last executing test programs: 10.340376759s ago: executing program 0 (id=2229): mmap$auto(0x0, 0x9bc, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0xa, 0x1, 0x84) socket(0x23, 0x80805, 0x0) fanotify_init$auto(0x5, 0x2000000000002) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) socket(0x2, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x2, 0x801, 0x106) socket(0x15, 0x5, 0x0) socket(0x10, 0x2, 0x0) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r1, @ANYRES64=r0], 0x18}, 0x1, 0x2000, 0x0, 0x40000}, 0x80) 9.969766796s ago: executing program 0 (id=2231): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mount$auto(0x0, 0x0, 0x0, 0x3, 0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) madvise$auto(0x110d230000, 0x1, 0x9) sendfile$auto(0xffffffffffffffff, r0, 0x0, 0xf317) write$auto(0xffffffffffffffff, 0x0, 0x80000000000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0xf0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x0, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r3) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000f9dbdf250100000006000200010000000500070058000000080009000800000008000a000800000008001700", @ANYRES32, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 8.745075438s ago: executing program 3 (id=2236): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg1\x00', 0x180443, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x121d02, 0x0) socket(0x10, 0x2, 0x14) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x622340, 0x0) openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x20040, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x9, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) eventfd$auto(0x3) pipe$auto(0x0) socketpair$auto(0x1e, 0x1, 0x4, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x80044704, 0x0) 8.417606483s ago: executing program 2 (id=2237): sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0xc01) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) getsockopt$auto(0x100000006, 0x0, 0x16, 0xfffffffffffffffe, 0x0) r0 = socket(0x1d, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@can, 0x55) r1 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) sendfile$auto(r1, r1, 0x0, 0x1) connect$auto(r0, &(0x7f0000000000)=@l2tp={0x2, 0x0, @multicast2, 0x1}, 0x7f) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r2, &(0x7f00000002c0)='N\xd5\f\xb9GC*(,\x00\xc4bAL\xa3`\xb1\xf2\xe7\xc04b$\x99.\xb4\xcc\xc0%\xaa\xd3\xd5\xef\xa4\xd35u\xc0\xa6\r\xcaJ\x11\xaf\x93\xde\xc3|\x17\x96\xd1\x15g\x10\x1ai1(=!\xf1\xe8\xe4\xcdm\xedKW\xe7\xfbL\\\xf2sj(\v\xcd\xe5\x02B\x81ss\xdd\x8199\xa5\x1e\xb0A\xa3\xcbj7\xe9\xc9L\xcc\xc6\xa4\xaf%\xba\xda\xee\xd8%:bXj\xd5[UG\x8a\x8ab\x9a\x18\xe8K\xafU\x8d\xb1\f~\xaa\xab(\x86(\xf9\b\xf7$%\xf2\x11\xa4\x9bj\xc1)\n\x1ft\xb6\xaf\xe2\xd4\x95\xa3\xe1\x1f\xf7uw\a\xd0\x83{_>/\xff', 0x100000001) write$auto(r2, &(0x7f00000000c0)='\xc4\x1dR\x00\x003\x1bO\xbb\x98)\x7fTa1\xa3\xd0\x89\x1e\\\xff', 0x8587) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/fs/cifs/smbd_max_fragmented_recv_size\x00', 0x42440, 0x0) pread64$auto(r3, 0x0, 0x200000000004, 0x266) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) readv$auto(r2, 0x0, 0x1) 8.061657782s ago: executing program 3 (id=2238): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lowpan0/queues/tx-0/tx_timeout\x00', 0x545001, 0x0) r1 = socket(0x2, 0x1, 0x400104) getsockopt$auto_SO_MEMINFO(r1, 0x1, 0x37, &(0x7f0000000100)='/dev/kvm\x00', &(0x7f0000000180)=0x7) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_EPCS_CFG(r1, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000440)={&(0x7f0000000100)={0x2fc, r2, 0x20, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_MBSSID_ELEMS={0x2b2, 0x133, 0x0, 0x1, [@generic="8a31764425ba5497951d909dda4463c465a089aa1b458c2f3446e344d01447a48b03372087d3f41a9888ba9c3710eb2a8e48cd0b19f1babb1e806706260077178b9a28944272f99a3fce88a3966c8fd6809975e84d14499189512640339601ab6245feaa5aefb92e0d0a011ae1f24daecbb6d02935f3178a89a081dbb496093c6b2aba46ee48fbd1142873a47a759ef8a01b790f70f439127add03286d68a6fa86c8a6cb085ce1d745a9a9b88bda", @generic="90fda3f54235", @typed={0x8, 0x97, 0x0, 0x0, @ipv4=@local}, @generic="ec89dd15001972e6867c1cc343323eb91bcf7e4f7db2a7c880dcd2af808406bad715fb55ddc82da416d3a66656214eade9a6c8d0e1af56dacc4ef0f0e11a06c7a0dec80b", @generic="58c5e88d2cad2a8dc5e4d68756c5e251ddfea544c1540a035314daf4f22e32300e50d350b8249a0fdfd72a59770956b930469c952bffe82a07d21512f66ad85cc4c8dc6977f9622a2cfe1e7197167b4aa7510cb26c52ab3d581b3e20c3d7444448e1ea95620906e01cc69d84cdb227777d5c17f939b8b9b4f2a092d782161af44ff5206739e57c3274933bdb752a844631bfccc1802f2b5b94e25aa32f3d3926b22322596c8475e9984402476d86ae1d232db96f1a12daf1dd8f50d2f6944244ad247fa7f859d17179de8f382ba2c540a1b1b5c6df8951fe", @generic="77b44dc92596132cce727e20e64cc729ff8e1631412b7b8f5d3a2557e18812dcd84e4e48b684da504b7da347dc864f396f7715d62f506140599d04a645642eb1bab7b3d98f1ff7318dc34f42fbcfc3744a8d6cbe80bf98f72748da0757b6ee4f9deb2fb20ef395f68d06ae2e3f6b6bc42342cffd89e6f53f208f324df9c0498fbb4bdc7a3fb048dbb6cdb2dfdb719efe82f0d71ee9cf4b180b1c35fd2079a48139bcdd9e5205c62922132b7374d3720799fd838d3280e91eb4aaacde1771421cde71e1b95bc7cb35b40e9478bde4e5089ad7c53ee589"]}, @NL80211_ATTR_FILS_NONCES={0x23, 0xf3, "a4f7a2451d2860d45ce9dafde3a50e29657b7e112b868c9e7fb0d8dfc59640"}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0x5}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x7}]}, 0x2fc}, 0x1, 0x0, 0x0, 0x4080}, 0x4040845) write$auto(r0, 0x0, 0x300000000000) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x40e00, 0x0) r4 = epoll_create$auto(0x3e) epoll_ctl$auto(r4, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) socket(0x2c, 0x80000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001a80)={'veth1_to_hsr\x00', 0x0}) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r8, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000001ac0)={0x24, r6, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040000}, 0x0) 7.588911677s ago: executing program 0 (id=2239): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x5, &(0x7f0000000000)=@test={0x12, 0x1, 0xa93f, 0x9, 0x3, 0x3, 0x3da1, 0x0, 0xb4, 0x5, 0x140000000000, 0x0, 0x7fffffff, 0x9, 0x1}, 0x171) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) r2 = socket(0x10, 0x2, 0x4) clock_adjtime$auto(0x0, &(0x7f0000000240)={0xdbd, 0x0, 0x7, 0xfffffffffffffffe, 0x600, 0xf4, 0xb, 0x0, 0x100000000, 0x8, 0x3, {0x403, 0xd05}, 0xfffffffffffffff8, 0xa5, 0x9, 0xb87f, 0x0, 0xc7, 0x80, 0x7, 0x5, 0x5, 0xfffffff5}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyS0\x00', 0x0, 0x0) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000080)='/dev/etherd/interfaces\x00', 0x1, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/modules\x00', 0x88400, 0x0) io_uring_setup$auto(0xc, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) prctl$auto(0x26, 0x1, 0x0, 0x0, 0x80000000) 7.175685548s ago: executing program 3 (id=2241): mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x40000b, 0xdf, 0x9b72, 0x2, 0x108000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) futex$auto(0x0, 0x1, 0x40000006, 0x0, 0x0, 0x80000001) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96) mmap$auto(0x0, 0x400, 0xfffffffffffffffa, 0xeb1, 0x401, 0x8000) madvise$auto(0x4, 0x2004, 0x15) 6.938553356s ago: executing program 0 (id=2242): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x8, 0x1, 0x6) r0 = socket(0x23, 0x5, 0x0) bind$auto(r0, &(0x7f0000000140)=@phonet={0x23, 0x6, 0x3, 0xa3}, 0x80) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0x80000001, 0xeb1, 0x401, 0x8002) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\'\x00\xc9\n\xbf\xb9\x12\xfa\x00\x00\xcfk', 0xb7f) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) socket(0x28, 0x1, 0x0) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) getpgid(0x0) setsockopt$auto(r0, 0xffff99e4, 0x9, 0x0, 0xacb1) io_uring_setup$auto(0x6, 0x0) unshare$auto(0x40000080) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) readv$auto(0xffffffffffffffff, 0x0, 0x1) sendmsg$auto_NL80211_CMD_SET_STATION(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={0x0, 0x1c0}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000000) 6.858318142s ago: executing program 2 (id=2243): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x5) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) madvise$auto(0x9, 0x1, 0xc3) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000200), 0x880, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x80, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) ioctl$auto(0xffffffffffffffff, 