auto(0x6, 0x0) (async, rerun: 64) pidfd_send_signal$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0x0, &(0x7f0000000100)={@_si_pad}, 0x4) (rerun: 64) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x16e) getsockname$auto(0xffffffffffffffff, &(0x7f0000000040)=@vsock={0x28, 0x0, 0xffffffff, @hyper}, &(0x7f0000000080)=0x8) socket(0x2, 0x6, 0x0) setsockopt$auto(r0, 0x4, 0x3e, 0x0, 0xa00004) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x7fffffe) 1.936074884s ago: executing program 1 (id=2669): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x20000004}, 0x400c000) ioctl$auto(0xffffffffffffffff, 0x8936, 0x1) socket(0x25, 0x3, 0xfffff4f1) connect$auto(0x3, &(0x7f00000001c0)=@generic={0x1a, "0000e100"}, 0x58) read$auto_msr_fops_msr(0xffffffffffffffff, &(0x7f0000000ac0)=""/4096, 0x1000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x11, 0x80003, 0x300) socket(0x11, 0x80003, 0x200300) sendto$auto(0x3, 0x0, 0x2, 0xf035, &(0x7f0000000340)=@hci={0x1f, 0x5865, 0x3}, 0x22) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x0, 0x8, 0x0, 0x4000006) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8}, 0x1) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x52) write$auto(0x3, 0x0, 0x5c8) socket(0x22, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) write$auto(r1, &(0x7f0000000100)='/dev/audio1\x00\xf6\x89\t\xb6t\xae\x12Q\x15E O\xd8\x8d/\xd9\x13\v_\xbcTd\xe0DS\xef?f\xf1ou\xa4W&^\x80\xb2}\x96K\x16*\xa0\x10[8\xa3\x86\x9a3\xc1\xf7\x89x; 4\x8d,U\xa2\xd8\xd5\xfd\xf8\xd8\xb0\xe0W\xad\xe7\x05l*\xc5Z\x8d\xc88}n\x81\tK\x00\x12\xae\xff\xe5\xf1\xb5w\x81$\xd4\xca\xbe&\x195\xc1\xda>\x8c\x89P\xa1\xdb\xb4g9E\xc8\x92\xf6m\x1c\x9b\xebAzeI\xcb\x16f\xc0@\x978x\xbe\x15\'\xc6d}\xc2\xd3\x9f\xc5F8\x15f\x90\xa2\x84', 0x6051) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0xfffffffffffffffc) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x42, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x80c00, 0x0) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x88\v\xae\xa9i8W\xe5\x00!\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0x2, 0x3) socket(0xa, 0x801, 0x100) 1.750631569s ago: executing program 0 (id=2670): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_score\x00', 0x0, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000001040)='/dev/binderfs/binder1\x00', 0x0, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x600347, 0x0) listxattrat$auto(0xffffffffffffffff, 0xfffffffffffffffc, 0x1000, 0x0, 0x3) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80040, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) socketpair$auto(0x3, 0x1, 0x8, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 1.507527067s ago: executing program 32 (id=2624): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x4000008000) (async, rerun: 32) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async, rerun: 32) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) (async, rerun: 64) r0 = setfsuid$auto(0xee00) (rerun: 64) r1 = setfsuid$auto(r0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd10/queue/iosched/read_expire\x00', 0x1c2b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) setresuid$auto(r0, r1, r0) (async) ioctl$auto(0x3, 0x400454ca, 0x38) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) r3 = open$auto(&(0x7f0000000040)='./file0\x00', 0xffffffff, 0xe094) (rerun: 32) sendmsg$auto(r3, &(0x7f0000000280)={&(0x7f0000000080)="a5be21194d1d292fe679294d044adc486e6271984bc6ef6af1e3d392420a815c3f134fbf6d9d204ae4fd42db50e3a75aa28f78e53d38ab4aa731adcd4fda90e06c2757127ad2233d0f7169509d78ad6037c38a1ba107eea058a0212fb489", 0x9, &(0x7f0000000140)={&(0x7f0000000100)="ff6a15850774", 0x2}, 0x9, &(0x7f0000000180)="6050f5a178dd4d7897f8fe07bf517c3a4de832d395711a0c207b99668d737892aed1cd78d748e3e7647f90759dbc1ce6449a9ed0ca73de133c2e7564f3560ff12c818d0fa35262e38ecc179401cb9b81a4153519413c60de4dc2e0857e87538faf32a027505e3600942e758c967a752237d1767a6e5fe7952a5f385871ae36938d2a73be8bd2200823fe3c5c0563b279b30af3b0739de0f2a91b0c42945a442ca1b51a930d3e4de54d6911da5196c8474e6411d7d9b16e9d5e5156878729b29d44bca8b3ed0acb866c388ba661634bdfe72a7f3e8d508642c8a25eff7dd6dee78f9d333da8376503fd45e5005135f335f352ee4b3f4696cebdc1f4", 0x300000, 0xfffffff8}, 0x8) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="05082dbd7000fbdbdf257e000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) r6 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x163881, 0x0) ioctl$auto(r6, 0xc0305302, 0x38) socket(0xa, 0x1, 0x84) (async) setsockopt$auto(0x3, 0x10000000084, 0x82, 0x0, 0x8) (async, rerun: 64) socket(0xa, 0x1, 0x84) (async, rerun: 64) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66) (async, rerun: 64) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (rerun: 64) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) uname$auto(0x0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) sendto$auto(0x3, 0x0, 0x2000f, 0xfee00, &(0x7f0000000000)=@in={0x2, 0x4e22, @empty}, 0x1c) r7 = ioctl$auto_userfaultfd_dev_fops_userfaultfd(r3, 0x101, &(0x7f00000002c0)="54c148edc38e361d437c31173d6fe02faa") getsockopt$auto_SO_REUSEPORT(r7, 0x7, 0xf, &(0x7f0000000300)='*%\x00', &(0x7f0000000340)=0x3) 1.49600561s ago: executing program 3 (id=2672): openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) mmap$auto(0xfffff000, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) (async) pipe$auto(0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x10000000000df, 0x4eb2, 0x401, 0x8000) (async) r0 = socket(0x2, 0x802, 0x1) setsockopt$auto_SO_WIFI_STATUS(r0, 0x0, 0x30, 0x0, 0x1bb) (async) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r1, 0x0, 0x39b8) (async) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff) (async) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x2, 0x0) preadv$auto(r3, &(0x7f0000000340)={0x0, 0x7}, 0x7, 0x4000000000000000, 0x8) sendmsg$auto_IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, r2, 0x10, 0x70bd2b, 0x259fdbfb}, 0x1c}, 0x1, 0x0, 0x0, 0x2401c010}, 0x40) (async) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) 1.193721844s ago: executing program 3 (id=2673): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sda\x00', 0x200000, 0x0) mprotect$auto(0xfff, 0x5, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(r1, 0x8, 0x7d) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = socket(0x10, 0x80002, 0x8) close_range$auto(r2, r2, 0x0) pipe$auto(0x0) splice$auto(r2, 0x0, 0x2, 0x0, 0x3fb, 0x9) write$auto(r2, 0x0, 0x40) dup2$auto(0x5, 0x4) setreuid$auto(0xffffffffffffffff, 0xffffffffffffffff) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000000, 0x9) setsockopt$auto(0x3, 0x1, 0x9, 0x0, 0xa) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff02c}}) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) close_range$auto(r0, 0x8, 0x0) close_range$auto(0x2, r1, 0x0) 926.425991ms ago: executing program 1 (id=2674): r0 = socket(0x29, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x2, &(0x7f0000000100)={0x0, 0x34000}, 0x4, 0x0, 0x3, 0xab}, 0x80670}, 0x3f7ffffe, 0xd9) 577.671528ms ago: executing program 1 (id=2675): r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/oom_adj\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/console\x00', 0x2480, 0x0) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x8000, 0x0) read$auto(r2, 0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x8182, 0x0) r3 = openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_supply_map_fops_(r3, &(0x7f0000000080)=""/78, 0x4e) write$auto(0x3, 0x0, 0xfffffdf1) read$auto(r0, 0x0, 0x4) 514.661166ms ago: executing program 0 (id=2676): openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/trace_marker\x00', 0x43, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) pread64$auto(0xffffffffffffffff, 0x0, 0x7, 0x10000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000140), 0xffffffffffffffff) ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0) mmap$auto(0x0, 0x400008, 0x2, 0x2009b72, 0x2, 0x8000) write$auto(0x1, 0x0, 0x80000000) r3 = pipe$auto(&(0x7f0000000040)=0xffffffffffffffff) tee$auto(r4, r3, 0xc, 0x8) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) fallocate$auto(0x3, 0x0, 0xe, 0x8ec5) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) close_range$auto(0x2, 0x8, 0x0) getpid() sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000080)={0x14, r2, 0x100, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x94) sendmsg$auto_IOAM6_CMD_DUMP_SCHEMAS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x420}, 0xc, &(0x7f00000002c0)={&(0x7f0000000300)={0x14, r2, 0x8, 0x70bd29, 0x25dfdbfe, {}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40810}, 0x40080) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000003c00)={&(0x7f0000000380)=ANY=[@ANYBLOB="e0000000", @ANYRES16, @ANYBLOB="000127bd7000fcdbdf251200000005000c00ff0000000800010000000000a00019007dba6907273140a43172cc0f5945474437143f69a5777674364501bd4661e84d7eeab5f94717d98d0624f33f803fbd6a756bebd8e1f84dc9170d"], 0xe0}, 0x1, 0x0, 0x0, 0x4040043}, 0x8) ioctl$auto_RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, &(0x7f0000000440)=0x77b) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:0e/power/autosuspend_delay_ms\x00', 0x82940, 0x0) close_range$auto(0x2, 0x8, 0x0) socketcall$auto(0xa, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) 64.268597ms ago: executing program 3 (id=2677): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x7, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0x6) r0 = socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x19, 0x0, 0x9, 0x0, 0x1f, 0x3}, 0x4}, 0x7, 0x20020004) write$auto(0x3, 0x0, 0x7fffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_setup$auto(0x2, 0x0) mbind$auto(0xf000, 0x8000000000000001, 0x100000000, 0x0, 0x6, 0x2) socket(0x2, 0x5, 0x0) socket(0xa, 0x80803, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=r1, @ANYBLOB="010025bd7000fcdbdf250400000004001900"], 0x18}, 0x1, 0x0, 0x0, 0x2000c8c8}, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x2b, 0x0) fsopen$auto(0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/cgroup/delegate\x00', 0x80, 0x0) socketpair$auto(0x5, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/smaps_rollup\x00', 0x40302, 0x0) 0s ago: executing program 1 (id=2678): unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x9a28) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000100)={0x0, 0x7}, 0x4000000000007) memfd_secret$auto(0x4) getsockopt$auto_SO_NOFCS(r0, 0x68c, 0x2b, 0x0, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000002c0)={{@raw=0x5, 0x7aabb7ea, 0x0, 0x400a2, "c6e47a44a36664a5e709f0e4c97056bc9fa32c617bb88dc98fa7591aefc4647f5af349f8e1e79c823b22958f"}, 0x1, @enumerated=@item=[0x5, 0x1, 0x1, 0xc, 0x4, 0x6, 0x0, 0x8, 0x4, 0x3, 0x8001, 0x0, 0x3, 0x40, 0x40, 0x9, 0x5, 0x4, 0x8, 0x7, 0x8, 0x3, 0x6820, 0xb3, 0x9efe, 0x6, 0x72, 0x8, 0x5, 0x931c, 0x2f, 0x3, 0xff, 0xfffffffb, 0x80000000, 0x74814ca1, 0x1000000, 0xd0, 0x20, 0x3, 0x6, 0x10001, 0x5, 0x0, 0xffffffd9, 0x9, 0x3, 0x10, 0x3, 0x12, 0x6578, 0xfffffff9, 0x2, 0x1b, 0xa9, 0x6, 0x7, 0x5, 0xca92, 0x82, 0x9, 0x9, 0xa, 0xb4b3, 0x2, 0x7, 0x3ff, 0x6, 0x5, 0x9, 0x63a4183b, 0x0, 0x4d84, 0x3bc, 0x2, 0x0, 0x8, 0x10, 0x10000, 0x30f5, 0x8000, 0x56f, 0x7, 0x4, 0x1ff, 0x10001, 0x3, 0xffff, 0x40, 0x17, 0x8, 0x6, 0x6, 0x5, 0x1ff, 0x65bb, 0x29, 0x7, 0xfffffffe, 0x1, 0x5, 0x2, 0x3, 0xf2, 0xe, 0x0, 0x6, 0xffffffff, 0x0, 0xa896, 0x2, 0x1, 0x200, 0x7, 0x2, 0x8, 0x4, 0xf04, 0x6, 0x3, 0xe9b, 0x12d, 0x9, 0x4, 0x5, 0x3, 0x8, 0x40000000], "4570dcfd140074f863fc1385c4fd7abe6fce96c0b442897f58fd7d975d164deff4eef5b9f9173fa400163669eae95125d4bd68ca00000000000000008d501b1329af8d4108ac0400000000040000a1b2dfae0f309c6ea588833d7d134b13d8cb3ef95bf5ed43801c280c02a5a853512e6f730d43226f00af1c5ac268ecc1d18f"}) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/v4l-touch3\x00', 0x88382, 0x0) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c00001efd160f6c0200b53149d420ff00", @ANYRES16, @ANYBLOB="020025bd7000ffdbdf251400000008000300ffffff7f"], 0x1c}, 0x1, 0x0, 0x0, 0x8011}, 0x8000) kernel console output (not intermixed with test programs): 84] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.830381][T15884] R13: 00007f72f3a16038 R14: 00007f72f3a15fa0 R15: 00007ffd09647838 [ 697.830401][T15884] [ 698.185413][T15892] FAULT_INJECTION: forcing a failure. [ 698.185413][T15892] name failslab, interval 1, probability 0, space 0, times 0 [ 698.198167][T15892] CPU: 0 UID: 0 PID: 15892 Comm: syz.0.2315 Tainted: G L syzkaller #0 PREEMPT(full) [ 698.198194][T15892] Tainted: [L]=SOFTLOCKUP [ 698.198199][T15892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 698.198209][T15892] Call Trace: [ 698.198217][T15892] [ 698.198223][T15892] dump_stack_lvl+0x100/0x190 [ 698.198246][T15892] should_fail_ex.cold+0x5/0xa [ 698.198268][T15892] should_failslab+0xc2/0x120 [ 698.198287][T15892] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 698.198311][T15892] ? __d_alloc+0x34/0xa40 [ 698.198330][T15892] ? lockdep_init_map_type+0x5c/0x250 [ 698.198356][T15892] __d_alloc+0x34/0xa40 [ 698.198378][T15892] d_alloc_pseudo+0x1c/0xc0 [ 698.198394][T15892] alloc_file_pseudo+0xcf/0x230 [ 698.198417][T15892] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 698.198439][T15892] ? alloc_fd+0x476/0x790 [ 698.198460][T15892] sock_alloc_file+0x50/0x210 [ 698.198479][T15892] __sys_socket+0x1c0/0x260 [ 698.198499][T15892] ? __pfx___sys_socket+0x10/0x10 [ 698.198519][T15892] ? ksys_write+0x1ac/0x250 [ 698.198540][T15892] __x64_sys_socket+0x72/0xb0 [ 698.198560][T15892] ? lockdep_hardirqs_on+0x78/0x100 [ 698.198581][T15892] do_syscall_64+0x115/0x840 [ 698.198601][T15892] ? clear_bhb_loop+0x40/0x90 [ 698.198619][T15892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.198635][T15892] RIP: 0033:0x7fd34bd9e6c7 [ 698.198649][T15892] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 698.198664][T15892] RSP: 002b:00007fd34cb95f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 698.198679][T15892] RAX: ffffffffffffffda RBX: 00007fd34c015fa0 RCX: 00007fd34bd9e6c7 [ 698.198690][T15892] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 698.198700][T15892] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 698.198711][T15892] R10: 0000200000001700 R11: 0000000000000286 R12: 0000000000000000 [ 698.198721][T15892] R13: 00007fd34c016038 R14: 00007fd34c015fa0 R15: 00007ffcd6afe5b8 [ 698.198743][T15892] [ 698.476056][T15556] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 698.486580][T15556] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 698.536758][ T161] bridge0: port 1(bridge_slave_0) entered blocking state [ 698.545277][ T161] bridge0: port 1(bridge_slave_0) entered forwarding state [ 698.554228][ T161] bridge0: port 2(bridge_slave_1) entered blocking state [ 698.561626][ T161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 699.723526][T15924] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2318'. [ 699.906390][T15933] FAULT_INJECTION: forcing a failure. [ 699.906390][T15933] name failslab, interval 1, probability 0, space 0, times 0 [ 699.968268][T15933] CPU: 0 UID: 0 PID: 15933 Comm: syz.2.2326 Tainted: G L syzkaller #0 PREEMPT(full) [ 699.968294][T15933] Tainted: [L]=SOFTLOCKUP [ 699.968300][T15933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 699.968309][T15933] Call Trace: [ 699.968315][T15933] [ 699.968321][T15933] dump_stack_lvl+0x100/0x190 [ 699.968342][T15933] should_fail_ex.cold+0x5/0xa [ 699.968362][T15933] ? iter_file_splice_write+0x1d8/0x10a0 [ 699.968381][T15933] should_failslab+0xc2/0x120 [ 699.968400][T15933] __kmalloc_noprof+0xe0/0x850 [ 699.968418][T15933] iter_file_splice_write+0x1d8/0x10a0 [ 699.968439][T15933] ? copy_splice_read+0x700/0xb90 [ 699.968456][T15933] ? copy_splice_read+0x734/0xb90 [ 699.968480][T15933] ? __pfx_iter_file_splice_write+0x10/0x10 [ 699.968500][T15933] ? __lock_acquire+0x4a5/0x2630 [ 699.968525][T15933] ? __pfx_copy_splice_read+0x10/0x10 [ 699.968553][T15933] ? __pfx_iter_file_splice_write+0x10/0x10 [ 699.968574][T15933] direct_splice_actor+0x192/0x6c0 [ 699.968595][T15933] splice_direct_to_actor+0x345/0xa30 [ 699.968615][T15933] ? __pfx_direct_splice_actor+0x10/0x10 [ 699.968640][T15933] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 699.968672][T15933] do_splice_direct+0x174/0x240 [ 699.968692][T15933] ? __pfx_do_splice_direct+0x10/0x10 [ 699.968711][T15933] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 699.968732][T15933] ? rw_verify_area+0xce/0x6d0 [ 699.968750][T15933] do_sendfile+0xadc/0xe20 [ 699.968769][T15933] ? __pfx_do_sendfile+0x10/0x10 [ 699.968786][T15933] ? __fget_files+0x21f/0x3d0 [ 699.968809][T15933] __x64_sys_sendfile64+0x1d8/0x220 [ 699.968829][T15933] ? ksys_write+0x1ac/0x250 [ 699.968845][T15933] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 699.968867][T15933] ? rcu_is_watching+0x12/0xc0 [ 699.968887][T15933] do_syscall_64+0x115/0x840 [ 699.968909][T15933] ? clear_bhb_loop+0x40/0x90 [ 699.968928][T15933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.968943][T15933] RIP: 0033:0x7fca8319ce59 [ 699.968956][T15933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 699.968971][T15933] RSP: 002b:00007fca813f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 