last executing test programs: 3m51.065753884s ago: executing program 1 (id=2587): close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x4) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x29, 0x5, 0x0) socket(0x2, 0x1, 0x6) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r1, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) sendfile$auto(r0, r0, 0x0, 0x2) close_range$auto(0x2, 0xa, 0x0) 3m50.86331343s ago: executing program 1 (id=2589): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) clock_gettime$auto(0x5, &(0x7f0000000180)={0x10001, 0x1cc}) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) r0 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x10000, 0x7, 0x8000000000000000, 0x0) open(0x0, 0x20342, 0x55) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0xfffe}, 0x55) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) readv$auto(r0, &(0x7f0000000140)={0x0, 0xd}, 0x8) 3m49.879430162s ago: executing program 1 (id=2595): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r0, 0x8000) madvise$auto(0x0, 0x400053, 0x9) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) r1 = socketcall$auto(0x8000ffa, 0x0) fcntl$auto(0x8000000000000001, 0x5, 0x8) close_range$auto(0x2, 0xa, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1643, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0x4020ae76, r1) 3m49.301713374s ago: executing program 1 (id=2600): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0xfffffff7, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x2a) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x48080, 0x0) r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x40, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80805, 0x0) eventfd$auto(0x7) select$auto(0x5, 0x0, 0x0, &(0x7f00000001c0)={[0x1aa57c94, 0x95, 0x5, 0x100000003, 0x8475, 0x6, 0x1, 0x9, 0xec, 0x2, 0x8, 0x8, 0x200, 0x7]}, 0x0) read$auto_proc_single_file_operations_base(r0, &(0x7f0000000080)=""/43, 0x2b) 3m47.835980015s ago: executing program 1 (id=2605): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/device\x00', 0x800, 0x0) pread64$auto(r0, 0x0, 0x100000000b, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) socket(0xa, 0x2, 0x3a) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) r3 = socketcall$auto(0xa, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x345, 0x400, 0x9}]}) 3m47.19366782s ago: executing program 1 (id=2610): mmap$auto(0xffffffffffffffff, 0x2020006, 0x2, 0x800000000000eb1, 0xfffffffffffffffa, 0x8001) r0 = io_uring_setup$auto(0x82, 0x0) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) brk$auto(0x7fffffffefff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x200}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0xc840) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r1) msgctl$auto_MSG_INFO(0x454d, 0xc, &(0x7f0000000240)={{0x3f, 0x0, 0xffffffffffffffff, 0x9, 0x0, 0x7f, 0x4}, &(0x7f0000000080)=0x71, &(0x7f00000000c0)=0xc1, 0xb2ae, 0x7ff, 0x7, 0x6, 0x508, 0xfff, 0x3, 0xb, @raw=0x8, @raw=0x80000000}) setitimer$auto(0x9, &(0x7f00000001c0)={{0x0, 0x6}, {0x81, 0xd00}}, &(0x7f0000000200)={{0x8, 0xd9}, {0xf63}}) sendmsg$auto_NL802154_CMD_ABORT_SCAN(r0, &(0x7f0000001780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001740)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9b0e0000", @ANYRES16=r3, @ANYBLOB="920629bd7000fedbdf252400000005000800030000000c001700070000000000000018122f806800478008000600", @ANYRES32=r4, @ANYBLOB="04004980fd7da365a721b5d9c67aeed495cec22b4b50f3319cec2ff76f42261a12b85e3d1e7f53334b48d0260019b89ba7bfa949783d9ef89892b7b875ec2d8967d7baf5343121be8903c0d591f8bd0d95ba38865eb95781771c683d0800d48004003a801d05ee547f58147fae8e9625697ceeae848408d54819b588db8b0808512e2291cccd8b7cb121522f4c58f9e803a0cb2676b9e9d0799f72eef25c18d9933a47c15706fa350f5b654fbe3458e26b7c2189387414b6154599b6c12196e0618bd059c062b8890371c0228a5508fbea75bf3c152e082f70af0fc0c239cb7b82b354dcf1aed9519771bf42ab016b8aa9b3ccebf765869c9391f4b2fee058985ae0bce47b1b812c6d8715c07ffb7a0ec0e03e9c0b2dcb161ed8d2aab0276e1dfb2ea479143eaa45cc1616402439b0ccd44948a7eab44cc703caaa0f7a989e324812da74a495924bc5d716f9294f4cef58ce2d81db148d82ae4a76cee263a2f3fb8460907a4988004beec77edb21933b6354f736a385d76e071ae6a90a56439a2af81b8ce32b74a90e59b24e1dd68b07218c0f2e49fcf70ad65a54cced6fe7353260e6e7aa4f55e98c2e89caaeeb09e5935bccf03278d316e58d7c716e2576aaa46f868596a7cf9c6275c947f8b0b94a3f7dba3e791b15e6e0445a92cc464f21a932e7cdd35013013a903cdca1b1fea5ebf5044141497d3f23464f36990fe071770308694ec1aac98bbd76b1ca6cd57da8781791b79aa48a05bd5d825fb9b4a1225a8307b355826d802e071dc211954a5c3ec8895d77d9c57fca4f83a7344c93af1ec15434c72a53a90233030df83c03da69c8b43b1f8467e0939a414479427e8c44fd24f01e3aa79466a8b3ed61b7d63e44558690930223a80a9811f718bf8cd4f60bb0ab90b261d6ded4dbde3c7801242db8f11ddce8813ec89138acd72d0d7f3df54cedeeb9130753831f7bdafc9526c25adffa115fce84f98b83218b23d13dcf2aeaf521cc536ef90d2b00044bdf27921e0a099e7d17b518fda5d200b90b78620e870b0597c6083274a6ebc52f52c175585e87bc208da1ad7e2f39ba8a92df32b65b483b7f8d9b89950e6bf2f24bee998c41dd6277bf0f257437d2604d370878d2d7f46f23a8fcc5e0e8d768b59f17e1969936bb85f21c8fefc9578d8c18fdb01aba3836c871373f0dfa8412bff5477b0ab8baba63bde59eb531e3659096e3974d44cfbc4bf2eef553193dbf88035ecbe10852bb34597f671059db5b7eb205e3bd6ac43bd9ce3abe4abc4ba7e594d51c9df664f757b62b81ed4f747c6ec014ffa25d86b028ad5954c2ba87f8c786dbadbed1617a71675d7d2165831dcdf71a8652d5288211aabd4b7867a4b5c787253405cd70cd90d46e55a31882439f76d7431f02357d488b7167661a7c5e08db988891578403106e215dfe6216d3fb61b3a75c03addca5adbb2a772d1b429f1dedac23e8d41b52651a18fb0334e19d96bb741e22e9acffda34d86c6ce88bab8db5c3b74cf30a5603ed5758ac2f26895ed1ffaf69e949bdc083596c907a5533780d02f25b04b676ebb78775a70a648436f94fe458796484ef7b5b4f7f9eb9e3380ffb2904de744750af4c78b3d3f160aa5de1d2945ed529b5878684d36a71a6dbf0ce6d1be19e0158998941f2f1973b94b29771d1bd8f4b01b95e85fb47b17f4929dcb3dd7c0b180940f3960734ca7753cbd8d2afef9c2205ce06310fc73af30c3c700de3692aa6b9b4555d6f7f64419b7e31e5b15d232f67b242308154fb44c3a390343dde1dff8654039f12f2a96b87188dd57e453d1617c1a47d7a3c126921230d8656140dab29a646ae98b83e13dcec1896190aa16fc15f2743fb0880c1c429da7f28c166c4b4f2317e3f6da29623efc34bc2518ad15e3661fd44715e784bd42a5d372509d65e6d0289a54a05e812abc35e3a97834311754d95e099fcb073d08591c1bbf1239314f09321e0ecf0ecb1e2d31d74011c43168f344f1b8891788cf47b0850e4c845447650db61f789a48c0b88a552a90f3897a683c605b08d8210bd4f2b8c214d309f6e906860d84763e077208399c7fd06ff940dd3c6bccdd51eace0246b24f5a26ddf5f0d6b45edf9effadad21e42f9e078ff12a91665f817b71c274aa9b5d95be8a092a5fdc3bb58c246edbbed07cb59db17be270bb9304634d75f36f9b6a57495e30a00970a0a84a876e2afd926b868751ead524e80c63811f2e507e79a75dd160240c53fa7f6980848dcb5a509f2361c584cfa9d757d2eac801bcfc561f9f2bb35c313176dc02bf2302d0a13cbb79189e42fa4e7ea23d6bfceac3356e9e85e297051cac236936ce8eea87a6ebbcb586c805c7cad8b79a6af682ec628ca05099b6e3b6476a5e762773c5d64510da44c9fb107cb31956f96a67e678c5bc895c7bf0d4d8e2b89e786d2f416c98f1010c98ceeee2e214311575e097bfef7e018ac537747e1c527672bb7f1403ffa94d97d28f1b3ca7e1121dec75d15bb70209b9269baf1034052faabae29ede4d9f4b692b96e9bd9567d0ce535762369c605100b4d711ff2f1820dfb1e06874fd21bbc737bc7f2d13b8b1646f4b5594bda7fe06dbed38d2db78f1b4569f7a4432a16012720478394c0836b99283d85bbd3a58f4639bb6a3fa408fd96bc81ff610ddc79ba9738af0026818ee43979874218bff55dd8377de8e3fac610ee56e8b6d4c6aa47866c6b594a83fbbc46671669e1336fbd8aebc0c91e44af6869fa2b8051f9283c6b98b3adc2eef0bb8dd573836d286c114e285652d019a71a5a05b9fe109ed90a1455ede78adcfdb70c63b6d2bbb3a424b9200fcf1a122fc2393127f00014242e3b88c6636a569ff41f32f99123c2da1ef479cd14c108b6ade94f02676480583239ed80f6b3cdd40a68fe557a05262455014ad6fbb29de0ec5c55f9bd31c30c0fa05a45e5afbf572ca7ff2bf273c8bd2953dbd45e1728840640ce87788dd35f596cd17ca492afa7d36190414df90471eac7b2ec81577cdc2ee016f873c29efe6a5ef7e375f8d44f326e1bb8f817b2510f9ea139470a3005375a1b286069d0286a7c858acb68a933d802d35dcf5149a3c14ac632aa01401c0305231cbc72d3698b16d7e65d3f9b735ce984caf1e14aebe4712eacca1a831ae3ecbae0864f24baf5f67ecc3d3cf3ef67e8063810e7f9fc037b651fb01d1e48e5a5b4de258d860b10a5169cbc5b94b9df2a68f74fba061ebf9d77ec3d0952b917307c964b9ec70e79cffb44ffa9309e5d2c50dc5d30fa48183f867bac809a54a7fe7fc8e48a16f0b143f079f83fc3f53ff5d854f19e49705f86e73c0a0d17ea0f1de83f26864c45e61b06a5536f38064c635689f8982865c8135ed4bcf78c5a55fc4f751a42af972b58628c42ff636212a5037fbf79d2aa4bdc7de9d5f806cf6e39f56b8a14d426cdd6917374d32176f9ecb46702df493de63e0ab3415b83ee9ccfa71787e65271c408ce5af32e6dda45418bdef062021aa24780168a663c322fdde9e5d7cd5b05821d212fd34ca967535c73fdf8464482922d7366af380204ddbdd0bd0cd692408270e7bf6a3319da8f4dbc1dc058fd4495fb66dfbb010bfd22da55e84848e3428a585025ae2bf90d46eca30004740bd95da1254d1418514af962e64eedfc0a055d6d2d6e06887d52600ab55183982e3ba9d153c0940b6f852f701cc85406c277ace74d4ba761ac0b0a41177963e8606a3960e91a665b25e6f09b66beee79f15b9eb69455888acb97c35451c97b41670499762f5e3ee0e050bf689ec1b08285e14aa6216399944f32776e65e7de52d2fe79a8abef8b9d5827b7c8742df5d53fa3a9b7baaf45f002574f2d10f4108c583d3976f450b2700b9cba5b39fea18e606d799a2af60f5fb66ea04b95e1fd891f6aa4245669390352e0c26f85d466c86eaffe18b73fcf596bdb07b11aa00e567a548b49a292c1aa501de0b26a799094c2885a6ce1c31f577467e6a7a447ca9334c7b4b9051b403246dcfa01cd2a4f292e00cfdb6e63890808b833ff9bf636e6f90d80c28ddd8b24d163f814e9dadf0aa43fe0bf6e101b28c44eb098686c835b25821423d38a54f91bc43b86d863182bf7da3934a4e8c496fa83124078c3eee8c1099b253140d523de7396431c36539231184889ef289d01d51f4697bc905ff9f3e56832e32c70b07f5f505fad8b6e2a98b9197f4dff5fc4a4a48b0d516dc61e3b08b6088c77a6d24b58549fa32b36c02384959c02364f16d21d41bedaf9787338ab4af68300ef152f24a895b620f6d2afec413598ca3c5a7a4bcd77d788b4b00554ed08cbf89a524808aaaec9a28660c83e5c59a396c12e85955e6b915adb93af64d0db836c2a5b89a445cf8d7c152599b7e5d6e8d867ea999a396efec57093abc12d43421e9b8c0ce67604bca8ccc9267c7d6782f711a4ff60b0b532a933dc4f393b479f29112725e7290680b1b4669dafda644982b64e0762b1df87dcd72304557b5f82b90116e1f3e5f88f65c0f8ed1e77c89338c953753e7e4b95a0cf82cddbe99b4a83330c8605906360119621719fcdb57d8a8e1cbc89a068d81073ce95d119029ab45a85aa9440f1cb40e7b779dabe4b5d150172690faca6681f6d9dc4bcfac5fa40162f669185df7f8b7bfd5582526b591d953f48a6930d7c9573c8d02995ec2523689482311442a4cc5ef353af0ca7b711e99daa9836bba2da2edf9d01b451a95506ccca40f0986a32e83c0128fefbd292cce1ca29efdbb18b0534903ddb3b3f21dcb9cb5c0abe42658ede43aadae58211770767149890a4cbfe471db2c520fa43a261c1df131a2ec33ef565aaa61d0abe80858e0c8fce4d4b44e82e5268e07f89b4fc2b01637e09d6060624d430eac20bc109ce14f380eec64bba066ee104a61f5c9ab76e53672674aa73c1ae9a57ac66acf85b369df8cfe36cbca486c2a040d283a9e1f71079cbf03b6ba8cf06bdeb5f4a5508bcd5b8b5b929a9c115fff08c3339dfe5ff53c9dcbbb19fb50d46e9ed9741ec4fac294270de856fe3bdb43598cace159e99064098ebc00b82eaa9e3eb84e70c380d3f65af6aea99fc0ab8991e5ee335f5fe37d9e7d99a5263339db787f86bd8ea0cfecb91e2a621e84b1f82fbc1a8fc0572bea6fba75db521d17274067b7c560598d3e146f715933330b3a5dd1d64c00f12c261332b2bc7857a0b69b6bb7227f7204ba4740a56ed5a3686298a351a0a29d4dc1c4a6271dda0132850b8e7734e9764706244796ab1c8521773085e98cef04418b028bb90723683d564fbb8c45cfb672385115951f9adfdf53a81bd8dd1df853d1eaa844a0a6b7eeb0b23f6208b0b92d79855a31340c0242f8876ec752c49eeb5651e76b217c738de93285587af1e634be869ac3e7e7a9fa8906d20a4c8f1df1089530700f60eb07332bf27e78a9e3f01de510cb955dc9bed4397460992a078ff0aa696226474ba5515ae1fd04d45a2a49ff854775e0e5ef898f79e28d26a70eb7e560de0fba33ab779a09101f1a2987f3b3b6f702edfb6be97986e10fe8819da78ada5eb69433fd76bb7c7ba0e5846ce653b620ac9c93acbb4bebd883d67e7b8b6d75d465815593158bc5616e43319af8da85097021a7b4f687294a03eaaa123b3c8d258ad5ca2379a858065ffe288d5bc7b2702ae24fba4d0a79d1a863c0e8251494f4fb6a3531a00f802421cde6e538a69ef6d795cd35f6b95d8f34b8d6f11e06e5baa3814f10ff19438f644403c6fa42b6a30b985a93d84b284f03e1d71ca715d141fff2c15f754f6191800ff8fd8df6dc0c3a47dd051b40443d0c882afb8cdcf8d776225e359d8a3e29c124e7631b5c4cf3fe37a74aae249e7ffb54c986b815ba9f32d6c5447e630398b777f93b35c5ddb7cc3b958704f436ea69f8aa8d91827fb7aa301f5807f8ae2983ee774fbd8f6c99afcaf0c8f1fb53fd6b46efd67f153ad2a96734966b349997d7e2fa335dc2d1a64521c57f2c0ab350606b8d48df055e4eeeba6d77e826aaade668bdd104814b8e9417512a5ea08e8a7ef882830655a8b1ac511a687b3f65ca03da9ec2a7da435120c6cf0ba8b9eecdbcc0d8c8524185209268ab0fdd2555ad90d728a2c6418502c07e68858ed9760bbdd663d5b0d393d77e0eca640f7dccaae0eccfc214f781283ebf8853cad8264b8ca2e2368dc74aa25cedc5b59470d71e3cd3887c4180ee50004db502b77e7071c5807d238d0961d189781d52d99276ecc15e4b506d4017d578f1d06635dd28a732d8b2f772af844de8c872b24e151578e06cc30f126111bc20cd2252105fdb3a2ca1187169ae84252b12f1809b635c2ccf6ffe9f1d6fc00e435e409567a7822695aae7cbe1b55f5b5d72efb1aa634e66e922588c4f4ed73bfb2f6300f9547a9cbb57bffdc72f899bbe00a266af271b8c2f3e5231713572cf95e3e8a54a3f852021e8239fa4cf74085a04833ef83dde789dced96adf348d12cd3b09a27b2876a15c1c7e905003b00000000000005000f0002000000140004007665746830000000000000000000000008000e000e0000000c001700ff0f00000000000006000200280000000500290001000000"], 0x1280}, 0x1, 0x0, 0x0, 0x4880}, 0x800) close_range$auto(0x2, 0x8, 0x0) 3m31.959306899s ago: executing program 32 (id=2610): mmap$auto(0xffffffffffffffff, 0x2020006, 0x2, 0x800000000000eb1, 0xfffffffffffffffa, 0x8001) r0 = io_uring_setup$auto(0x82, 0x0) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) brk$auto(0x7fffffffefff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x200}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0xc840) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r1) msgctl$auto_MSG_INFO(0x454d, 0xc, &(0x7f0000000240)={{0x3f, 0x0, 0xffffffffffffffff, 0x9, 0x0, 0x7f, 0x4}, &(0x7f0000000080)=0x71, &(0x7f00000000c0)=0xc1, 0xb2ae, 0x7ff, 0x7, 0x6, 0x508, 0xfff, 0x3, 0xb, @raw=0x8, @raw=0x80000000}) setitimer$auto(0x9, &(0x7f00000001c0)={{0x0, 0x6}, {0x81, 0xd00}}, &(0x7f0000000200)={{0x8, 0xd9}, {0xf63}}) sendmsg$auto_NL802154_CMD_ABORT_SCAN(r0, &(0x7f0000001780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001740)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9b0e0000", @ANYRES16=r3, @ANYBLOB="920629bd7000fedbdf252400000005000800030000000c001700070000000000000018122f806800478008000600", @ANYRES32=r4, @ANYBLOB="04004980fd7da365a721b5d9c67aeed495cec22b4b50f3319cec2ff76f42261a12b85e3d1e7f53334b48d0260019b89ba7bfa949783d9ef89892b7b875ec2d8967d7baf5343121be8903c0d591f8bd0d95ba38865eb95781771c683d0800d48004003a801d05ee547f58147fae8e9625697ceeae848408d54819b588db8b0808512e2291cccd8b7cb121522f4c58f9e803a0cb2676b9e9d0799f72eef25c18d9933a47c15706fa350f5b654fbe3458e26b7c2189387414b6154599b6c12196e0618bd059c062b8890371c0228a5508fbea75bf3c152e082f70af0fc0c239cb7b82b354dcf1aed9519771bf42ab016b8aa9b3ccebf765869c9391f4b2fee058985ae0bce47b1b812c6d8715c07ffb7a0ec0e03e9c0b2dcb161ed8d2aab0276e1dfb2ea479143eaa45cc1616402439b0ccd44948a7eab44cc703caaa0f7a989e324812da74a495924bc5d716f9294f4cef58ce2d81db148d82ae4a76cee263a2f3fb8460907a4988004beec77edb21933b6354f736a385d76e071ae6a90a56439a2af81b8ce32b74a90e59b24e1dd68b07218c0f2e49fcf70ad65a54cced6fe7353260e6e7aa4f55e98c2e89caaeeb09e5935bccf03278d316e58d7c716e2576aaa46f868596a7cf9c6275c947f8b0b94a3f7dba3e791b15e6e0445a92cc464f21a932e7cdd35013013a903cdca1b1fea5ebf5044141497d3f23464f36990fe071770308694ec1aac98bbd76b1ca6cd57da8781791b79aa48a05bd5d825fb9b4a1225a8307b355826d802e071dc211954a5c3ec8895d77d9c57fca4f83a7344c93af1ec15434c72a53a90233030df83c03da69c8b43b1f8467e0939a414479427e8c44fd24f01e3aa79466a8b3ed61b7d63e44558690930223a80a9811f718bf8cd4f60bb0ab90b261d6ded4dbde3c7801242db8f11ddce8813ec89138acd72d0d7f3df54cedeeb9130753831f7bdafc9526c25adffa115fce84f98b83218b23d13dcf2aeaf521cc536ef90d2b00044bdf27921e0a099e7d17b518fda5d200b90b78620e870b0597c6083274a6ebc52f52c175585e87bc208da1ad7e2f39ba8a92df32b65b483b7f8d9b89950e6bf2f24bee998c41dd6277bf0f257437d2604d370878d2d7f46f23a8fcc5e0e8d768b59f17e1969936bb85f21c8fefc9578d8c18fdb01aba3836c871373f0dfa8412bff5477b0ab8baba63bde59eb531e3659096e3974d44cfbc4bf2eef553193dbf88035ecbe10852bb34597f671059db5b7eb205e3bd6ac43bd9ce3abe4abc4ba7e594d51c9df664f757b62b81ed4f747c6ec014ffa25d86b028ad5954c2ba87f8c786dbadbed1617a71675d7d2165831dcdf71a8652d5288211aabd4b7867a4b5c787253405cd70cd90d46e55a31882439f76d7431f02357d488b7167661a7c5e08db988891578403106e215dfe6216d3fb61b3a75c03addca5adbb2a772d1b429f1dedac23e8d41b52651a18fb0334e19d96bb741e22e9acffda34d86c6ce88bab8db5c3b74cf30a5603ed5758ac2f26895ed1ffaf69e949bdc083596c907a5533780d02f25b04b676ebb78775a70a648436f94fe458796484ef7b5b4f7f9eb9e3380ffb2904de744750af4c78b3d3f160aa5de1d2945ed529b5878684d36a71a6dbf0ce6d1be19e0158998941f2f1973b94b29771d1bd8f4b01b95e85fb47b17f4929dcb3dd7c0b180940f3960734ca7753cbd8d2afef9c2205ce06310fc73af30c3c700de3692aa6b9b4555d6f7f64419b7e31e5b15d232f67b242308154fb44c3a390343dde1dff8654039f12f2a96b87188dd57e453d1617c1a47d7a3c126921230d8656140dab29a646ae98b83e13dcec1896190aa16fc15f2743fb0880c1c429da7f28c166c4b4f2317e3f6da29623efc34bc2518ad15e3661fd44715e784bd42a5d372509d65e6d0289a54a05e812abc35e3a97834311754d95e099fcb073d08591c1bbf1239314f09321e0ecf0ecb1e2d31d74011c43168f344f1b8891788cf47b0850e4c845447650db61f789a48c0b88a552a90f3897a683c605b08d8210bd4f2b8c214d309f6e906860d84763e077208399c7fd06ff940dd3c6bccdd51eace0246b24f5a26ddf5f0d6b45edf9effadad21e42f9e078ff12a91665f817b71c274aa9b5d95be8a092a5fdc3bb58c246edbbed07cb59db17be270bb9304634d75f36f9b6a57495e30a00970a0a84a876e2afd926b868751ead524e80c63811f2e507e79a75dd160240c53fa7f6980848dcb5a509f2361c584cfa9d757d2eac801bcfc561f9f2bb35c313176dc02bf2302d0a13cbb79189e42fa4e7ea23d6bfceac3356e9e85e297051cac236936ce8eea87a6ebbcb586c805c7cad8b79a6af682ec628ca05099b6e3b6476a5e762773c5d64510da44c9fb107cb31956f96a67e678c5bc895c7bf0d4d8e2b89e786d2f416c98f1010c98ceeee2e214311575e097bfef7e018ac537747e1c527672bb7f1403ffa94d97d28f1b3ca7e1121dec75d15bb70209b9269baf1034052faabae29ede4d9f4b692b96e9bd9567d0ce535762369c605100b4d711ff2f1820dfb1e06874fd21bbc737bc7f2d13b8b1646f4b5594bda7fe06dbed38d2db78f1b4569f7a4432a16012720478394c0836b99283d85bbd3a58f4639bb6a3fa408fd96bc81ff610ddc79ba9738af0026818ee43979874218bff55dd8377de8e3fac610ee56e8b6d4c6aa47866c6b594a83fbbc46671669e1336fbd8aebc0c91e44af6869fa2b8051f9283c6b98b3adc2eef0bb8dd573836d286c114e285652d019a71a5a05b9fe109ed90a1455ede78adcfdb70c63b6d2bbb3a424b9200fcf1a122fc2393127f00014242e3b88c6636a569ff41f32f99123c2da1ef479cd14c108b6ade94f02676480583239ed80f6b3cdd40a68fe557a05262455014ad6fbb29de0ec5c55f9bd31c30c0fa05a45e5afbf572ca7ff2bf273c8bd2953dbd45e1728840640ce87788dd35f596cd17ca492afa7d36190414df90471eac7b2ec81577cdc2ee016f873c29efe6a5ef7e375f8d44f326e1bb8f817b2510f9ea139470a3005375a1b286069d0286a7c858acb68a933d802d35dcf5149a3c14ac632aa01401c0305231cbc72d3698b16d7e65d3f9b735ce984caf1e14aebe4712eacca1a831ae3ecbae0864f24baf5f67ecc3d3cf3ef67e8063810e7f9fc037b651fb01d1e48e5a5b4de258d860b10a5169cbc5b94b9df2a68f74fba061ebf9d77ec3d0952b917307c964b9ec70e79cffb44ffa9309e5d2c50dc5d30fa48183f867bac809a54a7fe7fc8e48a16f0b143f079f83fc3f53ff5d854f19e49705f86e73c0a0d17ea0f1de83f26864c45e61b06a5536f38064c635689f8982865c8135ed4bcf78c5a55fc4f751a42af972b58628c42ff636212a5037fbf79d2aa4bdc7de9d5f806cf6e39f56b8a14d426cdd6917374d32176f9ecb46702df493de63e0ab3415b83ee9ccfa71787e65271c408ce5af32e6dda45418bdef062021aa24780168a663c322fdde9e5d7cd5b05821d212fd34ca967535c73fdf8464482922d7366af380204ddbdd0bd0cd692408270e7bf6a3319da8f4dbc1dc058fd4495fb66dfbb010bfd22da55e84848e3428a585025ae2bf90d46eca30004740bd95da1254d1418514af962e64eedfc0a055d6d2d6e06887d52600ab55183982e3ba9d153c0940b6f852f701cc85406c277ace74d4ba761ac0b0a41177963e8606a3960e91a665b25e6f09b66beee79f15b9eb69455888acb97c35451c97b41670499762f5e3ee0e050bf689ec1b08285e14aa6216399944f32776e65e7de52d2fe79a8abef8b9d5827b7c8742df5d53fa3a9b7baaf45f002574f2d10f4108c583d3976f450b2700b9cba5b39fea18e606d799a2af60f5fb66ea04b95e1fd891f6aa4245669390352e0c26f85d466c86eaffe18b73fcf596bdb07b11aa00e567a548b49a292c1aa501de0b26a799094c2885a6ce1c31f577467e6a7a447ca9334c7b4b9051b403246dcfa01cd2a4f292e00cfdb6e63890808b833ff9bf636e6f90d80c28ddd8b24d163f814e9dadf0aa43fe0bf6e101b28c44eb098686c835b25821423d38a54f91bc43b86d863182bf7da3934a4e8c496fa83124078c3eee8c1099b253140d523de7396431c36539231184889ef289d01d51f4697bc905ff9f3e56832e32c70b07f5f505fad8b6e2a98b9197f4dff5fc4a4a48b0d516dc61e3b08b6088c77a6d24b58549fa32b36c02384959c02364f16d21d41bedaf9787338ab4af68300ef152f24a895b620f6d2afec413598ca3c5a7a4bcd77d788b4b00554ed08cbf89a524808aaaec9a28660c83e5c59a396c12e85955e6b915adb93af64d0db836c2a5b89a445cf8d7c152599b7e5d6e8d867ea999a396efec57093abc12d43421e9b8c0ce67604bca8ccc9267c7d6782f711a4ff60b0b532a933dc4f393b479f29112725e7290680b1b4669dafda644982b64e0762b1df87dcd72304557b5f82b90116e1f3e5f88f65c0f8ed1e77c89338c953753e7e4b95a0cf82cddbe99b4a83330c8605906360119621719fcdb57d8a8e1cbc89a068d81073ce95d119029ab45a85aa9440f1cb40e7b779dabe4b5d150172690faca6681f6d9dc4bcfac5fa40162f669185df7f8b7bfd5582526b591d953f48a6930d7c9573c8d02995ec2523689482311442a4cc5ef353af0ca7b711e99daa9836bba2da2edf9d01b451a95506ccca40f0986a32e83c0128fefbd292cce1ca29efdbb18b0534903ddb3b3f21dcb9cb5c0abe42658ede43aadae58211770767149890a4cbfe471db2c520fa43a261c1df131a2ec33ef565aaa61d0abe80858e0c8fce4d4b44e82e5268e07f89b4fc2b01637e09d6060624d430eac20bc109ce14f380eec64bba066ee104a61f5c9ab76e53672674aa73c1ae9a57ac66acf85b369df8cfe36cbca486c2a040d283a9e1f71079cbf03b6ba8cf06bdeb5f4a5508bcd5b8b5b929a9c115fff08c3339dfe5ff53c9dcbbb19fb50d46e9ed9741ec4fac294270de856fe3bdb43598cace159e99064098ebc00b82eaa9e3eb84e70c380d3f65af6aea99fc0ab8991e5ee335f5fe37d9e7d99a5263339db787f86bd8ea0cfecb91e2a621e84b1f82fbc1a8fc0572bea6fba75db521d17274067b7c560598d3e146f715933330b3a5dd1d64c00f12c261332b2bc7857a0b69b6bb7227f7204ba4740a56ed5a3686298a351a0a29d4dc1c4a6271dda0132850b8e7734e9764706244796ab1c8521773085e98cef04418b028bb90723683d564fbb8c45cfb672385115951f9adfdf53a81bd8dd1df853d1eaa844a0a6b7eeb0b23f6208b0b92d79855a31340c0242f8876ec752c49eeb5651e76b217c738de93285587af1e634be869ac3e7e7a9fa8906d20a4c8f1df1089530700f60eb07332bf27e78a9e3f01de510cb955dc9bed4397460992a078ff0aa696226474ba5515ae1fd04d45a2a49ff854775e0e5ef898f79e28d26a70eb7e560de0fba33ab779a09101f1a2987f3b3b6f702edfb6be97986e10fe8819da78ada5eb69433fd76bb7c7ba0e5846ce653b620ac9c93acbb4bebd883d67e7b8b6d75d465815593158bc5616e43319af8da85097021a7b4f687294a03eaaa123b3c8d258ad5ca2379a858065ffe288d5bc7b2702ae24fba4d0a79d1a863c0e8251494f4fb6a3531a00f802421cde6e538a69ef6d795cd35f6b95d8f34b8d6f11e06e5baa3814f10ff19438f644403c6fa42b6a30b985a93d84b284f03e1d71ca715d141fff2c15f754f6191800ff8fd8df6dc0c3a47dd051b40443d0c882afb8cdcf8d776225e359d8a3e29c124e7631b5c4cf3fe37a74aae249e7ffb54c986b815ba9f32d6c5447e630398b777f93b35c5ddb7cc3b958704f436ea69f8aa8d91827fb7aa301f5807f8ae2983ee774fbd8f6c99afcaf0c8f1fb53fd6b46efd67f153ad2a96734966b349997d7e2fa335dc2d1a64521c57f2c0ab350606b8d48df055e4eeeba6d77e826aaade668bdd104814b8e9417512a5ea08e8a7ef882830655a8b1ac511a687b3f65ca03da9ec2a7da435120c6cf0ba8b9eecdbcc0d8c8524185209268ab0fdd2555ad90d728a2c6418502c07e68858ed9760bbdd663d5b0d393d77e0eca640f7dccaae0eccfc214f781283ebf8853cad8264b8ca2e2368dc74aa25cedc5b59470d71e3cd3887c4180ee50004db502b77e7071c5807d238d0961d189781d52d99276ecc15e4b506d4017d578f1d06635dd28a732d8b2f772af844de8c872b24e151578e06cc30f126111bc20cd2252105fdb3a2ca1187169ae84252b12f1809b635c2ccf6ffe9f1d6fc00e435e409567a7822695aae7cbe1b55f5b5d72efb1aa634e66e922588c4f4ed73bfb2f6300f9547a9cbb57bffdc72f899bbe00a266af271b8c2f3e5231713572cf95e3e8a54a3f852021e8239fa4cf74085a04833ef83dde789dced96adf348d12cd3b09a27b2876a15c1c7e905003b00000000000005000f0002000000140004007665746830000000000000000000000008000e000e0000000c001700ff0f00000000000006000200280000000500290001000000"], 