last executing test programs: 2.210796461s ago: executing program 1 (id=3941): unshare$auto(0x40000080) pread64$auto(0xffffffffffffffff, &(0x7f00000000c0)='veth1\xe7#\x16T+\xee\x03\xc4\x1c\a\xdfa\x8b[,>\xa9\xd2\xef\xb0\xfb{b^\xef\x93\x97\x06H\xcb\xe7g\xea\x9dE\xc0\xdc\x1e\x02`\x00Z\x9d|\x8f\x92\xe09\xe1hBJL\x1e\"F\xc4\xd0z\xac5+I\xfbb\x9d\x97.]\x95H\f&_\x8d1\x83\x90,\x01\x8ab\xe6P\xb8J\xc4\xc3&\xe3\x05\x7fl\x18\xf40\x18x\x88\x86\xe6{\xdb\x1c\xfef\xf1x\xc9vKq\xd4/N&\x1f\xae\xa8\x9b\xb2\xdbZ\xed\x16a}\xa9gj\xc2mt\x87&\xf7Z\xf1u\xf0\x14\x00\x00\x00\x00\x00\x00\x00i\xb9\xc8\xc6V5]\x06/\xb1`\xd9X\xe5\xfc$\a\xf3S\xbb\xe99\xf1PZ\x81\x8f\xfc\xa4w\\\x84B\x03+\xa2\xe1\xb4\x9dv\xe1\xd7\b9\xc3.\x96I\x98\x00\x00\x00\x00\x00', 0x200000000004, 0xfc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe9353687043d5df7, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x82802, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x80002, 0x73) getsockopt$auto(r0, 0x0, 0x2, 0x0, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cec10\x00', 0x101901, 0x0) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/027/001\x00', 0x4a901, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) 2.107240266s ago: executing program 0 (id=3942): migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/adsp1\x00', 0x40440, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) readv$auto(r0, &(0x7f0000000200)={0x0, 0xfffc}, 0x3) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x822, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fsconfig$auto_FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x8) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000005940)='/sys/kernel/security/tomoyo/profile\x00', 0x40802, 0x0) read$auto(r1, &(0x7f00000002c0)='N\xd5\f\xb9GC*(,\x00\xc4bAL\xa3`\xb1\xf2T\xc0\x1d\xa4\x10r\xc4\xa2\xb1y\t\x05\xe7\xc04b$\x99.\xb4\xcc\xc0%\xaa\xd3\xd5\xef\xa4\xd35u\xc0\xa6\r\xcaJ\x11\xaf\x93\xde\xc3|\x17\x96\xd1\x15g\x10\x1ai1(=!\xf1\xe8\xe4\xcdm\xed\rW\xe7\xfbL\\\xf2sj(\v\xcd\xe5\x02B\x81ss\xdd\x8199\xa5\x1e\xb0A\xa3\xcbj7\xe9\xc9L\xcc\xc6\xa4\xaf%\xba\xda\xee\xd8%:bXj\xd5[UG\x8a\x8ab\x9a\x18\xe8K\xafU\x8d\xb1\f~\xaa\xab(\x86(\xf9\b\xf7$%\xf2\x11\xa4\x9bj\xc1)\n\x1ft\xb6\xaf\xe2\xd4\x95\xa3\xe1', 0x100000001) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000012c0), 0xffffffffffffffff) write$auto(r1, &(0x7f0000000080)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe2$auto(0x0, 0x80) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x129842, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(r4, 0x0, 0x20) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) mknod$auto(0x0, 0x2, 0x9) lstat$auto(0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) 2.052206305s ago: executing program 3 (id=3943): mmap$auto(0x0, 0x20009, 0x4000000000db, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) sysfs$auto(0x2, 0x11, 0x0) fsopen$auto(0x0, 0x1) socket(0x2, 0x80002, 0x73) request_key$auto_KEY_SPEC_PROCESS_KEYRING(&(0x7f00000006c0)='[{%\xbc::(\x00', 0xfffffffffffffffd, 0x0, 0xfffffffffffffffe) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048000}, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xa13, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0xff00) 2.044746796s ago: executing program 2 (id=3944): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5) close_range$auto(0x2, 0x8, 0x0) 1.521632455s ago: executing program 0 (id=3945): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/options/record-tgid\x00', 0x100, 0x0) flock$auto(r0, 0x8) io_uring_setup$auto(0x7, 0x0) socketpair$auto(0x1, 0x5, 0x100000, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x3, &(0x7f0000000440)="4c8c469e3bde0567801aa130e1dc13e505de02c022364e020399f501f20e2ac7fd1b9fc38075cb92fca373355e2f37e1aeda1dcc132616d08a030200b255a80b460000000000000039b65dac479a03cac1e4ed0c7af16395208b469b0584493b71ac784544f0128f58ec41125fe87f60418223115e6a6ee7b76d558a783e45a2a15066473634797d78c8a18935834798ad0a5cd655952541380b0f3f75636bf47234586c15b1b78de9c1cfc243d0f3d95eb29b13523297fcdc7945e4135a39bceab4de9bf294be7ac52eac52") r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty1\x00', 0x0, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000440)) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f00000002c0)="174c8b") 1.4652839s ago: executing program 3 (id=3946): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB=']'], 0x1ac}}, 0x4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xce}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0xce1e, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="000229bd0000fbdbdf35020000000800fbffffffffff0737010005"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="8b0500000000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.455435884s ago: executing program 2 (id=3947): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000f40)={'batadv0\x00'}) sendmsg$auto_BATADV_CMD_SET_MESH(r0, 0x0, 0x140080e4) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda\x00', 0x2cc00, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) write$auto(0x3, 0x0, 0x100082) sendfile$auto(r3, r2, 0x0, 0x10000) 1.352051997s ago: executing program 1 (id=3948): openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/projid_map\x00', 0x101002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) r0 = socket(0xa, 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x240202, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(r1, 0x4004ae99, 0x0) 1.232194831s ago: executing program 2 (id=3949): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x5, 0x2}, 0x10001}, 0x5, 0x20000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x10000, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) shmctl$auto_IPC_INFO(0x1, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) 1.061068956s ago: executing program 0 (id=3950): mmap$auto(0x0, 0x4020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/hid_magicmouse/parameters/scroll_speed\x00', 0x101142, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x40200, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r1, 0x0, 0x80000000c3) 961.419807ms ago: executing program 1 (id=3951): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x525a05df5b8ef67a) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda1\x00', 0x2000, 0x0) sendfile$auto(0x3, r1, 0x0, 0x100400000000006) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8) 955.453342ms ago: executing program 3 (id=3952): close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS1\x00', 0x101e81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) r1 = socketcall$auto(0xa, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r2) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) 882.906181ms ago: executing program 0 (id=3953): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram13\x00', 0x1e3a02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) socket(0xa, 0x1, 0x84) socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000d40), 0x2e0001, 0x0) syz_clone3(&(0x7f0000000480)={0x8203100, 0x0, 0x0, 0x0, {0x1b}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r1) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2202, 0x0) 790.636214ms ago: executing program 3 (id=3954): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x7, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0x6) r0 = socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x19, 0x0, 0x9, 0x0, 0x1f, 0x3}, 0x4}, 0x7, 0x20020004) write$auto(0x3, 0x0, 0x7fffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_setup$auto(0x2, 0x0) mbind$auto(0xf000, 0x8000000000000001, 0x100000000, 0x0, 0x6, 0x2) 719.752442ms ago: executing program 2 (id=3955): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) select$auto(0x5, 0x0, 0x0, 0x0, 0x0) keyctl$auto(0x5, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) select$auto(0x6, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x8, 0x16, 0x5, 0x100000001, 0x8, 0x9, 0x8000, 0x1, 0x7ff, 0x0, 0x101, 0x6, 0xfffffffffffffffe, 0x80000001]}, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) 531.579629ms ago: executing program 0 (id=3956): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sda\x00', 0xc4100, 0x0) ioctl$auto_BLKTRACESTART(r0, 0x1274, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) close_range$auto(0x0, 0xe903, 0x2) socket(0x1e, 0x4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x1, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x8000, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r2, 0xae03, 0xaf) setsockopt$auto(0x2, 0x1, 0x50, &(0x7f0000000000)='\x00', 0x40) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/027/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_RELEASE_PORT(r3, 0x80045519, &(0x7f0000000040)=0x1) shmctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001340)={{0x7fff, 0xee01, 0xffffffffffffffff, 0x4, 0x9, 0x7, 0x8}, 0x9, 0x1ff, 0xfb, 0x6b4, @raw=0x4, @inferred=0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000280), &(0x7f0000001280)}) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000180), r4) sendmsg$auto_HSR_C_GET_NODE_LIST(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x1c, r5, 0x1, 0x70bda6, 0x25dfdbfd, {}, [@HSR_A_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000080}, 0x20000800) sysfs$auto(0x2, 0x12, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(0x0, r6) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r7, 0x805, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x84, r7, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_MESH_ID={0x21, 0x18, "baa948767f5b41aefcb3f1f539a8788a335a613a98584eac31763d9738"}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0xfffffffb}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x3}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0x80}, @NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0xffff0001}, @NL80211_ATTR_PMK={0xc, 0xfe, "f4af42e6ce2b4c62"}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0x5}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x80000001}, @NL80211_ATTR_KEY_DATA={0xf, 0x7, "c6546a2bc47ea395184330"}]}, 0x84}, 0x1, 0x0, 0x0, 0x40880}, 0x40010) lsm_list_modules$auto(0x0, 0x0, 0x0) r8 = socket(0x2a, 0x2, 0x0) r9 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f00000024c0), 0xffffffffffffffff) r10 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r10, &(0x7f00000001c0)="352c8efa618c0bcf83a4ebdb27ec25906b0e1015b18c429fc1d7c523728754e19b334a", 0x23) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TASKSTATS_CMD_GET(r11, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000080)={0x70, r9, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@TASKSTATS_CMD_ATTR_REGISTER_CPUMASK={0x5b, 0x3, '-:-!].\xf7\xbet\x04h\x87b>\xc9!T\x06:*\x8d\xf3\x96\t\x90E\x04\xad)\x04\xf7\xd5Bh\xc2+r:Y\xe2fU\xaf\xe6!\xe9Q\x95\xf4\x0eb\x94E\x8by\xcba\ac\xdd\xb9t\"\xef\xd1\xc7\xe6\x82b\xf0C\xc5G\xea\x13\x92\xee)\xfe> !O\xb5\xbb`('}]}, 0x70}, 0x1, 0x0, 0x0, 0x2000c881}, 0x4000894) ioctl$auto(r8, 0x8912, 0x38) 486.000111ms ago: executing program 1 (id=3957): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sda\x00', 0xc4100, 0x0) ioctl$auto_BLKTRACESTART(r0, 0x1274, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) close_range$auto(0x0, 0xe903, 0x2) socket(0x1e, 0x4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x1, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x8000, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r2, 0xae03, 0xaf) setsockopt$auto(0x2, 0x1, 0x50, &(0x7f0000000000)='\x00', 0x40) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/027/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_RELEASE_PORT(r3, 0x80045519, &(0x7f0000000040)=0x1) shmctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001340)={{0x7fff, 0xee01, 0xffffffffffffffff, 0x4, 0x9, 0x7, 0x8}, 0x9, 0x1ff, 0xfb, 0x6b4, @raw=0x4, @inferred=0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000280), &(0x7f0000001280)}) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000180), r4) sendmsg$auto_HSR_C_GET_NODE_LIST(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x1c, r5, 0x1, 0x70bda6, 0x25dfdbfd, {}, [@HSR_A_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000080}, 0x20000800) sysfs$auto(0x2, 0x12, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r6) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r7, 0x805, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x14, r7, 0x2, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40880}, 0x40010) lsm_list_modules$auto(0x0, 0x0, 0x0) r8 = socket(0x2a, 0x2, 0x0) r9 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f00000024c0), 0xffffffffffffffff) r10 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r10, &(0x7f00000001c0)="352c8efa618c0bcf83a4ebdb27ec25906b0e1015b18c429fc1d7c523728754e19b334a", 0x23) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TASKSTATS_CMD_GET(r11, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000080)={0x70, r9, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@TASKSTATS_CMD_ATTR_REGISTER_CPUMASK={0x5b, 0x3, '-:-!].\xf7\xbet\x04h\x87b>\xc9!T\x06:*\x8d\xf3\x96\t\x90E\x04\xad)\x04\xf7\xd5Bh\xc2+r:Y\xe2fU\xaf\xe6!\xe9Q\x95\xf4\x0eb\x94E\x8by\xcba\ac\xdd\xb9t\"\xef\xd1\xc7\xe6\x82b\xf0C\xc5G\xea\x13\x92\xee)\xfe> !O\xb5\xbb`('}]}, 0x70}, 0x1, 0x0, 0x0, 0x2000c881}, 0x4000894) ioctl$auto(r8, 0x8912, 0x38) 438.767197ms ago: executing program 2 (id=3958): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x0, 0x0) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000140)={"57f475c61457e99f769f5235b668e09caf9941b9b26b2fb80cf70643d6ff9594", 0x3ff, 0x23, 0xc130, 0xd5e9, 0x401}) r0 = socket(0xa, 0x1, 0x84) r1 = getpid() socket(0x2, 0xa, 0x1) bpf$auto(0x0, 0x0, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) mmap$auto(0x0, 0x10, 0xdf, 0xeb2, 0xffffffffffffffff, 0x8000) process_vm_readv$auto(r1, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) setsockopt$auto(r0, 0x0, 0x60, 0x0, 0x6f7250c4) 425.824259ms ago: executing program 3 (id=3959): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) setsockopt$auto(0x3, 0x1, 0x8, 0x0, 0x808) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents64$auto(r0, 0x0, 0x40002) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 248.743086ms ago: executing program 0 (id=3960): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) poll$auto(0x0, 0xb, 0x7) sendmsg$auto(0xffffffffffffffff, 0x0, 0x0) r0 = socket(0x15, 0x5, 0x0) getsockopt$auto(r0, 0x114, 0x2715, 0xfffffffffffffffc, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) chdir$auto(&(0x7f0000000040)='./cgroup\x00') socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto_SIGCONT(0x5e91, 0x12, 0xffffffffffffffff, 0x9, 0x99e) lsetxattr$auto(0x0, 0x0, 0x0, 0x2, 0x0) lsetxattr$auto(&(0x7f0000000d40)='./file0\x00', &(0x7f0000000280)='security.caility\xf6\x06\xa1\xcd\xd3<\x81\a(\xa2f*\xaf\xc8\x02\xe9\x14\x8fE2k\x19{\xd4\xf2\xdf\x80\x9c\x87\x86\xde20\x8e\x1cN\xd40\xd3Z\xf3K\x98vW\x7f\x94Z\x0e>\x85S&#\x9f\x8d1\x13NZ2\xe5\x96\xce\xf15\xb3v\xa8R\x05\x94\x8c\x1df\x11\xbd\xd0\x7fu\xc7{\xe1\xff\xff\xc4\xbb\x17\xd5\xee\xd8\x143\xed\xc4|\xd3\f\x05\f\x95\xce\xbf9\xc8\xf1m\b\x00\x00\x009\x8b\x02\x89\xed`\xb4\xcb\xb3O\x97X\xe3\xd0j\xa5\xd0\x9e*\xf9|\xd9\xc2\xf4X\xc9[\xfa\xcf\xa3\xeb\x05EOgaA\xb1@f\x93F0\x8cR\xc5\xb6\x16\xfa\xe7\x13\x00\x02\xf4\x80\xe3\tV\xf3\xa3T\x90\f-\xdd\\\xcf\x10\'\xd2\xf4MP\x87vB\xefJ\xeb\xb3\\\x88\x18` \xca\x8faI\x89\xb6\x91\x1ae\xd2\xad\xbe\xb3\xe6\bX]\xd7\x81.\xd2\xed\xc4\x9f\xb5~\xb4\xc6^\x97\xc3\xa2\x16\x99\xfc\x00_\xe6\xb0G\xe9`\xb4+2\x93\n9 EU\x1e\xb4\xbeVt\x89\xf9\xc7\xe1`4O\x00\x00\x00\x00\xa5\xe0\xf5\xb2\x00\x00t\x10\"\x15\xbc\xdb\x92\xff\xa7\xe1Vv\xe5*\xc5\xe1r\xf5\xa4Cw\x1c/?\xbcn\xe3\x8aX\xfc\xe9,\xca,9\xda\xad\x87\xb1\xb2\xff#\xd3\x17l6\xa0\xd8\x1b\xad8\a\xfc%\xa6(\xcb\x97(\x16\x81\xbf\xc6\xdbw\x13!\xc9\xc6\xc3\xfbc\xfe\x83\xcd\x16 e\xcd\x91y@\xe2\xd8{\xec\xbb\xbb\x1d5\t\xed>\xa9&\xce\xfc\xab[\xae\xa1\x94\b\xcc/-\a\x00\x00\x00\x00\x00\x00\x00)\x17CI\xb7\xf35\xfc\xe8(\xfa\t2\xafQ8}\xd8\xbb\xe4nlR\xf8\xc9\xf2\xa3\xe5\x83\r\t\xb96d\xd6\x1e\xbd*\xa4\xc9\xcbE2\xe9\x81\xc3\xc3\x8a\x15\xcb\xf2\x03\x00\x00\x00\x00\x00\x00\x00!dJ+\xd2\x01#v\xd8BgB`\x8alP\r\x04\xce\x04$\xaag\xb6\xdb6-0>\xb3u\xd4\xdb\xd8~\xb0\f\xd0\xa9\x9e\xa0\xc7\xf7\'\x8d\xab\xae\x035\xa8f\xe5\xfe\xfc\xc0\xb1rR\xae54\x13\x1c8=\x92\xc3=w\x89\xbb\xfb)\x94p\xc18`G', 0x0, 0x2, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, 0x0) 225.725204ms ago: executing program 1 (id=3961): pread64$auto(0xffffffffffffffff, 0x0, 0x840003, 0x40000000002e72) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/blkio.reset_stats\x00', 0xa801, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x39b8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) r0 = epoll_create$auto(0x7) epoll_ctl$auto(r0, 0x1, 0xffffffffffffffff, 0x0) r1 = socket(0x2, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e23}, 0x67) ioctl$auto_BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000180)={@raw=0x6, 0x2000000000000001, 