0x4b71, 0x1) sched_getattr$auto(0x0, &(0x7f0000000000)={0xcf86, 0x6, 0x6, 0x200, 0x7, 0xb, 0x6, 0xfffffffffffffff8, 0x8, 0x90}, 0x68, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x8000000000000000, 0x15) brk$auto(0x40008000) 5.136914223s ago: executing program 1 (id=2245): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x1f40) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x880) read$auto(0x3, 0x0, 0x8080) write$auto(0x3, 0x0, 0xffd8) write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f0000000200)="624d1bfe595046ab5c98199adfff0600de16b8ef6176e6021e1dce210500e8fdffff0000000000fffffffe00a7ed73de11691c13403c82be18ecfdf9b0a051779efa1a756fdbf986a298215baf3e6bd7a97b26aebb478bfaac553da2f50d0e1531162fd9c6c6ca7d2316eb660cab29b8e5c0ce1574ef9370005da1efe6c293cb02d95ffe803df1c59b6ccc0b02ec896766cfe3c729ffce659ca157173397d4c5c5e74218ddf46aed92103afc30c34f52e4b66c17e3b73f49c4fbc39059155d9691eadc1adc22f81a69d274ad4dc776861a5895315f65b1efa359ee24666a78774bd00121a1d9b2ac54d3", 0x6a) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video54\x00', 0x42942, 0x0) poll$auto(&(0x7f0000000040)={r1, 0x83c, 0x9}, 0x8, 0x8) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x80000e9e, 0x10, 0xd, 0xfffffffffffffffb, 0x100000000, 0x2c2, 0x800002017d, 0x4, 0x1000000040, 0xd, 0xd59, 0xfb, 0xff, 0x21, 0x100000005]}, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x2, 0x6, 0x8) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D2\x00', 0x103801, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5) 4.195073538s ago: executing program 3 (id=2246): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x5, &(0x7f0000000000)=@test={0x12, 0x1, 0xa93f, 0x9, 0x3, 0x3, 0x3da1, 0x0, 0xb4, 0x5, 0x140000000000, 0x0, 0x7fffffff, 0x9, 0x1}, 0x171) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='Y\x00\x00\x00', @ANYRES16], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) r2 = socket(0x10, 0x2, 0x4) clock_adjtime$auto(0x0, &(0x7f0000000240)={0xdbd, 0x0, 0x7, 0xfffffffffffffffe, 0x600, 0xf4, 0xb, 0x0, 0x100000000, 0x8, 0x3, {0x403, 0xd05}, 0xfffffffffffffff8, 0xa5, 0x9, 0xb87f, 0x0, 0xc7, 0x80, 0x7, 0x5, 0x5, 0xfffffff5}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyS0\x00', 0x0, 0x0) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000080)='/dev/etherd/interfaces\x00', 0x1, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/modules\x00', 0x88400, 0x0) io_uring_setup$auto(0xc, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) prctl$auto(0x26, 0x1, 0x0, 0x0, 0x80000000) 4.183124951s ago: executing program 2 (id=2247): r0 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x129441, 0x0) bpf$auto_BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000100)=@prog_bind_map={0xffffffffffffffff, r0, 0x1}, 0xffffffff) r1 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) pread64$auto(r1, 0x0, 0x1, 0xb29e) ptrace$auto(0x10, 0x0, 0x4, 0x7ff) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, 0x0, 0x8, 0x6) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) quotactl$auto(0x9, 0x0, 0x62a0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_BEARER_ADD(r2, &(0x7f0000001840)={0x0, 0x0, &(0x7f0000001800)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x24000840) syz_clone(0x22042400, 0x0, 0x0, 0x0, 0x0, 0x0) setns(0xffffffffffffffff, 0x60020000) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) memfd_create$auto(0x0, 0xe) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 4.068096087s ago: executing program 0 (id=2248): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0) pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) 3.687679923s ago: executing program 1 (id=2249): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, 0x0, 0x0) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x5, 0x4, 0xa) futex_wake$auto(0x0, 0xfffffffffffffff8, 0xfff, 0x7f) mmap$auto(0x0, 0x2000a, 0x10000000000e1, 0xeb2, 0x401, 0x8000) 3.58227808s ago: executing program 3 (id=2250): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1d, 0x4, 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(0x8000000000000003, 0x0, 0x8000000d, 0x2cbd5d) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000140)) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r0) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, 0x0, 0x40000) io_uring_setup$auto(0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0xac, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0xffffffffffffffff, 0x6, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r1 = socket(0x10, 0x2, 0x6) socket(0xf, 0x3, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0xffd8) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) 2.554204388s ago: executing program 2 (id=2251): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x2, 0x0) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000140)={{0x8, 0xffffffffffffffff, 0xee01, 0x2, 0x8, 0x7, 0x9}, &(0x7f00000000c0)=0xc0, &(0x7f0000000100)=0x5, 0xffffffff, 0x6, 0x8000000000000001, 0xb0a2, 0x208, 0x2f, 0x404, 0x4, @raw=0x5, @inferred=0xffffffffffffffff}) keyctl$auto(0x1, 0x1, r0, 0x0, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2c, 0x80003, 0x0) setsockopt$auto(r1, 0x11b, 0x4, 0xffffffffffffffff, 0x9) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0x8208ae63, 0x38) 2.490754062s ago: executing program 1 (id=2252): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000080)={0x9, 0x0, [{0x48, 0x400, 0x1f}]}) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) unshare$auto(0x40000080) futex$auto(0x0, 0x9, 0x3e, 0x0, 0x0, 0x0) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fb4a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f00", 0xa}) ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) writev$auto(r1, &(0x7f0000000340)={0x0, 0x500000}, 0x9) socket(0xa, 0x1, 0x84) 2.467464581s ago: executing program 3 (id=2253): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/net\x00') sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x880) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0)="624d1bfe595046ab5c98199adf260600de16baef6176e6021e1dce210500e8fdffff0000000000fffffffe00a7ed73de11691c1340", 0x35) write$auto(0x3, 0x0, 0x100082) r2 = socket(0x2, 0x1, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/vhci_hcd.4/usb18/18-0:1.0/usb18-port3/location\x00', 0x0, 0x0) connect$auto(r2, 0x0, 0x54) read$auto(0x3, 0x0, 0x7fffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) 1.049731378s ago: executing program 1 (id=2254): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) fsopen$auto(0x0, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2, 0x1, 0x106) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) write$auto(0x3, 0x0, 0x100082) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x240601, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001fc, 0x7, 0xd3e, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x5, 0x5, 0x6d3f, 0x7, 0x6, 0x6]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x3, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) r4 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r2, &(0x7f0000007b00)={0x0, 0x0, &(0x7f0000007ac0)={&(0x7f0000007a80)={0x14, r4, 0x311, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) 946.883021ms ago: executing program 2 (id=2255): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x1, 0x3, 0x2) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r1 = socket(0x1e, 0x1, 0x0) r2 = socket(0x1d, 0x1, 0x6) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000300), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'veth0_to_bridge\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="2f212cbd7010ca705d", @ANYRES32=r7], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810) sendmsg$auto_ETHTOOL_MSG_MM_GET(r1, &(0x7f0000000540)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x450000}, 0xc, &(0x7f0000000500)={0x0}}, 0x4040) bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a) close_range$auto(0x2, 0x8, 0x0) r8 = socket(0xa, 0x801, 0x84) socketpair$auto(0xfffffffc, 0x1, 0x8000000000000000, 0x0) r9 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) vmsplice$auto(r0, &(0x7f0000000140)={&(0x7f00000000c0)="bc0e6c90aa18e7a675776ee36eb756c0601842e67a", 0x100000001}, 0x1ff, 0xf) ioctl$auto(r9, 0xc0045627, r1) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r8, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) 860.465826ms ago: executing program 0 (id=2256): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) pwrite64$auto(r0, 0x0, 0x0, 0x2000000000040007) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) tgkill$auto(0x0, 0x0, 0x11) readv$auto(0x3, 0x0, 0x7) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) madvise$auto(0x0, 0x2003f2, 0x15) 658.576008ms ago: executing program 1 (id=2257): r0 = set_tid_address$auto(0x0) ptrace$auto_PTRACE_SETREGSET(0x4205, r0, 0x7ff, 0x5) write$auto(0xca, &(0x7f00000004c0)='\x04>2\x18!