0x1280}, 0x1, 0x0, 0x0, 0x4880}, 0x800) close_range$auto(0x2, 0x8, 0x0) 3m10.737869064s ago: executing program 0 (id=2739): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/oom_score_adj\x00', 0x102, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) io_uring_setup$auto(0xa, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp1\x00', 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/erspan0/queues/tx-0/xps_cpus\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0xb, 0xd, 0x2007d49, 0x9487, 0x4, 0x0, 0xffffffff, 0x3, 0x0, 0x3, 0x7, 0xfffffffffffffff7, 0x5, 0x2, 0x3]}, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) 3m9.946514673s ago: executing program 0 (id=2752): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/device\x00', 0x800, 0x0) pread64$auto(r0, 0x0, 0x100000000b, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) socket(0xa, 0x2, 0x3a) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) r3 = socketcall$auto(0xa, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x345, 0x400, 0x9}]}) 3m8.870212006s ago: executing program 0 (id=2747): sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce6"], 0xa8}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x404001, 0x0) mmap$auto(0x2, 0xa, 0x8, 0xeb1, 0xffffffffffffffff, 0x6) pipe$auto(0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/037/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240), 0xc694, 0x3, 0x80005, @stream_id=0x7, 0x2004b, 0xc, 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x0) io_uring_register$auto(0x2, 0x7, 0x0, 0x1) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) 3m8.166385741s ago: executing program 0 (id=2758): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) write$auto(r0, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), 0xffffffffffffffff) openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000080), 0x141541, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)={0x1c, r2, 0x27c9d9d5b13b6c03, 0x70bd25, 0x25dfdbfd, {}, [@HWSIM_ATTR_IFTYPE_SUPPORT={0x8, 0x17, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c884}, 0x64004890) 3m6.350722155s ago: executing program 0 (id=2768): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000dc0), r1) sendmsg$auto_IPVS_CMD_GET_DEST(r1, &(0x7f0000003a40)={0x0, 0x0, &(0x7f0000003a00)={&(0x7f0000000e80)={0x1c, r2, 0xc0dce8a66cb0a7ff, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x5, 0x2, 0x0, 0x1, [@generic="f1"]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040011}, 0x40010) getcwd$auto(0x0, 0xffffffffffffffff) unlinkat$auto(0xffffffffffffffff, 0x0, 0x200) mprotect$auto(0x0, 0x8000000000000001, 0x8) 3m5.041029471s ago: executing program 0 (id=2771): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) setresuid$auto(0x0, 0x0, 0x0) prctl$auto(0x1b, 0x6, 0x0, 0x0, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x8004) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x6, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000002]}, 0x0) 2m49.817686739s ago: executing program 33 (id=2771): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) setresuid$auto(0x0, 0x0, 0x0) prctl$auto(0x1b, 0x6, 0x0, 0x0, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x8004) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x6, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000002]}, 0x0) 1m45.703511237s ago: executing program 3 (id=2999): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x317, r0, 0x4, 0x1) ptrace$auto(0x10, r0, 0x1, 0x7ff) ptrace$auto(0xe, r0, 0x9, 0xfffffffffffff6de) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0xfffffffffffffffe, 0x40000000000a5, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000100)="8d8cfd72f1c71518ed22169e0b95f9ec78a50679ec2009e4e3018d19c40010000017fab27c8579476acec85237f8ee85a124f668e8bbf6de7eda4cce570cdc4ad25d470132") read$auto(0xffffffffffffffff, 0x0, 0x2800000009) write$auto(0x3, 0x0, 0xfdef) 1m43.941812799s ago: executing program 3 (id=3010): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) r1 = socket(0x2, 0x2, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) bind$auto(r1, 0x0, 0x6a) clone$auto(0x20003b46, 0x6, 0x0, 0x0, 0x5) mprotect$auto(0x0, 0x8000000000000001, 0x8) 1m42.55137427s ago: executing program 3 (id=3016): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) sysfs$auto(0x2, 0x2, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) shutdown$auto(0x200000003, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 1m41.362134068s ago: executing program 3 (id=3011): r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x6, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x5, 0x8000000000000006]}, 0x0) 1m37.611417532s ago: executing program 3 (id=3018): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) 1m35.926420995s ago: executing program 3 (id=3023): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r1 = epoll_create$auto(0x8800001) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_POOL_MODE_SET(r1, 0x0, 0x2044800) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40100, 0x0) write$auto(r2, &(0x7f0000000280)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) fcntl$auto_F_SETFL(0xffffffffffffffff, 0x4, 0xe) epoll_ctl$auto(r1, 0x1, r0, 0x0) 1m20.853077822s ago: executing program 34 (id=3023): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r1 = epoll_create$auto(0x8800001) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_POOL_MODE_SET(r1, 0x0, 0x2044800) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40100, 0x0) write$auto(r2, &(0x7f0000000280)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) fcntl$auto_F_SETFL(0xffffffffffffffff, 0x4, 0xe) epoll_ctl$auto(r1, 0x1, r0, 0x0) 1m6.009342036s ago: executing program 5 (id=3092): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) socket(0x15, 0x5, 0x0) prctl$auto(0x0, 0x2, 0x4, 0x5, 0x7) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x100000000000003, 0xebe, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105}) 1m3.273059429s ago: executing program 5 (id=3099): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) mmap$auto(0x0, 0x4, 0x1ff, 0x40eb1, 0x401, 0x300000000001) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4006b) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) sendmsg$auto_OVS_FLOW_CMD_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x10) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) 1m2.592660862s ago: executing program 5 (id=3101): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ptrace$auto(0x10, 0x0, 0x1, 0x7ff) ptrace$auto(0xc, 0x0, 0x9, 0xfffffffffffff6de) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) mbind$auto(0xf000, 0x8000000000000001, 0x100000000, 0x0, 0x6, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000040)="158f4a2b") r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) 1m1.894188433s ago: executing program 4 (id=3105): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r0 = socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x19, 0x0, 0x9, 0x0, 0x1f, 0x3}, 0x4}, 0x7, 0x20020004) write$auto(0x3, 0x0, 0x7fffffff) io_uring_setup$auto(0x5, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 1m0.736698699s ago: executing program 4 (id=3108): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) r0 = socket(0x23, 0x80805, 0x0) getsockopt$auto(r0, 0x40000000113, 0x1, 0xfffffffffffffffc, 0x0) socket(0x2, 0x2, 0x0) r1 = open(0x0, 0x40bc2, 0x1c0) write$auto(r1, &(0x7f0000000100)='\xea\x85\x92\x06(#\xc4\xb6(\x9e\xfcKG\xc2\xd4\xc0\v\x02\x9f%C\x00\x01\x00@!\xa9\xce\x10Y\xd0\xeb\xed\x7f\xc8\xdc(\xd3\xe9\xf3\xddT\x18\x16#\xfdQ5\xaeA\xc3\xeay\x7f\xa2TR|js\xfd\n\xa3\x98\xc8\x91\xdd\x9e\x99}s\xe0x\a\x00\x00\x00\x00\x00\x00\x00.\xa8\xc5\xdbKx\x14l\xe6\x868\xb3\xd2\x00\xea\xf9\xd1z\x8f\xd9\x877J\"\xab\xf9\xdf\xbf\xa1\xa1ms\xaf\xd9&R\x03\x00\xc0u \xc3\xc2\xd61\x97V\xcah\r\x97M\xdb\xf9\x06\x95Z\xdfK\xbeY#/\xf5g\n\x10#\x10@Ft\x9c\xd9\xd3s\x94\x8aV\xeb\xee`e9(\xe0\x88\x06\xa6-;ZM\x9b\xe1-', 0x9) semget$auto(0x3, 0x0, 0xfffffed4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) 1m0.646913596s ago: executing program 5 (id=3109): r0 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000000), 0x8200, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 1m0.359181835s ago: executing program 5 (id=3110): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) getxattrat$auto(r0, &(0x7f0000000000)='&&\x00', 0x47d, 0x0, 0x0, 0x1ff) r1 = gettid() process_vm_readv$auto(r1, 0x0, 0x3, 0x0, 0xbd, 0x101) mprotect$auto(0x0, 0x8000000000000001, 0x8) 59.529720466s ago: executing program 4 (id=3111): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) r1 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/kvm/max_mmu_rmap_size\x00', 0xa2500, 0x0) read$auto_stat_fops_per_vm_kvm_main(r1, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2a) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mtdblock0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r2, 0x8000) mprotect$auto(0x1000, 0x401000, 0x5) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r3, 0x1, 0x7ff) ptrace$auto(0x4, r3, 0x1, 0x4) 59.360001104s ago: executing program 5 (id=3113): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) r1 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(r1, 0x4048aec9, r2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 58.170791833s ago: executing program 4 (id=3118): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0xfffffffffffffffc, 0xfffffffffffffc00, 0x58235b0e, 0x40eb1, 0x401, 0x4004300000000002) write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x17) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) write$auto(0x3, 0x0, 0xffd8) mbind$auto(0x8000, 0xfa9d, 0x5, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) 56.423760241s ago: executing program 4 (id=3122): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) getxattrat$auto(r0, &(0x7f0000000000)='&&\x00', 0x47d, 0x0, 0x0, 0x1ff) r1 = gettid() process_vm_readv$auto(r1, 0x0, 0x3, 0x0, 0xbd, 0x101) mprotect$auto(0x0, 0x8000000000000001, 0x8) 55.580679051s ago: executing program 4 (id=3124): mmap$auto(0x0, 0x2020009, 0x6, 0xf8, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram8\x00', 0x16fa02, 0x0) sendfile$auto(0x3, r0, 0x0, 0x400000000006) writev$auto(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc4}, 0x9) 44.300610542s ago: executing program 35 (id=3113): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) r1 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(r1, 0x4048aec9, r2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 40.277382362s ago: executing program 36 (id=3124): mmap$auto(0x0, 0x2020009, 0x6, 0xf8, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram8\x00', 0x16fa02, 0x0) sendfile$auto(0x3, r0, 0x0, 0x400000000006) writev$auto(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc4}, 0x9) 8.221731245s ago: executing program 7 (id=3239): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) read$auto_proc_timers_operations_base(0xffffffffffffffff, &(0x7f0000000200)=""/8, 0x8) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x0, 0x2) io_uring_setup$auto(0xf00, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80402, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0xa, 0x801, 0x84) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0x200, 0xd7e, 0x1, 0x948b, 0x3, 0x95b45a07, 0x8000000000000003, 0xe05, 0x8000000000008001, 0x80000001, 0x7, 0x6d3f, 0x9, 0x800, 0x4]}, 0x0) 7.78248624s ago: executing program 8 (id=3241): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x69) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) r0 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x6, 0x0, 0x7, 0x1}, 0x3}, 0x4, 0x20000000) ioctl$auto_KVM_GET_MSR_FEATURE_INDEX_LIST(0xffffffffffffffff, 0xc004ae0a, 0x0) 7.711923307s ago: executing program 2 (id=3242): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, 0x0) write$auto(r0, 0x0, 0xfded) r2 = io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) recvmmsg$auto(0xffffffffffffffff, 0x0, 0xfffffff9, 0x10, 0x0) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002740), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x14, r3, 0x400, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL802154_CMD_STOP_BEACONS(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x104, r3, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NL802154_ATTR_LBT_MODE={0x5, 0x13, 0xfa}, @NL802154_ATTR_SEC_OUT_KEY_ID={0xcc, 0x2b, 0x0, 0x1, [@nested={0xbd, 0xe8, 0x0, 0x1, [@generic="448a7f359b79ec57ed9c315dd49b79f73f21bc7f0a9a9c95f3fe1ec0d814029df12631e2f01c21680a89a3af8725cb81c4407152b483473428b99234b637204c266e173c9bb940b1da545ebe8f3b11de365d62a815914aadf3807adae5de629ff8f530d69187308fd90d5734c681026e0b8b0e17bf823df18790236da47296c686142b40b8df0a7308a127109d5b90af834ba317df77f6067fd3b1086701dbfc6a6a08953520f706366cfecc6c5b80547e6f2d209d13f35ce3"]}, @typed={0x8, 0x8, 0x0, 0x0, @fd=r2}]}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x8}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x1}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x4}]}, 0x104}, 0x1, 0x0, 0x0, 0x2000c850}, 0x20000000) 7.026090459s ago: executing program 2 (id=3243): openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/037/001\x00', 0x4a901, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/veth0_to_bond/rp_filter\x00', 0x42a81, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r1 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) copy_file_range$auto(r1, 0x0, r1, 0x0, 0x2, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8300, 0x0) ioctl$auto_RTC_PIE_ON(r3, 0x7005, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001480)='/proc/sys/net/ipv6/conf/geneve0/disable_ipv6\x00', 0x40001, 0x0) sendfile$auto(r0, r2, 0x0, 0x1000200) 6.938147973s ago: executing program 8 (id=3244): r0 = socketcall$auto(0xa, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) writev$auto(r1, &(0x7f0000000200)={&(0x7f0000000100)="aa7cffb1f636f68918bac2569a970f7b359db4e11cb1f79e1565bbef73efacbe1283bda34af6a0a3653beb77b40377a6ad2051b9cc937e49cb93c2efa75bdb25893d90bcec4e2ad5f3e6c203c0bd199736c21b56dcff3fcc8b28ac493100b9ca9d2dbf3e8d1bdc3118f2c5e55f9f298bdb63f36d1e128b44ceb347e7927f421e7055b7d8379d41b278ce06b35a545e9b65ec2203cb70a05e59df9d717117b4ff80be56fd5186d75ce5c09232a820e04d8111ebe7b71a13f6219b36e472de56e7731ca70b58218dd0abeb737c13c8408da1ef6bcb6409", 0x80000000}, 0x100) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r3 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f00000000c0), 0x109002, 0x0) pread64$auto(r3, 0x0, 0x6, 0x400000008) read$auto_fake_panic_fops_(r1, &(0x7f0000000040)=""/162, 0xa2) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r0) close_range$auto(0x2, r2, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x14, 0x401, 0x300000000000) 6.68062658s ago: executing program 2 (id=3246): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/kcore\x00', 0x28000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0) socket(0x10, 0x2, 0x4) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop0\x00', 0xe0801, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) move_pages$auto(0x0, 0x1001, 0x0, 0x0, 0x0, 0x0) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r1, 0x5393, r0) 6.529735949s ago: executing program 7 (id=3247): madvise$auto(0x110c230000, 0x8031ca, 0x9) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x8100000041, 0x413e) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) syz_clone3(0x0, 0x0) r0 = open(0x0, 0x22240, 0x154) fcntl$auto(r0, 0x400, 0x1) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x3) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) 6.331832294s ago: executing program 6 (id=3248): openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x303, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x0) socket(0x2, 0x1, 0x84) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) listen$auto(0x3, 0x0) shutdown$auto(0x200000003, 0x2) ioctl$auto(r0, 0xc008af12, r0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101000, 0x0) 5.684755287s ago: executing program 8 (id=3249): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) userfaultfd$auto(0x816) mlockall$auto(0x7) mprotect$auto(0x0, 0x8000000000000001, 0x6) clone3$auto(0x0, 0x40) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0xffc, 0x100000004, 0x100000002, 0x0, 0x7ff, 0x5) setuid$auto(0xe) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa3) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) 5.355505961s ago: executing program 6 (id=3250): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x443001f86cb35905, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socketpair$auto(0x1e, 0x5, 0xfffffffe, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) mlockall$auto(0x7) ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 5.257820554s ago: executing program 2 (id=3251): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/tty/ttyv7/power/control\x00', 0x22902, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socketcall$auto(0x5, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000640)={0x1c8, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_MBSSID_CONFIG={0x30, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0xd9}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x81}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x2}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x10}, @NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0x2}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}]}, @NL80211_ATTR_FTM_RESPONDER={0x104, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x22, 0x2, "13204416004ecbe33de74e58c0355a0ad24af8b192232f8a2936957c6444"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x12, 0x3, "ed1fec72c3e8b3466bb68bac1fba"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xc1, 0x3, "4d71a1575e88eaad076e48a471c5abd3569b2d36a6773cf82ac2e9da93f48455e9a4f59e8b2d8aeb82380c2f79c3ebe5af699269b1c6510bb874618b43781b6314e8bc82c13c5cd3a296e0d05658a5b5e2a44176993f5fec61a76af616d8c2de4e8042bfc7abb702539a4028452846acf6db6689b7b5ae45f4ed2b6e919d3463963d6e7bbd8a9dd1425ab0132bb8777ea24632b7744360afca0123a36aa3a245e0e2808b0293162f52e66857f0a872b072ee856f6e04a0891bffcd1b10"}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x1000}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x78, 0x6e, 0x0, 0x1, [@generic="b20565e2b8448c70de31f1d6853d41eff9ea9cd3b42ef9121f6b95ebb0d04c86f6ea2d27069432eb96fc32b98aaca19e1f749d255dfee8e83cf9209423bb80042426e0b2cea5d63714b9732491c328f825af7ba0238b49ee572b98a1b02101e2f2302550e73f9c58f3b6c8d7c5f9014b", @nested={0x4, 0x67}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x8000}, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4400ae8f, &(0x7f0000000600)={0xdd, 0x0, [{0x1, 0xe2f, 0x4}, {0xe, 0x5, 0x80000001}]}) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) 4.757634821s ago: executing program 2 (id=3252): pidfd_open$auto(0x1, 0x0) unshare$auto(0x40000080) chdir$auto(0x0) socket(0xa, 0x1, 0x100) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) mmap$auto(0x1000000000, 0x10000040000b, 0x1000000000000df, 0x4000009b73, r1, 