last executing test programs: 18.6821867s ago: executing program 3 (id=4336): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) write$auto(r4, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000080)) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x8001, 0x0) write$auto(r5, &(0x7f0000000100)='d>*\xd2x\xc7\xbf\xff\x9a\xc01(\x00iM\x9c\bAa\x9e\xe98\xee\x15\xd3\xc5v\x99\f|\xe3\xbf\xd9\xf4C\x14A\xe6k\x105\xee\xc5\xaa$\x16\t?g\xb8b\x12\v*\xf9@B\xd0\xd2\x99{\x8b^\xff@\x83\x02Tvt\xc1_\x98\x9f\x16\xd5Is', 0x100000a3da) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) mlockall$auto(0x800000000000005) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) read$auto_proc_pid_smaps_operations_internal(0xffffffffffffffff, &(0x7f00000002c0)=""/190, 0xfffffe39) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r0, 0x1, &(0x7f0000000000)="1404000000000000b8") 13.355552432s ago: executing program 1 (id=4348): openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x101901, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x103041, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0x1a, 0x1, 0x20000100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) fsconfig$auto(r2, 0x800, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, 0x0) write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0), 0x0) process_mrelease$auto(0xffffffffffffffff, 0xa) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) ioctl$auto_BCH_IOCTL_DISK_GET_IDX(r3, 0x4008bc0d, &(0x7f0000000240)={0x8}) write$auto(r3, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) mkdir$auto(&(0x7f0000000100)='./file0\x00', 0xff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x802, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0x9, 0x0, &(0x7f0000000080)={[0x209c, 0x2e7d11ca, 0x6, 0x8000, 0xfffffffffffffffc, 0x100000004, 0x9, 0x800002017d, 0x4, 0xdfdffdff, 0x3ff, 0xd59, 0xfb, 0x1, 0x7f, 0x7]}, 0x0, 0x0) 11.647210451s ago: executing program 1 (id=4349): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0xffffffffffffff7f) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000540)={0xfff, &(0x7f0000000180)="f2e37aa851f172bd24308737938225756749a2cd058f981d81224e731c1514b4fd0290f2fb02e666a68c1d72ad5615b16c73b5c0cedf17801dfece4a243f6e3a47ecc1c5db92b3500cefe0e7c269c25cd32701679442d287388dedeedd83d20b9d079d0a971a993bfa4a4499f8631caa1722a7a93bf39c2535ea752a9b05e21efeebdeaa71269153bdd6ba4fac9b230a6653e8cbaf66e11ea7c105"}) rseq$auto(&(0x7f0000000b80)={0x5, 0x8, 0x9416, 0x4, 0xe, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c3357a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba3454a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88c7e099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b4584485aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da"}, 0x80000002, 0x8, 0xfd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x112) rt_sigsuspend$auto(0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram2\x00', 0x10800, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105}) ioctl$auto(0x3, 0x80004509, 0x10000000000402) ioctl$auto(0x3, 0x800005411, 0x38) futex_wake$auto(0x0, 0x5, 0x4, 0xa) socket(0x11, 0x80003, 0x1d12) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82940, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) getdents$auto(0xffffffffffffffff, &(0x7f0000001c40)={0x81, 0xffffffffffffffff, 0x4}, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/midi2\x00', 0x10000, 0x0) 8.926525953s ago: executing program 0 (id=4352): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x6, 0x0) setreuid$auto(0x0, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x8006, 0x0) prctl$auto_PR_SYS_DISPATCH_ON(0xd, 0x1, 0x0, 0x9, 0xb8) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000840)="13") r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) write$auto(0x3, 0x0, 0xfdef) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x5609, r2) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20008, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x6, 0x0, 0x800000001, 0x0, 0x7, 0xa505}, 0x4}, 0x2, 0x4048) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x9}, 0x2) 7.879495235s ago: executing program 3 (id=4353): mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001f00), r0) clone$auto(0x5, 0x5, &(0x7f0000000000)=0x5887, &(0x7f0000000040)=0x3ff, 0x800) sendmsg$auto_NBD_CMD_STATUS(r0, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000002380)={&(0x7f0000002000)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x8001}]}, 0x1c}, 0x1, 0x0, 0xfffffffc, 0x40004}, 0x4008050) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x0, 0x2) 7.58308589s ago: executing program 1 (id=4355): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x7, &(0x7f0000000140)={0x7, 0x0, 0x70}, 0x1fc, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0xa8002, 0x0) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000180), 0x42101, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000240)={0xc, "3543ce7d966cb2a5d49db5aaaf234f08d56692c26026ac8a65a3f8417bd61ade", @raw=0x1c}) writev$auto(r1, &(0x7f00000000c0)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setresgid$auto(0x81, 0x800000a0, 0x8) socket(0x1, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NFC_CMD_DEACTIVATE_TARGET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0xc000}, 0x4000010) epoll_create$auto(0x4) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/pagemap\x00', 0x0, 0x0) readv$auto(r3, &(0x7f0000000100)={0x0, 0x40}, 0x8) 6.726358097s ago: executing program 3 (id=4358): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/numa_zonelist_order\x00', 0x202, 0x0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r1 = epoll_create$auto(0x8800001) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) pwrite64$auto(r2, 0x0, 0x0, 0x2000000000040007) epoll_ctl$auto(r1, 0x1, r0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 6.120866517s ago: executing program 0 (id=4360): sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f00000001c0), 0x840, 0x0) io_uring_setup$auto(0xfffffff8, &(0x7f0000000300)={0x7fff, 0x2, 0x9, 0x1, 0x4f0175c9, 0x7fffffff, r0, [0x1, 0x10de20, 0x7], {0x5, 0x1, 0x80, 0x9, 0x8, 0x7f, 0x323dfc7e, 0x23f1, 0x40}, {0x3, 0xaf8fa3a8, 0x0, 0x4, 0x800, 0x3, 0x2, 0x2}}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) r1 = socket(0x10, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f00000002c0), r2) sendmsg$auto_SMC_PNETID_FLUSH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x14, r3, 0x4ebf37b1785661fb, 0x70bd27, 0x25dfdc00}, 0x14}}, 0x20) sendmsg$auto_SMC_PNETID_FLUSH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, r3, 0x800, 0x70bd27, 0x25dfdbfe, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, '%-,+\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x48854}, 0x800) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x6000000, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 5.600793706s ago: executing program 1 (id=4361): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x1, 0x106) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[@ANYBLOB="f8010000", @ANYRES16=r2, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r3, @ANYBLOB="04007d"], 0x1f8}, 0x1, 0x0, 0x0, 0x40051}, 0x20000000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/psaux\x00', 0x30200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0x10, 0x2, 0x4) write$auto(r6, &(0x7f0000000000)='-\x00', 0x2fb) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000004c0), r6) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'erspan0\x00'}) r7 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) mkdirat$auto(r7, &(0x7f0000000080)='./cgroup\x00', 0x9) 5.377061816s ago: executing program 0 (id=4362): mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) setitimer$auto(0x2, &(0x7f00000002c0)={{0x82, 0x401}, {0x2, 0x8}}, 0x0) setrlimit$auto(0x800, &(0x7f0000000040)={0x3343, 0xffffffffffffffff}) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000400)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\t\x00\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd818\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95x\xdb\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x15KW\x0e\x04\xa5?H\xafSKQ\xac\t&YeUD\x05t:\xf3\xe6b:\x92\xd58\xa7\xed\xcf\x82\x7f\xc3\xfbxp\xdf!\xf0w\x8a\x1eV\xf6\x83\xc5i8\xa9h\x13\v_(2\xc1\x9f\x84m\x81\x06jk\xc14\t\x1e\xf35\xb0\xa0\x92$\xe49\x81\xd6\x15\xe5\xae\b\xe6.\xfa\x12\x11b`Y\xea\xf6\x11\x94\xc4Aw\xb0\xaa\x95:z\xcawg\xa2W0\xc7ir\x87\xd41\x99\x88K#\xf7\x143Hb\xc5\xe5\xe1#\x1a.\x81\xc9\x89\x1fw\x89 \xd6mR\xa2\xe2*\x18X&|\xbc\xb9X\xc2F\xf1@j\x92\xbdTC\xbc,\xd7]\b\xf7i94Ek:\x83Ib\xa6*n\xf5XR\xe7p\x89\xad\x87%', 0x5, 0x0) umount2$auto(&(0x7f0000000100)='\xb2_z\xa0T\xfb6w0\r\xce\xa8Z\xd2\xed\xa6\xc3\x95\x80\xdc\'\xe2cn\xf4\xe13\r\xf6\x93]\xd0\xca\x1c\x9b\x89+\\\xb5\x8a\xf3\xd1Z\x1b\xf2\xdf\x88\xf8]\xbfw\x8e\xfd\xaa\xaf\xfa\xd6\xcf\xa7\xed\xea\xa6W\x7f\x01\xf9i\x06Q\a\x10\x15\'\xa4}!MD\xb1\xd6\xae\x00\x00\x80\x87f\x86\x88\x90\xff\v/\xecE', 0x7a06) timer_create$auto(0x3, 0x0, 0x0) socket(0x2d, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2d, 0x1003, @empty}, 0x6a) timer_settime$auto(0x0, 0x8, &(0x7f00000000c0)={{0x8}, {0x0, 0x87}}, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x45, 0x0) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x80e42, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_regulator_summary_fops_(0xffffffffffffff9c, &(0x7f0000001680), 0x40, 0x0) read$auto_regulator_summary_fops_(r1, &(0x7f00000016c0)=""/213, 0xd5) setsockopt$auto(r0, 0xe4, 0x6, 0x0, 0x4) open(0x0, 0x14927f, 0x57) select$auto(0x9, 0x0, 0x0, &(0x7f0000000140)={[0x9, 0x5, 0xb, 0xa63f, 0x7fffffff, 0x6, 0x9, 0x5f, 0x7d2ee4e8, 0x6a7, 0x1, 0x5, 0x2, 0x0, 0x7, 0x5]}, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) mmap$auto(0x0, 0x20009, 0x4000000000de, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0xf3, 0x4, 0x8000000000000000, 0x0) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x6f, 0x0, &(0x7f0000000000)=0x9000c) mprotect$auto(0x0, 0x806121, 0x6) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x100010008000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x0, 0x4005) fsopen$auto(0x0, 0x1) 4.310704718s ago: executing program 3 (id=4364): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000ff", @ANYRES16=r1, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) 3.802339066s ago: executing program 0 (id=4366): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0xffff0000, 0x51}, 0x0) 3.525400703s ago: executing program 3 (id=4367): bpf$auto_BPF_OBJ_PIN(0x6, &(0x7f0000000140)=@enable_stats, 0x80) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000007c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057\x1c&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\x7f\x00\x00\x00AN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81.f\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00\x00\x00\xec\xbd_r\xf16\xec\xf3\xbb[.\xf3\xef\xf8\x16x\x9e\xb3*:/L\xa0Kg\xf0\xa2\x84\xa3o\xcc\x9e\xd3\xeb\xd3(\xaa\x93g~\x01\x81\x1eV\xf1L\xfc\xad\xa9#O\xe4\x12\xd3\xbda\xbc\x9a\x9f+9\'\xc4\x13\xf0\xc88\x1d80?\xc2\a\af\xdc?-&\xedAd\x9c\xe5&\xb9\x14\xe1\x85 \xbf\x18\xfc:#\xcf\x7ffT\xefPb\xe1\xfa]\xcc\x8a\xe3\x99\x98u\x9bj>\x9d\xc2\x1fk\x87\x92\xfb(U\xa8\xcd4+\xf6e5],\xec\x84 \x1b\x10d\x1b@\x84X\xa1\xa8\xd7\xccO\xb0Qq\x1a\xa4<\\\x0e\xa4\x7f^\x1a|\xfd\xe6#\x00\x9e\x1d\x00k\x84\x1b\xa3\xb1O\xe0IzJRO\xf4,\xe5\xdb\x03CA\x13Q\x84\xbb\x88\xb4\xe3\xba\xf0/\xd0\x04\ny\a\x8d\x12h\xe22\xcb\"\xce\x00\x00', 0x5) ioctl$auto_USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 3.074815896s ago: executing program 1 (id=4368): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000880), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000940)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000280)={0x1c, r1, 0x3abba0b2ae0bab93, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0xfffff000, 0x0, 0xc811}, 0x10) 3.027263912s ago: executing program 0 (id=4369): r0 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_ovs_ct_limit(0x0, 0xffffffffffffffff) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x8, 0x311) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r0, 0x0, 0x4000048) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x81) recvfrom$auto(0x4, 0x0, 0x1, 0x3ffffd, 0x0, 0x0) copy_file_range$auto(r0, &(0x7f0000000040)=0x10, r0, &(0x7f0000000080)=0x200, 0x0, 0x4000000) r1 = prctl$auto_PR_SCHED_CORE_CREATE(0x359, 0x1, 0xffffffffffffffff, 0x9d, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.14/usbmon/usbmon37/power/control\x00', 0x408000, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cec27\x00', 0x80901, 0x0) ioctl$auto_CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000000)={0x3, 0x5, 0x8, 0x2, 0xfffffffe, 0x2, "9b2189084142725dff0d933475a77466", 0x9, 0x92, 0x6, 0x5, 0x1b, 0xf8, 0x5}) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x800000001, 0x0, 0x6, 0x0) socket(0x11, 0x80003, 0x300) r2 = socket(0x10, 0x2, 0x4) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0x4, 0xf08a2b3}, {0x0, 0xfc, 0x10001, 0x0, 0x2, 0xf89, 0x9, 0x839, 0x6}}) sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x54, 0x0, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_SRC_PAN_ID={0x6, 0xd, 0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x6}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x2b}, @IEEE802154_ATTR_DURATION={0xffffff0e, 0x15, 0x4}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x2}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x4}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0xc}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000001}, 0x1) sendmsg$auto_IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x4, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x20008000) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r2, &(0x7f0000000000)='-\x00', 0x2fb) fadvise64$auto(0xffffffffffffffff, 0xe, 0x132baa0e, 0x9) ioctl$auto_dma_heap_fops_dma_heap(r1, 0x2, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x500, 0x0) 2.704728635s ago: executing program 1 (id=4371): syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x7) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) getrandom$auto(0x0, 0x3, 0x80000001) statmount$auto(0x0, &(0x7f0000000180)={0x9, 0xfffffffe, 0x44f, 0xa, 0x10, 0x1007181, 0x0, 0x62, 0x7, 0x800, 0x0, 0x26, 0x4, 0x200003fffffe, 0xfffffffffffffff5, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x862, 0xf, 0x22002, 0x200, 0x0, 0x62f, 0x6, 0x0, 0x0, 0x0, 0xb626, [0xfffffffffffffffe, 0xffffffffffff04ef, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9e, 0x0, 0xa7, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x40, 0x81, 0x8a0, 0xb, 0x81, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100002, 0x0, 0x3ff, 0x6, 0x0, 0x0, 0x8, 0x0, 0x4000000000000]}, 0x800000000000b, 0xbc) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clock_nanosleep$auto(0xb, 0xa000001c, 0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) madvise$auto(0x0, 0xffffffffffff0001, 0x15) msync$auto(0x110c230000, 0x200001, 0x6) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000007c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057\x1c&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\x7f\x00\x00\x00AN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81.f\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00\x00\x00\xec\xbd_r\xf16\xec\xf3\xbb[.\xf3\xef\xf8\x16x\x9e\xb3*:/L\xa0Kg\xf0\xa2\x84\xa3o\xcc\x9e\xd3\xeb\xd3(\xaa\x93g~\x01\x81\x1eV\xf1L\xfc\xad\xa9#O\xe4\x12\xd3\xbda\xbc\x9a\x9f+9\'\xc4\x13\xf0\xc88\x1d80?\xc2\a\af\xdc?-&\xedAd\x9c\xe5&\xb9\x14\xe1\x85 \xbf\x18\xfc:#\xcf\x7ffT\xefPb\xe1\xfa]\xcc\x8a\xe3\x99\x98u\x9bj>\x9d\xc2\x1fk\x87\x92\xfb(U\xa8\xcd4+\xf6e5],\xec\x84 \x1b\x10d\x1b@\x84X\xa1\xa8\xd7\xccO\xb0Qq\x1a\xa4<\\\x0e\xa4\x7f^\x1a|\xfd\xe6#\x00\x9e\x1d\x00k\x84\x1b\xa3\xb1O\xe0IzJRO\xf4,\xe5\xdb\x03CA\x13Q\x84\xbb\x88\xb4\xe3\xba\xf0/\xd0\x04\ny\a\x8d\x12h\xe22\xcb\"\xce\x00\x00', 0x5) ioctl$auto_USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, 0x0) pipe$auto(&(0x7f0000000040)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty1\x00', 0x101600, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xa0000, 0x0) 1.839576347s ago: executing program 2 (id=4373): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/pcm1p/sub3/status\x00', 0x2000, 0x0) write$auto_proc_reg_file_ops_compat_inode(r2, 0x0, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0xfffffffffffffecb, &(0x7f0000000100)={&(0x7f0000000000)={0x40, r1, 0x1, 0x2070bd26, 0x25dfdb78, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x11, 0x1, '\xc2\x00\x00\x00\x00\x00\x00\x00\n9\xac\xce\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x7}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x80) 1.350795739s ago: executing program 2 (id=4374): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r0, &(0x7f0000000200)={0x0, 0x500, &(0x7f00000001c0)={&(0x7f0000000080)={0x38, r1, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3ff}, @SEG6_ATTR_SECRET={0xc, 0x4, "ef20bbf0b6e731c5"}]}, 0x38}, 0x1, 0x0, 0x300, 0x80040}, 0x44000) 1.074431531s ago: executing program 2 (id=4375): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5) read$auto(r0, 0x0, 0x800) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00001e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) 883.796279ms ago: executing program 3 (id=4376): mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0a3765c9b0ff8fbbff63336633bec215ead541e5766cb", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2041, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r5, 0xc008551a, &(0x7f0000000040)={0x1, 0xffffffba}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000fcdbdf252100000008000300", @ANYRES32=r4], 0x28}}, 0x40480d0) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002dbd7100f97bf53b7200000408000300", @ANYRES32=r9], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) 862.69862ms ago: executing program 2 (id=4377): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) socket(0x2, 0x1, 0x106) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[@ANYBLOB="f8010000", @ANYRES16=r1, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r2, @ANYBLOB="04007d"], 0x1f8}, 0x1, 0x0, 0x0, 0x40051}, 0x20000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/psaux\x00', 0x30200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x10, 0x2, 0x4) write$auto(r5, &(0x7f0000000000)='-\x00', 0x2fb) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000004c0), r5) r6 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) mkdirat$auto(r6, &(0x7f0000000080)='./cgroup\x00', 0x9) 564.564388ms ago: executing program 2 (id=4378): mmap$auto(0x0, 0x0, 0x5, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x8, 0x7, 0x0, 0xffffffffffffffff, 0x80000001) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy17/total_ps_buffered\x00', 0x300, 0x0) socket(0x11, 0x80003, 0x300) r2 = socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_fd=r2, 0xd}, 0x92) setfsuid$auto(0xee00) sendmsg$auto_IPVS_CMD_GET_DEST(0xffffffffffffffff, 0x0, 0x40) r3 = setfsuid$auto(0xee01) keyctl$auto(0x1f, 0x0, r3, 0x0, 0x4000000003ff) r4 = bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0xa) bpf$auto(0x3, &(0x7f0000000700)=@raw_tracepoint={0x5, r4, 0x0, 0x3}, 0xd) 346.354426ms ago: executing program 0 (id=4379): bind$auto(0xffffffffffffffff, 0x0, 0x66) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) bpf$auto(0x11, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x1, 0xffffffffffffffff, 0xa, 0x6}, 0xcf) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0xfffffffd, &(0x7f0000000100)={0x0, 0xfc0}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x400}, 0x0, 0x4008) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x8001) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}, 0x1, 0x0, 0x0, 0x8001}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f0, 0x24) socket(0x29, 0x2, 0x0) ioctl$auto(r1, 0x3ff, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video8\x00', 0x802, 0x0) write$auto(r3, &(0x7f0000000100)='\x00\x00\x00\x00\x00\xf2\x1e\xadp@f\x1b\xd9\xfb\xfa?