\xe2\x00\x94\xf2\xa2\x00\x00\x8d\xa9p\xcc\xccV\xf9ozi\xb2:\x19\x92r\xcc9\x99f\xc5BV\xb1\x92l\xed\x84fe\x8a\x8c\xd3*\xfe\x1dE\xa1W8\x03\xcb\t\x13K\xb4\x893\xf3Q\x7f\xd1|\xefp\xb1\xb3\xcer8\b=\xa4y\xd4\x88\xbcn\x8d\xf3\f\xbe\x9f\xed\xc1k\xcf\x0f`6\xe0\xd1\x03\x108a\x90KG,\xf8\v\x88\xe2+\xcb\xf2v\x8bL\xa6\xaa}*\xce\xd8\x98\xc9\\f\xccT\xa1\x05\x14\x84\xbb\aF,\xc8\xc7u\x93\xe8?\x92\t\xa9`\xff\x93l\x93\xac\n\xdd\xa4\n\x8e\xec\x14\x02|\xf7\xc4\x8e\x06h\xc0\x8f\x04\xceB\x03\xda\x89\x8f\xf3g\x1a\xb8\x1a\x18\xf2\x93DRSO\x97\xb1\xc3\xa8Q\xa2\xb2\xa8\xc3\xd3\xf9\xd4Y\x8d\x8d\xad\x8f[\xbe\xe5\xf1\x9f\x01s\x8eg\x05\xe8\xf9\x8f\xa6g\vu\xc9\xef\x0f\xbd(y8@\xca\xec(\xe8\x91\xf8$<\x81\x85\xac\xd7\x878\xd9\xce%\xcf\xab\xdb\xaf{\x82\x83\x8d\xce\xc0\r\xb6\xe4$\xd0<\xf8\xeay \xf1\x19\xb3Ta~*&\xd8\xc8\x00%\xdc\xbc;\x9f\xcf\xf0\xd8\xd7 \xa5\x8b\x10o \x13s}{\xe5\xb2\xd9;_\xec\xdef\xb1<\x18qg\x1e{\xba\xb0\xf7\xbb\xca\x00'/323, 0x7f) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = io_uring_setup$auto(0xaec, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya5\x00', 0x60000, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, r2, 0x0) ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x4, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/ath9k_htc/parameters/btcoex_enable\x00', 0xa8cc3, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0xffffffffffffff8a, 0x2020009, 0x100003, 0x15, r4, 0x3) sysfs$auto(0x2, 0x1, 0x0) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 200.202882ms ago: executing program 1 (id=2258): read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x14004010) sysfs$auto(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) accept$auto(r1, 0x0, 0x0) mount$auto(&(0x7f0000000180)='pim6reg\x00', 0x0, &(0x7f0000000240)='/proc/thr^Id-3elf/fail-nth\x00', 0x4, &(0x7f0000000280)) mmap$auto(0x0, 0xa8, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) unshare$auto(0x40000080) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) sendmsg$auto_NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, 0x0, 0x10) 0s ago: executing program 2 (id=2259): socket(0x6, 0x3, 0x37) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x26, 0x5, 0x8c68) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x101e41, 0x0) ioperm$auto(0x4, 0x100000001, 0x4000005) futex_waitv$auto(0x0, 0x7ff, 0x8, &(0x7f00000000c0)={0x1000000004, 0x10}, 0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x74c40, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x7, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r4 = ioctl$auto_TUNATTACHFILTER(r0, 0x401054d5, 0x0) ioctl$auto_virtual_ncidev_fops_virtual_ncidev(r4, 0x6, 0x0) r5 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r5, 0x40146f2c, 0x0) unshare$auto(0x40000080) setsockopt$auto(r1, 0xd0, 0x800000e4, 0x0, 0x569) kernel console output (not intermixed with test programs): f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 143.011656][ T6478] RSP: 002b:00007efff65f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 143.011688][ T6478] RAX: ffffffffffffffda RBX: 00007efff8616090 RCX: 00007efff839c799 [ 143.011710][ T6478] RDX: 0000000000129800 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 143.011732][ T6478] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 143.011753][ T6478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.011773][ T6478] R13: 00007efff8616128 R14: 00007efff8616090 R15: 00007ffede941228 [ 143.011818][ T6478] [ 143.352800][ T6489] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'. [ 143.353742][ T6489] netlink: 'syz.3.144': attribute type 1 has an invalid length. [ 143.353769][ T6489] netlink: 5 bytes leftover after parsing attributes in process `syz.3.144'. [ 144.313780][ T6496] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 145.549959][ T6510] netlink: zone id is out of range [ 145.588512][ T6510] netlink: zone id is out of range [ 145.757715][ T6510] netlink: zone id is out of range [ 145.769227][ T6510] netlink: zone id is out of range [ 145.784826][ T6510] netlink: zone id is out of range [ 145.790196][ T6510] netlink: zone id is out of range [ 145.803810][ T6510] netlink: zone id is out of range [ 145.814834][ T6510] netlink: zone id is out of range [ 145.848698][ T6510] netlink: set zone limit has 8 unknown bytes [ 146.428949][ T6521] netlink: 350 bytes leftover after parsing attributes in process `syz.3.155'. [ 148.256050][ T6556] FAULT_INJECTION: forcing a failure. [ 148.256050][ T6556] name failslab, interval 1, probability 0, space 0, times 0 [ 148.269463][ T6556] CPU: 1 UID: 0 PID: 6556 Comm: syz.2.162 Not tainted syzkaller #0 PREEMPT(full) [ 148.269520][ T6556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 148.269541][ T6556] Call Trace: [ 148.269553][ T6556] [ 148.269567][ T6556] dump_stack_lvl+0x100/0x190 [ 148.269627][ T6556] should_fail_ex.cold+0x5/0xa [ 148.269666][ T6556] ? vhost_dev_set_owner+0x190/0xa30 [ 148.269713][ T6556] should_failslab+0xc2/0x120 [ 148.269755][ T6556] __kmalloc_noprof+0xe0/0x850 [ 148.269820][ T6556] vhost_dev_set_owner+0x190/0xa30 [ 148.269887][ T6556] vhost_net_ioctl+0xfa3/0x1910 [ 148.269935][ T6556] ? do_vfs_ioctl+0x226/0x13e0 [ 148.269983][ T6556] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 148.270031][ T6556] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 148.270090][ T6556] ? find_held_lock+0x2b/0x80 [ 148.270120][ T6556] ? __fget_files+0x215/0x3d0 [ 148.270150][ T6556] ? hook_file_ioctl_common+0x146/0x410 [ 148.270199][ T6556] ? __fget_files+0x21f/0x3d0 [ 148.270245][ T6556] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 148.270300][ T6556] __x64_sys_ioctl+0x18e/0x210 [ 148.270353][ T6556] do_syscall_64+0x106/0xf80 [ 148.270413][ T6556] ? clear_bhb_loop+0x40/0x90 [ 148.270457][ T6556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.270501][ T6556] RIP: 0033:0x7ff11159c799 [ 148.270529][ T6556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 148.270563][ T6556] RSP: 002b:00007ff10f7d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 148.270596][ T6556] RAX: ffffffffffffffda RBX: 00007ff111816090 RCX: 00007ff11159c799 [ 148.270618][ T6556] RDX: 0000000000000005 RSI: 000000000000af01 RDI: 0000000000000007 [ 148.270639][ T6556] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 148.270660][ T6556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.270681][ T6556] R13: 00007ff111816128 R14: 00007ff111816090 R15: 00007ffdeb0889e8 [ 148.270727][ T6556] [ 150.204279][ T5843] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 151.166244][ T6576] FAULT_INJECTION: forcing a failure. [ 151.166244][ T6576] name failslab, interval 1, probability 0, space 0, times 0 [ 151.258928][ T6576] CPU: 1 UID: 0 PID: 6576 Comm: syz.3.168 Not tainted syzkaller #0 PREEMPT(full) [ 151.258975][ T6576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 151.258996][ T6576] Call Trace: [ 151.259007][ T6576] [ 151.259021][ T6576] dump_stack_lvl+0x100/0x190 [ 151.259080][ T6576] should_fail_ex.cold+0x5/0xa [ 151.259122][ T6576] should_failslab+0xc2/0x120 [ 151.259159][ T6576] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 151.259214][ T6576] ? xas_split_alloc+0x11c/0x4a0 [ 151.259275][ T6576] xas_split_alloc+0x11c/0x4a0 [ 151.259337][ T6576] __folio_split+0x739/0x1b60 [ 151.259400][ T6576] ? __pfx___folio_split+0x10/0x10 [ 151.259446][ T6576] ? folio_alloc_swap+0xbb0/0x1aa0 [ 151.259478][ T6576] ? folio_alloc_swap+0xbb0/0x1aa0 [ 151.259519][ T6576] ? folio_alloc_swap+0x1238/0x1aa0 [ 151.259573][ T6576] shmem_writeout+0x798/0x1a00 [ 151.259635][ T6576] ? __pfx_shmem_writeout+0x10/0x10 [ 151.259685][ T6576] ? __pfx_try_to_unmap+0x10/0x10 [ 151.259732][ T6576] ? find_held_lock+0x2b/0x80 [ 151.259768][ T6576] ? inode_to_bdi+0x9e/0x160 [ 151.259802][ T6576] ? folio_clear_dirty_for_io+0x178/0x820 [ 151.259848][ T6576] shrink_folio_list+0x3af8/0x6000 [ 151.259914][ T6576] ? __pfx_shrink_folio_list+0x10/0x10 [ 151.259964][ T6576] ? __lock_acquire+0x4a5/0x2630 [ 151.260012][ T6576] ? lock_acquire+0x1cf/0x380 [ 151.260064][ T6576] ? lock_acquire+0x1cf/0x380 [ 151.260109][ T6576] ? find_held_lock+0x2b/0x80 [ 151.260140][ T6576] ? is_bpf_text_address+0x8a/0x1a0 [ 151.260193][ T6576] ? is_bpf_text_address+0x8a/0x1a0 [ 151.260294][ T6576] reclaim_folio_list+0xdc/0x600 [ 151.260342][ T6576] ? find_held_lock+0x2b/0x80 [ 151.260374][ T6576] ? is_bpf_text_address+0x8a/0x1a0 [ 151.260426][ T6576] ? is_bpf_text_address+0x8a/0x1a0 [ 151.260479][ T6576] ? __pfx_reclaim_folio_list+0x10/0x10 [ 151.260554][ T6576] ? lru_gen_update_size+0x431/0xe40 [ 151.260611][ T6576] ? lru_gen_del_folio+0x382/0x5f0 [ 151.260660][ T6576] reclaim_pages+0x428/0x5e0 [ 151.260716][ T6576] ? __pfx_reclaim_pages+0x10/0x10 [ 151.260764][ T6576] ? madvise_cold_or_pageout_pte_range+0x2247/0x2720 [ 151.260812][ T6576] ? folio_isolate_lru+0xd5/0xaa0 [ 151.260870][ T6576] madvise_cold_or_pageout_pte_range+0x14e2/0x2720 [ 151.260927][ T6576] ? bpf_ksym_find+0x124/0x1c0 [ 151.260971][ T6576] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 151.261018][ T6576] ? kernel_text_address+0x8d/0x100 [ 151.261069][ T6576] ? __kernel_text_address+0xd/0x30 [ 151.261121][ T6576] ? css_rstat_updated+0x1ce/0x5a0 [ 151.261163][ T6576] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 151.261209][ T6576] walk_pgd_range+0xc04/0x1eb0 [ 151.261290][ T6576] ? __pfx_walk_pgd_range+0x10/0x10 [ 151.261348][ T6576] ? folios_put_refs+0x66d/0x840 [ 151.261407][ T6576] __walk_page_range+0x163/0x820 [ 151.261483][ T6576] walk_page_range_vma_unsafe+0x209/0x8f0 [ 151.261557][ T6576] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 151.261624][ T6576] ? find_held_lock+0x2b/0x80 [ 151.261658][ T6576] ? mlock_drain_local+0x254/0x4e0 [ 151.261710][ T6576] ? mlock_drain_local+0x254/0x4e0 [ 151.261769][ T6576] walk_page_range_vma+0x63/0x90 [ 151.261830][ T6576] madvise_pageout+0x259/0x540 [ 151.261870][ T6576] ? __pfx_madvise_pageout+0x10/0x10 [ 151.261939][ T6576] madvise_vma_behavior+0x3e6/0x3050 [ 151.261989][ T6576] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 151.262032][ T6576] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 151.262098][ T6576] ? mas_prev+0x9b/0xf0 [ 151.262150][ T6576] ? __pfx_mas_prev+0x10/0x10 [ 151.262213][ T6576] ? find_vma_prev+0xd8/0x150 [ 151.262249][ T6576] ? futex_unqueue+0x133/0x2c0 [ 151.262293][ T6576] ? __pfx_find_vma_prev+0x10/0x10 [ 151.262347][ T6576] ? __futex_wait+0x256/0x300 [ 151.262409][ T6576] madvise_walk_vmas+0x2fe/0xa90 [ 151.262458][ T6576] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 151.262513][ T6576] madvise_do_behavior+0x1ea/0x510 [ 151.262568][ T6576] ? __pfx_madvise_do_behavior+0x10/0x10 [ 151.262612][ T6576] ? down_read+0x13b/0x460 [ 151.262686][ T6576] do_madvise+0x195/0x240 [ 151.262727][ T6576] ? __pfx_do_madvise+0x10/0x10 [ 151.262767][ T6576] ? do_futex+0x192/0x350 [ 151.262819][ T6576] ? __do_sys_capset+0xfb/0x460 [ 151.262871][ T6576] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 151.262924][ T6576] __x64_sys_madvise+0xa9/0x110 [ 151.262966][ T6576] ? lockdep_hardirqs_on+0x78/0x100 [ 151.263014][ T6576] do_syscall_64+0x106/0xf80 [ 151.263062][ T6576] ? clear_bhb_loop+0x40/0x90 [ 151.263106][ T6576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.263142][ T6576] RIP: 0033:0x7efff839c799 [ 151.263170][ T6576] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 151.263203][ T6576] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 151.263236][ T6576] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 151.263258][ T6576] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000 [ 151.263278][ T6576] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 151.263297][ T6576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.263317][ T6576] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 151.263362][ T6576] [ 151.972254][ T6585] capability: warning: `syz.2.170' uses 32-bit capabilities (legacy support in use) [ 152.791044][ T6600] netlink: Unknown conntrack attr (type=257, max=9) [ 152.893952][ T29] audit: type=1326 audit(1773788165.593:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.0.174" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9dae99c799 code=0x0 [ 153.362604][ T6605] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 153.595695][ T6609] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 153.851823][ T6611] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 156.884675][ T6635] netlink: 4 bytes leftover after parsing attributes in process `syz.0.182'. [ 157.129480][ T6636] netlink: 'syz.0.182': attribute type 1 has an invalid length. [ 157.285557][ T6636] netlink: 'syz.0.182': attribute type 6 has an invalid length. [ 157.624401][ T6641] netlink: 504 bytes leftover after parsing attributes in process `syz.3.185'. [ 157.680148][ T6641] netlink: 350 bytes leftover after parsing attributes in process `syz.3.185'. [ 157.968483][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 157.996708][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 158.035809][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 158.066122][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 158.073915][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 158.084571][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 158.197485][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 158.209758][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 158.217364][ T6653] FAULT_INJECTION: forcing a failure. [ 158.217364][ T6653] name failslab, interval 1, probability 0, space 0, times 0 [ 158.272967][ T6650] Dead loop on virtual device ip6_vti0, fix it urgently! [ 158.354278][ T6653] CPU: 1 UID: 0 PID: 6653 Comm: syz.1.190 Not tainted syzkaller #0 PREEMPT(full) [ 158.354347][ T6653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 158.354367][ T6653] Call Trace: [ 158.354377][ T6653] [ 158.354389][ T6653] dump_stack_lvl+0x100/0x190 [ 158.354444][ T6653] should_fail_ex.cold+0x5/0xa [ 158.354486][ T6653] should_failslab+0xc2/0x120 [ 158.354513][ T6653] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 158.354551][ T6653] ? security_file_alloc+0x34/0x2c0 [ 158.354581][ T6653] ? trace_kmem_cache_alloc+0xf3/0x120 [ 158.354612][ T6653] security_file_alloc+0x34/0x2c0 [ 158.354645][ T6653] init_file+0x95/0x480 [ 158.354674][ T6653] alloc_empty_file+0x73/0x1c0 [ 158.354706][ T6653] alloc_file_pseudo+0x13a/0x230 [ 158.354739][ T6653] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 158.354773][ T6653] ? _raw_spin_unlock+0x28/0x50 [ 158.354803][ T6653] ? alloc_fd+0x476/0x790 [ 158.354830][ T6653] __anon_inode_getfile+0xe8/0x280 [ 158.354863][ T6653] __anon_inode_getfd+0x5c/0xe0 [ 158.354895][ T6653] do_inotify_init+0x483/0x5e0 [ 158.354931][ T6653] __x64_sys_inotify_init1+0x30/0x40 [ 158.354966][ T6653] do_syscall_64+0x106/0xf80 [ 158.355000][ T6653] ? clear_bhb_loop+0x40/0x90 [ 158.355030][ T6653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.355055][ T6653] RIP: 0033:0x7f34f4f9c799 [ 158.355075][ T6653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 158.355099][ T6653] RSP: 002b:00007f34f31f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000126 [ 158.355122][ T6653] RAX: ffffffffffffffda RBX: 00007f34f5215fa0 RCX: 00007f34f4f9c799 [ 158.355145][ T6653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0003000000000000 [ 158.355160][ T6653] RBP: 00007f34f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 158.355176][ T6653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.355191][ T6653] R13: 00007f34f5216038 R14: 00007f34f5215fa0 R15: 00007ffc64866ef8 [ 158.355222][ T6653] [ 159.072867][ T6658] futex_wake_op: syz.3.191 tries to shift op by -2048; fix this program [ 160.112950][ T6670] netlink: 25 bytes leftover after parsing attributes in process `syz.1.195'. [ 164.474682][ T6746] netlink: 28 bytes leftover after parsing attributes in process `syz.3.213'. [ 164.547099][ T6746] veth1_macvtap: left promiscuous mode [ 165.143357][ T29] audit: type=1807 audit(1773788177.843:5): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 165.174593][ T29] audit: type=1802 audit(1773788177.863:6): pid=6751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.214" res=0 errno=0 [ 165.253690][ T6760] netlink: 4 bytes leftover after parsing attributes in process `syz.3.215'. [ 165.273368][ T6760] netlink: 25 bytes leftover after parsing attributes in process `syz.3.215'. [ 165.469739][ T6750] ima: policy update failed [ 165.476683][ T29] audit: type=1802 audit(1773788178.173:7): pid=6750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.214" res=0 errno=0 [ 168.372201][ T6816] syz.1.223 uses obsolete (PF_INET,SOCK_PACKET) [ 169.122069][ T6826] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 