0x8003) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x60800, 0x0) ioctl$auto(r2, 0x901064ac, 0x5) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1fb, 0x7, 0xfffffffffffffffb, 0xc40, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x2, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) 4.448172945s ago: executing program 7 (id=3253): mmap$auto(0x0, 0x2020009, 0x3, 0xeb5, 0xffffffffffffffff, 0x8000) socket(0x1e, 0x1, 0x84) io_uring_setup$auto(0x4, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000040), 0xffffffffffffffff) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x12, r1, 0x8300000000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) write$auto(r0, 0x0, 0x6) 4.137432666s ago: executing program 8 (id=3254): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x1, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_max_cpu\x00', 0xa001, 0x0) socket(0x2, 0x1, 0x106) landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ram12\x00', 0x14fa02, 0x0) io_uring_setup$auto(0x7, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x2040, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000300)='/dev/v4l-subdev5\x00', 0x0, 0x0) ioctl$auto(r2, 0xc040563d, r1) 3.765267306s ago: executing program 7 (id=3255): read$auto(0xffffffffffffffff, 0x0, 0x4) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x40100, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x42000, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x109301, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) write$auto(r1, 0x0, 0x9) 2.828842932s ago: executing program 2 (id=3256): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x272981, 0x0) r1 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x40002, 0x0) getsockopt$auto_SO_RXQ_OVFL(r0, 0x60000, 0x28, &(0x7f0000000080)='/dev/snd/midiC2D0\x00', &(0x7f0000000140)=0x79) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000) sendfile$auto(r1, r1, 0x0, 0x788b) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, 0xffffffffffffffff) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(r3, 0x0, 0x800000006) ioctl$auto_SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000180)="dd06d1574c0a1719baadf81f683297e8af14b4dad2728892c747c5e01a1b7165a54b36471475e5b56eef9a6bd918ceb4aef4e8bcdd0f2bd3802806ade24a889ac8e25b") 2.825060685s ago: executing program 8 (id=3264): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(r0, 0x0, 0xfff, 0x20000000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r2 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/numa_maps\x00', 0x40080, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0) write$auto(r3, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1000000007e) setsockopt$auto_SO_ERROR(r3, 0x7ff, 0x4, 0x0, 0x7f) mremap$auto(0x200001000000, 0x4, 0x4, 0x3, 0x100000000) lseek$auto(r2, 0x7ff, 0x1) 2.663305551s ago: executing program 6 (id=3257): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) statx$auto(r2, 0x0, 0x401006, 0x4015, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={0x0, 0x1590}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 379.137987ms ago: executing program 8 (id=3258): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x1cb602, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x3, 0x5) lseek$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000080df, 0xeb1, 0x6, 0x8000) writev$auto(0xffffffffffffffff, 0x0, 0x3) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/0000:00:02.0/Virtual-2/edid_override\x00', 0x228c41, 0x0) write$auto(0x3, 0x0, 0xfdef) munmap$auto(0x8000, 0xffffffff) 376.699292ms ago: executing program 6 (id=3259): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) setsockopt$auto(r0, 0x104000000000010e, 0xb, 0x0, 0x400) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 376.316031ms ago: executing program 7 (id=3267): close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/quirks\x00', 0x9c0302, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) r1 = socketcall$auto(0xa, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r2) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) 181.243643ms ago: executing program 6 (id=3260): close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) socket(0x2, 0x3, 0x100) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb0\x00', 0x40800, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bus/usb/002/001\x00', 0x40101, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000000c0)={0xa1, 0x9, 0x200, 0x4, 0xfff8, 0xfffffffe, 0x0}) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/dummy_udc.3/driver_override\x00', 0xe2685, 0x0) writev$auto(r1, &(0x7f0000000080)={&(0x7f0000000340)='\n', 0x6}, 0x1) 59.852275ms ago: executing program 6 (id=3261): mmap$auto(0x0, 0x9d90, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket(0x15, 0x5, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cmdline\x00', 0x60082, 0x0) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r0) 0s ago: executing program 7 (id=3262): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x20020000) write$auto(0x3, 0x0, 0x7fffffff) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, 0x0, 0x400c1) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0x100000000) socket(0x2, 0x1, 0x106) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0xa901, 0x0) kernel console output (not intermixed with test programs): 232d6f R08: 0000000000000000 R09: 0000000000000000 [ 501.280065][T12926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 501.280081][T12926] R13: 00007fc3bb416038 R14: 00007fc3bb415fa0 R15: 00007ffcd0fe7e18 [ 501.280120][T12926] [ 501.632440][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.641192][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.401353][T12945] netlink: 202 bytes leftover after parsing attributes in process `syz.0.2226'. [ 503.484353][T12960] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2231'. [ 503.515257][T12960] veth1_macvtap: left promiscuous mode [ 503.533880][T12960] macsec0: entered promiscuous mode [ 503.550558][T12960] macsec0: entered allmulticast mode [ 504.363533][T12980] FAULT_INJECTION: forcing a failure. [ 504.363533][T12980] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 504.377750][T12980] CPU: 1 UID: 0 PID: 12980 Comm: syz.0.2238 Tainted: G L syzkaller #0 PREEMPT(full) [ 504.377797][T12980] Tainted: [L]=SOFTLOCKUP [ 504.377807][T12980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 504.377823][T12980] Call Trace: [ 504.377832][T12980] [ 504.377843][T12980] dump_stack_lvl+0x100/0x190 [ 504.377880][T12980] should_fail_ex.cold+0x5/0xa [ 504.377917][T12980] copy_folio_from_iter_atomic+0x5c8/0x2000 [ 504.378049][T12980] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 504.378085][T12980] ? shmem_write_begin+0x1ba/0x420 [ 504.378117][T12980] ? __pfx_shmem_write_begin+0x10/0x10 [ 504.378149][T12980] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 504.378195][T12980] generic_perform_write+0x4cb/0xa40 [ 504.378248][T12980] ? __pfx_generic_perform_write+0x10/0x10 [ 504.378297][T12980] ? file_update_time_flags+0x373/0x500 [ 504.378344][T12980] shmem_file_write_iter+0x10e/0x140 [ 504.378382][T12980] vfs_write+0x6ac/0x1070 [ 504.378429][T12980] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 504.378471][T12980] ? __pfx_vfs_write+0x10/0x10 [ 504.378525][T12980] ksys_write+0x12a/0x250 [ 504.378556][T12980] ? __pfx_ksys_write+0x10/0x10 [ 504.378592][T12980] ? rcu_is_watching+0x12/0xc0 [ 504.378631][T12980] do_syscall_64+0x10b/0xf80 [ 504.378674][T12980] ? clear_bhb_loop+0x40/0x90 [ 504.378710][T12980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.378741][T12980] RIP: 0033:0x7fc3bb19ce59 [ 504.378766][T12980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 504.378793][T12980] RSP: 002b:00007fc3bc025028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 504.378821][T12980] RAX: ffffffffffffffda RBX: 00007fc3bb415fa0 RCX: 00007fc3bb19ce59 [ 504.378840][T12980] RDX: 00000000fffffdf1 RSI: 0000000000000000 RDI: 0000000000000006 [ 504.378857][T12980] RBP: 00007fc3bb232d6f R08: 0000000000000000 R09: 0000000000000000 [ 504.378874][T12980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 504.378890][T12980] R13: 00007fc3bb416038 R14: 00007fc3bb415fa0 R15: 00007ffcd0fe7e18 [ 504.378925][T12980] [ 505.133329][T12992] random: crng reseeded on system resumption [ 505.774679][T13011] vcan0: tx drop: invalid da for name 0x000000000000003f [ 506.019262][T13016] FAULT_INJECTION: forcing a failure. [ 506.019262][T13016] name failslab, interval 1, probability 0, space 0, times 0 [ 506.089799][T13016] CPU: 1 UID: 0 PID: 13016 Comm: syz.0.2246 Tainted: G L syzkaller #0 PREEMPT(full) [ 506.089846][T13016] Tainted: [L]=SOFTLOCKUP [ 506.089856][T13016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 506.089871][T13016] Call Trace: [ 506.089880][T13016] [ 506.089890][T13016] dump_stack_lvl+0x100/0x190 [ 506.089929][T13016] should_fail_ex.cold+0x5/0xa [ 506.089965][T13016] should_failslab+0xc2/0x120 [ 506.089996][T13016] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 506.090041][T13016] ? do_epoll_ctl+0x2434/0x36a0 [ 506.090095][T13016] do_epoll_ctl+0x2434/0x36a0 [ 506.090147][T13016] ? __pfx_do_epoll_ctl+0x10/0x10 [ 506.090182][T13016] ? find_held_lock+0x2b/0x80 [ 506.090217][T13016] ? __might_fault+0xc5/0x140 [ 506.090256][T13016] ? __might_fault+0xc5/0x140 [ 506.090314][T13016] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 506.090349][T13016] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 506.090387][T13016] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 506.090428][T13016] ? rcu_is_watching+0x12/0xc0 [ 506.090465][T13016] do_syscall_64+0x10b/0xf80 [ 506.090504][T13016] ? clear_bhb_loop+0x40/0x90 [ 506.090535][T13016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.090562][T13016] RIP: 0033:0x7fc3bb19ce59 [ 506.090584][T13016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 506.090610][T13016] RSP: 002b:00007fc3bc004028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 506.090637][T13016] RAX: ffffffffffffffda RBX: 00007fc3bb416090 RCX: 00007fc3bb19ce59 [ 506.090656][T13016] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 506.090671][T13016] RBP: 00007fc3bb232d6f R08: 0000000000000000 R09: 0000000000000000 [ 506.090687][T13016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 506.090703][T13016] R13: 00007fc3bb416128 R14: 00007fc3bb416090 R15: 00007ffcd0fe7e18 [ 506.090737][T13016] [ 506.886330][T13022] random: crng reseeded on system resumption [ 508.975926][T13061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2261'. [ 509.790607][T13073] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2265'. [ 510.119340][T13082] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 511.132856][ T5634] Bluetooth: hci2: Malformed Event: 0x02 [ 511.341406][T13110] netlink: 'syz.0.2277': attribute type 1 has an invalid length. [ 511.351424][T13110] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2277'. [ 511.366819][T13110] netlink: 'syz.0.2277': attribute type 1 has an invalid length. [ 511.704159][T13125] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2282'. [ 512.658298][T13140] WARNING! power/level is deprecated; use power/control instead [ 512.977312][T13152] netlink: 'syz.2.2291': attribute type 10 has an invalid length. [ 513.000135][T13152] netlink: 'syz.2.2291': attribute type 13 has an invalid length. [ 513.671436][T13173] netlink: 'syz.1.2299': attribute type 10 has an invalid length. [ 513.687916][T13173] netlink: 230 bytes leftover after parsing attributes in process `syz.1.2299'. [ 513.940316][T13179] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input11 [ 513.984707][T13182] netlink: 'syz.3.2301': attribute type 28 has an invalid length. [ 514.007907][T13182] netlink: 'syz.3.2301': attribute type 3 has an invalid length. [ 514.028608][T13182] netlink: 306 bytes leftover after parsing attributes in process `syz.3.2301'. [ 514.384899][T13193] FAULT_INJECTION: forcing a failure. [ 514.384899][T13193] name failslab, interval 1, probability 0, space 0, times 0 [ 514.413777][T13193] CPU: 1 UID: 0 PID: 13193 Comm: syz.0.2306 Tainted: G L syzkaller #0 PREEMPT(full) [ 514.413829][T13193] Tainted: [L]=SOFTLOCKUP [ 514.413839][T13193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 514.413857][T13193] Call Trace: [ 514.413867][T13193] [ 514.413878][T13193] dump_stack_lvl+0x100/0x190 [ 514.413918][T13193] should_fail_ex.cold+0x5/0xa [ 514.413955][T13193] ? ring_buffer_read_start+0x1b9/0x450 [ 514.413999][T13193] should_failslab+0xc2/0x120 [ 514.414034][T13193] __kmalloc_noprof+0xe0/0x850 [ 514.414070][T13193] ring_buffer_read_start+0x1b9/0x450 [ 514.414111][T13193] ? __pfx_ring_buffer_read_start+0x10/0x10 [ 514.414149][T13193] ? lockdep_init_map_type+0x5c/0x250 [ 514.414182][T13193] ? ring_buffer_overruns+0x14e/0x1a0 [ 514.414218][T13193] __tracing_open+0x74e/0xa80 [ 514.414256][T13193] tracing_open+0x26b/0x4d0 [ 514.414291][T13193] do_dentry_open+0x6d8/0x1660 [ 514.414326][T13193] ? __pfx_tracing_open+0x10/0x10 [ 514.414368][T13193] vfs_open+0x82/0x3f0 [ 514.414415][T13193] path_openat+0x208c/0x31a0 [ 514.414464][T13193] ? __pfx_path_openat+0x10/0x10 [ 514.414511][T13193] do_file_open+0x20e/0x430 [ 514.414564][T13193] ? __pfx_do_file_open+0x10/0x10 [ 514.414628][T13193] ? alloc_fd+0x476/0x790 [ 514.414669][T13193] ? do_getname+0x191/0x390 [ 514.414715][T13193] do_sys_openat2+0x10d/0x1e0 [ 514.414758][T13193] ? __pfx_do_sys_openat2+0x10/0x10 [ 514.414802][T13193] ? __fget_files+0x21f/0x3d0 [ 514.414843][T13193] __x64_sys_openat+0x12d/0x210 [ 514.414888][T13193] ? __pfx___x64_sys_openat+0x10/0x10 [ 514.414938][T13193] ? rcu_is_watching+0x12/0xc0 [ 514.414985][T13193] do_syscall_64+0x10b/0xf80 [ 514.415031][T13193] ? clear_bhb_loop+0x40/0x90 [ 514.415067][T13193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 514.415096][T13193] RIP: 0033:0x7fc3bb19ce59 [ 514.415121][T13193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 514.415149][T13193] RSP: 002b:00007fc3bc025028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 514.415179][T13193] RAX: ffffffffffffffda RBX: 00007fc3bb415fa0 RCX: 00007fc3bb19ce59 [ 514.415199][T13193] RDX: 1a6b75d638828712 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 514.415218][T13193] RBP: 00007fc3bb232d6f R08: 0000000000000000 R09: 0000000000000000 [ 514.415236][T13193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 514.415252][T13193] R13: 00007fc3bb416038 R14: 00007fc3bb415fa0 R15: 00007ffcd0fe7e18 [ 514.415291][T13193] [ 517.051739][T13244] netlink: 9 bytes leftover after parsing attributes in process `syz.0.2324'. [ 517.084925][T13244] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2324'. [ 517.584211][T13257] FAULT_INJECTION: forcing a failure. [ 517.584211][T13257] name failslab, interval 1, probability 0, space 0, times 0 [ 517.612317][T13257] CPU: 0 UID: 0 PID: 13257 Comm: syz.2.2328 Tainted: G L syzkaller #0 PREEMPT(full) [ 517.612368][T13257] Tainted: [L]=SOFTLOCKUP [ 517.612379][T13257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 517.612397][T13257] Call Trace: [ 517.612406][T13257] [ 517.612418][T13257] dump_stack_lvl+0x100/0x190 [ 517.612458][T13257] should_fail_ex.cold+0x5/0xa [ 517.612495][T13257] ? __netlink_kernel_create+0x181/0x750 [ 517.612634][T13257] should_failslab+0xc2/0x120 [ 517.612669][T13257] __kmalloc_noprof+0xe0/0x850 [ 517.612703][T13257] __netlink_kernel_create+0x181/0x750 [ 517.612750][T13257] ? __pfx___netlink_kernel_create+0x10/0x10 [ 517.612801][T13257] ? __pfx_genl_pernet_init+0x10/0x10 [ 517.612856][T13257] genl_pernet_init+0xbd/0x160 [ 517.612884][T13257] ? __pfx_genl_pernet_init+0x10/0x10 [ 517.612910][T13257] ? lockdep_init_map_type+0x5c/0x250 [ 517.612938][T13257] ? __pfx_genl_rcv+0x10/0x10 [ 517.612959][T13257] ? __pfx_genl_bind+0x10/0x10 [ 517.612996][T13257] ? __pfx_genl_unbind+0x10/0x10 [ 517.613032][T13257] ? __pfx_genl_release+0x10/0x10 [ 517.613057][T13257] ? mutex_init_lockdep+0xf1/0x120 [ 517.613089][T13257] ops_init+0x1e2/0x5f0 [ 517.613129][T13257] setup_net+0x118/0x3a0 [ 517.613165][T13257] ? __pfx_setup_net+0x10/0x10 [ 517.613210][T13257] ? mutex_init_lockdep+0xf1/0x120 [ 517.613247][T13257] copy_net_ns+0x46f/0x7c0 [ 517.613290][T13257] create_new_namespaces+0x3ea/0xac0 [ 517.613336][T13257] unshare_nsproxy_namespaces+0xf2/0x220 [ 517.613377][T13257] ksys_unshare+0x438/0xab0 [ 517.613421][T13257] ? __pfx_ksys_unshare+0x10/0x10 [ 517.613462][T13257] ? xfd_validate_state+0x129/0x190 [ 517.613491][T13257] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 517.613532][T13257] __x64_sys_unshare+0x31/0x40 [ 517.613573][T13257] do_syscall_64+0x10b/0xf80 [ 517.613617][T13257] ? clear_bhb_loop+0x40/0x90 [ 517.613652][T13257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 517.613681][T13257] RIP: 0033:0x7ff668d9ce59 [ 517.613705][T13257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 517.613732][T13257] RSP: 002b:00007ff669d39028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 517.613759][T13257] RAX: ffffffffffffffda RBX: 00007ff669015fa0 RCX: 00007ff668d9ce59 [ 517.613778][T13257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 517.613796][T13257] RBP: 00007ff668e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 517.613813][T13257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 517.613829][T13257] R13: 00007ff669016038 R14: 00007ff669015fa0 R15: 00007fff6836d8a8 [ 517.613867][T13257] [ 518.313689][T13250] Process accounting resumed [ 518.507112][T13276] FAULT_INJECTION: forcing a failure. [ 518.507112][T13276] name failslab, interval 1, probability 0, space 0, times 0 [ 518.552506][T13276] CPU: 0 UID: 0 PID: 13276 Comm: syz.1.2335 Tainted: G L syzkaller #0 PREEMPT(full) [ 518.552555][T13276] Tainted: [L]=SOFTLOCKUP [ 518.552564][T13276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 518.552579][T13276] Call Trace: [ 518.552596][T13276] [ 518.552606][T13276] dump_stack_lvl+0x100/0x190 [ 518.552645][T13276] should_fail_ex.cold+0x5/0xa [ 518.552683][T13276] should_failslab+0xc2/0x120 [ 518.552718][T13276] __kmalloc_cache_noprof+0x7a/0x6f0 [ 518.552759][T13276] ? drm_atomic_state_alloc+0xb8/0x120 [ 518.552904][T13276] drm_atomic_state_alloc+0xb8/0x120 [ 518.552951][T13276] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 518.552985][T13276] ? rcu_is_watching+0x12/0xc0 [ 518.553020][T13276] ? trace_contention_end+0x122/0x170 [ 518.553054][T13276] ? __mutex_lock+0x26d/0x1b10 [ 518.553086][T13276] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 518.553119][T13276] ? drm_master_internal_acquire+0x21/0x80 [ 518.553231][T13276] drm_client_modeset_commit_locked+0x14d/0x580 [ 518.553267][T13276] drm_client_modeset_commit+0x4f/0x80 [ 518.553298][T13276] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 518.553414][T13276] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 518.553466][T13276] drm_fbdev_client_restore+0x1b/0x30 [ 518.553533][T13276] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 518.553569][T13276] drm_client_dev_restore+0x205/0x2a0 [ 518.553613][T13276] drm_release+0x2c6/0x360 [ 518.553713][T13276] ? __pfx_drm_release+0x10/0x10 [ 518.553757][T13276] __fput+0x3ff/0xb50 [ 518.553807][T13276] task_work_run+0x150/0x240 [ 518.553841][T13276] ? __pfx_task_work_run+0x10/0x10 [ 518.553870][T13276] ? rcu_is_watching+0x12/0xc0 [ 518.553908][T13276] exit_to_user_mode_loop+0x107/0x4f0 [ 518.553935][T13276] ? rcu_is_watching+0x12/0xc0 [ 518.553968][T13276] do_syscall_64+0x6f2/0xf80 [ 518.554009][T13276] ? clear_bhb_loop+0x40/0x90 [ 518.554043][T13276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 518.554069][T13276] RIP: 0033:0x7ff65a39ce59 [ 518.554091][T13276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 518.554118][T13276] RSP: 002b:00007ff65b19c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 518.554144][T13276] RAX: 0000000000000000 RBX: 00007ff65a615fa0 RCX: 00007ff65a39ce59 [ 518.554179][T13276] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 518.554196][T13276] RBP: 00007ff65a432d6f R08: 0000000000000000 R09: 0000000000000000 [ 518.554213][T13276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 518.554229][T13276] R13: 00007ff65a616038 R14: 00007ff65a615fa0 R15: 00007ffd744ce7b8 [ 518.554268][T13276] [ 519.437251][ T5634] block nbd0: Receive control failed (result -32) [ 520.440231][T13314] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2346'. syzkaller syzkaller login[ 520.482276][T13314] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2346'. : [ 521.225426][T13336] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2353'. [ 522.234730][T13356] FAULT_INJECTION: forcing a failure. [ 522.234730][T13356] name failslab, interval 1, probability 0, space 0, times 0 [ 522.241599][T13355] MTRR 2 not used [ 522.326366][T13356] CPU: 1 UID: 0 PID: 13356 Comm: syz.3.2358 Tainted: G L syzkaller #0 PREEMPT(full) [ 522.326413][T13356] Tainted: [L]=SOFTLOCKUP [ 522.326423][T13356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 522.326439][T13356] Call Trace: [ 522.326451][T13356] [ 522.326461][T13356] dump_stack_lvl+0x100/0x190 [ 522.326498][T13356] should_fail_ex.cold+0x5/0xa [ 522.326533][T13356] should_failslab+0xc2/0x120 [ 522.326569][T13356] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 