$B\xcer\xec\xb2!\xdb\xd1\xcaA\b6q\xf6\x17[\xac;\xe9\xe5\fp\xef\xec\x1a\vt\xae\x86l\xb5k{\x0f\x9e\na\x02v\xe8/\xe1t\xcd\x9aT\xee\xbb\xb1\x04o\x8e\x13\'b\xc5\xf5\x03\x98\f:\x92T(i2U\x84\xbbW\']~\x8b,\x96\x12\xbb4\xfa\xb3X\x17u\xc2\xa8\x01\x92\xf3\xef^\x16w6\xc8\xb6\xe0Y\x01v\xb8\xe1\xcc\xb8d\x98\xdd4\x0f\x9f9c\xa5\xb9\x8d$&H\'\x9e\x80\xa0', 0x100000001) write$auto(r2, &(0x7f0000000340)='/Yev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xf6eFK\xba\xd8J\x84\xc4\xe9W\x03\rF\xec\xb8\xb1Z|\xffGP\x97\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.\x0f\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\x18-\x1dM2\x1f\xcf\xc5D\xcc\xbe\x9a%\xdb\x84\xe5\x16\x15\x16\x90\\\x1bS\xbd\xdd\xfa\xc0\xd3\x9fIe\x85F\xff\x90\xe4\x1d\xba\xe7t\xbay\xed\x1b)\xa7\xc48\x8e7\x0e\x00'/188, 0xfffffffffffffffc) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80f) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1c, 0x1, 0x6, 0xee00, 0x80000001) r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) mmap$auto(0x0, 0x8000000000003ff, 0xffffffffffffffff, 0x9b72, r4, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0xffffffffffffffff, 0x7fff, 0xffffffffffffffff) ioctl$auto(0x3, 0x4040ae77, 0x38) 0s ago: executing program 2 (id=4380): r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs1\x00', 0x40000, 0x0) ioctl$auto_VHOST_SET_VRING_ERR2(0xffffffffffffffff, 0x4008af22, &(0x7f0000000080)={0x1, r0}) msgsnd$auto(0x0, &(0x7f0000000180)={0x40000007fe, 0x4}, 0x4000400, 0x3) socket(0x3, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x5, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x46, 0x0) mmap$auto(0x0, 0x5, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) capset$auto(&(0x7f0000000200)={0x20080522}, 0x0) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cec4\x00', 0x10b703, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd0) r2 = fsopen$auto(0x0, 0x1) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x2, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) shmget$auto(0x8, 0x10566, 0x52fe) setresuid$auto(0x0, 0x7, 0x0) fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) r3 = gettid() ptrace$auto(0xffffffffffffffff, r3, 0x2, 0x0) mmap$auto(0x3, 0x6, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = socket(0x15, 0x5, 0x0) seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0x5, &(0x7f00000000c0)="106cefe5cb76d0854b49d7c30358973d24b185a6a6db61beb6a9a33efaf6a58f612482d4391382b1d72843eefc424b92ae5d8445eef7730113338253757593438e0233303837b704fe6f083285dfb4232546b59799d1c58ac436380f642f325f27816ee80b0644d6a6b06463d3c4c64682964c7c140e2491dc64eac7aa276c6ea63d2ba699f288c64bf3f90d2710d2a3a27d615fec") sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40040}, 0x4008010) io_uring_setup$auto(0x6, 0x0) kernel console output (not intermixed with test programs): lure. [ 1679.615413][T25054] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1679.725482][T25054] CPU: 0 UID: 0 PID: 25054 Comm: syz.3.4001 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1679.725523][T25054] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1679.725532][T25054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1679.725547][T25054] Call Trace: [ 1679.725555][T25054] [ 1679.725565][T25054] dump_stack_lvl+0x100/0x190 [ 1679.725605][T25054] should_fail_ex.cold+0x5/0xa [ 1679.725633][T25054] _copy_from_iter+0x1f4/0x1690 [ 1679.725661][T25054] ? __asan_memset+0x23/0x50 [ 1679.725695][T25054] ? __pfx__copy_from_iter+0x10/0x10 [ 1679.725719][T25054] ? __pfx___alloc_skb+0x10/0x10 [ 1679.725758][T25054] netlink_sendmsg+0x808/0xda0 [ 1679.725796][T25054] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1679.725827][T25054] ? __import_iovec+0x1d2/0x640 [ 1679.725853][T25054] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1679.725892][T25054] ____sys_sendmsg+0x9e1/0xb70 [ 1679.725926][T25054] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1679.725968][T25054] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1679.726010][T25054] ? __pfx__kstrtoull+0x10/0x10 [ 1679.726045][T25054] ___sys_sendmsg+0x190/0x1e0 [ 1679.726085][T25054] ? __pfx____sys_sendmsg+0x10/0x10 [ 1679.726136][T25054] ? find_held_lock+0x2b/0x80 [ 1679.726176][T25054] __sys_sendmmsg+0x205/0x430 [ 1679.726209][T25054] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1679.726248][T25054] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1679.726292][T25054] ? fput+0x79/0x100 [ 1679.726319][T25054] ? ksys_write+0x1ac/0x250 [ 1679.726341][T25054] ? __pfx_ksys_write+0x10/0x10 [ 1679.726367][T25054] __x64_sys_sendmmsg+0x9c/0x100 [ 1679.726397][T25054] ? lockdep_hardirqs_on+0x78/0x100 [ 1679.726426][T25054] do_syscall_64+0x106/0xf80 [ 1679.726454][T25054] ? clear_bhb_loop+0x40/0x90 [ 1679.726484][T25054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1679.726509][T25054] RIP: 0033:0x7fcbf6d9c799 [ 1679.726528][T25054] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1679.726552][T25054] RSP: 002b:00007fcbf7bbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1679.726576][T25054] RAX: ffffffffffffffda RBX: 00007fcbf7015fa0 RCX: 00007fcbf6d9c799 [ 1679.726592][T25054] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1679.726607][T25054] RBP: 00007fcbf7bbe090 R08: 0000000000000000 R09: 0000000000000000 [ 1679.726621][T25054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1679.726636][T25054] R13: 00007fcbf7016038 R14: 00007fcbf7015fa0 R15: 00007ffe651803a8 [ 1679.726666][T25054] [ 1680.588016][T21305] Bluetooth: hci1: command 0x0c1a tx timeout [ 1680.594234][T21305] Bluetooth: hci3: command 0x0c1a tx timeout [ 1680.600345][T21305] Bluetooth: hci2: command 0x040f tx timeout [ 1680.760010][T25046] program syz.0.3997 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1680.924382][T25062] FAULT_INJECTION: forcing a failure. [ 1680.924382][T25062] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1681.021082][T25062] CPU: 0 UID: 0 PID: 25062 Comm: syz.3.4004 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1681.021125][T25062] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1681.021135][T25062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1681.021150][T25062] Call Trace: [ 1681.021158][T25062] [ 1681.021167][T25062] dump_stack_lvl+0x100/0x190 [ 1681.021209][T25062] should_fail_ex.cold+0x5/0xa [ 1681.021238][T25062] get_futex_key+0x1d2/0x1620 [ 1681.021271][T25062] ? __pfx_get_futex_key+0x10/0x10 [ 1681.021301][T25062] ? do_mmap+0x93f/0x12f0 [ 1681.021328][T25062] ? __pfx_userfaultfd_unmap_complete+0x10/0x10 [ 1681.021379][T25062] futex_wake+0xea/0x530 [ 1681.021419][T25062] ? __pfx_futex_wake+0x10/0x10 [ 1681.021469][T25062] do_futex+0x32b/0x350 [ 1681.021501][T25062] ? __pfx_do_futex+0x10/0x10 [ 1681.021531][T25062] ? __pfx_do_sys_openat2+0x10/0x10 [ 1681.021572][T25062] __x64_sys_futex+0x34f/0x4d0 [ 1681.021605][T25062] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1681.021632][T25062] ? __pfx___x64_sys_futex+0x10/0x10 [ 1681.021675][T25062] do_syscall_64+0x106/0xf80 [ 1681.021706][T25062] ? clear_bhb_loop+0x40/0x90 [ 1681.021737][T25062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1681.021762][T25062] RIP: 0033:0x7fcbf6d9c799 [ 1681.021783][T25062] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1681.021807][T25062] RSP: 002b:00007fcbf7b9d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1681.021830][T25062] RAX: ffffffffffffffda RBX: 00007fcbf7016098 RCX: 00007fcbf6d9c799 [ 1681.021846][T25062] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcbf701609c [ 1681.021871][T25062] RBP: 00007fcbf7016090 R08: 0000000000000000 R09: 0000000000000000 [ 1681.021886][T25062] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1681.021902][T25062] R13: 00007fcbf7016128 R14: 00007ffe651802c0 R15: 00007ffe651803a8 [ 1681.021933][T25062] [ 1691.002720][T25136] FAULT_INJECTION: forcing a failure. [ 1691.002720][T25136] name failslab, interval 1, probability 0, space 0, times 0 [ 1691.339761][T25136] CPU: 0 UID: 0 PID: 25136 Comm: syz.1.4019 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1691.339803][T25136] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1691.339813][T25136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1691.339828][T25136] Call Trace: [ 1691.339836][T25136] [ 1691.339845][T25136] dump_stack_lvl+0x100/0x190 [ 1691.339888][T25136] should_fail_ex.cold+0x5/0xa [ 1691.339917][T25136] should_failslab+0xc2/0x120 [ 1691.339944][T25136] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1691.339980][T25136] ? rpc_new_task+0x729/0x9d0 [ 1691.340027][T25136] rpc_new_task+0x729/0x9d0 [ 1691.340068][T25136] ? __lock_acquire+0x4a5/0x2630 [ 1691.340099][T25136] ? __pfx_rpc_new_task+0x10/0x10 [ 1691.340148][T25136] rpc_run_task+0x1e/0x660 [ 1691.340189][T25136] rpc_call_sync+0xd2/0x1a0 [ 1691.340214][T25136] ? __pfx_rpc_call_sync+0x10/0x10 [ 1691.340245][T25136] ? net_generic+0xea/0x2a0 [ 1691.340286][T25136] rpcb_register+0x262/0x530 [ 1691.340321][T25136] ? __pfx_rpcb_register+0x10/0x10 [ 1691.340361][T25136] ? find_held_lock+0x2b/0x80 [ 1691.340398][T25136] svc_unregister+0x5a2/0x820 [ 1691.340447][T25136] ? svc_close_list+0xd3/0x110 [ 1691.340483][T25136] svc_rpcb_cleanup+0x1c/0x30 [ 1691.340519][T25136] svc_xprt_destroy_all+0x455/0x4e0 [ 1691.340559][T25136] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1691.340594][T25136] ? __pfx_svc_xprt_destroy_all+0x10/0x10 [ 1691.340627][T25136] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1691.340670][T25136] nfsd_destroy_serv+0x1a8/0x4e0 [ 1691.340704][T25136] ? do_raw_spin_lock+0x128/0x260 [ 1691.340741][T25136] ? __pfx_nfsd_destroy_serv+0x10/0x10 [ 1691.340779][T25136] ? __nla_parse+0x40/0x60 [ 1691.340815][T25136] nfsd_nl_listener_set_doit+0x822/0x1a80 [ 1691.340848][T25136] ? rcu_is_watching+0x12/0xc0 [ 1691.340886][T25136] ? trace_kmalloc+0x101/0x130 [ 1691.340912][T25136] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 1691.340940][T25136] ? __nla_parse+0x40/0x60 [ 1691.340974][T25136] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 1691.341014][T25136] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 1691.341059][T25136] genl_family_rcv_msg_doit+0x214/0x300 [ 1691.341100][T25136] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1691.341139][T25136] ? genl_get_cmd+0x3ef/0x720 [ 1691.341181][T25136] ? bpf_lsm_capable+0x9/0x10 [ 1691.341206][T25136] ? security_capable+0x80/0x260 [ 1691.341246][T25136] genl_rcv_msg+0x560/0x800 [ 1691.341286][T25136] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1691.341325][T25136] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 1691.341363][T25136] netlink_rcv_skb+0x159/0x420 [ 1691.341396][T25136] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1691.341442][T25136] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1691.341489][T25136] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1691.341525][T25136] genl_rcv+0x28/0x40 [ 1691.341575][T25136] netlink_unicast+0x5aa/0x870 [ 1691.341612][T25136] ? __pfx_netlink_unicast+0x10/0x10 [ 1691.341656][T25136] netlink_sendmsg+0x8b0/0xda0 [ 1691.341694][T25136] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1691.341726][T25136] ? __import_iovec+0x1d2/0x640 [ 1691.341755][T25136] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1691.341795][T25136] ____sys_sendmsg+0x9e1/0xb70 [ 1691.341831][T25136] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1691.341868][T25136] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1691.341910][T25136] ? try_to_wake_up+0x644/0x1a80 [ 1691.341940][T25136] ___sys_sendmsg+0x190/0x1e0 [ 1691.341981][T25136] ? __pfx____sys_sendmsg+0x10/0x10 [ 1691.342021][T25136] ? futex_private_hash_put+0x107/0x1c0 [ 1691.342084][T25136] __sys_sendmsg+0x170/0x220 [ 1691.342115][T25136] ? __pfx___sys_sendmsg+0x10/0x10 [ 1691.342145][T25136] ? __x64_sys_futex+0x34f/0x4d0 [ 1691.342195][T25136] do_syscall_64+0x106/0xf80 [ 1691.342225][T25136] ? clear_bhb_loop+0x40/0x90 [ 1691.342255][T25136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1691.342281][T25136] RIP: 0033:0x7fbc1079c799 [ 1691.342302][T25136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1691.342326][T25136] RSP: 002b:00007fbc0e9d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1691.342351][T25136] RAX: ffffffffffffffda RBX: 00007fbc10a16180 RCX: 00007fbc1079c799 [ 1691.342368][T25136] RDX: 0000000020000000 RSI: 0000200000005380 RDI: 0000000000000010 [ 1691.342384][T25136] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1691.342400][T25136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1691.342415][T25136] R13: 00007fbc10a16218 R14: 00007fbc10a16180 R15: 00007ffe3da6e8b8 [ 1691.342452][T25136] [ 1692.191515][T25148] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4022'. [ 1692.331219][T25148] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1692.511226][T25148] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1693.131304][T25158] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input112 [ 1694.815457][T25178] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4029'. [ 1694.994898][T25186] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4029'. [ 1696.940311][T25208] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4035'. [ 1697.028285][T25208] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4035'. [ 1698.029050][T25218] netlink: 1532 bytes leftover after parsing attributes in process `syz.2.4045'. [ 1702.430742][T25255] FAULT_INJECTION: forcing a failure. [ 1702.430742][T25255] name failslab, interval 1, probability 0, space 0, times 0 [ 1702.505565][T25255] CPU: 0 UID: 0 PID: 25255 Comm: syz.3.4046 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1702.505607][T25255] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1702.505617][T25255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1702.505632][T25255] Call Trace: [ 1702.505641][T25255] [ 1702.505651][T25255] dump_stack_lvl+0x100/0x190 [ 1702.505695][T25255] should_fail_ex.cold+0x5/0xa [ 1702.505726][T25255] should_failslab+0xc2/0x120 [ 1702.505753][T25255] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1702.505793][T25255] ? __d_alloc+0x34/0xa80 [ 1702.505827][T25255] __d_alloc+0x34/0xa80 [ 1702.505857][T25255] d_alloc_pseudo+0x1c/0xc0 [ 1702.505892][T25255] alloc_file_pseudo+0xcf/0x230 [ 1702.505925][T25255] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1702.505975][T25255] __shmem_file_setup+0x221/0x490 [ 1702.506011][T25255] ? __pfx___shmem_file_setup+0x10/0x10 [ 1702.506051][T25255] ? vm_area_alloc+0x1f/0x160 [ 1702.506088][T25255] shmem_zero_setup+0x96/0x1b0 [ 1702.506129][T25255] __mmap_region+0x2198/0x29e0 [ 1702.506170][T25255] ? __pfx___mmap_region+0x10/0x10 [ 1702.506209][T25255] ? __lock_acquire+0x4a5/0x2630 [ 1702.506244][T25255] ? set_next_entity+0x11e/0x9c0 [ 1702.506284][T25255] ? __lock_acquire+0x4a5/0x2630 [ 1702.506314][T25255] ? find_held_lock+0x2b/0x80 [ 1702.506349][T25255] ? find_held_lock+0x2b/0x80 [ 1702.506370][T25255] ? finish_task_switch.isra.0+0x200/0xb80 [ 1702.506397][T25255] ? finish_task_switch.isra.0+0x200/0xb80 [ 1702.506435][T25255] ? trace_sched_exit_tp+0x13a/0x180 [ 1702.506464][T25255] ? __schedule+0x1000/0x6120 [ 1702.506531][T25255] ? rcu_is_watching+0x12/0xc0 [ 1702.506568][T25255] ? cap_capable+0x107/0x460 [ 1702.506611][T25255] mmap_region+0x180/0x3e0 [ 1702.506653][T25255] do_mmap+0xc63/0x12f0 [ 1702.506686][T25255] ? __pfx_do_mmap+0x10/0x10 [ 1702.506713][T25255] ? __pfx_down_write_killable+0x10/0x10 [ 1702.506754][T25255] vm_mmap_pgoff+0x29e/0x470 [ 1702.506787][T25255] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1702.506816][T25255] ? do_futex+0x192/0x350 [ 1702.506848][T25255] ? __pfx_do_futex+0x10/0x10 [ 1702.506885][T25255] ksys_mmap_pgoff+0xe1/0x650 [ 1702.506912][T25255] ? __x64_sys_futex+0x34f/0x4d0 [ 1702.506948][T25255] ? __x64_sys_futex+0x358/0x4d0 [ 1702.506981][T25255] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1702.507008][T25255] ? xfd_validate_state+0x129/0x190 [ 1702.507051][T25255] __x64_sys_mmap+0x125/0x190 [ 1702.507091][T25255] do_syscall_64+0x106/0xf80 [ 1702.507121][T25255] ? clear_bhb_loop+0x40/0x90 [ 1702.507152][T25255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1702.507178][T25255] RIP: 0033:0x7fcbf6d9c799 [ 1702.507198][T25255] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1702.507223][T25255] RSP: 002b:00007fcbf7bbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1702.507247][T25255] RAX: ffffffffffffffda RBX: 00007fcbf7015fa0 RCX: 00007fcbf6d9c799 [ 1702.507265][T25255] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1702.507280][T25255] RBP: 00007fcbf6e32c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1702.507296][T25255] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1702.507311][T25255] R13: 00007fcbf7016038 R14: 00007fcbf7015fa0 R15: 00007ffe651803a8 [ 1702.507343][T25255] [ 1703.350732][T25262] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4047'. [ 1703.535666][ T30] audit: type=1326 audit(4294976002.946:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25256 comm="syz.1.4047" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbc1079c799 code=0x0 [ 1704.187154][T25266] FAULT_INJECTION: forcing a failure. [ 1704.187154][T25266] name failslab, interval 1, probability 0, space 0, times 0 [ 1704.267006][T25266] CPU: 0 UID: 0 PID: 25266 Comm: syz.1.4048 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1704.267048][T25266] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1704.267058][T25266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1704.267073][T25266] Call Trace: [ 1704.267082][T25266] [ 1704.267092][T25266] dump_stack_lvl+0x100/0x190 [ 1704.267134][T25266] should_fail_ex.cold+0x5/0xa [ 1704.267172][T25266] should_failslab+0xc2/0x120 [ 1704.267199][T25266] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1704.267237][T25266] ? __d_alloc+0x34/0xa80 [ 1704.267272][T25266] __d_alloc+0x34/0xa80 [ 1704.267302][T25266] d_alloc_pseudo+0x1c/0xc0 [ 1704.267338][T25266] alloc_file_pseudo+0xcf/0x230 [ 1704.267372][T25266] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1704.267412][T25266] __shmem_file_setup+0x221/0x490 [ 1704.267447][T25266] ? __pfx___shmem_file_setup+0x10/0x10 [ 1704.267486][T25266] ? vm_area_alloc+0x1f/0x160 [ 1704.267522][T25266] shmem_zero_setup+0x96/0x1b0 [ 1704.267563][T25266] __mmap_region+0x2198/0x29e0 [ 1704.267604][T25266] ? __pfx___mmap_region+0x10/0x10 [ 1704.267642][T25266] ? __lock_acquire+0x4a5/0x2630 [ 1704.267677][T25266] ? set_next_entity+0x11e/0x9c0 [ 1704.267717][T25266] ? __lock_acquire+0x4a5/0x2630 [ 1704.267747][T25266] ? find_held_lock+0x2b/0x80 [ 1704.267782][T25266] ? find_held_lock+0x2b/0x80 [ 1704.267804][T25266] ? finish_task_switch.isra.0+0x200/0xb80 [ 1704.267830][T25266] ? finish_task_switch.isra.0+0x200/0xb80 [ 1704.267868][T25266] ? trace_sched_exit_tp+0x13a/0x180 [ 1704.267898][T25266] ? __schedule+0x1000/0x6120 [ 1704.267962][T25266] ? rcu_is_watching+0x12/0xc0 [ 1704.267999][T25266] ? cap_capable+0x107/0x460 [ 1704.268039][T25266] mmap_region+0x180/0x3e0 [ 1704.268081][T25266] do_mmap+0xc63/0x12f0 [ 1704.268114][T25266] ? __pfx_do_mmap+0x10/0x10 [ 1704.268141][T25266] ? __pfx_down_write_killable+0x10/0x10 [ 1704.268188][T25266] vm_mmap_pgoff+0x29e/0x470 [ 1704.268222][T25266] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1704.268252][T25266] ? do_futex+0x192/0x350 [ 1704.268285][T25266] ? __pfx_do_futex+0x10/0x10 [ 1704.268322][T25266] ksys_mmap_pgoff+0xe1/0x650 [ 1704.268348][T25266] ? __x64_sys_futex+0x34f/0x4d0 [ 1704.268379][T25266] ? __x64_sys_futex+0x358/0x4d0 [ 1704.268412][T25266] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1704.268438][T25266] ? xfd_validate_state+0x129/0x190 [ 1704.268480][T25266] __x64_sys_mmap+0x125/0x190 [ 1704.268520][T25266] do_syscall_64+0x106/0xf80 [ 1704.268550][T25266] ? clear_bhb_loop+0x40/0x90 [ 1704.268580][T25266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1704.268607][T25266] RIP: 0033:0x7fbc1079c799 [ 1704.268627][T25266] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1704.268652][T25266] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1704.268675][T25266] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1704.268691][T25266] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1704.268706][T25266] RBP: 00007fbc10832c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1704.268722][T25266] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1704.268737][T25266] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1704.268768][T25266] [ 1705.787679][T25273] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4050'. [ 1706.321675][T25282] FAULT_INJECTION: forcing a failure. [ 1706.321675][T25282] name failslab, interval 1, probability 0, space 0, times 0 [ 1706.401746][T25282] CPU: 0 UID: 0 PID: 25282 Comm: syz.1.4052 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1706.401789][T25282] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1706.401799][T25282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1706.401814][T25282] Call Trace: [ 1706.401823][T25282] [ 1706.401834][T25282] dump_stack_lvl+0x100/0x190 [ 1706.401876][T25282] should_fail_ex.cold+0x5/0xa [ 1706.401905][T25282] should_failslab+0xc2/0x120 [ 1706.401932][T25282] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1706.401974][T25282] ? __d_alloc+0x34/0xa80 [ 1706.402010][T25282] __d_alloc+0x34/0xa80 [ 1706.402041][T25282] d_alloc_pseudo+0x1c/0xc0 [ 1706.402076][T25282] alloc_file_pseudo+0xcf/0x230 [ 1706.402110][T25282] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1706.402151][T25282] __shmem_file_setup+0x221/0x490 [ 1706.402186][T25282] ? __pfx___shmem_file_setup+0x10/0x10 [ 1706.402225][T25282] ? vm_area_alloc+0x1f/0x160 [ 1706.402262][T25282] shmem_zero_setup+0x96/0x1b0 [ 1706.402303][T25282] __mmap_region+0x2198/0x29e0 [ 1706.402344][T25282] ? __pfx___mmap_region+0x10/0x10 [ 1706.402383][T25282] ? __lock_acquire+0x4a5/0x2630 [ 1706.402417][T25282] ? set_next_entity+0x11e/0x9c0 [ 1706.402458][T25282] ? __lock_acquire+0x4a5/0x2630 [ 1706.402499][T25282] ? find_held_lock+0x2b/0x80 [ 1706.402535][T25282] ? find_held_lock+0x2b/0x80 [ 1706.402558][T25282] ? finish_task_switch.isra.0+0x200/0xb80 [ 1706.402585][T25282] ? finish_task_switch.isra.0+0x200/0xb80 [ 1706.402623][T25282] ? trace_sched_exit_tp+0x13a/0x180 [ 1706.402654][T25282] ? __schedule+0x1000/0x6120 [ 1706.402717][T25282] ? rcu_is_watching+0x12/0xc0 [ 1706.402754][T25282] ? cap_capable+0x107/0x460 [ 1706.402794][T25282] mmap_region+0x180/0x3e0 [ 1706.402836][T25282] do_mmap+0xc63/0x12f0 [ 1706.402868][T25282] ? __pfx_do_mmap+0x10/0x10 [ 1706.402895][T25282] ? __pfx_down_write_killable+0x10/0x10 [ 1706.402937][T25282] vm_mmap_pgoff+0x29e/0x470 [ 1706.402971][T25282] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1706.403002][T25282] ? do_futex+0x192/0x350 [ 1706.403033][T25282] ? __pfx_do_futex+0x10/0x10 [ 1706.403071][T25282] ksys_mmap_pgoff+0xe1/0x650 [ 1706.403096][T25282] ? __x64_sys_futex+0x34f/0x4d0 [ 1706.403127][T25282] ? __x64_sys_futex+0x358/0x4d0 [ 1706.403159][T25282] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1706.403186][T25282] ? xfd_validate_state+0x129/0x190 [ 1706.403227][T25282] __x64_sys_mmap+0x125/0x190 [ 1706.403267][T25282] do_syscall_64+0x106/0xf80 [ 1706.403296][T25282] ? clear_bhb_loop+0x40/0x90 [ 1706.403326][T25282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1706.403352][T25282] RIP: 0033:0x7fbc1079c799 [ 1706.403373][T25282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1706.403397][T25282] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1706.403421][T25282] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1706.403438][T25282] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1706.403453][T25282] RBP: 00007fbc10832c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1706.403475][T25282] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1706.403491][T25282] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1706.403523][T25282] [ 1710.245266][T25330] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1711.120742][T25335] FAULT_INJECTION: forcing a failure. [ 1711.120742][T25335] name failslab, interval 1, probability 0, space 0, times 0 [ 1711.214397][T25335] CPU: 0 UID: 0 PID: 25335 Comm: syz.3.4063 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1711.214438][T25335] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1711.214447][T25335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1711.214463][T25335] Call Trace: [ 1711.214471][T25335] [ 1711.214482][T25335] dump_stack_lvl+0x100/0x190 [ 1711.214523][T25335] should_fail_ex.cold+0x5/0xa [ 1711.214560][T25335] should_failslab+0xc2/0x120 [ 1711.214587][T25335] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1711.214626][T25335] ? __d_alloc+0x34/0xa80 [ 1711.214659][T25335] __d_alloc+0x34/0xa80 [ 1711.214690][T25335] d_alloc_pseudo+0x1c/0xc0 [ 1711.214725][T25335] alloc_file_pseudo+0xcf/0x230 [ 1711.214758][T25335] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1711.214798][T25335] __shmem_file_setup+0x221/0x490 [ 1711.214833][T25335] ? __pfx___shmem_file_setup+0x10/0x10 [ 1711.214873][T25335] ? vm_area_alloc+0x1f/0x160 [ 1711.214909][T25335] shmem_zero_setup+0x96/0x1b0 [ 1711.214950][T25335] __mmap_region+0x2198/0x29e0 [ 1711.214991][T25335] ? __pfx___mmap_region+0x10/0x10 [ 1711.215029][T25335] ? __lock_acquire+0x4a5/0x2630 [ 1711.215063][T25335] ? set_next_entity+0x11e/0x9c0 [ 1711.215103][T25335] ? __lock_acquire+0x4a5/0x2630 [ 1711.215134][T25335] ? find_held_lock+0x2b/0x80 [ 1711.215169][T25335] ? find_held_lock+0x2b/0x80 [ 1711.215191][T25335] ? finish_task_switch.isra.0+0x200/0xb80 [ 1711.215218][T25335] ? finish_task_switch.isra.0+0x200/0xb80 [ 1711.215257][T25335] ? trace_sched_exit_tp+0x13a/0x180 [ 1711.215286][T25335] ? __schedule+0x1000/0x6120 [ 1711.215351][T25335] ? rcu_is_watching+0x12/0xc0 [ 1711.215389][T25335] ? cap_capable+0x107/0x460 [ 1711.215429][T25335] mmap_region+0x180/0x3e0 [ 1711.215472][T25335] do_mmap+0xc63/0x12f0 [ 1711.215504][T25335] ? __pfx_do_mmap+0x10/0x10 [ 1711.215539][T25335] ? __pfx_down_write_killable+0x10/0x10 [ 1711.215581][T25335] vm_mmap_pgoff+0x29e/0x470 [ 1711.215615][T25335] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1711.215645][T25335] ? do_futex+0x192/0x350 [ 1711.215678][T25335] ? __pfx_do_futex+0x10/0x10 [ 1711.215716][T25335] ksys_mmap_pgoff+0xe1/0x650 [ 1711.215742][T25335] ? __x64_sys_futex+0x34f/0x4d0 [ 1711.215773][T25335] ? __x64_sys_futex+0x358/0x4d0 [ 1711.215806][T25335] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1711.215832][T25335] ? xfd_validate_state+0x129/0x190 [ 1711.215874][T25335] __x64_sys_mmap+0x125/0x190 [ 1711.215915][T25335] do_syscall_64+0x106/0xf80 [ 1711.215944][T25335] ? clear_bhb_loop+0x40/0x90 [ 1711.215975][T25335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1711.216001][T25335] RIP: 0033:0x7fcbf6d9c799 [ 1711.216021][T25335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1711.216046][T25335] RSP: 002b:00007fcbf7bbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1711.216069][T25335] RAX: ffffffffffffffda RBX: 00007fcbf7015fa0 RCX: 00007fcbf6d9c799 [ 1711.216086][T25335] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1711.216102][T25335] RBP: 00007fcbf6e32c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1711.216118][T25335] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1711.216133][T25335] R13: 00007fcbf7016038 R14: 00007fcbf7015fa0 R15: 00007ffe651803a8 [ 1711.216165][T25335] [ 1715.231125][T25376] Invalid ELF header magic: != ELF [ 1719.669597][T25409] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4077'. [ 1720.609631][T25418] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4080'. [ 1721.086711][T25418] team0: Port device team_slave_0 removed [ 1723.243376][T25447] netlink: 302 bytes leftover after parsing attributes in process `syz.0.4086'. [ 1726.167959][T25463] netlink: 'syz.1.4090': attribute type 11 has an invalid length. [ 1727.069174][T25471] FAULT_INJECTION: forcing a failure. [ 1727.069174][T25471] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1727.400062][T25471] CPU: 0 UID: 0 PID: 25471 Comm: syz.0.4091 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1727.400104][T25471] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1727.400114][T25471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1727.400130][T25471] Call Trace: [ 1727.400138][T25471] [ 1727.400148][T25471] dump_stack_lvl+0x100/0x190 [ 1727.400200][T25471] should_fail_ex.cold+0x5/0xa [ 1727.400224][T25471] ? prepare_alloc_pages+0x16d/0x5f0 [ 1727.400256][T25471] should_fail_alloc_page+0xeb/0x140 [ 1727.400284][T25471] prepare_alloc_pages+0x1f0/0x5f0 [ 1727.400314][T25471] ? trace_ignore_this_task+0xbc/0x100 [ 1727.400354][T25471] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1727.400397][T25471] ? lock_acquire+0x1cf/0x380 [ 1727.400429][T25471] ? find_held_lock+0x2b/0x80 [ 1727.400451][T25471] ? finish_task_switch.isra.0+0x200/0xb80 [ 1727.400479][T25471] ? finish_task_switch.isra.0+0x200/0xb80 [ 1727.400507][T25471] ? rcu_is_watching+0x12/0xc0 [ 1727.400550][T25471] ? finish_task_switch.isra.0+0x205/0xb80 [ 1727.400576][T25471] ? lockdep_hardirqs_on+0x78/0x100 [ 1727.400607][T25471] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1727.400649][T25471] ? trace_sched_exit_tp+0x13a/0x180 [ 1727.400678][T25471] ? __schedule+0x1000/0x6120 [ 1727.400717][T25471] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1727.400767][T25471] ? policy_nodemask+0xed/0x4f0 [ 1727.400796][T25471] alloc_pages_mpol+0x1fb/0x550 [ 1727.400824][T25471] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1727.400859][T25471] folio_alloc_mpol_noprof+0x36/0x340 [ 1727.400892][T25471] vma_alloc_folio_noprof+0xed/0x1d0 [ 1727.400924][T25471] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1727.400964][T25471] do_anonymous_page+0xb3a/0x1fb0 [ 1727.401008][T25471] __handle_mm_fault+0x1d42/0x2b60 [ 1727.401048][T25471] ? reacquire_held_locks+0xce/0x1e0 [ 1727.401081][T25471] ? __pfx___handle_mm_fault+0x10/0x10 [ 1727.401120][T25471] ? lock_vma_under_rcu+0x17c/0x590 [ 1727.401171][T25471] handle_mm_fault+0x36d/0xa20 [ 1727.401211][T25471] do_user_addr_fault+0x5a3/0x12f0 [ 1727.401261][T25471] exc_page_fault+0x6f/0xd0 [ 1727.401290][T25471] asm_exc_page_fault+0x26/0x30 [ 1727.401315][T25471] RIP: 0033:0x7f26a805df4b [ 1727.401340][T25471] Code: 00 00 00 48 8d 3d 3d a7 1a 00 48 89 c1 31 c0 e8 9b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 71 a7 1a 00 48 89 34 24 48 8b 14 24 48 8b [ 1727.401365][T25471] RSP: 002b:00007f26a90cbfa0 EFLAGS: 00010206 [ 1727.401385][T25471] RAX: 0000000000000000 RBX: 00007f26a8416090 RCX: 0000000000000000 [ 1727.401401][T25471] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000001500 [ 1727.401417][T25471] RBP: 00007f26a8232c99 R08: 0000000000000000 R09: 0000000000000000 [ 1727.401432][T25471] R10: 0000200000001500 R11: 0000000000000000 R12: 0000000000000000 [ 1727.401448][T25471] R13: 00007f26a8416128 R14: 00007f26a8416090 R15: 00007fff9ad6d318 [ 1727.401480][T25471] [ 1727.401497][T25471] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 1727.971983][T25488] FAULT_INJECTION: forcing a failure. [ 1727.971983][T25488] name failslab, interval 1, probability 0, space 0, times 0 [ 1728.059822][T25487] FAULT_INJECTION: forcing a failure. [ 1728.059822][T25487] name failslab, interval 1, probability 0, space 0, times 0 [ 1728.120049][T25488] CPU: 0 UID: 0 PID: 25488 Comm: syz.1.4097 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1728.120091][T25488] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1728.120102][T25488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1728.120117][T25488] Call Trace: [ 1728.120125][T25488] [ 1728.120135][T25488] dump_stack_lvl+0x100/0x190 [ 1728.120178][T25488] should_fail_ex.cold+0x5/0xa [ 1728.120208][T25488] should_failslab+0xc2/0x120 [ 1728.120234][T25488] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1728.120271][T25488] ? alloc_empty_file+0x55/0x1c0 [ 1728.120307][T25488] alloc_empty_file+0x55/0x1c0 [ 1728.120338][T25488] alloc_file_pseudo+0x13a/0x230 [ 1728.120371][T25488] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1728.120403][T25488] ? alloc_fd+0x476/0x790 [ 1728.120431][T25488] sock_alloc_file+0x50/0x210 [ 1728.120468][T25488] __sys_socket+0x1c0/0x260 [ 1728.120491][T25488] ? __pfx___sys_socket+0x10/0x10 [ 1728.120522][T25488] __x64_sys_socket+0x72/0xb0 [ 1728.120550][T25488] ? lockdep_hardirqs_on+0x78/0x100 [ 1728.120581][T25488] do_syscall_64+0x106/0xf80 [ 1728.120617][T25488] ? clear_bhb_loop+0x40/0x90 [ 1728.120648][T25488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1728.120674][T25488] RIP: 0033:0x7fbc1079c799 [ 1728.120694][T25488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1728.120718][T25488] RSP: 002b:00007fbc0e9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1728.120742][T25488] RAX: ffffffffffffffda RBX: 00007fbc10a16090 RCX: 00007fbc1079c799 [ 1728.120759][T25488] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1728.120773][T25488] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1728.120789][T25488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1728.120803][T25488] R13: 00007fbc10a16128 R14: 00007fbc10a16090 R15: 00007ffe3da6e8b8 [ 1728.120834][T25488] [ 1728.582073][T25487] CPU: 0 UID: 0 PID: 25487 Comm: syz.3.4096 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1728.582122][T25487] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1728.582134][T25487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1728.582152][T25487] Call Trace: [ 1728.582161][T25487] [ 1728.582173][T25487] dump_stack_lvl+0x100/0x190 [ 1728.582219][T25487] should_fail_ex.cold+0x5/0xa [ 1728.582252][T25487] should_failslab+0xc2/0x120 [ 1728.582282][T25487] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1728.582325][T25487] ? __d_alloc+0x34/0xa80 [ 1728.582362][T25487] __d_alloc+0x34/0xa80 [ 1728.582396][T25487] d_alloc_pseudo+0x1c/0xc0 [ 1728.582436][T25487] alloc_file_pseudo+0xcf/0x230 [ 1728.582473][T25487] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1728.582526][T25487] __shmem_file_setup+0x221/0x490 [ 1728.582567][T25487] ? __pfx___shmem_file_setup+0x10/0x10 [ 1728.582618][T25487] ? vm_area_alloc+0x1f/0x160 [ 1728.582659][T25487] shmem_zero_setup+0x96/0x1b0 [ 1728.582705][T25487] __mmap_region+0x2198/0x29e0 [ 1728.582752][T25487] ? __pfx___mmap_region+0x10/0x10 [ 1728.582795][T25487] ? __lock_acquire+0x4a5/0x2630 [ 1728.582833][T25487] ? set_next_entity+0x11e/0x9c0 [ 1728.582878][T25487] ? __lock_acquire+0x4a5/0x2630 [ 1728.582912][T25487] ? find_held_lock+0x2b/0x80 [ 1728.582951][T25487] ? find_held_lock+0x2b/0x80 [ 1728.582975][T25487] ? finish_task_switch.isra.0+0x200/0xb80 [ 1728.583005][T25487] ? finish_task_switch.isra.0+0x200/0xb80 [ 1728.583048][T25487] ? trace_sched_exit_tp+0x13a/0x180 [ 1728.583080][T25487] ? __schedule+0x1000/0x6120 [ 1728.583153][T25487] ? rcu_is_watching+0x12/0xc0 [ 1728.583195][T25487] ? cap_capable+0x107/0x460 [ 1728.583239][T25487] mmap_region+0x180/0x3e0 [ 1728.583285][T25487] do_mmap+0xc63/0x12f0 [ 1728.583322][T25487] ? __pfx_do_mmap+0x10/0x10 [ 1728.583353][T25487] ? __pfx_down_write_killable+0x10/0x10 [ 1728.583399][T25487] vm_mmap_pgoff+0x29e/0x470 [ 1728.583436][T25487] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1728.583469][T25487] ? do_futex+0x192/0x350 [ 1728.583510][T25487] ? __pfx_do_futex+0x10/0x10 [ 1728.583552][T25487] ksys_mmap_pgoff+0xe1/0x650 [ 1728.583582][T25487] ? __x64_sys_futex+0x34f/0x4d0 [ 1728.583617][T25487] ? __x64_sys_futex+0x358/0x4d0 [ 1728.583653][T25487] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1728.583683][T25487] ? xfd_validate_state+0x129/0x190 [ 1728.583731][T25487] __x64_sys_mmap+0x125/0x190 [ 1728.583775][T25487] do_syscall_64+0x106/0xf80 [ 1728.583808][T25487] ? clear_bhb_loop+0x40/0x90 [ 1728.583842][T25487] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1728.583872][T25487] RIP: 0033:0x7fcbf6d9c799 [ 1728.583895][T25487] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1728.583923][T25487] RSP: 002b:00007fcbf7bbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1728.583949][T25487] RAX: ffffffffffffffda RBX: 00007fcbf7015fa0 RCX: 00007fcbf6d9c799 [ 1728.583968][T25487] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1728.583985][T25487] RBP: 00007fcbf6e32c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1728.584004][T25487] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1728.584021][T25487] R13: 00007fcbf7016038 R14: 00007fcbf7015fa0 R15: 00007ffe651803a8 [ 1728.584057][T25487] [ 