699.968986][T15933] RAX: ffffffffffffffda RBX: 00007fca83415fa0 RCX: 00007fca8319ce59 [ 699.968996][T15933] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 699.969005][T15933] RBP: 00007fca813f6090 R08: 0000000000000000 R09: 0000000000000000 [ 699.969014][T15933] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001 [ 699.969024][T15933] R13: 00007fca83416038 R14: 00007fca83415fa0 R15: 00007ffd99a9d0b8 [ 699.969043][T15933] [ 700.366624][T15941] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2319'. [ 700.561672][T15556] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 700.929860][T15949] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2322'. [ 701.292092][T15556] veth0_vlan: entered promiscuous mode [ 701.829283][T15556] veth1_vlan: entered promiscuous mode [ 702.544690][T15556] veth0_macvtap: entered promiscuous mode [ 702.589185][T15556] veth1_macvtap: entered promiscuous mode [ 702.695844][T15956] Process accounting paused [ 702.703968][T15556] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 702.780733][T15987] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 702.807847][T15556] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 702.987717][T11353] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 703.041055][T11353] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 703.120291][T11353] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 703.186598][T11353] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 703.435036][T15998] Process accounting paused [ 703.665839][T11353] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 703.712895][T11353] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 703.831736][ T3306] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 703.831757][ T3306] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 704.140637][ T29] audit: type=1800 audit(4294967299.558:53): pid=16017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2334" name="file0" dev="tmpfs" ino=180 res=0 errno=0 [ 704.259042][T16023] input: f¬ as /devices/virtual/input/input83 [ 704.600011][T16027] FAULT_INJECTION: forcing a failure. [ 704.600011][T16027] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 704.600041][T16027] CPU: 0 UID: 0 PID: 16027 Comm: syz.3.2338 Tainted: G L syzkaller #0 PREEMPT(full) [ 704.600063][T16027] Tainted: [L]=SOFTLOCKUP [ 704.600068][T16027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 704.600078][T16027] Call Trace: [ 704.600084][T16027] [ 704.600090][T16027] dump_stack_lvl+0x100/0x190 [ 704.600112][T16027] should_fail_ex.cold+0x5/0xa [ 704.600132][T16027] core_sys_select+0x9b9/0xbb0 [ 704.600156][T16027] ? __pfx_core_sys_select+0x10/0x10 [ 704.600193][T16027] ? ktime_get_ts64+0x306/0x420 [ 704.600216][T16027] ? ktime_get_ts64+0x318/0x420 [ 704.600236][T16027] ? ktime_get_ts64+0x257/0x420 [ 704.600259][T16027] kern_select+0x1d0/0x280 [ 704.600277][T16027] ? __pfx_kern_select+0x10/0x10 [ 704.600295][T16027] ? xfd_validate_state+0x129/0x190 [ 704.600315][T16027] __x64_sys_select+0xbd/0x160 [ 704.600331][T16027] ? do_syscall_64+0x90/0x840 [ 704.600352][T16027] ? lockdep_hardirqs_on+0x78/0x100 [ 704.600372][T16027] do_syscall_64+0x115/0x840 [ 704.600391][T16027] ? clear_bhb_loop+0x40/0x90 [ 704.600410][T16027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.600425][T16027] RIP: 0033:0x7f72f379ce59 [ 704.600438][T16027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 704.600453][T16027] RSP: 002b:00007f72f467a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 704.600468][T16027] RAX: ffffffffffffffda RBX: 00007f72f3a15fa0 RCX: 00007f72f379ce59 [ 704.600478][T16027] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 704.600487][T16027] RBP: 00007f72f3832d6f R08: 00002000000001c0 R09: 0000000000000000 [ 704.600496][T16027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 704.600505][T16027] R13: 00007f72f3a16038 R14: 00007f72f3a15fa0 R15: 00007ffd09647838 [ 704.600525][T16027] [ 705.056095][ T5637] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 705.065197][ T5637] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 705.066382][ T5637] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 705.067569][ T5637] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 705.068597][ T5637] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 706.109811][T16062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2345'. [ 706.654520][ T161] bridge_slave_1: left allmulticast mode [ 706.682801][ T161] bridge_slave_1: left promiscuous mode [ 706.722659][ T161] bridge0: port 2(bridge_slave_1) entered disabled state [ 706.785307][ T161] bridge_slave_0: left allmulticast mode [ 706.820688][ T161] bridge_slave_0: left promiscuous mode [ 706.858889][ T161] bridge0: port 1(bridge_slave_0) entered disabled state [ 706.921315][T16073] program syz.0.2347 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 707.000843][T16071] zswap: compressor not available [ 707.167262][ T5637] Bluetooth: hci0: command tx timeout [ 707.309150][ T161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 707.332060][ T161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 707.351364][ T161] bond0 (unregistering): Released all slaves [ 707.470370][ T161] ovs_ÿþÿþ?: left promiscuous mode [ 708.301107][ T161] hsr_slave_0: left promiscuous mode [ 708.349012][ T161] hsr_slave_1: left promiscuous mode [ 708.405006][ T161] veth1_macvtap: left promiscuous mode [ 708.429881][ T161] veth0_macvtap: left promiscuous mode [ 708.448052][ T161] veth1_vlan: left promiscuous mode [ 708.454007][T16080] kexec: Could not allocate control_code_buffer [ 708.469765][ T161] veth0_vlan: left promiscuous mode [ 708.679460][T16099] FAULT_INJECTION: forcing a failure. [ 708.679460][T16099] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 708.736768][T16099] CPU: 0 UID: 0 PID: 16099 Comm: syz.1.2351 Tainted: G L syzkaller #0 PREEMPT(full) [ 708.736795][T16099] Tainted: [L]=SOFTLOCKUP [ 708.736801][T16099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 708.736811][T16099] Call Trace: [ 708.736816][T16099] [ 708.736823][T16099] dump_stack_lvl+0x100/0x190 [ 708.736844][T16099] should_fail_ex.cold+0x5/0xa [ 708.736865][T16099] core_sys_select+0x9b9/0xbb0 [ 708.736888][T16099] ? __pfx_core_sys_select+0x10/0x10 [ 708.736924][T16099] ? ktime_get_ts64+0x306/0x420 [ 708.736948][T16099] ? ktime_get_ts64+0x318/0x420 [ 708.736969][T16099] ? ktime_get_ts64+0x257/0x420 [ 708.736992][T16099] kern_select+0x1d0/0x280 [ 708.737011][T16099] ? __pfx_kern_select+0x10/0x10 [ 708.737028][T16099] ? xfd_validate_state+0x129/0x190 [ 708.737048][T16099] __x64_sys_select+0xbd/0x160 [ 708.737064][T16099] ? do_syscall_64+0x90/0x840 [ 708.737085][T16099] ? lockdep_hardirqs_on+0x78/0x100 [ 708.737105][T16099] do_syscall_64+0x115/0x840 [ 708.737124][T16099] ? clear_bhb_loop+0x40/0x90 [ 708.737142][T16099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.737158][T16099] RIP: 0033:0x7fe192d9ce59 [ 708.737171][T16099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 708.737189][T16099] RSP: 002b:00007fe193cdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 708.737204][T16099] RAX: ffffffffffffffda RBX: 00007fe193015fa0 RCX: 00007fe192d9ce59 [ 708.737215][T16099] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 708.737225][T16099] RBP: 00007fe192e32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 708.737235][T16099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 708.737243][T16099] R13: 00007fe193016038 R14: 00007fe193015fa0 R15: 00007ffc78870678 [ 708.737264][T16099] [ 709.250796][ T5637] Bluetooth: hci0: command tx timeout [ 709.324972][ T161] team0 (unregistering): Port device team_slave_1 removed [ 709.355654][ T161] team0 (unregistering): Port device team_slave_0 removed [ 709.726601][T16114] FAULT_INJECTION: forcing a failure. [ 709.726601][T16114] name failslab, interval 1, probability 0, space 0, times 0 [ 709.794722][T16114] CPU: 0 UID: 0 PID: 16114 Comm: syz.1.2356 Tainted: G L syzkaller #0 PREEMPT(full) [ 709.794749][T16114] Tainted: [L]=SOFTLOCKUP [ 709.794755][T16114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 709.794765][T16114] Call Trace: [ 709.794770][T16114] [ 709.794777][T16114] dump_stack_lvl+0x100/0x190 [ 709.794799][T16114] should_fail_ex.cold+0x5/0xa [ 709.794820][T16114] ? security_inode_init_security+0x113/0x370 [ 709.794845][T16114] should_failslab+0xc2/0x120 [ 709.794864][T16114] __kmalloc_noprof+0xe0/0x850 [ 709.794882][T16114] security_inode_init_security+0x113/0x370 [ 709.794907][T16114] ? __pfx_shmem_initxattrs+0x10/0x10 [ 709.794928][T16114] ? __pfx_security_inode_init_security+0x10/0x10 [ 709.794953][T16114] ? make_vfsgid+0xf1/0x140 [ 709.794970][T16114] shmem_mknod+0x2ce/0x480 [ 709.794992][T16114] ? __pfx_shmem_mknod+0x10/0x10 [ 709.795017][T16114] vfs_mknod+0x3a5/0x7f0 [ 709.795036][T16114] filename_mknodat+0x5aa/0x7f0 [ 709.795058][T16114] ? __pfx_filename_mknodat+0x10/0x10 [ 709.795077][T16114] ? strncpy_from_user+0x19d/0x2d0 [ 709.795101][T16114] ? do_getname+0x191/0x390 [ 709.795124][T16114] __x64_sys_mknod+0x8f/0xc0 [ 709.795144][T16114] do_syscall_64+0x115/0x840 [ 709.795165][T16114] ? clear_bhb_loop+0x40/0x90 [ 709.795184][T16114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.795201][T16114] RIP: 0033:0x7fe192d9ce59 [ 709.795215][T16114] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 709.795231][T16114] RSP: 002b:00007fe193cbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 709.795247][T16114] RAX: ffffffffffffffda RBX: 00007fe193016090 RCX: 00007fe192d9ce59 [ 709.795257][T16114] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000040 [ 709.795267][T16114] RBP: 00007fe192e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 709.795276][T16114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 709.795286][T16114] R13: 00007fe193016128 R14: 00007fe193016090 R15: 00007ffc78870678 [ 709.795306][T16114] [ 710.589943][T16035] bridge0: port 1(bridge_slave_0) entered blocking state [ 710.615995][T16035] bridge0: port 1(bridge_slave_0) entered disabled state [ 710.663088][T16035] bridge_slave_0: entered allmulticast mode [ 710.686279][T16035] bridge_slave_0: entered promiscuous mode [ 710.750532][T16035] bridge0: port 2(bridge_slave_1) entered blocking state [ 710.778648][T16035] bridge0: port 2(bridge_slave_1) entered disabled state [ 710.790625][T16035] bridge_slave_1: entered allmulticast mode [ 710.825737][T16035] bridge_slave_1: entered promiscuous mode [ 711.128957][T16035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 711.241780][T16035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 711.279558][T16143] FAULT_INJECTION: forcing a failure. [ 711.279558][T16143] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 711.315709][T16143] CPU: 0 UID: 0 PID: 16143 Comm: syz.1.2364 Tainted: G L syzkaller #0 PREEMPT(full) [ 711.315736][T16143] Tainted: [L]=SOFTLOCKUP [ 711.315742][T16143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 711.315752][T16143] Call Trace: [ 711.315758][T16143] [ 711.315765][T16143] dump_stack_lvl+0x100/0x190 [ 711.315787][T16143] should_fail_ex.cold+0x5/0xa [ 711.315808][T16143] core_sys_select+0x9b9/0xbb0 [ 711.315831][T16143] ? __pfx_core_sys_select+0x10/0x10 [ 711.315869][T16143] ? ktime_get_ts64+0x306/0x420 [ 711.315893][T16143] ? ktime_get_ts64+0x318/0x420 [ 711.315913][T16143] ? ktime_get_ts64+0x257/0x420 [ 711.315937][T16143] kern_select+0x1d0/0x280 [ 711.315955][T16143] ? __pfx_kern_select+0x10/0x10 [ 711.315973][T16143] ? xfd_validate_state+0x129/0x190 [ 711.315993][T16143] __x64_sys_select+0xbd/0x160 [ 711.316009][T16143] ? do_syscall_64+0x90/0x840 [ 711.316029][T16143] ? lockdep_hardirqs_on+0x78/0x100 [ 711.316049][T16143] do_syscall_64+0x115/0x840 [ 711.316068][T16143] ? clear_bhb_loop+0x40/0x90 [ 711.316086][T16143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.316102][T16143] RIP: 0033:0x7fe192d9ce59 [ 711.316115][T16143] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 711.316129][T16143] RSP: 002b:00007fe193cdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 711.316144][T16143] RAX: ffffffffffffffda RBX: 00007fe193015fa0 RCX: 00007fe192d9ce59 [ 711.316155][T16143] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 711.316164][T16143] RBP: 00007fe192e32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 711.316180][T16143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 711.316189][T16143] R13: 00007fe193016038 R14: 00007fe193015fa0 R15: 00007ffc78870678 [ 711.316209][T16143] [ 711.506630][T16035] team0: Port device team_slave_0 added [ 711.514040][T16035] team0: Port device team_slave_1 added [ 711.536691][T16035] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 711.543710][T16035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 711.569813][T16035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 711.582040][T16035] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 711.589060][T16035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 711.614991][T16035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 711.650874][T16035] hsr_slave_0: entered promiscuous mode [ 711.657024][T16035] hsr_slave_1: entered promiscuous mode [ 711.736880][ T5637] Bluetooth: hci0: command tx timeout [ 712.098676][T16140] Process accounting resumed [ 712.447334][T16035] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 712.485261][T16035] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 712.517219][T16035] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 712.561495][T16035] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 712.595134][T16035] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 712.656532][T16035] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 712.657308][T16035] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 712.687081][T16035] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 712.920263][T16035] 8021q: adding VLAN 0 to HW filter on device bond0 [ 712.968189][T16173] FAULT_INJECTION: forcing a failure. [ 712.968189][T16173] name failslab, interval 1, probability 0, space 0, times 0 [ 712.968242][T16173] CPU: 0 UID: 0 PID: 16173 Comm: syz.3.2370 Tainted: G L syzkaller #0 PREEMPT(full) [ 712.968288][T16173] Tainted: [L]=SOFTLOCKUP [ 712.968300][T16173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 712.968320][T16173] Call Trace: [ 712.968326][T16173] [ 712.968332][T16173] dump_stack_lvl+0x100/0x190 [ 712.968354][T16173] should_fail_ex.cold+0x5/0xa [ 712.968375][T16173] ? security_inode_init_security+0x113/0x370 [ 712.968400][T16173] should_failslab+0xc2/0x120 [ 712.968419][T16173] __kmalloc_noprof+0xe0/0x850 [ 712.968437][T16173] security_inode_init_security+0x113/0x370 [ 712.968460][T16173] ? __pfx_shmem_initxattrs+0x10/0x10 [ 712.968480][T16173] ? __pfx_security_inode_init_security+0x10/0x10 [ 712.968505][T16173] ? make_vfsgid+0xf1/0x140 [ 712.968522][T16173] shmem_mknod+0x2ce/0x480 [ 712.968546][T16173] ? __pfx_shmem_mknod+0x10/0x10 [ 712.968571][T16173] vfs_mknod+0x3a5/0x7f0 [ 712.968590][T16173] filename_mknodat+0x5aa/0x7f0 [ 712.968612][T16173] ? __pfx_filename_mknodat+0x10/0x10 [ 712.968631][T16173] ? strncpy_from_user+0x19d/0x2d0 [ 712.968655][T16173] ? do_getname+0x191/0x390 [ 712.968678][T16173] __x64_sys_mknod+0x8f/0xc0 [ 712.968697][T16173] do_syscall_64+0x115/0x840 [ 712.968718][T16173] ? clear_bhb_loop+0x40/0x90 [ 712.968737][T16173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.968752][T16173] RIP: 0033:0x7f72f379ce59 [ 712.968765][T16173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 712.968780][T16173] RSP: 002b:00007f72f4659028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 712.968796][T16173] RAX: ffffffffffffffda RBX: 00007f72f3a16090 RCX: 00007f72f379ce59 [ 712.968806][T16173] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000040 [ 712.968815][T16173] RBP: 00007f72f3832d6f R08: 0000000000000000 R09: 0000000000000000 [ 712.968824][T16173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 712.968833][T16173] R13: 00007f72f3a16128 R14: 00007f72f3a16090 R15: 00007ffd09647838 [ 712.968870][T16173] [ 712.990976][T16035] 8021q: adding VLAN 0 to HW filter on device team0 [ 713.054944][ T3306] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.055013][ T3306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 713.068801][ T3306] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.068887][ T3306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 713.811889][ T5637] Bluetooth: hci0: command tx timeout [ 714.072654][ T29] audit: type=1800 audit(4294967309.483:54): pid=16176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2366" name="file0" dev="tmpfs" ino=70 res=0 errno=0 [ 714.757926][T16035] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 714.863483][T16199] FAULT_INJECTION: forcing a failure. [ 714.863483][T16199] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 714.863514][T16199] CPU: 0 UID: 0 PID: 16199 Comm: syz.3.2373 Tainted: G L syzkaller #0 PREEMPT(full) [ 714.863537][T16199] Tainted: [L]=SOFTLOCKUP [ 714.863542][T16199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 714.863552][T16199] Call Trace: [ 714.863558][T16199] [ 