522.326612][T13356] ? anon_vma_clone+0x2ba/0xcd0 [ 522.326653][T13356] anon_vma_clone+0x2ba/0xcd0 [ 522.326699][T13356] __split_vma+0x51f/0xd90 [ 522.326752][T13356] ? __pfx___split_vma+0x10/0x10 [ 522.326815][T13356] vma_modify+0x12ad/0x25c0 [ 522.326872][T13356] ? __pfx_vma_modify+0x10/0x10 [ 522.326936][T13356] vma_modify_policy+0x238/0x300 [ 522.326982][T13356] ? __pfx_vma_modify_policy+0x10/0x10 [ 522.327026][T13356] ? find_held_lock+0x2b/0x80 [ 522.327091][T13356] mbind_range+0x175/0x550 [ 522.327135][T13356] do_mbind+0x7dc/0xfd0 [ 522.327184][T13356] ? __pfx_do_mbind+0x10/0x10 [ 522.327223][T13356] ? ksys_write+0x190/0x250 [ 522.327272][T13356] ? __pfx_get_nodes+0x10/0x10 [ 522.327311][T13356] kernel_mbind+0x1b7/0x200 [ 522.327352][T13356] ? __pfx_kernel_mbind+0x10/0x10 [ 522.327395][T13356] ? rcu_is_watching+0x12/0xc0 [ 522.327434][T13356] do_syscall_64+0x10b/0xf80 [ 522.327478][T13356] ? clear_bhb_loop+0x40/0x90 [ 522.327514][T13356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.327544][T13356] RIP: 0033:0x7fbf1699ce59 [ 522.327567][T13356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 522.327594][T13356] RSP: 002b:00007fbf14bb4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 522.327621][T13356] RAX: ffffffffffffffda RBX: 00007fbf16c16180 RCX: 00007fbf1699ce59 [ 522.327641][T13356] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 522.327658][T13356] RBP: 00007fbf16a32d6f R08: 0000000000000006 R09: 0000000000000002 [ 522.327676][T13356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 522.327694][T13356] R13: 00007fbf16c16218 R14: 00007fbf16c16180 R15: 00007ffef95361b8 [ 522.327733][T13356] [ 523.387718][T13377] FAULT_INJECTION: forcing a failure. [ 523.387718][T13377] name failslab, interval 1, probability 0, space 0, times 0 [ 523.413873][T13377] CPU: 0 UID: 0 PID: 13377 Comm: syz.1.2366 Tainted: G L syzkaller #0 PREEMPT(full) [ 523.413921][T13377] Tainted: [L]=SOFTLOCKUP [ 523.413932][T13377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 523.413950][T13377] Call Trace: [ 523.413959][T13377] [ 523.413970][T13377] dump_stack_lvl+0x100/0x190 [ 523.414009][T13377] should_fail_ex.cold+0x5/0xa [ 523.414048][T13377] should_failslab+0xc2/0x120 [ 523.414083][T13377] __kmalloc_cache_noprof+0x7a/0x6f0 [ 523.414125][T13377] ? trace_pid_list_alloc+0x2fe/0x480 [ 523.414172][T13377] trace_pid_list_alloc+0x2fe/0x480 [ 523.414216][T13377] trace_pid_write+0x110/0x460 [ 523.414258][T13377] ? __pfx_trace_pid_write+0x10/0x10 [ 523.414320][T13377] event_pid_write.isra.0+0x1e4/0x7d0 [ 523.414366][T13377] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 523.414421][T13377] vfs_write+0x2aa/0x1070 [ 523.414455][T13377] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 523.414501][T13377] ? __pfx_vfs_write+0x10/0x10 [ 523.414533][T13377] ? __fget_files+0x215/0x3d0 [ 523.414575][T13377] ? __fget_files+0x21f/0x3d0 [ 523.414619][T13377] ksys_write+0x12a/0x250 [ 523.414660][T13377] ? __pfx_ksys_write+0x10/0x10 [ 523.414698][T13377] ? rcu_is_watching+0x12/0xc0 [ 523.414740][T13377] do_syscall_64+0x10b/0xf80 [ 523.414782][T13377] ? clear_bhb_loop+0x40/0x90 [ 523.414817][T13377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.414847][T13377] RIP: 0033:0x7ff65a39ce59 [ 523.414871][T13377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 523.414899][T13377] RSP: 002b:00007ff65b19c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 523.414926][T13377] RAX: ffffffffffffffda RBX: 00007ff65a615fa0 RCX: 00007ff65a39ce59 [ 523.414945][T13377] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 523.414962][T13377] RBP: 00007ff65a432d6f R08: 0000000000000000 R09: 0000000000000000 [ 523.414980][T13377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 523.414998][T13377] R13: 00007ff65a616038 R14: 00007ff65a615fa0 R15: 00007ffd744ce7b8 [ 523.415037][T13377] [ 526.394098][T13438] FAULT_INJECTION: forcing a failure. [ 526.394098][T13438] name failslab, interval 1, probability 0, space 0, times 0 [ 526.472228][T13438] CPU: 1 UID: 0 PID: 13438 Comm: syz.0.2382 Tainted: G L syzkaller #0 PREEMPT(full) [ 526.472275][T13438] Tainted: [L]=SOFTLOCKUP [ 526.472285][T13438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 526.472302][T13438] Call Trace: [ 526.472311][T13438] [ 526.472322][T13438] dump_stack_lvl+0x100/0x190 [ 526.472365][T13438] should_fail_ex.cold+0x5/0xa [ 526.472403][T13438] should_failslab+0xc2/0x120 [ 526.472438][T13438] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 526.472482][T13438] ? __d_alloc+0x34/0xa40 [ 526.472520][T13438] ? __pfx_stack_trace_save+0x10/0x10 [ 526.472568][T13438] __d_alloc+0x34/0xa40 [ 526.472610][T13438] d_alloc_parallel+0x111/0x14e0 [ 526.472650][T13438] ? find_held_lock+0x2b/0x80 [ 526.472685][T13438] ? __d_lookup+0x25c/0x4a0 [ 526.472713][T13438] ? __pfx_d_alloc_parallel+0x10/0x10 [ 526.472748][T13438] ? __d_lookup+0x266/0x4a0 [ 526.472785][T13438] lookup_open.isra.0+0x57c/0x11b0 [ 526.472824][T13438] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 526.472861][T13438] ? __pfx___might_resched+0x10/0x10 [ 526.472893][T13438] ? mnt_get_write_access+0x52/0x2f0 [ 526.472944][T13438] ? __pfx_down_write+0x10/0x10 [ 526.472973][T13438] ? mnt_get_write_access+0x1e9/0x2f0 [ 526.473023][T13438] path_openat+0x2291/0x31a0 [ 526.473065][T13438] ? entry_SYSCALL_64_after_hwframe+0x48/0x7f [ 526.473099][T13438] ? __pfx_path_openat+0x10/0x10 [ 526.473148][T13438] do_file_open+0x20e/0x430 [ 526.473187][T13438] ? __pfx_do_file_open+0x10/0x10 [ 526.473249][T13438] ? _raw_spin_unlock+0x28/0x50 [ 526.473286][T13438] ? alloc_fd+0x476/0x790 [ 526.473327][T13438] do_sys_openat2+0x10d/0x1e0 [ 526.473376][T13438] ? __pfx_do_sys_openat2+0x10/0x10 [ 526.473447][T13438] __x64_sys_open+0xfe/0x1d0 [ 526.473487][T13438] ? __pfx___x64_sys_open+0x10/0x10 [ 526.473524][T13438] ? ksys_write+0x1ac/0x250 [ 526.473561][T13438] ? rcu_is_watching+0x12/0xc0 [ 526.473601][T13438] do_syscall_64+0x10b/0xf80 [ 526.473643][T13438] ? clear_bhb_loop+0x40/0x90 [ 526.473678][T13438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.473707][T13438] RIP: 0033:0x7fc3bb19ce59 [ 526.473731][T13438] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 526.473758][T13438] RSP: 002b:00007fc3bc025028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 526.473786][T13438] RAX: ffffffffffffffda RBX: 00007fc3bb415fa0 RCX: 00007fc3bb19ce59 [ 526.473806][T13438] RDX: 0000000000000000 RSI: 0000000000149443 RDI: 0000200000000040 [ 526.473822][T13438] RBP: 00007fc3bb232d6f R08: 0000000000000000 R09: 0000000000000000 [ 526.473840][T13438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 526.473855][T13438] R13: 00007fc3bb416038 R14: 00007fc3bb415fa0 R15: 00007ffcd0fe7e18 [ 526.473894][T13438] [ 527.225709][T13445] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2384'. [ 527.643147][T13449] usb usb37: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 527.669674][T13449] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 528.082528][T13467] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2391'. [ 529.123579][T13488] FAULT_INJECTION: forcing a failure. [ 529.123579][T13488] name failslab, interval 1, probability 0, space 0, times 0 [ 529.151720][T13488] CPU: 1 UID: 0 PID: 13488 Comm: syz.3.2398 Tainted: G L syzkaller #0 PREEMPT(full) [ 529.151766][T13488] Tainted: [L]=SOFTLOCKUP [ 529.151777][T13488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 529.151794][T13488] Call Trace: [ 529.151803][T13488] [ 529.151814][T13488] dump_stack_lvl+0x100/0x190 [ 529.151853][T13488] should_fail_ex.cold+0x5/0xa [ 529.151890][T13488] ? drm_atomic_state_init+0xf4/0x490 [ 529.151932][T13488] should_failslab+0xc2/0x120 [ 529.151967][T13488] __kmalloc_noprof+0xe0/0x850 [ 529.152003][T13488] drm_atomic_state_init+0xf4/0x490 [ 529.152044][T13488] ? kasan_save_track+0x14/0x30 [ 529.152077][T13488] drm_atomic_state_alloc+0xd3/0x120 [ 529.152128][T13488] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 529.152160][T13488] ? rcu_is_watching+0x12/0xc0 [ 529.152195][T13488] ? trace_contention_end+0x122/0x170 [ 529.152229][T13488] ? __mutex_lock+0x26d/0x1b10 [ 529.152258][T13488] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 529.152293][T13488] ? drm_master_internal_acquire+0x21/0x80 [ 529.152379][T13488] drm_client_modeset_commit_locked+0x14d/0x580 [ 529.152417][T13488] drm_client_modeset_commit+0x4f/0x80 [ 529.152450][T13488] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 529.152503][T13488] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 529.152554][T13488] drm_fbdev_client_restore+0x1b/0x30 [ 529.152593][T13488] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 529.152638][T13488] drm_client_dev_restore+0x205/0x2a0 [ 529.152680][T13488] drm_release+0x2c6/0x360 [ 529.152727][T13488] ? __pfx_drm_release+0x10/0x10 [ 529.152773][T13488] __fput+0x3ff/0xb50 [ 529.152823][T13488] task_work_run+0x150/0x240 [ 529.152853][T13488] ? __pfx_task_work_run+0x10/0x10 [ 529.152883][T13488] ? rcu_is_watching+0x12/0xc0 [ 529.152918][T13488] exit_to_user_mode_loop+0x107/0x4f0 [ 529.152945][T13488] ? rcu_is_watching+0x12/0xc0 [ 529.152982][T13488] do_syscall_64+0x6f2/0xf80 [ 529.153027][T13488] ? clear_bhb_loop+0x40/0x90 [ 529.153065][T13488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.153095][T13488] RIP: 0033:0x7fbf1699ce59 [ 529.153118][T13488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 529.153146][T13488] RSP: 002b:00007fbf14bf6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 529.153190][T13488] RAX: 0000000000000000 RBX: 00007fbf16c15fa0 RCX: 00007fbf1699ce59 [ 529.153210][T13488] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 529.153227][T13488] RBP: 00007fbf16a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 529.153246][T13488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 529.153263][T13488] R13: 00007fbf16c16038 R14: 00007fbf16c15fa0 R15: 00007ffef95361b8 [ 529.153304][T13488] [ 529.889408][T13501] zswap: compressor not available [ 531.116641][T13536] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2412'. [ 531.196002][T13538] netlink: 202 bytes leftover after parsing attributes in process `syz.2.2413'. [ 531.272368][T13541] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2414'. [ 531.347012][T13541] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 531.447285][T13552] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2416'. [ 531.464837][T13541] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 531.477094][ T5634] Bluetooth: hci3: unexpected subevent 0x18 length: 123 > 19 [ 531.485038][T13546] binder: 13545:13546 ioctl c0306201 200000000000 returned -11 [ 531.494586][ T5634] Bluetooth: hci3: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 531.832711][T13557] FAULT_INJECTION: forcing a failure. [ 531.832711][T13557] name failslab, interval 1, probability 0, space 0, times 0 [ 531.868488][T13557] CPU: 1 UID: 0 PID: 13557 Comm: syz.2.2418 Tainted: G L syzkaller #0 PREEMPT(full) [ 531.868533][T13557] Tainted: [L]=SOFTLOCKUP [ 531.868542][T13557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 531.868558][T13557] Call Trace: [ 531.868567][T13557] [ 531.868577][T13557] dump_stack_lvl+0x100/0x190 [ 531.868617][T13557] should_fail_ex.cold+0x5/0xa [ 531.868652][T13557] should_failslab+0xc2/0x120 [ 531.868683][T13557] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 531.868713][T13557] ? __kthread_create_on_node+0x186/0x3f0 [ 531.868759][T13557] kvasprintf+0xbc/0x150 [ 531.868918][T13557] ? __pfx_kvasprintf+0x10/0x10 [ 531.868963][T13557] ? __pfx_rescuer_thread+0x10/0x10 [ 531.868992][T13557] __kthread_create_on_node+0x186/0x3f0 [ 531.869035][T13557] ? __pfx___kthread_create_on_node+0x10/0x10 [ 531.869084][T13557] ? __pfx_vsnprintf+0x10/0x10 [ 531.869131][T13557] ? __pfx_rescuer_thread+0x10/0x10 [ 531.869161][T13557] kthread_create_on_node+0xc7/0x100 [ 531.869203][T13557] ? __pfx_kthread_create_on_node+0x10/0x10 [ 531.869243][T13557] ? __pfx_scnprintf+0x10/0x10 [ 531.869303][T13557] init_rescuer+0x321/0x550 [ 531.869356][T13557] ? __pfx_init_rescuer+0x10/0x10 [ 531.869412][T13557] ? wq_adjust_max_active+0x352/0x4a0 [ 531.869447][T13557] __alloc_workqueue+0xc70/0x1980 [ 531.869500][T13557] alloc_workqueue_noprof+0xc7/0x130 [ 531.869542][T13557] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 531.869591][T13557] ? __pfx___debug_object_init+0x10/0x10 [ 531.869686][T13557] nci_register_device+0x21e/0xb80 [ 531.869724][T13557] ? __pfx_nci_register_device+0x10/0x10 [ 531.869765][T13557] ? lockdep_init_map_type+0x5c/0x250 [ 531.869802][T13557] virtual_ncidev_open+0x141/0x220 [ 531.869848][T13557] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 531.869892][T13557] misc_open+0x26d/0x450 [ 531.869930][T13557] ? __pfx_misc_open+0x10/0x10 [ 531.869965][T13557] chrdev_open+0x234/0x6a0 [ 531.869998][T13557] ? __pfx_apparmor_file_open+0x10/0x10 [ 531.870028][T13557] ? __pfx_chrdev_open+0x10/0x10 [ 531.870067][T13557] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 531.870114][T13557] do_dentry_open+0x6d8/0x1660 [ 531.870149][T13557] ? __pfx_chrdev_open+0x10/0x10 [ 531.870195][T13557] vfs_open+0x82/0x3f0 [ 531.870242][T13557] path_openat+0x208c/0x31a0 [ 531.870290][T13557] ? __pfx_path_openat+0x10/0x10 [ 531.870335][T13557] do_file_open+0x20e/0x430 [ 531.870383][T13557] ? __pfx_do_file_open+0x10/0x10 [ 531.870445][T13557] ? alloc_fd+0x476/0x790 [ 531.870484][T13557] ? do_getname+0x191/0x390 [ 531.870527][T13557] do_sys_openat2+0x10d/0x1e0 [ 531.870570][T13557] ? __pfx_do_sys_openat2+0x10/0x10 [ 531.870626][T13557] __x64_sys_openat+0x12d/0x210 [ 531.870671][T13557] ? __pfx___x64_sys_openat+0x10/0x10 [ 531.870722][T13557] ? rcu_is_watching+0x12/0xc0 [ 531.870762][T13557] do_syscall_64+0x10b/0xf80 [ 531.870804][T13557] ? clear_bhb_loop+0x40/0x90 [ 531.870840][T13557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.870869][T13557] RIP: 0033:0x7ff668d9ce59 [ 531.870894][T13557] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 531.870922][T13557] RSP: 002b:00007ff669d18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 531.870951][T13557] RAX: ffffffffffffffda RBX: 00007ff669016090 RCX: 00007ff668d9ce59 [ 531.870970][T13557] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 531.870989][T13557] RBP: 00007ff668e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 531.871007][T13557] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 531.871024][T13557] R13: 00007ff669016128 R14: 00007ff669016090 R15: 00007fff6836d8a8 [ 531.871062][T13557] [ 532.361501][T13557] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_cmd_wq": -ENOMEM [ 534.107813][T13602] smpboot: CPU 1 is now offline [ 534.202826][T13606] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2431'. [ 534.245856][T13606] netlink: 354 bytes leftover after parsing attributes in process `syz.1.2431'. [ 534.584890][T13612] FAULT_INJECTION: forcing a failure. [ 534.584890][T13612] name failslab, interval 1, probability 0, space 0, times 0 [ 534.642794][T13612] CPU: 0 UID: 0 PID: 13612 Comm: syz.0.2434 Tainted: G L syzkaller #0 PREEMPT(full) [ 534.642822][T13612] Tainted: [L]=SOFTLOCKUP [ 534.642827][T13612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 534.642837][T13612] Call Trace: [ 534.642843][T13612] [ 534.642849][T13612] dump_stack_lvl+0x100/0x190 [ 534.642873][T13612] should_fail_ex.cold+0x5/0xa [ 534.642893][T13612] should_failslab+0xc2/0x120 [ 534.642911][T13612] __kmalloc_cache_noprof+0x7a/0x6f0 [ 534.642933][T13612] ? snd_seq_port_connect+0x61/0x550 [ 534.643027][T13612] ? snd_seq_port_use_ptr+0x136/0x1a0 [ 534.643047][T13612] ? snd_seq_port_use_ptr+0x136/0x1a0 [ 534.643070][T13612] snd_seq_port_connect+0x61/0x550 [ 534.643091][T13612] ? _raw_read_unlock+0x28/0x50 [ 534.643115][T13612] ? check_subscription_permission.isra.0+0x146/0x240 [ 534.643141][T13612] snd_seq_ioctl_subscribe_port+0x219/0x490 [ 534.643166][T13612] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 534.643198][T13612] call_seq_client_ctl+0xa3/0x130 [ 534.643219][T13612] snd_seq_kernel_client_ctl+0x77/0xd0 [ 534.643240][T13612] snd_seq_oss_midi_open+0x596/0x690 [ 534.643288][T13612] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 534.643316][T13612] snd_seq_oss_synth_setup_midi+0x131/0x590 [ 534.643338][T13612] snd_seq_oss_open+0x82e/0xa10 [ 534.643363][T13612] odev_open+0x6f/0x90 [ 534.643382][T13612] ? __pfx_odev_open+0x10/0x10 [ 534.643402][T13612] soundcore_open+0x2e3/0x5a0 [ 534.643473][T13612] ? __pfx_soundcore_open+0x10/0x10 [ 534.643495][T13612] chrdev_open+0x234/0x6a0 [ 534.643515][T13612] ? __pfx_apparmor_file_open+0x10/0x10 [ 534.643530][T13612] ? __pfx_chrdev_open+0x10/0x10 [ 534.643549][T13612] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 534.643572][T13612] do_dentry_open+0x6d8/0x1660 [ 534.643598][T13612] ? __pfx_chrdev_open+0x10/0x10 [ 534.643623][T13612] vfs_open+0x82/0x3f0 [ 534.643648][T13612] path_openat+0x208c/0x31a0 [ 534.643673][T13612] ? __pfx_path_openat+0x10/0x10 [ 534.643699][T13612] do_file_open+0x20e/0x430 [ 534.643719][T13612] ? __pfx_do_file_open+0x10/0x10 [ 534.643751][T13612] ? alloc_fd+0x476/0x790 [ 534.643770][T13612] ? do_getname+0x191/0x390 [ 534.643793][T13612] do_sys_openat2+0x10d/0x1e0 [ 534.643815][T13612] ? __pfx_do_sys_openat2+0x10/0x10 [ 534.643844][T13612] __x64_sys_openat+0x12d/0x210 [ 534.643867][T13612] ? __pfx___x64_sys_openat+0x10/0x10 [ 534.643892][T13612] ? rcu_is_watching+0x12/0xc0 [ 534.643913][T13612] do_syscall_64+0x10b/0xf80 [ 534.643935][T13612] ? clear_bhb_loop+0x40/0x90 [ 534.643954][T13612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.643971][T13612] RIP: 0033:0x7fc3bb19ce59 [ 534.643985][T13612] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 534.644000][T13612] RSP: 002b:00007fc3bc025028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 534.644016][T13612] RAX: ffffffffffffffda RBX: 00007fc3bb415fa0 RCX: 00007fc3bb19ce59 [ 534.644027][T13612] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 534.644038][T13612] RBP: 00007fc3bb232d6f R08: 0000000000000000 R09: 0000000000000000 [ 534.644047][T13612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 534.644057][T13612] R13: 00007fc3bb416038 R14: 00007fc3bb415fa0 R15: 00007ffcd0fe7e18 [ 534.644077][T13612] [ 536.570140][T13632] netlink: 306 bytes leftover after parsing attributes in process `syz.1.2442'. [ 539.025509][T13668] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 539.346341][T13660] Process accounting resumed [ 539.716682][ T5634] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 539.932374][T13687] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 540.825118][T13708] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 543.180196][ T5634] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 545.282689][ T5634] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 545.282716][ T5634] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 545.297786][ T5634] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 545.297872][ T5634] Bluetooth: hci0: adv larger than maximum supported [ 545.305610][ T5634] Bluetooth: hci0: adv larger than maximum supported [ 545.314647][ T5634] Bluetooth: hci0: adv larger than maximum supported [ 545.323053][ T5634] Bluetooth: hci0: adv larger than maximum supported [ 545.330163][ T5634] Bluetooth: hci0: adv larger than maximum supported [ 545.337618][ T5634] Bluetooth: hci0: Malformed LE Event: 0x0d [ 545.989223][T13800] FAULT_INJECTION: forcing a failure. [ 545.989223][T13800] name failslab, interval 1, probability 0, space 0, times 0 [ 546.065841][T13800] CPU: 0 UID: 0 PID: 13800 Comm: syz.1.2490 Tainted: G L syzkaller #0 PREEMPT(full) [ 546.065866][T13800] Tainted: [L]=SOFTLOCKUP [ 546.065871][T13800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 546.065880][T13800] Call Trace: [ 546.065885][T13800] [ 546.065890][T13800] dump_stack_lvl+0x100/0x190 [ 546.065912][T13800] should_fail_ex.cold+0x5/0xa [ 546.065931][T13800] should_failslab+0xc2/0x120 [ 546.065948][T13800] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 546.065971][T13800] ? taskstats_exit+0x67b/0xc10 [ 546.065991][T13800] ? rcu_is_watching+0x12/0xc0 [ 546.066012][T13800] taskstats_exit+0x67b/0xc10 [ 546.066124][T13800] ? __pfx_acct_update_integrals+0x10/0x10 [ 546.066147][T13800] ? __pfx_taskstats_exit+0x10/0x10 [ 546.066171][T13800] ? rcu_read_lock_any_held+0x6a/0xa0 [ 546.066192][T13800] ? exit_signals+0x395/0xaf0 [ 546.066213][T13800] do_exit+0x65c/0x2af0 [ 546.066238][T13800] ? __pfx_do_exit+0x10/0x10 [ 546.066260][T13800] ? do_raw_spin_lock+0x128/0x260 [ 546.066276][T13800] ? find_held_lock+0x2b/0x80 [ 546.066294][T13800] ? get_signal+0x7e5/0x2210 [ 546.066314][T13800] do_group_exit+0xd5/0x2a0 [ 546.066337][T13800] get_signal+0x20ff/0x2210 [ 546.066366][T13800] ? __pfx_get_signal+0x10/0x10 [ 546.066386][T13800] ? do_futex+0x192/0x350 [ 546.066403][T13800] arch_do_signal_or_restart+0x91/0x7a0 [ 546.066427][T13800] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 546.066453][T13800] ? __do_sys_setgroups+0x36f/0x4f0 [ 546.066474][T13800] ? rcu_is_watching+0x12/0xc0 [ 546.066493][T13800] exit_to_user_mode_loop+0x8b/0x4f0 [ 546.066508][T13800] ? rcu_is_watching+0x12/0xc0 [ 546.066527][T13800] do_syscall_64+0x6f2/0xf80 [ 