1730.945862][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1730.953896][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1732.430072][T25507] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1734.342653][T25517] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4101'. [ 1737.000142][T25549] FAULT_INJECTION: forcing a failure. [ 1737.000142][T25549] name failslab, interval 1, probability 0, space 0, times 0 [ 1737.131194][T25549] CPU: 0 UID: 0 PID: 25549 Comm: syz.0.4107 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1737.131236][T25549] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1737.131245][T25549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1737.131261][T25549] Call Trace: [ 1737.131269][T25549] [ 1737.131278][T25549] dump_stack_lvl+0x100/0x190 [ 1737.131321][T25549] should_fail_ex.cold+0x5/0xa [ 1737.131351][T25549] should_failslab+0xc2/0x120 [ 1737.131377][T25549] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1737.131416][T25549] ? __d_alloc+0x34/0xa80 [ 1737.131449][T25549] __d_alloc+0x34/0xa80 [ 1737.131480][T25549] d_alloc_pseudo+0x1c/0xc0 [ 1737.131514][T25549] alloc_file_pseudo+0xcf/0x230 [ 1737.131548][T25549] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1737.131588][T25549] __shmem_file_setup+0x221/0x490 [ 1737.131622][T25549] ? __pfx___shmem_file_setup+0x10/0x10 [ 1737.131661][T25549] ? vm_area_alloc+0x1f/0x160 [ 1737.131702][T25549] shmem_zero_setup+0x96/0x1b0 [ 1737.131742][T25549] __mmap_region+0x2198/0x29e0 [ 1737.131783][T25549] ? __pfx___mmap_region+0x10/0x10 [ 1737.131822][T25549] ? __lock_acquire+0x4a5/0x2630 [ 1737.131856][T25549] ? set_next_entity+0x11e/0x9c0 [ 1737.131896][T25549] ? __lock_acquire+0x4a5/0x2630 [ 1737.131927][T25549] ? find_held_lock+0x2b/0x80 [ 1737.131962][T25549] ? find_held_lock+0x2b/0x80 [ 1737.131984][T25549] ? finish_task_switch.isra.0+0x200/0xb80 [ 1737.132010][T25549] ? finish_task_switch.isra.0+0x200/0xb80 [ 1737.132048][T25549] ? trace_sched_exit_tp+0x13a/0x180 [ 1737.132077][T25549] ? __schedule+0x1000/0x6120 [ 1737.132141][T25549] ? rcu_is_watching+0x12/0xc0 [ 1737.132184][T25549] ? cap_capable+0x107/0x460 [ 1737.132224][T25549] mmap_region+0x180/0x3e0 [ 1737.132267][T25549] do_mmap+0xc63/0x12f0 [ 1737.132300][T25549] ? __pfx_do_mmap+0x10/0x10 [ 1737.132327][T25549] ? __pfx_down_write_killable+0x10/0x10 [ 1737.132369][T25549] vm_mmap_pgoff+0x29e/0x470 [ 1737.132402][T25549] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1737.132432][T25549] ? do_futex+0x192/0x350 [ 1737.132464][T25549] ? __pfx_do_futex+0x10/0x10 [ 1737.132501][T25549] ksys_mmap_pgoff+0xe1/0x650 [ 1737.132528][T25549] ? __x64_sys_futex+0x34f/0x4d0 [ 1737.132558][T25549] ? __x64_sys_futex+0x358/0x4d0 [ 1737.132591][T25549] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1737.132617][T25549] ? xfd_validate_state+0x129/0x190 [ 1737.132658][T25549] __x64_sys_mmap+0x125/0x190 [ 1737.132698][T25549] do_syscall_64+0x106/0xf80 [ 1737.132728][T25549] ? clear_bhb_loop+0x40/0x90 [ 1737.132758][T25549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1737.132784][T25549] RIP: 0033:0x7f26a819c799 [ 1737.132805][T25549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1737.132829][T25549] RSP: 002b:00007f26a90ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1737.132853][T25549] RAX: ffffffffffffffda RBX: 00007f26a8416180 RCX: 00007f26a819c799 [ 1737.132870][T25549] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1737.132885][T25549] RBP: 00007f26a8232c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1737.132901][T25549] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1737.132916][T25549] R13: 00007f26a8416218 R14: 00007f26a8416180 R15: 00007fff9ad6d318 [ 1737.132948][T25549] [ 1737.916361][T25545] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1739.933325][T25566] FAULT_INJECTION: forcing a failure. [ 1739.933325][T25566] name failslab, interval 1, probability 0, space 0, times 0 [ 1740.077350][T25566] CPU: 0 UID: 0 PID: 25566 Comm: syz.0.4111 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1740.077393][T25566] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1740.077412][T25566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1740.077427][T25566] Call Trace: [ 1740.077436][T25566] [ 1740.077446][T25566] dump_stack_lvl+0x100/0x190 [ 1740.077488][T25566] should_fail_ex.cold+0x5/0xa [ 1740.077517][T25566] should_failslab+0xc2/0x120 [ 1740.077544][T25566] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1740.077583][T25566] ? __d_alloc+0x34/0xa80 [ 1740.077617][T25566] __d_alloc+0x34/0xa80 [ 1740.077647][T25566] d_alloc_pseudo+0x1c/0xc0 [ 1740.077682][T25566] alloc_file_pseudo+0xcf/0x230 [ 1740.077715][T25566] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1740.077755][T25566] __shmem_file_setup+0x221/0x490 [ 1740.077790][T25566] ? __pfx___shmem_file_setup+0x10/0x10 [ 1740.077829][T25566] ? vm_area_alloc+0x1f/0x160 [ 1740.077866][T25566] shmem_zero_setup+0x96/0x1b0 [ 1740.077906][T25566] __mmap_region+0x2198/0x29e0 [ 1740.077947][T25566] ? __pfx___mmap_region+0x10/0x10 [ 1740.077986][T25566] ? __lock_acquire+0x4a5/0x2630 [ 1740.078020][T25566] ? set_next_entity+0x11e/0x9c0 [ 1740.078060][T25566] ? __lock_acquire+0x4a5/0x2630 [ 1740.078090][T25566] ? find_held_lock+0x2b/0x80 [ 1740.078125][T25566] ? find_held_lock+0x2b/0x80 [ 1740.078147][T25566] ? finish_task_switch.isra.0+0x200/0xb80 [ 1740.078173][T25566] ? finish_task_switch.isra.0+0x200/0xb80 [ 1740.078211][T25566] ? trace_sched_exit_tp+0x13a/0x180 [ 1740.078240][T25566] ? __schedule+0x1000/0x6120 [ 1740.078304][T25566] ? rcu_is_watching+0x12/0xc0 [ 1740.078342][T25566] ? cap_capable+0x107/0x460 [ 1740.078381][T25566] mmap_region+0x180/0x3e0 [ 1740.078430][T25566] do_mmap+0xc63/0x12f0 [ 1740.078463][T25566] ? __pfx_do_mmap+0x10/0x10 [ 1740.078490][T25566] ? __pfx_down_write_killable+0x10/0x10 [ 1740.078532][T25566] vm_mmap_pgoff+0x29e/0x470 [ 1740.078565][T25566] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1740.078595][T25566] ? do_futex+0x192/0x350 [ 1740.078626][T25566] ? __pfx_do_futex+0x10/0x10 [ 1740.078663][T25566] ksys_mmap_pgoff+0xe1/0x650 [ 1740.078690][T25566] ? __x64_sys_futex+0x34f/0x4d0 [ 1740.078721][T25566] ? __x64_sys_futex+0x358/0x4d0 [ 1740.078753][T25566] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1740.078780][T25566] ? xfd_validate_state+0x129/0x190 [ 1740.078821][T25566] __x64_sys_mmap+0x125/0x190 [ 1740.078861][T25566] do_syscall_64+0x106/0xf80 [ 1740.078890][T25566] ? clear_bhb_loop+0x40/0x90 [ 1740.078921][T25566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1740.078946][T25566] RIP: 0033:0x7f26a819c799 [ 1740.078967][T25566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1740.078992][T25566] RSP: 002b:00007f26a90ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1740.079016][T25566] RAX: ffffffffffffffda RBX: 00007f26a8415fa0 RCX: 00007f26a819c799 [ 1740.079033][T25566] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1740.079048][T25566] RBP: 00007f26a8232c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1740.079065][T25566] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1740.079080][T25566] R13: 00007f26a8416038 R14: 00007f26a8415fa0 R15: 00007fff9ad6d318 [ 1740.079112][T25566] [ 1747.407690][T25629] FAULT_INJECTION: forcing a failure. [ 1747.407690][T25629] name failslab, interval 1, probability 0, space 0, times 0 [ 1747.506141][T25629] CPU: 0 UID: 0 PID: 25629 Comm: syz.1.4125 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1747.506184][T25629] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1747.506194][T25629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1747.506209][T25629] Call Trace: [ 1747.506217][T25629] [ 1747.506228][T25629] dump_stack_lvl+0x100/0x190 [ 1747.506269][T25629] should_fail_ex.cold+0x5/0xa [ 1747.506298][T25629] should_failslab+0xc2/0x120 [ 1747.506324][T25629] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1747.506363][T25629] ? __d_alloc+0x34/0xa80 [ 1747.506390][T25629] ? lockdep_init_map_type+0x5c/0x250 [ 1747.506428][T25629] __d_alloc+0x34/0xa80 [ 1747.506459][T25629] d_alloc_pseudo+0x1c/0xc0 [ 1747.506493][T25629] alloc_file_pseudo+0xcf/0x230 [ 1747.506526][T25629] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1747.506558][T25629] ? alloc_fd+0x476/0x790 [ 1747.506587][T25629] sock_alloc_file+0x50/0x210 [ 1747.506620][T25629] __sys_socket+0x1c0/0x260 [ 1747.506644][T25629] ? __pfx___sys_socket+0x10/0x10 [ 1747.506676][T25629] __x64_sys_socket+0x72/0xb0 [ 1747.506697][T25629] ? lockdep_hardirqs_on+0x78/0x100 [ 1747.506728][T25629] do_syscall_64+0x106/0xf80 [ 1747.506766][T25629] ? clear_bhb_loop+0x40/0x90 [ 1747.506797][T25629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1747.506823][T25629] RIP: 0033:0x7fbc1079c799 [ 1747.506843][T25629] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1747.506868][T25629] RSP: 002b:00007fbc0e9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1747.506892][T25629] RAX: ffffffffffffffda RBX: 00007fbc10a16090 RCX: 00007fbc1079c799 [ 1747.506909][T25629] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1747.506924][T25629] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1747.506940][T25629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1747.506955][T25629] R13: 00007fbc10a16128 R14: 00007fbc10a16090 R15: 00007ffe3da6e8b8 [ 1747.506986][T25629] [ 1750.828427][T25666] FAULT_INJECTION: forcing a failure. [ 1750.828427][T25666] name failslab, interval 1, probability 0, space 0, times 0 [ 1750.904566][T25666] CPU: 0 UID: 0 PID: 25666 Comm: syz.1.4132 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1750.904609][T25666] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1750.904619][T25666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1750.904635][T25666] Call Trace: [ 1750.904643][T25666] [ 1750.904653][T25666] dump_stack_lvl+0x100/0x190 [ 1750.904695][T25666] should_fail_ex.cold+0x5/0xa [ 1750.904728][T25666] should_failslab+0xc2/0x120 [ 1750.904754][T25666] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1750.904792][T25666] ? alloc_empty_file+0x55/0x1c0 [ 1750.904829][T25666] alloc_empty_file+0x55/0x1c0 [ 1750.904861][T25666] alloc_file_pseudo+0x13a/0x230 [ 1750.904894][T25666] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1750.904941][T25666] __shmem_file_setup+0x221/0x490 [ 1750.904977][T25666] ? __pfx___shmem_file_setup+0x10/0x10 [ 1750.905017][T25666] ? vm_area_alloc+0x1f/0x160 [ 1750.905054][T25666] shmem_zero_setup+0x96/0x1b0 [ 1750.905095][T25666] __mmap_region+0x2198/0x29e0 [ 1750.905135][T25666] ? __pfx___mmap_region+0x10/0x10 [ 1750.905171][T25666] ? update_cfs_rq_load_avg+0x51/0x550 [ 1750.905247][T25666] ? finish_task_switch.isra.0+0x2c6/0xb80 [ 1750.905275][T25666] ? rcu_is_watching+0x12/0xc0 [ 1750.905347][T25666] ? rcu_is_watching+0x12/0xc0 [ 1750.905384][T25666] ? cap_capable+0x107/0x460 [ 1750.905423][T25666] mmap_region+0x180/0x3e0 [ 1750.905466][T25666] do_mmap+0xc63/0x12f0 [ 1750.905498][T25666] ? __pfx_do_mmap+0x10/0x10 [ 1750.905526][T25666] ? __pfx_down_write_killable+0x10/0x10 [ 1750.905567][T25666] vm_mmap_pgoff+0x29e/0x470 [ 1750.905608][T25666] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1750.905638][T25666] ? do_futex+0x192/0x350 [ 1750.905670][T25666] ? __pfx_do_futex+0x10/0x10 [ 1750.905708][T25666] ksys_mmap_pgoff+0xe1/0x650 [ 1750.905735][T25666] ? __x64_sys_futex+0x34f/0x4d0 [ 1750.905765][T25666] ? __x64_sys_futex+0x358/0x4d0 [ 1750.905797][T25666] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1750.905823][T25666] ? xfd_validate_state+0x129/0x190 [ 1750.905864][T25666] __x64_sys_mmap+0x125/0x190 [ 1750.905903][T25666] do_syscall_64+0x106/0xf80 [ 1750.905939][T25666] ? clear_bhb_loop+0x40/0x90 [ 1750.905969][T25666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1750.905995][T25666] RIP: 0033:0x7fbc1079c799 [ 1750.906016][T25666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1750.906040][T25666] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1750.906063][T25666] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1750.906080][T25666] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1750.906096][T25666] RBP: 00007fbc10832c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1750.906112][T25666] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1750.906128][T25666] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1750.906159][T25666] [ 1752.884750][T25666] openvswitch: netlink: Key type 261 is out of range max 32 [ 1759.716310][T25753] netlink: 326 bytes leftover after parsing attributes in process `syz.0.4153'. [ 1759.795287][T25753] bridge0: port 2(bridge_slave_1) entered disabled state [ 1759.802705][T25753] bridge0: port 1(bridge_slave_0) entered disabled state [ 1761.998049][T25766] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 1762.142257][T25766] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 1762.150326][T25766] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 1762.283576][T25766] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 1762.358558][T25766] page dumped because: unmovable page [ 1762.466669][T25766] page_owner info is not present (never set?) [ 1763.416389][T25787] FAULT_INJECTION: forcing a failure. [ 1763.416389][T25787] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1763.598670][T25787] CPU: 0 UID: 0 PID: 25787 Comm: syz.1.4161 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1763.598711][T25787] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1763.598720][T25787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1763.598735][T25787] Call Trace: [ 1763.598743][T25787] [ 1763.598753][T25787] dump_stack_lvl+0x100/0x190 [ 1763.598793][T25787] should_fail_ex.cold+0x5/0xa [ 1763.598828][T25787] get_futex_key+0x107c/0x1620 [ 1763.598861][T25787] ? __pfx_get_futex_key+0x10/0x10 [ 1763.598887][T25787] ? lock_acquire+0x1cf/0x380 [ 1763.598927][T25787] futex_wake+0xea/0x530 [ 1763.598964][T25787] ? __pfx_futex_wake+0x10/0x10 [ 1763.599000][T25787] ? exit_mm_release+0x19/0x30 [ 1763.599037][T25787] do_futex+0x32b/0x350 [ 1763.599068][T25787] ? __pfx_do_futex+0x10/0x10 [ 1763.599096][T25787] ? __might_fault+0xc5/0x140 [ 1763.599136][T25787] mm_release+0x24a/0x2f0 [ 1763.599161][T25787] do_exit+0x704/0x2b60 [ 1763.599196][T25787] ? __pfx_do_exit+0x10/0x10 [ 1763.599226][T25787] ? do_raw_spin_lock+0x128/0x260 [ 1763.599260][T25787] ? find_held_lock+0x2b/0x80 [ 1763.599282][T25787] ? get_signal+0x7e0/0x21e0 [ 1763.599309][T25787] do_group_exit+0xd5/0x2a0 [ 1763.599344][T25787] get_signal+0x1ec7/0x21e0 [ 1763.599375][T25787] ? do_user_addr_fault+0x8d6/0x12f0 [ 1763.599416][T25787] ? __pfx_get_signal+0x10/0x10 [ 1763.599442][T25787] ? do_futex+0x192/0x350 [ 1763.599475][T25787] arch_do_signal_or_restart+0x91/0x770 [ 1763.599507][T25787] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1763.599545][T25787] ? __pfx___x64_sys_futex+0x10/0x10 [ 1763.599582][T25787] exit_to_user_mode_loop+0x86/0x4a0 [ 1763.599617][T25787] do_syscall_64+0x668/0xf80 [ 1763.599646][T25787] ? clear_bhb_loop+0x40/0x90 [ 1763.599676][T25787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1763.599700][T25787] RIP: 0033:0x7fbc1079c799 [ 1763.599720][T25787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1763.599743][T25787] RSP: 002b:00007fbc0e9f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1763.599766][T25787] RAX: fffffffffffffe00 RBX: 00007fbc10a16098 RCX: 00007fbc1079c799 [ 1763.599782][T25787] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbc10a16098 [ 1763.599797][T25787] RBP: 00007fbc10a16090 R08: 0000000000000000 R09: 0000000000000000 [ 1763.599832][T25787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1763.599846][T25787] R13: 00007fbc10a16128 R14: 00007ffe3da6e7d0 R15: 00007ffe3da6e8b8 [ 1763.599877][T25787] [ 1766.910314][T25808] netlink: 326 bytes leftover after parsing attributes in process `syz.2.4166'. [ 1766.972584][T25808] bridge0: port 2(bridge_slave_1) entered disabled state [ 1766.980345][T25808] bridge0: port 1(bridge_slave_0) entered disabled state [ 1768.110587][T24568] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1768.118396][T24568] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff [ 1770.355322][T25799] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 1770.451438][T25799] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 1770.534110][T25799] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 1770.596640][T25799] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 1770.655986][T25799] page dumped because: unmovable page [ 1770.661424][T25799] page_owner info is not present (never set?) [ 1773.344042][T25856] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4178'. [ 1773.483868][T25859] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4178'. [ 1774.329810][T25870] openvswitch: netlink: Key type 261 is out of range max 32 [ 1778.073371][T24568] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 1778.452604][T24568] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 1778.461838][T24568] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 1778.478008][T24568] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 1778.478037][T24568] Bluetooth: hci1: adv larger than maximum supported [ 1778.486652][T24568] Bluetooth: hci1: adv larger than maximum supported [ 1778.494238][T24568] Bluetooth: hci1: Unknown advertising packet type: 0x1e [ 1778.501178][T24568] Bluetooth: hci1: Malformed LE Event: 0x0d [ 1778.599282][T25910] FAULT_INJECTION: forcing a failure. [ 1778.599282][T25910] name failslab, interval 1, probability 0, space 0, times 0 [ 1778.712736][T25910] CPU: 0 UID: 0 PID: 25910 Comm: syz.0.4190 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1778.712778][T25910] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1778.712788][T25910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1778.712803][T25910] Call Trace: [ 1778.712812][T25910] [ 1778.712822][T25910] dump_stack_lvl+0x100/0x190 [ 1778.712864][T25910] should_fail_ex.cold+0x5/0xa [ 1778.712893][T25910] should_failslab+0xc2/0x120 [ 1778.712919][T25910] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1778.712958][T25910] ? __d_alloc+0x34/0xa80 [ 1778.712991][T25910] __d_alloc+0x34/0xa80 [ 1778.713022][T25910] d_alloc_pseudo+0x1c/0xc0 [ 1778.713056][T25910] alloc_file_pseudo+0xcf/0x230 [ 1778.713097][T25910] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1778.713137][T25910] __shmem_file_setup+0x221/0x490 [ 1778.713173][T25910] ? __pfx___shmem_file_setup+0x10/0x10 [ 1778.713212][T25910] ? vm_area_alloc+0x1f/0x160 [ 1778.713249][T25910] shmem_zero_setup+0x96/0x1b0 [ 1778.713290][T25910] __mmap_region+0x2198/0x29e0 [ 1778.713331][T25910] ? __pfx___mmap_region+0x10/0x10 [ 1778.713369][T25910] ? __lock_acquire+0x4a5/0x2630 [ 1778.713404][T25910] ? set_next_entity+0x11e/0x9c0 [ 1778.713444][T25910] ? __lock_acquire+0x4a5/0x2630 [ 1778.713474][T25910] ? find_held_lock+0x2b/0x80 [ 1778.713509][T25910] ? find_held_lock+0x2b/0x80 [ 1778.713530][T25910] ? finish_task_switch.isra.0+0x200/0xb80 [ 1778.713557][T25910] ? finish_task_switch.isra.0+0x200/0xb80 [ 1778.713595][T25910] ? trace_sched_exit_tp+0x13a/0x180 [ 1778.713644][T25910] ? __schedule+0x1000/0x6120 [ 1778.713709][T25910] ? rcu_is_watching+0x12/0xc0 [ 1778.713747][T25910] ? cap_capable+0x107/0x460 [ 1778.713787][T25910] mmap_region+0x180/0x3e0 [ 1778.713830][T25910] do_mmap+0xc63/0x12f0 [ 1778.713863][T25910] ? __pfx_do_mmap+0x10/0x10 [ 1778.713890][T25910] ? __pfx_down_write_killable+0x10/0x10 [ 1778.713932][T25910] vm_mmap_pgoff+0x29e/0x470 [ 1778.713966][T25910] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1778.713996][T25910] ? do_futex+0x192/0x350 [ 1778.714028][T25910] ? __pfx_do_futex+0x10/0x10 [ 1778.714065][T25910] ksys_mmap_pgoff+0xe1/0x650 [ 1778.714096][T25910] ? __x64_sys_futex+0x34f/0x4d0 [ 1778.714127][T25910] ? __x64_sys_futex+0x358/0x4d0 [ 1778.714159][T25910] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1778.714186][T25910] ? xfd_validate_state+0x129/0x190 [ 1778.714228][T25910] __x64_sys_mmap+0x125/0x190 [ 1778.714268][T25910] do_syscall_64+0x106/0xf80 [ 1778.714297][T25910] ? clear_bhb_loop+0x40/0x90 [ 1778.714328][T25910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1778.714353][T25910] RIP: 0033:0x7f26a819c799 [ 1778.714373][T25910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1778.714398][T25910] RSP: 002b:00007f26a90ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1778.714421][T25910] RAX: ffffffffffffffda RBX: 00007f26a8415fa0 RCX: 00007f26a819c799 [ 1778.714437][T25910] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1778.714452][T25910] RBP: 00007f26a8232c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1778.714469][T25910] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1778.714483][T25910] R13: 00007f26a8416038 R14: 00007f26a8415fa0 R15: 00007fff9ad6d318 [ 1778.714515][T25910] [ 1779.570010][T25916] openvswitch: netlink: Key type 261 is out of range max 32 [ 1779.738725][T25919] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4191'. [ 1780.162947][T25913] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4191'. [ 1781.836018][T25940] FAULT_INJECTION: forcing a failure. [ 1781.836018][T25940] name failslab, interval 1, probability 0, space 0, times 0 [ 1781.938234][T25940] CPU: 0 UID: 0 PID: 25940 Comm: syz.0.4196 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1781.938275][T25940] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1781.938285][T25940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1781.938300][T25940] Call Trace: [ 1781.938309][T25940] [ 1781.938318][T25940] dump_stack_lvl+0x100/0x190 [ 1781.938361][T25940] should_fail_ex.cold+0x5/0xa [ 1781.938390][T25940] ? lsm_blob_alloc+0x68/0x90 [ 1781.938421][T25940] should_failslab+0xc2/0x120 [ 1781.938447][T25940] __kmalloc_noprof+0xe0/0x850 [ 1781.938484][T25940] ? trace_kmalloc+0x101/0x130 [ 1781.938514][T25940] lsm_blob_alloc+0x68/0x90 [ 1781.938544][T25940] security_sk_alloc+0x2d/0x290 [ 1781.938583][T25940] sk_prot_alloc+0x12a/0x2a0 [ 1781.938622][T25940] sk_alloc+0x36/0xe80 [ 1781.938658][T25940] __netlink_create+0x5e/0x2c0 [ 1781.938686][T25940] ? __wake_up+0x3f/0x60 [ 1781.938715][T25940] netlink_create+0x293/0x610 [ 1781.938743][T25940] ? __pfx_genl_bind+0x10/0x10 [ 1781.938777][T25940] ? __pfx_genl_unbind+0x10/0x10 [ 1781.938810][T25940] ? __pfx_genl_release+0x10/0x10 [ 1781.938849][T25940] __sock_create+0x339/0x860 [ 1781.938894][T25940] __sys_socket+0x14d/0x260 [ 1781.938917][T25940] ? __pfx___sys_socket+0x10/0x10 [ 1781.938948][T25940] __x64_sys_socket+0x72/0xb0 [ 1781.938969][T25940] ? lockdep_hardirqs_on+0x78/0x100 [ 1781.939000][T25940] do_syscall_64+0x106/0xf80 [ 1781.939029][T25940] ? clear_bhb_loop+0x40/0x90 [ 1781.939060][T25940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1781.939086][T25940] RIP: 0033:0x7f26a819e007 [ 1781.939107][T25940] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1781.939131][T25940] RSP: 002b:00007f26a90ecf98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 1781.939155][T25940] RAX: ffffffffffffffda RBX: 00007f26a8415fa0 RCX: 00007f26a819e007 [ 1781.939171][T25940] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1781.939186][T25940] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 1781.939201][T25940] R10: 0000200000000240 R11: 0000000000000286 R12: 0000000000000000 [ 1781.939217][T25940] R13: 00007f26a8416038 R14: 00007f26a8415fa0 R15: 00007fff9ad6d318 [ 1781.939253][T25940] [ 1782.529212][T25947] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4198'. [ 1782.634871][T25954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4198'. [ 1782.869687][T25957] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4200'. [ 1790.650138][T26019] FAULT_INJECTION: forcing a failure. [ 1790.650138][T26019] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1790.924943][T26019] CPU: 0 UID: 0 PID: 26019 Comm: syz.0.4210 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1790.924985][T26019] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1790.924995][T26019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1790.925010][T26019] Call Trace: [ 1790.925022][T26019] [ 1790.925032][T26019] dump_stack_lvl+0x100/0x190 [ 1790.925076][T26019] should_fail_ex.cold+0x5/0xa [ 1790.925106][T26019] _copy_from_iter+0x1f4/0x1690 [ 1790.925139][T26019] ? __pfx__copy_from_iter+0x10/0x10 [ 1790.925170][T26019] ? __pfx___might_resched+0x10/0x10 [ 1790.925214][T26019] file_tty_write.isra.0+0x45b/0x890 [ 1790.925257][T26019] redirected_tty_write+0xd4/0x120 [ 1790.925291][T26019] vfs_write+0x6ac/0x1070 [ 1790.925339][T26019] ? __pfx_redirected_tty_write+0x10/0x10 [ 1790.925374][T26019] ? __pfx_vfs_write+0x10/0x10 [ 1790.925410][T26019] ? find_held_lock+0x2b/0x80 [ 1790.925452][T26019] ksys_write+0x12a/0x250 [ 1790.925474][T26019] ? __pfx_ksys_write+0x10/0x10 [ 1790.925505][T26019] do_syscall_64+0x106/0xf80 [ 1790.925535][T26019] ? clear_bhb_loop+0x40/0x90 [ 1790.925565][T26019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1790.925590][T26019] RIP: 0033:0x7f26a819c799 [ 1790.925611][T26019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1790.925636][T26019] RSP: 002b:00007f26a90cd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1790.925660][T26019] RAX: ffffffffffffffda RBX: 00007f26a8416090 RCX: 00007f26a819c799 [ 1790.925677][T26019] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000009 [ 1790.925693][T26019] RBP: 00007f26a8232c99 R08: 0000000000000000 R09: 0000000000000000 [ 1790.925709][T26019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1790.925725][T26019] R13: 00007f26a8416128 R14: 00007f26a8416090 R15: 00007fff9ad6d318 [ 1790.925757][T26019] [ 1792.421283][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1792.428137][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1794.165209][T26045] random: crng reseeded on system resumption [ 1795.009184][T26053] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1795.015827][T26053] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1795.108947][T26053] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1795.160759][T26053] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1796.510643][T26078] FAULT_INJECTION: forcing a failure. [ 1796.510643][T26078] name failslab, interval 1, probability 0, space 0, times 0 [ 1796.681140][T26078] CPU: 0 UID: 0 PID: 26078 Comm: syz.1.4222 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1796.681183][T26078] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1796.681192][T26078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1796.681207][T26078] Call Trace: [ 1796.681215][T26078] [ 1796.681225][T26078] dump_stack_lvl+0x100/0x190 [ 1796.681268][T26078] should_fail_ex.cold+0x5/0xa [ 1796.681298][T26078] should_failslab+0xc2/0x120 [ 1796.681323][T26078] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1796.681361][T26078] ? alloc_empty_file+0x55/0x1c0 [ 1796.681397][T26078] alloc_empty_file+0x55/0x1c0 [ 1796.681429][T26078] alloc_file_pseudo+0x13a/0x230 [ 1796.681461][T26078] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1796.681502][T26078] __shmem_file_setup+0x221/0x490 [ 1796.681538][T26078] ? __pfx___shmem_file_setup+0x10/0x10 [ 1796.681578][T26078] ? vm_area_alloc+0x1f/0x160 [ 1796.681614][T26078] shmem_zero_setup+0x96/0x1b0 [ 1796.681656][T26078] __mmap_region+0x2198/0x29e0 [ 1796.681697][T26078] ? __pfx___mmap_region+0x10/0x10 [ 1796.681734][T26078] ? update_cfs_rq_load_avg+0x51/0x550 [ 1796.681809][T26078] ? lockdep_hardirqs_on+0x78/0x100 [ 1796.681849][T26078] ? finish_task_switch.isra.0+0x205/0xb80 [ 1796.681878][T26078] ? rcu_is_watching+0x12/0xc0 [ 1796.682144][T26078] ? rcu_is_watching+0x12/0xc0 [ 1796.682182][T26078] ? cap_capable+0x107/0x460 [ 1796.682223][T26078] mmap_region+0x180/0x3e0 [ 1796.682267][T26078] do_mmap+0xc63/0x12f0 [ 1796.682336][T26078] ? __pfx_do_mmap+0x10/0x10 [ 1796.682364][T26078] ? __pfx_down_write_killable+0x10/0x10 [ 1796.682407][T26078] vm_mmap_pgoff+0x29e/0x470 [ 1796.682442][T26078] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1796.682472][T26078] ? do_futex+0x192/0x350 [ 1796.682504][T26078] ? __pfx_do_futex+0x10/0x10 [ 1796.682541][T26078] ksys_mmap_pgoff+0xe1/0x650 [ 1796.682567][T26078] ? __x64_sys_futex+0x34f/0x4d0 [ 1796.682599][T26078] ? __x64_sys_futex+0x358/0x4d0 [ 1796.682631][T26078] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1796.682658][T26078] ? xfd_validate_state+0x129/0x190 [ 1796.682700][T26078] __x64_sys_mmap+0x125/0x190 [ 1796.682739][T26078] do_syscall_64+0x106/0xf80 [ 1796.682769][T26078] ? clear_bhb_loop+0x40/0x90 [ 1796.682812][T26078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1796.682839][T26078] RIP: 0033:0x7fbc1079c799 [ 1796.682861][T26078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1796.682892][T26078] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1796.682916][T26078] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1796.682934][T26078] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1796.682959][T26078] RBP: 00007fbc10832c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1796.682976][T26078] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1796.682992][T26078] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1796.683024][T26078] [ 1797.165416][T26065] program syz.0.4217 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1797.518619][T24568] Bluetooth: hci1: command 0x0c1a tx timeout [ 1797.524971][T24568] Bluetooth: hci4: command 0x0c1a tx timeout [ 1797.535778][T24568] Bluetooth: hci2: command 0x040f tx timeout [ 1797.542382][T24568] Bluetooth: hci3: command 0x0c1a tx timeout [ 1797.635309][T26084] openvswitch: netlink: Key type 261 is out of range max 32 [ 1799.441856][T26096] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4226'. [ 1799.505567][T26096] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4226'. [ 1802.086269][T26114] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4232'. [ 1802.205595][T26114] i: entered promiscuous mode [ 1803.057958][T26128] FAULT_INJECTION: forcing a failure. [ 1803.057958][T26128] name failslab, interval 1, probability 0, space 0, times 0 [ 1803.318776][T26128] CPU: 0 UID: 0 PID: 26128 Comm: syz.1.4233 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1803.318820][T26128] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1803.318830][T26128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1803.318846][T26128] Call Trace: [ 1803.318854][T26128] [ 1803.318864][T26128] dump_stack_lvl+0x100/0x190 [ 1803.318908][T26128] should_fail_ex.cold+0x5/0xa [ 1803.318939][T26128] should_failslab+0xc2/0x120 [ 1803.318966][T26128] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1803.319004][T26128] ? rpc_new_task+0x729/0x9d0 [ 1803.319053][T26128] rpc_new_task+0x729/0x9d0 [ 1803.319092][T26128] ? __pfx_mempool_free_slab+0x10/0x10 [ 1803.319121][T26128] ? __pfx_rpc_new_task+0x10/0x10 [ 1803.319169][T26128] rpc_run_task+0x1e/0x660 [ 1803.319211][T26128] rpc_call_sync+0xd2/0x1a0 [ 1803.319236][T26128] ? __pfx_rpc_call_sync+0x10/0x10 [ 1803.319267][T26128] ? net_generic+0xea/0x2a0 [ 1803.319308][T26128] rpcb_register+0x262/0x530 [ 1803.319344][T26128] ? __pfx_rpcb_register+0x10/0x10 [ 1803.319390][T26128] ? wake_up_q+0xae/0x130 [ 1803.319420][T26128] svc_unregister+0x5a2/0x820 [ 1803.319461][T26128] ? svc_close_list+0xd3/0x110 [ 1803.319496][T26128] svc_rpcb_cleanup+0x1c/0x30 [ 1803.319531][T26128] svc_xprt_destroy_all+0x455/0x4e0 [ 1803.319569][T26128] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1803.319604][T26128] ? __pfx_svc_xprt_destroy_all+0x10/0x10 [ 1803.319637][T26128] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1803.319687][T26128] nfsd_destroy_serv+0x1a8/0x4e0 [ 1803.319724][T26128] ? do_raw_spin_lock+0x128/0x260 [ 1803.319786][T26128] ? __pfx_nfsd_destroy_serv+0x10/0x10 [ 1803.319824][T26128] ? __nla_parse+0x40/0x60 [ 1803.319862][T26128] nfsd_nl_listener_set_doit+0x822/0x1a80 [ 1803.319895][T26128] ? rcu_is_watching+0x12/0xc0 [ 1803.319934][T26128] ? trace_kmalloc+0x101/0x130 [ 1803.319960][T26128] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 1803.319992][T26128] ? __nla_parse+0x40/0x60 [ 1803.320026][T26128] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 1803.320067][T26128] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 1803.320116][T26128] genl_family_rcv_msg_doit+0x214/0x300 [ 1803.320161][T26128] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1803.320204][T26128] ? genl_get_cmd+0x3ef/0x720 [ 1803.320248][T26128] ? bpf_lsm_capable+0x9/0x10 [ 1803.320274][T26128] ? security_capable+0x80/0x260 [ 1803.320314][T26128] genl_rcv_msg+0x560/0x800 [ 1803.320355][T26128] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1803.320394][T26128] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 1803.320432][T26128] netlink_rcv_skb+0x159/0x420 [ 1803.320466][T26128] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1803.320505][T26128] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1803.320551][T26128] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1803.320588][T26128] genl_rcv+0x28/0x40 [ 1803.320622][T26128] netlink_unicast+0x5aa/0x870 [ 1803.320660][T26128] ? __pfx_netlink_unicast+0x10/0x10 [ 1803.320710][T26128] netlink_sendmsg+0x8b0/0xda0 [ 1803.320750][T26128] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1803.320782][T26128] ? __import_iovec+0x1d2/0x640 [ 1803.320811][T26128] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1803.320851][T26128] ____sys_sendmsg+0x9e1/0xb70 [ 1803.320888][T26128] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1803.320925][T26128] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1803.320969][T26128] ? __pfx_futex_wake_mark+0x10/0x10 [ 1803.321012][T26128] ___sys_sendmsg+0x190/0x1e0 [ 1803.321053][T26128] ? __pfx____sys_sendmsg+0x10/0x10 [ 1803.321129][T26128] __sys_sendmsg+0x170/0x220 [ 1803.321160][T26128] ? __pfx___sys_sendmsg+0x10/0x10 [ 1803.321194][T26128] ? __x64_sys_futex+0x34f/0x4d0 [ 1803.321248][T26128] do_syscall_64+0x106/0xf80 [ 1803.321278][T26128] ? clear_bhb_loop+0x40/0x90 [ 1803.321308][T26128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1803.321334][T26128] RIP: 0033:0x7fbc1079c799 [ 1803.321356][T26128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1803.321381][T26128] RSP: 002b:00007fbc0e9d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1803.321405][T26128] RAX: ffffffffffffffda RBX: 00007fbc10a16180 RCX: 00007fbc1079c799 [ 1803.321421][T26128] RDX: 0000000020000000 RSI: 0000200000005380 RDI: 0000000000000010 [ 1803.321437][T26128] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1803.321453][T26128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1803.321468][T26128] R13: 00007fbc10a16218 R14: 00007fbc10a16180 R15: 00007ffe3da6e8b8 [ 1803.321501][T26128] [ 1803.796528][T26135] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4236'. [ 1806.056885][T26147] FAULT_INJECTION: forcing a failure. [ 1806.056885][T26147] name failslab, interval 1, probability 0, space 0, times 0 [ 1806.157164][T26147] CPU: 0 UID: 0 PID: 26147 Comm: syz.0.4238 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1806.157206][T26147] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1806.157217][T26147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1806.157232][T26147] Call Trace: [ 1806.157241][T26147] [ 1806.157251][T26147] dump_stack_lvl+0x100/0x190 [ 1806.157292][T26147] should_fail_ex.cold+0x5/0xa [ 1806.157323][T26147] should_failslab+0xc2/0x120 [ 1806.157349][T26147] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1806.157387][T26147] ? do_epoll_ctl+0xc6c/0x36a0 [ 1806.157413][T26147] ? percpu_counter_add_batch+0xb9/0x230 [ 1806.157459][T26147] do_epoll_ctl+0xc6c/0x36a0 [ 1806.157484][T26147] ? io_uring_setup+0xd7/0x160 [ 1806.157594][T26147] ? ksys_write+0x190/0x250 [ 1806.157625][T26147] ? __pfx_do_epoll_ctl+0x10/0x10 [ 1806.157650][T26147] ? find_held_lock+0x2b/0x80 [ 1806.157673][T26147] ? __might_fault+0xc5/0x140 [ 1806.157707][T26147] ? __might_fault+0xc5/0x140 [ 1806.157752][T26147] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 1806.157777][T26147] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 1806.157805][T26147] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 1806.157841][T26147] do_syscall_64+0x106/0xf80 [ 1806.157871][T26147] ? clear_bhb_loop+0x40/0x90 [ 1806.157902][T26147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1806.157928][T26147] RIP: 0033:0x7f26a819c799 [ 1806.157948][T26147] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1806.157972][T26147] RSP: 002b:00007f26a90ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 1806.157996][T26147] RAX: ffffffffffffffda RBX: 00007f26a8415fa0 RCX: 00007f26a819c799 [ 1806.158012][T26147] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 1806.158027][T26147] RBP: 00007f26a8232c99 R08: 0000000000000000 R09: 0000000000000000 [ 1806.158043][T26147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1806.158066][T26147] R13: 00007f26a8416038 R14: 00007f26a8415fa0 R15: 00007fff9ad6d318 [ 1806.158098][T26147] [ 1807.417677][T26159] FAULT_INJECTION: forcing a failure. [ 1807.417677][T26159] name failslab, interval 1, probability 0, space 0, times 0 [ 1807.486441][T26159] CPU: 0 UID: 0 PID: 26159 Comm: syz.1.4242 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1807.486482][T26159] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1807.486492][T26159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1807.486507][T26159] Call Trace: [ 1807.486515][T26159] [ 1807.486524][T26159] dump_stack_lvl+0x100/0x190 [ 1807.486565][T26159] should_fail_ex.cold+0x5/0xa [ 1807.486594][T26159] should_failslab+0xc2/0x120 [ 1807.486621][T26159] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1807.486653][T26159] ? io_uring_alloc_task_context+0xa7/0x54b [ 1807.486699][T26159] io_uring_alloc_task_context+0xa7/0x54b [ 1807.486739][T26159] ? file_init_path+0x48e/0x670 [ 