169.538341][ T6835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.229'. [ 169.575073][ T6835] netlink: 354 bytes leftover after parsing attributes in process `syz.2.229'. [ 169.736467][ T6840] netlink: 5 bytes leftover after parsing attributes in process `syz.0.231'. [ 169.745439][ T6840] netlink: 8 bytes leftover after parsing attributes in process `syz.0.231'. [ 170.100713][ T5843] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 170.804701][ T6858] netlink: 306 bytes leftover after parsing attributes in process `syz.1.235'. [ 173.141611][ T6894] zswap: compressor not available [ 173.155918][ T6904] FAULT_INJECTION: forcing a failure. [ 173.155918][ T6904] name failslab, interval 1, probability 0, space 0, times 0 [ 173.304647][ T6904] CPU: 0 UID: 0 PID: 6904 Comm: syz.3.246 Tainted: G L syzkaller #0 PREEMPT(full) [ 173.304721][ T6904] Tainted: [L]=SOFTLOCKUP [ 173.304733][ T6904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 173.304753][ T6904] Call Trace: [ 173.304765][ T6904] [ 173.304777][ T6904] dump_stack_lvl+0x100/0x190 [ 173.304836][ T6904] should_fail_ex.cold+0x5/0xa [ 173.304877][ T6904] should_failslab+0xc2/0x120 [ 173.304915][ T6904] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 173.304970][ T6904] ? sock_alloc_inode+0x25/0x1c0 [ 173.305007][ T6904] ? __pfx_sock_alloc_inode+0x10/0x10 [ 173.305041][ T6904] sock_alloc_inode+0x25/0x1c0 [ 173.305073][ T6904] alloc_inode+0x68/0x250 [ 173.305116][ T6904] sock_alloc+0x44/0x280 [ 173.305176][ T6904] ? security_socket_create+0x7f/0x250 [ 173.305234][ T6904] sock_create_lite+0x82/0x120 [ 173.305285][ T6904] __netlink_kernel_create+0xbd/0x750 [ 173.305344][ T6904] ? __pfx___netlink_kernel_create+0x10/0x10 [ 173.305411][ T6904] fib_net_init+0x26d/0x3f0 [ 173.305464][ T6904] ? is_module_address+0x69/0xf0 [ 173.305508][ T6904] ? __pfx_fib_net_init+0x10/0x10 [ 173.305558][ T6904] ? timer_init_key+0x150/0x340 [ 173.305594][ T6904] ? __pfx_nl_fib_input+0x10/0x10 [ 173.305649][ T6904] ? devinet_init_net+0x56c/0x8d0 [ 173.305710][ T6904] ? __pfx_fib_net_init+0x10/0x10 [ 173.305759][ T6904] ops_init+0x1e2/0x5f0 [ 173.305814][ T6904] setup_net+0x118/0x3a0 [ 173.305865][ T6904] ? __pfx_setup_net+0x10/0x10 [ 173.305915][ T6904] ? lockdep_init_map_type+0x5c/0x250 [ 173.305963][ T6904] ? mutex_init_lockep+0x110/0x150 [ 173.306018][ T6904] copy_net_ns+0x46f/0x7c0 [ 173.306054][ T6904] create_new_namespaces+0x3ea/0xac0 [ 173.306102][ T6904] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 173.306143][ T6904] ksys_unshare+0x473/0xad0 [ 173.306199][ T6904] ? __pfx_ksys_unshare+0x10/0x10 [ 173.306261][ T6904] __x64_sys_unshare+0x31/0x40 [ 173.306304][ T6904] do_syscall_64+0x106/0xf80 [ 173.306358][ T6904] ? clear_bhb_loop+0x40/0x90 [ 173.306389][ T6904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.306414][ T6904] RIP: 0033:0x7efff839c799 [ 173.306434][ T6904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 173.306458][ T6904] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 173.306481][ T6904] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 173.306522][ T6904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 173.306542][ T6904] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 173.306561][ T6904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.306581][ T6904] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 173.306628][ T6904] [ 174.301161][ T6911] netlink: 8 bytes leftover after parsing attributes in process `syz.1.248'. [ 174.730292][ T6926] futex_wake_op: syz.2.252 tries to shift op by -2048; fix this program [ 174.741877][ T6926] 0x001c00000000-0x100002c00000200 : "" [ 174.748660][ T6926] mtd: partition "" is out of reach -- disabled [ 174.842536][ T6926] ftl_cs: FTL header not found. [ 175.287440][ T6937] netlink: 28 bytes leftover after parsing attributes in process `syz.0.254'. [ 175.636627][ T6937] veth1_macvtap: left promiscuous mode [ 179.095916][ T6978] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 181.666961][ T7006] zswap: compressor not available [ 190.587464][ T7115] netlink: 354 bytes leftover after parsing attributes in process `syz.1.303'. [ 193.578727][ T7152] sp0: Synchronizing with TNC [ 194.407841][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.407930][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.136756][ T7178] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 197.346332][ T5843] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 205.851152][ T7285] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 206.299042][ T5843] block nbd1: Receive control failed (result -32) [ 211.695964][ T7371] futex_wake_op: syz.0.344 tries to shift op by -2048; fix this program [ 211.763599][ T7372] 0x001c00000000-0x100002c00000200 : "" [ 211.780641][ T7372] mtd: partition "" is out of reach -- disabled [ 211.866571][ T7372] ftl_cs: FTL header not found. [ 213.709794][ T7388] delete_channel: no stack [ 215.168687][ T7409] kexec: Could not allocate control_code_buffer [ 215.996749][ T51] Bluetooth: hci4: command 0x1003 tx timeout [ 216.002162][ T5843] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 216.345096][ T7415] delete_channel: no stack [ 217.108982][ T7446] FAULT_INJECTION: forcing a failure. [ 217.108982][ T7446] name failslab, interval 1, probability 0, space 0, times 0 [ 217.109047][ T7446] CPU: 1 UID: 0 PID: 7446 Comm: syz.2.358 Tainted: G L syzkaller #0 PREEMPT(full) [ 217.109083][ T7446] Tainted: [L]=SOFTLOCKUP [ 217.109091][ T7446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 217.109106][ T7446] Call Trace: [ 217.109114][ T7446] [ 217.109122][ T7446] dump_stack_lvl+0x100/0x190 [ 217.109163][ T7446] should_fail_ex.cold+0x5/0xa [ 217.109192][ T7446] should_failslab+0xc2/0x120 [ 217.109217][ T7446] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 217.109256][ T7446] ? sock_alloc_inode+0x25/0x1c0 [ 217.109289][ T7446] ? __pfx_sock_alloc_inode+0x10/0x10 [ 217.109315][ T7446] sock_alloc_inode+0x25/0x1c0 [ 217.109337][ T7446] alloc_inode+0x68/0x250 [ 217.109371][ T7446] sock_alloc+0x44/0x280 [ 217.109408][ T7446] ? security_socket_create+0x7f/0x250 [ 217.109450][ T7446] sock_create_lite+0x82/0x120 [ 217.109496][ T7446] __netlink_kernel_create+0xbd/0x750 [ 217.109539][ T7446] ? __pfx___netlink_kernel_create+0x10/0x10 [ 217.109587][ T7446] fib_net_init+0x26d/0x3f0 [ 217.109623][ T7446] ? is_module_address+0x69/0xf0 [ 217.109655][ T7446] ? __pfx_fib_net_init+0x10/0x10 [ 217.109693][ T7446] ? timer_init_key+0x150/0x340 [ 217.109719][ T7446] ? __pfx_nl_fib_input+0x10/0x10 [ 217.109760][ T7446] ? devinet_init_net+0x56c/0x8d0 [ 217.109808][ T7446] ? __pfx_fib_net_init+0x10/0x10 [ 217.109844][ T7446] ops_init+0x1e2/0x5f0 [ 217.109886][ T7446] setup_net+0x118/0x3a0 [ 217.109924][ T7446] ? __pfx_setup_net+0x10/0x10 [ 217.109960][ T7446] ? lockdep_init_map_type+0x5c/0x250 [ 217.109994][ T7446] ? mutex_init_lockep+0x110/0x150 [ 217.110033][ T7446] copy_net_ns+0x46f/0x7c0 [ 217.110058][ T7446] create_new_namespaces+0x3ea/0xac0 [ 217.110091][ T7446] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 217.110120][ T7446] ksys_unshare+0x473/0xad0 [ 217.110153][ T7446] ? __pfx_ksys_unshare+0x10/0x10 [ 217.110195][ T7446] __x64_sys_unshare+0x31/0x40 [ 217.110226][ T7446] do_syscall_64+0x106/0xf80 [ 217.110260][ T7446] ? clear_bhb_loop+0x40/0x90 [ 217.110297][ T7446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.110323][ T7446] RIP: 0033:0x7ff11159c799 [ 217.110343][ T7446] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 217.110367][ T7446] RSP: 002b:00007ff10f7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 217.110390][ T7446] RAX: ffffffffffffffda RBX: 00007ff111815fa0 RCX: 00007ff11159c799 [ 217.110406][ T7446] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 217.110421][ T7446] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 217.110436][ T7446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.110451][ T7446] R13: 00007ff111816038 R14: 00007ff111815fa0 R15: 00007ffdeb0889e8 [ 217.110482][ T7446] [ 218.576083][ T7453] [U] [ 218.606201][ T7453] [U] [ 218.606247][ T7453] [U] [ 218.606288][ T7453] [U] [ 218.616976][ T7453] [U] [ 218.617041][ T7453] [U] [ 218.617099][ T7453] [U] [ 218.617158][ T7453] [U] [ 219.034724][ T7452] [U] [ 220.058001][ T7469] kexec: Could not allocate control_code_buffer [ 221.515699][ T51] Bluetooth: hci4: command 0x1003 tx timeout [ 221.515721][ T5843] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 221.979938][ T7505] FAULT_INJECTION: forcing a failure. [ 221.979938][ T7505] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 222.009767][ T7505] CPU: 0 UID: 0 PID: 7505 Comm: syz.1.373 Tainted: G L syzkaller #0 PREEMPT(full) [ 222.009818][ T7505] Tainted: [L]=SOFTLOCKUP [ 222.009830][ T7505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 222.009849][ T7505] Call Trace: [ 222.009860][ T7505] [ 222.009871][ T7505] dump_stack_lvl+0x100/0x190 [ 222.009927][ T7505] should_fail_ex.cold+0x5/0xa [ 222.009978][ T7505] _copy_from_user+0x2e/0xd0 [ 222.010019][ T7505] snd_pcm_oss_write2+0x1c2/0x400 [ 222.010065][ T7505] ? __pfx_snd_pcm_oss_write2+0x10/0x10 [ 222.010116][ T7505] snd_pcm_oss_write+0x729/0xa30 [ 222.010168][ T7505] ? security_file_permission+0x76/0x210 [ 222.010217][ T7505] vfs_write+0x2aa/0x1070 [ 222.010251][ T7505] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 222.010296][ T7505] ? __pfx_vfs_write+0x10/0x10 [ 222.010325][ T7505] ? find_held_lock+0x2b/0x80 [ 222.010357][ T7505] ? __fget_files+0x215/0x3d0 [ 222.010388][ T7505] ? __fget_files+0x215/0x3d0 [ 222.010425][ T7505] ? __fget_files+0x21f/0x3d0 [ 222.010470][ T7505] ksys_write+0x12a/0x250 [ 222.010502][ T7505] ? __pfx_ksys_write+0x10/0x10 [ 222.010547][ T7505] do_syscall_64+0x106/0xf80 [ 222.010593][ T7505] ? clear_bhb_loop+0x40/0x90 [ 222.010635][ T7505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.010674][ T7505] RIP: 0033:0x7f34f4f9c799 [ 222.010702][ T7505] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 222.010735][ T7505] RSP: 002b:00007f34f31d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 222.010768][ T7505] RAX: ffffffffffffffda RBX: 00007f34f5216090 RCX: 00007f34f4f9c799 [ 222.010791][ T7505] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 222.010811][ T7505] RBP: 00007f34f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 222.010832][ T7505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.010852][ T7505] R13: 00007f34f5216128 R14: 00007f34f5216090 R15: 00007ffc64866ef8 [ 222.010898][ T7505] [ 222.468574][ T7513] FAULT_INJECTION: forcing a failure. [ 222.468574][ T7513] name fail_futex, interval 1, probability 0, space 0, times 1 [ 222.487393][ T7513] CPU: 1 UID: 0 PID: 7513 Comm: syz.3.375 Tainted: G L syzkaller #0 PREEMPT(full) [ 222.487444][ T7513] Tainted: [L]=SOFTLOCKUP [ 222.487456][ T7513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 222.487475][ T7513] Call Trace: [ 222.487486][ T7513] [ 222.487498][ T7513] dump_stack_lvl+0x100/0x190 [ 222.487554][ T7513] should_fail_ex.cold+0x5/0xa [ 222.487593][ T7513] get_futex_key+0x295/0x1620 [ 222.487643][ T7513] ? __pfx_get_futex_key+0x10/0x10 [ 222.487689][ T7513] ? kasan_save_track+0x14/0x30 [ 222.487743][ T7513] ? __kasan_kmalloc+0xaa/0xb0 [ 222.487802][ T7513] futex_lock_pi+0x1d3/0x7b0 [ 222.487856][ T7513] ? preempt_schedule_thunk+0x16/0x30 [ 222.487901][ T7513] ? __pfx_futex_lock_pi+0x10/0x10 [ 222.487949][ T7513] ? preempt_schedule_common+0x42/0xc0 [ 222.487997][ T7513] ? preempt_schedule_thunk+0x16/0x30 [ 222.488056][ T7513] ? __pfx_try_to_wake_up+0x10/0x10 [ 222.488111][ T7513] ? futex_private_hash_put+0x107/0x1c0 [ 222.488160][ T7513] ? __pfx_futex_wake_mark+0x10/0x10 [ 222.488221][ T7513] ? __get_user_nocheck_8+0x20/0x20 [ 222.488264][ T7513] ? do_vfs_ioctl+0x226/0x13e0 [ 222.488318][ T7513] do_futex+0x18a/0x350 [ 222.488363][ T7513] ? __pfx_do_futex+0x10/0x10 [ 222.488416][ T7513] ? find_held_lock+0x2b/0x80 [ 222.488455][ T7513] __x64_sys_futex+0x34f/0x4d0 [ 222.488507][ T7513] ? __pfx___x64_sys_futex+0x10/0x10 [ 222.488570][ T7513] do_syscall_64+0x106/0xf80 [ 222.488617][ T7513] ? clear_bhb_loop+0x40/0x90 [ 222.488658][ T7513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.488694][ T7513] RIP: 0033:0x7efff839c799 [ 222.488722][ T7513] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 222.488754][ T7513] RSP: 002b:00007efff65f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 222.488787][ T7513] RAX: ffffffffffffffda RBX: 00007efff8616090 RCX: 00007efff839c799 [ 222.488810][ T7513] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 222.488830][ T7513] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 000000008000fff5 [ 222.488851][ T7513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.488871][ T7513] R13: 00007efff8616128 R14: 00007efff8616090 R15: 00007ffede941228 [ 222.488915][ T7513] [ 225.506947][ T29] audit: type=1804 audit(1773788238.213:8): pid=7546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.380" name="/newroot/99/file0" dev="tmpfs" ino=544 res=1 errno=0 [ 226.308962][ T29] audit: type=1800 audit(1773788239.013:9): pid=7570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.384" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 230.552243][ T7644] netlink: 'syz.1.396': attribute type 2 has an invalid length. [ 230.563659][ T7644] netlink: 'syz.1.396': attribute type 3 has an invalid length. [ 230.594153][ T7644] netlink: 'syz.1.396': attribute type 2 has an invalid length. [ 230.618144][ T7644] netlink: 'syz.1.396': attribute type 3 has an invalid length. [ 230.630048][ T7644] netlink: 30 bytes leftover after parsing attributes in process `syz.1.396'. [ 232.537079][ T7662] netlink: 25 bytes leftover after parsing attributes in process `syz.0.403'. [ 232.781227][ T7665] FAULT_INJECTION: forcing a failure. [ 232.781227][ T7665] name failslab, interval 1, probability 0, space 0, times 0 [ 232.806824][ T7665] CPU: 1 UID: 0 PID: 7665 Comm: syz.2.404 Tainted: G L syzkaller #0 PREEMPT(full) [ 232.806878][ T7665] Tainted: [L]=SOFTLOCKUP [ 232.806889][ T7665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 232.806908][ T7665] Call Trace: [ 232.806919][ T7665] [ 232.806931][ T7665] dump_stack_lvl+0x100/0x190 [ 232.806988][ T7665] should_fail_ex.cold+0x5/0xa [ 232.807027][ T7665] ? ops_init+0x77/0x5f0 [ 232.807076][ T7665] should_failslab+0xc2/0x120 [ 232.807112][ T7665] __kmalloc_noprof+0xe0/0x850 [ 232.807164][ T7665] ? __raw_spin_lock_init+0x3a/0x110 [ 232.807230][ T7665] ops_init+0x77/0x5f0 [ 232.807285][ T7665] setup_net+0x118/0x3a0 [ 232.807336][ T7665] ? __pfx_setup_net+0x10/0x10 [ 232.807386][ T7665] ? lockdep_init_map_type+0x5c/0x250 [ 232.807434][ T7665] ? mutex_init_lockep+0x110/0x150 [ 232.807488][ T7665] copy_net_ns+0x46f/0x7c0 [ 232.807524][ T7665] create_new_namespaces+0x3ea/0xac0 [ 232.807574][ T7665] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 232.807614][ T7665] ksys_unshare+0x473/0xad0 [ 232.807661][ T7665] ? __pfx_ksys_unshare+0x10/0x10 [ 232.807722][ T7665] __x64_sys_unshare+0x31/0x40 [ 232.807766][ T7665] do_syscall_64+0x106/0xf80 [ 232.807815][ T7665] ? clear_bhb_loop+0x40/0x90 [ 232.807858][ T7665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.807893][ T7665] RIP: 0033:0x7ff11159c799 [ 232.807922][ T7665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 232.807955][ T7665] RSP: 002b:00007ff10f7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 232.807987][ T7665] RAX: ffffffffffffffda RBX: 00007ff111815fa0 RCX: 00007ff11159c799 [ 232.808009][ T7665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 232.808030][ T7665] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 232.808051][ T7665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.808071][ T7665] R13: 00007ff111816038 R14: 00007ff111815fa0 R15: 00007ffdeb0889e8 [ 232.808116][ T7665] [ 234.133903][ T7693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.411'. [ 234.846160][ T7700] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 236.746634][ T7733] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 238.453368][ T7756] [U] [ 238.456188][ T7756] [U] [ 238.459009][ T7756] [U] [ 238.461787][ T7756] [U] [ 238.506013][ T7756] [U] [ 238.508816][ T7756] [U] [ 238.511578][ T7756] [U] [ 238.514340][ T7756] [U] [ 239.976463][ T7748] [U] [ 243.525245][ T7810] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 244.348475][ T7826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.438'. [ 246.430936][ T7830] kexec: Could not allocate control_code_buffer [ 247.089156][ T7858] netlink: 4 bytes leftover after parsing attributes in process `syz.1.446'. [ 248.119900][ T7869] netlink: 4 bytes leftover after parsing attributes in process `syz.3.449'. [ 248.418561][ T7879] serio: Serial port pty6 [ 248.461345][ T7881] FAULT_INJECTION: forcing a failure. [ 248.461345][ T7881] name failslab, interval 1, probability 0, space 0, times 0 [ 248.492668][ T7881] CPU: 0 UID: 0 PID: 7881 Comm: syz.3.455 Tainted: G L syzkaller #0 PREEMPT(full) [ 248.492720][ T7881] Tainted: [L]=SOFTLOCKUP [ 248.492731][ T7881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 