714.863564][T16199] dump_stack_lvl+0x100/0x190 [ 714.863585][T16199] should_fail_ex.cold+0x5/0xa [ 714.863605][T16199] core_sys_select+0x9b9/0xbb0 [ 714.863628][T16199] ? __pfx_core_sys_select+0x10/0x10 [ 714.863664][T16199] ? ktime_get_ts64+0x306/0x420 [ 714.863687][T16199] ? ktime_get_ts64+0x318/0x420 [ 714.863708][T16199] ? ktime_get_ts64+0x257/0x420 [ 714.863731][T16199] kern_select+0x1d0/0x280 [ 714.863756][T16199] ? __pfx_kern_select+0x10/0x10 [ 714.863774][T16199] ? xfd_validate_state+0x129/0x190 [ 714.863795][T16199] __x64_sys_select+0xbd/0x160 [ 714.863812][T16199] ? do_syscall_64+0x90/0x840 [ 714.863832][T16199] ? lockdep_hardirqs_on+0x78/0x100 [ 714.863852][T16199] do_syscall_64+0x115/0x840 [ 714.863872][T16199] ? clear_bhb_loop+0x40/0x90 [ 714.863891][T16199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.863907][T16199] RIP: 0033:0x7f72f379ce59 [ 714.863920][T16199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 714.863934][T16199] RSP: 002b:00007f72f467a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 714.863949][T16199] RAX: ffffffffffffffda RBX: 00007f72f3a15fa0 RCX: 00007f72f379ce59 [ 714.863960][T16199] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 714.863970][T16199] RBP: 00007f72f3832d6f R08: 00002000000001c0 R09: 0000000000000000 [ 714.863979][T16199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 714.863988][T16199] R13: 00007f72f3a16038 R14: 00007f72f3a15fa0 R15: 00007ffd09647838 [ 714.864007][T16199] [ 715.048627][T16035] veth0_vlan: entered promiscuous mode [ 715.073184][T16035] veth1_vlan: entered promiscuous mode [ 715.130050][T16035] veth0_macvtap: entered promiscuous mode [ 715.143271][T16035] veth1_macvtap: entered promiscuous mode [ 715.175921][T16035] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 715.195364][T16035] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 715.208239][ T161] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.208275][ T161] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.208300][ T161] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.208324][ T161] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.431567][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 715.431586][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 715.510823][ T161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 715.510841][ T161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 715.713432][T16204] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2339'. [ 715.713455][T16204] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 715.713471][T16204] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 715.725474][T16204] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 715.725497][T16204] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 716.557319][T16211] input: f¬ as /devices/virtual/input/input84 [ 716.598348][T16215] kernel read not supported for file /\*)A (pid: 16215 comm: syz.2.2376) [ 716.657815][T16217] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 716.737132][ T29] audit: type=1800 audit(4294967312.142:55): pid=16215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2376" name="\*)A" dev="mqueue" ino=68843 res=0 errno=0 [ 716.795033][T16220] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2379'. [ 716.913144][T16224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2379'. [ 716.971120][T16220] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2379'. [ 717.050066][T16220] < [ 717.242653][ T29] audit: type=1800 audit(4294967312.652:56): pid=16227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2381" name="lu_gp_id" dev="configfs" ino=68935 res=0 errno=0 [ 717.899318][T16246] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2385'. [ 718.510454][T16227] sd 0:0:1:0: PR command failed: 1026 [ 718.550295][T16227] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 718.568258][T16260] input: f¬ as /devices/virtual/input/input85 [ 718.589195][T16227] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 718.887700][T16267] FAULT_INJECTION: forcing a failure. [ 718.887700][T16267] name failslab, interval 1, probability 0, space 0, times 0 [ 718.907923][T16265] input: f¬ as /devices/virtual/input/input86 [ 718.987130][T16267] CPU: 0 UID: 0 PID: 16267 Comm: syz.2.2391 Tainted: G L syzkaller #0 PREEMPT(full) [ 718.987156][T16267] Tainted: [L]=SOFTLOCKUP [ 718.987161][T16267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 718.987171][T16267] Call Trace: [ 718.987176][T16267] [ 718.987182][T16267] dump_stack_lvl+0x100/0x190 [ 718.987203][T16267] should_fail_ex.cold+0x5/0xa [ 718.987223][T16267] should_failslab+0xc2/0x120 [ 718.987241][T16267] __kmalloc_cache_noprof+0x7a/0x6f0 [ 718.987263][T16267] ? vt_do_diacrit+0x5bb/0xa90 [ 718.987390][T16267] vt_do_diacrit+0x5bb/0xa90 [ 718.987413][T16267] vt_ioctl+0xbab/0x31a0 [ 718.987429][T16267] ? __pfx_vt_ioctl+0x10/0x10 [ 718.987442][T16267] ? find_held_lock+0x2b/0x80 [ 718.987460][T16267] ? tomoyo_path_number_perm+0x28f/0x580 [ 718.987497][T16267] ? tomoyo_path_number_perm+0x28f/0x580 [ 718.987519][T16267] ? tomoyo_path_number_perm+0x188/0x580 [ 718.987538][T16267] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 718.987559][T16267] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 718.987583][T16267] ? __pfx_vt_ioctl+0x10/0x10 [ 718.987598][T16267] tty_ioctl+0x26a/0x1640 [ 718.987619][T16267] ? __pfx_tty_ioctl+0x10/0x10 [ 718.987643][T16267] ? find_held_lock+0x2b/0x80 [ 718.987660][T16267] ? __fget_files+0x215/0x3d0 [ 718.987677][T16267] ? hook_file_ioctl_common+0x149/0x410 [ 718.987699][T16267] ? __fget_files+0x21f/0x3d0 [ 718.987719][T16267] ? __pfx_tty_ioctl+0x10/0x10 [ 718.987739][T16267] __x64_sys_ioctl+0x18e/0x210 [ 718.987755][T16267] do_syscall_64+0x115/0x840 [ 718.987778][T16267] ? clear_bhb_loop+0x40/0x90 [ 718.987797][T16267] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.987813][T16267] RIP: 0033:0x7ff213d9ce59 [ 718.987826][T16267] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 718.987840][T16267] RSP: 002b:00007ff214d03028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 718.987855][T16267] RAX: ffffffffffffffda RBX: 00007ff214015fa0 RCX: 00007ff213d9ce59 [ 718.987866][T16267] RDX: ffffffffffffffff RSI: 0000000000004b4a RDI: 0000000000000003 [ 718.987875][T16267] RBP: 00007ff214d03090 R08: 0000000000000000 R09: 0000000000000000 [ 718.987884][T16267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 718.987893][T16267] R13: 00007ff214016038 R14: 00007ff214015fa0 R15: 00007ffcd2d06928 [ 718.987912][T16267] [ 719.671159][T16276] snd_virmidi snd_virmidi.0: control 61678:131081:4:yª:3 is already present [ 719.863553][T16282] ubi0: attaching mtd0 [ 719.885713][T16282] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1 [ 719.910501][T16282] eraseblock attaching information dump: [ 719.935590][T16282] ec 1 [ 719.957191][T16282] pnum 0 [ 719.967983][T16282] lnum 0 [ 719.976119][T16282] scrub 0 [ 719.983540][T16282] sqnum 1 [ 719.997063][T16282] Volume identifier header dump: [ 720.022696][T16282] magic 55424921 [ 720.030963][T16282] version 1 [ 720.041500][T16282] vol_type 1 [ 720.059036][T16282] copy_flag 0 [ 720.072226][T16282] compat 5 [ 720.101293][T16282] vol_id 2147479551 [ 720.140749][T16282] lnum 0 [ 720.204260][T16282] data_size 0 [ 720.260219][T16282] used_ebs 0 [ 720.300953][T16282] data_pad 0 [ 720.318232][T16282] sqnum 1 [ 720.357778][T16282] hdr_crc 65b3bd2d [ 720.385969][T16282] Volume identifier header hexdump: [ 720.458209][T16297] FAULT_INJECTION: forcing a failure. [ 720.458209][T16297] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 720.527538][T16297] CPU: 0 UID: 0 PID: 16297 Comm: syz.2.2398 Tainted: G L syzkaller #0 PREEMPT(full) [ 720.527576][T16297] Tainted: [L]=SOFTLOCKUP [ 720.527582][T16297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 720.527592][T16297] Call Trace: [ 720.527598][T16297] [ 720.527605][T16297] dump_stack_lvl+0x100/0x190 [ 720.527627][T16297] should_fail_ex.cold+0x5/0xa [ 720.527647][T16297] core_sys_select+0x9b9/0xbb0 [ 720.527679][T16297] ? __pfx_core_sys_select+0x10/0x10 [ 720.527716][T16297] ? ktime_get_ts64+0x306/0x420 [ 720.527739][T16297] ? ktime_get_ts64+0x318/0x420 [ 720.527759][T16297] ? ktime_get_ts64+0x257/0x420 [ 720.527782][T16297] kern_select+0x1d0/0x280 [ 720.527800][T16297] ? __pfx_kern_select+0x10/0x10 [ 720.527817][T16297] ? xfd_validate_state+0x129/0x190 [ 720.527837][T16297] __x64_sys_select+0xbd/0x160 [ 720.527859][T16297] ? do_syscall_64+0x90/0x840 [ 720.527884][T16297] ? lockdep_hardirqs_on+0x78/0x100 [ 720.527905][T16297] do_syscall_64+0x115/0x840 [ 720.527926][T16297] ? clear_bhb_loop+0x40/0x90 [ 720.527944][T16297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.527959][T16297] RIP: 0033:0x7ff213d9ce59 [ 720.527973][T16297] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 720.527988][T16297] RSP: 002b:00007ff214d03028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 720.528003][T16297] RAX: ffffffffffffffda RBX: 00007ff214015fa0 RCX: 00007ff213d9ce59 [ 720.528013][T16297] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 720.528022][T16297] RBP: 00007ff213e32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 720.528031][T16297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.528040][T16297] R13: 00007ff214016038 R14: 00007ff214015fa0 R15: 00007ffcd2d06928 [ 720.528059][T16297] [ 720.975164][T16282] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 721.333389][T16309] input: f¬ as /devices/virtual/input/input87 [ 721.807979][T16316] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2402'. [ 721.889194][T16313] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2402'. [ 722.268926][T16332] FAULT_INJECTION: forcing a failure. [ 722.268926][T16332] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 722.331397][T14936] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 722.345428][T14936] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 722.354546][T14936] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 722.371264][T14936] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 722.379715][T14936] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 722.469166][T16332] CPU: 0 UID: 0 PID: 16332 Comm: syz.0.2407 Tainted: G L syzkaller #0 PREEMPT(full) [ 722.469191][T16332] Tainted: [L]=SOFTLOCKUP [ 722.469197][T16332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 722.469206][T16332] Call Trace: [ 722.469211][T16332] [ 722.469217][T16332] dump_stack_lvl+0x100/0x190 [ 722.469239][T16332] should_fail_ex.cold+0x5/0xa [ 722.469256][T16332] ? prepare_alloc_pages+0x16d/0x5f0 [ 722.469277][T16332] should_fail_alloc_page+0xeb/0x140 [ 722.469297][T16332] prepare_alloc_pages+0x1f0/0x5f0 [ 722.469320][T16332] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 722.469350][T16332] ? __pfx___might_resched+0x10/0x10 [ 722.469367][T16332] ? find_held_lock+0x2b/0x80 [ 722.469386][T16332] ? process_measurement+0x4c8/0x2350 [ 722.469402][T16332] ? process_measurement+0x4c8/0x2350 [ 722.469417][T16332] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 722.469447][T16332] ? process_measurement+0x1f4/0x2350 [ 722.469467][T16332] ? vma_is_special_huge+0x23f/0x2d0 [ 722.469485][T16332] ? __pfx_vma_is_special_huge+0x10/0x10 [ 722.469503][T16332] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 722.469525][T16332] ? policy_nodemask+0xed/0x4f0 [ 722.469545][T16332] alloc_pages_mpol+0x1fb/0x540 [ 722.469564][T16332] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 722.469584][T16332] ? __pfx___thp_vma_allowable_orders+0x10/0x10 [ 722.469607][T16332] alloc_pages_noprof+0x1a/0x160 [ 722.469628][T16332] __pmd_alloc+0x3b/0x950 [ 722.469650][T16332] __handle_mm_fault+0xa9c/0x2a00 [ 722.469675][T16332] ? mt_find+0x45e/0x8e0 [ 722.469781][T16332] ? __pfx___handle_mm_fault+0x10/0x10 [ 722.469802][T16332] ? __pfx_mt_find+0x10/0x10 [ 722.469833][T16332] ? find_vma+0xbf/0x140 [ 722.469849][T16332] ? __pfx_find_vma+0x10/0x10 [ 722.469868][T16332] handle_mm_fault+0x37b/0xa30 [ 722.469894][T16332] do_user_addr_fault+0x74c/0x12f0 [ 722.469924][T16332] ? trace_page_fault_kernel+0x7a/0x200 [ 722.469942][T16332] exc_page_fault+0x6f/0xd0 [ 722.469971][T16332] asm_exc_page_fault+0x26/0x30 [ 722.469987][T16332] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 722.470005][T16332] Code: c4 10 e9 04 9d 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 cd 9c 04 00 66 66 [ 722.470019][T16332] RSP: 0018:ffffc9000359fc50 EFLAGS: 00050202 [ 722.470032][T16332] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 722.470042][T16332] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc9000359fce0 [ 722.470051][T16332] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520006b3f9c [ 722.470060][T16332] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 722.470068][T16332] R13: ffffc9000359fce0 R14: 0000000000000007 R15: 0000000000000000 [ 722.470087][T16332] _copy_from_user+0x98/0xd0 [ 722.470111][T16332] do_ip_setsockopt+0xb22/0x3200 [ 722.470162][T16332] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 722.470178][T16332] ? aa_sk_perm+0x309/0xaa0 [ 722.470202][T16332] ? __pfx_aa_sk_perm+0x10/0x10 [ 722.470224][T16332] ip_setsockopt+0x5a/0xf0 [ 722.470240][T16332] tcp_setsockopt+0xa7/0x100 [ 722.470280][T16332] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 722.470302][T16332] do_sock_setsockopt+0xf3/0x1d0 [ 722.470322][T16332] __sys_setsockopt+0x119/0x190 [ 722.470341][T16332] __x64_sys_setsockopt+0xbd/0x160 [ 722.470355][T16332] ? do_syscall_64+0x90/0x840 [ 722.470375][T16332] ? lockdep_hardirqs_on+0x78/0x100 [ 722.470395][T16332] do_syscall_64+0x115/0x840 [ 722.470415][T16332] ? clear_bhb_loop+0x40/0x90 [ 722.470433][T16332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 722.470448][T16332] RIP: 0033:0x7fd34bd9ce59 [ 722.470461][T16332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 722.470475][T16332] RSP: 002b:00007fd34cb97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 722.470489][T16332] RAX: ffffffffffffffda RBX: 00007fd34c015fa0 RCX: 00007fd34bd9ce59 [ 722.470499][T16332] RDX: 0000000000000032 RSI: 0000000000000000 RDI: 0000000000000003 [ 722.470507][T16332] RBP: 00007fd34cb97090 R08: 0000000000000007 R09: 0000000000000000 [ 722.470516][T16332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 722.470525][T16332] R13: 00007fd34c016038 R14: 00007fd34c015fa0 R15: 00007ffcd6afe5b8 [ 722.470545][T16332] [ 724.457011][T14936] Bluetooth: hci3: command tx timeout [ 724.546829][T11353] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 724.706840][T16371] netlink: 26 bytes leftover after parsing attributes in process `syz.0.2414'. [ 725.070136][T11353] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 725.301371][T11353] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 725.344784][T16387] FAULT_INJECTION: forcing a failure. [ 725.344784][T16387] name failslab, interval 1, probability 0, space 0, times 0 [ 725.407970][T16387] CPU: 0 UID: 0 PID: 16387 Comm: syz.1.2418 Tainted: G L syzkaller #0 PREEMPT(full) [ 725.407998][T16387] Tainted: [L]=SOFTLOCKUP [ 725.408004][T16387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 725.408013][T16387] Call Trace: [ 725.408019][T16387] [ 725.408026][T16387] dump_stack_lvl+0x100/0x190 [ 725.408047][T16387] should_fail_ex.cold+0x5/0xa [ 725.408069][T16387] ? security_inode_init_security+0x113/0x370 [ 725.408093][T16387] should_failslab+0xc2/0x120 [ 725.408112][T16387] __kmalloc_noprof+0xe0/0x850 [ 725.408133][T16387] security_inode_init_security+0x113/0x370 [ 725.408156][T16387] ? __pfx_shmem_initxattrs+0x10/0x10 [ 725.408176][T16387] ? __pfx_security_inode_init_security+0x10/0x10 [ 725.408202][T16387] ? make_vfsgid+0xf1/0x140 [ 725.408218][T16387] shmem_mknod+0x2ce/0x480 [ 725.408240][T16387] ? __pfx_shmem_mknod+0x10/0x10 [ 725.408265][T16387] vfs_mknod+0x3a5/0x7f0 [ 725.408283][T16387] filename_mknodat+0x5aa/0x7f0 [ 725.408306][T16387] ? __pfx_filename_mknodat+0x10/0x10 [ 725.408325][T16387] ? strncpy_from_user+0x19d/0x2d0 [ 725.408349][T16387] ? do_getname+0x191/0x390 [ 725.408371][T16387] __x64_sys_mknod+0x8f/0xc0 [ 725.408392][T16387] do_syscall_64+0x115/0x840 [ 725.408412][T16387] ? clear_bhb_loop+0x40/0x90 [ 725.408431][T16387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.408447][T16387] RIP: 0033:0x7fe192d9ce59 [ 725.408461][T16387] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 725.408475][T16387] RSP: 002b:00007fe193cbb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 725.408491][T16387] RAX: ffffffffffffffda RBX: 00007fe193016090 RCX: 00007fe192d9ce59 [ 725.408501][T16387] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000040 [ 725.408510][T16387] RBP: 00007fe192e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 725.408519][T16387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 725.408529][T16387] R13: 00007fe193016128 R14: 00007fe193016090 R15: 00007ffc78870678 [ 725.408548][T16387] [ 725.922992][T11353] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 726.073982][T16395] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 726.534018][T16409] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2423'. [ 726.553384][T14936] Bluetooth: hci3: command tx timeout [ 727.251261][T16431] FAULT_INJECTION: forcing a failure. [ 727.251261][T16431] name failslab, interval 1, probability 0, space 0, times 0 [ 727.283566][T14936] Bluetooth: hci0: unexpected event 0x02 length: 1021 > 260 [ 727.307762][T11353] bridge_slave_1: left allmulticast mode [ 727.353566][T16431] CPU: 0 UID: 0 PID: 16431 Comm: syz.0.2428 Tainted: G L syzkaller #0 PREEMPT(full) [ 727.353597][T16431] Tainted: [L]=SOFTLOCKUP [ 727.353604][T16431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 727.353614][T16431] Call Trace: [ 727.353620][T16431] [ 727.353626][T16431] dump_stack_lvl+0x100/0x190 [ 727.353649][T16431] should_fail_ex.cold+0x5/0xa [ 727.353669][T16431] ? security_inode_init_security+0x113/0x370 [ 727.353692][T16431] should_failslab+0xc2/0x120 [ 727.353711][T16431] __kmalloc_noprof+0xe0/0x850 [ 727.353730][T16431] security_inode_init_security+0x113/0x370 [ 727.353754][T16431] ? __pfx_shmem_initxattrs+0x10/0x10 [ 727.353774][T16431] ? __pfx_security_inode_init_security+0x10/0x10 [ 727.353800][T16431] ? make_vfsgid+0xf1/0x140 [ 727.353816][T16431] shmem_mknod+0x2ce/0x480 [ 727.353838][T16431] ? __pfx_shmem_mknod+0x10/0x10 [ 727.353863][T16431] vfs_mknod+0x3a5/0x7f0 [ 727.353882][T16431] filename_mknodat+0x5aa/0x7f0 [ 727.353904][T16431] ? __pfx_filename_mknodat+0x10/0x10 [ 727.353924][T16431] ? strncpy_from_user+0x19d/0x2d0 [ 727.353950][T16431] ? do_getname+0x191/0x390 [ 727.353974][T16431] __x64_sys_mknod+0x8f/0xc0 [ 727.353994][T16431] do_syscall_64+0x115/0x840 [ 727.354015][T16431] ? clear_bhb_loop+0x40/0x90 [ 727.354033][T16431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.354049][T16431] RIP: 0033:0x7fd34bd9ce59 [ 727.354063][T16431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 727.354078][T16431] RSP: 002b:00007fd34cb76028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 727.354093][T16431] RAX: ffffffffffffffda RBX: 00007fd34c016090 RCX: 00007fd34bd9ce59 [ 727.354103][T16431] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000040 [ 727.354113][T16431] RBP: 00007fd34be32d6f R08: 0000000000000000 R09: 0000000000000000 [ 727.354122][T16431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.354131][T16431] R13: 00007fd34c016128 R14: 00007fd34c016090 R15: 00007ffcd6afe5b8 [ 727.354150][T16431] [ 727.611926][T11353] bridge_slave_1: left promiscuous mode [ 727.617695][T11353] bridge0: port 2(bridge_slave_1) entered disabled state [ 727.775016][T16440] input: f¬ as /devices/virtual/input/input88 [ 727.872753][T11353] bridge_slave_0: left allmulticast mode [ 727.928285][T11353] bridge_slave_0: left promiscuous mode [ 727.952763][T11353] bridge0: port 1(bridge_slave_0) entered disabled state [ 728.522526][T11353] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 728.533007][T11353] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 728.545479][T11353] bond0 (unregistering): Released all slaves [ 728.582576][T16333] bridge0: port 1(bridge_slave_0) entered blocking state [ 728.597567][T16333] bridge0: port 1(bridge_slave_0) entered disabled state [ 728.626858][T14936] Bluetooth: hci3: command tx timeout [ 728.635556][T16333] bridge_slave_0: entered allmulticast mode [ 728.673308][T16333] bridge_slave_0: entered promiscuous mode [ 728.689712][ T5294] 8021q: adding VLAN 0 to HW filter on device eth1 [ 728.709508][T11353] ovs_: left promiscuous mode [ 728.735435][T16333] bridge0: port 2(bridge_slave_1) entered blocking state [ 728.742952][T16333] bridge0: port 2(bridge_slave_1) entered disabled state [ 728.786480][T16333] bridge_slave_1: entered allmulticast mode [ 728.796584][T16333] bridge_slave_1: entered promiscuous mode [ 728.927119][T16333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 729.041007][T16333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 729.057701][T16466] FAULT_INJECTION: forcing a failure. [ 729.057701][T16466] name failslab, interval 1, probability 0, space 0, times 0 [ 729.095695][T16466] CPU: 0 UID: 0 PID: 16466 Comm: syz.1.2434 Tainted: G L syzkaller #0 PREEMPT(full) [ 729.095720][T16466] Tainted: [L]=SOFTLOCKUP [ 729.095726][T16466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 729.095736][T16466] Call Trace: [ 729.095741][T16466] [ 729.095747][T16466] dump_stack_lvl+0x100/0x190 [ 729.095769][T16466] should_fail_ex.cold+0x5/0xa [ 729.095789][T16466] should_failslab+0xc2/0x120 [ 729.095807][T16466] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 729.095831][T16466] ? prepare_creds+0x2c/0x950 [ 729.095850][T16466] prepare_creds+0x2c/0x950 [ 729.095867][T16466] __do_sys_landlock_restrict_self+0x14c/0x9e0 [ 729.095885][T16466] ? rcu_is_watching+0x12/0xc0 [ 729.095905][T16466] do_syscall_64+0x115/0x840 [ 729.095926][T16466] ? clear_bhb_loop+0x40/0x90 [ 729.095945][T16466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.095960][T16466] RIP: 0033:0x7fe192d9ce59 [ 729.095974][T16466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 729.095991][T16466] RSP: 002b:00007fe193cbb028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 729.096006][T16466] RAX: ffffffffffffffda RBX: 00007fe193016090 RCX: 00007fe192d9ce59 [ 729.096017][T16466] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000003 [ 729.096026][T16466] RBP: 00007fe193cbb090 R08: 0000000000000000 R09: 0000000000000000 [ 729.096035][T16466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 729.096043][T16466] R13: 00007fe193016128 R14: 00007fe193016090 R15: 00007ffc78870678 [ 729.096065][T16466] [ 729.699732][T16483] FAULT_INJECTION: forcing a failure. [ 729.699732][T16483] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 729.776141][T16483] CPU: 0 UID: 0 PID: 16483 Comm: syz.2.2439 Tainted: G L syzkaller #0 PREEMPT(full) [ 729.776168][T16483] Tainted: [L]=SOFTLOCKUP [ 729.776174][T16483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 729.776184][T16483] Call Trace: [ 729.776190][T16483] [ 729.776197][T16483] dump_stack_lvl+0x100/0x190 [ 729.776218][T16483] should_fail_ex.cold+0x5/0xa [ 729.776239][T16483] core_sys_select+0x9b9/0xbb0 [ 729.776262][T16483] ? __pfx_core_sys_select+0x10/0x10 [ 729.776299][T16483] ? ktime_get_ts64+0x306/0x420 [ 729.776324][T16483] ? ktime_get_ts64+0x318/0x420 [ 729.776345][T16483] ? ktime_get_ts64+0x257/0x420 [ 729.776368][T16483] kern_select+0x1d0/0x280 [ 729.776387][T16483] ? __pfx_kern_select+0x10/0x10 [ 729.776404][T16483] ? xfd_validate_state+0x129/0x190 [ 729.776424][T16483] __x64_sys_select+0xbd/0x160 [ 729.776440][T16483] ? do_syscall_64+0x90/0x840 [ 729.776461][T16483] ? lockdep_hardirqs_on+0x78/0x100 [ 729.776481][T16483] do_syscall_64+0x115/0x840 [ 729.776501][T16483] ? clear_bhb_loop+0x40/0x90 [ 729.776520][T16483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.776537][T16483] RIP: 0033:0x7ff213d9ce59 [ 729.776549][T16483] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 729.776565][T16483] RSP: 002b:00007ff214d03028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 729.776590][T16483] RAX: ffffffffffffffda RBX: 00007ff214015fa0 RCX: 00007ff213d9ce59 [ 729.776610][T16483] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 729.776620][T16483] RBP: 00007ff213e32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 729.776630][T16483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 729.776639][T16483] R13: 00007ff214016038 R14: 00007ff214015fa0 R15: 00007ffcd2d06928 [ 729.776660][T16483] [ 730.223104][ T5294] 8021q: adding VLAN 0 to HW filter on device eth2 [ 730.279779][T16333] team0: Port device team_slave_0 added [ 730.337299][T16333] team0: Port device team_slave_1 added [ 730.443643][T11353] hsr_slave_0: left promiscuous mode [ 730.470674][T11353] hsr_slave_1: left promiscuous mode [ 730.545615][T11353] veth1_macvtap: left promiscuous mode [ 730.598225][T11353] veth0_macvtap: left promiscuous mode [ 730.646358][T11353] veth1_vlan: left promiscuous mode [ 730.683589][T11353] veth0_vlan: left promiscuous mode [ 730.698618][T14936] Bluetooth: hci3: command tx timeout [ 731.455108][T11353] team0 (unregistering): Port device team_slave_1 removed [ 731.494195][T11353] team0 (unregistering): Port device team_slave_0 removed [ 731.746579][ T5294] 8021q: adding VLAN 0 to HW filter on device eth3 [ 731.893538][T16333] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 731.919590][T16525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2444'. [ 731.930443][T16333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 731.969234][T16333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 732.145333][T16333] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 732.164611][T16333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 732.210568][T16333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 732.664926][T16333] hsr_slave_0: entered promiscuous mode [ 732.707276][T16333] hsr_slave_1: entered promiscuous mode [ 732.738721][T16333] debugfs: 'hsr0' already exists in 'hsr' [ 732.777310][T16333] Cannot create hsr debugfs directory [ 732.911730][T16545] Process accounting resumed [ 733.128400][T16553] FAULT_INJECTION: forcing a failure. [ 733.128400][T16553] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 733.216480][T16553] CPU: 0 UID: 0 PID: 16553 Comm: syz.0.2450 Tainted: G L syzkaller #0 PREEMPT(full) [ 733.216507][T16553] Tainted: [L]=SOFTLOCKUP [ 733.216513][T16553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 733.216523][T16553] Call Trace: [ 733.216529][T16553] [ 733.216536][T16553] dump_stack_lvl+0x100/0x190 [ 733.216559][T16553] should_fail_ex.cold+0x5/0xa [ 733.216584][T16553] core_sys_select+0x9b9/0xbb0 [ 733.216613][T16553] ? __pfx_core_sys_select+0x10/0x10 [ 733.216655][T16553] ? ktime_get_ts64+0x306/0x420 [ 733.216678][T16553] ? ktime_get_ts64+0x318/0x420 [ 733.216698][T16553] ? ktime_get_ts64+0x257/0x420 [ 733.216721][T16553] kern_select+0x1d0/0x280 [ 733.216740][T16553] ? __pfx_kern_select+0x10/0x10 [ 733.216761][T16553] ? xfd_validate_state+0x129/0x190 [ 733.216781][T16553] __x64_sys_select+0xbd/0x160 [ 733.216797][T16553] ? do_syscall_64+0x90/0x840 [ 733.216818][T16553] ? lockdep_hardirqs_on+0x78/0x100 [ 733.216838][T16553] do_syscall_64+0x115/0x840 [ 733.216862][T16553] ? clear_bhb_loop+0x40/0x90 [ 733.216881][T16553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.216896][T16553] RIP: 0033:0x7fd34bd9ce59 [ 733.216909][T16553] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 733.216923][T16553] RSP: 002b:00007fd34cb97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 733.216938][T16553] RAX: ffffffffffffffda RBX: 00007fd34c015fa0 RCX: 00007fd34bd9ce59 [ 733.216948][T16553] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 733.216958][T16553] RBP: 00007fd34be32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 733.216967][T16553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 733.216986][T16553] R13: 00007fd34c016038 R14: 00007fd34c015fa0 R15: 00007ffcd6afe5b8 [ 733.217006][T16553] [ 733.708360][ T5294] 8021q: adding VLAN 0 to HW filter on device eth4 [ 734.024560][T16568] random: crng reseeded on system resumption [ 735.489594][T16601] snd_virmidi snd_virmidi.0: control 61678:99999999:4:yª:0 is already present [ 735.603843][T16601] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.2.2460: bg 3: bad block bitmap checksum [ 735.685543][T16601] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 74 [ 735.784005][T16601] EXT4-fs (sda1): This should not happen!! Data will be lost [ 735.784005][T16601] [ 736.494551][T16333] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 736.551921][T16333] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 736.618494][T16333] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 736.677027][T16333] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 736.769058][T16333] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 736.863864][T16333] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 736.908624][T16333] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 736.970475][T16333] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 737.023423][T16638] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2466'. [ 737.779191][T16333] 8021q: adding VLAN 0 to HW filter on device bond0 [ 737.879040][T16333] 8021q: adding VLAN 0 to HW filter on device team0 [ 737.942547][ T3306] bridge0: port 1(bridge_slave_0) entered blocking state [ 737.949707][ T3306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 738.046043][ T3306] bridge0: port 2(bridge_slave_1) entered blocking state [ 738.053231][ T3306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 738.369794][T16676] FAULT_INJECTION: forcing a failure. [ 738.369794][T16676] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 738.467288][T16676] CPU: 0 UID: 0 PID: 16676 Comm: syz.2.2470 Tainted: G L syzkaller #0 PREEMPT(full) [ 738.467314][T16676] Tainted: [L]=SOFTLOCKUP [ 738.467320][T16676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 738.467329][T16676] Call Trace: [ 738.467335][T16676] [ 738.467341][T16676] dump_stack_lvl+0x100/0x190 [ 738.467363][T16676] should_fail_ex.cold+0x5/0xa [ 738.467383][T16676] _copy_to_user+0x32/0xd0 [ 738.467406][T16676] msr_io+0x3c4/0x480 [ 738.467425][T16676] ? __pfx_do_get_msr+0x10/0x10 [ 738.467448][T16676] ? __pfx_msr_io+0x10/0x10 [ 738.467467][T16676] ? __pfx_widen_string+0x10/0x10 [ 738.467557][T16676] ? __kernel_text_address+0xd/0x30 [ 738.467576][T16676] kvm_arch_vcpu_ioctl+0x1950/0x5730 [ 738.467597][T16676] ? kvm_arch_vcpu_ioctl+0x1928/0x5730 [ 738.467622][T16676] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 738.467642][T16676] ? __pfx_stack_trace_save+0x10/0x10 [ 738.467663][T16676] ? stack_depot_save_flags+0x27/0x9d0 [ 738.467686][T16676] ? __lock_acquire+0x4a5/0x2630 [ 738.467711][T16676] ? tomoyo_path_number_perm+0x46d/0x580 [ 738.467734][T16676] ? __lock_acquire+0x4a5/0x2630 [ 738.467756][T16676] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 738.467779][T16676] ? lock_acquire+0x1b1/0x370 [ 738.467805][T16676] ? rcu_is_watching+0x12/0xc0 [ 738.467822][T16676] ? trace_contention_end+0x122/0x170 [ 738.467839][T16676] ? __mutex_lock+0x26d/0x1b10 [ 738.467861][T16676] ? kvm_vcpu_ioctl+0x322/0x1720 [ 738.467898][T16676] ? __pfx___mutex_lock+0x10/0x10 [ 738.467918][T16676] ? kasan_quarantine_put+0x104/0x240 [ 738.467937][T16676] ? tomoyo_path_number_perm+0x28f/0x580 [ 738.467959][T16676] ? tomoyo_path_number_perm+0x188/0x580 [ 738.467980][T16676] ? kvm_vcpu_ioctl+0x8a0/0x1720 [ 738.468002][T16676] kvm_vcpu_ioctl+0x8a0/0x1720 [ 738.468027][T16676] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 738.468053][T16676] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 738.468076][T16676] ? do_vfs_ioctl+0x226/0x13e0 [ 738.468091][T16676] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 738.468112][T16676] ? find_held_lock+0x2b/0x80 [ 738.468129][T16676] ? __fget_files+0x215/0x3d0 [ 738.468146][T16676] ? hook_file_ioctl_common+0x149/0x410 [ 738.468169][T16676] ? __fget_files+0x21f/0x3d0 [ 738.468189][T16676] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 738.468213][T16676] __x64_sys_ioctl+0x18e/0x210 [ 738.468229][T16676] do_syscall_64+0x115/0x840 [ 738.468249][T16676] ? clear_bhb_loop+0x40/0x90 [ 738.468268][T16676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 738.468283][T16676] RIP: 0033:0x7ff213d9ce59 [ 738.468297][T16676] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 738.468311][T16676] RSP: 002b:00007ff214d03028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 738.468326][T16676] RAX: ffffffffffffffda RBX: 00007ff214015fa0 RCX: 00007ff213d9ce59 [ 738.468336][T16676] RDX: 00002000000001c0 RSI: 00000000c008ae88 RDI: 0000000000000004 [ 738.468346][T16676] RBP: 00007ff214d03090 R08: 0000000000000000 R09: 0000000000000000 [ 738.468356][T16676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 738.468364][T16676] R13: 00007ff214016038 R14: 00007ff214015fa0 R15: 00007ffcd2d06928 [ 738.468384][T16676] [ 739.040595][ T3306] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 1718 with max blocks 1 with error 117 [ 739.054215][ T3306] EXT4-fs (sda1): This should not happen!! Data will be lost [ 739.054215][ T3306] [ 739.134520][T16693] FAULT_INJECTION: forcing a failure. [ 739.134520][T16693] name (null), interval 1, probability 0, space 0, times 1 [ 739.197257][T16693] CPU: 0 UID: 0 PID: 16693 Comm: syz.0.2471 Tainted: G L syzkaller #0 PREEMPT(full) [ 739.197286][T16693] Tainted: [L]=SOFTLOCKUP [ 739.197292][T16693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 739.197302][T16693] Call Trace: [ 739.197308][T16693] [ 739.197316][T16693] dump_stack_lvl+0x100/0x190 [ 739.197338][T16693] should_fail_ex.cold+0x5/0xa [ 739.197359][T16693] null_queue_rq+0x2ed/0xfb0 [ 739.197485][T16693] null_queue_rqs+0xe9/0x2f0 [ 739.197509][T16693] ? __pfx_null_queue_rqs+0x10/0x10 [ 739.197539][T16693] __blk_mq_flush_list+0x9a/0xc0 [ 739.197616][T16693] blk_mq_dispatch_queue_requests+0x184/0x7c0 [ 739.197646][T16693] blk_mq_flush_plug_list+0x1f2/0x600 [ 739.197666][T16693] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 739.197697][T16693] __blk_flush_plug+0x2c4/0x4b0 [ 739.197746][T16693] ? __pfx___blk_flush_plug+0x10/0x10 [ 739.197771][T16693] ? lock_acquire+0x1b1/0x370 [ 