0x2, @unused, @name="24bca2a162f6ff556d56a975f0659b99b3099bf8fe334b04b65848c388f56781da2e2c915447aa28d59eb4b17db2774920095e70aeb15cb3a06731084c99db6366a3d39a4cb1fa57963ff6f41886dea23804b9d1e3c02cb41ee5f12609db238d14f5f9285a2aae40192a3873da348c25f6286b202f0b64fb51f9233736fb877e8ce4bb2c323e171d7c1e5d39ab62a13e643f6f7c373604702f74542798c6df74da7e9dd557daee9168ad00b6c8fd874d2fc5001aa3fcb83a1129b2a1026eea43d4a76a3aaaabc4e7ae5021bb789f83e9c8e43f352bf71d6a0c3e011ab89f9aacd048a0d6cfe665f565d4a20ee446c5c54e0490a92a4ef1e354c9bb95f3da238a1414deac2807562a41fe91a7775b381c455067175cbe34be72f07f9ca2bae68a1386b1b9d9efc2154a0f60d4a50746cf5b1d95599ff54d49b72c5e55620539cd80113376bb42880454386b12e85f0a4298e5f71cd3c368a0ed2b421d6af60c2c2b72a586bd7475c0643abfef6b4b484cc6d3999514b0f3695989b722fac4639ed43eb0a0f2873546686449f0eeb21868055750f4b3f96002134e4f29cc1b4e380edf3f916e40f38c782db0622a8381ea7195e166eb1dabbeadc1be42cca9722d1a8916d77fec7a96d70d31fb0d44c6f47b48dd3d4ac307001ecaa445d515e35ddabe92e2841f5e15fde3a763c66599461cc7af26e98b669226b2cc092b54eac8207865f12bea983d15c576c512c4ac170be11fd35ecd3b83da6b0ea657cdb1588445abdc26ba2c4e4f8fdcec3cc61416559d8898b4f2791195da7ce0cb967868ef9d85cf5f529a1b3465af99bb98b3f78445a343039b121bc45eeb1fd6920d2eff3a865a13d319d5f696a133830590bf36c76aa4ba09782b19acfd48e4d3cc237bf264eeddbfd9c9080e3b34d4710d84a732ae5f514e3ad6ae9a6c9589ca157f0bd8f29da5ae50f6420a4267afabbe863dc8b122519bf411716a53ba3d4d1195e06bbd3b909a5dc5e9e634997759cf695586aa45e2e4e8cc8ffb4567f695c252d93775107b62e0831f7b034fa77654489c493bc919888f8d89510a402aa6d974c4ba9c0601d71cce3f27689407b2a1198e219309eee325aa67c7667933fc0881bf761bc97f23b5e9d4fc268745dab7793dc37ad6d34425398c51a9958bd772e55ef673587f19e8dfe537e96127915bc76c7f47b01d5036eee5effba374df22c80b62f2cc4b5ac554195605627b0faf527f6652e21847928cc6763343ee6a8fa345e88043937d1ec23b7a80a2502ba22740104c04e42a0890f566649d390e3f8e95dba96aa1da538e0f1aac54f4940cad6403f5c6610d4f3e228527ad5ebcd7e9f9e34f6e96c75c584b3159bf05869ad8687901d2ec8404b74ea0092e5ddaf7a4a706279ccc182b5030d8eb331a0efdc7aa2a2b2909db65f4d26ea5d06bf6af6328dcdba90a0c1508bb3ab334c4ab904b09a5208824ad96c98ffe6a353d79e0bca3a4f813f56979fcb798c274bdf9f183ca9cb3668c8624d4b47841fb9c28379138cfa6fef53259221c34b570fb251d8fad0e1d5de3e5ac0e92b24114b512597c40d170729ab68e4cb35cb50d6821f72da92b36519a86dda0bf27fc5d302c6833972b42789d4495e11ba36270090380e540ce8135360c8eb49db85a4c38c89392c5c5e0ac577e453df6a5001f35ed05c3d4391fac05b4f518ecfa3a83e702c30be8ea5d08997ae346d5c3b8abb2ef7c0eb0638709780ef3750548793e92d2a915cbcd68de91c54d0cc589d5dea06b5f9fd6566579eb07eed9eb9c6e75fd2f8e08a09cc7d1d85ad2a7fe15d6557b297ced2bd9fe2c45fe1d86730ef4f182d54170b7c6e1b02281727fb0c497e18e0de335424deadaf7de3509f8fd00b809804bcbbb3fac2ec96d09434fb7c8e972f071d4db7399c08785bfe3742674e016d599e24949151e34ffb4ec36fa4648c7572be89dd3da5e56bf60f5131ad5e80a70a2b6a4c5f4b6744f70b29ce6ae4137e7a6a5f7110115bdc27d2233c439ee477ce8dfdcb426004f1eeb74ec861982de9490ff110c75fefc8e6d2b2df14974fe58b61126c7066a07ca090f6ef25db593965442713acd754f2b06aabc0906a6154292c2f631a71a8797d12eef86ebca6935faea2617d24d089956427329270fecdffaf47a80c007533f95fef397f1630a0addf20b956228de2798f42c26c23511531375d07a4895f4a15769b7cccefa781cadaaeab898ce342638c11fb9f3f4bc86b18a3c69eab7f3222e65e2e4301ac70648f5f5e669b50a2e61dcb2f58834df225399b1b61da3cc9c8e7b1d285b398ba721a28869d239cccbc944eaa13084c2a714cf8c95e7d0c7d0bc188ed68f93e1fbf46d53572c813c9823242adde14b6a6f79de759e10f74716e59956e8343413650c95edf91109e5fc2d7d262d9ace943811d0d1817f10b48ada2087e2feb196f686603c5d18a0f1e56bc8366a4f8de2fbcaeb6db4b26bbae40d224d1f7910a99628d3907767de27154b6ee64ad32492fcc7c0b006c329cc4dd64ce874495dfdf2a2cf2e9a2dc5bc495782f82e1bd865cd16c5dd699dfba3c26d6eb7e5d175248e61c4d95784c1a3e7175db1310a60cc2132787753962a938133fe4bf59794601b2588e1a2e2d6bee2fc1a02505a2e4a550fe992bdb7410fdcd65ff1884a045e5c0f7e73afe362a2ea23018a1119dd0ecd18d8696a1af4ba3e4a79088182bf91a6dd571c7770deaefdd9b5158f8f98132dc6afadff85f6ef46dc73dcf3c7543bdb4455510e5f987c07fa59c0cbc84b09ac4855df0218460999e864786c766226c020afa4ace0d5d01580ee3b5cca082139ac2a2630138df0619707afe5ac867589a1c2fd6fc96f2d380740e6870ec18c92750488b678b6fc138938f500cdb1b923fcd8cc2604c0b73978033e31e848b5b303c99635053490c558c57455e4ae6eb91087ffabdfec27aa6c2a77be8be6b7b75057f580710b58751607e39dfb7496c70b589049a19ec3eac4a728720484735a10a009a1aa361553e0f0b1f3b3643928481b7ef4e59668a8d00385b3be5b5771d1dff8bb44d703fa53dbcd580b91fabc77029001384f1bf3006933fc763e45433119c1072e6301dd62bc9a46a9579f5c23bc9616b5902550228e686427a6768f75f50b6eb22b350b8317811c0454f22a4ed0bfb13ce411d2ddd205a9f039093a8fac448b7ca8a68d2d0fc5cbefab0416a6ff8153b24f261485c2e5903016f5ef6716610e66118613d15d291bbb2126992763fd99c05eb22a90b06690cf61e9cbf3ce5a4c36b94b925a00e53de27f3e3b133f26afd5f619fb8e8f30c3e3c7aa39a57e3cb21699d135ccba49f1ce347ce08ae1cf5d5e9820a4e4fc51b7c28e715e87bb5f53736dec9936ad1b71cf017616293e3b366766806cd6d81ecdcb18324fed26841cf08858d61688e85628e2eab835ab377d7ce8be1b58050dd8b9d8b32d35ef56262bccd14ff24b5fcb90d75a6bcc12bca4ddec45fef7640cf475f4adaf45b5794e58c56cfbaf1317b2688502860ee8a4efd15516590c0d299bf913210a03b83ad9a6f6235b4ce654876882dfe691ac24b56a2ba57f43439f546303d9cbc553ff0749a196028761b6ade56cf23a44b925c0a7e319806c9229f166c5cd6eee076616e0c9f79b8e091dddf2f522097a977a3a2107cecb80965cb04604b8eb653970393cc658b1033d74dc4a59504bfba3ed052244d1d876b34258b25bc6f2e4139848145babaadcd9fd1f687bb16d3654e164142aa7659d75df04ba85b47adfc074406af82cd9324a2e027c3ad242d7edd164091833c5008e46733de0993b102b2ca888d55dd4223ba3094c50a0bf85c539f8c4efb696f61abd635004326a0cd5b466daf24026eea957c059ae1cf5cac4a95fe4c16e3dfe35c7d50ec0f7d46607a4e9c6d5506935d965352df4d0990d93ba7328c1ea23c580e3cbc6aec610ff52b352186b08083bdd8a49ac035ffc885c6ab5976ef2b991f0c6dd535cfb682f4f28d8ecddee9d98eeae2e4558f01c3fadb8a2faf19bd56d94b30d16fb2fb1b6be23f7e3c894fcdb45614c5c4a1a5eebe68c238863dadd73e9cea4f34048b8625db25417a957a3369fcffd79d9f4ee55e2ac58a6c7863c5b426acc805146a53b91a0181d5fbd016583b2c283f9c0c8b9056f493683f4bb68620e12c9277378c0139fe7fdda4dff804a7f15a8bac0241ce0898b41a87942d174f36597bdae277be519ac65b189ed43128c8d65c71a5ca9470b1bcd5b5f16ff0d7623d98bfe0a1c4fe09ae83d9784c6e78cf0b7f9792d809d8421d285f0a86f42b21f0ee021058863bae63ff911dc6e244b73a220199223bcf6913f5e6a006c48d2ff3d59b2a5b201aac27a0369a2cda8a32f6356e20950d43ff92e0237faaac189a8416763f3d57a875e991d4de8bcc21b1b90f6e2c15dda738d228848d73f7a9ac54f3516e0b2ebedd5c41f65623f2996b410e57a8c71871d5a373129c435609035c34748e2f5bcf88d219e621446781f5cc1a25bc03db6ccc220eb2b3d97c233f8c63be425012a3eac108f35f8f8dd3f586c1a726f1cad19c22bcfb3c4b2c2a231706faca537b4299de6ed53561ccf935be0492be57b5c492ed70c162662221647121941fa1c1d877614fa3591612d10f35daccdd5f7edb3e9b21b0398130c5bcad051348959ac460cf62f5a12e4124bff6fae9fa7cbc15c7fd5f58f07f72c889b78d48b2668d723d1847f8458a9c4082bae594f7d695c608e83e94168d7947eb2ef5a2b4910f5bd05ce7e6b6cd410f7b79d110070878fedb020844013689f8de2c95607e213112c8cf92b9083b5cac346c8af329e3c1ca08544b6d8f7530507ea100c4ea9dc9a5f093826cec1b2e48ed68eb4648790ae5ef27fbd73d0a8f9853658f154127f60adaf8ab4e70683f80e8f43e19acf0c8d4dc70feb6ca8e1c7813298b4d2d4ccce01316b8372ea6381c01c0b645e0287e40dcf646d2aae99869b14ad27ef67761c75668d940e7ba915e59a40d3e1fbff8c67bef908b59ef46f40d91ad1248de896d4b1c4001a83e3922103849175506ae23787b570722c86d777e3bd1dd51a8ce56dc1305ee2d31a84baed629230346d73f2f02de396846520e7e2b7ac636bcd4af648cc1b6e074f648435ab6887ace694168f8bbf27dbaf872f0597be1788d441752daa3161af38b4132f03e3e92a9e0aa36ceb632bfdcc87c9019f7b55e4a0e6df1b88ae59a59ff6356a41f3159e7e1c938d0b6f2179833c8dcf3df2a83902180cf810cca63092c415162c3ab2b2ecf3edd037d28c27811dbd5dc55ac24cbafa6312e6754eacd2787b92181341445ce92939629447a84af4b78463534754be80712f6dc7817026b9e35db708e72c1d42de9552b8d2a53ddd0eabd624f8e3253e38774d2f00ad7b34c7acf38d40403b0159008078c4cd4685c492733037ac0593801e7508c68efb1a33572de8025177d51345ce468545f630cbcd07a48c4d51f5ea06ea6275f7b27513458e84815b588133a863cfb48114aa2e5586dff2e1582ca10cbfe6d10bedfa869fb33766e34a30c04a223a3958dcc04f8b048f0a5101c1db27eb70bbd4c1d5b2785beef8bf4000756304ca1630391da924c56d3c26933b22620c77dbf5897af32ae13e6230c8efc92d7c51e00ed01fa7df6c341cc6c41980e6fbc85641f145"}) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x412, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x4, 0x20000000) 109.007598ms ago: executing program 2 (id=3962): unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0x1e, 0x1, 0x0) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) kill$auto(0x0, 0x11) 76.070983ms ago: executing program 1 (id=3963): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram10\x00', 0x60742, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x69) listen$auto(0x3, 0x81) r0 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x6, 0x0, 0x7, 0x1}, 0x3}, 0x4, 0x20000000) mprotect$auto(0x200000000000, 0x806121, 0x8) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 3 (id=3964): openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = gettid() prctl$auto(0x3e, 0x1, r0, 0xfffffffffffffffe, 0x0) syz_clone3(0x0, 0x0) socket(0xa, 0x2, 0x3a) mremap$auto(0x200000, 0x7, 0x3fd6, 0x3, 0x20000000) prctl$auto(0x4e, 0x1, 0x0, 0x0, 0x0) r1 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r1, 0x0, 0x8fb5) preadv$auto(0xffffffffffffffff, 0x0, 0x9, 0x1ff, 0x5) dup2$auto(0x0, 0x3) ioctl$auto(0x3, 0x5760, 0x10000000000402) write$auto(0x3, 0x0, 0xffd8) kernel console output (not intermixed with test programs): 99.627238][ T5934] warning: `syz.2.31' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 99.715033][ T5934] netlink: 28 bytes leftover after parsing attributes in process `syz.2.31'. [ 99.938469][ T5934] bond0: (slave bond_slave_0): Releasing backup interface [ 100.531276][ T5947] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 101.028298][ T5942] netlink: 8 bytes leftover after parsing attributes in process `syz.0.32'. [ 103.129284][ T5956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.34'. [ 103.154032][ T5967] futex_wake_op: syz.1.36 tries to shift op by -2048; fix this program [ 103.210491][ T5967] 0x000000000001-0x000000020000 : "" [ 103.643914][ T5967] ftl_cs: FTL header corrupt! [ 104.445519][ T5990] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 105.663906][ T6015] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 107.124911][ T6039] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 108.836477][ T6072] FAULT_INJECTION: forcing a failure. [ 108.836477][ T6072] name failslab, interval 1, probability 0, space 0, times 1 [ 109.014665][ T6072] CPU: 0 UID: 0 PID: 6072 Comm: syz.2.48 Not tainted syzkaller #0 PREEMPT(full) [ 109.014688][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 109.014703][ T6072] Call Trace: [ 109.014708][ T6072] [ 109.014714][ T6072] dump_stack_lvl+0x100/0x190 [ 109.014745][ T6072] should_fail_ex.cold+0x5/0xa [ 109.014764][ T6072] should_failslab+0xc2/0x120 [ 109.014784][ T6072] __kmalloc_cache_noprof+0x7a/0x6f0 [ 109.014805][ T6072] ? __debugfs_file_get+0x2ac/0x860 [ 109.014828][ T6072] __debugfs_file_get+0x2ac/0x860 [ 109.014847][ T6072] ? __pfx___debugfs_file_get+0x10/0x10 [ 109.014867][ T6072] ? __pfx_apparmor_file_open+0x10/0x10 [ 109.014883][ T6072] ? path_get+0x61/0x80 [ 109.014905][ T6072] full_proxy_open_regular+0x4f/0x370 [ 109.014928][ T6072] do_dentry_open+0x6ab/0x14d0 [ 109.014946][ T6072] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 109.014971][ T6072] vfs_open+0x82/0x3f0 [ 109.014994][ T6072] path_openat+0x208c/0x31a0 [ 109.015018][ T6072] ? __pfx_path_openat+0x10/0x10 [ 109.015043][ T6072] do_file_open+0x20e/0x430 [ 109.015064][ T6072] ? __pfx_do_file_open+0x10/0x10 [ 109.015096][ T6072] ? alloc_fd+0x476/0x790 [ 109.015115][ T6072] ? do_getname+0x191/0x390 [ 109.015137][ T6072] do_sys_openat2+0x10d/0x1e0 [ 109.015158][ T6072] ? __pfx_do_sys_openat2+0x10/0x10 [ 109.015181][ T6072] ? do_raw_spin_lock+0x128/0x260 [ 109.015201][ T6072] __x64_sys_openat+0x12d/0x210 [ 109.015223][ T6072] ? __pfx___x64_sys_openat+0x10/0x10 [ 109.015248][ T6072] ? rcu_is_watching+0x12/0xc0 [ 109.015267][ T6072] do_syscall_64+0x115/0x840 [ 109.015287][ T6072] ? clear_bhb_loop+0x40/0x90 [ 109.015304][ T6072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.015319][ T6072] RIP: 0033:0x7ff38179ce59 [ 109.015334][ T6072] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 109.015353][ T6072] RSP: 002b:00007ff37f9d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 109.015372][ T6072] RAX: ffffffffffffffda RBX: 00007ff381a16090 RCX: 00007ff38179ce59 [ 109.015382][ T6072] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 109.015392][ T6072] RBP: 00007ff381832d6f R08: 0000000000000000 R09: 0000000000000000 [ 109.015401][ T6072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 109.015410][ T6072] R13: 00007ff381a16128 R14: 00007ff381a16090 R15: 00007ffd429cc638 [ 109.015429][ T6072] [ 109.479863][ T6072] bond0: invalid ARP target specified [ 110.310062][ T6099] binder: 6093:6099 ioctl 40046210 0 returned -14 [ 111.946578][ T6119] syz.0.57 (6119) used greatest stack depth: 19720 bytes left [ 112.463944][ T6138] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 112.965114][ T6146] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 113.858146][ T6158] netlink: 28 bytes leftover after parsing attributes in process `syz.0.65'. [ 114.043109][ T6158] bond0: (slave bond_slave_0): Releasing backup interface [ 117.550288][ T6205] netlink: 8 bytes leftover after parsing attributes in process `syz.1.74'. [ 118.057971][ T6217] FAULT_INJECTION: forcing a failure. [ 118.057971][ T6217] name failslab, interval 1, probability 0, space 0, times 0 [ 118.208324][ T6217] CPU: 0 UID: 0 PID: 6217 Comm: syz.0.77 Not tainted syzkaller #0 PREEMPT(full) [ 118.208348][ T6217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 118.208358][ T6217] Call Trace: [ 118.208364][ T6217] [ 118.208370][ T6217] dump_stack_lvl+0x100/0x190 [ 118.208401][ T6217] should_fail_ex.cold+0x5/0xa [ 118.208421][ T6217] should_failslab+0xc2/0x120 [ 118.208440][ T6217] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 118.208464][ T6217] ? __d_alloc+0x34/0xa40 [ 118.208487][ T6217] __d_alloc+0x34/0xa40 [ 118.208508][ T6217] d_alloc+0x4a/0x1e0 [ 118.208528][ T6217] lookup_one_qstr_excl+0x171/0x250 [ 118.208552][ T6217] start_dirop+0x59/0xb0 [ 118.208569][ T6217] simple_start_creating+0xf9/0x110 [ 118.208587][ T6217] ? __pfx_simple_start_creating+0x10/0x10 [ 118.208605][ T6217] ? mntput+0x70/0xa0 [ 118.208620][ T6217] ? simple_pin_fs+0xa3/0x190 [ 118.208636][ T6217] debugfs_start_creating.part.0+0x82/0x170 [ 118.208653][ T6217] __debugfs_create_file+0xb3/0x4f0 [ 118.208671][ T6217] debugfs_create_file_full+0x41/0x60 [ 118.208688][ T6217] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 118.208704][ T6217] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 118.208718][ T6217] ? ida_alloc_range+0x70d/0x830 [ 118.208761][ T6217] ? lockdep_init_map_type+0x5c/0x250 [ 118.208790][ T6217] preinit_net.part.0+0x252/0x920 [ 118.208808][ T6217] copy_net_ns+0x339/0x7c0 [ 118.208828][ T6217] create_new_namespaces+0x3ea/0xac0 [ 118.208851][ T6217] unshare_nsproxy_namespaces+0xf2/0x220 [ 118.208872][ T6217] ksys_unshare+0x438/0xab0 [ 118.208899][ T6217] ? __pfx_ksys_unshare+0x10/0x10 [ 118.208918][ T6217] ? xfd_validate_state+0x129/0x190 [ 118.208935][ T6217] ? ksys_write+0x1ac/0x250 [ 118.208961][ T6217] __x64_sys_unshare+0x31/0x40 [ 118.208983][ T6217] do_syscall_64+0x115/0x840 [ 118.209011][ T6217] ? clear_bhb_loop+0x40/0x90 [ 118.209030][ T6217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.209046][ T6217] RIP: 0033:0x7f053499ce59 [ 118.209059][ T6217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 118.209074][ T6217] RSP: 002b:00007f0535799028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 118.209088][ T6217] RAX: ffffffffffffffda RBX: 00007f0534c16090 RCX: 00007f053499ce59 [ 118.209098][ T6217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 118.209108][ T6217] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 118.209117][ T6217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.209126][ T6217] R13: 00007f0534c16128 R14: 00007f0534c16090 R15: 00007ffe497cacc8 [ 118.209146][ T6217] [ 122.492483][ T6269] vivid-007: ================= START STATUS ================= [ 122.506350][ T6266] random: crng reseeded on system resumption [ 122.551985][ T6269] vivid-007: Enable Output Cropping: true [ 122.612529][ T6269] vivid-007: Enable Output Composing: true [ 122.647919][ T6269] vivid-007: Enable Output Scaler: true [ 122.705205][ T6269] vivid-007: Tx RGB Quantization Range: Automatic [ 122.778913][ T6269] vivid-007: Transmit Mode: HDMI [ 122.871032][ T6269] vivid-007: Hotplug Present: 0x00000000 [ 122.940595][ T6269] vivid-007: RxSense Present: 0x00000000 [ 123.060269][ T6269] vivid-007: EDID Present: 0x00000000 [ 123.161808][ T6269] vivid-007: ================== END STATUS ================== [ 125.162033][ T6309] netlink: zone id is out of range [ 125.313611][ T6309] netlink: zone id is out of range [ 125.448870][ T6309] netlink: zone id is out of range [ 125.612695][ T6309] netlink: zone id is out of range [ 125.695943][ T6309] netlink: zone id is out of range [ 125.795027][ T6309] netlink: zone id is out of range [ 125.885370][ T6309] netlink: zone id is out of range [ 125.980931][ T6309] netlink: zone id is out of range [ 126.092999][ T6309] netlink: zone id is out of range [ 126.153736][ T6309] netlink: zone id is out of range [ 134.052021][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 134.062939][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.593825][ T6467] random: crng reseeded on system resumption [ 136.398150][ T6478] ubi0: attaching mtd0 [ 136.525579][ T6478] ubi0: scanning is finished [ 136.557957][ T6478] ubi0: empty MTD device detected [ 137.734096][ T6478] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 137.924065][ T6478] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 138.084872][ T6478] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 138.231498][ T6478] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 138.443551][ T6478] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 138.597496][ T6478] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 138.768454][ T6478] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 529964741 [ 138.834322][ T6478] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 138.890467][ T6504] ubi0: background thread "ubi_bgt0d" started, PID 6504 [ 138.898220][ T6481] ubi0: detaching mtd0 [ 138.964036][ T6481] ubi0: mtd0 is detached [ 139.757373][ T6533] [ 143.933477][ T6589] random: crng reseeded on system resumption [ 144.920925][ T6601] random: crng reseeded on system resumption [ 158.209580][ T6786] [ 161.503441][ T6831] zswap: compressor not available [ 162.097958][ T6850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.183'. [ 162.152242][ T6852] netlink: 354 bytes leftover after parsing attributes in process `syz.3.183'. [ 170.544555][ T6967] random: crng reseeded on system resumption [ 172.891787][ T7005] netlink: 28 bytes leftover after parsing attributes in process `syz.0.215'. [ 174.589890][ T7020] random: crng reseeded on system resumption [ 177.299101][ T7060] netlink: 'syz.2.228': attribute type 4 has an invalid length. [ 177.351967][ T7060] netlink: 'syz.2.228': attribute type 5 has an invalid length. [ 177.410805][ T7060] netlink: 10 bytes leftover after parsing attributes in process `syz.2.228'. [ 177.989080][ T7080] random: crng reseeded on system resumption [ 182.160180][ T7140] random: crng reseeded on system resumption [ 183.708393][ T7169] netlink: 4 bytes leftover after parsing attributes in process `syz.1.252'. [ 183.751713][ T7169] netlink: 354 bytes leftover after parsing attributes in process `syz.1.252'. [ 187.019700][ T7189] kexec: Could not allocate control_code_buffer [ 188.116588][ T7215] random: crng reseeded on system resumption [ 189.449405][ T7239] binder: 7238:7239 ioctl 40046210 0 returned -14 [ 192.183836][ T7286] random: crng reseeded on system resumption [ 195.490262][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.500749][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.548675][ T7355] random: crng reseeded on system resumption [ 198.105317][ T7381] blktrace: Concurrent blktraces are not allowed on nbd5 [ 198.150598][ T7381] blktrace: Concurrent blktraces are not allowed on ram10 [ 198.713352][ T7382] FAULT_INJECTION: forcing a failure. [ 198.713352][ T7382] name failslab, interval 1, probability 0, space 0, times 0 [ 199.031790][ T7382] CPU: 0 UID: 0 PID: 7382 Comm: syz.1.288 Not tainted syzkaller #0 PREEMPT(full) [ 199.031815][ T7382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 199.031825][ T7382] Call Trace: [ 199.031831][ T7382] [ 199.031839][ T7382] dump_stack_lvl+0x100/0x190 [ 199.031869][ T7382] should_fail_ex.cold+0x5/0xa [ 199.031889][ T7382] should_failslab+0xc2/0x120 [ 199.031907][ T7382] __kmalloc_cache_noprof+0x7a/0x6f0 [ 199.031927][ T7382] ? crtc_crc_open+0x3ba/0x7e0 [ 199.031950][ T7382] crtc_crc_open+0x3ba/0x7e0 [ 199.031967][ T7382] ? __debugfs_file_get+0x1fc/0x860 [ 199.031988][ T7382] ? __pfx_crtc_crc_open+0x10/0x10 [ 199.032009][ T7382] ? __pfx_apparmor_file_open+0x10/0x10 [ 199.032025][ T7382] ? path_get+0x61/0x80 [ 199.032047][ T7382] ? __pfx_crtc_crc_open+0x10/0x10 [ 199.032063][ T7382] full_proxy_open_regular+0x1b6/0x370 [ 199.032087][ T7382] do_dentry_open+0x6ab/0x14d0 [ 199.032104][ T7382] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 199.032130][ T7382] vfs_open+0x82/0x3f0 [ 199.032153][ T7382] path_openat+0x208c/0x31a0 [ 199.032177][ T7382] ? __pfx_path_openat+0x10/0x10 [ 199.032202][ T7382] do_file_open+0x20e/0x430 [ 199.032221][ T7382] ? __pfx_do_file_open+0x10/0x10 [ 199.032252][ T7382] ? alloc_fd+0x476/0x790 [ 199.032271][ T7382] ? do_getname+0x191/0x390 [ 199.032293][ T7382] do_sys_openat2+0x10d/0x1e0 [ 199.032315][ T7382] ? __pfx_do_sys_openat2+0x10/0x10 [ 199.032338][ T7382] ? do_raw_spin_lock+0x128/0x260 [ 199.032366][ T7382] __x64_sys_openat+0x12d/0x210 [ 199.032390][ T7382] ? __pfx___x64_sys_openat+0x10/0x10 [ 199.032416][ T7382] ? rcu_is_watching+0x12/0xc0 [ 199.032436][ T7382] do_syscall_64+0x115/0x840 [ 199.032457][ T7382] ? clear_bhb_loop+0x40/0x90 [ 199.032475][ T7382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.032490][ T7382] RIP: 0033:0x7fcf2cb9ce59 [ 199.032510][ T7382] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 199.032525][ T7382] RSP: 002b:00007fcf2dab5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 199.032544][ T7382] RAX: ffffffffffffffda RBX: 00007fcf2ce16090 RCX: 00007fcf2cb9ce59 [ 199.032554][ T7382] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 199.032563][ T7382] RBP: 00007fcf2cc32d6f R08: 0000000000000000 R09: 0000000000000000 [ 199.032572][ T7382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 199.032581][ T7382] R13: 00007fcf2ce16128 R14: 00007fcf2ce16090 R15: 00007ffdfddd39d8 [ 199.032599][ T7382] [ 201.672438][ T7404] kexec: Could not allocate control_code_buffer [ 203.562885][ T7422] kexec: Could not allocate control_code_buffer [ 204.278305][ T7449] blktrace: Concurrent blktraces are not allowed on nbd5 [ 204.810908][ T7456] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 204.899255][ T7456] File: /dev/nullb0 PID: 7456 Comm: syz.3.302 [ 207.816513][ T7465] Bluetooth: hci0: command 0x0406 tx timeout [ 207.823188][ T7465] Bluetooth: hci2: command 0x0406 tx timeout [ 207.829740][ T7465] Bluetooth: hci3: command 0x0406 tx timeout [ 207.835846][ T7465] Bluetooth: hci1: command 0x0406 tx timeout [ 214.387974][ T7560] Process accounting resumed [ 214.962909][ T7585] bridge0: port 3(team0) entered blocking state [ 214.983399][ T7585] bridge0: port 3(team0) entered disabled state [ 215.012457][ T7585] team0: entered allmulticast mode [ 215.036360][ T7585] team_slave_0: entered allmulticast mode [ 215.058659][ T7585] team_slave_1: entered allmulticast mode [ 215.081835][ T7585] team0: entered promiscuous mode [ 215.099892][ T7585] team_slave_0: entered promiscuous mode [ 215.128460][ T7585] team_slave_1: entered promiscuous mode [ 215.149251][ T7585] bridge0: port 3(team0) entered blocking state [ 215.157045][ T7585] bridge0: port 3(team0) entered listening state [ 217.131737][ T7617] netlink: 342 bytes leftover after parsing attributes in process `syz.0.334'. [ 217.451933][ T7624] [U] ^R [ 218.765348][ T7635] futex_wake_op: syz.0.336 tries to shift op by -2048; fix this program [ 218.801564][ T7635] futex_wake_op: syz.0.336 tries to shift op by -2048; fix this program [ 218.879759][ T7640] 0x000000000001-0x000000020000 : "" [ 219.046515][ T7640] ftl_cs: FTL header corrupt! [ 219.077752][ T7644] blktrace: Concurrent blktraces are not allowed on nbd5 [ 219.130076][ T7644] blktrace: Concurrent blktraces are not allowed on ram10 [ 219.173090][ T7634] futex_wake_op: syz.3.335 tries to shift op by -2048; fix this program [ 219.758830][ T7652] random: crng reseeded on system resumption [ 219.994334][ T7632] kexec: Could not allocate control_code_buffer [ 221.037842][ T7673] blktrace: Concurrent blktraces are not allowed on nbd5 [ 221.128976][ T7674] blktrace: Concurrent blktraces are not allowed on ram10 [ 222.194982][ T7688] netlink: 28 bytes leftover after parsing attributes in process `syz.1.347'. [ 222.549815][ T7688] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 222.699422][ T7688] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 222.772526][ T7688] bond0 (unregistering): Released all slaves [ 224.450936][ T7711] random: crng reseeded on system resumption [ 225.373284][ T7734] blktrace: Concurrent blktraces are not allowed on nbd5 [ 225.402281][ T7734] blktrace: Concurrent blktraces are not allowed on ram10 [ 229.063920][ T7785] random: crng reseeded on system resumption [ 230.155423][ T7804] blktrace: Concurrent blktraces are not allowed on nbd5 [ 230.212732][ T7804] blktrace: Concurrent blktraces are not allowed on ram10 [ 230.686784][ C0] bridge0: port 3(team0) entered learning state [ 232.081776][ T7822] netlink: 28 bytes leftover after parsing attributes in process `syz.2.371'. [ 232.205685][ T7825] netlink: 4 bytes leftover after parsing attributes in process `syz.3.372'. [ 232.260168][ T7828] netlink: 354 bytes leftover after parsing attributes in process `syz.3.372'. [ 232.289241][ T7822] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 232.403494][ T7822] bond0 (unregistering): Released all slaves [ 233.157074][ T29] audit: type=1800 audit(1781267435.322:2): pid=7839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.375" name="lu_gp_id" dev="configfs" ino=20629 res=0 errno=0 [ 233.865528][ T7847] blktrace: Concurrent blktraces are not allowed on nbd5 [ 234.075850][ T7854] blktrace: Concurrent blktraces are not allowed on ram10 [ 236.218498][ T7869] random: crng reseeded on system resumption [ 236.504698][ T7876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.382'. [ 236.559370][ T7880] netlink: 354 bytes leftover after parsing attributes in process `syz.2.382'. [ 237.567464][ T7895] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 238.674346][ T7898] kexec: Could not allocate control_code_buffer [ 239.078328][ T7915] blktrace: Concurrent blktraces are not allowed on nbd5 [ 239.146645][ T7919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.390'. [ 239.192525][ T7920] blktrace: Concurrent blktraces are not allowed on ram10 [ 240.734671][ T7934] netlink: 4 bytes leftover after parsing attributes in process `syz.2.392'. [ 240.779421][ T7934] netlink: 354 bytes leftover after parsing attributes in process `syz.2.392'. [ 242.733800][ T7958] netlink: 28 bytes leftover after parsing attributes in process `syz.3.398'. [ 242.943315][ T7958] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 243.095403][ T7958] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 243.197492][ T7958] bond0 (unregistering): Released all slaves [ 244.722495][ T7962] Process accounting paused [ 245.186545][ T7998] blktrace: Concurrent blktraces are not allowed on nbd5 [ 245.359877][ T7998] blktrace: Concurrent blktraces are not allowed on ram10 [ 246.046387][ C0] bridge0: port 3(team0) entered forwarding state [ 246.052965][ C0] bridge0: topology change detected, propagating [ 250.118022][ T8077] blktrace: Concurrent blktraces are not allowed on nbd5 [ 250.236742][ T8077] blktrace: Concurrent blktraces are not allowed on ram10 [ 251.753595][ T8091] random: crng reseeded on system resumption [ 254.792308][ T8137] kafs: addr_prefs: Invalid Command [ 255.151225][ T8141] blktrace: Concurrent blktraces are not allowed on nbd5 [ 255.198841][ T8141] blktrace: Concurrent blktraces are not allowed on ram10 [ 255.289184][ T8139] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 256.930223][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.938408][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.120821][ T8177] serio: Serial port pty173 [ 259.811689][ T8207] blktrace: Concurrent blktraces are not allowed on nbd5 [ 259.839024][ T8207] blktrace: Concurrent blktraces are not allowed on ram10 [ 259.964251][ T8205] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input37 [ 261.932590][ T8232] random: crng reseeded on system resumption [ 262.802176][ T8221] net_ratelimit: 47 callbacks suppressed [ 262.802197][ T8221] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 265.159108][ T8251] kexec: Could not allocate control_code_buffer [ 265.531070][ T8266] netlink: 334 bytes leftover after parsing attributes in process `syz.1.452'. [ 268.180533][ T8309] random: crng reseeded on system resumption [ 273.788527][ T8362] kAFS: No cell specified [ 275.599252][ T8328] Process accounting resumed [ 279.756847][ T8437] hub 1-0:1.0: USB hub found [ 279.791652][ T8437] hub 1-0:1.0: 1 port detected [ 280.761336][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.2.490'. [ 280.874968][ T8479] netlink: 354 bytes leftover after parsing attributes in process `syz.2.490'. [ 281.299809][ T8470] loop6: detected capacity change from 0 to 8 [ 282.202710][ T8482] Console: switching to colour VGA+ 80x25 [ 290.205142][ T8561] blktrace: Concurrent blktraces are not allowed on nbd5 [ 290.249518][ T8561] blktrace: Concurrent blktraces are not allowed on ram10 [ 290.567991][ T8566] blktrace: Concurrent blktraces are not allowed on nbd5 [ 290.612051][ T8566] blktrace: Concurrent blktraces are not allowed on ram10 [ 291.935716][ T8574] zswap: compressor 000 not available [ 293.770801][ T8581] kexec: Could not allocate control_code_buffer [ 301.306420][ T8705] random: crng reseeded on system resumption [ 302.967363][ T8733] zswap: compressor 000 not available [ 303.416891][ T8753] blktrace: Concurrent blktraces are not allowed on nbd5 [ 303.469250][ T8753] blktrace: Concurrent blktraces are not allowed on ram10 [ 304.636115][ T8759] serio: Serial port pty173 [ 305.639307][ T29] audit: type=1800 audit(1781267507.812:3): pid=8770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.533" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 306.287282][ T8776] Process accounting paused [ 307.229425][ T8774] hub 1-0:1.0: USB hub found [ 307.393758][ T8774] hub 1-0:1.0: 1 port detected [ 308.920977][ T8810] ubi0: attaching mtd0 [ 309.003037][ T8810] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1 [ 309.003082][ T8810] eraseblock attaching information dump: [ 309.003088][ T8810] ec 1 [ 309.003094][ T8810] pnum 0 [ 309.003100][ T8810] lnum 0 [ 309.003106][ T8810] scrub 0 [ 309.003111][ T8810] sqnum 1 [ 309.003117][ T8810] Volume identifier header dump: [ 309.003122][ T8810] magic 55424921 [ 309.003129][ T8810] version 1 [ 309.003135][ T8810] vol_type 1 [ 309.003141][ T8810] copy_flag 0 [ 309.003147][ T8810] compat 5 [ 309.003152][ T8810] vol_id 2147479551 [ 309.003159][ T8810] lnum 0 [ 309.003165][ T8810] data_size 0 [ 309.003171][ T8810] used_ebs 0 [ 309.003177][ T8810] data_pad 0 [ 309.003182][ T8810] sqnum 1 [ 309.003188][ T8810] hdr_crc 65b3bd2d [ 309.003194][ T8810] Volume identifier header hexdump: [ 309.687957][ T8825] blktrace: Concurrent blktraces are not allowed on nbd5 [ 309.689867][ T8825] blktrace: Concurrent blktraces are not allowed on ram10 [ 310.145171][ T8810] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 315.585658][ T8914] ubi0: attaching mtd0 [ 315.844206][ T8914] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1 [ 316.015886][ T8914] eraseblock attaching information dump: [ 316.129595][ T8914] ec 1 [ 316.198680][ T8914] pnum 0 [ 316.269459][ T8914] lnum 0 [ 316.353380][ T8914] scrub 0 [ 316.402288][ T8914] sqnum 1 [ 316.457925][ T8914] Volume identifier header dump: [ 316.552358][ T8914] magic 55424921 [ 316.650262][ T8914] version 1 [ 316.707865][ T8914] vol_type 1 [ 316.749908][ T8914] copy_flag 0 [ 316.811726][ T8914] compat 5 [ 316.875258][ T8914] vol_id 2147479551 [ 316.938136][ T8914] lnum 0 [ 316.979979][ T8914] data_size 0 [ 317.027827][ T8914] used_ebs 0 [ 317.077556][ T8914] data_pad 0 [ 317.125690][ T8914] sqnum 1 [ 317.188962][ T8914] hdr_crc 65b3bd2d [ 317.259728][ T8914] Volume identifier header hexdump: [ 317.721831][ T8914] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 318.373685][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.383209][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 320.181225][ T8963] libceph: secret too big 47 [ 326.425193][ T9031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.580'. [ 326.494983][ T9036] netlink: 354 bytes leftover after parsing attributes in process `syz.2.580'. [ 326.783754][ T9043] ubi0: attaching mtd0 [ 326.851488][ T9043] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1 [ 326.989235][ T9043] eraseblock attaching information dump: [ 327.100096][ T9043] ec 1 [ 327.153363][ T9043] pnum 0 [ 327.199114][ T9043] lnum 0 [ 327.249409][ T9043] scrub 0 [ 327.300023][ T9043] sqnum 1 [ 327.351610][ T9043] Volume identifier header dump: [ 327.436212][ T9043] magic 55424921 [ 327.567241][ T9043] version 1 [ 327.634906][ T9043] vol_type 1 [ 327.713719][ T9043] copy_flag 0 [ 327.783697][ T9043] compat 5 [ 327.841046][ T9043] vol_id 2147479551 [ 327.911918][ T9043] lnum 0 [ 327.976743][ T9043] data_size 0 [ 328.050070][ T9043] used_ebs 0 [ 328.116577][ T9043] data_pad 0 [ 328.135329][ T9043] sqnum 1 [ 328.157978][ T9043] hdr_crc 65b3bd2d [ 328.185748][ T9043] Volume identifier header hexdump: [ 328.428562][ T9043] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 330.579754][ T9074] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.662228][ T9069] NFSD: Failed to start, no listeners configured. [ 331.513978][ T9114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.591'. [ 331.557243][ T9114] netlink: 354 bytes leftover after parsing attributes in process `syz.2.591'. [ 332.224048][ T9128] netlink: 28 bytes leftover after parsing attributes in process `syz.0.593'. [ 334.601893][ T9141] kexec: Could not allocate control_code_buffer [ 334.977229][ T9163] netlink: 4 bytes leftover after parsing attributes in process `syz.3.601'. [ 335.025292][ T9163] netlink: 354 bytes leftover after parsing attributes in process `syz.3.601'. [ 336.533210][ T9168] Process accounting resumed [ 336.942935][ T9194] random: crng reseeded on system resumption [ 337.012180][ T9196] netlink: 28 bytes leftover after parsing attributes in process `syz.1.604'. [ 337.126854][ T9192] can: request_module (can-proto-5) failed. [ 337.649167][ T9201] netlink: 342 bytes leftover after parsing attributes in process `syz.1.604'. [ 341.143878][ T9226] kexec: Could not allocate control_code_buffer [ 343.653879][ T9281] blktrace: Concurrent blktraces are not allowed on nbd5 [ 343.724718][ T9281] blktrace: Concurrent blktraces are not allowed on ram10 [ 351.089366][ T9402] libceph: secret too big 47 [ 356.658352][ T9485] blktrace: Concurrent blktraces are not allowed on nbd5 [ 356.699187][ T9485] blktrace: Concurrent blktraces are not allowed on ram10 [ 358.332467][ T9512] NFSD: Failed to start, no listeners configured. [ 358.805500][ T9525] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9k}OqD@.ZCg^' [ 361.445586][ T50] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 361.627007][ T9556] can: request_module (can-proto-3) failed. [ 361.801833][ T9561] blktrace: Concurrent blktraces are not allowed on nbd5 [ 361.877899][ T9563] blktrace: Concurrent blktraces are not allowed on ram10 [ 363.163044][ T9578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.670'. [ 363.299262][ T9588] netlink: 354 bytes leftover after parsing attributes in process `syz.3.670'. [ 363.473428][ T50] Bluetooth: hci3: command 0x0406 tx timeout [ 364.282685][ T9595] Console: switching to colour frame buffer device 13x6 [ 364.811995][ T9619] netlink: 28 bytes leftover after parsing attributes in process `syz.0.677'. [ 364.866801][ T9616] can: request_module (can-proto-5) failed. [ 365.206878][ T9613] netlink: 342 bytes leftover after parsing attributes in process `syz.0.677'. [ 365.553117][ T50] Bluetooth: hci3: command 0x0406 tx timeout [ 365.923167][ T9630] bridge0: port 3(dummy0) entered blocking state [ 365.943161][ T9630] bridge0: port 3(dummy0) entered disabled state [ 365.960621][ T9630] dummy0: entered allmulticast mode [ 365.995964][ T9630] dummy0: entered promiscuous mode [ 366.016324][ T9630] bridge0: port 3(dummy0) entered blocking state [ 366.023195][ T9630] bridge0: port 3(dummy0) entered listening state [ 366.406663][ T9639] blktrace: Concurrent blktraces are not allowed on nbd5 [ 366.444790][ T9639] blktrace: Concurrent blktraces are not allowed on ram10 [ 367.889144][ T9642] Process accounting paused [ 371.606152][ T9698] netlink: 12 bytes leftover after parsing attributes in process `syz.3.688'. [ 373.637676][ T1176] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:8: bg 3: bad block bitmap checksum [ 373.698165][ T1176] EXT4-fs (sda1): Delayed block allocation failed for inode 2036 at logical offset 917 with max blocks 1 with error 74 [ 373.804552][ T1176] EXT4-fs (sda1): This should not happen!! Data will be lost [ 373.804552][ T1176] [ 378.208376][ T9831] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9k}OqD@.ZCg^' [ 379.787285][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.795831][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.061323][ C0] bridge0: port 3(dummy0) entered learning state [ 383.242066][ T9927] random: crng reseeded on system resumption [ 385.074170][ T9950] FAULT_INJECTION: forcing a failure. [ 385.074170][ T9950] name failslab, interval 1, probability 0, space 0, times 0 [ 385.148221][ T9950] CPU: 0 UID: 0 PID: 9950 Comm: syz.0.727 Not tainted syzkaller #0 PREEMPT(full) [ 385.148245][ T9950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 385.148263][ T9950] Call Trace: [ 385.148326][ T9950] [ 385.148355][ T9950] dump_stack_lvl+0x100/0x190 [ 385.148436][ T9950] should_fail_ex.cold+0x5/0xa [ 385.148472][ T9950] ? memcg_list_lru_alloc+0x4ec/0x740 [ 385.148502][ T9950] should_failslab+0xc2/0x120 [ 385.148524][ T9950] __kmalloc_noprof+0xe0/0x850 [ 385.148547][ T9950] ? __lock_acquire+0x4a5/0x2630 [ 385.148584][ T9950] memcg_list_lru_alloc+0x4ec/0x740 [ 385.148604][ T9950] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 385.148629][ T9950] __memcg_slab_post_alloc_hook+0x27e/0xff0 [ 385.148664][ T9950] ? kasan_save_track+0x14/0x30 [ 385.148681][ T9950] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 385.148704][ T9950] ? __d_alloc+0x34/0xa40 [ 385.148729][ T9950] ? __pfx_rpc_fill_super+0x10/0x10 [ 385.148816][ T9950] __d_alloc+0x34/0xa40 [ 385.148836][ T9950] ? __pfx_rpc_fill_super+0x10/0x10 [ 385.148856][ T9950] d_make_root+0x3e/0x90 [ 385.148876][ T9950] rpc_fill_super+0x26f/0x4f0 [ 385.148897][ T9950] ? __pfx_rpc_fill_super+0x10/0x10 [ 