1807.486769][T26159] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 1807.486809][T26159] ? alloc_file_pseudo+0x1a5/0x230 [ 1807.486857][T26159] __io_uring_add_tctx_node.cold+0x10/0x195 [ 1807.486897][T26159] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1807.487049][T26159] ? __anon_inode_getfile+0x17c/0x280 [ 1807.487083][T26159] io_uring_setup.cold+0x1a25/0x1d09 [ 1807.487124][T26159] ? __pfx_io_uring_setup+0x10/0x10 [ 1807.487159][T26159] ? __pfx_do_futex+0x10/0x10 [ 1807.487205][T26159] ? xfd_validate_state+0x129/0x190 [ 1807.487249][T26159] __x64_sys_io_uring_setup+0xc2/0x170 [ 1807.487281][T26159] do_syscall_64+0x106/0xf80 [ 1807.487310][T26159] ? clear_bhb_loop+0x40/0x90 [ 1807.487341][T26159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1807.487366][T26159] RIP: 0033:0x7fbc1079c799 [ 1807.487386][T26159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1807.487411][T26159] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1807.487434][T26159] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1807.487451][T26159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 1807.487466][T26159] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1807.487482][T26159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1807.487497][T26159] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1807.487529][T26159] [ 1809.344709][T26161] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1809.459551][T26161] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1809.531143][T26161] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1809.579282][T26171] HfR: entered promiscuous mode [ 1809.642021][T26161] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1809.718019][T26179] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4245'. [ 1809.919685][T26179] HfR: left promiscuous mode [ 1811.375365][T21305] Bluetooth: hci4: command 0x0c1a tx timeout [ 1811.537396][T21305] Bluetooth: hci2: command 0x040f tx timeout [ 1811.543495][T24568] Bluetooth: hci1: command 0x0c1a tx timeout [ 1811.696526][T21305] Bluetooth: hci3: command 0x0c1a tx timeout [ 1811.938148][T26208] FAULT_INJECTION: forcing a failure. [ 1811.938148][T26208] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1812.021714][T26208] CPU: 0 UID: 0 PID: 26208 Comm: syz.0.4253 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1812.021755][T26208] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1812.021766][T26208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1812.021786][T26208] Call Trace: [ 1812.021795][T26208] [ 1812.021804][T26208] dump_stack_lvl+0x100/0x190 [ 1812.021848][T26208] should_fail_ex.cold+0x5/0xa [ 1812.021877][T26208] get_futex_key+0x1d2/0x1620 [ 1812.021920][T26208] ? __pfx_get_futex_key+0x10/0x10 [ 1812.021960][T26208] futex_wake+0xea/0x530 [ 1812.021994][T26208] ? lockdep_hardirqs_on+0x78/0x100 [ 1812.022029][T26208] ? __pfx_futex_wake+0x10/0x10 [ 1812.022070][T26208] ? kfree+0x1f6/0x6b0 [ 1812.022106][T26208] ? __asan_memset+0x23/0x50 [ 1812.022144][T26208] ? sctp_setsockopt+0x168/0xb370 [ 1812.022257][T26208] do_futex+0x32b/0x350 [ 1812.022290][T26208] ? __pfx_do_futex+0x10/0x10 [ 1812.022320][T26208] ? do_sock_setsockopt+0x101/0x1d0 [ 1812.022356][T26208] ? rcu_is_watching+0x12/0xc0 [ 1812.022393][T26208] ? do_sock_setsockopt+0x101/0x1d0 [ 1812.022427][T26208] ? kfree+0x2ec/0x6b0 [ 1812.022462][T26208] __x64_sys_futex+0x34f/0x4d0 [ 1812.022499][T26208] ? __pfx___x64_sys_futex+0x10/0x10 [ 1812.022532][T26208] ? __sys_setsockopt+0x139/0x190 [ 1812.022570][T26208] do_syscall_64+0x106/0xf80 [ 1812.022603][T26208] ? clear_bhb_loop+0x40/0x90 [ 1812.022633][T26208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1812.022660][T26208] RIP: 0033:0x7f26a819c799 [ 1812.022681][T26208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1812.022706][T26208] RSP: 002b:00007f26a90ee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1812.022729][T26208] RAX: ffffffffffffffda RBX: 00007f26a8415fa8 RCX: 00007f26a819c799 [ 1812.022747][T26208] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f26a8415fac [ 1812.022762][T26208] RBP: 00007f26a8415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1812.022777][T26208] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1812.022792][T26208] R13: 00007f26a8416038 R14: 00007fff9ad6d230 R15: 00007fff9ad6d318 [ 1812.022823][T26208] [ 1812.488899][T26209] overlayfs: missing 'lowerdir' [ 1812.556805][T26208] random: crng reseeded on system resumption [ 1813.194981][T26202] FAULT_INJECTION: forcing a failure. [ 1813.194981][T26202] name failslab, interval 1, probability 0, space 0, times 0 [ 1813.470194][T26202] CPU: 0 UID: 0 PID: 26202 Comm: syz.1.4249 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1813.470236][T26202] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1813.470246][T26202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1813.470261][T26202] Call Trace: [ 1813.470277][T26202] [ 1813.470288][T26202] dump_stack_lvl+0x100/0x190 [ 1813.470330][T26202] should_fail_ex.cold+0x5/0xa [ 1813.470360][T26202] should_failslab+0xc2/0x120 [ 1813.470387][T26202] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1813.470420][T26202] ? kobject_uevent_env+0x263/0x18b0 [ 1813.470474][T26202] ? kobject_init_and_add+0x129/0x180 [ 1813.470517][T26202] kobject_uevent_env+0x263/0x18b0 [ 1813.470567][T26202] rpc_sysfs_client_setup+0x233/0x310 [ 1813.470604][T26202] ? __pfx_rpc_sysfs_client_setup+0x10/0x10 [ 1813.470644][T26202] rpc_new_client+0x924/0x1360 [ 1813.470691][T26202] rpc_create_xprt+0xd9/0x440 [ 1813.470717][T26202] rpc_create+0x46e/0x7f0 [ 1813.470742][T26202] ? __pfx_rpc_create+0x10/0x10 [ 1813.470775][T26202] ? __lock_acquire+0x4a5/0x2630 [ 1813.470829][T26202] ? trace_contention_end+0x140/0x180 [ 1813.470872][T26202] rpcb_create_local_net+0x11b/0x310 [ 1813.470907][T26202] ? __pfx_rpcb_create_local_net+0x10/0x10 [ 1813.470957][T26202] ? rpcb_create_local+0x1da/0x270 [ 1813.470990][T26202] ? rpcb_create_local+0x1da/0x270 [ 1813.471030][T26202] rpcb_create_local+0x22d/0x270 [ 1813.471067][T26202] svc_bind+0x1e8/0x260 [ 1813.471106][T26202] nfsd_create_serv+0x2da/0x4a0 [ 1813.471144][T26202] ? __pfx_nfsd_create_serv+0x10/0x10 [ 1813.471182][T26202] ? __nla_validate_parse+0x1e7/0x28b0 [ 1813.471221][T26202] nfsd_nl_listener_set_doit+0xdd/0x1a80 [ 1813.471254][T26202] ? rcu_is_watching+0x12/0xc0 [ 1813.471298][T26202] ? trace_kmalloc+0x101/0x130 [ 1813.471325][T26202] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 1813.471353][T26202] ? __nla_parse+0x40/0x60 [ 1813.471388][T26202] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 1813.471428][T26202] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 1813.471473][T26202] genl_family_rcv_msg_doit+0x214/0x300 [ 1813.471515][T26202] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1813.471553][T26202] ? genl_get_cmd+0x3ef/0x720 [ 1813.471595][T26202] ? bpf_lsm_capable+0x9/0x10 [ 1813.471620][T26202] ? security_capable+0x80/0x260 [ 1813.471660][T26202] genl_rcv_msg+0x560/0x800 [ 1813.471701][T26202] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1813.471739][T26202] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 1813.471777][T26202] netlink_rcv_skb+0x159/0x420 [ 1813.471810][T26202] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1813.471849][T26202] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1813.471895][T26202] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1813.471931][T26202] genl_rcv+0x28/0x40 [ 1813.471963][T26202] netlink_unicast+0x5aa/0x870 [ 1813.472001][T26202] ? __pfx_netlink_unicast+0x10/0x10 [ 1813.472046][T26202] netlink_sendmsg+0x8b0/0xda0 [ 1813.472084][T26202] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1813.472116][T26202] ? __import_iovec+0x1d2/0x640 [ 1813.472145][T26202] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1813.472185][T26202] ____sys_sendmsg+0x9e1/0xb70 [ 1813.472220][T26202] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1813.472257][T26202] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1813.472307][T26202] ? __pfx_futex_wake_mark+0x10/0x10 [ 1813.472351][T26202] ___sys_sendmsg+0x190/0x1e0 [ 1813.472393][T26202] ? __pfx____sys_sendmsg+0x10/0x10 [ 1813.472470][T26202] __sys_sendmsg+0x170/0x220 [ 1813.472502][T26202] ? __pfx___sys_sendmsg+0x10/0x10 [ 1813.472532][T26202] ? __x64_sys_futex+0x34f/0x4d0 [ 1813.472581][T26202] do_syscall_64+0x106/0xf80 [ 1813.472636][T26202] ? clear_bhb_loop+0x40/0x90 [ 1813.472668][T26202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1813.472694][T26202] RIP: 0033:0x7fbc1079c799 [ 1813.472716][T26202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1813.472741][T26202] RSP: 002b:00007fbc0e9d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1813.472839][T26202] RAX: ffffffffffffffda RBX: 00007fbc10a16180 RCX: 00007fbc1079c799 [ 1813.472859][T26202] RDX: 0000000020000000 RSI: 0000200000005380 RDI: 0000000000000010 [ 1813.472878][T26202] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1813.472896][T26202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1813.472914][T26202] R13: 00007fbc10a16218 R14: 00007fbc10a16180 R15: 00007ffe3da6e8b8 [ 1813.472966][T26202] [ 1815.662418][T26221] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input120 [ 1816.176413][T19252] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1816.561519][T19252] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1816.977103][T19252] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1817.335195][T19252] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1817.575036][T24568] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1817.592174][T24568] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1817.602711][T24568] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1817.611180][T24568] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1817.624560][T24568] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1818.845874][T19252] bridge_slave_1: left allmulticast mode [ 1818.880901][T19252] bridge_slave_1: left promiscuous mode [ 1818.925617][T19252] bridge0: port 2(bridge_slave_1) entered disabled state [ 1818.985509][T19252] bridge_slave_0: left allmulticast mode [ 1819.036583][T19252] bridge_slave_0: left promiscuous mode [ 1819.077350][T19252] bridge0: port 1(bridge_slave_0) entered disabled state [ 1819.702212][T24568] Bluetooth: hci0: command tx timeout [ 1820.276692][T19252] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1820.391794][T19252] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1820.438072][T19252] bond0 (unregistering): Released all slaves [ 1820.985419][T19252] i: left promiscuous mode [ 1821.782285][T24568] Bluetooth: hci0: command tx timeout [ 1822.329442][T19252] hsr_slave_0: left promiscuous mode [ 1822.430944][T19252] hsr_slave_1: left promiscuous mode [ 1822.474287][T19252] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1822.531215][T19252] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1822.668876][T19252] veth1_macvtap: left promiscuous mode [ 1822.691609][T19252] veth0_macvtap: left promiscuous mode [ 1822.697269][T19252] veth1_vlan: left promiscuous mode [ 1822.763917][T19252] veth0_vlan: left promiscuous mode [ 1822.772706][T26299] __vm_enough_memory: pid: 26299, comm: syz.3.4271, bytes: 4398046511104 not enough memory for the allocation [ 1823.861581][T24568] Bluetooth: hci0: command tx timeout [ 1824.266314][T19252] team0 (unregistering): Port device team_slave_1 removed [ 1824.413261][T19252] team0 (unregistering): Port device team_slave_0 removed [ 1825.244642][T26242] chnl_net:caif_netlink_parms(): no params data found [ 1825.942632][T24568] Bluetooth: hci0: command tx timeout [ 1826.780433][T26242] bridge0: port 1(bridge_slave_0) entered blocking state [ 1826.824693][T26242] bridge0: port 1(bridge_slave_0) entered disabled state [ 1826.831942][T26242] bridge_slave_0: entered allmulticast mode [ 1826.942950][T26242] bridge_slave_0: entered promiscuous mode [ 1827.002061][T26242] bridge0: port 2(bridge_slave_1) entered blocking state [ 1827.059646][T26242] bridge0: port 2(bridge_slave_1) entered disabled state [ 1827.115803][T26242] bridge_slave_1: entered allmulticast mode [ 1827.169590][T26242] bridge_slave_1: entered promiscuous mode [ 1828.085961][T26242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1828.201820][T26242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1828.502345][T26242] team0: Port device team_slave_0 added [ 1828.567646][T26242] team0: Port device team_slave_1 added [ 1829.062534][T26242] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1829.125961][T26242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1829.308147][T26242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1829.385150][T26242] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1829.427653][T26242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1829.592526][T26242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1830.095518][T26242] hsr_slave_0: entered promiscuous mode [ 1830.155464][T26242] hsr_slave_1: entered promiscuous mode [ 1830.188770][T26242] debugfs: 'hsr0' already exists in 'hsr' [ 1830.255037][T26242] Cannot create hsr debugfs directory [ 1830.717368][T26372] futex_wake_op: syz.1.4281 tries to shift op by -2048; fix this program [ 1830.794262][T26372] 0x000000000001-0x000000020000 : "" [ 1830.924610][T26372] ftl_cs: FTL header corrupt! [ 1833.402480][T26408] openvswitch: netlink: Key type 261 is out of range max 32 [ 1834.891651][T26242] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1835.032315][T26242] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1835.131093][T26242] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1835.593863][T26426] FAULT_INJECTION: forcing a failure. [ 1835.593863][T26426] name failslab, interval 1, probability 0, space 0, times 0 [ 1835.736462][T26426] CPU: 0 UID: 0 PID: 26426 Comm: syz.1.4288 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1835.736504][T26426] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1835.736515][T26426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1835.736537][T26426] Call Trace: [ 1835.736546][T26426] [ 1835.736557][T26426] dump_stack_lvl+0x100/0x190 [ 1835.736604][T26426] should_fail_ex.cold+0x5/0xa [ 1835.736634][T26426] should_failslab+0xc2/0x120 [ 1835.736662][T26426] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1835.736701][T26426] ? skb_clone+0x190/0x400 [ 1835.736742][T26426] skb_clone+0x190/0x400 [ 1835.736776][T26426] netlink_deliver_tap+0xaed/0xcc0 [ 1835.736825][T26426] netlink_unicast+0x650/0x870 [ 1835.736876][T26426] ? __pfx_netlink_unicast+0x10/0x10 [ 1835.736921][T26426] netlink_sendmsg+0x8b0/0xda0 [ 1835.736963][T26426] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1835.736995][T26426] ? __import_iovec+0x1d2/0x640 [ 1835.737025][T26426] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1835.737066][T26426] ____sys_sendmsg+0x9e1/0xb70 [ 1835.737101][T26426] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1835.737138][T26426] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1835.737182][T26426] ? __pfx_futex_wake_mark+0x10/0x10 [ 1835.737226][T26426] ___sys_sendmsg+0x190/0x1e0 [ 1835.737269][T26426] ? __pfx____sys_sendmsg+0x10/0x10 [ 1835.737346][T26426] __sys_sendmsg+0x170/0x220 [ 1835.737378][T26426] ? __pfx___sys_sendmsg+0x10/0x10 [ 1835.737412][T26426] ? __x64_sys_futex+0x34f/0x4d0 [ 1835.737462][T26426] do_syscall_64+0x106/0xf80 [ 1835.737493][T26426] ? clear_bhb_loop+0x40/0x90 [ 1835.737524][T26426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1835.737551][T26426] RIP: 0033:0x7fbc1079c799 [ 1835.737571][T26426] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1835.737595][T26426] RSP: 002b:00007fbc0e9f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1835.737618][T26426] RAX: ffffffffffffffda RBX: 00007fbc10a16090 RCX: 00007fbc1079c799 [ 1835.737635][T26426] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000009 [ 1835.737650][T26426] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1835.737666][T26426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1835.737681][T26426] R13: 00007fbc10a16128 R14: 00007fbc10a16090 R15: 00007ffe3da6e8b8 [ 1835.737713][T26426] [ 1837.451361][T26242] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1839.112007][T26242] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1839.245329][T26242] 8021q: adding VLAN 0 to HW filter on device team0 [ 1839.362366][T19254] bridge0: port 1(bridge_slave_0) entered blocking state [ 1839.370440][T19254] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1839.486448][T19260] bridge0: port 2(bridge_slave_1) entered blocking state [ 1839.493668][T19260] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1840.784452][T26242] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1841.076127][T26242] veth0_vlan: entered promiscuous mode [ 1841.167476][T26242] veth1_vlan: entered promiscuous mode [ 1841.353575][T26242] veth0_macvtap: entered promiscuous mode [ 1841.436859][T26242] veth1_macvtap: entered promiscuous mode [ 1841.558618][T26242] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1841.666534][T26242] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1841.799438][T19255] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1841.862450][T19255] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1844.259998][T19255] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1844.330358][T19255] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1845.084291][T19255] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1845.150317][T19255] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1846.262263][T19256] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1846.293087][T19256] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1848.485853][T26551] netlink: 472 bytes leftover after parsing attributes in process `syz.0.4301'. [ 1848.641797][T26551] FAULT_INJECTION: forcing a failure. [ 1848.641797][T26551] name failslab, interval 1, probability 0, space 0, times 0 [ 1848.791755][T26551] CPU: 0 UID: 0 PID: 26551 Comm: syz.0.4301 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1848.791797][T26551] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1848.791807][T26551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1848.791822][T26551] Call Trace: [ 1848.791831][T26551] [ 1848.791841][T26551] dump_stack_lvl+0x100/0x190 [ 1848.791883][T26551] should_fail_ex.cold+0x5/0xa [ 1848.791913][T26551] should_failslab+0xc2/0x120 [ 1848.791940][T26551] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1848.791978][T26551] ? __kernfs_new_node+0xd2/0x960 [ 1848.792015][T26551] ? kstrdup+0xb3/0xe0 [ 1848.792056][T26551] __kernfs_new_node+0xd2/0x960 [ 1848.792095][T26551] ? __pfx___kernfs_new_node+0x10/0x10 [ 1848.792138][T26551] ? find_held_lock+0x2b/0x80 [ 1848.792161][T26551] ? kernfs_root+0xee/0x2a0 [ 1848.792194][T26551] ? kernfs_root+0xee/0x2a0 [ 1848.792235][T26551] kernfs_new_node+0x11b/0x1a0 [ 1848.792279][T26551] __kernfs_create_file+0x53/0x350 [ 1848.792311][T26551] cgroup_addrm_files+0x4d8/0xb90 [ 1848.792363][T26551] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 1848.792412][T26551] ? css_next_child+0xcf/0x2e0 [ 1848.792448][T26551] ? css_next_descendant_pre+0x58/0x1a0 [ 1848.792486][T26551] css_populate_dir+0x3c4/0x590 [ 1848.792527][T26551] cgroup_mkdir+0x563/0x1330 [ 1848.792572][T26551] ? __pfx_cgroup_mkdir+0x10/0x10 [ 1848.792613][T26551] kernfs_iop_mkdir+0x111/0x190 [ 1848.792651][T26551] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 1848.792689][T26551] vfs_mkdir+0x361/0x850 [ 1848.792728][T26551] filename_mkdirat+0x48b/0x5e0 [ 1848.792763][T26551] ? __pfx_filename_mkdirat+0x10/0x10 [ 1848.792790][T26551] ? strncpy_from_user+0x19d/0x2d0 [ 1848.792834][T26551] ? do_getname+0x191/0x390 [ 1848.792868][T26551] __x64_sys_mkdirat+0x89/0xc0 [ 1848.792895][T26551] do_syscall_64+0x106/0xf80 [ 1848.792926][T26551] ? clear_bhb_loop+0x40/0x90 [ 1848.792957][T26551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1848.792983][T26551] RIP: 0033:0x7f1aa579c799 [ 1848.793003][T26551] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1848.793028][T26551] RSP: 002b:00007f1aa6682028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1848.793051][T26551] RAX: ffffffffffffffda RBX: 00007f1aa5a15fa0 RCX: 00007f1aa579c799 [ 1848.793068][T26551] RDX: 0000000000000009 RSI: 0000200000000080 RDI: 000000000000000a [ 1848.793083][T26551] RBP: 00007f1aa5832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1848.793098][T26551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1848.793113][T26551] R13: 00007f1aa5a16038 R14: 00007f1aa5a15fa0 R15: 00007ffef61052d8 [ 1848.793145][T26551] [ 1849.128310][T26551] cgroup: cgroup_addrm_files: failed to add cgroup.threads, err=-12 [ 1850.044831][T26565] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4303'. [ 1853.820231][T26603] futex_wake_op: syz.0.4312 tries to shift op by -2048; fix this program [ 1853.882380][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1853.891778][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1853.904450][T26603] 0x000000000001-0x000000020000 : "" [ 1854.089013][T26603] ftl_cs: FTL header corrupt! [ 1854.312264][T26605] GUP no longer grows the stack in syz.1.4311 (26605): 14000-41000 (4000) [ 1854.456439][T26605] CPU: 0 UID: 0 PID: 26605 Comm: syz.1.4311 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1854.456480][T26605] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1854.456490][T26605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1854.456505][T26605] Call Trace: [ 1854.456514][T26605] [ 1854.456523][T26605] dump_stack_lvl+0x100/0x190 [ 1854.456576][T26605] gup_vma_lookup.cold+0x83/0x96 [ 1854.456614][T26605] __get_user_pages+0x241/0x34d0 [ 1854.456650][T26605] ? down_read_killable+0x30e/0x4c0 [ 1854.456687][T26605] ? __lock_acquire+0x4a5/0x2630 [ 1854.456718][T26605] ? __pfx___get_user_pages+0x10/0x10 [ 1854.456758][T26605] __gup_longterm_locked+0x87d/0x16f0 [ 1854.456795][T26605] ? __pfx___gup_longterm_locked+0x10/0x10 [ 1854.456827][T26605] ? try_get_folio+0x262/0x750 [ 1854.456851][T26605] ? find_held_lock+0x2b/0x80 [ 1854.456875][T26605] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 1854.456908][T26605] gup_fast_fallback+0x18c6/0x2460 [ 1854.456958][T26605] ? __pfx_gup_fast_fallback+0x10/0x10 [ 1854.456986][T26605] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1854.457014][T26605] ? is_bpf_text_address+0x94/0x1a0 [ 1854.457055][T26605] ? __kernel_text_address+0xd/0x30 [ 1854.457091][T26605] ? unwind_get_return_address+0x59/0xa0 [ 1854.457123][T26605] pin_user_pages_fast+0xa7/0xf0 [ 1854.457152][T26605] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 1854.457189][T26605] iov_iter_extract_pages+0xa0d/0x1ef0 [ 1854.457222][T26605] ? __blkdev_direct_IO_simple+0x112/0x890 [ 1854.457254][T26605] ? kasan_save_stack+0x3f/0x50 [ 1854.457291][T26605] ? kasan_save_stack+0x30/0x50 [ 1854.457328][T26605] ? kasan_save_track+0x14/0x30 [ 1854.457366][T26605] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 1854.457389][T26605] ? blkdev_direct_IO+0xc76/0x1fb0 [ 1854.457419][T26605] ? blkdev_write_iter+0x703/0xd70 [ 1854.457448][T26605] ? vfs_write+0x6ac/0x1070 [ 1854.457490][T26605] ? __lock_acquire+0x4a5/0x2630 [ 1854.457527][T26605] iov_iter_extract_bvecs+0x10e/0xf40 [ 1854.457564][T26605] ? find_held_lock+0x2b/0x80 [ 1854.457586][T26605] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 1854.457686][T26605] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 1854.457715][T26605] ? bio_associate_blkg_from_css+0x550/0x13f0 [ 1854.457759][T26605] bio_iov_iter_get_pages+0x26a/0x970 [ 1854.457810][T26605] __blkdev_direct_IO_simple+0x3a7/0x890 [ 1854.457849][T26605] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 1854.457907][T26605] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 1854.457938][T26605] ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300 [ 1854.457977][T26605] blkdev_direct_IO+0xc76/0x1fb0 [ 1854.458039][T26605] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 1854.458071][T26605] ? rcu_is_watching+0x12/0xc0 [ 1854.458109][T26605] ? __mark_inode_dirty+0x55c/0x1790 [ 1854.458145][T26605] ? filemap_check_errors+0xa9/0x150 [ 1854.458181][T26605] blkdev_write_iter+0x703/0xd70 [ 1854.458219][T26605] vfs_write+0x6ac/0x1070 [ 1854.458277][T26605] ? __pfx_blkdev_write_iter+0x10/0x10 [ 1854.458321][T26605] ? __pfx_vfs_write+0x10/0x10 [ 1854.458358][T26605] ? find_held_lock+0x2b/0x80 [ 1854.458400][T26605] ksys_write+0x12a/0x250 [ 1854.458422][T26605] ? __pfx_ksys_write+0x10/0x10 [ 1854.458453][T26605] do_syscall_64+0x106/0xf80 [ 1854.458483][T26605] ? clear_bhb_loop+0x40/0x90 [ 1854.458515][T26605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1854.458541][T26605] RIP: 0033:0x7fbc1079c799 [ 1854.458568][T26605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1854.458592][T26605] RSP: 002b:00007fbc0e9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1854.458616][T26605] RAX: ffffffffffffffda RBX: 00007fbc10a16090 RCX: 00007fbc1079c799 [ 1854.458633][T26605] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000004 [ 1854.458649][T26605] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1854.458665][T26605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1854.458680][T26605] R13: 00007fbc10a16128 R14: 00007fbc10a16090 R15: 00007ffe3da6e8b8 [ 1854.458712][T26605] [ 1856.713607][T26613] FAULT_INJECTION: forcing a failure. [ 1856.713607][T26613] name failslab, interval 1, probability 0, space 0, times 0 [ 1856.784629][T26613] CPU: 0 UID: 0 PID: 26613 Comm: syz.3.4313 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1856.784671][T26613] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1856.784681][T26613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1856.784695][T26613] Call Trace: [ 1856.784704][T26613] [ 1856.784713][T26613] dump_stack_lvl+0x100/0x190 [ 1856.784755][T26613] should_fail_ex.cold+0x5/0xa [ 1856.784784][T26613] ? __register_sysctl_table+0xbe4/0x1650 [ 1856.784825][T26613] should_failslab+0xc2/0x120 [ 1856.784859][T26613] __kmalloc_noprof+0xe0/0x850 [ 1856.784903][T26613] __register_sysctl_table+0xbe4/0x1650 [ 1856.784951][T26613] ? __pfx___register_sysctl_table+0x10/0x10 [ 1856.784997][T26613] ? is_module_address+0x69/0xf0 [ 1856.785029][T26613] ? register_net_sysctl_sz+0x222/0x430 [ 1856.785146][T26613] __devinet_sysctl_register+0x1b9/0x360 [ 1856.785186][T26613] ? trace_kmalloc+0x101/0x130 [ 1856.785212][T26613] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 1856.785254][T26613] ? __asan_memcpy+0x3c/0x60 [ 1856.785291][T26613] devinet_init_net+0x303/0x8d0 [ 1856.785328][T26613] ? __pfx_devinet_init_net+0x10/0x10 [ 1856.785363][T26613] ops_init+0x1e2/0x5f0 [ 1856.785398][T26613] setup_net+0x118/0x3a0 [ 1856.785430][T26613] ? __pfx_setup_net+0x10/0x10 [ 1856.785461][T26613] ? lockdep_init_map_type+0x5c/0x250 [ 1856.785495][T26613] ? mutex_init_lockep+0x110/0x150 [ 1856.785533][T26613] copy_net_ns+0x46f/0x7c0 [ 1856.785571][T26613] create_new_namespaces+0x3ea/0xac0 [ 1856.785604][T26613] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1856.785636][T26613] ksys_unshare+0x473/0xad0 [ 1856.785670][T26613] ? __pfx_ksys_unshare+0x10/0x10 [ 1856.785712][T26613] __x64_sys_unshare+0x31/0x40 [ 1856.785742][T26613] do_syscall_64+0x106/0xf80 [ 1856.785772][T26613] ? clear_bhb_loop+0x40/0x90 [ 1856.785802][T26613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1856.785829][T26613] RIP: 0033:0x7fcbf6d9c799 [ 1856.785850][T26613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1856.785875][T26613] RSP: 002b:00007fcbf7bbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1856.785899][T26613] RAX: ffffffffffffffda RBX: 00007fcbf7015fa0 RCX: 00007fcbf6d9c799 [ 1856.785916][T26613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 1856.785932][T26613] RBP: 00007fcbf6e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 1856.785948][T26613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1856.785963][T26613] R13: 00007fcbf7016038 R14: 00007fcbf7015fa0 R15: 00007ffe651803a8 [ 1856.786001][T26613] [ 1857.107583][T26613] sysctl could not get directory: /net/ipv4/conf -12 [ 1857.176419][T26635] futex_wake_op: syz.0.4318 tries to shift op by -2048; fix this program [ 1857.186814][T26635] 0x000000000001-0x000000020000 : "" [ 1857.470551][T26635] ftl_cs: FTL header corrupt! [ 1859.270653][T26651] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4322'. [ 1861.767022][T26671] FAULT_INJECTION: forcing a failure. [ 1861.767022][T26671] name failslab, interval 1, probability 0, space 0, times 0 [ 1862.059950][T26671] CPU: 0 UID: 0 PID: 26671 Comm: syz.1.4324 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1862.059993][T26671] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1862.060003][T26671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1862.060018][T26671] Call Trace: [ 1862.060033][T26671] [ 1862.060044][T26671] dump_stack_lvl+0x100/0x190 [ 1862.060086][T26671] should_fail_ex.cold+0x5/0xa [ 1862.060115][T26671] should_failslab+0xc2/0x120 [ 1862.060142][T26671] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1862.060179][T26671] ? rpc_new_task+0x729/0x9d0 [ 1862.060227][T26671] rpc_new_task+0x729/0x9d0 [ 1862.060266][T26671] ? __pfx_mempool_free_slab+0x10/0x10 [ 1862.060294][T26671] ? __pfx_rpc_new_task+0x10/0x10 [ 1862.060343][T26671] rpc_run_task+0x1e/0x660 [ 1862.060385][T26671] rpc_call_sync+0xd2/0x1a0 [ 1862.060410][T26671] ? __pfx_rpc_call_sync+0x10/0x10 [ 1862.060441][T26671] ? net_generic+0xea/0x2a0 [ 1862.060481][T26671] rpcb_register+0x262/0x530 [ 1862.060517][T26671] ? __pfx_rpcb_register+0x10/0x10 [ 1862.060561][T26671] ? find_held_lock+0x2b/0x80 [ 1862.060599][T26671] svc_unregister+0x5a2/0x820 [ 1862.060642][T26671] ? svc_close_list+0xd3/0x110 [ 1862.060678][T26671] svc_rpcb_cleanup+0x1c/0x30 [ 1862.060714][T26671] svc_xprt_destroy_all+0x455/0x4e0 [ 1862.060751][T26671] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1862.060787][T26671] ? __pfx_svc_xprt_destroy_all+0x10/0x10 [ 1862.060820][T26671] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1862.060862][T26671] nfsd_destroy_serv+0x1a8/0x4e0 [ 1862.060899][T26671] ? do_raw_spin_lock+0x128/0x260 [ 1862.060936][T26671] ? __pfx_nfsd_destroy_serv+0x10/0x10 [ 1862.060974][T26671] ? __nla_parse+0x40/0x60 [ 1862.061010][T26671] nfsd_nl_listener_set_doit+0x822/0x1a80 [ 1862.061049][T26671] ? rcu_is_watching+0x12/0xc0 [ 1862.061087][T26671] ? trace_kmalloc+0x101/0x130 [ 1862.061114][T26671] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 1862.061142][T26671] ? __nla_parse+0x40/0x60 [ 1862.061178][T26671] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 1862.061219][T26671] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 1862.061264][T26671] genl_family_rcv_msg_doit+0x214/0x300 [ 1862.061306][T26671] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1862.061346][T26671] ? genl_get_cmd+0x3ef/0x720 [ 1862.061489][T26671] ? bpf_lsm_capable+0x9/0x10 [ 1862.061516][T26671] ? security_capable+0x80/0x260 [ 1862.061558][T26671] genl_rcv_msg+0x560/0x800 [ 1862.061600][T26671] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1862.061640][T26671] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 1862.061679][T26671] netlink_rcv_skb+0x159/0x420 [ 1862.061714][T26671] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1862.061753][T26671] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1862.061799][T26671] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1862.061836][T26671] genl_rcv+0x28/0x40 [ 1862.061871][T26671] netlink_unicast+0x5aa/0x870 [ 1862.061910][T26671] ? __pfx_netlink_unicast+0x10/0x10 [ 1862.061956][T26671] netlink_sendmsg+0x8b0/0xda0 [ 1862.061995][T26671] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1862.062028][T26671] ? __import_iovec+0x1d2/0x640 [ 1862.062056][T26671] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1862.062096][T26671] ____sys_sendmsg+0x9e1/0xb70 [ 1862.062133][T26671] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1862.062170][T26671] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1862.062214][T26671] ? __pfx_futex_wake_mark+0x10/0x10 [ 1862.062258][T26671] ___sys_sendmsg+0x190/0x1e0 [ 1862.062301][T26671] ? __pfx____sys_sendmsg+0x10/0x10 [ 1862.062385][T26671] __sys_sendmsg+0x170/0x220 [ 1862.062419][T26671] ? __pfx___sys_sendmsg+0x10/0x10 [ 1862.062450][T26671] ? __x64_sys_futex+0x34f/0x4d0 [ 1862.062501][T26671] do_syscall_64+0x106/0xf80 [ 1862.062531][T26671] ? clear_bhb_loop+0x40/0x90 [ 1862.062563][T26671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1862.062589][T26671] RIP: 0033:0x7fbc1079c799 [ 1862.062611][T26671] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1862.062635][T26671] RSP: 002b:00007fbc0e9d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1862.062659][T26671] RAX: ffffffffffffffda RBX: 00007fbc10a16180 RCX: 00007fbc1079c799 [ 1862.062675][T26671] RDX: 0000000020000000 RSI: 0000200000005380 RDI: 0000000000000010 [ 1862.062692][T26671] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1862.062708][T26671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1862.062723][T26671] R13: 00007fbc10a16218 R14: 00007fbc10a16180 R15: 00007ffe3da6e8b8 [ 1862.062756][T26671] [ 1862.562842][T26678] misc userio: Invalid payload size [ 1863.481543][T26681] can: request_module (can-proto-0) failed. [ 1864.127651][T26688] zswap: compressor not available [ 1864.799950][T24568] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 1864.799985][T24568] Bluetooth: hci0: unexpected subevent 0x06 length: 725 > 10 [ 1866.565735][T26718] FAULT_INJECTION: forcing a failure. [ 1866.565735][T26718] name failslab, interval 1, probability 0, space 0, times 0 [ 1866.673040][T26718] CPU: 0 UID: 0 PID: 26718 Comm: syz.1.4335 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1866.673083][T26718] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1866.673093][T26718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1866.673108][T26718] Call Trace: [ 1866.673117][T26718] [ 1866.673127][T26718] dump_stack_lvl+0x100/0x190 [ 1866.673170][T26718] should_fail_ex.cold+0x5/0xa [ 1866.673200][T26718] should_failslab+0xc2/0x120 [ 1866.673230][T26718] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1866.673269][T26718] ? __d_alloc+0x34/0xa80 [ 1866.673303][T26718] __d_alloc+0x34/0xa80 [ 1866.673333][T26718] d_alloc_pseudo+0x1c/0xc0 [ 1866.673369][T26718] alloc_file_pseudo+0xcf/0x230 [ 1866.673402][T26718] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1866.673443][T26718] __shmem_file_setup+0x221/0x490 [ 1866.673477][T26718] ? __pfx___shmem_file_setup+0x10/0x10 [ 1866.673517][T26718] ? vm_area_alloc+0x1f/0x160 [ 1866.673553][T26718] shmem_zero_setup+0x96/0x1b0 [ 1866.673593][T26718] __mmap_region+0x2198/0x29e0 [ 1866.673635][T26718] ? __pfx___mmap_region+0x10/0x10 [ 1866.673672][T26718] ? __lock_acquire+0x4a5/0x2630 [ 1866.673707][T26718] ? set_next_entity+0x11e/0x9c0 [ 1866.673747][T26718] ? __lock_acquire+0x4a5/0x2630 [ 1866.673778][T26718] ? find_held_lock+0x2b/0x80 [ 1866.673813][T26718] ? find_held_lock+0x2b/0x80 [ 1866.673834][T26718] ? finish_task_switch.isra.0+0x200/0xb80 [ 1866.673860][T26718] ? finish_task_switch.isra.0+0x200/0xb80 [ 1866.673898][T26718] ? trace_sched_exit_tp+0x13a/0x180 [ 1866.673928][T26718] ? __schedule+0x1000/0x6120 [ 1866.673998][T26718] ? rcu_is_watching+0x12/0xc0 [ 1866.674036][T26718] ? cap_capable+0x107/0x460 [ 1866.674077][T26718] mmap_region+0x180/0x3e0 [ 1866.674119][T26718] do_mmap+0xc63/0x12f0 [ 1866.674152][T26718] ? __pfx_do_mmap+0x10/0x10 [ 1866.674179][T26718] ? __pfx_down_write_killable+0x10/0x10 [ 1866.674220][T26718] vm_mmap_pgoff+0x29e/0x470 [ 1866.674253][T26718] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1866.674283][T26718] ? do_futex+0x192/0x350 [ 1866.674316][T26718] ? __pfx_do_futex+0x10/0x10 [ 1866.674353][T26718] ksys_mmap_pgoff+0xe1/0x650 [ 1866.674380][T26718] ? __x64_sys_futex+0x34f/0x4d0 [ 1866.674411][T26718] ? __x64_sys_futex+0x358/0x4d0 [ 1866.674443][T26718] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1866.674469][T26718] ? xfd_validate_state+0x129/0x190 [ 1866.674511][T26718] __x64_sys_mmap+0x125/0x190 [ 1866.674559][T26718] do_syscall_64+0x106/0xf80 [ 1866.674589][T26718] ? clear_bhb_loop+0x40/0x90 [ 1866.674620][T26718] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1866.674646][T26718] RIP: 0033:0x7fbc1079c799 [ 1866.674667][T26718] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1866.674691][T26718] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1866.674715][T26718] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1866.674731][T26718] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1866.674746][T26718] RBP: 00007fbc10832c99 R08: fffffffffffffffa R09: 0000000000008000 [ 1866.674763][T26718] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1866.674778][T26718] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1866.674811][T26718] [ 1867.528151][T24568] Bluetooth: hci0: command tx timeout [ 1867.543681][T26725] openvswitch: netlink: Key type 261 is out of range max 32 [ 1868.606225][T26737] netlink: 472 bytes leftover after parsing attributes in process `syz.2.4338'. [ 1868.950790][T26743] random: crng reseeded on system resumption [ 1870.467804][T26759] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4342'. [ 1870.672735][T26762] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4342'. [ 1870.910417][T26731] program syz.3.4336 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1872.211845][T26778] FAULT_INJECTION: forcing a failure. [ 1872.211845][T26778] name failslab, interval 1, probability 0, space 0, times 0 [ 1872.332828][T26778] CPU: 0 UID: 0 PID: 26778 Comm: syz.1.4348 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1872.332876][T26778] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1872.332886][T26778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1872.332902][T26778] Call