739.197797][T16693] blk_finish_plug+0x5c/0xa0 [ 739.197819][T16693] read_pages+0x5f7/0xdf0 [ 739.197843][T16693] ? lru_move_tail+0x1927/0x1930 [ 739.197860][T16693] ? __pfx_read_pages+0x10/0x10 [ 739.197890][T16693] page_cache_ra_order+0x76b/0xf10 [ 739.197921][T16693] filemap_fault+0x1900/0x2e90 [ 739.197940][T16693] ? __pfx_filemap_fault+0x10/0x10 [ 739.197964][T16693] ? __pfx_filemap_map_pages+0x10/0x10 [ 739.197986][T16693] __do_fault+0x10b/0x440 [ 739.198003][T16693] do_fault+0xeb2/0x1750 [ 739.198024][T16693] __handle_mm_fault+0x187d/0x2a00 [ 739.198050][T16693] ? mt_find+0x45e/0x8e0 [ 739.198073][T16693] ? __pfx___handle_mm_fault+0x10/0x10 [ 739.198094][T16693] ? __pfx_mt_find+0x10/0x10 [ 739.198130][T16693] handle_mm_fault+0x37b/0xa30 [ 739.198157][T16693] __get_user_pages+0x1178/0x32a0 [ 739.198183][T16693] ? __pfx___get_user_pages+0x10/0x10 [ 739.198207][T16693] populate_vma_page_range+0x267/0x3f0 [ 739.198228][T16693] ? __pfx_populate_vma_page_range+0x10/0x10 [ 739.198247][T16693] ? __pfx_find_vma_intersection+0x10/0x10 [ 739.198266][T16693] ? do_mmap+0x93f/0x12f0 [ 739.198286][T16693] __mm_populate+0x107/0x3a0 [ 739.198307][T16693] ? __pfx___mm_populate+0x10/0x10 [ 739.198327][T16693] ? up_write+0x28c/0x4f0 [ 739.198345][T16693] vm_mmap_pgoff+0x37f/0x470 [ 739.198366][T16693] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 739.198383][T16693] ? __fget_files+0x215/0x3d0 [ 739.198404][T16693] ? __fget_files+0x21f/0x3d0 [ 739.198424][T16693] ksys_mmap_pgoff+0x3cb/0x610 [ 739.198453][T16693] ? __x64_sys_futex+0x358/0x4d0 [ 739.198471][T16693] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 739.198490][T16693] ? xfd_validate_state+0x129/0x190 [ 739.198510][T16693] __x64_sys_mmap+0x125/0x190 [ 739.198528][T16693] do_syscall_64+0x115/0x840 [ 739.198549][T16693] ? clear_bhb_loop+0x40/0x90 [ 739.198569][T16693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.198584][T16693] RIP: 0033:0x7fd34bd9ce59 [ 739.198600][T16693] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 739.198616][T16693] RSP: 002b:00007fd349ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 739.198632][T16693] RAX: ffffffffffffffda RBX: 00007fd34c016180 RCX: 00007fd34bd9ce59 [ 739.198643][T16693] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000000000000 [ 739.198653][T16693] RBP: 00007fd34be32d6f R08: 000000000000000a R09: 0000000000008000 [ 739.198663][T16693] R10: 0008000000008012 R11: 0000000000000246 R12: 0000000000000000 [ 739.198672][T16693] R13: 00007fd34c016218 R14: 00007fd34c016180 R15: 00007ffcd6afe5b8 [ 739.198693][T16693] [ 739.969293][T16701] FAULT_INJECTION: forcing a failure. [ 739.969293][T16701] name failslab, interval 1, probability 0, space 0, times 0 [ 740.046412][T16701] CPU: 0 UID: 0 PID: 16701 Comm: syz.0.2474 Tainted: G L syzkaller #0 PREEMPT(full) [ 740.046440][T16701] Tainted: [L]=SOFTLOCKUP [ 740.046445][T16701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 740.046456][T16701] Call Trace: [ 740.046462][T16701] [ 740.046468][T16701] dump_stack_lvl+0x100/0x190 [ 740.046490][T16701] should_fail_ex.cold+0x5/0xa [ 740.046511][T16701] ? security_inode_init_security+0x113/0x370 [ 740.046537][T16701] should_failslab+0xc2/0x120 [ 740.046555][T16701] __kmalloc_noprof+0xe0/0x850 [ 740.046574][T16701] security_inode_init_security+0x113/0x370 [ 740.046599][T16701] ? __pfx_shmem_initxattrs+0x10/0x10 [ 740.046618][T16701] ? __pfx_security_inode_init_security+0x10/0x10 [ 740.046643][T16701] ? make_vfsgid+0xf1/0x140 [ 740.046660][T16701] shmem_mknod+0x2ce/0x480 [ 740.046682][T16701] ? __pfx_shmem_mknod+0x10/0x10 [ 740.046706][T16701] vfs_mknod+0x3a5/0x7f0 [ 740.046725][T16701] filename_mknodat+0x5aa/0x7f0 [ 740.046748][T16701] ? __pfx_filename_mknodat+0x10/0x10 [ 740.046767][T16701] ? strncpy_from_user+0x19d/0x2d0 [ 740.046792][T16701] ? do_getname+0x191/0x390 [ 740.046815][T16701] __x64_sys_mknod+0x8f/0xc0 [ 740.046835][T16701] do_syscall_64+0x115/0x840 [ 740.046855][T16701] ? clear_bhb_loop+0x40/0x90 [ 740.046874][T16701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.046889][T16701] RIP: 0033:0x7fd34bd9ce59 [ 740.046902][T16701] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 740.046917][T16701] RSP: 002b:00007fd34cb76028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 740.046933][T16701] RAX: ffffffffffffffda RBX: 00007fd34c016090 RCX: 00007fd34bd9ce59 [ 740.046944][T16701] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000040 [ 740.046953][T16701] RBP: 00007fd34be32d6f R08: 0000000000000000 R09: 0000000000000000 [ 740.046962][T16701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 740.046971][T16701] R13: 00007fd34c016128 R14: 00007fd34c016090 R15: 00007ffcd6afe5b8 [ 740.046991][T16701] [ 741.189360][T16728] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 741.595195][T16742] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 741.729492][T16333] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 741.838217][T16750] FAULT_INJECTION: forcing a failure. [ 741.838217][T16750] name failslab, interval 1, probability 0, space 0, times 0 [ 741.890416][T16752] futex_wake_op: syz.2.2482 tries to shift op by -2048; fix this program [ 741.919572][T16750] CPU: 0 UID: 0 PID: 16750 Comm: syz.0.2481 Tainted: G L syzkaller #0 PREEMPT(full) [ 741.919599][T16750] Tainted: [L]=SOFTLOCKUP [ 741.919604][T16750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 741.919613][T16750] Call Trace: [ 741.919619][T16750] [ 741.919625][T16750] dump_stack_lvl+0x100/0x190 [ 741.919646][T16750] should_fail_ex.cold+0x5/0xa [ 741.919665][T16750] should_failslab+0xc2/0x120 [ 741.919684][T16750] __kvmalloc_node_noprof+0xfa/0xa00 [ 741.919699][T16750] ? proc_sys_call_handler+0x2c7/0x5a0 [ 741.919725][T16750] proc_sys_call_handler+0x2c7/0x5a0 [ 741.919745][T16750] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 741.919765][T16750] ? splice_from_pipe_next+0x1ec/0x5a0 [ 741.919788][T16750] iter_file_splice_write+0x830/0x10a0 [ 741.919818][T16750] ? __pfx_iter_file_splice_write+0x10/0x10 [ 741.919841][T16750] ? __pfx_copy_splice_read+0x10/0x10 [ 741.919869][T16750] ? __pfx_iter_file_splice_write+0x10/0x10 [ 741.919890][T16750] direct_splice_actor+0x192/0x6c0 [ 741.919910][T16750] splice_direct_to_actor+0x345/0xa30 [ 741.919931][T16750] ? __pfx_direct_splice_actor+0x10/0x10 [ 741.919953][T16750] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 741.919977][T16750] do_splice_direct+0x174/0x240 [ 741.919997][T16750] ? __pfx_do_splice_direct+0x10/0x10 [ 741.920016][T16750] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 741.920038][T16750] ? rw_verify_area+0xce/0x6d0 [ 741.920054][T16750] do_sendfile+0xadc/0xe20 [ 741.920075][T16750] ? __pfx_do_sendfile+0x10/0x10 [ 741.920091][T16750] ? __fget_files+0x21f/0x3d0 [ 741.920114][T16750] __x64_sys_sendfile64+0x1d8/0x220 [ 741.920134][T16750] ? ksys_write+0x1ac/0x250 [ 741.920158][T16750] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 741.920181][T16750] ? rcu_is_watching+0x12/0xc0 [ 741.920201][T16750] do_syscall_64+0x115/0x840 [ 741.920223][T16750] ? clear_bhb_loop+0x40/0x90 [ 741.920241][T16750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.920257][T16750] RIP: 0033:0x7fd34bd9ce59 [ 741.920270][T16750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 741.920284][T16750] RSP: 002b:00007fd34cb97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 741.920299][T16750] RAX: ffffffffffffffda RBX: 00007fd34c015fa0 RCX: 00007fd34bd9ce59 [ 741.920309][T16750] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 741.920319][T16750] RBP: 00007fd34cb97090 R08: 0000000000000000 R09: 0000000000000000 [ 741.920328][T16750] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001 [ 741.920337][T16750] R13: 00007fd34c016038 R14: 00007fd34c015fa0 R15: 00007ffcd6afe5b8 [ 741.920357][T16750] [ 742.199776][T16333] veth0_vlan: entered promiscuous mode [ 742.209445][T16333] veth1_vlan: entered promiscuous mode [ 742.228134][T16333] veth0_macvtap: entered promiscuous mode [ 742.237897][T16333] veth1_macvtap: entered promiscuous mode [ 742.251781][T16333] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 742.261706][T16333] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 742.558040][ T80] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.568438][ T80] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.586204][ T80] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.703190][ T80] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 742.961850][T16768] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2484'. [ 743.108862][ T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 743.178669][ T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 743.432872][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 743.459668][T14936] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 743.478233][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 743.764084][T16791] futex_wake_op: syz.1.2486 tries to shift op by -2048; fix this program [ 743.884401][T16791] futex_wake_op: syz.1.2486 tries to shift op by -2048; fix this program [ 744.111578][T16800] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2488'. [ 744.840387][ T3306] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 1723 with max blocks 1 with error 117 [ 744.854158][T16826] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.2.2491: Error -117 reading block bitmap for 3 [ 744.953117][ T3306] EXT4-fs (sda1): This should not happen!! Data will be lost [ 744.953117][ T3306] [ 745.232341][T16827] random: crng reseeded on system resumption [ 745.249026][ T3306] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:9: bg 4: bad block bitmap checksum [ 745.333123][ T3306] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 1726 with max blocks 1 with error 74 [ 745.432205][ T3306] EXT4-fs (sda1): This should not happen!! Data will be lost [ 745.432205][ T3306] [ 745.528726][T16835] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 1728 with max blocks 1 with error 117 [ 745.779830][T16835] EXT4-fs (sda1): This should not happen!! Data will be lost [ 745.779830][T16835] [ 746.645564][T16871] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117 [ 746.754219][T16871] EXT4-fs (sda1): This should not happen!! Data will be lost [ 746.754219][T16871] [ 747.668755][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.668797][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.743908][T16903] zswap: compressor not available [ 747.985814][ T29] audit: type=1800 audit(4294967343.376:57): pid=16894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2501" name="file0" dev="tmpfs" ino=34 res=0 errno=0 [ 748.736596][T16931] FAULT_INJECTION: forcing a failure. [ 748.736596][T16931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 748.795706][T16931] CPU: 0 UID: 0 PID: 16931 Comm: syz.3.2510 Tainted: G L syzkaller #0 PREEMPT(full) [ 748.795734][T16931] Tainted: [L]=SOFTLOCKUP [ 748.795740][T16931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 748.795750][T16931] Call Trace: [ 748.795757][T16931] [ 748.795763][T16931] dump_stack_lvl+0x100/0x190 [ 748.795785][T16931] should_fail_ex.cold+0x5/0xa [ 748.795809][T16931] core_sys_select+0x9b9/0xbb0 [ 748.795831][T16931] ? __pfx_core_sys_select+0x10/0x10 [ 748.795869][T16931] ? ktime_get_ts64+0x306/0x420 [ 748.795893][T16931] ? ktime_get_ts64+0x318/0x420 [ 748.795913][T16931] ? ktime_get_ts64+0x257/0x420 [ 748.795937][T16931] kern_select+0x1d0/0x280 [ 748.795955][T16931] ? __pfx_kern_select+0x10/0x10 [ 748.795973][T16931] ? xfd_validate_state+0x129/0x190 [ 748.795992][T16931] __x64_sys_select+0xbd/0x160 [ 748.796009][T16931] ? do_syscall_64+0x90/0x840 [ 748.796029][T16931] ? lockdep_hardirqs_on+0x78/0x100 [ 748.796049][T16931] do_syscall_64+0x115/0x840 [ 748.796068][T16931] ? clear_bhb_loop+0x40/0x90 [ 748.796087][T16931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.796103][T16931] RIP: 0033:0x7f2718d9ce59 [ 748.796116][T16931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 748.796131][T16931] RSP: 002b:00007f2719bb5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 748.796146][T16931] RAX: ffffffffffffffda RBX: 00007f2719015fa0 RCX: 00007f2718d9ce59 [ 748.796156][T16931] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 748.796166][T16931] RBP: 00007f2718e32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 748.796175][T16931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.796185][T16931] R13: 00007f2719016038 R14: 00007f2719015fa0 R15: 00007fffc71bff78 [ 748.796205][T16931] [ 749.394288][T16941] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117 [ 749.428247][T16941] EXT4-fs (sda1): This should not happen!! Data will be lost [ 749.428247][T16941] [ 749.683036][T16951] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2512'. [ 749.946554][T16951] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 749.957005][T16951] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 749.985532][T16951] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 750.007100][T16951] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 750.712840][T16974] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2521'. [ 751.715498][T16990] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2524'. [ 751.795571][T16990] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 751.821386][T16990] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 751.864785][T16990] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 751.885504][T16990] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 752.244854][ T29] audit: type=1800 audit(4294967347.634:58): pid=16999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2522" name="file0" dev="tmpfs" ino=458 res=0 errno=0 [ 752.796832][T17005] FAULT_INJECTION: forcing a failure. [ 752.796832][T17005] name failslab, interval 1, probability 0, space 0, times 0 [ 752.936319][T17005] CPU: 0 UID: 0 PID: 17005 Comm: syz.1.2528 Tainted: G L syzkaller #0 PREEMPT(full) [ 752.936348][T17005] Tainted: [L]=SOFTLOCKUP [ 752.936354][T17005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 752.936364][T17005] Call Trace: [ 752.936370][T17005] [ 752.936377][T17005] dump_stack_lvl+0x100/0x190 [ 752.936398][T17005] should_fail_ex.cold+0x5/0xa [ 752.936418][T17005] should_failslab+0xc2/0x120 [ 752.936437][T17005] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 752.936460][T17005] ? alloc_empty_file+0x5b/0x1c0 [ 752.936483][T17005] ? __pfx_stack_trace_save+0x10/0x10 [ 752.936505][T17005] alloc_empty_file+0x5b/0x1c0 [ 752.936527][T17005] path_openat+0xe8/0x31a0 [ 752.936545][T17005] ? kasan_save_stack+0x3f/0x50 [ 752.936560][T17005] ? kasan_save_stack+0x30/0x50 [ 752.936573][T17005] ? kasan_save_track+0x14/0x30 [ 752.936587][T17005] ? __kasan_slab_alloc+0x89/0x90 [ 752.936602][T17005] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 752.936625][T17005] ? do_getname+0x35/0x390 [ 752.936644][T17005] ? do_sys_openat2+0xc5/0x1e0 [ 752.936666][T17005] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.936684][T17005] ? __pfx_path_openat+0x10/0x10 [ 752.936710][T17005] do_file_open+0x20e/0x430 [ 752.936730][T17005] ? __pfx_do_file_open+0x10/0x10 [ 752.936761][T17005] ? alloc_fd+0x476/0x790 [ 752.936781][T17005] ? do_getname+0x191/0x390 [ 752.936803][T17005] do_sys_openat2+0x10d/0x1e0 [ 752.936826][T17005] ? __pfx_do_sys_openat2+0x10/0x10 [ 752.936855][T17005] __x64_sys_openat+0x12d/0x210 [ 752.936877][T17005] ? __pfx___x64_sys_openat+0x10/0x10 [ 752.936899][T17005] ? ksys_write+0x1ac/0x250 [ 752.936918][T17005] ? rcu_is_watching+0x12/0xc0 [ 752.936937][T17005] do_syscall_64+0x115/0x840 [ 752.936957][T17005] ? clear_bhb_loop+0x40/0x90 [ 752.936975][T17005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.936999][T17005] RIP: 0033:0x7fe192d9ce59 [ 752.937013][T17005] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 752.937028][T17005] RSP: 002b:00007fe193cdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 752.937046][T17005] RAX: ffffffffffffffda RBX: 00007fe193015fa0 RCX: 00007fe192d9ce59 [ 752.937057][T17005] RDX: 0000000000000002 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 752.937067][T17005] RBP: 00007fe192e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 752.937076][T17005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.937086][T17005] R13: 00007fe193016038 R14: 00007fe193015fa0 R15: 00007ffc78870678 [ 752.937106][T17005] [ 753.267585][T17005] Process accounting resumed [ 754.241161][T17026] sd 0:0:1:0: PR command failed: 1026 [ 754.321035][T17026] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 754.442617][T17026] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 754.488058][T17033] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 754.538854][T17034] FAULT_INJECTION: forcing a failure. [ 754.538854][T17034] name failslab, interval 1, probability 0, space 0, times 0 [ 754.592871][T17037] FAULT_INJECTION: forcing a failure. [ 754.592871][T17037] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 754.684024][T17037] CPU: 0 UID: 0 PID: 17037 Comm: syz.2.2536 Tainted: G L syzkaller #0 PREEMPT(full) [ 754.684050][T17037] Tainted: [L]=SOFTLOCKUP [ 754.684056][T17037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 