385.148915][ T9950] get_tree_keyed+0x10e/0x1d0 [ 385.148933][ T9950] vfs_get_tree+0x92/0x320 [ 385.148947][ T9950] vfs_cmd_create+0xd7/0x2a0 [ 385.148970][ T9950] __do_sys_fsconfig+0x55a/0xcb0 [ 385.148993][ T9950] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 385.149015][ T9950] ? xfd_validate_state+0x129/0x190 [ 385.149044][ T9950] ? rcu_is_watching+0x12/0xc0 [ 385.149071][ T9950] do_syscall_64+0x115/0x840 [ 385.149138][ T9950] ? clear_bhb_loop+0x40/0x90 [ 385.149165][ T9950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.149181][ T9950] RIP: 0033:0x7f053499ce59 [ 385.149195][ T9950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 385.149209][ T9950] RSP: 002b:00007f05357ba028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 385.149229][ T9950] RAX: ffffffffffffffda RBX: 00007f0534c15fa0 RCX: 00007f053499ce59 [ 385.149240][ T9950] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000009 [ 385.149249][ T9950] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 385.149257][ T9950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 385.149265][ T9950] R13: 00007f0534c16038 R14: 00007f0534c15fa0 R15: 00007ffe497cacc8 [ 385.149285][ T9950] [ 385.905173][ T9959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.728'. [ 385.936112][ T9959] netlink: 354 bytes leftover after parsing attributes in process `syz.1.728'. [ 387.243541][ T9978] bridge0: port 3(dummy0) entered blocking state [ 387.311178][ T9978] bridge0: port 3(dummy0) entered disabled state [ 387.377735][ T9978] dummy0: entered allmulticast mode [ 387.473124][ T9978] dummy0: entered promiscuous mode [ 387.549323][ T9978] bridge0: port 3(dummy0) entered blocking state [ 387.555875][ T9978] bridge0: port 3(dummy0) entered listening state [ 391.962595][T10036] netlink: 12 bytes leftover after parsing attributes in process `syz.1.741'. [ 392.209662][T10056] blktrace: Concurrent blktraces are not allowed on nbd5 [ 396.422501][ C0] bridge0: port 3(dummy0) entered forwarding state [ 396.429114][ C0] bridge0: topology change detected, propagating [ 397.213618][T10125] blktrace: Concurrent blktraces are not allowed on nbd5 [ 399.369928][ T5630] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 399.525237][T10160] random: crng reseeded on system resumption [ 399.673747][T10158] can: request_module (can-proto-3) failed. [ 399.998812][T10135] Process accounting resumed [ 401.452674][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 401.803711][T10167] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.3.762: bg 1: bad block bitmap checksum [ 401.844247][T10167] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6679: Filesystem failed CRC [ 402.810549][ C0] bridge0: port 3(dummy0) entered learning state [ 403.164700][T10212] blktrace: Concurrent blktraces are not allowed on nbd5 [ 403.200994][T10212] blktrace: Concurrent blktraces are not allowed on ram10 [ 403.531352][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 405.526321][T10251] random: crng reseeded on system resumption [ 405.731131][ T5630] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 405.776321][T10234] netlink: 12 bytes leftover after parsing attributes in process `syz.2.771'. [ 406.217659][T10227] vivid-008: ================= START STATUS ================= [ 406.278224][T10227] vivid-008: ================== END STATUS ================== [ 407.768281][ T50] Bluetooth: hci1: command 0x0406 tx timeout [ 408.173784][T10292] blktrace: Concurrent blktraces are not allowed on nbd5 [ 408.228430][T10294] blktrace: Concurrent blktraces are not allowed on ram10 [ 409.183193][T10309] syz.0.784 uses obsolete (PF_INET,SOCK_PACKET) [ 409.848514][ T50] Bluetooth: hci1: command 0x0406 tx timeout [ 413.282057][T10375] netlink: 4 bytes leftover after parsing attributes in process `syz.2.796'. [ 413.333352][T10379] netlink: 354 bytes leftover after parsing attributes in process `syz.2.796'. [ 415.096363][T10414] netlink: 16 bytes leftover after parsing attributes in process `syz.2.803'. [ 417.183613][T10451] FAULT_INJECTION: forcing a failure. [ 417.183613][T10451] name failslab, interval 1, probability 0, space 0, times 0 [ 417.183658][T10451] CPU: 0 UID: 0 PID: 10451 Comm: syz.3.809 Not tainted syzkaller #0 PREEMPT(full) [ 417.183677][T10451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 417.183687][T10451] Call Trace: [ 417.183693][T10451] [ 417.183700][T10451] dump_stack_lvl+0x100/0x190 [ 417.183730][T10451] should_fail_ex.cold+0x5/0xa [ 417.183750][T10451] should_failslab+0xc2/0x120 [ 417.183769][T10451] __kmalloc_cache_noprof+0x7a/0x6f0 [ 417.183790][T10451] ? vc_allocate+0x1a6/0x880 [ 417.183857][T10451] vc_allocate+0x1a6/0x880 [ 417.183877][T10451] ? __pfx_vc_allocate+0x10/0x10 [ 417.183901][T10451] con_install+0xa1/0x620 [ 417.183921][T10451] ? __pfx_con_install+0x10/0x10 [ 417.183943][T10451] ? __pfx_con_install+0x10/0x10 [ 417.183962][T10451] tty_init_dev.part.0+0x9e/0x470 [ 417.183987][T10451] tty_open+0xa63/0xfa0 [ 417.184010][T10451] ? __pfx_tty_open+0x10/0x10 [ 417.184027][T10451] ? chrdev_open+0x589/0x6a0 [ 417.184045][T10451] ? chrdev_open+0x589/0x6a0 [ 417.184065][T10451] ? __pfx_tty_open+0x10/0x10 [ 417.184101][T10451] chrdev_open+0x234/0x6a0 [ 417.184119][T10451] ? __pfx_chrdev_open+0x10/0x10 [ 417.184139][T10451] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 417.184174][T10451] do_dentry_open+0x6ab/0x14d0 [ 417.184192][T10451] ? __pfx_chrdev_open+0x10/0x10 [ 417.184214][T10451] vfs_open+0x82/0x3f0 [ 417.184237][T10451] path_openat+0x208c/0x31a0 [ 417.184262][T10451] ? __pfx_path_openat+0x10/0x10 [ 417.184287][T10451] do_file_open+0x20e/0x430 [ 417.184306][T10451] ? __pfx_do_file_open+0x10/0x10 [ 417.184338][T10451] ? alloc_fd+0x476/0x790 [ 417.184357][T10451] ? do_getname+0x191/0x390 [ 417.184380][T10451] do_sys_openat2+0x10d/0x1e0 [ 417.184401][T10451] ? __pfx_do_sys_openat2+0x10/0x10 [ 417.184425][T10451] ? __fget_files+0x21f/0x3d0 [ 417.184446][T10451] __x64_sys_openat+0x12d/0x210 [ 417.184468][T10451] ? __pfx___x64_sys_openat+0x10/0x10 [ 417.184494][T10451] ? rcu_is_watching+0x12/0xc0 [ 417.184513][T10451] do_syscall_64+0x115/0x840 [ 417.184534][T10451] ? clear_bhb_loop+0x40/0x90 [ 417.184552][T10451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.184567][T10451] RIP: 0033:0x7fc1ce39ce59 [ 417.184581][T10451] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 417.184595][T10451] RSP: 002b:00007fc1cf24b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 417.184617][T10451] RAX: ffffffffffffffda RBX: 00007fc1ce616090 RCX: 00007fc1ce39ce59 [ 417.184627][T10451] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 417.184637][T10451] RBP: 00007fc1ce432d6f R08: 0000000000000000 R09: 0000000000000000 [ 417.184646][T10451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.184655][T10451] R13: 00007fc1ce616128 R14: 00007fc1ce616090 R15: 00007ffd4f3f7878 [ 417.184676][T10451] [ 417.590633][T10463] netlink: 334 bytes leftover after parsing attributes in process `syz.1.812'. [ 418.162797][ C0] bridge0: port 3(dummy0) entered forwarding state [ 418.162841][ C0] bridge0: topology change detected, propagating [ 422.705557][T10528] blktrace: Concurrent blktraces are not allowed on nbd5 [ 422.795444][T10528] blktrace: Concurrent blktraces are not allowed on ram10 [ 423.156984][T10532] netlink: 4 bytes leftover after parsing attributes in process `syz.0.827'. [ 423.271184][T10532] netlink: 354 bytes leftover after parsing attributes in process `syz.0.827'. [ 425.992203][T10573] random: crng reseeded on system resumption [ 426.940074][T10577] FAULT_INJECTION: forcing a failure. [ 426.940074][T10577] name failslab, interval 1, probability 0, space 0, times 0 [ 427.045662][T10577] CPU: 0 UID: 0 PID: 10577 Comm: syz.1.835 Not tainted syzkaller #0 PREEMPT(full) [ 427.045685][T10577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 427.045695][T10577] Call Trace: [ 427.045700][T10577] [ 427.045706][T10577] dump_stack_lvl+0x100/0x190 [ 427.045738][T10577] should_fail_ex.cold+0x5/0xa [ 427.045758][T10577] ? security_inode_init_security+0x113/0x370 [ 427.045829][T10577] should_failslab+0xc2/0x120 [ 427.045848][T10577] __kmalloc_noprof+0xe0/0x850 [ 427.045875][T10577] security_inode_init_security+0x113/0x370 [ 427.045898][T10577] ? __pfx_shmem_initxattrs+0x10/0x10 [ 427.045924][T10577] ? __pfx_security_inode_init_security+0x10/0x10 [ 427.045949][T10577] ? make_vfsgid+0xf1/0x140 [ 427.045965][T10577] shmem_mknod+0x2ce/0x480 [ 427.045987][T10577] ? __pfx_shmem_mknod+0x10/0x10 [ 427.046011][T10577] vfs_create+0x301/0x6c0 [ 427.046027][T10577] filename_mknodat+0x2de/0x7f0 [ 427.046049][T10577] ? __pfx_filename_mknodat+0x10/0x10 [ 427.046070][T10577] ? strncpy_from_user+0x19d/0x2d0 [ 427.046105][T10577] ? do_getname+0x191/0x390 [ 427.046127][T10577] __x64_sys_mknod+0x8f/0xc0 [ 427.046147][T10577] do_syscall_64+0x115/0x840 [ 427.046168][T10577] ? clear_bhb_loop+0x40/0x90 [ 427.046186][T10577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.046202][T10577] RIP: 0033:0x7fcf2cb9ce59 [ 427.046216][T10577] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 427.046230][T10577] RSP: 002b:00007fcf2da94028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 427.046244][T10577] RAX: ffffffffffffffda RBX: 00007fcf2ce16180 RCX: 00007fcf2cb9ce59 [ 427.046254][T10577] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 427.046262][T10577] RBP: 00007fcf2cc32d6f R08: 0000000000000000 R09: 0000000000000000 [ 427.046271][T10577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 427.046279][T10577] R13: 00007fcf2ce16218 R14: 00007fcf2ce16180 R15: 00007ffdfddd39d8 [ 427.046298][T10577] [ 427.734798][T10592] netlink: 4 bytes leftover after parsing attributes in process `syz.3.837'. [ 428.841397][T10608] sg_write: data in/out 262108/45 bytes for SCSI command 0x61-- guessing data in; [ 428.841397][T10608] program syz.2.839 not setting count and/or reply_len properly [ 429.680252][T10617] sg_read: process 1004 (syz.2.839) changed security contexts after opening file descriptor, this is not allowed. [ 430.295318][T10632] FAULT_INJECTION: forcing a failure. [ 430.295318][T10632] name failslab, interval 1, probability 0, space 0, times 0 [ 430.484042][T10632] CPU: 0 UID: 0 PID: 10632 Comm: syz.3.842 Not tainted syzkaller #0 PREEMPT(full) [ 430.484066][T10632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 430.484077][T10632] Call Trace: [ 430.484083][T10632] [ 430.484089][T10632] dump_stack_lvl+0x100/0x190 [ 430.484121][T10632] should_fail_ex.cold+0x5/0xa [ 430.484141][T10632] should_failslab+0xc2/0x120 [ 430.484159][T10632] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 430.484184][T10632] ? security_inode_alloc+0x3b/0x2c0 [ 430.484200][T10632] ? lockdep_init_map_type+0x5c/0x250 [ 430.484227][T10632] security_inode_alloc+0x3b/0x2c0 [ 430.484244][T10632] inode_init_always_gfp+0xc77/0xfb0 [ 430.484266][T10632] alloc_inode+0x8e/0x250 [ 430.484287][T10632] new_inode+0x22/0x1c0 [ 430.484310][T10632] shmem_get_inode+0x1e3/0xfb0 [ 430.484332][T10632] ? __pfx_shmem_get_inode+0x10/0x10 [ 430.484353][T10632] ? make_vfsgid+0xf1/0x140 [ 430.484369][T10632] shmem_mknod+0x217/0x480 [ 430.484390][T10632] ? __pfx_shmem_mknod+0x10/0x10 [ 430.484432][T10632] vfs_create+0x301/0x6c0 [ 430.484449][T10632] filename_mknodat+0x2de/0x7f0 [ 430.484470][T10632] ? __pfx_filename_mknodat+0x10/0x10 [ 430.484489][T10632] ? strncpy_from_user+0x19d/0x2d0 [ 430.484512][T10632] ? do_getname+0x191/0x390 [ 430.484534][T10632] __x64_sys_mknod+0x8f/0xc0 [ 430.484554][T10632] do_syscall_64+0x115/0x840 [ 430.484574][T10632] ? clear_bhb_loop+0x40/0x90 [ 430.484592][T10632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.484608][T10632] RIP: 0033:0x7fc1ce39ce59 [ 430.484620][T10632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 430.484634][T10632] RSP: 002b:00007fc1cf209028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 430.484649][T10632] RAX: ffffffffffffffda RBX: 00007fc1ce616270 RCX: 00007fc1ce39ce59 [ 430.484658][T10632] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 430.484675][T10632] RBP: 00007fc1ce432d6f R08: 0000000000000000 R09: 0000000000000000 [ 430.484684][T10632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 430.484695][T10632] R13: 00007fc1ce616308 R14: 00007fc1ce616270 R15: 00007ffd4f3f7878 [ 430.484715][T10632] [ 431.085202][T10630] Process accounting paused [ 432.198851][T10653] netlink: 4 bytes leftover after parsing attributes in process `syz.3.848'. [ 434.968886][T10684] netlink: 12 bytes leftover after parsing attributes in process `syz.0.855'. [ 435.332478][T10697] FAULT_INJECTION: forcing a failure. [ 435.332478][T10697] name fail_futex, interval 1, probability 0, space 0, times 1 [ 435.375106][T10697] CPU: 0 UID: 0 PID: 10697 Comm: syz.2.858 Not tainted syzkaller #0 PREEMPT(full) [ 435.375129][T10697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 435.375138][T10697] Call Trace: [ 435.375144][T10697] [ 435.375150][T10697] dump_stack_lvl+0x100/0x190 [ 435.375181][T10697] should_fail_ex.cold+0x5/0xa [ 435.375201][T10697] get_futex_key+0x1d2/0x1510 [ 435.375263][T10697] ? __pfx_get_futex_key+0x10/0x10 [ 435.375286][T10697] ? putname+0xb1/0x110 [ 435.375305][T10697] ? kasan_save_stack+0x3f/0x50 [ 435.375319][T10697] ? kasan_save_stack+0x30/0x50 [ 435.375332][T10697] ? kasan_save_track+0x14/0x30 [ 435.375346][T10697] ? kasan_save_free_info+0x3b/0x70 [ 435.375365][T10697] ? __kasan_slab_free+0x5f/0x80 [ 435.375379][T10697] ? kmem_cache_free+0x127/0x6c0 [ 435.375402][T10697] futex_wake+0xea/0x530 [ 435.375421][T10697] ? __pfx_futex_wake+0x10/0x10 [ 435.375446][T10697] do_futex+0x32b/0x350 [ 435.375461][T10697] ? __pfx_do_futex+0x10/0x10 [ 435.375481][T10697] __x64_sys_futex+0x34f/0x4d0 [ 435.375499][T10697] ? __pfx___x64_sys_futex+0x10/0x10 [ 435.375517][T10697] ? rcu_is_watching+0x12/0xc0 [ 435.375536][T10697] do_syscall_64+0x115/0x840 [ 435.375557][T10697] ? clear_bhb_loop+0x40/0x90 [ 435.375575][T10697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.375589][T10697] RIP: 0033:0x7ff38179ce59 [ 435.375603][T10697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 435.375617][T10697] RSP: 002b:00007ff37f9b40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 435.375631][T10697] RAX: ffffffffffffffda RBX: 00007ff381a16188 RCX: 00007ff38179ce59 [ 435.375641][T10697] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff381a1618c [ 435.375650][T10697] RBP: 00007ff381a16180 R08: 0000000000000001 R09: 0000000000000000 [ 435.375658][T10697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 435.375667][T10697] R13: 00007ff381a16218 R14: 00007ffd429cc550 R15: 00007ffd429cc638 [ 435.375685][T10697] [ 438.188370][ T1100] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1335 with max blocks 10 with error 117 [ 438.281241][ T1100] EXT4-fs (sda1): This should not happen!! Data will be lost [ 438.281241][ T1100] [ 439.910271][T10751] FAULT_INJECTION: forcing a failure. [ 439.910271][T10751] name failslab, interval 1, probability 0, space 0, times 0 [ 440.050180][T10751] CPU: 0 UID: 0 PID: 10751 Comm: syz.3.869 Not tainted syzkaller #0 PREEMPT(full) [ 440.050206][T10751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 440.050216][T10751] Call Trace: [ 440.050221][T10751] [ 440.050228][T10751] dump_stack_lvl+0x100/0x190 [ 440.050260][T10751] should_fail_ex.cold+0x5/0xa [ 440.050280][T10751] ? security_inode_init_security+0x113/0x370 [ 440.050303][T10751] should_failslab+0xc2/0x120 [ 440.050320][T10751] __kmalloc_noprof+0xe0/0x850 [ 440.050349][T10751] security_inode_init_security+0x113/0x370 [ 440.050372][T10751] ? __pfx_shmem_initxattrs+0x10/0x10 [ 440.050391][T10751] ? __pfx_security_inode_init_security+0x10/0x10 [ 440.050415][T10751] ? make_vfsgid+0xf1/0x140 [ 440.050431][T10751] shmem_mknod+0x2ce/0x480 [ 440.050452][T10751] ? __pfx_shmem_mknod+0x10/0x10 [ 440.050477][T10751] vfs_create+0x301/0x6c0 [ 440.050494][T10751] filename_mknodat+0x2de/0x7f0 [ 440.050515][T10751] ? __pfx_filename_mknodat+0x10/0x10 [ 440.050534][T10751] ? strncpy_from_user+0x19d/0x2d0 [ 440.050557][T10751] ? do_getname+0x191/0x390 [ 440.050579][T10751] __x64_sys_mknod+0x8f/0xc0 [ 440.050598][T10751] do_syscall_64+0x115/0x840 [ 440.050618][T10751] ? clear_bhb_loop+0x40/0x90 [ 440.050637][T10751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.050652][T10751] RIP: 0033:0x7fc1ce39ce59 [ 440.050673][T10751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 440.050687][T10751] RSP: 002b:00007fc1cf22a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 440.050703][T10751] RAX: ffffffffffffffda RBX: 00007fc1ce616180 RCX: 00007fc1ce39ce59 [ 440.050713][T10751] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 440.050722][T10751] RBP: 00007fc1ce432d6f R08: 0000000000000000 R09: 0000000000000000 [ 440.050731][T10751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 440.050740][T10751] R13: 00007fc1ce616218 R14: 00007fc1ce616180 R15: 00007ffd4f3f7878 [ 440.050760][T10751] [ 441.087700][T10750] netlink: 12 bytes leftover after parsing attributes in process `syz.2.868'. [ 441.194517][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 441.207797][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.854522][T10828] netlink: 12 bytes leftover after parsing attributes in process `syz.1.883'. [ 454.232701][T10978] netlink: 28 bytes leftover after parsing attributes in process `syz.1.912'. [ 460.171398][T11076] blktrace: Concurrent blktraces are not allowed on nbd5 [ 460.228458][T11076] blktrace: Concurrent blktraces are not allowed on ram10 [ 464.627936][T11143] futex_wake_op: syz.1.942 tries to shift op by -2048; fix this program [ 464.793513][T11146] blktrace: Concurrent blktraces are not allowed on nbd5 [ 464.805606][ T5630] Bluetooth: hci1: ISO packet too small [ 464.835235][T11146] blktrace: Concurrent blktraces are not allowed on ram10 [ 466.726872][T11174] netlink: 330 bytes leftover after parsing attributes in process `syz.3.948'. [ 466.887835][T11174] mac80211_hwsim hwsim7 : renamed from wlan0 (while UP) [ 469.284837][T11185] FAULT_INJECTION: forcing a failure. [ 469.284837][T11185] name failslab, interval 1, probability 0, space 0, times 0 [ 469.329151][T11185] CPU: 0 UID: 0 PID: 11185 Comm: syz.3.950 Not tainted syzkaller #0 PREEMPT(full) [ 469.329175][T11185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 469.329184][T11185] Call Trace: [ 469.329190][T11185] [ 469.329196][T11185] dump_stack_lvl+0x100/0x190 [ 469.329230][T11185] should_fail_ex.cold+0x5/0xa [ 469.329250][T11185] should_failslab+0xc2/0x120 [ 469.329271][T11185] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 469.329294][T11185] ? shmem_alloc_inode+0x25/0x50 [ 469.329315][T11185] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 469.329367][T11185] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 469.329386][T11185] shmem_alloc_inode+0x25/0x50 [ 469.329404][T11185] alloc_inode+0x68/0x250 [ 