546.066551][T13800] ? clear_bhb_loop+0x40/0x90 [ 546.066569][T13800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.066588][T13800] RIP: 0033:0x7ff65a39ce59 [ 546.066603][T13800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 546.066618][T13800] RSP: 002b:00007ff65b17b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 546.066632][T13800] RAX: fffffffffffffe00 RBX: 00007ff65a616098 RCX: 00007ff65a39ce59 [ 546.066642][T13800] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff65a616098 [ 546.066651][T13800] RBP: 00007ff65a616090 R08: 0000000000000000 R09: 0000000000000000 [ 546.066660][T13800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 546.066668][T13800] R13: 00007ff65a616128 R14: 00007ffd744ce6d0 R15: 00007ffd744ce7b8 [ 546.066687][T13800] [ 547.834503][T13824] netlink: 'syz.3.2497': attribute type 15 has an invalid length. [ 547.905236][T13824] netlink: 'syz.3.2497': attribute type 16 has an invalid length. [ 547.935815][T13825] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer. [ 547.992195][T13824] netlink: 194 bytes leftover after parsing attributes in process `syz.3.2497'. [ 548.272169][T13834] binder: 13833:13834 ioctl 400c620e 0 returned -22 [ 549.010073][T13844] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 549.271952][T13838] Process accounting paused [ 550.942272][T13882] zswap: compressor not available [ 551.001031][T13892] FAULT_INJECTION: forcing a failure. [ 551.001031][T13892] name failslab, interval 1, probability 0, space 0, times 0 [ 551.077929][T13892] CPU: 0 UID: 8 PID: 13892 Comm: syz.2.2519 Tainted: G L syzkaller #0 PREEMPT(full) [ 551.077972][T13892] Tainted: [L]=SOFTLOCKUP [ 551.077981][T13892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 551.077996][T13892] Call Trace: [ 551.078004][T13892] [ 551.078014][T13892] dump_stack_lvl+0x100/0x190 [ 551.078050][T13892] should_fail_ex.cold+0x5/0xa [ 551.078088][T13892] should_failslab+0xc2/0x120 [ 551.078120][T13892] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 551.078163][T13892] ? key_alloc+0x3c5/0x1310 [ 551.078284][T13892] key_alloc+0x3c5/0x1310 [ 551.078331][T13892] ? __pfx_key_alloc+0x10/0x10 [ 551.078375][T13892] keyring_alloc+0x44/0xc0 [ 551.078418][T13892] lookup_user_key+0x9b8/0x1300 [ 551.078453][T13892] ? __pfx_lookup_user_key+0x10/0x10 [ 551.078488][T13892] ? __pfx_futex_wait+0x10/0x10 [ 551.078531][T13892] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 551.078588][T13892] keyctl_get_persistent+0x197/0x8b0 [ 551.078630][T13892] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 551.078672][T13892] ? __x64_sys_futex+0x34f/0x4d0 [ 551.078701][T13892] ? __x64_sys_futex+0x358/0x4d0 [ 551.078734][T13892] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 551.078768][T13892] ? __pfx___x64_sys_futex+0x10/0x10 [ 551.078798][T13892] ? ksys_write+0x1ac/0x250 [ 551.078839][T13892] __do_sys_keyctl+0x3b2/0x5a0 [ 551.078869][T13892] do_syscall_64+0x10b/0xf80 [ 551.078913][T13892] ? clear_bhb_loop+0x40/0x90 [ 551.078950][T13892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.078979][T13892] RIP: 0033:0x7ff668d9ce59 [ 551.079002][T13892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 551.079030][T13892] RSP: 002b:00007ff669d39028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 551.079056][T13892] RAX: ffffffffffffffda RBX: 00007ff669015fa0 RCX: 00007ff668d9ce59 [ 551.079075][T13892] RDX: 7fffffffffffffff RSI: 0000000000000000 RDI: 0000000000000016 [ 551.079092][T13892] RBP: 00007ff668e32d6f R08: 0000000000000002 R09: 0000000000000000 [ 551.079109][T13892] R10: ffffffffffffe6d6 R11: 0000000000000246 R12: 0000000000000000 [ 551.079127][T13892] R13: 00007ff669016038 R14: 00007ff669015fa0 R15: 00007fff6836d8a8 [ 551.079165][T13892] [ 551.956397][ T5634] Bluetooth: hci0: unexpected subevent 0x01 length: 3 < 18 [ 553.134968][T13931] netlink: 246 bytes leftover after parsing attributes in process `syz.1.2531'. [ 553.489971][T13936] smpboot: CPU 1 is now offline [ 554.616929][T13948] netlink: 246 bytes leftover after parsing attributes in process `syz.1.2537'. [ 556.153014][T13975] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2545'. [ 557.017428][T13991] FAULT_INJECTION: forcing a failure. [ 557.017428][T13991] name failslab, interval 1, probability 0, space 0, times 0 [ 557.163947][T13991] CPU: 0 UID: 0 PID: 13991 Comm: syz.2.2552 Tainted: G L syzkaller #0 PREEMPT(full) [ 557.163976][T13991] Tainted: [L]=SOFTLOCKUP [ 557.163981][T13991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 557.163991][T13991] Call Trace: [ 557.163997][T13991] [ 557.164004][T13991] dump_stack_lvl+0x100/0x190 [ 557.164026][T13991] should_fail_ex.cold+0x5/0xa [ 557.164047][T13991] should_failslab+0xc2/0x120 [ 557.164066][T13991] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 557.164088][T13991] ? security_inode_alloc+0x3b/0x2c0 [ 557.164104][T13991] ? lockdep_init_map_type+0x5c/0x250 [ 557.164123][T13991] security_inode_alloc+0x3b/0x2c0 [ 557.164139][T13991] inode_init_always_gfp+0xcc0/0x1000 [ 557.164162][T13991] alloc_inode+0x8e/0x250 [ 557.164184][T13991] create_pipe_files+0x4c/0x970 [ 557.164205][T13991] do_pipe2+0xbd/0x1e0 [ 557.164223][T13991] ? __pfx_do_pipe2+0x10/0x10 [ 557.164239][T13991] ? xfd_validate_state+0x129/0x190 [ 557.164259][T13991] ? syscall_user_dispatch+0x76/0x130 [ 557.164277][T13991] __x64_sys_pipe+0x33/0x50 [ 557.164295][T13991] do_syscall_64+0x10b/0xf80 [ 557.164317][T13991] ? clear_bhb_loop+0x40/0x90 [ 557.164336][T13991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.164351][T13991] RIP: 0033:0x7ff668d9ce59 [ 557.164364][T13991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 557.164379][T13991] RSP: 002b:00007ff669d39028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 557.164394][T13991] RAX: ffffffffffffffda RBX: 00007ff669015fa0 RCX: 00007ff668d9ce59 [ 557.164403][T13991] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 557.164412][T13991] RBP: 00007ff668e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 557.164420][T13991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.164429][T13991] R13: 00007ff669016038 R14: 00007ff669015fa0 R15: 00007fff6836d8a8 [ 557.164452][T13991] [ 558.177611][T14005] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2556'. [ 558.245359][T14005] virt_wifi0: entered allmulticast mode [ 558.799740][T14021] vhci_hcd vhci_hcd.2: invalid port number 111 [ 558.832825][T14021] vhci_hcd vhci_hcd.2: default hub control req: a356 va1b7 i006f l230 [ 559.713176][T14044] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2568'. [ 560.860457][T14067] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2575'. [ 561.592435][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 561.598973][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.205759][T14092] netlink: 54 bytes leftover after parsing attributes in process `syz.1.2584'. [ 562.372959][T14102] netlink: 98 bytes leftover after parsing attributes in process `syz.3.2586'. [ 562.429597][T14102] netlink: 50 bytes leftover after parsing attributes in process `syz.3.2586'. [ 562.681519][T14113] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2590'. [ 562.723384][T14113] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2590'. [ 564.110020][T14145] __vm_enough_memory: pid: 14145, comm: syz.0.2598, bytes: 4398046457856 not enough memory for the allocation [ 564.354602][T14150] netlink: 202 bytes leftover after parsing attributes in process `syz.2.2599'. [ 564.658014][T14159] FAULT_INJECTION: forcing a failure. [ 564.658014][T14159] name failslab, interval 1, probability 0, space 0, times 0 [ 564.705542][T14159] CPU: 0 UID: 0 PID: 14159 Comm: syz.3.2604 Tainted: G L syzkaller #0 PREEMPT(full) [ 564.705570][T14159] Tainted: [L]=SOFTLOCKUP [ 564.705576][T14159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 564.705587][T14159] Call Trace: [ 564.705592][T14159] [ 564.705598][T14159] dump_stack_lvl+0x100/0x190 [ 564.705621][T14159] should_fail_ex.cold+0x5/0xa [ 564.705641][T14159] should_failslab+0xc2/0x120 [ 564.705659][T14159] __kmalloc_cache_noprof+0x7a/0x6f0 [ 564.705680][T14159] ? ima_calc_file_hash_tfm+0x236/0x350 [ 564.705697][T14159] ? sha256_init+0xd/0xc0 [ 564.705716][T14159] ima_calc_file_hash_tfm+0x236/0x350 [ 564.705732][T14159] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 564.705767][T14159] ? look_up_lock_class+0x55/0x120 [ 564.705792][T14159] ? ima_alloc_tfm+0x21a/0x2e0 [ 564.705808][T14159] ima_calc_file_hash+0x1e3/0x380 [ 564.705824][T14159] ima_collect_measurement+0x94f/0xb30 [ 564.705845][T14159] ? __pfx_ima_collect_measurement+0x10/0x10 [ 564.705873][T14159] ? process_measurement+0x5ab/0x2350 [ 564.705896][T14159] ? is_bad_inode+0xd/0x40 [ 564.705911][T14159] ? xattr_resolve_name+0x27d/0x3f0 [ 564.705931][T14159] ? vfs_getxattr_alloc+0xec/0x350 [ 564.705953][T14159] ? ima_get_hash_algo+0x22d/0x400 [ 564.705973][T14159] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 564.705997][T14159] ? process_measurement+0xdfe/0x2350 [ 564.706018][T14159] process_measurement+0xdfe/0x2350 [ 564.706044][T14159] ? stack_trace_save+0x8e/0xc0 [ 564.706065][T14159] ? __pfx_process_measurement+0x10/0x10 [ 564.706087][T14159] ? __lock_acquire+0x4a5/0x2630 [ 564.706101][T14159] ? __kasan_slab_alloc+0x89/0x90 [ 564.706117][T14159] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 564.706139][T14159] ? init_file+0x95/0x480 [ 564.706157][T14159] ? alloc_empty_file+0x79/0x1c0 [ 564.706177][T14159] ? alloc_file_pseudo+0x13a/0x230 [ 564.706197][T14159] ? ksys_mmap_pgoff+0x242/0x610 [ 564.706217][T14159] ? __x64_sys_mmap+0x125/0x190 [ 564.706232][T14159] ? do_syscall_64+0x10b/0xf80 [ 564.706280][T14159] ? __pfx_aa_file_perm+0x10/0x10 [ 564.706308][T14159] ima_file_mmap+0x1c4/0x1f0 [ 564.706332][T14159] ? __pfx_ima_file_mmap+0x10/0x10 [ 564.706360][T14159] security_mmap_file+0x278/0x9b0 [ 564.706379][T14159] vm_mmap_pgoff+0xec/0x470 [ 564.706401][T14159] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 564.706418][T14159] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 564.706440][T14159] ? hugetlbfs_get_inode+0x3f5/0x700 [ 564.706468][T14159] ksys_mmap_pgoff+0x285/0x610 [ 564.706488][T14159] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 564.706505][T14159] ? xfd_validate_state+0x129/0x190 [ 564.706524][T14159] __x64_sys_mmap+0x125/0x190 [ 564.706542][T14159] do_syscall_64+0x10b/0xf80 [ 564.706563][T14159] ? clear_bhb_loop+0x40/0x90 [ 564.706581][T14159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.706596][T14159] RIP: 0033:0x7fbf1699ce59 [ 564.706610][T14159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 564.706624][T14159] RSP: 002b:00007fbf14bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 564.706641][T14159] RAX: ffffffffffffffda RBX: 00007fbf16c15fa0 RCX: 00007fbf1699ce59 [ 564.706651][T14159] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 564.706660][T14159] RBP: 00007fbf16a32d6f R08: 0000000000000401 R09: 0000300000000000 [ 564.706670][T14159] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 564.706679][T14159] R13: 00007fbf16c16038 R14: 00007fbf16c15fa0 R15: 00007ffef95361b8 [ 564.706698][T14159] [ 565.542606][ T29] audit: type=1800 audit(4294967371.302:12): pid=14159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2604" name="anon_hugepage" dev="hugetlbfs" ino=65178 res=0 errno=0 [ 566.669697][T14181] FAULT_INJECTION: forcing a failure. [ 566.669697][T14181] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 566.762095][T14181] CPU: 0 UID: 0 PID: 14181 Comm: syz.3.2611 Tainted: G L syzkaller #0 PREEMPT(full) [ 566.762123][T14181] Tainted: [L]=SOFTLOCKUP [ 566.762129][T14181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 566.762138][T14181] Call Trace: [ 566.762144][T14181] [ 566.762150][T14181] dump_stack_lvl+0x100/0x190 [ 566.762173][T14181] should_fail_ex.cold+0x5/0xa [ 566.762190][T14181] ? prepare_alloc_pages+0x16d/0x5f0 [ 566.762211][T14181] should_fail_alloc_page+0xeb/0x140 [ 566.762231][T14181] prepare_alloc_pages+0x1f0/0x5f0 [ 566.762248][T14181] ? arch_stack_walk+0xa6/0xf0 [ 566.762269][T14181] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 566.762296][T14181] ? stack_trace_save+0x8e/0xc0 [ 566.762316][T14181] ? __pfx_stack_trace_save+0x10/0x10 [ 566.762336][T14181] ? stack_depot_save_flags+0x27/0x9d0 [ 566.762355][T14181] ? is_bpf_text_address+0x8a/0x1a0 [ 566.762376][T14181] ? is_bpf_text_address+0x8a/0x1a0 [ 566.762397][T14181] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 566.762421][T14181] ? kasan_save_stack+0x3f/0x50 [ 566.762435][T14181] ? kasan_save_stack+0x30/0x50 [ 566.762448][T14181] ? kasan_save_track+0x14/0x30 [ 566.762462][T14181] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 566.762485][T14181] ? __get_vm_area_node+0x1ca/0x330 [ 566.762502][T14181] ? get_vm_area_caller+0x71/0xa0 [ 566.762519][T14181] ? vmap+0x131/0x2f0 [ 566.762534][T14181] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 566.762572][T14181] ? map_create+0x84e/0x2bc0 [ 566.762592][T14181] ? __sys_bpf+0x2091/0x4b90 [ 566.762606][T14181] ? __x64_sys_bpf+0x7b/0xc0 [ 566.762620][T14181] ? do_syscall_64+0x10b/0xf80 [ 566.762642][T14181] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.762665][T14181] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 566.762687][T14181] ? policy_nodemask+0xed/0x4f0 [ 566.762705][T14181] alloc_pages_mpol+0x1fb/0x540 [ 566.762724][T14181] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 566.762745][T14181] alloc_pages_noprof+0x1a/0x160 [ 566.762765][T14181] get_free_pages_noprof+0x10/0xb0 [ 566.762781][T14181] __kasan_populate_vmalloc+0xa0/0x210 [ 566.762809][T14181] alloc_vmap_area+0x95d/0x2b70 [ 566.762833][T14181] ? __pfx_alloc_vmap_area+0x10/0x10 [ 566.762855][T14181] __get_vm_area_node+0x1ca/0x330 [ 566.762875][T14181] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 566.762890][T14181] get_vm_area_caller+0x71/0xa0 [ 566.762908][T14181] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 566.762923][T14181] vmap+0x131/0x2f0 [ 566.762940][T14181] ? __pfx_vmap+0x10/0x10 [ 566.762961][T14181] ringbuf_map_alloc+0x3a1/0x8b0 [ 566.762980][T14181] ? __pfx_ringbuf_map_mem_usage+0x10/0x10 [ 566.763003][T14181] map_create+0x84e/0x2bc0 [ 566.763023][T14181] ? futex_unqueue+0x13d/0x2c0 [ 566.763039][T14181] ? __futex_wait+0x256/0x300 [ 566.763064][T14181] ? __pfx_map_create+0x10/0x10 [ 566.763090][T14181] ? __might_fault+0xc5/0x140 [ 566.763112][T14181] ? __might_fault+0xc5/0x140 [ 566.763141][T14181] __sys_bpf+0x2091/0x4b90 [ 566.763159][T14181] ? __pfx___sys_bpf+0x10/0x10 [ 566.763174][T14181] ? __pfx_futex_wait+0x10/0x10 [ 566.763198][T14181] ? errseq_sample+0x51/0x70 [ 566.763212][T14181] ? file_init_path+0x48e/0x670 [ 566.763236][T14181] ? do_futex+0x192/0x350 [ 566.763261][T14181] ? xfd_validate_state+0x129/0x190 [ 566.763282][T14181] __x64_sys_bpf+0x7b/0xc0 [ 566.763297][T14181] ? lockdep_hardirqs_on+0x78/0x100 [ 566.763320][T14181] do_syscall_64+0x10b/0xf80 [ 566.763342][T14181] ? clear_bhb_loop+0x40/0x90 [ 566.763360][T14181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.763376][T14181] RIP: 0033:0x7fbf1699ce59 [ 566.763389][T14181] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 566.763403][T14181] RSP: 002b:00007fbf14bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 566.763418][T14181] RAX: ffffffffffffffda RBX: 00007fbf16c15fa0 RCX: 00007fbf1699ce59 [ 566.763429][T14181] RDX: 0000000000000010 RSI: 00002000000000c0 RDI: 0000000000000000 [ 566.763438][T14181] RBP: 00007fbf16a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 566.763447][T14181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 566.763455][T14181] R13: 00007fbf16c16038 R14: 00007fbf16c15fa0 R15: 00007ffef95361b8 [ 566.763475][T14181] [ 568.727321][T14192] netlink: 62 bytes leftover after parsing attributes in process `syz.3.2614'. [ 569.146387][T14204] ubi3: attaching mtd1 [ 569.335492][T14205] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 569.335492][T14205] M' is too long [ 569.390456][T14205] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 569.390456][T14205] W ' is too long [ 569.714648][T14201] Process accounting paused [ 569.915324][T14213] bond0: invalid ARP target specified [ 569.998148][T14214] Process accounting resumed [ 571.319419][T14240] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2629'. [ 572.553788][T14255] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2633'. [ 572.783187][T14258] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2635'. [ 573.023052][T14261] nvme_fabrics: missing parameter 'transport=%s' [ 573.100178][T14261] nvme_fabrics: missing parameter 'nqn=%s' [ 573.510989][T14273] netlink: 62 bytes leftover after parsing attributes in process `syz.2.2637'. [ 574.130880][T14284] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2641'. [ 575.195076][T14300] futex_wake_op: syz.2.2644 tries to shift op by -2048; fix this program [ 575.367844][T14297] 0x000000000001-0x000000020000 : "" [ 575.413174][T14297] ftl_cs: FTL header corrupt! [ 580.603535][T14345] kexec: Could not allocate control_code_buffer [ 581.432080][ T5624] Process accounting resumed [ 581.912680][ T5633] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 581.931205][ T5633] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 581.943026][ T5633] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 581.953143][ T5633] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 581.968295][ T5633] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 584.070766][ T5633] Bluetooth: hci4: command tx timeout [ 584.350845][T14394] random: crng reseeded on system resumption [ 584.467087][T14394] FAULT_INJECTION: forcing a failure. [ 584.467087][T14394] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 584.612296][T14394] CPU: 0 UID: 0 PID: 14394 Comm: syz.3.2677 Tainted: G L syzkaller #0 PREEMPT(full) [ 584.612325][T14394] Tainted: [L]=SOFTLOCKUP [ 584.612330][T14394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 584.612340][T14394] Call Trace: [ 584.612346][T14394] [ 584.612352][T14394] dump_stack_lvl+0x100/0x190 [ 584.612374][T14394] should_fail_ex.cold+0x5/0xa [ 584.612392][T14394] ? prepare_alloc_pages+0x16d/0x5f0 [ 584.612416][T14394] should_fail_alloc_page+0xeb/0x140 [ 584.612436][T14394] prepare_alloc_pages+0x1f0/0x5f0 [ 584.612458][T14394] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 584.612483][T14394] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 584.612511][T14394] ? stack_trace_save+0x8e/0xc0 [ 584.612531][T14394] ? __pfx_stack_trace_save+0x10/0x10 [ 584.612550][T14394] ? arch_stack_walk+0xa6/0xf0 [ 584.612568][T14394] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 584.612593][T14394] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 584.612618][T14394] ? kasan_save_stack+0x30/0x50 [ 584.612632][T14394] ? kasan_save_track+0x14/0x30 [ 584.612645][T14394] ? __kasan_kmalloc+0xaa/0xb0 [ 584.612658][T14394] ? memory_bm_create+0x14d/0xba0 [ 584.612679][T14394] ? do_syscall_64+0x10b/0xf80 [ 584.612702][T14394] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.612720][T14394] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 584.612742][T14394] ? policy_nodemask+0xed/0x4f0 [ 584.612762][T14394] alloc_pages_mpol+0x1fb/0x540 [ 584.612781][T14394] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 584.612798][T14394] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 584.612818][T14394] alloc_pages_noprof+0x1a/0x160 [ 584.612838][T14394] get_zeroed_page_noprof+0x18/0xb0 [ 584.612856][T14394] get_image_page+0x18/0x1a0 [ 584.612874][T14394] alloc_rtree_node+0x3c/0xb0 [ 584.612898][T14394] memory_bm_create+0x65e/0xba0 [ 584.612925][T14394] create_basic_memory_bitmaps+0x10b/0x350 [ 584.612949][T14394] snapshot_open+0x230/0x2a0 [ 584.612970][T14394] ? __pfx_snapshot_open+0x10/0x10 [ 584.612992][T14394] misc_open+0x26d/0x450 [ 584.613013][T14394] ? __pfx_misc_open+0x10/0x10 [ 584.613031][T14394] chrdev_open+0x234/0x6a0 [ 584.613049][T14394] ? __pfx_apparmor_file_open+0x10/0x10 [ 584.613065][T14394] ? __pfx_chrdev_open+0x10/0x10 [ 584.613084][T14394] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 584.613108][T14394] do_dentry_open+0x6d8/0x1660 [ 584.613126][T14394] ? __pfx_chrdev_open+0x10/0x10 [ 584.613149][T14394] vfs_open+0x82/0x3f0 [ 584.613173][T14394] path_openat+0x208c/0x31a0 [ 584.613198][T14394] ? __pfx_path_openat+0x10/0x10 [ 584.613223][T14394] do_file_open+0x20e/0x430 [ 584.613243][T14394] ? __pfx_do_file_open+0x10/0x10 [ 584.613274][T14394] ? alloc_fd+0x476/0x790 [ 584.613301][T14394] ? do_getname+0x191/0x390 [ 584.613326][T14394] do_sys_openat2+0x10d/0x1e0 [ 584.613349][T14394] ? __pfx_do_sys_openat2+0x10/0x10 [ 584.613373][T14394] ? __fget_files+0x21f/0x3d0 [ 584.613395][T14394] __x64_sys_openat+0x12d/0x210 [ 584.613418][T14394] ? __pfx___x64_sys_openat+0x10/0x10 [ 584.613443][T14394] ? rcu_is_watching+0x12/0xc0 [ 584.613464][T14394] do_syscall_64+0x10b/0xf80 [ 584.613486][T14394] ? clear_bhb_loop+0x40/0x90 [ 584.613504][T14394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.613519][T14394] RIP: 0033:0x7fbf1699ce59 [ 584.613533][T14394] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 584.613547][T14394] RSP: 002b:00007fbf14bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 584.613563][T14394] RAX: ffffffffffffffda RBX: 00007fbf16c15fa0 RCX: 00007fbf1699ce59 [ 584.613574][T14394] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 584.613583][T14394] RBP: 00007fbf16a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 584.613592][T14394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.613602][T14394] R13: 00007fbf16c16038 R14: 00007fbf16c15fa0 R15: 00007ffef95361b8 [ 584.613622][T14394] [ 585.024903][T14367] bridge0: port 1(bridge_slave_0) entered blocking state [ 585.032104][T14367] bridge0: port 1(bridge_slave_0) entered disabled state [ 585.039360][T14367] bridge_slave_0: entered allmulticast mode [ 585.046379][T14367] bridge_slave_0: entered promiscuous mode [ 585.053950][T14367] bridge0: port 2(bridge_slave_1) entered blocking state [ 585.061079][T14367] bridge0: port 2(bridge_slave_1) entered disabled state [ 585.068252][T14367] bridge_slave_1: entered allmulticast mode [ 585.075298][T14367] bridge_slave_1: entered promiscuous mode [ 585.100904][T14367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 585.112061][T14367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 585.138034][T14367] team0: Port device team_slave_0 added [ 585.145747][T14367] team0: Port device team_slave_1 added [ 585.168274][T14367] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 585.175300][T14367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 585.203379][T14367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 585.216844][T14367] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 585.223892][T14367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 585.249945][T14367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 585.291702][T14367] hsr_slave_0: entered promiscuous mode [ 585.297937][T14367] hsr_slave_1: entered promiscuous mode [ 585.304080][T14367] debugfs: 'hsr0' already exists in 'hsr' [ 585.309880][T14367] Cannot create hsr debugfs directory [ 586.107416][T14367] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 586.171008][T14367] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 586.182398][ T5633] Bluetooth: hci4: command tx timeout [ 586.202947][T14367] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 586.243440][T14367] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 586.318300][T14367] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 586.331631][T14367] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 586.351179][T14367] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 586.386835][T14367] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 586.907966][T14367] 8021q: adding VLAN 0 to HW filter on device bond0 [ 587.033571][T14367] 8021q: adding VLAN 0 to HW filter on device team0 [ 587.105549][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 587.112794][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 587.216752][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 587.224045][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 588.228794][ T5633] Bluetooth: hci4: command tx timeout [ 588.276005][T14438] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2683'. [ 589.604567][T14367] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 590.309021][ T5633] Bluetooth: hci4: command tx timeout [ 590.590470][T14367] veth0_vlan: entered promiscuous mode [ 590.670639][T14367] veth1_vlan: entered promiscuous mode [ 590.821618][T14367] veth0_macvtap: entered promiscuous mode [ 590.889989][T14367] veth1_macvtap: entered promiscuous mode [ 590.932246][T14486] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2696'. [ 590.975172][T14367] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 591.023618][T14367] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 591.098476][ T32] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.222445][ T32] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.278336][ T32] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.377850][ T32] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.779237][ T1350] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 591.836004][ T1350] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 591.987547][ T1350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 592.037065][ T1350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 593.036734][T14509] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2702'. [ 593.502182][ T5633] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 596.282145][T14543] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2711'. [ 597.555902][T14560] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 600.067981][T14577] Process accounting resumed [ 600.295553][T14596] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2729'. [ 600.945477][ T5633] Bluetooth: hci1: unexpected subevent 0x01 length: 3 < 18 [ 600.984906][T14607] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2740'. [ 601.960976][T14615] vhci_hcd vhci_hcd.2: invalid port number 111 [ 602.003178][T14615] vhci_hcd vhci_hcd.2: default hub control req: a356 va1b7 i006f l230 [ 602.572203][T14597] Process accounting paused [ 603.731213][T14646] FAULT_INJECTION: forcing a failure. [ 603.731213][T14646] name failslab, interval 1, probability 0, space 0, times 0 [ 603.838327][T14646] CPU: 0 UID: 0 PID: 14646 Comm: syz.3.2746 Tainted: G L syzkaller #0 PREEMPT(full) [ 603.838358][T14646] Tainted: [L]=SOFTLOCKUP [ 603.838365][T14646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 603.838375][T14646] Call Trace: [ 603.838382][T14646] [ 603.838391][T14646] dump_stack_lvl+0x100/0x190 [ 603.838418][T14646] should_fail_ex.cold+0x5/0xa [ 603.838440][T14646] should_failslab+0xc2/0x120 [ 603.838459][T14646] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 603.838483][T14646] ? alloc_inode+0x183/0x250 [ 603.838505][T14646] ? do_futex+0x192/0x350 [ 603.838525][T14646] alloc_inode+0x183/0x250 [ 603.838547][T14646] create_pipe_files+0x4c/0x970 [ 603.838573][T14646] do_pipe2+0xbd/0x1e0 [ 603.838592][T14646] ? __pfx_do_pipe2+0x10/0x10 [ 603.838609][T14646] ? xfd_validate_state+0x129/0x190 [ 603.838628][T14646] ? syscall_user_dispatch+0x76/0x130 [ 603.838646][T14646] __x64_sys_pipe+0x33/0x50 [ 603.838665][T14646] do_syscall_64+0x10b/0xf80 [ 603.838689][T14646] ? clear_bhb_loop+0x40/0x90 [ 603.838707][T14646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.838723][T14646] RIP: 0033:0x7fbf1699ce59 [ 603.838737][T14646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 603.838752][T14646] RSP: 002b:00007fbf14bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 603.838773][T14646] RAX: ffffffffffffffda RBX: 00007fbf16c15fa0 RCX: 00007fbf1699ce59 [ 603.838784][T14646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 603.838794][T14646] RBP: 00007fbf16a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 603.838804][T14646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 603.838814][T14646] R13: 00007fbf16c16038 R14: 00007fbf16c15fa0 R15: 00007ffef95361b8 [ 603.838835][T14646] [ 604.739572][T14654] vhci_hcd vhci_hcd.2: invalid port number 111 [ 604.814176][T14654] vhci_hcd vhci_hcd.2: default hub control req: a356 va1b7 i006f l230 [ 606.526069][T14681] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2755'. [ 607.150228][T14692] vhci_hcd vhci_hcd.2: invalid port number 111 [ 607.188440][T14692] vhci_hcd vhci_hcd.2: default hub control req: a356 va1b7 i006f l230 [ 608.461569][T14707] netlink: 202 bytes leftover after parsing attributes in process `syz.3.2763'. [ 608.485362][T14709] FAULT_INJECTION: forcing a failure. [ 608.485362][T14709] name failslab, interval 1, probability 0, space 0, times 0 [ 608.562225][T14709] CPU: 0 UID: 0 PID: 14709 Comm: syz.2.2762 Tainted: G L syzkaller #0 PREEMPT(full) [ 608.562254][T14709] Tainted: [L]=SOFTLOCKUP [ 608.562259][T14709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 608.562269][T14709] Call Trace: [ 608.562275][T14709] [ 608.562281][T14709] dump_stack_lvl+0x100/0x190 [ 608.562306][T14709] should_fail_ex.cold+0x5/0xa [ 608.562328][T14709] should_failslab+0xc2/0x120 [ 608.562346][T14709] __kmalloc_cache_noprof+0x7a/0x6f0 [ 608.562367][T14709] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 608.562392][T14709] ? kfree+0x223/0x6c0 [ 608.562414][T14709] snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 608.562440][T14709] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 608.562467][T14709] ? calc_src_frames.isra.0+0x17c/0x1c0 [ 608.562486][T14709] snd_pcm_oss_change_params_locked+0x193a/0x39f0 [ 608.562518][T14709] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 608.562541][T14709] ? __pfx___mutex_lock+0x10/0x10 [ 608.562570][T14709] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 608.562596][T14709] snd_pcm_oss_ioctl+0x1c84/0x37c0 [ 608.562612][T14709] ? __fget_files+0x215/0x3d0 [ 608.562629][T14709] ? hook_file_ioctl_common+0x149/0x410 [ 608.562647][T14709] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 608.562673][T14709] ? __fget_files+0x21f/0x3d0 [ 608.562693][T14709] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 608.562716][T14709] __x64_sys_ioctl+0x18e/0x210 [ 608.562733][T14709] do_syscall_64+0x10b/0xf80 [ 608.562755][T14709] ? clear_bhb_loop+0x40/0x90 [ 608.562773][T14709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.562788][T14709] RIP: 0033:0x7ff668d9ce59 [ 608.562802][T14709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 608.562816][T14709] RSP: 002b:00007ff669d39028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 608.562831][T14709] RAX: ffffffffffffffda RBX: 00007ff669015fa0 RCX: 00007ff668d9ce59 [ 608.562841][T14709] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 608.562850][T14709] RBP: 00007ff668e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 608.562859][T14709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 608.562867][T14709] R13: 00007ff669016038 R14: 00007ff669015fa0 R15: 00007fff6836d8a8 [ 608.562886][T14709] [ 611.782131][T14731] netlink: 246 bytes leftover after parsing attributes in process `syz.2.2772'. [ 613.229173][T14753] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2777'. [ 613.270986][T14753] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 613.342254][T14753] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 616.274295][T14785] netlink: 154 bytes leftover after parsing attributes in process `syz.4.2786'. [ 622.523753][T14837] FAULT_INJECTION: forcing a failure. [ 622.523753][T14837] name failslab, interval 1, probability 0, space 0, times 0 [ 622.586870][T14837] CPU: 0 UID: 0 PID: 14837 Comm: syz.4.2804 Tainted: G L syzkaller #0 PREEMPT(full) [ 622.586899][T14837] Tainted: [L]=SOFTLOCKUP [ 622.586904][T14837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 622.586913][T14837] Call Trace: [ 622.586919][T14837] [ 622.586926][T14837] dump_stack_lvl+0x100/0x190 [ 622.586947][T14837] should_fail_ex.cold+0x5/0xa [ 622.586967][T14837] ? tracepoint_add_func+0x3a8/0x1150 [ 622.586991][T14837] should_failslab+0xc2/0x120 [ 622.587008][T14837] __kmalloc_noprof+0xe0/0x850 [ 622.587026][T14837] ? __pfx_trace_event_raw_event_nfsd_file_insert_err+0x10/0x10 [ 622.587047][T14837] tracepoint_add_func+0x3a8/0x1150 [ 622.587067][T14837] ? __pfx_trace_event_raw_event_nfsd_file_insert_err+0x10/0x10 [ 622.587091][T14837] ? __pfx_trace_event_raw_event_nfsd_file_insert_err+0x10/0x10 [ 622.587111][T14837] tracepoint_probe_register+0xc4/0x110 [ 622.587134][T14837] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 622.587156][T14837] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 622.587172][T14837] ? __pfx_trace_event_raw_event_nfsd_file_insert_err+0x10/0x10 [ 622.587191][T14837] ? __pfx_probe_sched_switch+0x10/0x10 [ 622.587223][T14837] ? __lock_acquire+0x4a5/0x2630 [ 622.587243][T14837] trace_event_reg+0x209/0x350 [ 622.587268][T14837] __ftrace_event_enable_disable+0x211/0x6f0 [ 622.587294][T14837] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 622.587316][T14837] ftrace_set_clr_event+0x1b7/0x3f0 [ 622.587336][T14837] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 622.587353][T14837] ? trace_get_user+0x3ae/0xa70 [ 622.587380][T14837] ftrace_event_write+0x259/0x2c0 [ 622.587397][T14837] ? __pfx_ftrace_event_write+0x10/0x10 [ 622.587422][T14837] vfs_write+0x2aa/0x1070 [ 622.587441][T14837] ? __pfx_ftrace_event_write+0x10/0x10 [ 622.587460][T14837] ? __pfx_vfs_write+0x10/0x10 [ 622.587476][T14837] ? __fget_files+0x215/0x3d0 [ 622.587498][T14837] ? __fget_files+0x21f/0x3d0 [ 622.587521][T14837] ksys_write+0x12a/0x250 [ 622.587538][T14837] ? __pfx_ksys_write+0x10/0x10 [ 622.587557][T14837] ? rcu_is_watching+0x12/0xc0 [ 622.587577][T14837] do_syscall_64+0x10b/0xf80 [ 622.587598][T14837] ? clear_bhb_loop+0x40/0x90 [ 622.587617][T14837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.587632][T14837] RIP: 0033:0x7f115679ce59 [ 622.587647][T14837] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 622.587661][T14837] RSP: 002b:00007f11576f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 622.587676][T14837] RAX: ffffffffffffffda RBX: 00007f1156a15fa0 RCX: 00007f115679ce59 [ 622.587687][T14837] RDX: 0000000000000af0 RSI: 0000000000000000 RDI: 0000000000000007 [ 622.587696][T14837] RBP: 00007f1156832d6f R08: 0000000000000000 R09: 0000000000000000 [ 622.587706][T14837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 622.587714][T14837] R13: 00007f1156a16038 R14: 00007f1156a15fa0 R15: 00007ffd1222bc58 [ 622.587735][T14837] [ 622.587747][T14837] event trace: Could not enable event nfsd_file_insert_err [ 624.047825][ T5634] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 624.075320][ T5634] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 624.089135][ T5634] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 624.106231][ T5634] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 624.127915][ T5634] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 624.314586][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.321006][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.228810][ T5633] Bluetooth: hci5: command tx timeout [ 627.086308][T14846] bridge0: port 1(bridge_slave_0) entered blocking state [ 627.125132][T14846] bridge0: port 1(bridge_slave_0) entered disabled state [ 627.160946][T14846] bridge_slave_0: entered allmulticast mode [ 627.202316][T14846] bridge_slave_0: entered promiscuous mode [ 627.366898][T14846] bridge0: port 2(bridge_slave_1) entered blocking state [ 627.412532][T14846] bridge0: port 2(bridge_slave_1) entered disabled state [ 627.449174][T14846] bridge_slave_1: entered allmulticast mode [ 627.482844][T14846] bridge_slave_1: entered promiscuous mode [ 627.617193][T14846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 627.646696][T14846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 627.721158][T14846] team0: Port device team_slave_0 added [ 627.740762][T14846] team0: Port device team_slave_1 added [ 627.800085][T14846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 627.807366][T14846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 627.867927][T14846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 627.902180][T14846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 627.919036][T14846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 627.980636][T14846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 628.071109][T14846] hsr_slave_0: entered promiscuous mode [ 628.086603][T14846] hsr_slave_1: entered promiscuous mode [ 628.109129][T14846] debugfs: 'hsr0' already exists in 'hsr' [ 628.116465][T14846] Cannot create hsr debugfs directory [ 628.310621][ T5633] Bluetooth: hci5: command tx timeout [ 628.575539][T14846] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 628.600625][T14846] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 628.619967][T14846] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 628.643071][T14846] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 628.660880][T14846] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 628.681829][T14846] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 628.713658][T14846] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 628.735350][T14846] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 628.893528][T14846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 628.935140][T14846] 8021q: adding VLAN 0 to HW filter on device team0 [ 628.962238][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 628.969401][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 629.006498][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 629.013645][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 629.714306][T14846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 630.122551][T14846] veth0_vlan: entered promiscuous mode [ 630.181623][T14846] veth1_vlan: entered promiscuous mode [ 630.235730][T14846] veth0_macvtap: entered promiscuous mode [ 630.257527][T14846] veth1_macvtap: entered promiscuous mode [ 630.297376][T14846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 630.325639][T14846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 630.361270][ T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.384239][ T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.393320][ T5633] Bluetooth: hci5: command tx timeout [ 630.436291][ T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.470291][ T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.627969][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.659729][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.707594][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.727084][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 632.167710][T14915] Process accounting paused [ 632.468977][ T5633] Bluetooth: hci5: command tx timeout [ 634.863054][T14969] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 636.305566][T14985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2829'. [ 636.356495][T14985] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2829'. [ 640.088265][T15031] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2845'. [ 640.597645][T15041] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 641.525403][T15029] kexec: Could not allocate control_code_buffer [ 642.432046][T15079] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2863'. [ 643.074015][T15091] FAULT_INJECTION: forcing a failure. [ 643.074015][T15091] name failslab, interval 1, probability 0, space 0, times 0 [ 643.270585][T15091] CPU: 0 UID: 0 PID: 15091 Comm: syz.4.2867 Tainted: G L syzkaller #0 PREEMPT(full) [ 643.270612][T15091] Tainted: [L]=SOFTLOCKUP [ 643.270618][T15091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 643.270630][T15091] Call Trace: [ 643.270636][T15091] [ 643.270642][T15091] dump_stack_lvl+0x100/0x190 [ 643.270665][T15091] should_fail_ex.cold+0x5/0xa [ 643.270685][T15091] should_failslab+0xc2/0x120 [ 643.270704][T15091] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 643.270726][T15091] ? __kernfs_new_node+0xd2/0x9f0 [ 643.270747][T15091] __kernfs_new_node+0xd2/0x9f0 [ 643.270766][T15091] ? __pfx___kernfs_new_node+0x10/0x10 [ 643.270787][T15091] ? find_held_lock+0x2b/0x80 [ 643.270805][T15091] ? kernfs_root+0xee/0x2a0 [ 643.270820][T15091] ? kernfs_root+0xee/0x2a0 [ 643.270840][T15091] kernfs_new_node+0x11b/0x1a0 [ 643.270861][T15091] __kernfs_create_file+0x53/0x350 [ 643.270891][T15091] sysfs_add_file_mode_ns+0x207/0x3c0 [ 643.270913][T15091] sysfs_merge_group+0x194/0x340 [ 643.270932][T15091] ? __pfx_sysfs_merge_group+0x10/0x10 [ 643.270949][T15091] ? bus_add_device+0x368/0x6b0 [ 643.270967][T15091] ? __pfx_bus_add_device+0x10/0x10 [ 643.270982][T15091] ? __pfx_dev_add_physical_location+0x10/0x10 [ 643.271090][T15091] dpm_sysfs_add+0x237/0x280 [ 643.271134][T15091] device_add+0x9ef/0x1950 [ 643.271157][T15091] ? __pfx_device_add+0x10/0x10 [ 643.271176][T15091] ? lockdep_init_map_type+0x5c/0x250 [ 643.271192][T15091] ? __init_waitqueue_head+0xca/0x150 [ 643.271216][T15091] rfkill_register+0x1ad/0xb30 [ 643.271239][T15091] nfc_register_device+0x11f/0x3e0 [ 643.271264][T15091] nci_register_device+0x7f1/0xb80 [ 643.271285][T15091] ? __pfx_nci_register_device+0x10/0x10 [ 643.271308][T15091] ? lockdep_init_map_type+0x5c/0x250 [ 643.271326][T15091] virtual_ncidev_open+0x141/0x220 [ 643.271351][T15091] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 643.271373][T15091] misc_open+0x26d/0x450 [ 643.271393][T15091] ? __pfx_misc_open+0x10/0x10 [ 643.271411][T15091] chrdev_open+0x234/0x6a0 [ 643.271429][T15091] ? __pfx_apparmor_file_open+0x10/0x10 [ 643.271444][T15091] ? __pfx_chrdev_open+0x10/0x10 [ 643.271464][T15091] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 643.271487][T15091] do_dentry_open+0x6d8/0x1660 [ 643.271505][T15091] ? __pfx_chrdev_open+0x10/0x10 [ 643.271528][T15091] vfs_open+0x82/0x3f0 [ 643.271552][T15091] path_openat+0x208c/0x31a0 [ 643.271576][T15091] ? __pfx_path_openat+0x10/0x10 [ 643.271602][T15091] do_file_open+0x20e/0x430 [ 643.271621][T15091] ? __pfx_do_file_open+0x10/0x10 [ 643.271654][T15091] ? alloc_fd+0x476/0x790 [ 643.271673][T15091] ? do_getname+0x191/0x390 [ 643.271696][T15091] do_sys_openat2+0x10d/0x1e0 [ 643.271718][T15091] ? __pfx_do_sys_openat2+0x10/0x10 [ 643.271741][T15091] ? __fget_files+0x21f/0x3d0 [ 643.271762][T15091] __x64_sys_openat+0x12d/0x210 [ 643.271785][T15091] ? __pfx___x64_sys_openat+0x10/0x10 [ 643.271810][T15091] ? rcu_is_watching+0x12/0xc0 [ 643.271830][T15091] do_syscall_64+0x10b/0xf80 [ 643.271852][T15091] ? clear_bhb_loop+0x40/0x90 [ 643.271870][T15091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.271893][T15091] RIP: 0033:0x7f115679ce59 [ 643.271909][T15091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 643.271924][T15091] RSP: 002b:00007f11576b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 643.271940][T15091] RAX: ffffffffffffffda RBX: 00007f1156a16180 RCX: 00007f115679ce59 [ 643.271950][T15091] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 643.271960][T15091] RBP: 00007f1156832d6f R08: 0000000000000000 R09: 0000000000000000 [ 643.271969][T15091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 643.271978][T15091] R13: 00007f1156a16218 R14: 00007f1156a16180 R15: 00007ffd1222bc58 [ 643.271999][T15091] [ 644.616875][T15109] netlink: 318 bytes leftover after parsing attributes in process `syz.3.2879'. [ 645.795104][T15119] FAULT_INJECTION: forcing a failure. [ 645.795104][T15119] name failslab, interval 1, probability 0, space 0, times 0 [ 645.871267][T15119] CPU: 0 UID: 0 PID: 15119 Comm: syz.5.2873 Tainted: G L syzkaller #0 PREEMPT(full) [ 645.871296][T15119] Tainted: [L]=SOFTLOCKUP [ 645.871302][T15119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 645.871311][T15119] Call Trace: [ 645.871317][T15119] [ 645.871323][T15119] dump_stack_lvl+0x100/0x190 [ 645.871347][T15119] should_fail_ex.cold+0x5/0xa [ 645.871367][T15119] should_failslab+0xc2/0x120 [ 645.871384][T15119] __kmalloc_cache_noprof+0x7a/0x6f0 [ 645.871405][T15119] ? vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 645.871429][T15119] vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 645.871448][T15119] vidtv_mux_create_pid_ctx_once+0xe6/0x140 [ 645.871466][T15119] vidtv_mux_init+0x760/0xbf0 [ 645.871484][T15119] vidtv_start_feed+0x34e/0x500 [ 645.871505][T15119] ? __pfx_vidtv_start_feed+0x10/0x10 [ 645.871524][T15119] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 645.871553][T15119] dmx_section_feed_start_filtering+0x3a8/0x660 [ 645.871582][T15119] dvb_dmxdev_filter_start+0x767/0xdd0 [ 645.871606][T15119] dvb_demux_do_ioctl+0xe64/0x1200 [ 645.871630][T15119] dvb_usercopy+0x167/0x340 [ 645.871645][T15119] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 645.871664][T15119] ? __pfx_dvb_usercopy+0x10/0x10 [ 645.871687][T15119] ? __fget_files+0x21f/0x3d0 [ 645.871709][T15119] dvb_demux_ioctl+0x29/0x40 [ 645.871724][T15119] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 645.871741][T15119] __x64_sys_ioctl+0x18e/0x210 [ 645.871758][T15119] do_syscall_64+0x10b/0xf80 [ 645.871781][T15119] ? clear_bhb_loop+0x40/0x90 [ 645.871800][T15119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.871816][T15119] RIP: 0033:0x7f504839ce59 [ 645.871829][T15119] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 645.871845][T15119] RSP: 002b:00007f50491b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 645.871860][T15119] RAX: ffffffffffffffda RBX: 00007f5048615fa0 RCX: 00007f504839ce59 [ 645.871870][T15119] RDX: 0000000000000000 RSI: 00000000403c6f2b RDI: 0000000000000005 [ 645.871878][T15119] RBP: 00007f5048432d6f R08: 0000000000000000 R09: 0000000000000000 [ 645.871887][T15119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 645.871896][T15119] R13: 00007f5048616038 R14: 00007f5048615fa0 R15: 00007fffd0e3d9a8 [ 645.871916][T15119] [ 646.701369][T15129] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2887'. [ 647.022892][T15134] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2890'. [ 647.063172][T15136] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2880'. [ 647.373879][T15145] netlink: 252 bytes leftover after parsing attributes in process `syz.5.2884'. [ 647.435192][T15146] netlink: 252 bytes leftover after parsing attributes in process `syz.5.2884'. [ 647.747127][ T5633] Bluetooth: hci4: unexpected subevent 0x18 length: 0 < 19 [ 647.834744][T15158] futex_wake_op: syz.5.2888 tries to shift op by -2048; fix this program [ 648.046649][T15153] 0x000000000001-0x000000020000 : "" [ 648.066568][T15153] ftl_cs: FTL header corrupt! [ 654.062614][T15217] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2902'. [ 656.362598][T15251] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2912'. [ 659.956070][T15289] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2923'. [ 662.363153][T15301] Process accounting resumed [ 663.647867][T15328] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2934'. [ 663.853248][T15329] nvme_fabrics: missing parameter 'transport=%s' [ 663.864300][T15336] futex_wake_op: syz.4.2933 tries to shift op by -2048; fix this program [ 663.936825][T15329] nvme_fabrics: missing parameter 'nqn=%s' [ 664.077477][T15332] 0x000000000001-0x000000020000 : "" [ 664.126490][T15332] ftl_cs: FTL header corrupt! [ 670.124723][T15396] nvme_fabrics: missing parameter 'transport=%s' [ 670.208243][T15396] nvme_fabrics: missing parameter 'nqn=%s' [ 681.371541][T15538] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 682.426279][T15552] random: crng reseeded on system resumption [ 685.752685][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.759214][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.203715][T15669] random: crng reseeded on system resumption [ 692.904020][T15531] Process accounting paused [ 700.532731][T15746] netlink: 'syz.2.3033': attribute type 1 has an invalid length. [ 700.574833][T15746] netlink: 13 bytes leftover after parsing attributes in process `syz.2.3033'. [ 700.631480][T15746] netlink: 'syz.2.3033': attribute type 1 has an invalid length. [ 701.245936][T15752] netlink: 'syz.2.3036': attribute type 10 has an invalid length. [ 701.304009][T15752] netlink: 230 bytes leftover after parsing attributes in process `syz.2.3036'. [ 701.562414][T15757] netlink: 'syz.5.3037': attribute type 28 has an invalid length. [ 701.631335][T15757] netlink: 'syz.5.3037': attribute type 3 has an invalid length. [ 701.660120][T15757] netlink: 306 bytes leftover after parsing attributes in process `syz.5.3037'. [ 702.805631][T15780] vcan0: tx drop: invalid da for name 0x000000000000003f [ 702.945016][ T5633] block nbd1: Receive control failed (result -32) [ 703.511578][T15794] random: crng reseeded on system resumption [ 704.552495][T15804] FAULT_INJECTION: forcing a failure. [ 704.552495][T15804] name failslab, interval 1, probability 0, space 0, times 0 [ 704.634598][T15804] CPU: 0 UID: 0 PID: 15804 Comm: syz.5.3047 Tainted: G L syzkaller #0 PREEMPT(full) [ 704.634625][T15804] Tainted: [L]=SOFTLOCKUP [ 704.634631][T15804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 704.634641][T15804] Call Trace: [ 704.634648][T15804] [ 704.634654][T15804] dump_stack_lvl+0x100/0x190 [ 704.634678][T15804] should_fail_ex.cold+0x5/0xa [ 704.634699][T15804] should_failslab+0xc2/0x120 [ 704.634718][T15804] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 704.634741][T15804] ? security_inode_alloc+0x3b/0x2c0 [ 704.634769][T15804] ? lockdep_init_map_type+0x5c/0x250 [ 704.634789][T15804] security_inode_alloc+0x3b/0x2c0 [ 704.634805][T15804] inode_init_always_gfp+0xcc0/0x1000 [ 704.634828][T15804] alloc_inode+0x8e/0x250 [ 704.634851][T15804] sock_alloc+0x44/0x280 [ 704.634871][T15804] ? security_socket_create+0x7f/0x250 [ 704.634967][T15804] sock_create_lite+0x82/0x120 [ 704.634988][T15804] __netlink_kernel_create+0xbd/0x750 [ 704.635014][T15804] ? __pfx___netlink_kernel_create+0x10/0x10 [ 704.635039][T15804] ? __pfx_genl_pernet_init+0x10/0x10 [ 704.635053][T15804] genl_pernet_init+0xbd/0x160 [ 704.635068][T15804] ? __pfx_genl_pernet_init+0x10/0x10 [ 704.635081][T15804] ? lockdep_init_map_type+0x5c/0x250 [ 704.635096][T15804] ? __pfx_genl_rcv+0x10/0x10 [ 704.635107][T15804] ? __pfx_genl_bind+0x10/0x10 [ 704.635128][T15804] ? __pfx_genl_unbind+0x10/0x10 [ 704.635148][T15804] ? __pfx_genl_release+0x10/0x10 [ 704.635161][T15804] ? mutex_init_lockdep+0xf1/0x120 [ 704.635179][T15804] ops_init+0x1e2/0x5f0 [ 704.635200][T15804] setup_net+0x118/0x3a0 [ 704.635218][T15804] ? __pfx_setup_net+0x10/0x10 [ 704.635236][T15804] ? mutex_init_lockdep+0xf1/0x120 [ 704.635255][T15804] copy_net_ns+0x46f/0x7c0 [ 704.635276][T15804] create_new_namespaces+0x3ea/0xac0 [ 704.635301][T15804] unshare_nsproxy_namespaces+0xf2/0x220 [ 704.635322][T15804] ksys_unshare+0x438/0xab0 [ 704.635345][T15804] ? __pfx_ksys_unshare+0x10/0x10 [ 704.635365][T15804] ? xfd_validate_state+0x129/0x190 [ 704.635381][T15804] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 704.635403][T15804] __x64_sys_unshare+0x31/0x40 [ 704.635424][T15804] do_syscall_64+0x10b/0xf80 [ 704.635448][T15804] ? clear_bhb_loop+0x40/0x90 [ 704.635467][T15804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 704.635482][T15804] RIP: 0033:0x7f504839ce59 [ 704.635496][T15804] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 704.635511][T15804] RSP: 002b:00007f50491b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 704.635526][T15804] RAX: ffffffffffffffda RBX: 00007f5048615fa0 RCX: 00007f504839ce59 [ 704.635537][T15804] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 704.635553][T15804] RBP: 00007f5048432d6f R08: 0000000000000000 R09: 0000000000000000 [ 704.635562][T15804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 704.635572][T15804] R13: 00007f5048616038 R14: 00007f5048615fa0 R15: 00007fffd0e3d9a8 [ 704.635591][T15804] [ 705.999897][T15810] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 708.318934][T15821] Bluetooth: hci4: command 0x0406 tx timeout [ 712.739359][T15821] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 712.755265][T15821] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 712.765610][T15821] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 712.774860][T15821] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 712.785439][T15821] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 714.172587][T15874] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3063'. [ 714.278891][T15874] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 714.351901][T15874] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 714.521925][T15850] bridge0: port 1(bridge_slave_0) entered blocking state [ 714.558203][T15850] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.597155][T15850] bridge_slave_0: entered allmulticast mode [ 714.637638][T15850] bridge_slave_0: entered promiscuous mode [ 714.708348][T15850] bridge0: port 2(bridge_slave_1) entered blocking state [ 714.744597][T15850] bridge0: port 2(bridge_slave_1) entered disabled state [ 714.777001][T15850] bridge_slave_1: entered allmulticast mode [ 714.822198][T15850] bridge_slave_1: entered promiscuous mode [ 714.869194][T15821] Bluetooth: hci6: command tx timeout [ 715.040130][T15850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 715.099486][T15850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 715.356475][T15850] team0: Port device team_slave_0 added [ 715.390570][T15850] team0: Port device team_slave_1 added [ 715.485152][T15850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 715.523192][T15850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 715.651690][T15850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 715.706231][T15850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 715.738090][T15850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 715.869539][T15850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 716.094678][T15850] hsr_slave_0: entered promiscuous mode [ 716.159735][T15850] hsr_slave_1: entered promiscuous mode [ 716.199112][T15850] debugfs: 'hsr0' already exists in 'hsr' [ 716.234944][T15850] Cannot create hsr debugfs directory [ 716.941071][T15903] FAULT_INJECTION: forcing a failure. [ 716.941071][T15903] name failslab, interval 1, probability 0, space 0, times 0 [ 716.963368][T15821] Bluetooth: hci6: command tx timeout [ 717.037024][T15903] CPU: 0 UID: 0 PID: 15903 Comm: syz.2.3078 Tainted: G L syzkaller #0 PREEMPT(full) [ 717.037062][T15903] Tainted: [L]=SOFTLOCKUP [ 717.037067][T15903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 717.037077][T15903] Call Trace: [ 717.037083][T15903] [ 717.037090][T15903] dump_stack_lvl+0x100/0x190 [ 717.037113][T15903] should_fail_ex.cold+0x5/0xa [ 717.037134][T15903] ? drm_atomic_state_init+0xf4/0x490 [ 717.037158][T15903] should_failslab+0xc2/0x120 [ 717.037177][T15903] __kmalloc_noprof+0xe0/0x850 [ 717.037195][T15903] drm_atomic_state_init+0xf4/0x490 [ 717.037216][T15903] ? kasan_save_track+0x14/0x30 [ 717.037233][T15903] drm_atomic_state_alloc+0xd3/0x120 [ 717.037256][T15903] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 717.037274][T15903] ? rcu_is_watching+0x12/0xc0 [ 717.037292][T15903] ? trace_contention_end+0x122/0x170 [ 717.037310][T15903] ? __mutex_lock+0x26d/0x1b10 [ 717.037327][T15903] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 717.037344][T15903] ? drm_master_internal_acquire+0x21/0x80 [ 717.037385][T15903] drm_client_modeset_commit_locked+0x14d/0x580 [ 717.037404][T15903] drm_client_modeset_commit+0x4f/0x80 [ 717.037421][T15903] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 717.037450][T15903] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 717.037476][T15903] drm_fbdev_client_restore+0x1b/0x30 [ 717.037495][T15903] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 717.037515][T15903] drm_client_dev_restore+0x205/0x2a0 [ 717.037535][T15903] drm_release+0x2c6/0x360 [ 717.037558][T15903] ? __pfx_drm_release+0x10/0x10 [ 717.037581][T15903] __fput+0x3ff/0xb50 [ 717.037607][T15903] task_work_run+0x150/0x240 [ 717.037623][T15903] ? __pfx_task_work_run+0x10/0x10 [ 717.037640][T15903] ? rcu_is_watching+0x12/0xc0 [ 717.037660][T15903] exit_to_user_mode_loop+0x107/0x4f0 [ 717.037675][T15903] ? rcu_is_watching+0x12/0xc0 [ 717.037695][T15903] do_syscall_64+0x6f2/0xf80 [ 717.037718][T15903] ? clear_bhb_loop+0x40/0x90 [ 717.037736][T15903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.037751][T15903] RIP: 0033:0x7ff668d9ce59 [ 717.037765][T15903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 717.037780][T15903] RSP: 002b:00007ff669d39028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 717.037795][T15903] RAX: 0000000000000000 RBX: 00007ff669015fa0 RCX: 00007ff668d9ce59 [ 717.037805][T15903] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 717.037814][T15903] RBP: 00007ff668e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 717.037823][T15903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 717.037833][T15903] R13: 00007ff669016038 R14: 00007ff669015fa0 R15: 00007fff6836d8a8 [ 717.037854][T15903] [ 718.177671][T15850] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 718.306632][T15850] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 718.341804][T15850] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 718.382588][T15850] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 718.428548][T15850] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 718.463073][T15850] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 718.509313][T15850] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 718.546465][T15850] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 718.887769][T15850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 718.950639][T15850] 8021q: adding VLAN 0 to HW filter on device team0 [ 718.985981][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 718.993358][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 719.033425][T15821] Bluetooth: hci6: command tx timeout [ 719.053737][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 719.060922][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 720.131699][T15850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 720.594851][T15850] veth0_vlan: entered promiscuous mode [ 720.622481][T15850] veth1_vlan: entered promiscuous mode [ 720.684564][T15850] veth0_macvtap: entered promiscuous mode [ 720.706763][T15850] veth1_macvtap: entered promiscuous mode [ 720.750891][T15850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 720.785235][T15850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 720.827788][ T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 720.853325][ T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 720.887691][ T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 720.909111][ T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.110877][T15821] Bluetooth: hci6: command tx timeout [ 721.132160][ T1350] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 721.157004][ T1350] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 721.228934][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 721.243652][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 723.141696][T15950] Process accounting resumed [ 725.266179][T15984] FAULT_INJECTION: forcing a failure. [ 725.266179][T15984] name failslab, interval 1, probability 0, space 0, times 0 [ 725.347000][T15984] CPU: 0 UID: 0 PID: 15984 Comm: syz.5.3084 Tainted: G L syzkaller #0 PREEMPT(full) [ 725.347028][T15984] Tainted: [L]=SOFTLOCKUP [ 725.347033][T15984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 725.347042][T15984] Call Trace: [ 725.347048][T15984] [ 725.347054][T15984] dump_stack_lvl+0x100/0x190 [ 725.347075][T15984] should_fail_ex.cold+0x5/0xa [ 725.347095][T15984] should_failslab+0xc2/0x120 [ 725.347116][T15984] __kvmalloc_node_noprof+0xfa/0xa00 [ 725.347133][T15984] ? __do_sys_setgroups+0x126/0x4f0 [ 725.347152][T15984] __do_sys_setgroups+0x126/0x4f0 [ 725.347167][T15984] ? 0xffffffffff600000 [ 725.347181][T15984] do_syscall_64+0x10b/0xf80 [ 725.347203][T15984] ? clear_bhb_loop+0x40/0x90 [ 725.347221][T15984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.347236][T15984] RIP: 0033:0x7f504839ce59 [ 725.347255][T15984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 725.347270][T15984] RSP: 002b:00007f5049192028 EFLAGS: 00000246 ORIG_RAX: 0000000000000074 [ 725.347285][T15984] RAX: ffffffffffffffda RBX: 00007f5048616090 RCX: 00007f504839ce59 [ 725.347296][T15984] RDX: 0000000000000000 RSI: ffffffffff600000 RDI: 0000000000000005 [ 725.347305][T15984] RBP: 00007f5048432d6f R08: 0000000000000000 R09: 0000000000000000 [ 725.347314][T15984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 725.347323][T15984] R13: 00007f5048616128 R14: 00007f5048616090 R15: 00007fffd0e3d9a8 [ 725.347338][T15984] ? 