754.684065][T17037] Call Trace: [ 754.684071][T17037] [ 754.684076][T17037] dump_stack_lvl+0x100/0x190 [ 754.684099][T17037] should_fail_ex.cold+0x5/0xa [ 754.684118][T17037] _copy_from_user+0x2e/0xd0 [ 754.684140][T17037] memdup_user+0x6b/0xe0 [ 754.684158][T17037] vt_do_diacrit+0xef/0xa90 [ 754.684183][T17037] vt_ioctl+0xbab/0x31a0 [ 754.684199][T17037] ? __pfx_vt_ioctl+0x10/0x10 [ 754.684212][T17037] ? find_held_lock+0x2b/0x80 [ 754.684230][T17037] ? tomoyo_path_number_perm+0x28f/0x580 [ 754.684250][T17037] ? tomoyo_path_number_perm+0x28f/0x580 [ 754.684271][T17037] ? tomoyo_path_number_perm+0x188/0x580 [ 754.684291][T17037] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 754.684312][T17037] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 754.684335][T17037] ? __pfx_vt_ioctl+0x10/0x10 [ 754.684349][T17037] tty_ioctl+0x26a/0x1640 [ 754.684369][T17037] ? __pfx_tty_ioctl+0x10/0x10 [ 754.684393][T17037] ? find_held_lock+0x2b/0x80 [ 754.684410][T17037] ? __fget_files+0x215/0x3d0 [ 754.684427][T17037] ? hook_file_ioctl_common+0x149/0x410 [ 754.684450][T17037] ? __fget_files+0x21f/0x3d0 [ 754.684470][T17037] ? __pfx_tty_ioctl+0x10/0x10 [ 754.684489][T17037] __x64_sys_ioctl+0x18e/0x210 [ 754.684506][T17037] do_syscall_64+0x115/0x840 [ 754.684527][T17037] ? clear_bhb_loop+0x40/0x90 [ 754.684546][T17037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.684562][T17037] RIP: 0033:0x7ff213d9ce59 [ 754.684575][T17037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 754.684589][T17037] RSP: 002b:00007ff214d03028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 754.684604][T17037] RAX: ffffffffffffffda RBX: 00007ff214015fa0 RCX: 00007ff213d9ce59 [ 754.684614][T17037] RDX: 0000000000000000 RSI: 0000000000004b4b RDI: 0000000000000003 [ 754.684623][T17037] RBP: 00007ff214d03090 R08: 0000000000000000 R09: 0000000000000000 [ 754.684632][T17037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 754.684641][T17037] R13: 00007ff214016038 R14: 00007ff214015fa0 R15: 00007ffcd2d06928 [ 754.684660][T17037] [ 754.714367][T17034] CPU: 0 UID: 0 PID: 17034 Comm: syz.0.2534 Tainted: G L syzkaller #0 PREEMPT(full) [ 754.714395][T17034] Tainted: [L]=SOFTLOCKUP [ 754.714401][T17034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 754.714411][T17034] Call Trace: [ 754.714417][T17034] [ 754.714423][T17034] dump_stack_lvl+0x100/0x190 [ 754.714445][T17034] should_fail_ex.cold+0x5/0xa [ 754.714465][T17034] should_failslab+0xc2/0x120 [ 754.714485][T17034] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 754.714508][T17034] ? do_getname+0x35/0x390 [ 754.714534][T17034] do_getname+0x35/0x390 [ 754.714557][T17034] do_sys_openat2+0xc5/0x1e0 [ 754.714580][T17034] ? __pfx_do_sys_openat2+0x10/0x10 [ 754.714608][T17034] __x64_sys_open+0xfe/0x1d0 [ 754.714631][T17034] ? __pfx___x64_sys_open+0x10/0x10 [ 754.714656][T17034] ? rcu_is_watching+0x12/0xc0 [ 754.714676][T17034] do_syscall_64+0x115/0x840 [ 754.714697][T17034] ? clear_bhb_loop+0x40/0x90 [ 754.714715][T17034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.714731][T17034] RIP: 0033:0x7fd34bd9ce59 [ 754.714744][T17034] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 754.714759][T17034] RSP: 002b:00007fd34cb76028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 754.714773][T17034] RAX: ffffffffffffffda RBX: 00007fd34c016090 RCX: 00007fd34bd9ce59 [ 754.714784][T17034] RDX: 0000000000000100 RSI: 0000000000161342 RDI: 0000200000000000 [ 754.714793][T17034] RBP: 00007fd34be32d6f R08: 0000000000000000 R09: 0000000000000000 [ 754.714802][T17034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.714811][T17034] R13: 00007fd34c016128 R14: 00007fd34c016090 R15: 00007ffcd6afe5b8 [ 754.714830][T17034] [ 754.833832][T17040] Invalid ELF header magic: != ELF [ 755.406719][T17050] FAULT_INJECTION: forcing a failure. [ 755.406719][T17050] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 755.406751][T17050] CPU: 0 UID: 0 PID: 17050 Comm: syz.1.2540 Tainted: G L syzkaller #0 PREEMPT(full) [ 755.406775][T17050] Tainted: [L]=SOFTLOCKUP [ 755.406781][T17050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 755.406790][T17050] Call Trace: [ 755.406797][T17050] [ 755.406803][T17050] dump_stack_lvl+0x100/0x190 [ 755.406825][T17050] should_fail_ex.cold+0x5/0xa [ 755.406846][T17050] core_sys_select+0x9b9/0xbb0 [ 755.406877][T17050] ? __pfx_core_sys_select+0x10/0x10 [ 755.406914][T17050] ? ktime_get_ts64+0x306/0x420 [ 755.406939][T17050] ? ktime_get_ts64+0x318/0x420 [ 755.406959][T17050] ? ktime_get_ts64+0x257/0x420 [ 755.406983][T17050] kern_select+0x1d0/0x280 [ 755.407001][T17050] ? __pfx_kern_select+0x10/0x10 [ 755.407019][T17050] ? xfd_validate_state+0x129/0x190 [ 755.407039][T17050] __x64_sys_select+0xbd/0x160 [ 755.407055][T17050] ? do_syscall_64+0x90/0x840 [ 755.407076][T17050] ? lockdep_hardirqs_on+0x78/0x100 [ 755.407096][T17050] do_syscall_64+0x115/0x840 [ 755.407116][T17050] ? clear_bhb_loop+0x40/0x90 [ 755.407133][T17050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.407149][T17050] RIP: 0033:0x7fe192d9ce59 [ 755.407163][T17050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 755.407177][T17050] RSP: 002b:00007fe193cdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 755.407193][T17050] RAX: ffffffffffffffda RBX: 00007fe193015fa0 RCX: 00007fe192d9ce59 [ 755.407203][T17050] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 755.407212][T17050] RBP: 00007fe192e32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 755.407221][T17050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.407230][T17050] R13: 00007fe193016038 R14: 00007fe193015fa0 R15: 00007ffc78870678 [ 755.407249][T17050] [ 755.524235][T17057] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2542'. [ 755.620061][T17058] FAULT_INJECTION: forcing a failure. [ 755.620061][T17058] name failslab, interval 1, probability 0, space 0, times 0 [ 755.620091][T17058] CPU: 0 UID: 0 PID: 17058 Comm: syz.0.2542 Tainted: G L syzkaller #0 PREEMPT(full) [ 755.620113][T17058] Tainted: [L]=SOFTLOCKUP [ 755.620118][T17058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 755.620128][T17058] Call Trace: [ 755.620133][T17058] [ 755.620140][T17058] dump_stack_lvl+0x100/0x190 [ 755.620161][T17058] should_fail_ex.cold+0x5/0xa [ 755.620181][T17058] should_failslab+0xc2/0x120 [ 755.620200][T17058] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 755.620223][T17058] ? alloc_empty_file+0x5b/0x1c0 [ 755.620245][T17058] ? __pfx_stack_trace_save+0x10/0x10 [ 755.620267][T17058] alloc_empty_file+0x5b/0x1c0 [ 755.620289][T17058] path_openat+0xe8/0x31a0 [ 755.620306][T17058] ? kasan_save_stack+0x3f/0x50 [ 755.620321][T17058] ? kasan_save_stack+0x30/0x50 [ 755.620335][T17058] ? kasan_save_track+0x14/0x30 [ 755.620349][T17058] ? __kasan_slab_alloc+0x89/0x90 [ 755.620364][T17058] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 755.620386][T17058] ? do_getname+0x35/0x390 [ 755.620405][T17058] ? do_sys_openat2+0xc5/0x1e0 [ 755.620426][T17058] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.620444][T17058] ? __pfx_path_openat+0x10/0x10 [ 755.620470][T17058] do_file_open+0x20e/0x430 [ 755.620489][T17058] ? __pfx_do_file_open+0x10/0x10 [ 755.620521][T17058] ? alloc_fd+0x476/0x790 [ 755.620540][T17058] ? do_getname+0x191/0x390 [ 755.620563][T17058] do_sys_openat2+0x10d/0x1e0 [ 755.620585][T17058] ? __pfx_do_sys_openat2+0x10/0x10 [ 755.620618][T17058] __x64_sys_openat+0x12d/0x210 [ 755.620640][T17058] ? __pfx___x64_sys_openat+0x10/0x10 [ 755.620663][T17058] ? ksys_write+0x1ac/0x250 [ 755.620683][T17058] ? rcu_is_watching+0x12/0xc0 [ 755.620703][T17058] do_syscall_64+0x115/0x840 [ 755.620723][T17058] ? clear_bhb_loop+0x40/0x90 [ 755.620741][T17058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.620757][T17058] RIP: 0033:0x7fd34bd9ce59 [ 755.620771][T17058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 755.620785][T17058] RSP: 002b:00007fd34cb76028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 755.620800][T17058] RAX: ffffffffffffffda RBX: 00007fd34c016090 RCX: 00007fd34bd9ce59 [ 755.620811][T17058] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 755.620820][T17058] RBP: 00007fd34be32d6f R08: 0000000000000000 R09: 0000000000000000 [ 755.620830][T17058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.620848][T17058] R13: 00007fd34c016128 R14: 00007fd34c016090 R15: 00007ffcd6afe5b8 [ 755.620868][T17058] [ 756.078780][T17066] input: f¬ as /devices/virtual/input/input89 [ 756.340806][T17069] sd 0:0:1:0: PR command failed: 1026 [ 756.340841][T17069] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 756.340868][T17069] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 756.546260][T17074] FAULT_INJECTION: forcing a failure. [ 756.546260][T17074] name fail_futex, interval 1, probability 0, space 0, times 0 [ 756.546349][T17074] CPU: 0 UID: 0 PID: 17074 Comm: syz.0.2548 Tainted: G L syzkaller #0 PREEMPT(full) [ 756.546373][T17074] Tainted: [L]=SOFTLOCKUP [ 756.546378][T17074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 756.546388][T17074] Call Trace: [ 756.546394][T17074] [ 756.546400][T17074] dump_stack_lvl+0x100/0x190 [ 756.546422][T17074] should_fail_ex.cold+0x5/0xa [ 756.546443][T17074] get_futex_key+0x1d2/0x1510 [ 756.546470][T17074] ? __pfx_get_futex_key+0x10/0x10 [ 756.546494][T17074] ? find_held_lock+0x2b/0x80 [ 756.546513][T17074] ? is_bpf_text_address+0x8a/0x1a0 [ 756.546533][T17074] ? is_bpf_text_address+0x8a/0x1a0 [ 756.546555][T17074] futex_wait_setup+0x83/0x510 [ 756.546579][T17074] __futex_wait+0x19f/0x300 [ 756.546599][T17074] ? __pfx___futex_wait+0x10/0x10 [ 756.546620][T17074] ? __pfx_futex_wake_mark+0x10/0x10 [ 756.546641][T17074] ? futex_hash+0x2ad/0x370 [ 756.546664][T17074] ? futex_hash+0x141/0x370 [ 756.546691][T17074] futex_wait+0xe6/0x370 [ 756.546710][T17074] ? __pfx_futex_wait+0x10/0x10 [ 756.546738][T17074] do_futex+0x1ef/0x350 [ 756.546754][T17074] ? __pfx_do_futex+0x10/0x10 [ 756.546775][T17074] __x64_sys_futex+0x34f/0x4d0 [ 756.546793][T17074] ? __pfx___x64_sys_futex+0x10/0x10 [ 756.546812][T17074] ? rcu_is_watching+0x12/0xc0 [ 756.546832][T17074] do_syscall_64+0x115/0x840 [ 756.546852][T17074] ? clear_bhb_loop+0x40/0x90 [ 756.546870][T17074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.546894][T17074] RIP: 0033:0x7fd34bd9ce59 [ 756.546908][T17074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 756.546924][T17074] RSP: 002b:00007fd34cb760e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 756.546939][T17074] RAX: ffffffffffffffda RBX: 00007fd34c016098 RCX: 00007fd34bd9ce59 [ 756.546949][T17074] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd34c016098 [ 756.546959][T17074] RBP: 00007fd34c016090 R08: 0000000000000000 R09: 0000000000000000 [ 756.546968][T17074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 756.546978][T17074] R13: 00007fd34c016128 R14: 00007ffcd6afe4d0 R15: 00007ffcd6afe5b8 [ 756.546998][T17074] [ 757.326629][T17086] input: f¬ as /devices/virtual/input/input90 [ 758.800369][T17104] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2555'. [ 758.831949][T17106] input: f¬ as /devices/virtual/input/input91 [ 758.919915][T17113] FAULT_INJECTION: forcing a failure. [ 758.919915][T17113] name fail_futex, interval 1, probability 0, space 0, times 0 [ 759.038930][T17113] CPU: 0 UID: 0 PID: 17113 Comm: syz.2.2558 Tainted: G L syzkaller #0 PREEMPT(full) [ 759.038959][T17113] Tainted: [L]=SOFTLOCKUP [ 759.038965][T17113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 759.038975][T17113] Call Trace: [ 759.038981][T17113] [ 759.038988][T17113] dump_stack_lvl+0x100/0x190 [ 759.039010][T17113] should_fail_ex.cold+0x5/0xa [ 759.039030][T17113] get_futex_key+0x1d2/0x1510 [ 759.039057][T17113] ? __pfx_get_futex_key+0x10/0x10 [ 759.039081][T17113] ? find_held_lock+0x2b/0x80 [ 759.039099][T17113] ? is_bpf_text_address+0x8a/0x1a0 [ 759.039120][T17113] ? is_bpf_text_address+0x8a/0x1a0 [ 759.039142][T17113] futex_wait_setup+0x83/0x510 [ 759.039169][T17113] __futex_wait+0x19f/0x300 [ 759.039189][T17113] ? __pfx___futex_wait+0x10/0x10 [ 759.039212][T17113] ? __pfx_futex_wake_mark+0x10/0x10 [ 759.039233][T17113] ? futex_hash+0x2ad/0x370 [ 759.039257][T17113] ? futex_hash+0x141/0x370 [ 759.039283][T17113] futex_wait+0xe6/0x370 [ 759.039302][T17113] ? __pfx_futex_wait+0x10/0x10 [ 759.039332][T17113] do_futex+0x1ef/0x350 [ 759.039348][T17113] ? __pfx_do_futex+0x10/0x10 [ 759.039368][T17113] __x64_sys_futex+0x34f/0x4d0 [ 759.039386][T17113] ? __pfx___x64_sys_futex+0x10/0x10 [ 759.039405][T17113] ? rcu_is_watching+0x12/0xc0 [ 759.039424][T17113] do_syscall_64+0x115/0x840 [ 759.039445][T17113] ? clear_bhb_loop+0x40/0x90 [ 759.039465][T17113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 759.039481][T17113] RIP: 0033:0x7ff213d9ce59 [ 759.039494][T17113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 759.039517][T17113] RSP: 002b:00007ff214ce20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 759.039533][T17113] RAX: ffffffffffffffda RBX: 00007ff214016098 RCX: 00007ff213d9ce59 [ 759.039544][T17113] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff214016098 [ 759.039554][T17113] RBP: 00007ff214016090 R08: 0000000000000000 R09: 0000000000000000 [ 759.039564][T17113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 759.039574][T17113] R13: 00007ff214016128 R14: 00007ffcd2d06840 R15: 00007ffcd2d06928 [ 759.039594][T17113] [ 759.319494][T16949] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 1732 with max blocks 1 with error 117 [ 759.332208][T16949] EXT4-fs (sda1): This should not happen!! Data will be lost [ 759.332208][T16949] [ 759.508451][T14936] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 759.601726][T17129] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2561'. [ 759.988402][T17137] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2562'. [ 760.052731][T17137] bond0: (slave bond_slave_1): Releasing backup interface [ 760.070368][T17119] sd 0:0:1:0: PR command failed: 1026 [ 760.105297][T17119] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 760.178504][T17119] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 760.715296][T17153] FAULT_INJECTION: forcing a failure. [ 760.715296][T17153] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 760.774775][T17153] CPU: 0 UID: 0 PID: 17153 Comm: syz.2.2565 Tainted: G L syzkaller #0 PREEMPT(full) [ 760.774802][T17153] Tainted: [L]=SOFTLOCKUP [ 760.774808][T17153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 760.774817][T17153] Call Trace: [ 760.774823][T17153] [ 760.774830][T17153] dump_stack_lvl+0x100/0x190 [ 760.774851][T17153] should_fail_ex.cold+0x5/0xa [ 760.774871][T17153] _copy_to_user+0x32/0xd0 [ 760.774902][T17153] simple_read_from_buffer+0xcb/0x170 [ 760.774922][T17153] proc_fail_nth_read+0x1af/0x230 [ 760.774946][T17153] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 760.774971][T17153] ? rw_verify_area+0xce/0x6d0 [ 760.774986][T17153] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 760.775009][T17153] vfs_read+0x1e4/0xb30 [ 760.775028][T17153] ? __pfx_vfs_read+0x10/0x10 [ 760.775066][T17153] ? __fget_files+0x215/0x3d0 [ 760.775089][T17153] ? __fget_files+0x21f/0x3d0 [ 760.775112][T17153] ksys_read+0x12a/0x250 [ 760.775141][T17153] ? __pfx_ksys_read+0x10/0x10 [ 760.775161][T17153] ? rcu_is_watching+0x12/0xc0 [ 760.775182][T17153] do_syscall_64+0x115/0x840 [ 760.775204][T17153] ? clear_bhb_loop+0x40/0x90 [ 760.775222][T17153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 760.775237][T17153] RIP: 0033:0x7ff213d5d68e [ 760.775251][T17153] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 760.775265][T17153] RSP: 002b:00007ff214d02fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 760.775280][T17153] RAX: ffffffffffffffda RBX: 00007ff214d036c0 RCX: 00007ff213d5d68e [ 760.775290][T17153] RDX: 000000000000000f RSI: 00007ff214d030a0 RDI: 0000000000000004 [ 760.775300][T17153] RBP: 00007ff214d03090 R08: 0000000000000000 R09: 0000000000000000 [ 760.775309][T17153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 760.775318][T17153] R13: 00007ff214016038 R14: 00007ff214015fa0 R15: 00007ffcd2d06928 [ 760.775337][T17153] [ 761.021562][T17156] vivid-007: ================= START STATUS ================= [ 761.029389][T17156] vivid-007: Generate PTS: true [ 761.034551][T17156] vivid-007: Generate SCR: true [ 761.039482][T17156] tpg source WxH: 320x240 (Y'CbCr) [ 761.044636][T17156] tpg field: 1 [ 761.047989][T17156] tpg crop: (0,0)/320x240 [ 761.052296][T17156] tpg compose: (0,0)/320x240 [ 761.056915][T17156] tpg colorspace: 8 [ 761.060731][T17156] tpg transfer function: 0/0 [ 761.065396][T17156] tpg Y'CbCr encoding: 0/0 [ 761.069794][T17156] tpg quantization: 0/0 [ 761.074765][T17156] tpg RGB range: 0/2 [ 761.078659][T17156] vivid-007: ================== END STATUS ================== [ 761.466700][T17175] input: f¬ as /devices/virtual/input/input92 [ 761.598573][T14936] Bluetooth: hci1: command 0x2016 tx timeout [ 761.671601][T17180] FAULT_INJECTION: forcing a failure. [ 761.671601][T17180] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 761.748628][T17180] CPU: 0 UID: 0 PID: 17180 Comm: syz.2.2571 