469.329428][T11185] new_inode+0x22/0x1c0 [ 469.329451][T11185] shmem_get_inode+0x1e3/0xfb0 [ 469.329472][T11185] ? __pfx_shmem_get_inode+0x10/0x10 [ 469.329496][T11185] __shmem_file_setup+0x382/0x460 [ 469.329517][T11185] ? __pfx___shmem_file_setup+0x10/0x10 [ 469.329538][T11185] ? vm_area_alloc+0x1f/0x160 [ 469.329561][T11185] shmem_zero_setup+0x96/0x1b0 [ 469.329584][T11185] __mmap_region+0x2509/0x2dd0 [ 469.329612][T11185] ? __pfx___mmap_region+0x10/0x10 [ 469.329638][T11185] ? stack_depot_save_flags+0x27/0x9d0 [ 469.329669][T11185] ? do_raw_spin_lock+0x128/0x260 [ 469.329688][T11185] ? __lock_acquire+0x4a5/0x2630 [ 469.329711][T11185] ? do_raw_spin_unlock+0x145/0x1e0 [ 469.329736][T11185] ? find_held_lock+0x2b/0x80 [ 469.329755][T11185] ? rcu_is_watching+0x12/0xc0 [ 469.329781][T11185] ? mark_held_locks+0x40/0x70 [ 469.329802][T11185] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 469.329853][T11185] ? rcu_is_watching+0x12/0xc0 [ 469.329873][T11185] mmap_region+0x35d/0x620 [ 469.329889][T11185] ? rcu_is_watching+0x12/0xc0 [ 469.329906][T11185] ? __pfx_mmap_region+0x10/0x10 [ 469.329922][T11185] ? cap_mmap_addr+0x4b/0x120 [ 469.329937][T11185] ? bpf_lsm_mmap_addr+0x9/0x30 [ 469.329955][T11185] ? security_mmap_addr+0x71/0x1e0 [ 469.329974][T11185] ? __get_unmapped_area+0x255/0x3e0 [ 469.329994][T11185] do_mmap+0xc63/0x12f0 [ 469.330015][T11185] ? __pfx_do_mmap+0x10/0x10 [ 469.330032][T11185] ? __pfx_down_write_killable+0x10/0x10 [ 469.330143][T11185] vm_mmap_pgoff+0x29e/0x470 [ 469.330166][T11185] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 469.330186][T11185] ? do_futex+0x192/0x350 [ 469.330202][T11185] ? __pfx_do_futex+0x10/0x10 [ 469.330220][T11185] ksys_mmap_pgoff+0xe4/0x610 [ 469.330238][T11185] ? __x64_sys_futex+0x358/0x4d0 [ 469.330254][T11185] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 469.330271][T11185] ? xfd_validate_state+0x129/0x190 [ 469.330290][T11185] __x64_sys_mmap+0x125/0x190 [ 469.330308][T11185] do_syscall_64+0x115/0x840 [ 469.330327][T11185] ? clear_bhb_loop+0x40/0x90 [ 469.330346][T11185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.330361][T11185] RIP: 0033:0x7fc1ce39ce59 [ 469.330375][T11185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 469.330389][T11185] RSP: 002b:00007fc1cf22a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 469.330404][T11185] RAX: ffffffffffffffda RBX: 00007fc1ce616180 RCX: 00007fc1ce39ce59 [ 469.330414][T11185] RDX: 1000000000000007 RSI: 0000000002020006 RDI: 0000000000000000 [ 469.330424][T11185] RBP: 00007fc1ce432d6f R08: 0000000000000000 R09: 0000000001008000 [ 469.330433][T11185] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 469.330441][T11185] R13: 00007fc1ce616218 R14: 00007fc1ce616180 R15: 00007ffd4f3f7878 [ 469.330461][T11185] [ 470.094519][T11207] blktrace: Concurrent blktraces are not allowed on nbd5 [ 470.296386][T11208] blktrace: Concurrent blktraces are not allowed on ram10 [ 474.308828][T11268] blktrace: Concurrent blktraces are not allowed on nbd5 [ 474.358538][T11268] blktrace: Concurrent blktraces are not allowed on ram10 [ 477.811127][T11317] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 477.889793][T11317] FAULT_INJECTION: forcing a failure. [ 477.889793][T11317] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 477.960893][T11317] CPU: 0 UID: 0 PID: 11317 Comm: syz.0.977 Not tainted syzkaller #0 PREEMPT(full) [ 477.960916][T11317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 477.960926][T11317] Call Trace: [ 477.960931][T11317] [ 477.960937][T11317] dump_stack_lvl+0x100/0x190 [ 477.960967][T11317] should_fail_ex.cold+0x5/0xa [ 477.960986][T11317] _copy_from_user+0x2e/0xd0 [ 477.961028][T11317] btf_new_fd+0x764/0x5dd0 [ 477.961049][T11317] ? __lock_acquire+0x4a5/0x2630 [ 477.961074][T11317] ? preempt_schedule_thunk+0x16/0x30 [ 477.961096][T11317] ? __pfx_btf_new_fd+0x10/0x10 [ 477.961115][T11317] ? rcu_is_watching+0x12/0xc0 [ 477.961132][T11317] ? apparmor_capable+0x1d7/0x4d0 [ 477.961155][T11317] ? bpf_lsm_capable+0x9/0x10 [ 477.961170][T11317] ? security_capable+0x80/0x260 [ 477.961185][T11317] ? ns_capable+0xd2/0xf0 [ 477.961210][T11317] __sys_bpf+0x1b63/0x4b90 [ 477.961231][T11317] ? futex_private_hash_put+0x107/0x1c0 [ 477.961257][T11317] ? __pfx___sys_bpf+0x10/0x10 [ 477.961272][T11317] ? __pfx_futex_wake+0x10/0x10 [ 477.961298][T11317] ? do_futex+0x192/0x350 [ 477.961322][T11317] ? xfd_validate_state+0x129/0x190 [ 477.961342][T11317] __x64_sys_bpf+0x7b/0xc0 [ 477.961356][T11317] ? lockdep_hardirqs_on+0x78/0x100 [ 477.961377][T11317] do_syscall_64+0x115/0x840 [ 477.961396][T11317] ? clear_bhb_loop+0x40/0x90 [ 477.961414][T11317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.961429][T11317] RIP: 0033:0x7f053499ce59 [ 477.961443][T11317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 477.961456][T11317] RSP: 002b:00007f05357ba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 477.961471][T11317] RAX: ffffffffffffffda RBX: 00007f0534c15fa0 RCX: 00007f053499ce59 [ 477.961481][T11317] RDX: 0000000000000080 RSI: 0000200000000040 RDI: 0000000000000012 [ 477.961489][T11317] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 477.961500][T11317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.961508][T11317] R13: 00007f0534c16038 R14: 00007f0534c15fa0 R15: 00007ffe497cacc8 [ 477.961527][T11317] [ 478.481883][T11331] blktrace: Concurrent blktraces are not allowed on nbd5 [ 478.518601][T11331] blktrace: Concurrent blktraces are not allowed on ram10 [ 481.646844][ T29] audit: type=1800 audit(1781318795.894:4): pid=11385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.990" name="lu_gp_id" dev="configfs" ino=45810 res=0 errno=0 [ 482.189390][T11392] blktrace: Concurrent blktraces are not allowed on nbd5 [ 482.238873][T11392] blktrace: Concurrent blktraces are not allowed on ram10 [ 484.181728][T11428] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1001'. [ 486.433849][T11464] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1005'. [ 491.848378][T11550] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1026'. [ 492.480127][T11559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1028'. [ 500.710473][T11697] random: crng reseeded on system resumption [ 502.602854][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.611320][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 504.425063][T11781] blktrace: Concurrent blktraces are not allowed on nbd5 [ 504.453122][T11781] blktrace: Concurrent blktraces are not allowed on ram10 [ 506.454396][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2036 at logical offset 911 with max blocks 7 with error 117 [ 506.537917][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 506.537917][ T13] [ 506.911605][T11823] blktrace: Concurrent blktraces are not allowed on nbd5 [ 506.941362][T11823] blktrace: Concurrent blktraces are not allowed on ram10 [ 508.103956][T11841] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 508.887973][T11852] blktrace: Concurrent blktraces are not allowed on nbd5 [ 508.922647][T11852] blktrace: Concurrent blktraces are not allowed on ram10 [ 509.654840][T11862] kexec: Could not allocate control_code_buffer [ 509.810092][ T29] audit: type=1800 audit(1781318824.078:5): pid=11874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1090" name="members" dev="configfs" ino=50359 res=0 errno=0 [ 510.602106][T11886] blktrace: Concurrent blktraces are not allowed on nbd5 [ 510.953693][T11893] blktrace: Concurrent blktraces are not allowed on ram10 [ 512.011830][T11917] blktrace: Concurrent blktraces are not allowed on nbd5 [ 512.041920][T11917] blktrace: Concurrent blktraces are not allowed on ram10 [ 515.233996][T11974] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1115'. [ 520.928682][T12077] vivid-007: ================= START STATUS ================= [ 520.963315][T12077] vivid-007: Generate PTS: true [ 521.010642][T12077] vivid-007: Generate SCR: true [ 521.051042][T12077] tpg source WxH: 320x240 (Y'CbCr) [ 521.114721][T12077] tpg field: 1 [ 521.139550][T12077] tpg crop: (0,0)/320x240 [ 521.156316][T12077] tpg compose: (0,0)/320x240 [ 521.203292][T12077] tpg colorspace: 8 [ 521.225135][T12077] tpg transfer function: 0/0 [ 521.265137][T12077] tpg Y'CbCr encoding: 0/0 [ 521.297930][T12077] tpg quantization: 0/0 [ 521.335848][T12077] tpg RGB range: 0/2 [ 521.372089][T12077] vivid-007: ================== END STATUS ================== [ 525.907908][T12177] blktrace: Concurrent blktraces are not allowed on nbd5 [ 525.935300][T12177] blktrace: Concurrent blktraces are not allowed on ram10 [ 527.626921][T12205] HfR: entered promiscuous mode [ 528.726555][T12223] cgroup: fork rejected by pids controller in /syz2 [ 530.254932][T12350] blktrace: Concurrent blktraces are not allowed on nbd5 [ 530.298793][T12350] blktrace: Concurrent blktraces are not allowed on ram10 [ 532.439591][T12464] FAULT_INJECTION: forcing a failure. [ 532.439591][T12464] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 532.439620][T12464] CPU: 0 UID: 0 PID: 12464 Comm: syz.0.1173 Tainted: G L syzkaller #0 PREEMPT(full) [ 532.439641][T12464] Tainted: [L]=SOFTLOCKUP [ 532.439647][T12464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 532.439656][T12464] Call Trace: [ 532.439661][T12464] [ 532.439667][T12464] dump_stack_lvl+0x100/0x190 [ 532.439698][T12464] should_fail_ex.cold+0x5/0xa [ 532.439714][T12464] ? prepare_alloc_pages+0x16d/0x5f0 [ 532.439740][T12464] should_fail_alloc_page+0xeb/0x140 [ 532.439760][T12464] prepare_alloc_pages+0x1f0/0x5f0 [ 532.439780][T12464] ? bpf_ksym_find+0x124/0x1c0 [ 532.439822][T12464] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 532.439848][T12464] ? __kernel_text_address+0xd/0x30 [ 532.439863][T12464] ? unwind_get_return_address+0x59/0xa0 [ 532.439891][T12464] ? arch_stack_walk+0xa6/0xf0 [ 532.439914][T12464] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 532.439946][T12464] ? kasan_save_stack+0x30/0x50 [ 532.439960][T12464] ? kasan_save_track+0x14/0x30 [ 532.439973][T12464] ? __kasan_kmalloc+0xaa/0xb0 [ 532.439987][T12464] ? fb_var_to_videomode+0x586/0x6a0 [ 532.440014][T12464] ? fb_match_mode+0x2b3/0x360 [ 532.440027][T12464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 532.440050][T12464] ? policy_nodemask+0xed/0x4f0 [ 532.440073][T12464] alloc_pages_mpol+0x1fb/0x540 [ 532.440103][T12464] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 532.440127][T12464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 532.440150][T12464] ? vc_allocate+0x4c3/0x880 [ 532.440168][T12464] ___kmalloc_large_node+0xe5/0x120 [ 532.440200][T12464] __kmalloc_large_node_noprof+0x1c/0x70 [ 532.440221][T12464] __kmalloc_noprof+0x5be/0x850 [ 532.440244][T12464] ? visual_init+0x3bd/0x620 [ 532.440261][T12464] vc_allocate+0x4c3/0x880 [ 532.440279][T12464] ? __pfx_vc_allocate+0x10/0x10 [ 532.440303][T12464] con_install+0xa1/0x620 [ 532.440322][T12464] ? __pfx_con_install+0x10/0x10 [ 532.440343][T12464] ? __pfx_con_install+0x10/0x10 [ 532.440361][T12464] tty_init_dev.part.0+0x9e/0x470 [ 532.440384][T12464] tty_open+0xa63/0xfa0 [ 532.440406][T12464] ? __pfx_tty_open+0x10/0x10 [ 532.440423][T12464] ? chrdev_open+0x10b/0x6a0 [ 532.440441][T12464] ? chrdev_open+0x10b/0x6a0 [ 532.440583][T12464] ? __pfx_tty_open+0x10/0x10 [ 532.440610][T12464] chrdev_open+0x234/0x6a0 [ 532.440682][T12464] ? __pfx_apparmor_file_open+0x10/0x10 [ 532.440701][T12464] ? __pfx_chrdev_open+0x10/0x10 [ 532.440722][T12464] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 532.440747][T12464] do_dentry_open+0x6ab/0x14d0 [ 532.440766][T12464] ? __pfx_chrdev_open+0x10/0x10 [ 532.440788][T12464] vfs_open+0x82/0x3f0 [ 532.440815][T12464] path_openat+0x208c/0x31a0 [ 532.440840][T12464] ? __pfx_path_openat+0x10/0x10 [ 532.440867][T12464] do_file_open+0x20e/0x430 [ 532.440887][T12464] ? __pfx_do_file_open+0x10/0x10 [ 532.440920][T12464] ? alloc_fd+0x476/0x790 [ 532.440939][T12464] ? do_getname+0x191/0x390 [ 532.440962][T12464] do_sys_openat2+0x10d/0x1e0 [ 532.440984][T12464] ? __pfx_do_sys_openat2+0x10/0x10 [ 532.441007][T12464] ? __fget_files+0x21f/0x3d0 [ 532.441028][T12464] __x64_sys_openat+0x12d/0x210 [ 532.441050][T12464] ? __pfx___x64_sys_openat+0x10/0x10 [ 532.441075][T12464] ? rcu_is_watching+0x12/0xc0 [ 532.441094][T12464] do_syscall_64+0x115/0x840 [ 532.441115][T12464] ? clear_bhb_loop+0x40/0x90 [ 532.441143][T12464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.441159][T12464] RIP: 0033:0x7f053499ce59 [ 532.441174][T12464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 532.441188][T12464] RSP: 002b:00007f0535799028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 532.441202][T12464] RAX: ffffffffffffffda RBX: 00007f0534c16090 RCX: 00007f053499ce59 [ 532.441212][T12464] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 532.441222][T12464] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 532.441230][T12464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 532.441239][T12464] R13: 00007f0534c16128 R14: 00007f0534c16090 R15: 00007ffe497cacc8 [ 532.441260][T12464] [ 534.844559][T12507] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.2.1178: bg 4: bad block bitmap checksum [ 535.045882][T12507] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2051 with max blocks 2 with error 74 [ 535.298900][T12507] EXT4-fs (sda1): This should not happen!! Data will be lost [ 535.298900][T12507] [ 536.614461][ T64] EXT4-fs (sda1): Delayed block allocation failed for inode 2036 at logical offset 912 with max blocks 6 with error 117 [ 536.696391][ T64] EXT4-fs (sda1): This should not happen!! Data will be lost [ 536.696391][ T64] [ 537.815270][ T1100] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2055 with max blocks 1 with error 117 [ 537.881145][ T1100] EXT4-fs (sda1): This should not happen!! Data will be lost [ 537.881145][ T1100] [ 540.138783][T12687] FAULT_INJECTION: forcing a failure. [ 540.138783][T12687] name failslab, interval 1, probability 0, space 0, times 0 [ 540.286776][T12687] CPU: 0 UID: 0 PID: 12687 Comm: syz.3.1194 Tainted: G L syzkaller #0 PREEMPT(full) [ 540.286802][T12687] Tainted: [L]=SOFTLOCKUP [ 540.286807][T12687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 540.286816][T12687] Call Trace: [ 540.286821][T12687] [ 540.286827][T12687] dump_stack_lvl+0x100/0x190 [ 540.286857][T12687] should_fail_ex.cold+0x5/0xa [ 540.286876][T12687] ? security_inode_init_security+0x113/0x370 [ 540.286898][T12687] should_failslab+0xc2/0x120 [ 540.286916][T12687] __kmalloc_noprof+0xe0/0x850 [ 540.286943][T12687] security_inode_init_security+0x113/0x370 [ 540.286966][T12687] ? __pfx_shmem_initxattrs+0x10/0x10 [ 540.286986][T12687] ? __pfx_security_inode_init_security+0x10/0x10 [ 540.287010][T12687] ? make_vfsgid+0xf1/0x140 [ 540.287026][T12687] shmem_mknod+0x2ce/0x480 [ 540.287047][T12687] ? __pfx_shmem_mknod+0x10/0x10 [ 540.287071][T12687] vfs_create+0x301/0x6c0 [ 540.287088][T12687] filename_mknodat+0x2de/0x7f0 [ 540.287112][T12687] ? __pfx_filename_mknodat+0x10/0x10 [ 540.287130][T12687] ? strncpy_from_user+0x19d/0x2d0 [ 540.287153][T12687] ? do_getname+0x191/0x390 [ 540.287175][T12687] __x64_sys_mknod+0x8f/0xc0 [ 540.287194][T12687] do_syscall_64+0x115/0x840 [ 540.287214][T12687] ? clear_bhb_loop+0x40/0x90 [ 540.287232][T12687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.287247][T12687] RIP: 0033:0x7fc1ce39ce59 [ 540.287260][T12687] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 540.287274][T12687] RSP: 002b:00007fc1cf22a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 540.287288][T12687] RAX: ffffffffffffffda RBX: 00007fc1ce616180 RCX: 00007fc1ce39ce59 [ 540.287298][T12687] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 540.287306][T12687] RBP: 00007fc1ce432d6f R08: 0000000000000000 R09: 0000000000000000 [ 540.287314][T12687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 540.287322][T12687] R13: 00007fc1ce616218 R14: 00007fc1ce616180 R15: 00007ffd4f3f7878 [ 540.287341][T12687] [ 542.157639][T12725] blktrace: Concurrent blktraces are not allowed on nbd5 [ 542.194489][T12725] blktrace: Concurrent blktraces are not allowed on ram10 [ 543.698990][T12737] FAULT_INJECTION: forcing a failure. [ 543.698990][T12737] name failslab, interval 1, probability 0, space 0, times 0 [ 543.896840][T12737] CPU: 0 UID: 0 PID: 12737 Comm: syz.0.1203 Tainted: G L syzkaller #0 PREEMPT(full) [ 543.896866][T12737] Tainted: [L]=SOFTLOCKUP [ 543.896872][T12737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 543.896881][T12737] Call Trace: [ 543.896886][T12737] [ 543.896892][T12737] dump_stack_lvl+0x100/0x190 [ 543.896923][T12737] should_fail_ex.cold+0x5/0xa [ 543.896942][T12737] ? security_inode_init_security+0x113/0x370 [ 543.896965][T12737] should_failslab+0xc2/0x120 [ 543.896983][T12737] __kmalloc_noprof+0xe0/0x850 [ 543.897010][T12737] security_inode_init_security+0x113/0x370 [ 543.897033][T12737] ? __pfx_shmem_initxattrs+0x10/0x10 [ 543.897052][T12737] ? __pfx_security_inode_init_security+0x10/0x10 [ 543.897077][T12737] ? make_vfsgid+0xf1/0x140 [ 543.897093][T12737] shmem_mknod+0x2ce/0x480 [ 543.897114][T12737] ? __pfx_shmem_mknod+0x10/0x10 [ 543.897140][T12737] vfs_create+0x301/0x6c0 [ 543.897157][T12737] filename_mknodat+0x2de/0x7f0 [ 543.897179][T12737] ? __pfx_filename_mknodat+0x10/0x10 [ 543.897197][T12737] ? strncpy_from_user+0x19d/0x2d0 [ 543.897220][T12737] ? do_getname+0x191/0x390 [ 543.897242][T12737] __x64_sys_mknod+0x8f/0xc0 [ 543.897261][T12737] do_syscall_64+0x115/0x840 [ 543.897315][T12737] ? clear_bhb_loop+0x40/0x90 [ 543.897334][T12737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 543.897350][T12737] RIP: 0033:0x7f053499ce59 [ 543.897363][T12737] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 543.897377][T12737] RSP: 002b:00007f0535778028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 543.897391][T12737] RAX: ffffffffffffffda RBX: 00007f0534c16180 RCX: 00007f053499ce59 [ 543.897401][T12737] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 543.897409][T12737] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 543.897418][T12737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 543.897426][T12737] R13: 00007f0534c16218 R14: 00007f0534c16180 R15: 00007ffe497cacc8 [ 543.897447][T12737] [ 550.182848][T12952] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.2.1229: Error -117 reading block bitmap for 4 [ 556.119276][T13246] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1247'. [ 556.845526][T13356] blktrace: Concurrent blktraces are not allowed on nbd5 [ 557.033971][T13356] blktrace: Concurrent blktraces are not allowed on ram10 [ 558.634133][T13471] FAULT_INJECTION: forcing a failure. [ 558.634133][T13471] name fail_futex, interval 1, probability 0, space 0, times 0 [ 558.785102][T13471] CPU: 0 UID: 0 PID: 13471 Comm: syz.3.1252 Tainted: G L syzkaller #0 PREEMPT(full) [ 558.785128][T13471] Tainted: [L]=SOFTLOCKUP [ 558.785133][T13471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 558.785143][T13471] Call Trace: [ 558.785148][T13471] [ 558.785154][T13471] dump_stack_lvl+0x100/0x190 [ 558.785184][T13471] should_fail_ex.cold+0x5/0xa [ 558.785203][T13471] get_futex_key+0x1d2/0x1510 [ 558.785228][T13471] ? __pfx_get_futex_key+0x10/0x10 [ 558.785251][T13471] ? putname+0xb1/0x110 [ 558.785269][T13471] ? kasan_save_stack+0x3f/0x50 [ 558.785283][T13471] ? kasan_save_stack+0x30/0x50 [ 558.785296][T13471] ? kasan_save_track+0x14/0x30 [ 558.785309][T13471] ? kasan_save_free_info+0x3b/0x70 [ 558.785328][T13471] ? __kasan_slab_free+0x5f/0x80 [ 558.785342][T13471] ? kmem_cache_free+0x127/0x6c0 [ 558.785365][T13471] futex_wake+0xea/0x530 [ 558.785393][T13471] ? __pfx_futex_wake+0x10/0x10 [ 558.785419][T13471] do_futex+0x32b/0x350 [ 558.785435][T13471] ? __pfx_do_futex+0x10/0x10 [ 558.785455][T13471] __x64_sys_futex+0x34f/0x4d0 [ 558.785473][T13471] ? __pfx___x64_sys_futex+0x10/0x10 [ 558.785492][T13471] ? rcu_is_watching+0x12/0xc0 [ 558.785511][T13471] do_syscall_64+0x115/0x840 [ 558.785532][T13471] ? clear_bhb_loop+0x40/0x90 [ 558.785549][T13471] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.785564][T13471] RIP: 0033:0x7fc1ce39ce59 [ 558.785577][T13471] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 558.785591][T13471] RSP: 002b:00007fc1cf22a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 558.785605][T13471] RAX: ffffffffffffffda RBX: 00007fc1ce616188 RCX: 00007fc1ce39ce59 [ 558.785615][T13471] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc1ce61618c [ 558.785623][T13471] RBP: 00007fc1ce616180 R08: 0000000000000001 R09: 0000000000000000 [ 558.785632][T13471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 558.785640][T13471] R13: 00007fc1ce616218 R14: 00007ffd4f3f7790 R15: 00007ffd4f3f7878 [ 558.785659][T13471] [ 560.620992][T13497] FAULT_INJECTION: forcing a failure. [ 560.620992][T13497] name failslab, interval 1, probability 0, space 0, times 0 [ 560.687694][T13497] CPU: 0 UID: 0 PID: 13497 Comm: syz.0.1258 Tainted: G L syzkaller #0 PREEMPT(full) [ 560.687721][T13497] Tainted: [L]=SOFTLOCKUP [ 560.687726][T13497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 560.687735][T13497] Call Trace: [ 560.687740][T13497] [ 560.687746][T13497] dump_stack_lvl+0x100/0x190 [ 560.687776][T13497] should_fail_ex.cold+0x5/0xa [ 560.687795][T13497] should_failslab+0xc2/0x120 [ 560.687813][T13497] __kmalloc_cache_noprof+0x7a/0x6f0 [ 560.687834][T13497] ? __alloc_workqueue+0x1a0/0x1980 [ 560.687857][T13497] __alloc_workqueue+0x1a0/0x1980 [ 560.687876][T13497] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 560.687959][T13497] ? lockdep_hardirqs_on+0x78/0x100 [ 560.687980][T13497] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 560.687999][T13497] ? __debug_object_init+0x2de/0x3d0 [ 560.688020][T13497] alloc_workqueue_noprof+0xc7/0x130 [ 560.688040][T13497] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 560.688063][T13497] ? lockdep_init_map_type+0x5c/0x250 [ 560.688087][T13497] ? lockdep_init_map_type+0x5c/0x250 [ 560.688112][T13497] __rds_conn_create+0x1234/0x25a0 [ 560.688205][T13497] ? __pfx___rds_conn_create+0x10/0x10 [ 560.688227][T13497] ? rcu_is_watching+0x12/0xc0 [ 560.688250][T13497] ? trace_kmalloc+0xe3/0x110 [ 560.688268][T13497] ? lockdep_init_map_type+0x5c/0x250 [ 560.688294][T13497] rds_conn_create_outgoing+0x44/0x60 [ 560.688311][T13497] rds_sendmsg+0x10da/0x3480 [ 560.688338][T13497] ? __pfx_rds_sendmsg+0x10/0x10 [ 560.688359][T13497] ? __pfx_aa_sk_perm+0x10/0x10 [ 560.688382][T13497] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 560.688400][T13497] ? ____sys_sendmsg+0x9e1/0xb70 [ 560.688464][T13497] ____sys_sendmsg+0x9e1/0xb70 [ 560.688483][T13497] ? __pfx_rds_sendmsg+0x10/0x10 [ 560.688502][T13497] ? __pfx_____sys_sendmsg+0x10/0x10 [ 560.688520][T13497] ? preempt_schedule_thunk+0x16/0x30 [ 560.688545][T13497] ? try_to_wake_up+0x5f6/0x1900 [ 560.688566][T13497] ___sys_sendmsg+0x190/0x1e0 [ 560.688587][T13497] ? __pfx____sys_sendmsg+0x10/0x10 [ 560.688606][T13497] ? futex_private_hash_put+0x107/0x1c0 [ 560.688649][T13497] __sys_sendmsg+0x170/0x220 [ 560.688665][T13497] ? __pfx___sys_sendmsg+0x10/0x10 [ 560.688679][T13497] ? __x64_sys_futex+0x34f/0x4d0 [ 560.688701][T13497] ? rcu_is_watching+0x12/0xc0 [ 560.688722][T13497] do_syscall_64+0x115/0x840 [ 560.688741][T13497] ? clear_bhb_loop+0x40/0x90 [ 560.688759][T13497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 560.688774][T13497] RIP: 0033:0x7f053499ce59 [ 560.688787][T13497] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 560.688801][T13497] RSP: 002b:00007f05357ba028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 560.688815][T13497] RAX: ffffffffffffffda RBX: 00007f0534c15fa0 RCX: 00007f053499ce59 [ 560.688825][T13497] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000009 [ 560.688834][T13497] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 560.688843][T13497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 560.688852][T13497] R13: 00007f0534c16038 R14: 00007f0534c15fa0 R15: 00007ffe497cacc8 [ 560.688871][T13497] [ 562.658511][T13540] random: crng reseeded on system resumption [ 563.953840][T13562] blktrace: Concurrent blktraces are not allowed on nbd5 [ 564.007890][T13564] blktrace: Concurrent blktraces are not allowed on ram10 [ 564.017505][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 564.017554][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 566.015577][T13602] futex_wake_op: syz.3.1279 tries to shift op by -2048; fix this program [ 566.070922][T13602] 0x000000000001-0x000000020000 : "" [ 566.167777][T13602] ftl_cs: FTL header corrupt! [ 567.993214][ T64] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:4: bg 5: bad block bitmap checksum [ 568.068039][ T64] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2059 with max blocks 1 with error 74 [ 568.166947][ T64] EXT4-fs (sda1): This should not happen!! Data will be lost [ 568.166947][ T64] [ 568.493794][T13645] blktrace: Concurrent blktraces are not allowed on nbd5 [ 568.557531][T13645] blktrace: Concurrent blktraces are not allowed on ram10 [ 573.026976][T13925] blktrace: Concurrent blktraces are not allowed on nbd5 [ 573.074588][T13925] blktrace: Concurrent blktraces are not allowed on ram10 [ 573.256858][T13930] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 574.332989][T14044] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1304'. [ 574.453189][ T64] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 574.510486][ T64] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 574.551128][ T64] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 574.593673][T14045] device-mapper: ioctl: Invalid ioctl structure: name d, dev 3000000000 [ 574.604608][ T64] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 575.625049][T14169] openvswitch: netlink: Key type 68 is out of range max 32 [ 581.247780][T14459] cgroup: fork rejected by pids controller in /syz1 [ 584.844579][T15024] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1344'. [ 584.918760][T15024] mac80211_hwsim hwsim4 : renamed from wlan0 (while UP) [ 587.407918][T15375] blktrace: Concurrent blktraces are not allowed on nbd5 [ 587.459253][T15375] blktrace: Concurrent blktraces are not allowed on ram10 [ 588.337843][T15595] random: crng reseeded on system resumption [ 589.148478][T15805] blktrace: Concurrent blktraces are not allowed on nbd5 [ 589.192474][T15805] blktrace: Concurrent blktraces are not allowed on ram10 [ 590.522620][T16023] blktrace: Concurrent blktraces are not allowed on nbd5 [ 590.553363][T16023] blktrace: Concurrent blktraces are not allowed on ram10 [ 593.577351][T16668] blktrace: Concurrent blktraces are not allowed on nbd5 [ 593.624661][T16668] blktrace: Concurrent blktraces are not allowed on ram10 [ 593.687152][T16672] blktrace: Concurrent blktraces are not allowed on nbd5 [ 593.759117][T16713] blktrace: Concurrent blktraces are not allowed on ram10 [ 598.183808][T17649] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1402'. [ 598.263642][ T35] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 2065 with max blocks 5 with error 117 [ 598.315639][ T35] EXT4-fs (sda1): This should not happen!! Data will be lost [ 598.315639][ T35] [ 599.292608][T17864] blktrace: Concurrent blktraces are not allowed on nbd5 [ 599.345293][T17864] blktrace: Concurrent blktraces are not allowed on ram10 [ 599.640468][T17971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1409'. [ 600.158230][T17971] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.1.1409: Error -117 reading block bitmap for 5 [ 600.584053][ T35] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 2 with max blocks 1 with error 117 [ 600.823375][ T35] EXT4-fs (sda1): This should not happen!! Data will be lost [ 600.823375][ T35] [ 604.021456][T18533] FAULT_INJECTION: forcing a failure. [ 604.021456][T18533] name failslab, interval 1, probability 0, space 0, times 0 [ 604.083419][T18533] CPU: 0 UID: 0 PID: 18533 Comm: syz.0.1421 Tainted: G L syzkaller #0 PREEMPT(full) [ 604.083445][T18533] Tainted: [L]=SOFTLOCKUP [ 604.083450][T18533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 604.083460][T18533] Call Trace: [ 604.083465][T18533] [ 604.083471][T18533] dump_stack_lvl+0x100/0x190 [ 604.083504][T18533] should_fail_ex.cold+0x5/0xa [ 604.083524][T18533] should_failslab+0xc2/0x120 [ 604.083546][T18533] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 604.083568][T18533] ? vm_area_alloc+0x1f/0x160 [ 604.083589][T18533] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 604.083614][T18533] vm_area_alloc+0x1f/0x160 [ 604.083634][T18533] __mmap_region+0x104d/0x2dd0 [ 604.083659][T18533] ? __pfx___mmap_region+0x10/0x10 [ 604.083684][T18533] ? rcu_is_watching+0x12/0xc0 [ 604.083702][T18533] ? trace_pelt_se_tp+0x13b/0x190 [ 604.083753][T18533] ? do_raw_spin_lock+0x128/0x260 [ 604.083772][T18533] ? __lock_acquire+0x4a5/0x2630 [ 604.083795][T18533] ? do_raw_spin_unlock+0x145/0x1e0 [ 604.083823][T18533] ? rcu_is_watching+0x12/0xc0 [ 604.083848][T18533] ? mark_held_locks+0x40/0x70 [ 604.083869][T18533] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 604.083912][T18533] ? rcu_is_watching+0x12/0xc0 [ 604.083931][T18533] mmap_region+0x35d/0x620 [ 604.083946][T18533] ? rcu_is_watching+0x12/0xc0 [ 604.083962][T18533] ? __pfx_mmap_region+0x10/0x10 [ 604.083977][T18533] ? cap_mmap_addr+0x4b/0x120 [ 604.083993][T18533] ? bpf_lsm_mmap_addr+0x9/0x30 [ 604.084007][T18533] ? security_mmap_addr+0x71/0x1e0 [ 604.084025][T18533] ? __get_unmapped_area+0x255/0x3e0 [ 604.084045][T18533] do_mmap+0xc63/0x12f0 [ 604.084066][T18533] ? __pfx_do_mmap+0x10/0x10 [ 604.084084][T18533] ? __pfx_down_write_killable+0x10/0x10 [ 604.084120][T18533] vm_mmap_pgoff+0x29e/0x470 [ 604.084143][T18533] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 604.084163][T18533] ? do_futex+0x192/0x350 [ 604.084179][T18533] ? __pfx_do_futex+0x10/0x10 [ 604.084197][T18533] ksys_mmap_pgoff+0xe4/0x610 [ 604.084215][T18533] ? __x64_sys_futex+0x358/0x4d0 [ 604.084230][T18533] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 604.084247][T18533] ? xfd_validate_state+0x129/0x190 [ 604.084266][T18533] __x64_sys_mmap+0x125/0x190 [ 604.084284][T18533] do_syscall_64+0x115/0x840 [ 604.084303][T18533] ? clear_bhb_loop+0x40/0x90 [ 604.084321][T18533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.084336][T18533] RIP: 0033:0x7f053499ce59 [ 604.084350][T18533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.084363][T18533] RSP: 002b:00007f05357ba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 604.084377][T18533] RAX: ffffffffffffffda RBX: 00007f0534c15fa0 RCX: 00007f053499ce59 [ 604.084387][T18533] RDX: 1000000000000007 RSI: 0000000002020006 RDI: 0000000000000000 [ 604.084396][T18533] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000001008000 [ 604.084405][T18533] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 604.084414][T18533] R13: 00007f0534c16038 R14: 00007f0534c15fa0 R15: 00007ffe497cacc8 [ 604.084433][T18533] [ 607.642274][T19702] blktrace: Concurrent blktraces are not allowed on nbd5 [ 607.695203][T19702] blktrace: Concurrent blktraces are not allowed on ram10 [ 613.728144][T21315] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1469'. [ 613.952075][ T13] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 613.997912][T21420] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1470'. [ 614.015779][ T13] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 614.057494][T21394] nbd: socks must be embedded in a SOCK_ITEM attr [ 614.067032][ T13] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 614.108870][ T13] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 614.146527][T21394] block nbd0: shutting down sockets [ 615.032509][T21458] FAULT_INJECTION: forcing a failure. [ 615.032509][T21458] name failslab, interval 1, probability 0, space 0, times 0 [ 615.160568][T21458] CPU: 0 UID: 0 PID: 21458 Comm: syz.3.1472 Tainted: G L syzkaller #0 PREEMPT(full) [ 615.160594][T21458] Tainted: [L]=SOFTLOCKUP [ 615.160599][T21458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 615.160608][T21458] Call Trace: [ 615.160613][T21458] [ 615.160619][T21458] dump_stack_lvl+0x100/0x190 [ 615.160649][T21458] should_fail_ex.cold+0x5/0xa [ 615.160668][T21458] ? security_inode_init_security+0x113/0x370 [ 615.160690][T21458] should_failslab+0xc2/0x120 [ 615.160708][T21458] __kmalloc_noprof+0xe0/0x850 [ 615.160735][T21458] security_inode_init_security+0x113/0x370 [ 615.160758][T21458] ? __pfx_shmem_initxattrs+0x10/0x10 [ 615.160777][T21458] ? __pfx_security_inode_init_security+0x10/0x10 [ 615.160802][T21458] ? make_vfsgid+0xf1/0x140 [ 615.160818][T21458] shmem_mknod+0x2ce/0x480 [ 615.160839][T21458] ? __pfx_shmem_mknod+0x10/0x10 [ 615.160863][T21458] vfs_create+0x301/0x6c0 [ 615.160886][T21458] filename_mknodat+0x2de/0x7f0 [ 615.160909][T21458] ? __pfx_filename_mknodat+0x10/0x10 [ 615.160927][T21458] ? strncpy_from_user+0x19d/0x2d0 [ 615.160952][T21458] ? do_getname+0x191/0x390 [ 615.160975][T21458] __x64_sys_mknod+0x8f/0xc0 [ 615.160995][T21458] do_syscall_64+0x115/0x840 [ 615.161015][T21458] ? clear_bhb_loop+0x40/0x90 [ 615.161033][T21458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.161048][T21458] RIP: 0033:0x7fc1ce39ce59 [ 615.161061][T21458] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 615.161074][T21458] RSP: 002b:00007fc1cf26c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 615.161089][T21458] RAX: ffffffffffffffda RBX: 00007fc1ce615fa0 RCX: 00007fc1ce39ce59 [ 615.161098][T21458] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 615.161106][T21458] RBP: 00007fc1ce432d6f R08: 0000000000000000 R09: 0000000000000000 [ 615.161115][T21458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 615.161123][T21458] R13: 00007fc1ce616038 R14: 00007fc1ce615fa0 R15: 00007ffd4f3f7878 [ 615.161142][T21458] [ 615.643249][T21569] FAULT_INJECTION: forcing a failure. [ 615.643249][T21569] name failslab, interval 1, probability 0, space 0, times 0 [ 615.678763][T21569] CPU: 0 UID: 0 PID: 21569 Comm: syz.0.1475 Tainted: G L syzkaller #0 PREEMPT(full) [ 615.678789][T21569] Tainted: [L]=SOFTLOCKUP [ 615.678794][T21569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 615.678803][T21569] Call Trace: [ 615.678808][T21569] [ 615.678814][T21569] dump_stack_lvl+0x100/0x190 [ 615.678845][T21569] should_fail_ex.cold+0x5/0xa [ 615.678865][T21569] should_failslab+0xc2/0x120 [ 615.678884][T21569] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 615.678906][T21569] ? vm_area_alloc+0x1f/0x160 [ 615.678926][T21569] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 615.678949][T21569] vm_area_alloc+0x1f/0x160 [ 615.678969][T21569] __mmap_region+0x104d/0x2dd0 [ 615.678994][T21569] ? __pfx___mmap_region+0x10/0x10 [ 615.679019][T21569] ? rcu_is_watching+0x12/0xc0 [ 615.679036][T21569] ? trace_pelt_se_tp+0x13b/0x190 [ 615.679062][T21569] ? do_raw_spin_lock+0x128/0x260 [ 615.679081][T21569] ? __lock_acquire+0x4a5/0x2630 [ 615.679103][T21569] ? do_raw_spin_unlock+0x145/0x1e0 [ 615.679130][T21569] ? rcu_is_watching+0x12/0xc0 [ 615.679154][T21569] ? mark_held_locks+0x40/0x70 [ 615.679175][T21569] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 615.679218][T21569] ? rcu_is_watching+0x12/0xc0 [ 615.679238][T21569] mmap_region+0x35d/0x620 [ 615.679252][T21569] ? rcu_is_watching+0x12/0xc0 [ 615.679268][T21569] ? __pfx_mmap_region+0x10/0x10 [ 615.679284][T21569] ? cap_mmap_addr+0x4b/0x120 [ 615.679298][T21569] ? bpf_lsm_mmap_addr+0x9/0x30 [ 615.679311][T21569] ? security_mmap_addr+0x71/0x1e0 [ 615.679330][T21569] ? __get_unmapped_area+0x255/0x3e0 [ 615.679350][T21569] do_mmap+0xc63/0x12f0 [ 615.679380][T21569] ? __pfx_do_mmap+0x10/0x10 [ 615.679398][T21569] ? __pfx_down_write_killable+0x10/0x10 [ 615.679426][T21569] vm_mmap_pgoff+0x29e/0x470 [ 615.679448][T21569] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 615.679468][T21569] ? do_futex+0x192/0x350 [ 615.679484][T21569] ? __pfx_do_futex+0x10/0x10 [ 615.679502][T21569] ksys_mmap_pgoff+0xe4/0x610 [ 615.679520][T21569] ? __x64_sys_futex+0x358/0x4d0 [ 615.679535][T21569] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 615.679552][T21569] ? xfd_validate_state+0x129/0x190 [ 615.679571][T21569] __x64_sys_mmap+0x125/0x190 [ 615.679588][T21569] do_syscall_64+0x115/0x840 [ 615.679608][T21569] ? clear_bhb_loop+0x40/0x90 [ 615.679626][T21569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.679641][T21569] RIP: 0033:0x7f053499ce59 [ 615.679654][T21569] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 615.679668][T21569] RSP: 002b:00007f05357ba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 615.679683][T21569] RAX: ffffffffffffffda RBX: 00007f0534c15fa0 RCX: 00007f053499ce59 [ 615.679693][T21569] RDX: 1000000000000007 RSI: 0000000002020006 RDI: 0000000000000000 [ 615.679703][T21569] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000001008000 [ 615.679712][T21569] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 615.679721][T21569] R13: 00007f0534c16038 R14: 00007f0534c15fa0 R15: 00007ffe497cacc8 [ 615.679741][T21569] [ 617.685845][ T50] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 617.946288][T22265] can: request_module (can-proto-3) failed. [ 619.742750][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 621.820902][T22266] Bluetooth: hci0: command 0x0406 tx timeout [ 621.851591][T23430] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1500'. [ 621.958833][T23431] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1500'. [ 623.156970][T23948] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1506'. [ 623.231505][T23948] virt_wifi0: entered allmulticast mode [ 623.522786][T23709] FAULT_INJECTION: forcing a failure. [ 623.522786][T23709] name failslab, interval 1, probability 0, space 0, times 0 [ 623.688405][T23709] CPU: 