0xffffffffff600000 [ 725.347353][T15984] [ 726.320001][T15997] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 726.787202][T15998] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 726.861812][T16003] smpboot: CPU 1 is now offline [ 730.219011][T16042] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3098'. [ 730.283784][T16042] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 730.563201][T16042] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 731.276212][T16053] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 732.704575][T16070] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 732.761425][T16077] smpboot: CPU 1 is now offline [ 734.216679][T16102] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3114'. [ 741.274306][T16166] FAULT_INJECTION: forcing a failure. [ 741.274306][T16166] name failslab, interval 1, probability 0, space 0, times 0 [ 741.321246][T16166] CPU: 0 UID: 0 PID: 16166 Comm: syz.6.3130 Tainted: G L syzkaller #0 PREEMPT(full) [ 741.321273][T16166] Tainted: [L]=SOFTLOCKUP [ 741.321278][T16166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 741.321288][T16166] Call Trace: [ 741.321293][T16166] [ 741.321300][T16166] dump_stack_lvl+0x100/0x190 [ 741.321323][T16166] should_fail_ex.cold+0x5/0xa [ 741.321344][T16166] should_failslab+0xc2/0x120 [ 741.321363][T16166] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 741.321387][T16166] ? anon_vma_clone+0x2ba/0xcd0 [ 741.321410][T16166] anon_vma_clone+0x2ba/0xcd0 [ 741.321435][T16166] __split_vma+0x51f/0xd90 [ 741.321459][T16166] ? __pfx___split_vma+0x10/0x10 [ 741.321491][T16166] vma_modify+0x12ad/0x25c0 [ 741.321519][T16166] ? __pfx_vma_modify+0x10/0x10 [ 741.321552][T16166] vma_modify_policy+0x238/0x300 [ 741.321576][T16166] ? __pfx_vma_modify_policy+0x10/0x10 [ 741.321598][T16166] ? find_held_lock+0x2b/0x80 [ 741.321631][T16166] mbind_range+0x175/0x550 [ 741.321654][T16166] do_mbind+0x7dc/0xfd0 [ 741.321678][T16166] ? __pfx_do_mbind+0x10/0x10 [ 741.321698][T16166] ? ksys_write+0x190/0x250 [ 741.321723][T16166] ? __pfx_get_nodes+0x10/0x10 [ 741.321743][T16166] kernel_mbind+0x1b7/0x200 [ 741.321774][T16166] ? __pfx_kernel_mbind+0x10/0x10 [ 741.321797][T16166] ? rcu_is_watching+0x12/0xc0 [ 741.321817][T16166] do_syscall_64+0x10b/0xf80 [ 741.321840][T16166] ? clear_bhb_loop+0x40/0x90 [ 741.321858][T16166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.321873][T16166] RIP: 0033:0x7f4abb19ce59 [ 741.321887][T16166] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 741.321902][T16166] RSP: 002b:00007f4abc0a4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 741.321917][T16166] RAX: ffffffffffffffda RBX: 00007f4abb415fa0 RCX: 00007f4abb19ce59 [ 741.321927][T16166] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 741.321936][T16166] RBP: 00007f4abb232d6f R08: 0000000000000006 R09: 0000000000000002 [ 741.321945][T16166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 741.321955][T16166] R13: 00007f4abb416038 R14: 00007f4abb415fa0 R15: 00007ffd3425c2a8 [ 741.321975][T16166] [ 742.143266][T16172] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 742.216801][T16173] smpboot: CPU 1 is now offline [ 744.398005][T16193] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3136'. [ 744.433406][T16193] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3136'. [ 747.203007][ T1313] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.214484][ T1313] ieee802154 phy1 wpan1: encryption failed: -22 [ 749.276731][T15821] Bluetooth: hci5: command 0x0406 tx timeout [ 749.563809][T15821] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 749.580912][T15821] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 749.592388][T15821] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 749.605164][T15821] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 749.616573][T15821] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 751.116074][T16215] bridge0: port 1(bridge_slave_0) entered blocking state [ 751.131912][T16215] bridge0: port 1(bridge_slave_0) entered disabled state [ 751.148746][T16215] bridge_slave_0: entered allmulticast mode [ 751.163692][T16215] bridge_slave_0: entered promiscuous mode [ 751.184278][T16215] bridge0: port 2(bridge_slave_1) entered blocking state [ 751.211003][T16215] bridge0: port 2(bridge_slave_1) entered disabled state [ 751.220319][T16215] bridge_slave_1: entered allmulticast mode [ 751.240162][T16215] bridge_slave_1: entered promiscuous mode [ 751.310676][T16215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 751.335927][T16215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 751.411940][T16215] team0: Port device team_slave_0 added [ 751.430523][T16215] team0: Port device team_slave_1 added [ 751.482949][T16215] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 751.501424][T16215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 751.563588][T16215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 751.593131][T16215] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 751.611328][T16215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 751.673163][T15821] Bluetooth: hci7: command tx timeout [ 751.680860][T16215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 751.780475][T16215] hsr_slave_0: entered promiscuous mode [ 751.799398][T16215] hsr_slave_1: entered promiscuous mode [ 751.810453][T16215] debugfs: 'hsr0' already exists in 'hsr' [ 751.830867][T16215] Cannot create hsr debugfs directory [ 752.287608][T16215] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 752.367873][T14178] NFSD: Failed to start, no listeners configured. [ 752.376200][T16215] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 752.395750][T16215] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 752.454519][T16215] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 752.483145][T16215] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 752.524515][T16215] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 752.550721][T16215] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 752.568318][T16215] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 752.741486][T16215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 752.777071][T16215] 8021q: adding VLAN 0 to HW filter on device team0 [ 752.805019][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 752.812219][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 752.859824][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 752.867039][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 753.660289][ T5633] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 753.679514][ T5633] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 753.689095][ T5633] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 753.709997][ T5633] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 753.717875][ T5633] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 753.750828][T15821] Bluetooth: hci7: command tx timeout [ 754.480297][T16215] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 755.046233][T16250] Process accounting paused [ 755.814576][T16215] veth0_vlan: entered promiscuous mode [ 755.832298][T15821] Bluetooth: hci7: command tx timeout [ 755.840551][ T5633] Bluetooth: hci8: command tx timeout [ 755.898312][T16215] veth1_vlan: entered promiscuous mode [ 756.176599][T16215] veth0_macvtap: entered promiscuous mode [ 756.259713][T16215] veth1_macvtap: entered promiscuous mode [ 756.397438][T16263] bridge0: port 1(bridge_slave_0) entered blocking state [ 756.436623][T16263] bridge0: port 1(bridge_slave_0) entered disabled state [ 756.484448][T16263] bridge_slave_0: entered allmulticast mode [ 756.525595][T16263] bridge_slave_0: entered promiscuous mode [ 756.566823][T16215] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 756.611334][T16263] bridge0: port 2(bridge_slave_1) entered blocking state [ 756.636808][T16263] bridge0: port 2(bridge_slave_1) entered disabled state [ 756.663189][T16263] bridge_slave_1: entered allmulticast mode [ 756.697038][T16263] bridge_slave_1: entered promiscuous mode [ 756.830779][T16215] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 756.880820][T16263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 756.946769][T16263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 756.989768][T16314] netlink: 62 bytes leftover after parsing attributes in process `syz.2.3158'. [ 757.151230][ T289] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.188718][ T289] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.216306][T16263] team0: Port device team_slave_0 added [ 757.249436][ T289] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.271497][T16318] netlink: 206 bytes leftover after parsing attributes in process `syz.2.3159'. [ 757.284018][ T289] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.310574][T16263] team0: Port device team_slave_1 added [ 757.486717][T16263] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 757.516728][T16263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 757.585147][T16263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 757.673059][T16263] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 757.721782][T16263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 757.794902][T16263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 757.909784][ T5633] Bluetooth: hci8: command tx timeout [ 757.915285][T15821] Bluetooth: hci7: command tx timeout [ 758.303669][T16322] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 758.326204][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 758.381187][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 758.461430][T16263] hsr_slave_0: entered promiscuous mode [ 758.507106][T16263] hsr_slave_1: entered promiscuous mode [ 758.534521][T16263] debugfs: 'hsr0' already exists in 'hsr' [ 758.570009][T16263] Cannot create hsr debugfs directory [ 758.794871][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 758.844640][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 759.045834][T16333] random: crng reseeded on system resumption [ 759.990994][T15821] Bluetooth: hci8: command tx timeout [ 760.345266][T16343] zswap: compressor not available [ 760.894616][T16263] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 760.967301][T16263] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 761.005503][T16263] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 761.097143][T16263] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 761.145417][T16263] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 761.195136][T16263] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 761.236305][T16263] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 761.291395][T16263] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 761.524012][T16373] ubi: mtd0 is already attached to ubi0 [ 762.068667][T15821] Bluetooth: hci8: command tx timeout [ 762.468320][T16263] 8021q: adding VLAN 0 to HW filter on device bond0 [ 762.771769][T16263] 8021q: adding VLAN 0 to HW filter on device team0 [ 763.256733][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 763.264161][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 763.635868][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 763.643097][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 766.097911][T16263] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 766.267655][T16430] netlink: 'syz.2.3185': attribute type 1 has an invalid length. [ 766.267680][T16430] netlink: 13 bytes leftover after parsing attributes in process `syz.2.3185'. [ 767.233343][T16263] veth0_vlan: entered promiscuous mode [ 767.288250][T16263] veth1_vlan: entered promiscuous mode [ 767.381120][T16263] veth0_macvtap: entered promiscuous mode [ 767.420118][T16263] veth1_macvtap: entered promiscuous mode [ 767.483733][T16263] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 767.520348][T16263] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 767.582370][ T58] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 767.613878][ T58] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 767.653297][ T58] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 767.688674][ T58] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.023955][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 768.062003][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 768.147990][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 768.186066][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 770.132318][T16472] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 770.328005][T16470] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 770.377939][T16470] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 770.876760][T16470] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 770.911550][T16470] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 770.982634][T16470] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 771.011494][T16470] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 771.055055][T16470] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 772.388792][T15821] Bluetooth: hci0: command 0x0406 tx timeout [ 772.598204][T16470] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 772.622759][T16470] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 772.948937][T15821] Bluetooth: hci2: command 0x0406 tx timeout [ 772.956175][ T5633] Bluetooth: hci1: command 0x0406 tx timeout [ 772.977365][T16470] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 773.032510][ T5633] Bluetooth: hci4: command 0x0406 tx timeout [ 773.040287][T15821] Bluetooth: hci3: command 0x0406 tx timeout [ 773.062763][T16470] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 773.109449][T16470] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 773.154281][T16470] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 773.184167][T16470] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 773.301128][T16470] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 773.374012][T16470] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 773.410301][T16470] Bluetooth: hci8: Opcode 0x0406 failed: -4 [ 773.532269][T16470] Bluetooth: hci8: Opcode 0x0406 failed: -4 [ 774.302804][T16502] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3204'. [ 774.427368][T16504] netlink: 'syz.2.3204': attribute type 1 has an invalid length. [ 774.468766][ T5633] Bluetooth: hci0: command 0x0406 tx timeout [ 774.545053][T16504] netlink: 13 bytes leftover after parsing attributes in process `syz.2.3204'. [ 774.629680][ T5633] Bluetooth: hci5: command 0x0406 tx timeout [ 775.028749][ T5633] Bluetooth: hci6: command 0x0c1a tx timeout [ 775.110390][ T5633] Bluetooth: hci4: command 0x0406 tx timeout [ 775.188872][ T5633] Bluetooth: hci7: command 0x0c1a tx timeout [ 775.428833][ T5633] Bluetooth: hci8: command 0x0c1a tx timeout [ 776.274204][ T5633] Bluetooth: hci7: unexpected event 0x1c length: 725 > 5 [ 776.710771][ T5633] Bluetooth: hci5: command 0x0406 tx timeout [ 777.108595][ T5633] Bluetooth: hci6: command 0x0c1a tx timeout [ 777.271514][ T5633] Bluetooth: hci7: command 0x0c1a tx timeout [ 777.508877][ T5633] Bluetooth: hci8: command 0x0c1a tx timeout [ 778.336929][T16554] netlink: 25 bytes leftover after parsing attributes in process `syz.6.3216'. [ 779.196162][ T5633] Bluetooth: hci6: command 0x0c1a tx timeout [ 779.348682][ T5633] Bluetooth: hci7: command 0x0c1a tx timeout [ 779.589382][ T5633] Bluetooth: hci8: command 0x0c1a tx timeout [ 782.277388][T16590] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[16215] was attempted by "A\x0a&jA2qߓ,88GQk 3HEƉ[Z]Jkh Ƚ9Z\x1b-9\x07ka 0e(ܓPs\x1b#BZY^1ӽ.|A\x22ĕ0KKoYS!\x22.mgxn\x0b}D8/pټ+g*kגqm:XHu f\x0aDJY5DC*kQ\x0b0p.̪^#ә,\x5c\x0ajt\x0a~ٌ\x09QDbbj\x0b}<\x09v١7*b'^j/=SX;ؗIIC2cƩx=F4Ct@Ӳ^s\x075I]O^;b61\x0cgCL=iU#5dfyvYE!F\x0d,LƅL,xaN+{#,ܭiiW<_YmN\x5cF̅EU/ b\x09U*d+2s}L>,-N7g\x1bXsB󎵰ĕz).$j57} sewPΊ btB2u>\x0cꄢ8D1LOtULho⸛_Ρ+\x0dTalPLsU=jLSپ=&x$Tr߻| Gu:<@{m6:ҝX? LѨXrOQzPfԖJ>Q\x0cZ\x0ar=>XZҲ$$ez޺d?I` du5b\x0a6.T1g#@eRf7ܨ}v}tcOl@v$\x07yeܙuO/\x07s [ 784.485614][T16616] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 785.574711][T16629] Process accounting resumed [ 786.676423][T16651] ubi: mtd0 is already attached to ubi0 [ 786.783833][T16654] ubi0: detaching mtd0 [ 786.864799][T16654] ubi0: mtd0 is detached [ 792.454011][T16699] FAULT_INJECTION: forcing a failure. [ 792.454011][T16699] name fail_futex, interval 1, probability 0, space 0, times 0 [ 792.552514][T16699] CPU: 0 UID: 0 PID: 16699 Comm: syz.8.3264 Tainted: G L syzkaller #0 PREEMPT(full) [ 792.552544][T16699] Tainted: [L]=SOFTLOCKUP [ 792.552550][T16699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 792.552560][T16699] Call Trace: [ 792.552566][T16699] [ 792.552574][T16699] dump_stack_lvl+0x100/0x190 [ 792.552600][T16699] should_fail_ex.cold+0x5/0xa [ 792.552623][T16699] get_futex_key+0x1d2/0x1510 [ 792.552644][T16699] ? __pfx_get_futex_key+0x10/0x10 [ 792.552666][T16699] futex_wake+0xea/0x530 [ 792.552686][T16699] ? __do_sys_mremap+0x97f/0x1850 [ 792.552701][T16699] ? __pfx_futex_wake+0x10/0x10 [ 792.552727][T16699] ? __pfx___do_sys_mremap+0x10/0x10 [ 792.552745][T16699] do_futex+0x32b/0x350 [ 792.552762][T16699] ? __pfx_do_futex+0x10/0x10 [ 792.552783][T16699] __x64_sys_futex+0x34f/0x4d0 [ 792.552802][T16699] ? __pfx___x64_sys_futex+0x10/0x10 [ 792.552822][T16699] ? rcu_is_watching+0x12/0xc0 [ 792.552843][T16699] do_syscall_64+0x10b/0xf80 [ 792.552866][T16699] ? clear_bhb_loop+0x40/0x90 [ 792.552892][T16699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 792.552908][T16699] RIP: 0033:0x7f0e58b9ce59 [ 792.552922][T16699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 792.552938][T16699] RSP: 002b:00007f0e56df60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 792.552954][T16699] RAX: ffffffffffffffda RBX: 00007f0e58e15fa8 RCX: 00007f0e58b9ce59 [ 792.552964][T16699] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0e58e15fac [ 792.552974][T16699] RBP: 00007f0e58e15fa0 R08: 0000000000000001 R09: 0000000000000000 [ 792.552983][T16699] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000000 [ 792.552992][T16699] R13: 00007f0e58e16038 R14: 00007fffb45beae0 R15: 00007fffb45bebc8 [ 792.553011][T16699] [ 793.087716][T16713] netlink: 354 bytes leftover after parsing attributes in process `syz.6.3259'. [ 793.245122][T16719] usb usb2: usbfs: process 16719 (syz.6.3260) did not claim interface 4 before use [ 793.446830][T16723] Oops: general protection fault, probably for non-canonical address 0xeac826e83f43c1fe: 0000 [#1] SMP KASAN PTI [ 793.458787][T16723] KASAN: maybe wild-memory-access in range [0x56415741fa1e0ff0-0x56415741fa1e0ff7] [ 793.468193][T16723] CPU: 0 UID: 0 PID: 16723 Comm: syz.6.3261 Tainted: G L syzkaller #0 PREEMPT(full) [ 793.479161][T16723] Tainted: [L]=SOFTLOCKUP [ 793.483492][T16723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 793.493566][T16723] RIP: 0010:try_module_get+0x23/0xd0 [ 793.498864][T16723] Code: 90 90 90 90 90 90 90 f3 0f 1e fa 48 85 ff 0f 84 9b 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 c1 ea 03 53 48 89 fb <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 89 00 00 00 83 3b 02 74 67 48 [ 793.518481][T16723] RSP: 0018:ffffc9000534f8b8 EFLAGS: 00010202 [ 793.524714][T16723] RAX: dffffc0000000000 RBX: 56415741fa1e0ff3 RCX: ffffc9001bd18000 [ 793.532702][T16723] RDX: 0ac82ae83f43c1fe RSI: ffffffff87efbc20 RDI: 56415741fa1e0ff3 [ 793.540686][T16723] RBP: ffff88802ada1400 R08: 0000000000000001 R09: fffffbfff1fdce79 [ 793.548695][T16723] R10: ffffffff8fee73cf R11: 0000000000000000 R12: ffff888034b9d180 [ 793.556678][T16723] R13: ffffffff8a1833c0 R14: ffff88802d218d50 R15: ffff888034b9d1c8 [ 793.564670][T16723] FS: 00007f4abc0a46c0(0000) GS:ffff888124374000(0000) knlGS:0000000000000000 [ 793.573687][T16723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 793.580261][T16723] CR2: 0000001b33b05ff8 CR3: 000000003d62c000 CR4: 00000000003526f0 [ 793.588230][T16723] Call Trace: [ 793.591507][T16723] [ 793.594449][T16723] dvb_device_open+0x124/0x3b0 [ 793.599239][T16723] ? __pfx_dvb_device_open+0x10/0x10 [ 793.604552][T16723] chrdev_open+0x234/0x6a0 [ 793.609243][T16723] ? __pfx_apparmor_file_open+0x10/0x10 [ 793.614781][T16723] ? __pfx_chrdev_open+0x10/0x10 [ 793.619717][T16723] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 793.626051][T16723] do_dentry_open+0x6d8/0x1660 [ 793.630805][T16723] ? __pfx_chrdev_open+0x10/0x10 [ 793.635738][T16723] vfs_open+0x82/0x3f0 [ 793.639841][T16723] path_openat+0x208c/0x31a0 [ 793.644439][T16723] ? __pfx_path_openat+0x10/0x10 [ 793.649370][T16723] do_file_open+0x20e/0x430 [ 793.653875][T16723] ? __pfx_do_file_open+0x10/0x10 [ 793.658898][T16723] ? alloc_fd+0x476/0x790 [ 793.663238][T16723] ? do_getname+0x191/0x390 [ 793.667747][T16723] do_sys_openat2+0x10d/0x1e0 [ 793.672419][T16723] ? __pfx_do_sys_openat2+0x10/0x10 [ 793.677629][T16723] __x64_sys_openat+0x12d/0x210 [ 793.682476][T16723] ? __pfx___x64_sys_openat+0x10/0x10 [ 793.687870][T16723] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 793.693317][T16723] ? rcu_is_watching+0x12/0xc0 [ 793.698073][T16723] do_syscall_64+0x10b/0xf80 [ 793.702685][T16723] ? clear_bhb_loop+0x40/0x90 [ 793.707674][T16723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.713586][T16723] RIP: 0033:0x7f4abb19ce59 [ 793.718005][T16723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 793.737609][T16723] RSP: 002b:00007f4abc0a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 793.746012][T16723] RAX: ffffffffffffffda RBX: 00007f4abb415fa0 RCX: 00007f4abb19ce59 [ 793.753971][T16723] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 793.761935][T16723] RBP: 00007f4abb232d6f R08: 0000000000000000 R09: 0000000000000000 [ 793.769902][T16723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 793.777949][T16723] R13: 00007f4abb416038 R14: 00007f4abb415fa0 R15: 00007ffd3425c2a8 [ 793.785917][T16723] [ 793.788993][T16723] Modules linked in: [ 793.795805][T16723] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 795.078169][ T58] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.123882][ T58] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.196799][ T58] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.263261][ T58] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.338406][ T58] bridge_slave_1: left allmulticast mode [ 795.350403][ T58] bridge_slave_1: left promiscuous mode [ 795.368411][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 795.388006][T16723] RIP: 0010:try_module_get+0x23/0xd0 [ 795.401608][ T58] bridge_slave_0: left allmulticast mode [ 795.410302][T16723] Code: 90 90 90 90 90 90 90 f3 0f 1e fa 48 85 ff 0f 84 9b 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 55 48 c1 ea 03 53 48 89 fb <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 89 00 00 00 83 3b 02 74 67 48 [ 795.454408][ T58] bridge_slave_0: left promiscuous mode [ 795.469562][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 795.499069][T16723] RSP: 0018:ffffc9000534f8b8 EFLAGS: 00010202 [ 795.522808][T16723] RAX: dffffc0000000000 RBX: 56415741fa1e0ff3 RCX: ffffc9001bd18000 [ 795.554057][T16723] RDX: 0ac82ae83f43c1fe RSI: ffffffff87efbc20 RDI: 56415741fa1e0ff3 [ 795.590024][T16723] RBP: ffff88802ada1400 R08: 0000000000000001 R09: fffffbfff1fdce79 [ 795.616116][T16723] R10: ffffffff8fee73cf R11: 0000000000000000 R12: ffff888034b9d180 [ 795.644074][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 795.655625][T16723] R13: ffffffff8a1833c0 R14: ffff88802d218d50 R15: ffff888034b9d1c8 [ 795.683038][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 795.691703][T16723] FS: 00007f4abc0a46c0(0000) GS:ffff888124374000(0000) knlGS:0000000000000000 [ 795.709509][ T58] bond0 (unregistering): Released all slaves [ 795.716966][T16723] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 795.729997][T16723] CR2: 0000001b320feff8 CR3: 000000003d62c000 CR4: 00000000003526f0 [ 795.767760][T16723] Kernel panic - not syncing: Fatal exception [ 795.774079][T16723] Kernel Offset: disabled [ 795.778438][T16723] Rebooting in 86400 seconds..