Trace: [ 1872.332910][T26778] [ 1872.332920][T26778] dump_stack_lvl+0x100/0x190 [ 1872.332962][T26778] should_fail_ex.cold+0x5/0xa [ 1872.332992][T26778] should_failslab+0xc2/0x120 [ 1872.333018][T26778] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1872.333059][T26778] ? sock_alloc_inode+0x25/0x1c0 [ 1872.333094][T26778] ? create_new_namespaces+0x3ea/0xac0 [ 1872.333119][T26778] ? ksys_unshare+0x473/0xad0 [ 1872.333148][T26778] ? __x64_sys_unshare+0x31/0x40 [ 1872.333183][T26778] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1872.333220][T26778] sock_alloc_inode+0x25/0x1c0 [ 1872.333258][T26778] alloc_inode+0x68/0x250 [ 1872.333291][T26778] sock_alloc+0x44/0x280 [ 1872.333322][T26778] ? security_socket_create+0x7f/0x250 [ 1872.333359][T26778] sock_create_lite+0x82/0x120 [ 1872.333396][T26778] __netlink_kernel_create+0xbd/0x750 [ 1872.333430][T26778] ? __lock_acquire+0x4a5/0x2630 [ 1872.333462][T26778] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1872.333508][T26778] rtnetlink_net_init+0xb9/0x140 [ 1872.333544][T26778] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1872.333570][T26778] ? lockdep_init_map_type+0x5c/0x250 [ 1872.333603][T26778] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 1872.333626][T26778] ? __pfx_rtnetlink_bind+0x10/0x10 [ 1872.333653][T26778] ? mutex_init_lockep+0x110/0x150 [ 1872.333691][T26778] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 1872.333715][T26778] ops_init+0x1e2/0x5f0 [ 1872.333750][T26778] setup_net+0x118/0x3a0 [ 1872.333783][T26778] ? __pfx_setup_net+0x10/0x10 [ 1872.333813][T26778] ? lockdep_init_map_type+0x5c/0x250 [ 1872.333846][T26778] ? mutex_init_lockep+0x110/0x150 [ 1872.333884][T26778] copy_net_ns+0x46f/0x7c0 [ 1872.333921][T26778] create_new_namespaces+0x3ea/0xac0 [ 1872.333953][T26778] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1872.333983][T26778] ksys_unshare+0x473/0xad0 [ 1872.334016][T26778] ? __pfx_ksys_unshare+0x10/0x10 [ 1872.334061][T26778] __x64_sys_unshare+0x31/0x40 [ 1872.334092][T26778] do_syscall_64+0x106/0xf80 [ 1872.334122][T26778] ? clear_bhb_loop+0x40/0x90 [ 1872.334153][T26778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1872.334180][T26778] RIP: 0033:0x7fbc1079c799 [ 1872.334201][T26778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1872.334225][T26778] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1872.334249][T26778] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1872.334269][T26778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1872.334285][T26778] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1872.334300][T26778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1872.334315][T26778] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1872.334347][T26778] [ 1874.102590][T26788] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1877.709213][T26805] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1877.774844][T26805] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1877.866677][T26805] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1877.909845][T26813] FAULT_INJECTION: forcing a failure. [ 1877.909845][T26813] name failslab, interval 1, probability 0, space 0, times 0 [ 1877.958012][T26805] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1878.040523][T26813] CPU: 0 UID: 0 PID: 26813 Comm: syz.1.4355 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1878.040565][T26813] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1878.040575][T26813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1878.040590][T26813] Call Trace: [ 1878.040598][T26813] [ 1878.040614][T26813] dump_stack_lvl+0x100/0x190 [ 1878.040656][T26813] should_fail_ex.cold+0x5/0xa [ 1878.040685][T26813] should_failslab+0xc2/0x120 [ 1878.040713][T26813] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1878.040751][T26813] ? sock_alloc_inode+0x25/0x1c0 [ 1878.040791][T26813] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1878.040828][T26813] sock_alloc_inode+0x25/0x1c0 [ 1878.040862][T26813] alloc_inode+0x68/0x250 [ 1878.040895][T26813] sock_alloc+0x44/0x280 [ 1878.040932][T26813] ? security_socket_create+0x7f/0x250 [ 1878.040972][T26813] __sock_create+0xc2/0x860 [ 1878.041015][T26813] __sys_socket+0x14d/0x260 [ 1878.041037][T26813] ? __pfx___sys_socket+0x10/0x10 [ 1878.041069][T26813] __x64_sys_socket+0x72/0xb0 [ 1878.041091][T26813] ? lockdep_hardirqs_on+0x78/0x100 [ 1878.041122][T26813] do_syscall_64+0x106/0xf80 [ 1878.041151][T26813] ? clear_bhb_loop+0x40/0x90 [ 1878.041183][T26813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1878.041208][T26813] RIP: 0033:0x7fbc1079c799 [ 1878.041233][T26813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1878.041258][T26813] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1878.041283][T26813] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1878.041300][T26813] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1878.041315][T26813] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1878.041331][T26813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1878.041346][T26813] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1878.041379][T26813] [ 1878.041847][T26813] socket: no more sockets [ 1878.268959][T26805] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1878.647969][T26805] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1878.983602][T26822] Ignoring unsupported numa_zonelist_order value: [ 1879.175362][T21305] Bluetooth: hci4: command 0x0c1a tx timeout [ 1879.518047][T26830] netlink: 338 bytes leftover after parsing attributes in process `syz.0.4360'. [ 1879.809525][T21305] Bluetooth: hci1: command 0x0c1a tx timeout [ 1879.890157][T21305] Bluetooth: hci3: command 0x0c1a tx timeout [ 1879.911074][T26834] netlink: 472 bytes leftover after parsing attributes in process `syz.1.4361'. [ 1879.975558][T21305] Bluetooth: hci0: command 0x0c1a tx timeout [ 1880.040407][T26834] FAULT_INJECTION: forcing a failure. [ 1880.040407][T26834] name failslab, interval 1, probability 0, space 0, times 0 [ 1880.120857][T26834] CPU: 0 UID: 0 PID: 26834 Comm: syz.1.4361 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1880.120900][T26834] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1880.120910][T26834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1880.120925][T26834] Call Trace: [ 1880.120933][T26834] [ 1880.120942][T26834] dump_stack_lvl+0x100/0x190 [ 1880.120984][T26834] should_fail_ex.cold+0x5/0xa [ 1880.121013][T26834] should_failslab+0xc2/0x120 [ 1880.121040][T26834] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1880.121081][T26834] ? kstrdup_const+0x63/0x80 [ 1880.121126][T26834] kstrdup+0x51/0xe0 [ 1880.121165][T26834] kstrdup_const+0x63/0x80 [ 1880.121204][T26834] __kernfs_new_node+0x9b/0x960 [ 1880.121254][T26834] ? __pfx___kernfs_new_node+0x10/0x10 [ 1880.121297][T26834] ? find_held_lock+0x2b/0x80 [ 1880.121320][T26834] ? kernfs_root+0xee/0x2a0 [ 1880.121354][T26834] ? kernfs_root+0xee/0x2a0 [ 1880.121394][T26834] kernfs_new_node+0x11b/0x1a0 [ 1880.121439][T26834] __kernfs_create_file+0x53/0x350 [ 1880.121471][T26834] cgroup_addrm_files+0x4d8/0xb90 [ 1880.121523][T26834] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 1880.121572][T26834] ? css_next_child+0xcf/0x2e0 [ 1880.121607][T26834] ? css_next_descendant_pre+0x58/0x1a0 [ 1880.121646][T26834] css_populate_dir+0x3c4/0x590 [ 1880.121679][T26834] cgroup_mkdir+0x563/0x1330 [ 1880.121723][T26834] ? __pfx_cgroup_mkdir+0x10/0x10 [ 1880.121764][T26834] kernfs_iop_mkdir+0x111/0x190 [ 1880.121801][T26834] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 1880.121838][T26834] vfs_mkdir+0x361/0x850 [ 1880.121877][T26834] filename_mkdirat+0x48b/0x5e0 [ 1880.121907][T26834] ? __pfx_filename_mkdirat+0x10/0x10 [ 1880.121934][T26834] ? strncpy_from_user+0x19d/0x2d0 [ 1880.121978][T26834] ? do_getname+0x191/0x390 [ 1880.122011][T26834] __x64_sys_mkdirat+0x89/0xc0 [ 1880.122039][T26834] do_syscall_64+0x106/0xf80 [ 1880.122069][T26834] ? clear_bhb_loop+0x40/0x90 [ 1880.122100][T26834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1880.122126][T26834] RIP: 0033:0x7fbc1079c799 [ 1880.122146][T26834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1880.122171][T26834] RSP: 002b:00007fbc1158d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 1880.122195][T26834] RAX: ffffffffffffffda RBX: 00007fbc10a15fa0 RCX: 00007fbc1079c799 [ 1880.122212][T26834] RDX: 0000000000000009 RSI: 0000200000000080 RDI: 0000000000000009 [ 1880.122236][T26834] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1880.122252][T26834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1880.122267][T26834] R13: 00007fbc10a16038 R14: 00007fbc10a15fa0 R15: 00007ffe3da6e8b8 [ 1880.122299][T26834] [ 1880.122311][T26834] cgroup: cgroup_addrm_files: failed to add cgroup.max.descendants, err=-12 [ 1881.714683][ T30] audit: type=1804 audit(4294977204.100:70): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=1 errno=0 [ 1881.832969][ T30] audit: type=1800 audit(4294977204.100:71): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1882.021100][ T30] audit: type=1800 audit(4294977204.330:72): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1882.064999][T21305] Bluetooth: hci0: command 0x0c1a tx timeout [ 1882.208789][ T30] audit: type=1800 audit(4294977204.330:73): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1882.366071][ T30] audit: type=1800 audit(4294977204.330:74): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1882.531852][ T30] audit: type=1800 audit(4294977204.490:75): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1882.724505][ T30] audit: type=1800 audit(4294977204.580:76): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1882.782063][T26861] nfs: Unknown parameter 'm?LH>「^eko}* ' [ 1882.939350][ T30] audit: type=1800 audit(4294977204.590:77): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1883.116718][ T30] audit: type=1800 audit(4294977204.590:78): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1883.286361][ T30] audit: type=1800 audit(4294977204.590:79): pid=26845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4365" name=22050820 dev="tmpfs" ino=2918 res=0 errno=0 [ 1883.355986][T26856] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1883.748872][T26872] : entered promiscuous mode [ 1883.756893][T26856] MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details. [ 1883.823122][T26856] TAA CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html for more details. [ 1883.941640][T26856] MMIO Stale Data CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html for more details. [ 1884.138848][T21305] Bluetooth: hci0: command 0x0c1a tx timeout [ 1884.549954][T26881] netlink: 472 bytes leftover after parsing attributes in process `syz.2.4377'. [ 1885.136033][T26884] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4376'. [ 1885.299542][T26884] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4376'. [ 1885.332501][T26896] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 1885.650769][T26866] smpboot: CPU 1 is now offline [ 1886.002081][T26866] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1886.127378][T26866] ------------[ cut here ]------------ [ 1886.133384][T26866] DEAD callback error for CPU1 [ 1886.133402][T26866] WARNING: kernel/cpu.c:1463 at _cpu_down+0x759/0x1020, CPU#0: syz.1.4371/26866 [ 1886.148248][T26866] Modules linked in: [ 1886.153178][T26866] CPU: 0 UID: 0 PID: 26866 Comm: syz.1.4371 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1886.164425][T26866] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1886.169636][T26866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1886.179981][T26866] RIP: 0010:_cpu_down+0x75c/0x1020 [ 1886.186043][T26866] Code: cb 7a f6 89 ee bf 91 00 00 00 e8 ff c5 7a f6 81 fd 91 00 00 00 0f 84 6b 02 00 00 e8 3e cb 7a f6 48 8d 3d c7 55 4f 05 44 89 ee <67> 48 0f b9 3a e9 3a fa ff ff 45 31 ff e9 32 fa ff ff e8 1d cb 7a [ 1886.206114][T26866] RSP: 0018:ffffc9000447faa8 EFLAGS: 00010283 [ 1886.212214][T26866] RAX: 000000000000b7c1 RBX: ffff8880b85242e0 RCX: ffffc900104d1000 [ 1886.220288][T26866] RDX: 0000000000080000 RSI: 0000000000000001 RDI: ffffffff90dca010 [ 1886.228342][T26866] RBP: 0000000000000092 R08: 0000000000000005 R09: 0000000000000091 [ 1886.236910][T26866] R10: 0000000000000092 R11: 0000000000000000 R12: 00000000000000ed [ 1886.245597][T26866] R13: 0000000000000001 R14: 0000000000000001 R15: 00000000fffffff5 [ 1886.254057][T26866] FS: 00007fbc0e9f66c0(0000) GS:ffff88812434d000(0000) knlGS:0000000000000000 [ 1886.263390][T26866] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1886.270033][T26866] CR2: 0000001b2d47eff8 CR3: 00000000a7a30000 CR4: 00000000003526f0 [ 1886.278280][T26866] Call Trace: [ 1886.281595][T26866] [ 1886.284630][T26866] ? __pfx_cpu_subsys_offline+0x10/0x10 [ 1886.290225][T26866] cpu_device_down+0x82/0xc0 [ 1886.295220][T26866] device_offline+0x2a7/0x3c0 [ 1886.299935][T26866] ? __pfx_device_offline+0x10/0x10 [ 1886.305249][T26866] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1886.311206][T26866] ? __pfx_online_store+0x10/0x10 [ 1886.316314][T26866] online_store+0xd1/0x180 [ 1886.320767][T26866] ? __pfx_online_store+0x10/0x10 [ 1886.325975][T26866] ? __print_lock_name+0x60/0x80 [ 1886.330938][T26866] ? sysfs_file_kobj+0xe4/0x290 [ 1886.336141][T26866] ? sysfs_file_kobj+0xe4/0x290 [ 1886.341444][T26866] dev_attr_store+0x58/0x80 [ 1886.346352][T26866] ? __pfx_dev_attr_store+0x10/0x10 [ 1886.351786][T26866] sysfs_kf_write+0xf2/0x150 [ 1886.356638][T26866] kernfs_fop_write_iter+0x3e0/0x5f0 [ 1886.362166][T26866] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1886.367648][T26866] vfs_write+0x6ac/0x1070 [ 1886.372025][T26866] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1886.378133][T26866] ? __pfx_vfs_write+0x10/0x10 [ 1886.383052][T26866] ksys_write+0x12a/0x250 [ 1886.387418][T26866] ? __pfx_ksys_write+0x10/0x10 [ 1886.392308][T26866] do_syscall_64+0x106/0xf80 [ 1886.397018][T26866] ? clear_bhb_loop+0x40/0x90 [ 1886.401738][T26866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1886.407705][T26866] RIP: 0033:0x7fbc1079c799 [ 1886.412162][T26866] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1886.431898][T26866] RSP: 002b:00007fbc0e9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1886.440623][T26866] RAX: ffffffffffffffda RBX: 00007fbc10a16090 RCX: 00007fbc1079c799 [ 1886.449203][T26866] RDX: 0000000000000005 RSI: 00002000000007c0 RDI: 0000000000000004 [ 1886.457889][T26866] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1886.466324][T26866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1886.474495][T26866] R13: 00007fbc10a16128 R14: 00007fbc10a16090 R15: 00007ffe3da6e8b8 [ 1886.482536][T26866] [ 1886.485669][T26866] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1886.492987][T26866] CPU: 0 UID: 0 PID: 26866 Comm: syz.1.4371 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1886.503955][T26866] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1886.509174][T26866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1886.519306][T26866] Call Trace: [ 1886.522607][T26866] [ 1886.525584][T26866] dump_stack_lvl+0x100/0x190 [ 1886.530313][T26866] vpanic+0x552/0x970 [ 1886.534314][T26866] ? __pfx_vpanic+0x10/0x10 [ 1886.538894][T26866] panic+0xd1/0xe0 [ 1886.542642][T26866] ? __pfx_panic+0x10/0x10 [ 1886.547096][T26866] check_panic_on_warn.cold+0x19/0x34 [ 1886.552527][T26866] ? _cpu_down+0x759/0x1020 [ 1886.557066][T26866] __warn.cold+0x191/0x348 [ 1886.561504][T26866] __report_bug+0x296/0x3d0 [ 1886.566098][T26866] ? _cpu_down+0x759/0x1020 [ 1886.570651][T26866] ? __pfx___report_bug+0x10/0x10 [ 1886.575705][T26866] ? __pfx_try_to_wake_up+0x10/0x10 [ 1886.580939][T26866] report_bug_entry+0xe1/0x290 [ 1886.585733][T26866] ? _cpu_down+0x75c/0x1020 [ 1886.590397][T26866] handle_bug+0x1cd/0x2a0 [ 1886.594769][T26866] exc_invalid_op+0x17/0x50 [ 1886.599312][T26866] asm_exc_invalid_op+0x1a/0x20 [ 1886.604188][T26866] RIP: 0010:_cpu_down+0x75c/0x1020 [ 1886.609348][T26866] Code: cb 7a f6 89 ee bf 91 00 00 00 e8 ff c5 7a f6 81 fd 91 00 00 00 0f 84 6b 02 00 00 e8 3e cb 7a f6 48 8d 3d c7 55 4f 05 44 89 ee <67> 48 0f b9 3a e9 3a fa ff ff 45 31 ff e9 32 fa ff ff e8 1d cb 7a [ 1886.629002][T26866] RSP: 0018:ffffc9000447faa8 EFLAGS: 00010283 [ 1886.635186][T26866] RAX: 000000000000b7c1 RBX: ffff8880b85242e0 RCX: ffffc900104d1000 [ 1886.643186][T26866] RDX: 0000000000080000 RSI: 0000000000000001 RDI: ffffffff90dca010 [ 1886.651258][T26866] RBP: 0000000000000092 R08: 0000000000000005 R09: 0000000000000091 [ 1886.659270][T26866] R10: 0000000000000092 R11: 0000000000000000 R12: 00000000000000ed [ 1886.667281][T26866] R13: 0000000000000001 R14: 0000000000000001 R15: 00000000fffffff5 [ 1886.675478][T26866] ? _cpu_down+0x752/0x1020 [ 1886.680241][T26866] ? __pfx_cpu_subsys_offline+0x10/0x10 [ 1886.685826][T26866] cpu_device_down+0x82/0xc0 [ 1886.690533][T26866] device_offline+0x2a7/0x3c0 [ 1886.695242][T26866] ? __pfx_device_offline+0x10/0x10 [ 1886.700471][T26866] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1886.706406][T26866] ? __pfx_online_store+0x10/0x10 [ 1886.711463][T26866] online_store+0xd1/0x180 [ 1886.715926][T26866] ? __pfx_online_store+0x10/0x10 [ 1886.721247][T26866] ? __print_lock_name+0x60/0x80 [ 1886.726212][T26866] ? sysfs_file_kobj+0xe4/0x290 [ 1886.731105][T26866] ? sysfs_file_kobj+0xe4/0x290 [ 1886.735997][T26866] dev_attr_store+0x58/0x80 [ 1886.740641][T26866] ? __pfx_dev_attr_store+0x10/0x10 [ 1886.745880][T26866] sysfs_kf_write+0xf2/0x150 [ 1886.750505][T26866] kernfs_fop_write_iter+0x3e0/0x5f0 [ 1886.755836][T26866] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1886.761091][T26866] vfs_write+0x6ac/0x1070 [ 1886.765495][T26866] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1886.771361][T26866] ? __pfx_vfs_write+0x10/0x10 [ 1886.776199][T26866] ksys_write+0x12a/0x250 [ 1886.780589][T26866] ? __pfx_ksys_write+0x10/0x10 [ 1886.785668][T26866] do_syscall_64+0x106/0xf80 [ 1886.790411][T26866] ? clear_bhb_loop+0x40/0x90 [ 1886.795149][T26866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1886.801074][T26866] RIP: 0033:0x7fbc1079c799 [ 1886.805515][T26866] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1886.825176][T26866] RSP: 002b:00007fbc0e9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1886.833621][T26866] RAX: ffffffffffffffda RBX: 00007fbc10a16090 RCX: 00007fbc1079c799 [ 1886.841619][T26866] RDX: 0000000000000005 RSI: 00002000000007c0 RDI: 0000000000000004 [ 1886.849628][T26866] RBP: 00007fbc10832c99 R08: 0000000000000000 R09: 0000000000000000 [ 1886.857629][T26866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1886.865622][T26866] R13: 00007fbc10a16128 R14: 00007fbc10a16090 R15: 00007ffe3da6e8b8 [ 1886.873665][T26866] [ 1886.876961][T26866] Kernel Offset: disabled [ 1886.881321][T26866] Rebooting in 86400 seconds..