0 UID: 0 PID: 23709 Comm: syz.0.1504 Tainted: G L syzkaller #0 PREEMPT(full) [ 623.688431][T23709] Tainted: [L]=SOFTLOCKUP [ 623.688436][T23709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 623.688445][T23709] Call Trace: [ 623.688450][T23709] [ 623.688456][T23709] dump_stack_lvl+0x100/0x190 [ 623.688487][T23709] should_fail_ex.cold+0x5/0xa [ 623.688507][T23709] ? security_inode_init_security+0x113/0x370 [ 623.688529][T23709] should_failslab+0xc2/0x120 [ 623.688548][T23709] __kmalloc_noprof+0xe0/0x850 [ 623.688575][T23709] security_inode_init_security+0x113/0x370 [ 623.688598][T23709] ? __pfx_shmem_initxattrs+0x10/0x10 [ 623.688616][T23709] ? __pfx_security_inode_init_security+0x10/0x10 [ 623.688641][T23709] ? make_vfsgid+0xf1/0x140 [ 623.688657][T23709] shmem_mknod+0x2ce/0x480 [ 623.688678][T23709] ? __pfx_shmem_mknod+0x10/0x10 [ 623.688702][T23709] vfs_create+0x301/0x6c0 [ 623.688719][T23709] filename_mknodat+0x2de/0x7f0 [ 623.688743][T23709] ? __pfx_filename_mknodat+0x10/0x10 [ 623.688761][T23709] ? strncpy_from_user+0x19d/0x2d0 [ 623.688784][T23709] ? do_getname+0x191/0x390 [ 623.688815][T23709] __x64_sys_mknod+0x8f/0xc0 [ 623.688835][T23709] do_syscall_64+0x115/0x840 [ 623.688856][T23709] ? clear_bhb_loop+0x40/0x90 [ 623.688874][T23709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 623.688889][T23709] RIP: 0033:0x7f053499ce59 [ 623.688902][T23709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 623.688916][T23709] RSP: 002b:00007f05357ba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 623.688930][T23709] RAX: ffffffffffffffda RBX: 00007f0534c15fa0 RCX: 00007f053499ce59 [ 623.688939][T23709] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 623.688947][T23709] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 623.688955][T23709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 623.688964][T23709] R13: 00007f0534c16038 R14: 00007f0534c15fa0 R15: 00007ffe497cacc8 [ 623.688984][T23709] [ 624.112829][T24170] blktrace: Concurrent blktraces are not allowed on nbd5 [ 624.132546][T24170] blktrace: Concurrent blktraces are not allowed on ram10 [ 625.422536][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.422577][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 630.666081][T26039] blktrace: Concurrent blktraces are not allowed on loop2 [ 632.698700][T26907] blktrace: Concurrent blktraces are not allowed on nbd5 [ 632.727739][T26907] blktrace: Concurrent blktraces are not allowed on ram10 [ 633.518811][ T29] audit: type=1806 audit(1781318947.800:6): xattr="." res=0 [ 633.727845][T27224] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 634.530351][T27625] blktrace: Concurrent blktraces are not allowed on nbd5 [ 634.588646][T27648] blktrace: Concurrent blktraces are not allowed on ram10 [ 634.656896][T27637] can: request_module (can-proto-5) failed. [ 636.345128][T28155] FAULT_INJECTION: forcing a failure. [ 636.345128][T28155] name failslab, interval 1, probability 0, space 0, times 0 [ 636.393336][T28155] CPU: 0 UID: 0 PID: 28155 Comm: syz.0.1571 Tainted: G L syzkaller #0 PREEMPT(full) [ 636.393365][T28155] Tainted: [L]=SOFTLOCKUP [ 636.393370][T28155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 636.393380][T28155] Call Trace: [ 636.393386][T28155] [ 636.393391][T28155] dump_stack_lvl+0x100/0x190 [ 636.393421][T28155] should_fail_ex.cold+0x5/0xa [ 636.393441][T28155] should_failslab+0xc2/0x120 [ 636.393459][T28155] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 636.393482][T28155] ? security_inode_alloc+0x3b/0x2c0 [ 636.393499][T28155] ? lockdep_init_map_type+0x5c/0x250 [ 636.393524][T28155] security_inode_alloc+0x3b/0x2c0 [ 636.393542][T28155] inode_init_always_gfp+0xc77/0xfb0 [ 636.393563][T28155] alloc_inode+0x8e/0x250 [ 636.393585][T28155] new_inode+0x22/0x1c0 [ 636.393608][T28155] shmem_get_inode+0x1e3/0xfb0 [ 636.393630][T28155] ? __pfx_shmem_get_inode+0x10/0x10 [ 636.393655][T28155] __shmem_file_setup+0x382/0x460 [ 636.393676][T28155] ? __pfx___shmem_file_setup+0x10/0x10 [ 636.393698][T28155] ? vm_area_alloc+0x1f/0x160 [ 636.393720][T28155] shmem_zero_setup+0x96/0x1b0 [ 636.393737][T28155] __mmap_region+0x2509/0x2dd0 [ 636.393763][T28155] ? __pfx___mmap_region+0x10/0x10 [ 636.393789][T28155] ? rcu_is_watching+0x12/0xc0 [ 636.393805][T28155] ? trace_pelt_se_tp+0x13b/0x190 [ 636.393831][T28155] ? do_raw_spin_lock+0x128/0x260 [ 636.393850][T28155] ? __lock_acquire+0x4a5/0x2630 [ 636.393881][T28155] ? do_raw_spin_unlock+0x145/0x1e0 [ 636.393909][T28155] ? rcu_is_watching+0x12/0xc0 [ 636.393934][T28155] ? mark_held_locks+0x40/0x70 [ 636.393956][T28155] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 636.394001][T28155] ? rcu_is_watching+0x12/0xc0 [ 636.394023][T28155] mmap_region+0x35d/0x620 [ 636.394038][T28155] ? rcu_is_watching+0x12/0xc0 [ 636.394054][T28155] ? __pfx_mmap_region+0x10/0x10 [ 636.394070][T28155] ? cap_mmap_addr+0x4b/0x120 [ 636.394083][T28155] ? bpf_lsm_mmap_addr+0x9/0x30 [ 636.394097][T28155] ? security_mmap_addr+0x71/0x1e0 [ 636.394116][T28155] ? __get_unmapped_area+0x255/0x3e0 [ 636.394136][T28155] do_mmap+0xc63/0x12f0 [ 636.394157][T28155] ? __pfx_do_mmap+0x10/0x10 [ 636.394175][T28155] ? __pfx_down_write_killable+0x10/0x10 [ 636.394203][T28155] vm_mmap_pgoff+0x29e/0x470 [ 636.394225][T28155] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 636.394244][T28155] ? do_futex+0x192/0x350 [ 636.394260][T28155] ? __pfx_do_futex+0x10/0x10 [ 636.394279][T28155] ksys_mmap_pgoff+0xe4/0x610 [ 636.394297][T28155] ? __x64_sys_futex+0x358/0x4d0 [ 636.394312][T28155] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 636.394329][T28155] ? xfd_validate_state+0x129/0x190 [ 636.394348][T28155] __x64_sys_mmap+0x125/0x190 [ 636.394366][T28155] do_syscall_64+0x115/0x840 [ 636.394386][T28155] ? clear_bhb_loop+0x40/0x90 [ 636.394404][T28155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.394419][T28155] RIP: 0033:0x7f053499ce59 [ 636.394433][T28155] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 636.394447][T28155] RSP: 002b:00007f05357ba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 636.394463][T28155] RAX: ffffffffffffffda RBX: 00007f0534c15fa0 RCX: 00007f053499ce59 [ 636.394473][T28155] RDX: 1000000000000007 RSI: 0000000002020006 RDI: 0000000000000000 [ 636.394483][T28155] RBP: 00007f0534a32d6f R08: 0000000000000000 R09: 0000000001008000 [ 636.394492][T28155] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 636.394501][T28155] R13: 00007f0534c16038 R14: 00007f0534c15fa0 R15: 00007ffe497cacc8 [ 636.394521][T28155] [ 637.559044][T28684] blktrace: Concurrent blktraces are not allowed on nbd5 [ 637.596992][T28684] blktrace: Concurrent blktraces are not allowed on ram10 [ 638.665830][T28893] ubi0: attaching mtd0 [ 638.910189][T28893] ubi0 error: ubi_add_to_av: two LEBs with same sequence number 1 [ 639.058033][T28893] eraseblock attaching information dump: [ 639.122631][T28893] ec 1 [ 639.167065][T28893] pnum 0 [ 639.211099][T28893] lnum 0 [ 639.256353][T28893] scrub 0 [ 639.287211][T28893] sqnum 1 [ 639.336325][T28893] Volume identifier header dump: [ 639.405649][T28893] magic 55424921 [ 639.454940][T28893] version 1 [ 639.507234][T28893] vol_type 1 [ 639.553495][T28893] copy_flag 0 [ 639.559281][T29042] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1582'. [ 639.604039][T28893] compat 5 [ 639.653300][T28893] vol_id 2147479551 [ 639.698604][T28893] lnum 0 [ 639.727891][T28893] data_size 0 [ 639.748806][T28893] used_ebs 0 [ 639.774400][T28893] data_pad 0 [ 639.794158][T28893] sqnum 1 [ 639.821177][T28893] hdr_crc 65b3bd2d [ 639.849237][T28893] Volume identifier header hexdump: [ 640.077005][T28893] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 641.563223][T29326] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1588'. [ 641.585377][T29326] virt_wifi0: entered allmulticast mode [ 646.517646][T30619] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 647.126104][T30726] netlink: 98 bytes leftover after parsing attributes in process `syz.0.1618'. [ 648.205867][T31145] blktrace: Concurrent blktraces are not allowed on nbd5 [ 655.556434][ T1668] blktrace: Concurrent blktraces are not allowed on loop2 [ 657.205859][ T2302] netlink: 98 bytes leftover after parsing attributes in process `syz.2.1682'. [ 657.666216][ T50] Bluetooth: hci2: unexpected event for opcode 0x7c89 [ 657.720749][ T2616] random: crng reseeded on system resumption [ 660.237209][ T29] audit: type=1800 audit(1781318974.573:7): pid=3786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1704" name="nullb0" dev="tmpfs" ino=1226 res=0 errno=0 [ 660.954869][ T4091] blktrace: Concurrent blktraces are not allowed on nbd5 [ 660.994453][ T4091] blktrace: Concurrent blktraces are not allowed on ram10 [ 662.195246][ T4700] netlink: 98 bytes leftover after parsing attributes in process `syz.1.1714'. [ 663.458063][ T5141] blktrace: Concurrent blktraces are not allowed on nbd5 [ 663.497204][ T5141] blktrace: Concurrent blktraces are not allowed on ram10 [ 664.337791][ T5255] netlink: 98 bytes leftover after parsing attributes in process `syz.3.1728'. [ 667.187993][ T6797] blktrace: Concurrent blktraces are not allowed on ram10 [ 672.432661][ T8139] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 673.715985][ T8213] EXT4-fs (sda1): Delayed block allocation failed for inode 2036 at logical offset 911 with max blocks 7 with error 117 [ 673.753986][ T8213] EXT4-fs (sda1): This should not happen!! Data will be lost [ 673.753986][ T8213] [ 676.001129][ T29] audit: type=1800 audit(1781318990.341:8): pid=9370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1790" name="nullb0" dev="tmpfs" ino=2146 res=0 errno=0 [ 677.083795][ T9616] kAFS: unparsable volume name [ 677.155196][ T9748] blktrace: Concurrent blktraces are not allowed on nbd5 [ 678.810170][T10384] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1803'. [ 683.187599][ T29] audit: type=1804 audit(1781318997.535:9): pid=11988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1829" name="sg0" dev="tmpfs" ino=1156 res=1 errno=0 [ 685.616194][T13187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1846'. [ 686.832704][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.839145][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.885573][T13829] blktrace: Concurrent blktraces are not allowed on nbd5 [ 687.903753][T13829] blktrace: Concurrent blktraces are not allowed on ram10 [ 688.313426][T13848] blktrace: Concurrent blktraces are not allowed on nbd5 [ 688.338672][T13848] blktrace: Concurrent blktraces are not allowed on ram10 [ 690.475725][T14392] blktrace: Concurrent blktraces are not allowed on nbd5 [ 690.506300][T14392] blktrace: Concurrent blktraces are not allowed on ram10 [ 692.321742][T14716] serio: Serial port pty173 [ 693.996682][T14939] FAULT_INJECTION: forcing a failure. [ 693.996682][T14939] name failslab, interval 1, probability 0, space 0, times 0 [ 694.023189][T14939] CPU: 0 UID: 0 PID: 14939 Comm: syz.3.1882 Tainted: G L syzkaller #0 PREEMPT(full) [ 694.023216][T14939] Tainted: [L]=SOFTLOCKUP [ 694.023221][T14939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 694.023231][T14939] Call Trace: [ 694.023236][T14939] [ 694.023242][T14939] dump_stack_lvl+0x100/0x190 [ 694.023273][T14939] should_fail_ex.cold+0x5/0xa [ 694.023293][T14939] should_failslab+0xc2/0x120 [ 694.023311][T14939] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 694.023334][T14939] ? security_inode_alloc+0x3b/0x2c0 [ 694.023350][T14939] ? lockdep_init_map_type+0x5c/0x250 [ 694.023376][T14939] security_inode_alloc+0x3b/0x2c0 [ 694.023393][T14939] inode_init_always_gfp+0xc77/0xfb0 [ 694.023415][T14939] alloc_inode+0x8e/0x250 [ 694.023436][T14939] new_inode+0x22/0x1c0 [ 694.023459][T14939] shmem_get_inode+0x1e3/0xfb0 [ 694.023481][T14939] ? __pfx_shmem_get_inode+0x10/0x10 [ 694.023505][T14939] __shmem_file_setup+0x382/0x460 [ 694.023525][T14939] ? __pfx___shmem_file_setup+0x10/0x10 [ 694.023547][T14939] ? vm_area_alloc+0x1f/0x160 [ 694.023570][T14939] shmem_zero_setup+0x96/0x1b0 [ 694.023586][T14939] __mmap_region+0x2509/0x2dd0 [ 694.023612][T14939] ? __pfx___mmap_region+0x10/0x10 [ 694.023637][T14939] ? rcu_is_watching+0x12/0xc0 [ 694.023654][T14939] ? trace_pelt_se_tp+0x13b/0x190 [ 694.023680][T14939] ? do_raw_spin_lock+0x128/0x260 [ 694.023698][T14939] ? __lock_acquire+0x4a5/0x2630 [ 694.023721][T14939] ? do_raw_spin_unlock+0x145/0x1e0 [ 694.023747][T14939] ? rcu_is_watching+0x12/0xc0 [ 694.023772][T14939] ? mark_held_locks+0x40/0x70 [ 694.023793][T14939] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 694.023836][T14939] ? rcu_is_watching+0x12/0xc0 [ 694.023856][T14939] mmap_region+0x35d/0x620 [ 694.023871][T14939] ? rcu_is_watching+0x12/0xc0 [ 694.023887][T14939] ? __pfx_mmap_region+0x10/0x10 [ 694.023912][T14939] ? cap_mmap_addr+0x4b/0x120 [ 694.023926][T14939] ? bpf_lsm_mmap_addr+0x9/0x30 [ 694.023940][T14939] ? security_mmap_addr+0x71/0x1e0 [ 694.023959][T14939] ? __get_unmapped_area+0x255/0x3e0 [ 694.023981][T14939] do_mmap+0xc63/0x12f0 [ 694.024004][T14939] ? __pfx_do_mmap+0x10/0x10 [ 694.024022][T14939] ? __pfx_down_write_killable+0x10/0x10 [ 694.024050][T14939] vm_mmap_pgoff+0x29e/0x470 [ 694.024072][T14939] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 694.024093][T14939] ? do_futex+0x192/0x350 [ 694.024109][T14939] ? __pfx_do_futex+0x10/0x10 [ 694.024127][T14939] ksys_mmap_pgoff+0xe4/0x610 [ 694.024145][T14939] ? __x64_sys_futex+0x358/0x4d0 [ 694.024160][T14939] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 694.024177][T14939] ? xfd_validate_state+0x129/0x190 [ 694.024196][T14939] __x64_sys_mmap+0x125/0x190 [ 694.024214][T14939] do_syscall_64+0x115/0x840 [ 694.024233][T14939] ? clear_bhb_loop+0x40/0x90 [ 694.024252][T14939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 694.024267][T14939] RIP: 0033:0x7fc1ce39ce59 [ 694.024280][T14939] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 694.024295][T14939] RSP: 002b:00007fc1cf22a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 694.024309][T14939] RAX: ffffffffffffffda RBX: 00007fc1ce616180 RCX: 00007fc1ce39ce59 [ 694.024320][T14939] RDX: 1000000000000007 RSI: 0000000002020006 RDI: 0000000000000000 [ 694.024330][T14939] RBP: 00007fc1ce432d6f R08: 0000000000000000 R09: 0000000001008000 [ 694.024339][T14939] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 694.024348][T14939] R13: 00007fc1ce616218 R14: 00007fc1ce616180 R15: 00007ffd4f3f7878 [ 694.024369][T14939] [ 694.860542][T14944] netlink: zone id is out of range [ 694.865997][T14944] netlink: zone id is out of range [ 694.880880][T14944] netlink: zone id is out of range [ 694.910184][T14944] netlink: zone id is out of range [ 694.941489][T14944] netlink: zone id is out of range [ 694.971839][T14944] netlink: zone id is out of range [ 695.002713][T14944] netlink: zone id is out of range [ 695.027432][T14944] netlink: zone id is out of range [ 695.049555][T14944] netlink: zone id is out of range [ 695.066578][T14944] netlink: zone id is out of range [ 699.638265][T15836] blktrace: Concurrent blktraces are not allowed on nbd5 [ 699.678549][T15836] blktrace: Concurrent blktraces are not allowed on ram10 [ 708.955904][T18228] FAULT_INJECTION: forcing a failure. [ 708.955904][T18228] name failslab, interval 1, probability 0, space 0, times 0 [ 709.032516][T18228] CPU: 0 UID: 0 PID: 18228 Comm: syz.3.1951 Tainted: G L syzkaller #0 PREEMPT(full) [ 709.032542][T18228] Tainted: [L]=SOFTLOCKUP [ 709.032548][T18228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 709.032557][T18228] Call Trace: [ 709.032563][T18228] [ 709.032569][T18228] dump_stack_lvl+0x100/0x190 [ 709.032603][T18228] should_fail_ex.cold+0x5/0xa [ 709.032624][T18228] ? security_inode_init_security+0x113/0x370 [ 709.032649][T18228] should_failslab+0xc2/0x120 [ 709.032668][T18228] __kmalloc_noprof+0xe0/0x850 [ 709.032695][T18228] security_inode_init_security+0x113/0x370 [ 709.032721][T18228] ? __pfx_shmem_initxattrs+0x10/0x10 [ 709.032740][T18228] ? __pfx_security_inode_init_security+0x10/0x10 [ 709.032765][T18228] ? make_vfsgid+0xf1/0x140 [ 709.032782][T18228] shmem_mknod+0x2ce/0x480 [ 709.032803][T18228] ? __pfx_shmem_mknod+0x10/0x10 [ 709.032827][T18228] vfs_create+0x301/0x6c0 [ 709.032844][T18228] filename_mknodat+0x2de/0x7f0 [ 709.032866][T18228] ? __pfx_filename_mknodat+0x10/0x10 [ 709.032885][T18228] ? strncpy_from_user+0x19d/0x2d0 [ 709.032918][T18228] ? do_getname+0x191/0x390 [ 709.032941][T18228] __x64_sys_mknod+0x8f/0xc0 [ 709.032962][T18228] do_syscall_64+0x115/0x840 [ 709.032987][T18228] ? clear_bhb_loop+0x40/0x90 [ 709.033006][T18228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.033021][T18228] RIP: 0033:0x7fc1ce39ce59 [ 709.033035][T18228] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 709.033049][T18228] RSP: 002b:00007fc1cf22a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 709.033065][T18228] RAX: ffffffffffffffda RBX: 00007fc1ce616180 RCX: 00007fc1ce39ce59 [ 709.033075][T18228] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 709.033084][T18228] RBP: 00007fc1ce432d6f R08: 0000000000000000 R09: 0000000000000000 [ 709.033093][T18228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 709.033102][T18228] R13: 00007fc1ce616218 R14: 00007fc1ce616180 R15: 00007ffd4f3f7878 [ 709.033122][T18228] [ 716.476633][ T7360] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 716.963514][ T7366] EXT4-fs (sda1): Delayed block allocation failed for inode 2036 at logical offset 905 with max blocks 13 with error 117 [ 717.060076][ T7366] EXT4-fs (sda1): This should not happen!! Data will be lost [ 717.060076][ T7366] [ 718.256573][T21760] random: crng reseeded on system resumption [ 721.462117][T21059] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 2 with max blocks 2 with error 117 [ 721.510227][T21059] EXT4-fs (sda1): This should not happen!! Data will be lost [ 721.510227][T21059] [ 724.192535][T23392] nbd: socks must be embedded in a SOCK_ITEM attr [ 724.225705][T23392] ======================================================= [ 724.225705][T23392] WARNING: The mand mount option has been deprecated and [ 724.225705][T23392] and is ignored by this kernel. Remove the mand [ 724.225705][T23392] option from the mount to silence this warning. [ 724.225705][T23392] ======================================================= [ 724.379913][T23599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2039'. [ 727.916660][ T29] audit: type=1800 audit(1781319042.287:10): pid=24249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2054" name="file0" dev="tmpfs" ino=2513 res=0 errno=0 [ 728.979124][T24570] blktrace: Concurrent blktraces are not allowed on nbd5 [ 729.009754][T24570] blktrace: Concurrent blktraces are not allowed on ram10 [ 729.560207][T24673] random: crng reseeded on system resumption [ 729.988918][T24672] [U] pthread_create failed (errno 11) [ 732.478237][T25109] blktrace: Concurrent blktraces are not allowed on nbd5 [ 732.528561][T25109] blktrace: Concurrent blktraces are not allowed on ram10 [ 732.932509][ T7360] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 733.002542][T25316] random: crng reseeded on system resumption [ 736.547573][ T7364] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 2 with max blocks 12 with error 117 [ 736.649617][ T7364] EXT4-fs (sda1): This should not happen!! Data will be lost [ 736.649617][ T7364] [ 738.944369][ T7360] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 742.030488][T28699] cgroup: fork rejected by pids controller in /syz3 [ 742.668833][T28982] cgroup: fork rejected by pids controller in /syz0 [ 744.049148][T29878] kAFS: unparsable volume name [ 746.575052][T30971] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2160'. [ 747.767086][T31491] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2168'. [ 747.814197][T31491] netlink: 354 bytes leftover after parsing attributes in process `syz.3.2168'. [ 748.253952][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.262815][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.340752][T31707] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2172'. [ 751.345648][ T510] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2195'. [ 752.729446][ T1177] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2205'. [ 754.089524][ T1859] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2215'. [ 760.200945][ T3967] nbd: socks must be embedded in a SOCK_ITEM attr [ 785.331872][ T9033] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2346'. [ 785.364182][ T9033] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2346'. [ 786.490864][ T9810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2357'. [ 786.533128][ T9810] netlink: 354 bytes leftover after parsing attributes in process `syz.1.2357'. [ 787.386163][ T9925] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2360'. [ 792.217840][T11995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2397'. [ 792.249726][T11995] netlink: 10 bytes leftover after parsing attributes in process `syz.2.2397'. [ 795.015289][T12675] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2419'. [ 795.050985][T12675] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2419'. [ 797.476082][ T7360] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 799.040568][T14336] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2449'. [ 800.145601][T14821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2458'. [ 800.191167][T14821] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2458'. [ 800.536690][T14955] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2461'. [ 809.623054][ T7360] Bluetooth: hci3: unexpected event 0x3e length: 358 > 260 [ 809.623093][ T7360] Bluetooth: hci3: unexpected subevent 0x1b length: 357 > 260 [ 809.649078][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.657018][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 811.602798][T19423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2532'. [ 811.663496][T19425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2533'. [ 812.783093][T19213] kexec: Could not allocate control_code_buffer [ 812.995951][T19946] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2543'. [ 816.114924][T21222] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 818.977430][T22377] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2585'. [ 820.373158][T22808] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 820.437651][T22814] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2596'. [ 822.364749][T23653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2610'. [ 831.129167][T28028] netlink: 337 bytes leftover after parsing attributes in process `syz.3.2670'. [ 831.820200][T28349] netlink: 164 bytes leftover after parsing attributes in process `syz.3.2677'. [ 835.891315][T30133] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2708'. [ 839.286425][T32115] kAFS: No cell specified [ 840.718027][T32539] kexec: Could not allocate control_code_buffer [ 845.957997][ T3836] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2790'. [ 846.527889][ T4347] net_ratelimit: 5 callbacks suppressed [ 846.527908][ T4347] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 846.541382][ T4347] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 846.603043][ T4347] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2794'. [ 846.626186][ T4347] hsr_slave_0: left promiscuous mode [ 846.655345][ T4347] hsr_slave_1: left promiscuous mode [ 847.729256][ T5182] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2803'. [ 848.562344][ T5774] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2813'. [ 848.993496][ T6085] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2816'. [ 850.147547][ T6924] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2829'. [ 852.082682][ T7360] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 852.145009][ T8413] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2843'. [ 854.106669][ T7360] Bluetooth: hci0: command 0x0406 tx timeout [ 856.183942][ T8410] Bluetooth: hci0: command 0x0406 tx timeout [ 858.883864][T12872] netlink: 50 bytes leftover after parsing attributes in process `syz.2.2906'. [ 863.398705][T14421] netlink: 'syz.3.2936': attribute type 1 has an invalid length. [ 863.450914][T14421] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2936'. [ 871.059323][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 871.067531][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.292968][T17569] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2990'. [ 871.344134][T17569] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2990'. [ 872.781746][T18499] openvswitch: netlink: Key type 233 is out of range max 32 [ 874.187153][T18911] futex_wake_op: syz.2.3007 tries to shift op by -2048; fix this program [ 875.043838][T19426] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3013'. [ 875.085527][T19426] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 875.181673][T19426] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 877.441176][ T7360] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 877.757981][T21283] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3034'. [ 885.940703][T25083] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3091'. [ 888.689077][T26993] openvswitch: netlink: Key type 233 is out of range max 32 [ 890.941154][T28605] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3138'. [ 891.366995][T28861] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3143'. [ 891.559936][T28949] netlink: 50 bytes leftover after parsing attributes in process `syz.1.3144'. [ 895.850093][T31541] netlink: 'syz.0.3174': attribute type 1 has an invalid length. [ 895.972075][T31541] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3174'. [ 896.047933][T31541] virt_wifi0: entered allmulticast mode [ 896.135657][T31694] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3177'. [ 898.401806][ T611] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3191'. [ 898.516651][ T615] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3193'. [ 900.328188][ T1997] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3205'. [ 900.375582][ T2007] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3207'. [ 900.418607][ T1997] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 900.517670][ T1997] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 900.573227][ T2018] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 900.617182][ T2018] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 900.660301][ T2018] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 902.994270][ T7360] Bluetooth: hci3: unexpected event 0x02 length: 1021 > 260 [ 903.209230][ T4166] netlink: 172 bytes leftover after parsing attributes in process `syz.3.3233'. [ 903.447177][ T7360] Bluetooth: hci1: unexpected subevent 0x03 length: 123 > 9 [ 903.503508][ T7360] Bluetooth: hci2: unexpected event 0x3e length: 358 > 260 [ 903.503532][ T7360] Bluetooth: hci2: unexpected subevent 0x1b length: 357 > 260 [ 903.594455][ T7360] Bluetooth: hci1: unexpected event 0x34 length: 726 > 6 [ 904.111891][ T7360] Bluetooth: hci2: Unable to find connection for big 0xe0 [ 907.362883][ T7360] Bluetooth: hci3: Malformed LE Event: 0x1d [ 912.543567][ T8357] netlink: 'syz.0.3408': attribute type 2 has an invalid length. [ 912.735630][ T8465] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3410'. [ 913.646719][ T8903] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3422'. [ 914.557335][ T9239] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3438'. [ 915.363485][ T9569] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3453'. [ 916.018922][ T9891] capability: warning: `syz.0.3463' uses 32-bit capabilities (legacy support in use) [ 916.441710][ T7360] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 916.441734][ T7360] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15 [ 916.457029][ T7360] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 917.126945][T10357] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3487'. [ 917.899284][T10789] IPVS: length: 537396514 != 24 [ 918.203718][T10945] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3503'. [ 919.311704][T11561] capability: warning: `syz.3.3523' uses deprecated v2 capabilities in a way that may be insecure [ 919.344193][T11563] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3524'. [ 921.138699][T12577] netlink: 130 bytes leftover after parsing attributes in process `syz.2.3559'. [ 921.480713][T12784] netlink: 'syz.2.3563': attribute type 1 has an invalid length. [ 921.541269][T12784] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3563'. [ 921.604476][T12784] virt_wifi0: entered allmulticast mode [ 922.044154][T12930] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3575'. [ 922.286865][T13189] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3578'. [ 924.068066][T14092] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3606'. [ 926.396987][T15073] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3640'. [ 927.533752][T15708] sctp: [Deprecated]: syz.3.3652 (pid 15708) Use of struct sctp_assoc_value in delayed_ack socket option. [ 927.533752][T15708] Use struct sctp_sack_info instead [ 928.162560][T15938] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3662'. [ 931.609157][T16878] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3724'. [ 932.388296][ T29] audit: type=1326 audit(1781319246.869:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17105 comm="syz.2.3739" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff38179ce59 code=0x0 [ 932.471651][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.478595][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.504273][T17110] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3742'. [ 932.521821][T17112] netlink: 'syz.1.3743': attribute type 2 has an invalid length. [ 933.184456][T17336] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3753'. [ 934.024417][T17657] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3764'. [ 934.248472][T17941] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3767'. [ 934.321072][T17941] HfR: entered promiscuous mode [ 935.671249][T18948] futex_wake_op: syz.1.3785 tries to shift op by -2048; fix this program [ 935.692272][T18948] futex_wake_op: syz.1.3785 tries to shift op by -2048; fix this program [ 936.192788][T19218] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3793'. [ 937.198719][T20047] netlink: 146 bytes leftover after parsing attributes in process `syz.1.3807'. [ 937.247478][T20056] netlink: 'syz.0.3808': attribute type 4 has an invalid length. [ 937.610892][T20266] netlink: 172 bytes leftover after parsing attributes in process `syz.0.3814'. [ 938.326696][T20891] netlink: 206 bytes leftover after parsing attributes in process `syz.1.3823'. [ 943.806248][T24361] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3897'. [ 945.258295][T25572] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3914'. [ 945.426643][T25633] bridge_slave_0: left allmulticast mode [ 945.451919][T25633] bridge_slave_0: left promiscuous mode [ 945.478178][T25633] bridge0: port 1(bridge_slave_0) entered disabled state [ 945.666497][T25814] netlink: 226 bytes leftover after parsing attributes in process `syz.3.3920'. [ 945.713091][T25814] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3920'. [ 945.755980][T25814] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check. [ 946.188173][T26028] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3927'. [ 946.769689][T26542] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3933'. [ 948.101928][T27371] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3946'. [ 948.156756][T27371] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3946'. [ 948.201199][T27371] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3946'. [ 948.269525][T27371] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3946'. [ 949.505605][T28369] [ 949.507956][T28369] ====================================================== [ 949.514947][T28369] WARNING: possible circular locking dependency detected [ 949.521944][T28369] syzkaller #0 Tainted: G L [ 949.527896][T28369] ------------------------------------------------------ [ 949.534889][T28369] syz.1.3963/28369 is trying to acquire lock: [ 949.540930][T28369] ffff88805a67bc68 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0 [ 949.552390][T28369] [ 949.552390][T28369] but task is already holding lock: [ 949.559738][T28369] ffff88805a67cd60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 949.568790][T28369] [ 949.568790][T28369] which lock already depends on the new lock. [ 949.568790][T28369] [ 949.579176][T28369] [ 949.579176][T28369] the existing dependency chain (in reverse order) is: [ 949.588173][T28369] [ 949.588173][T28369] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 949.595945][T28369] lock_sock_nested+0x41/0xf0 [ 949.601174][T28369] smc_listen_out+0x1f5/0x4b0 [ 949.606357][T28369] smc_listen_work+0x4c2/0x50e0 [ 949.611714][T28369] process_one_work+0xa0e/0x1980 [ 949.617152][T28369] worker_thread+0x5ef/0xe50 [ 949.622244][T28369] kthread+0x370/0x450 [ 949.626824][T28369] ret_from_fork+0x72b/0xd50 [ 949.631913][T28369] ret_from_fork_asm+0x1a/0x30 [ 949.637179][T28369] [ 949.637179][T28369] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 949.647320][T28369] __lock_acquire+0x14b8/0x2630 [ 949.652683][T28369] lock_acquire+0x1b1/0x370 [ 949.657693][T28369] __flush_work+0x4de/0xcb0 [ 949.662699][T28369] cancel_work_sync+0xd1/0xf0 [ 949.667876][T28369] smc_clcsock_release+0x5f/0xe0 [ 949.673406][T28369] __smc_release+0x5c2/0x880 [ 949.678500][T28369] smc_close_non_accepted+0xda/0x200 [ 949.684292][T28369] smc_close_active+0x4ff/0x1070 [ 949.689732][T28369] __smc_release+0x634/0x880 [ 949.694833][T28369] smc_release+0x1fc/0x620 [ 949.699767][T28369] __sock_release+0xb3/0x260 [ 949.704865][T28369] sock_close+0x1c/0x30 [ 949.709618][T28369] __fput+0x3ff/0xb50 [ 949.714115][T28369] task_work_run+0x150/0x240 [ 949.719215][T28369] exit_to_user_mode_loop+0x157/0x670 [ 949.725127][T28369] do_syscall_64+0x652/0x840 [ 949.730225][T28369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 949.736620][T28369] [ 949.736620][T28369] other info that might help us debug this: [ 949.736620][T28369] [ 949.746821][T28369] Possible unsafe locking scenario: [ 949.746821][T28369] [ 949.754248][T28369] CPU0 CPU1 [ 949.759588][T28369] ---- ---- [ 949.764927][T28369] lock(sk_lock-AF_SMC/1); [ 949.769416][T28369] lock((work_completion)(&new_smc->smc_listen_work)); [ 949.778845][T28369] lock(sk_lock-AF_SMC/1); [ 949.785850][T28369] lock((work_completion)(&new_smc->smc_listen_work)); [ 949.792763][T28369] [ 949.792763][T28369] *** DEADLOCK *** [ 949.792763][T28369] [ 949.800883][T28369] 3 locks held by syz.1.3963/28369: [ 949.806054][T28369] #0: ffff88807727ef80 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 949.816565][T28369] #1: ffff88805a67cd60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 949.825950][T28369] #2: ffffffff8e7e5360 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0 [ 949.835063][T28369] [ 949.835063][T28369] stack backtrace: [ 949.840937][T28369] CPU: 0 UID: 0 PID: 28369 Comm: syz.1.3963 Tainted: G L syzkaller #0 PREEMPT(full) [ 949.840958][T28369] Tainted: [L]=SOFTLOCKUP [ 949.840964][T28369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 949.840973][T28369] Call Trace: [ 949.840980][T28369] [ 949.840987][T28369] dump_stack_lvl+0x100/0x190 [ 949.841011][T28369] print_circular_bug.cold+0x178/0x1c7 [ 949.841035][T28369] check_noncircular+0x146/0x160 [ 949.841057][T28369] __lock_acquire+0x14b8/0x2630 [ 949.841081][T28369] lock_acquire+0x1b1/0x370 [ 949.841101][T28369] ? __flush_work+0x4ca/0xcb0 [ 949.841115][T28369] ? mark_held_locks+0x40/0x70 [ 949.841136][T28369] ? __flush_work+0x4ca/0xcb0 [ 949.841149][T28369] __flush_work+0x4de/0xcb0 [ 949.841162][T28369] ? __flush_work+0x4ca/0xcb0 [ 949.841177][T28369] ? __pfx___flush_work+0x10/0x10 [ 949.841191][T28369] ? __pfx_wq_barrier_func+0x10/0x10 [ 949.841217][T28369] ? __pfx___might_resched+0x10/0x10 [ 949.841234][T28369] cancel_work_sync+0xd1/0xf0 [ 949.841250][T28369] smc_clcsock_release+0x5f/0xe0 [ 949.841269][T28369] __smc_release+0x5c2/0x880 [ 949.841285][T28369] ? __pfx_sock_def_readable+0x10/0x10 [ 949.841307][T28369] smc_close_non_accepted+0xda/0x200 [ 949.841325][T28369] smc_close_active+0x4ff/0x1070 [ 949.841344][T28369] __smc_release+0x634/0x880 [ 949.841360][T28369] smc_release+0x1fc/0x620 [ 949.841376][T28369] __sock_release+0xb3/0x260 [ 949.841391][T28369] ? __pfx_sock_close+0x10/0x10 [ 949.841405][T28369] sock_close+0x1c/0x30 [ 949.841418][T28369] __fput+0x3ff/0xb50 [ 949.841439][T28369] task_work_run+0x150/0x240 [ 949.841452][T28369] ? __pfx_task_work_run+0x10/0x10 [ 949.841466][T28369] ? rcu_is_watching+0x12/0xc0 [ 949.841482][T28369] exit_to_user_mode_loop+0x157/0x670 [ 949.841504][T28369] ? rcu_is_watching+0x12/0xc0 [ 949.841520][T28369] do_syscall_64+0x652/0x840 [ 949.841540][T28369] ? clear_bhb_loop+0x40/0x90 [ 949.841556][T28369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 949.841571][T28369] RIP: 0033:0x7fcf2cb9ce59 [ 949.841584][T28369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 949.841598][T28369] RSP: 002b:00007fcf2dad6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 949.841612][T28369] RAX: 0000000000000000 RBX: 00007fcf2ce15fa0 RCX: 00007fcf2cb9ce59 [ 949.841622][T28369] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 949.841630][T28369] RBP: 00007fcf2cc32d6f R08: 0000000000000000 R09: 0000000000000000 [ 949.841639][T28369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 949.841647][T28369] R13: 00007fcf2ce16038 R14: 00007fcf2ce15fa0 R15: 00007ffdfddd39d8 [ 949.841660][T28369]