Tainted: G L syzkaller #0 PREEMPT(full) [ 761.748656][T17180] Tainted: [L]=SOFTLOCKUP [ 761.748662][T17180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 761.748672][T17180] Call Trace: [ 761.748678][T17180] [ 761.748684][T17180] dump_stack_lvl+0x100/0x190 [ 761.748709][T17180] should_fail_ex.cold+0x5/0xa [ 761.748731][T17180] core_sys_select+0x9b9/0xbb0 [ 761.748755][T17180] ? __pfx_core_sys_select+0x10/0x10 [ 761.748791][T17180] ? ktime_get_ts64+0x306/0x420 [ 761.748815][T17180] ? ktime_get_ts64+0x318/0x420 [ 761.748835][T17180] ? ktime_get_ts64+0x257/0x420 [ 761.748858][T17180] kern_select+0x1d0/0x280 [ 761.748877][T17180] ? __pfx_kern_select+0x10/0x10 [ 761.748895][T17180] ? xfd_validate_state+0x129/0x190 [ 761.748915][T17180] __x64_sys_select+0xbd/0x160 [ 761.748931][T17180] ? do_syscall_64+0x90/0x840 [ 761.748952][T17180] ? lockdep_hardirqs_on+0x78/0x100 [ 761.748972][T17180] do_syscall_64+0x115/0x840 [ 761.748992][T17180] ? clear_bhb_loop+0x40/0x90 [ 761.749010][T17180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.749025][T17180] RIP: 0033:0x7ff213d9ce59 [ 761.749039][T17180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 761.749053][T17180] RSP: 002b:00007ff214d03028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 761.749068][T17180] RAX: ffffffffffffffda RBX: 00007ff214015fa0 RCX: 00007ff213d9ce59 [ 761.749079][T17180] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 761.749089][T17180] RBP: 00007ff213e32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 761.749099][T17180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 761.749107][T17180] R13: 00007ff214016038 R14: 00007ff214015fa0 R15: 00007ffcd2d06928 [ 761.749127][T17180] [ 762.886024][ T29] audit: type=1800 audit(4294967358.279:59): pid=17207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2577" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 763.072401][T17210] Process accounting paused [ 763.245915][T17213] input: f¬ as /devices/virtual/input/input93 [ 763.681232][ T5639] Bluetooth: hci1: command 0x2016 tx timeout [ 764.060342][T17229] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 764.290433][T14936] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 766.233587][T17265] FAULT_INJECTION: forcing a failure. [ 766.233587][T17265] name failslab, interval 1, probability 0, space 0, times 0 [ 766.318947][ T5639] Bluetooth: hci3: command 0x2016 tx timeout [ 766.379486][T17265] CPU: 0 UID: 0 PID: 17265 Comm: syz.0.2593 Tainted: G L syzkaller #0 PREEMPT(full) [ 766.379514][T17265] Tainted: [L]=SOFTLOCKUP [ 766.379519][T17265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 766.379530][T17265] Call Trace: [ 766.379536][T17265] [ 766.379542][T17265] dump_stack_lvl+0x100/0x190 [ 766.379565][T17265] should_fail_ex.cold+0x5/0xa [ 766.379586][T17265] should_failslab+0xc2/0x120 [ 766.379606][T17265] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 766.379630][T17265] ? vm_area_alloc+0x1f/0x160 [ 766.379654][T17265] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 766.379678][T17265] vm_area_alloc+0x1f/0x160 [ 766.379699][T17265] __mmap_region+0x104d/0x2dd0 [ 766.379726][T17265] ? __pfx___mmap_region+0x10/0x10 [ 766.379760][T17265] ? rcu_is_watching+0x12/0xc0 [ 766.379780][T17265] ? trace_pelt_se_tp+0x13b/0x190 [ 766.379810][T17265] ? find_held_lock+0x2b/0x80 [ 766.379829][T17265] ? debug_object_activate+0x331/0x490 [ 766.379851][T17265] ? debug_object_activate+0x331/0x490 [ 766.379871][T17265] ? do_raw_spin_unlock+0x145/0x1e0 [ 766.379889][T17265] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 766.379918][T17265] ? find_held_lock+0x2b/0x80 [ 766.379946][T17265] ? rcu_is_watching+0x12/0xc0 [ 766.379962][T17265] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 766.379981][T17265] ? lockdep_hardirqs_on+0x78/0x100 [ 766.380031][T17265] mmap_region+0x35d/0x620 [ 766.380046][T17265] ? rcu_is_watching+0x12/0xc0 [ 766.380063][T17265] ? __pfx_mmap_region+0x10/0x10 [ 766.380079][T17265] ? cap_mmap_addr+0x4b/0x120 [ 766.380095][T17265] ? bpf_lsm_mmap_addr+0x9/0x30 [ 766.380109][T17265] ? security_mmap_addr+0x71/0x1e0 [ 766.380130][T17265] ? __get_unmapped_area+0x255/0x3e0 [ 766.380151][T17265] do_mmap+0xc63/0x12f0 [ 766.380172][T17265] ? __pfx_do_mmap+0x10/0x10 [ 766.380190][T17265] ? __pfx_down_write_killable+0x10/0x10 [ 766.380217][T17265] vm_mmap_pgoff+0x29e/0x470 [ 766.380240][T17265] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 766.380260][T17265] ? do_futex+0x192/0x350 [ 766.380276][T17265] ? __pfx_do_futex+0x10/0x10 [ 766.380294][T17265] ksys_mmap_pgoff+0xe4/0x610 [ 766.380313][T17265] ? __x64_sys_futex+0x358/0x4d0 [ 766.380329][T17265] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 766.380347][T17265] ? xfd_validate_state+0x129/0x190 [ 766.380366][T17265] __x64_sys_mmap+0x125/0x190 [ 766.380384][T17265] do_syscall_64+0x115/0x840 [ 766.380404][T17265] ? clear_bhb_loop+0x40/0x90 [ 766.380423][T17265] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.380439][T17265] RIP: 0033:0x7fd34bd9ce59 [ 766.380453][T17265] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 766.380469][T17265] RSP: 002b:00007fd34cb97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 766.380485][T17265] RAX: ffffffffffffffda RBX: 00007fd34c015fa0 RCX: 00007fd34bd9ce59 [ 766.380496][T17265] RDX: 00004000000000df RSI: 0000000000000101 RDI: 0000000000000000 [ 766.380506][T17265] RBP: 00007fd34be32d6f R08: 0000000200000401 R09: 0000000000008000 [ 766.380516][T17265] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 766.380525][T17265] R13: 00007fd34c016038 R14: 00007fd34c015fa0 R15: 00007ffcd6afe5b8 [ 766.380546][T17265] [ 767.259569][T17273] input: f¬ as /devices/virtual/input/input94 [ 767.621944][T17286] sd 0:0:1:0: PR command failed: 1026 [ 767.635435][T17286] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 767.652714][T17286] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 768.402632][T14936] Bluetooth: hci3: command 0x2016 tx timeout [ 768.696052][T17303] FAULT_INJECTION: forcing a failure. [ 768.696052][T17303] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 768.755385][T17303] CPU: 0 UID: 0 PID: 17303 Comm: syz.2.2603 Tainted: G L syzkaller #0 PREEMPT(full) [ 768.755411][T17303] Tainted: [L]=SOFTLOCKUP [ 768.755417][T17303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 768.755427][T17303] Call Trace: [ 768.755433][T17303] [ 768.755439][T17303] dump_stack_lvl+0x100/0x190 [ 768.755461][T17303] should_fail_ex.cold+0x5/0xa [ 768.755489][T17303] core_sys_select+0x9b9/0xbb0 [ 768.755512][T17303] ? __pfx_core_sys_select+0x10/0x10 [ 768.755550][T17303] ? ktime_get_ts64+0x306/0x420 [ 768.755574][T17303] ? ktime_get_ts64+0x318/0x420 [ 768.755595][T17303] ? ktime_get_ts64+0x257/0x420 [ 768.755618][T17303] kern_select+0x1d0/0x280 [ 768.755637][T17303] ? __pfx_kern_select+0x10/0x10 [ 768.755654][T17303] ? xfd_validate_state+0x129/0x190 [ 768.755675][T17303] __x64_sys_select+0xbd/0x160 [ 768.755691][T17303] ? do_syscall_64+0x90/0x840 [ 768.755711][T17303] ? lockdep_hardirqs_on+0x78/0x100 [ 768.755731][T17303] do_syscall_64+0x115/0x840 [ 768.755751][T17303] ? clear_bhb_loop+0x40/0x90 [ 768.755769][T17303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.755785][T17303] RIP: 0033:0x7ff213d9ce59 [ 768.755799][T17303] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 768.755814][T17303] RSP: 002b:00007ff214d03028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 768.755829][T17303] RAX: ffffffffffffffda RBX: 00007ff214015fa0 RCX: 00007ff213d9ce59 [ 768.755839][T17303] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 768.755849][T17303] RBP: 00007ff213e32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 768.755858][T17303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 768.755867][T17303] R13: 00007ff214016038 R14: 00007ff214015fa0 R15: 00007ffcd2d06928 [ 768.755888][T17303] [ 768.992344][T17267] kexec: Could not allocate control_code_buffer [ 769.442432][T17309] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2605'. [ 769.572571][T17312] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2606'. [ 770.251347][ T5639] Bluetooth: hci1: command 0x2016 tx timeout [ 771.121793][T17353] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2618'. [ 771.442624][T17360] FAULT_INJECTION: forcing a failure. [ 771.442624][T17360] name failslab, interval 1, probability 0, space 0, times 0 [ 771.515155][T17360] CPU: 0 UID: 0 PID: 17360 Comm: syz.2.2619 Tainted: G L syzkaller #0 PREEMPT(full) [ 771.515181][T17360] Tainted: [L]=SOFTLOCKUP [ 771.515186][T17360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 771.515196][T17360] Call Trace: [ 771.515201][T17360] [ 771.515208][T17360] dump_stack_lvl+0x100/0x190 [ 771.515267][T17360] should_fail_ex.cold+0x5/0xa [ 771.515287][T17360] ? lsm_blob_alloc+0x68/0x90 [ 771.515309][T17360] should_failslab+0xc2/0x120 [ 771.515328][T17360] __kmalloc_noprof+0xe0/0x850 [ 771.515342][T17360] ? trace_kmem_cache_alloc+0xd5/0x100 [ 771.515364][T17360] lsm_blob_alloc+0x68/0x90 [ 771.515385][T17360] security_prepare_creds+0x2d/0x290 [ 771.515407][T17360] prepare_creds+0x5d6/0x950 [ 771.515425][T17360] __do_sys_landlock_restrict_self+0x14c/0x9e0 [ 771.515442][T17360] ? rcu_is_watching+0x12/0xc0 [ 771.515462][T17360] do_syscall_64+0x115/0x840 [ 771.515486][T17360] ? clear_bhb_loop+0x40/0x90 [ 771.515504][T17360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.515519][T17360] RIP: 0033:0x7ff213d9ce59 [ 771.515532][T17360] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 771.515547][T17360] RSP: 002b:00007ff214ce2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 771.515563][T17360] RAX: ffffffffffffffda RBX: 00007ff214016090 RCX: 00007ff213d9ce59 [ 771.515573][T17360] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000003 [ 771.515582][T17360] RBP: 00007ff214ce2090 R08: 0000000000000000 R09: 0000000000000000 [ 771.515591][T17360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 771.515600][T17360] R13: 00007ff214016128 R14: 00007ff214016090 R15: 00007ffcd2d06928 [ 771.515619][T17360] [ 771.990621][T17370] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 772.230955][T17384] FAULT_INJECTION: forcing a failure. [ 772.230955][T17384] name failslab, interval 1, probability 0, space 0, times 0 [ 772.277515][T17384] CPU: 0 UID: 0 PID: 17384 Comm: syz.3.2626 Tainted: G L syzkaller #0 PREEMPT(full) [ 772.277541][T17384] Tainted: [L]=SOFTLOCKUP [ 772.277547][T17384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 772.277555][T17384] Call Trace: [ 772.277561][T17384] [ 772.277567][T17384] dump_stack_lvl+0x100/0x190 [ 772.277591][T17384] should_fail_ex.cold+0x5/0xa [ 772.277612][T17384] should_failslab+0xc2/0x120 [ 772.277631][T17384] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 772.277656][T17384] ? alloc_unbound_pwq+0x3ff/0xdd0 [ 772.277678][T17384] alloc_unbound_pwq+0x3ff/0xdd0 [ 772.277701][T17384] apply_wqattrs_prepare+0x847/0xbb0 [ 772.277726][T17384] apply_workqueue_attrs_locked+0x64/0xe0 [ 772.277745][T17384] apply_workqueue_attrs+0x2a/0x50 [ 772.277764][T17384] padata_set_cpumask+0x260/0x530 [ 772.277787][T17384] store_cpumask+0x120/0x1a0 [ 772.277803][T17384] ? __pfx_store_cpumask+0x10/0x10 [ 772.277821][T17384] ? find_held_lock+0x2b/0x80 [ 772.277839][T17384] ? sysfs_file_kobj+0xe4/0x290 [ 772.277863][T17384] ? sysfs_file_kobj+0xe4/0x290 [ 772.277887][T17384] ? __pfx_store_cpumask+0x10/0x10 [ 772.277903][T17384] padata_sysfs_store+0x5c/0x90 [ 772.277919][T17384] ? __pfx_padata_sysfs_store+0x10/0x10 [ 772.277935][T17384] sysfs_kf_write+0xf2/0x150 [ 772.277960][T17384] kernfs_fop_write_iter+0x3e0/0x5f0 [ 772.277980][T17384] ? __pfx_sysfs_kf_write+0x10/0x10 [ 772.278006][T17384] vfs_write+0x6ac/0x1070 [ 772.278024][T17384] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 772.278048][T17384] ? __pfx_vfs_write+0x10/0x10 [ 772.278078][T17384] ksys_write+0x12a/0x250 [ 772.278095][T17384] ? __pfx_ksys_write+0x10/0x10 [ 772.278114][T17384] ? rcu_is_watching+0x12/0xc0 [ 772.278135][T17384] do_syscall_64+0x115/0x840 [ 772.278157][T17384] ? clear_bhb_loop+0x40/0x90 [ 772.278176][T17384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.278192][T17384] RIP: 0033:0x7f2718d9ce59 [ 772.278206][T17384] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 772.278221][T17384] RSP: 002b:00007f2719bb5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 772.278236][T17384] RAX: ffffffffffffffda RBX: 00007f2719015fa0 RCX: 00007f2718d9ce59 [ 772.278246][T17384] RDX: 0000000000000003 RSI: 0000200000000340 RDI: 0000000000000004 [ 772.278255][T17384] RBP: 00007f2719bb5090 R08: 0000000000000000 R09: 0000000000000000 [ 772.278265][T17384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 772.278273][T17384] R13: 00007f2719016038 R14: 00007f2719015fa0 R15: 00007fffc71bff78 [ 772.278299][T17384] [ 774.106413][T17399] sd 0:0:1:0: PR command failed: 1026 [ 774.154749][T17399] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 774.204949][T17399] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 777.392295][T17450] random: crng reseeded on system resumption [ 777.868810][T17453] sd 0:0:1:0: PR command failed: 1026 [ 777.892240][T17453] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 777.928688][T17453] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 778.729621][T17461] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2643'. [ 779.299875][T17469] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 779.381504][T17479] FAULT_INJECTION: forcing a failure. [ 779.381504][T17479] name failslab, interval 1, probability 0, space 0, times 0 [ 779.459725][T17479] CPU: 0 UID: 0 PID: 17479 Comm: syz.1.2646 Tainted: G L syzkaller #0 PREEMPT(full) [ 779.459752][T17479] Tainted: [L]=SOFTLOCKUP [ 779.459758][T17479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 779.459767][T17479] Call Trace: [ 779.459773][T17479] [ 779.459779][T17479] dump_stack_lvl+0x100/0x190 [ 779.459801][T17479] should_fail_ex.cold+0x5/0xa [ 779.459821][T17479] should_failslab+0xc2/0x120 [ 779.459839][T17479] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 779.459864][T17479] ? __alloc_skb+0x140/0x710 [ 779.459948][T17479] ? __alloc_skb+0x5b7/0x710 [ 779.459965][T17479] __alloc_skb+0x140/0x710 [ 779.459978][T17479] ? __alloc_skb+0x5b7/0x710 [ 779.459991][T17479] ? __pfx___alloc_skb+0x10/0x10 [ 779.460004][T17479] ? find_held_lock+0x2b/0x80 [ 779.460022][T17479] ? unix_autobind+0xaf/0x960 [ 779.460104][T17479] ? unix_autobind+0xaf/0x960 [ 779.460127][T17479] alloc_skb_with_frags+0xdd/0x760 [ 779.460145][T17479] ? reacquire_held_locks+0xce/0x1e0 [ 779.460171][T17479] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 779.460197][T17479] sock_alloc_send_pskb+0x801/0x980 [ 779.460226][T17479] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 779.460257][T17479] unix_dgram_sendmsg+0x3c7/0x1810 [ 779.460282][T17479] ? tomoyo_socket_sendmsg_permission+0x14e/0x3c0 [ 779.460311][T17479] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 779.460333][T17479] ? iovec_from_user+0xda/0x140 [ 779.460355][T17479] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 779.460379][T17479] ? __import_iovec+0x1d2/0x640 [ 779.460401][T17479] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 779.460423][T17479] ____sys_sendmsg+0x9e1/0xb70 [ 779.460442][T17479] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 779.460466][T17479] ? __pfx_____sys_sendmsg+0x10/0x10 [ 779.460488][T17479] ? __pfx__kstrtoull+0x10/0x10 [ 779.460506][T17479] ___sys_sendmsg+0x190/0x1e0 [ 779.460528][T17479] ? __pfx____sys_sendmsg+0x10/0x10 [ 779.460564][T17479] ? find_held_lock+0x2b/0x80 [ 779.460593][T17479] __sys_sendmmsg+0x205/0x430 [ 779.460611][T17479] ? __pfx___sys_sendmmsg+0x10/0x10 [ 779.460633][T17479] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 779.460662][T17479] ? fput+0x79/0x100 [ 779.460682][T17479] ? ksys_write+0x1ac/0x250 [ 779.460699][T17479] ? __pfx_ksys_write+0x10/0x10 [ 779.460719][T17479] __x64_sys_sendmmsg+0x9c/0x100 [ 779.460734][T17479] ? lockdep_hardirqs_on+0x78/0x100 [ 779.460755][T17479] do_syscall_64+0x115/0x840 [ 779.460775][T17479] ? clear_bhb_loop+0x40/0x90 [ 779.460793][T17479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.460808][T17479] RIP: 0033:0x7fe192d9ce59 [ 779.460821][T17479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 779.460836][T17479] RSP: 002b:00007fe193cdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 779.460851][T17479] RAX: ffffffffffffffda RBX: 00007fe193015fa0 RCX: 00007fe192d9ce59 [ 779.460861][T17479] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 779.460870][T17479] RBP: 00007fe193cdc090 R08: 0000000000000000 R09: 0000000000000000 [ 779.460879][T17479] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000001 [ 779.460888][T17479] R13: 00007fe193016038 R14: 00007fe193015fa0 R15: 00007ffc78870678 [ 779.460907][T17479] [ 780.422730][T17485] snd_virmidi snd_virmidi.0: control 61678:99999999:4:yª:0 is already present [ 780.471336][T17489] FAULT_INJECTION: forcing a failure. [ 780.471336][T17489] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 780.484971][T17485] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 2 with error 117 [ 780.521496][T17485] EXT4-fs (sda1): This should not happen!! Data will be lost [ 780.521496][T17485] [ 780.534650][T17489] CPU: 0 UID: 0 PID: 17489 Comm: syz.0.2649 Tainted: G L syzkaller #0 PREEMPT(full) [ 780.534679][T17489] Tainted: [L]=SOFTLOCKUP [ 780.534686][T17489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 780.534696][T17489] Call Trace: [ 780.534702][T17489] [ 780.534708][T17489] dump_stack_lvl+0x100/0x190 [ 780.534731][T17489] should_fail_ex.cold+0x5/0xa [ 780.534752][T17489] core_sys_select+0x9b9/0xbb0 [ 780.534776][T17489] ? __pfx_core_sys_select+0x10/0x10 [ 780.534812][T17489] ? ktime_get_ts64+0x306/0x420 [ 780.534836][T17489] ? ktime_get_ts64+0x318/0x420 [ 780.534858][T17489] ? ktime_get_ts64+0x257/0x420 [ 780.534881][T17489] kern_select+0x1d0/0x280 [ 780.534899][T17489] ? __pfx_kern_select+0x10/0x10 [ 780.534917][T17489] ? xfd_validate_state+0x129/0x190 [ 780.534937][T17489] __x64_sys_select+0xbd/0x160 [ 780.534953][T17489] ? do_syscall_64+0x90/0x840 [ 780.534973][T17489] ? lockdep_hardirqs_on+0x78/0x100 [ 780.534993][T17489] do_syscall_64+0x115/0x840 [ 780.535013][T17489] ? clear_bhb_loop+0x40/0x90 [ 780.535031][T17489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.535047][T17489] RIP: 0033:0x7fd34bd9ce59 [ 780.535061][T17489] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 780.535075][T17489] RSP: 002b:00007fd34cb97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 780.535090][T17489] RAX: ffffffffffffffda RBX: 00007fd34c015fa0 RCX: 00007fd34bd9ce59 [ 780.535101][T17489] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 780.535110][T17489] RBP: 00007fd34be32d6f R08: 00002000000001c0 R09: 0000000000000000 [ 780.535120][T17489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 780.535128][T17489] R13: 00007fd34c016038 R14: 00007fd34c015fa0 R15: 00007ffcd6afe5b8 [ 780.535147][T17489] [ 781.497303][ T5637] Bluetooth: hci4: unexpected event 0x14 length: 16 > 6 [ 781.925807][T17514] snd_virmidi snd_virmidi.0: control 61678:131081:4:yª:0 is already present [ 782.056388][ T5637] Bluetooth: hci4: unexpected event 0x3e length: 508 > 260 [ 782.056415][ T5637] Bluetooth: hci4: unexpected subevent 0x02 length: 507 > 260 [ 782.072397][ T5637] Bluetooth: hci4: Dropping invalid advertising data [ 782.079827][ T5637] Bluetooth: hci4: unknown advertising packet type: 0xe9 [ 782.079870][ T5637] Bluetooth: hci4: Dropping invalid advertising data [ 782.097683][ T5637] Bluetooth: hci4: Malformed LE Event: 0x02 [ 782.108349][ T5637] Bluetooth: hci4: unexpected event 0x3e length: 508 > 260 [ 782.108375][ T5637] Bluetooth: hci4: unexpected subevent 0x02 length: 507 > 260 [ 782.123468][ T5637] Bluetooth: hci4: Dropping invalid advertising data [ 782.134009][ T5637] Bluetooth: hci4: unknown advertising packet type: 0xe9 [ 782.134034][ T5637] Bluetooth: hci4: Dropping invalid advertising data [ 782.148081][ T5637] Bluetooth: hci4: Malformed LE Event: 0x02 [ 782.154506][ T5637] Bluetooth: hci4: unexpected event 0x3e length: 508 > 260 [ 782.154527][ T5637] Bluetooth: hci4: unexpected subevent 0x02 length: 507 > 260 [ 782.169589][ T5637] Bluetooth: hci4: Dropping invalid advertising data [ 782.176629][ T5637] Bluetooth: hci4: unknown advertising packet type: 0xe9 [ 782.176651][ T5637] Bluetooth: hci4: Dropping invalid advertising data [ 782.190650][ T5637] Bluetooth: hci4: Malformed LE Event: 0x02 [ 782.197074][ T5637] Bluetooth: hci4: unexpected event 0x3e length: 508 > 260 [ 782.197095][ T5637] Bluetooth: hci4: unexpected subevent 0x02 length: 507 > 260 [ 782.217225][ T5637] Bluetooth: hci4: Dropping invalid advertising data [ 782.224329][ T5637] Bluetooth: hci4: unknown advertising packet type: 0xe9 [ 782.224351][ T5637] Bluetooth: hci4: Dropping invalid advertising data [ 782.240714][ T5637] Bluetooth: hci4: Malformed LE Event: 0x02 [ 782.258066][T17522] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117 [ 782.373305][T17522] EXT4-fs (sda1): This should not happen!! Data will be lost [ 782.373305][T17522] [ 782.699211][T17533] futex_wake_op: syz.3.2656 tries to shift op by -2048; fix this program [ 782.804748][T17535] FAULT_INJECTION: forcing a failure. [ 782.804748][T17535] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 782.910102][T17535] CPU: 0 UID: 0 PID: 17535 Comm: syz.1.2657 Tainted: G L syzkaller #0 PREEMPT(full) [ 782.910136][T17535] Tainted: [L]=SOFTLOCKUP [ 782.910142][T17535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 782.910151][T17535] Call Trace: [ 782.910157][T17535] [ 782.910163][T17535] dump_stack_lvl+0x100/0x190 [ 782.910186][T17535] should_fail_ex.cold+0x5/0xa [ 782.910206][T17535] _copy_to_user+0x32/0xd0 [ 782.910230][T17535] simple_read_from_buffer+0xcb/0x170 [ 782.910250][T17535] proc_fail_nth_read+0x1af/0x230 [ 782.910275][T17535] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 782.910300][T17535] ? rw_verify_area+0xce/0x6d0 [ 782.910315][T17535] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 782.910338][T17535] vfs_read+0x1e4/0xb30 [ 782.910358][T17535] ? __pfx_vfs_read+0x10/0x10 [ 782.910374][T17535] ? __fget_files+0x215/0x3d0 [ 782.910396][T17535] ? __fget_files+0x21f/0x3d0 [ 782.910419][T17535] ksys_read+0x12a/0x250 [ 782.910435][T17535] ? __pfx_ksys_read+0x10/0x10 [ 782.910454][T17535] ? rcu_is_watching+0x12/0xc0 [ 782.910474][T17535] do_syscall_64+0x115/0x840 [ 782.910495][T17535] ? clear_bhb_loop+0x40/0x90 [ 782.910514][T17535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.910529][T17535] RIP: 0033:0x7fe192d5d68e [ 782.910542][T17535] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 782.910557][T17535] RSP: 002b:00007fe193cdbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 782.910572][T17535] RAX: ffffffffffffffda RBX: 00007fe193cdc6c0 RCX: 00007fe192d5d68e [ 782.910582][T17535] RDX: 000000000000000f RSI: 00007fe193cdc0a0 RDI: 0000000000000005 [ 782.910592][T17535] RBP: 00007fe193cdc090 R08: 0000000000000000 R09: 0000000000000000 [ 782.910601][T17535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 782.910610][T17535] R13: 00007fe193016038 R14: 00007fe193015fa0 R15: 00007ffc78870678 [ 782.910630][T17535] [ 783.542785][T16949] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 1735 with max blocks 1 with error 117 [ 783.576529][T16949] EXT4-fs (sda1): This should not happen!! Data will be lost [ 783.576529][T16949] [ 783.704028][T16949] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 3125 with max blocks 378 with error 117 [ 783.769631][T16949] EXT4-fs (sda1): This should not happen!! Data will be lost [ 783.769631][T16949] [ 783.900826][T16949] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 1739 with max blocks 1 with error 117 [ 783.957470][T16949] EXT4-fs (sda1): This should not happen!! Data will be lost [ 783.957470][T16949] [ 784.294119][T17535] Process accounting paused [ 784.831950][T17551] bond0: invalid ARP target specified [ 786.864722][T17587] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 786.891575][T17587] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 787.278335][T17598] can0: slcan on ttyS2. [ 787.610453][T17603] can0 (unregistered): slcan off ttyS2. [ 787.730456][ T5639] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 787.750849][ T5639] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 787.762801][ T5639] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 787.776140][ T5639] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 787.790995][ T5639] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 788.641719][T17374] ------------[ cut here ]------------ [ 788.649930][T17374] ODEBUG: free active (active state 0) object: ffff888074f59438 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 788.663583][T17374] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#0: syz.2.2624/17374 [ 788.673805][T17374] Modules linked in: [ 788.677824][T17374] CPU: 0 UID: 0 PID: 17374 Comm: syz.2.2624 Tainted: G L syzkaller #0 PREEMPT(full) [ 788.689798][T17374] Tainted: [L]=SOFTLOCKUP [ 788.694768][T17374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 788.705539][T17374] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 788.711532][T17374] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 22 fe e1 0b 41 56 48 8b 14 dd 40 57 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 8c 79 d7 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 788.731710][T17374] RSP: 0018:ffffc900051e76f8 EFLAGS: 00010246 [ 788.738009][T17374] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 788.745990][T17374] RDX: ffffffff8c1c5680 RSI: ffffffff8c1c52a0 RDI: ffffffff90e1f650 [ 788.754256][T17374] RBP: 0000000000000001 R08: ffff888074f59438 R09: ffffffff8bb2c6a0 [ 788.762341][T17374] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c52a0 [ 788.770351][T17374] R13: ffffffff8bb2c6e0 R14: ffffffff8a9168b0 R15: ffffc900051e77f8 [ 788.778329][T17374] FS: 0000000000000000(0000) GS:ffff88812438a000(0000) knlGS:0000000000000000 [ 788.788241][T17374] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 788.794819][T17374] CR2: 0000000000009000 CR3: 000000007c73e000 CR4: 00000000003526f0 [ 788.803491][T17374] Call Trace: [ 788.806768][T17374] [ 788.809795][T17374] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 788.815269][T17374] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 788.821105][T17374] debug_check_no_obj_freed+0x4da/0x630 [ 788.826676][T17374] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 788.832805][T17374] ? __page_table_check_zero+0x333/0x410 [ 788.838463][T17374] ? __page_table_check_zero+0x338/0x410 [ 788.844099][T17374] __free_frozen_pages+0x3fc/0x10a0 [ 788.849353][T17374] hci_release_dev+0x4ef/0x630 [ 788.854214][T17374] ? __pfx_hci_release_dev+0x10/0x10 [ 788.859522][T17374] ? device_release+0x97/0x270 [ 788.864301][T17374] ? rcu_is_watching+0x12/0xc0 [ 788.869090][T17374] ? device_release+0x97/0x270 [ 788.873865][T17374] bt_host_release+0x6a/0xb0 [ 788.878553][T17374] ? __pfx_bt_host_release+0x10/0x10 [ 788.883853][T17374] device_release+0xd2/0x270 [ 788.889671][T17374] kobject_put+0x1f7/0x640 [ 788.894150][T17374] put_device+0x1f/0x30 [ 788.898935][T17374] vhci_release+0x185/0x230 [ 788.903490][T17374] ? __pfx_vhci_release+0x10/0x10 [ 788.908569][T17374] __fput+0x3ff/0xb50 [ 788.912549][T17374] task_work_run+0x150/0x240 [ 788.917148][T17374] ? __pfx_task_work_run+0x10/0x10 [ 788.922292][T17374] do_exit+0x951/0x2af0 [ 788.926442][T17374] ? __pfx___might_resched+0x10/0x10 [ 788.931771][T17374] ? rcu_is_watching+0x12/0xc0 [ 788.936524][T17374] ? __pfx_do_exit+0x10/0x10 [ 788.941168][T17374] ? do_raw_spin_lock+0x128/0x260 [ 788.946269][T17374] ? find_held_lock+0x2b/0x80 [ 788.950974][T17374] ? get_signal+0x7e5/0x2210 [ 788.955557][T17374] do_group_exit+0xd5/0x2a0 [ 788.960159][T17374] get_signal+0x20ff/0x2210 [ 788.964691][T17374] ? do_raw_spin_unlock+0x145/0x1e0 [ 788.969911][T17374] ? __pfx_get_signal+0x10/0x10 [ 788.974753][T17374] ? kernel_move_pages+0xcfd/0x13f0 [ 788.980014][T17374] arch_do_signal_or_restart+0x91/0x7a0 [ 788.985581][T17374] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 788.992718][T17374] ? rcu_is_watching+0x12/0xc0 [ 788.998126][T17374] exit_to_user_mode_loop+0x98/0x670 [ 789.003419][T17374] ? rcu_is_watching+0x12/0xc0 [ 789.008229][T17374] do_syscall_64+0x652/0x840 [ 789.012816][T17374] ? clear_bhb_loop+0x40/0x90 [ 789.017529][T17374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.023416][T17374] RIP: 0033:0x7ff213d9ce59 [ 789.027853][T17374] Code: Unable to access opcode bytes at 0x7ff213d9ce2f. [ 789.034872][T17374] RSP: 002b:00007ff214cc1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 789.043319][T17374] RAX: fffffffffffffff2 RBX: 00007ff214016180 RCX: 00007ff213d9ce59 [ 789.051326][T17374] RDX: 0000000000000000 RSI: 0002000000000003 RDI: 0000000000000001 [ 789.059311][T17374] RBP: 00007ff213e32d6f R08: 0000000000000000 R09: 8000400000000000 [ 789.067383][T17374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 789.075367][T17374] R13: 00007ff214016218 R14: 00007ff214016180 R15: 00007ffcd2d06928 [ 789.083441][T17374] [ 789.086461][T17374] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 789.093734][T17374] CPU: 0 UID: 0 PID: 17374 Comm: syz.2.2624 Tainted: G L syzkaller #0 PREEMPT(full) [ 789.104654][T17374] Tainted: [L]=SOFTLOCKUP [ 789.108962][T17374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 789.119018][T17374] Call Trace: [ 789.122301][T17374] [ 789.125219][T17374] dump_stack_lvl+0x100/0x190 [ 789.129906][T17374] vpanic+0x552/0x970 [ 789.133888][T17374] ? __pfx_vpanic+0x10/0x10 [ 789.138465][T17374] panic+0xd1/0xe0 [ 789.142185][T17374] ? __pfx_panic+0x10/0x10 [ 789.146593][T17374] ? check_panic_on_warn+0x1f/0x90 [ 789.151696][T17374] check_panic_on_warn.cold+0x19/0x34 [ 789.157054][T17374] ? debug_print_object+0x18e/0x2a0 [ 789.162237][T17374] __warn.cold+0x191/0x328 [ 789.166641][T17374] __report_bug+0x296/0x3d0 [ 789.171204][T17374] ? debug_print_object+0x18e/0x2a0 [ 789.176389][T17374] ? __pfx___report_bug+0x10/0x10 [ 789.181406][T17374] ? unwind_next_frame+0x3c8/0x2090 [ 789.186602][T17374] report_bug_entry+0xe1/0x290 [ 789.191354][T17374] ? debug_print_object+0x19b/0x2a0 [ 789.196538][T17374] handle_bug+0x1cd/0x2a0 [ 789.200855][T17374] exc_invalid_op+0x17/0x50 [ 789.205340][T17374] asm_exc_invalid_op+0x1a/0x20 [ 789.210174][T17374] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 789.215970][T17374] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 22 fe e1 0b 41 56 48 8b 14 dd 40 57 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 8c 79 d7 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 789.235567][T17374] RSP: 0018:ffffc900051e76f8 EFLAGS: 00010246 [ 789.241620][T17374] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 789.249576][T17374] RDX: ffffffff8c1c5680 RSI: ffffffff8c1c52a0 RDI: ffffffff90e1f650 [ 789.257531][T17374] RBP: 0000000000000001 R08: ffff888074f59438 R09: ffffffff8bb2c6a0 [ 789.265492][T17374] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c52a0 [ 789.273449][T17374] R13: ffffffff8bb2c6e0 R14: ffffffff8a9168b0 R15: ffffc900051e77f8 [ 789.281432][T17374] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 789.286901][T17374] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 789.292346][T17374] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 789.298144][T17374] debug_check_no_obj_freed+0x4da/0x630 [ 789.303689][T17374] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 789.309748][T17374] ? __page_table_check_zero+0x333/0x410 [ 789.315372][T17374] ? __page_table_check_zero+0x338/0x410 [ 789.320998][T17374] __free_frozen_pages+0x3fc/0x10a0 [ 789.326194][T17374] hci_release_dev+0x4ef/0x630 [ 789.330947][T17374] ? __pfx_hci_release_dev+0x10/0x10 [ 789.336219][T17374] ? device_release+0x97/0x270 [ 789.340969][T17374] ? rcu_is_watching+0x12/0xc0 [ 789.345724][T17374] ? device_release+0x97/0x270 [ 789.350499][T17374] bt_host_release+0x6a/0xb0 [ 789.355100][T17374] ? __pfx_bt_host_release+0x10/0x10 [ 789.360375][T17374] device_release+0xd2/0x270 [ 789.364954][T17374] kobject_put+0x1f7/0x640 [ 789.369369][T17374] put_device+0x1f/0x30 [ 789.373512][T17374] vhci_release+0x185/0x230 [ 789.378013][T17374] ? __pfx_vhci_release+0x10/0x10 [ 789.383048][T17374] __fput+0x3ff/0xb50 [ 789.387025][T17374] task_work_run+0x150/0x240 [ 789.391601][T17374] ? __pfx_task_work_run+0x10/0x10 [ 789.396702][T17374] do_exit+0x951/0x2af0 [ 789.400848][T17374] ? __pfx___might_resched+0x10/0x10 [ 789.406116][T17374] ? rcu_is_watching+0x12/0xc0 [ 789.410892][T17374] ? __pfx_do_exit+0x10/0x10 [ 789.415477][T17374] ? do_raw_spin_lock+0x128/0x260 [ 789.420486][T17374] ? find_held_lock+0x2b/0x80 [ 789.425150][T17374] ? get_signal+0x7e5/0x2210 [ 789.429753][T17374] do_group_exit+0xd5/0x2a0 [ 789.434271][T17374] get_signal+0x20ff/0x2210 [ 789.438767][T17374] ? do_raw_spin_unlock+0x145/0x1e0 [ 789.443956][T17374] ? __pfx_get_signal+0x10/0x10 [ 789.448799][T17374] ? kernel_move_pages+0xcfd/0x13f0 [ 789.454003][T17374] arch_do_signal_or_restart+0x91/0x7a0 [ 789.459544][T17374] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 789.465694][T17374] ? rcu_is_watching+0x12/0xc0 [ 789.470450][T17374] exit_to_user_mode_loop+0x98/0x670 [ 789.475728][T17374] ? rcu_is_watching+0x12/0xc0 [ 789.480486][T17374] do_syscall_64+0x652/0x840 [ 789.485069][T17374] ? clear_bhb_loop+0x40/0x90 [ 789.489733][T17374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.495610][T17374] RIP: 0033:0x7ff213d9ce59 [ 789.500009][T17374] Code: Unable to access opcode bytes at 0x7ff213d9ce2f. [ 789.507031][T17374] RSP: 002b:00007ff214cc1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 789.515430][T17374] RAX: fffffffffffffff2 RBX: 00007ff214016180 RCX: 00007ff213d9ce59 [ 789.523387][T17374] RDX: 0000000000000000 RSI: 0002000000000003 RDI: 0000000000000001 [ 789.531342][T17374] RBP: 00007ff213e32d6f R08: 0000000000000000 R09: 8000400000000000 [ 789.539294][T17374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 789.547246][T17374] R13: 00007ff214016218 R14: 00007ff214016180 R15: 00007ffcd2d06928 [ 789.555211][T17374] [ 789.558288][T17374] Kernel Offset: disabled [ 789.562613][T17374] Rebooting in 86400 seconds..