248.492750][ T7881] Call Trace: [ 248.492761][ T7881] [ 248.492773][ T7881] dump_stack_lvl+0x100/0x190 [ 248.492827][ T7881] should_fail_ex.cold+0x5/0xa [ 248.492862][ T7881] ? __alloc_empty_sheaf+0x35/0x50 [ 248.492904][ T7881] should_failslab+0xc2/0x120 [ 248.492937][ T7881] __kmalloc_noprof+0xe0/0x850 [ 248.492993][ T7881] __alloc_empty_sheaf+0x35/0x50 [ 248.493035][ T7881] do_kmem_cache_create+0x49e/0x540 [ 248.493073][ T7881] __kmem_cache_create_args+0x386/0x420 [ 248.493122][ T7881] mon_text_open+0x333/0x510 [ 248.493149][ T7881] ? __pfx_mon_text_open+0x10/0x10 [ 248.493178][ T7881] ? __pfx_mon_text_ctor+0x10/0x10 [ 248.493203][ T7881] ? find_held_lock+0x2b/0x80 [ 248.493241][ T7881] ? __pfx_apparmor_file_open+0x10/0x10 [ 248.493287][ T7881] ? lockdown_is_locked_down+0x3d/0x140 [ 248.493330][ T7881] ? bpf_lsm_locked_down+0x9/0x10 [ 248.493362][ T7881] ? __pfx_mon_text_open+0x10/0x10 [ 248.493385][ T7881] full_proxy_open_regular+0x1b6/0x370 [ 248.493506][ T7881] do_dentry_open+0x6d8/0x1660 [ 248.493543][ T7881] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 248.493600][ T7881] vfs_open+0x82/0x3f0 [ 248.493641][ T7881] path_openat+0x208c/0x31a0 [ 248.493688][ T7881] ? __pfx_path_openat+0x10/0x10 [ 248.493763][ T7881] do_file_open+0x20e/0x430 [ 248.493800][ T7881] ? __pfx_do_file_open+0x10/0x10 [ 248.493861][ T7881] ? alloc_fd+0x476/0x790 [ 248.493898][ T7881] ? do_getname+0x191/0x390 [ 248.493942][ T7881] do_sys_openat2+0x10d/0x1e0 [ 248.493987][ T7881] ? __pfx_do_sys_openat2+0x10/0x10 [ 248.494032][ T7881] ? __sys_sendmsg+0x18f/0x220 [ 248.494085][ T7881] __x64_sys_openat+0x12d/0x210 [ 248.494131][ T7881] ? __pfx___x64_sys_openat+0x10/0x10 [ 248.494195][ T7881] do_syscall_64+0x106/0xf80 [ 248.494242][ T7881] ? clear_bhb_loop+0x40/0x90 [ 248.494311][ T7881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.494347][ T7881] RIP: 0033:0x7efff839c799 [ 248.494373][ T7881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 248.494399][ T7881] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 248.494440][ T7881] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 248.494463][ T7881] RDX: 0000000000022202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 248.494484][ T7881] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 248.494504][ T7881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.494523][ T7881] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 248.494570][ T7881] [ 248.776932][ T7881] __kmem_cache_create_args(mon_text_ffff88802bac5400) failed with error -12 [ 248.788251][ T7881] CPU: 0 UID: 0 PID: 7881 Comm: syz.3.455 Tainted: G L syzkaller #0 PREEMPT(full) [ 248.788307][ T7881] Tainted: [L]=SOFTLOCKUP [ 248.788320][ T7881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 248.788340][ T7881] Call Trace: [ 248.788351][ T7881] [ 248.788363][ T7881] dump_stack_lvl+0x100/0x190 [ 248.788422][ T7881] __kmem_cache_create_args.cold+0x33/0x6e [ 248.788481][ T7881] mon_text_open+0x333/0x510 [ 248.788515][ T7881] ? __pfx_mon_text_open+0x10/0x10 [ 248.788553][ T7881] ? __pfx_mon_text_ctor+0x10/0x10 [ 248.788585][ T7881] ? find_held_lock+0x2b/0x80 [ 248.788618][ T7881] ? __pfx_apparmor_file_open+0x10/0x10 [ 248.788674][ T7881] ? lockdown_is_locked_down+0x3d/0x140 [ 248.788725][ T7881] ? bpf_lsm_locked_down+0x9/0x10 [ 248.788766][ T7881] ? __pfx_mon_text_open+0x10/0x10 [ 248.788795][ T7881] full_proxy_open_regular+0x1b6/0x370 [ 248.788853][ T7881] do_dentry_open+0x6d8/0x1660 [ 248.788886][ T7881] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 248.788950][ T7881] vfs_open+0x82/0x3f0 [ 248.788997][ T7881] path_openat+0x208c/0x31a0 [ 248.789046][ T7881] ? __pfx_path_openat+0x10/0x10 [ 248.789099][ T7881] do_file_open+0x20e/0x430 [ 248.789138][ T7881] ? __pfx_do_file_open+0x10/0x10 [ 248.789206][ T7881] ? alloc_fd+0x476/0x790 [ 248.789253][ T7881] ? do_getname+0x191/0x390 [ 248.789301][ T7881] do_sys_openat2+0x10d/0x1e0 [ 248.789349][ T7881] ? __pfx_do_sys_openat2+0x10/0x10 [ 248.789399][ T7881] ? __sys_sendmsg+0x18f/0x220 [ 248.789457][ T7881] __x64_sys_openat+0x12d/0x210 [ 248.789505][ T7881] ? __pfx___x64_sys_openat+0x10/0x10 [ 248.789570][ T7881] do_syscall_64+0x106/0xf80 [ 248.789619][ T7881] ? clear_bhb_loop+0x40/0x90 [ 248.789662][ T7881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.789696][ T7881] RIP: 0033:0x7efff839c799 [ 248.789723][ T7881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 248.789757][ T7881] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 248.789788][ T7881] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 248.789811][ T7881] RDX: 0000000000022202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 248.789832][ T7881] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 248.789852][ T7881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.789872][ T7881] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 248.789917][ T7881] [ 251.383977][ T7899] kexec: Could not allocate control_code_buffer [ 251.459512][ T7918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.460'. [ 252.080686][ T7925] netlink: 4 bytes leftover after parsing attributes in process `syz.3.463'. [ 253.272093][ T7932] ptp ptp0: new virtual clock ptp1 [ 253.405909][ T7932] ptp ptp0: new virtual clock ptp2 [ 253.513262][ T7932] ptp ptp0: new virtual clock ptp3 [ 253.522835][ T7932] ptp ptp0: guarantee physical clock free running [ 253.786875][ T7945] binder: 7944:7945 ioctl c018620c 200000000040 returned -22 [ 254.288913][ T7954] kAFS: Invalid Command on /proc/fs/afs/cells file [ 255.541392][ T7968] ecryptfs_miscdev_write: Invalid packet size [192] [ 255.698262][ T7975] sd 0:0:1:0: PR command failed: 1026 [ 255.703787][ T7975] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 255.745842][ T7975] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 255.851479][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.858073][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.203540][ T8010] Process accounting resumed [ 258.704962][ T8012] netlink: 4 bytes leftover after parsing attributes in process `syz.1.486'. [ 258.788187][ T8012] netlink: 25 bytes leftover after parsing attributes in process `syz.1.486'. [ 259.018702][ T8018] netlink: 17 bytes leftover after parsing attributes in process `syz.3.488'. [ 259.348528][ T8020] random: crng reseeded on system resumption [ 259.514464][ T8020] hub 1-0:1.0: USB hub found [ 259.715855][ T8020] hub 1-0:1.0: 1 port detected [ 260.836414][ T8034] netlink: 334 bytes leftover after parsing attributes in process `syz.2.491'. [ 263.106393][ T8055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.494'. [ 273.120141][ T8146] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 273.775671][ T8148] netlink: 4 bytes leftover after parsing attributes in process `syz.1.515'. [ 278.248776][ T8200] random: crng reseeded on system resumption [ 278.404147][ T8200] hub 1-0:1.0: USB hub found [ 278.436496][ T8200] hub 1-0:1.0: 1 port detected [ 279.932368][ T8208] FAULT_INJECTION: forcing a failure. [ 279.932368][ T8208] name failslab, interval 1, probability 0, space 0, times 0 [ 279.945285][ T8208] CPU: 1 UID: 0 PID: 8208 Comm: syz.1.530 Tainted: G L syzkaller #0 PREEMPT(full) [ 279.945340][ T8208] Tainted: [L]=SOFTLOCKUP [ 279.945350][ T8208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 279.945364][ T8208] Call Trace: [ 279.945372][ T8208] [ 279.945382][ T8208] dump_stack_lvl+0x100/0x190 [ 279.945459][ T8208] should_fail_ex.cold+0x5/0xa [ 279.945498][ T8208] should_failslab+0xc2/0x120 [ 279.945535][ T8208] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 279.945589][ T8208] ? security_inode_alloc+0x3b/0x2c0 [ 279.945614][ T8208] ? lockdep_init_map_type+0x5c/0x250 [ 279.945652][ T8208] security_inode_alloc+0x3b/0x2c0 [ 279.945678][ T8208] inode_init_always_gfp+0xced/0x1040 [ 279.945708][ T8208] alloc_inode+0x8e/0x250 [ 279.945741][ T8208] new_inode+0x22/0x1c0 [ 279.945776][ T8208] shmem_get_inode+0x212/0x1040 [ 279.945812][ T8208] ? __pfx_shmem_get_inode+0x10/0x10 [ 279.945844][ T8208] ? rcu_is_watching+0x12/0xc0 [ 279.945887][ T8208] ? percpu_counter_add_batch+0xb9/0x230 [ 279.945925][ T8208] __shmem_file_setup+0x3ac/0x490 [ 279.945961][ T8208] ? __pfx___shmem_file_setup+0x10/0x10 [ 279.946033][ T8208] ? vm_area_alloc+0x1f/0x160 [ 279.946085][ T8208] shmem_zero_setup+0x96/0x1b0 [ 279.946140][ T8208] __mmap_region+0x2198/0x29e0 [ 279.946181][ T8208] ? __pfx___mmap_region+0x10/0x10 [ 279.946234][ T8208] ? __lock_acquire+0x4a5/0x2630 [ 279.946285][ T8208] ? find_held_lock+0x2b/0x80 [ 279.946334][ T8208] ? find_held_lock+0x2b/0x80 [ 279.946363][ T8208] ? finish_task_switch.isra.0+0x200/0xb80 [ 279.946399][ T8208] ? finish_task_switch.isra.0+0x200/0xb80 [ 279.946437][ T8208] ? trace_sched_exit_tp+0x13a/0x180 [ 279.946467][ T8208] ? __schedule+0x1000/0x6120 [ 279.946535][ T8208] ? rcu_is_watching+0x12/0xc0 [ 279.946574][ T8208] ? cap_capable+0x107/0x460 [ 279.946618][ T8208] mmap_region+0x180/0x3e0 [ 279.946660][ T8208] do_mmap+0xc63/0x12f0 [ 279.946693][ T8208] ? __pfx_do_mmap+0x10/0x10 [ 279.946720][ T8208] ? __pfx_down_write_killable+0x10/0x10 [ 279.946766][ T8208] vm_mmap_pgoff+0x29e/0x470 [ 279.946799][ T8208] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 279.946829][ T8208] ? do_futex+0x192/0x350 [ 279.946862][ T8208] ? __pfx_do_futex+0x10/0x10 [ 279.946905][ T8208] ksys_mmap_pgoff+0xe1/0x650 [ 279.946931][ T8208] ? __x64_sys_futex+0x34f/0x4d0 [ 279.946962][ T8208] ? __x64_sys_futex+0x358/0x4d0 [ 279.946996][ T8208] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 279.947023][ T8208] ? xfd_validate_state+0x129/0x190 [ 279.947065][ T8208] __x64_sys_mmap+0x125/0x190 [ 279.947123][ T8208] do_syscall_64+0x106/0xf80 [ 279.947171][ T8208] ? clear_bhb_loop+0x40/0x90 [ 279.947215][ T8208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.947254][ T8208] RIP: 0033:0x7f34f4f9c799 [ 279.947274][ T8208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 279.947297][ T8208] RSP: 002b:00007f34f31b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 279.947320][ T8208] RAX: ffffffffffffffda RBX: 00007f34f5216180 RCX: 00007f34f4f9c799 [ 279.947336][ T8208] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 279.947350][ T8208] RBP: 00007f34f5032c99 R08: fffffffffffffffa R09: 0000000000008000 [ 279.947366][ T8208] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 279.947381][ T8208] R13: 00007f34f5216218 R14: 00007f34f5216180 R15: 00007ffc64866ef8 [ 279.947413][ T8208] [ 281.009174][ T8242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.536'. [ 281.922358][ T8255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.539'. [ 285.185624][ T8280] FAULT_INJECTION: forcing a failure. [ 285.185624][ T8280] name failslab, interval 1, probability 0, space 0, times 0 [ 285.234208][ T8280] CPU: 1 UID: 0 PID: 8280 Comm: syz.3.548 Tainted: G L syzkaller #0 PREEMPT(full) [ 285.234262][ T8280] Tainted: [L]=SOFTLOCKUP [ 285.234272][ T8280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 285.234291][ T8280] Call Trace: [ 285.234301][ T8280] [ 285.234314][ T8280] dump_stack_lvl+0x100/0x190 [ 285.234371][ T8280] should_fail_ex.cold+0x5/0xa [ 285.234409][ T8280] should_failslab+0xc2/0x120 [ 285.234445][ T8280] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 285.234491][ T8280] ? key_alloc+0x3c5/0x1310 [ 285.234526][ T8280] ? rcu_is_watching+0x12/0xc0 [ 285.234593][ T8280] key_alloc+0x3c5/0x1310 [ 285.234644][ T8280] ? trace_kmalloc+0x101/0x130 [ 285.234678][ T8280] ? __pfx_key_alloc+0x10/0x10 [ 285.234728][ T8280] keyring_alloc+0x44/0xc0 [ 285.234776][ T8280] install_session_keyring_to_cred+0x190/0x230 [ 285.234818][ T8280] join_session_keyring+0x1bc/0x350 [ 285.234857][ T8280] lookup_user_key+0xbf9/0x1300 [ 285.234896][ T8280] ? __pfx_lookup_user_key+0x10/0x10 [ 285.234936][ T8280] ? __pfx_futex_wait+0x10/0x10 [ 285.234993][ T8280] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 285.235035][ T8280] ? __pfx_msgctl_down+0x10/0x10 [ 285.235114][ T8280] keyctl_get_persistent+0x197/0x8b0 [ 285.235165][ T8280] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 285.235218][ T8280] ? __x64_sys_futex+0x34f/0x4d0 [ 285.235261][ T8280] ? __x64_sys_futex+0x358/0x4d0 [ 285.235311][ T8280] ? xfd_validate_state+0x129/0x190 [ 285.235371][ T8280] __do_sys_keyctl+0x3b2/0x5a0 [ 285.235406][ T8280] do_syscall_64+0x106/0xf80 [ 285.235452][ T8280] ? clear_bhb_loop+0x40/0x90 [ 285.235495][ T8280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.235531][ T8280] RIP: 0033:0x7efff839c799 [ 285.235559][ T8280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.235598][ T8280] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 285.235630][ T8280] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 285.235652][ T8280] RDX: 7ffffffffffffffd RSI: 0000000000000000 RDI: 0000000000000016 [ 285.235673][ T8280] RBP: 00007efff8432c99 R08: 0004000000000000 R09: 0000000000000000 [ 285.235694][ T8280] R10: 00000000000099a5 R11: 0000000000000246 R12: 0000000000000000 [ 285.235714][ T8280] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 285.235758][ T8280] [ 288.272919][ T8298] Process accounting paused [ 292.351093][ T8362] ptp ptp0: delete virtual clock ptp3 [ 292.367224][ T8362] ptp ptp0: delete virtual clock ptp2 [ 292.395065][ T8362] ptp ptp0: guarantee physical clock free running [ 292.415668][ T8364] ptp ptp0: delete virtual clock ptp1 [ 292.447156][ T8364] ptp ptp0: only physical clock in use now [ 294.602676][ T8383] netlink: 8 bytes leftover after parsing attributes in process `syz.0.568'. [ 295.009665][ T8392] netlink: 28 bytes leftover after parsing attributes in process `syz.0.572'. [ 295.143413][ T8392] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 295.150046][ T8392] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 295.768003][ T8407] netlink: 4 bytes leftover after parsing attributes in process `syz.0.573'. [ 296.353688][ T8412] FAULT_INJECTION: forcing a failure. [ 296.353688][ T8412] name failslab, interval 1, probability 0, space 0, times 0 [ 296.392016][ T8412] CPU: 1 UID: 0 PID: 8412 Comm: syz.3.576 Tainted: G L syzkaller #0 PREEMPT(full) [ 296.392075][ T8412] Tainted: [L]=SOFTLOCKUP [ 296.392087][ T8412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 296.392107][ T8412] Call Trace: [ 296.392126][ T8412] [ 296.392139][ T8412] dump_stack_lvl+0x100/0x190 [ 296.392197][ T8412] should_fail_ex.cold+0x5/0xa [ 296.392237][ T8412] should_failslab+0xc2/0x120 [ 296.392275][ T8412] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 296.392330][ T8412] ? shmem_alloc_inode+0x25/0x50 [ 296.392374][ T8412] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 296.392415][ T8412] shmem_alloc_inode+0x25/0x50 [ 296.392453][ T8412] alloc_inode+0x68/0x250 [ 296.392501][ T8412] new_inode+0x22/0x1c0 [ 296.392551][ T8412] shmem_get_inode+0x212/0x1040 [ 296.392604][ T8412] ? __pfx_shmem_get_inode+0x10/0x10 [ 296.392649][ T8412] ? d_add+0x443/0x850 [ 296.392695][ T8412] ? do_raw_spin_unlock+0x145/0x1e0 [ 296.392757][ T8412] shmem_mknod+0x20c/0x470 [ 296.392807][ T8412] ? __pfx_shmem_mknod+0x10/0x10 [ 296.392850][ T8412] ? bpf_lsm_inode_create+0x9/0x10 [ 296.392907][ T8412] ? __pfx_shmem_create+0x10/0x10 [ 296.392952][ T8412] lookup_open.isra.0+0xc47/0x11b0 [ 296.393015][ T8412] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 296.393073][ T8412] ? __pfx___might_resched+0x10/0x10 [ 296.393135][ T8412] ? mnt_get_write_access+0x52/0x2f0 [ 296.393191][ T8412] ? __pfx_down_write+0x10/0x10 [ 296.393245][ T8412] ? mnt_get_write_access+0x1e9/0x2f0 [ 296.393299][ T8412] path_openat+0x2291/0x31a0 [ 296.393350][ T8412] ? __pfx_path_openat+0x10/0x10 [ 296.393404][ T8412] do_file_open+0x20e/0x430 [ 296.393443][ T8412] ? __pfx_do_file_open+0x10/0x10 [ 296.393512][ T8412] ? alloc_fd+0x476/0x790 [ 296.393550][ T8412] ? do_getname+0x191/0x390 [ 296.393599][ T8412] do_sys_openat2+0x10d/0x1e0 [ 296.393647][ T8412] ? __pfx_do_sys_openat2+0x10/0x10 [ 296.393697][ T8412] ? __fget_files+0x21f/0x3d0 [ 296.393739][ T8412] __x64_sys_openat+0x12d/0x210 [ 296.393788][ T8412] ? __pfx___x64_sys_openat+0x10/0x10 [ 296.393853][ T8412] do_syscall_64+0x106/0xf80 [ 296.393901][ T8412] ? clear_bhb_loop+0x40/0x90 [ 296.393945][ T8412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.393980][ T8412] RIP: 0033:0x7efff839c799 [ 296.394009][ T8412] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 296.394042][ T8412] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 296.394074][ T8412] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 296.394097][ T8412] RDX: 00000000000861c2 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 296.394125][ T8412] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 296.394146][ T8412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.394166][ T8412] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 296.394213][ T8412] [ 296.758150][ T8412] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 296.886718][ T8416] netlink: zone id is out of range [ 296.905996][ T8416] netlink: zone id is out of range [ 296.911246][ T8416] netlink: zone id is out of range [ 296.951476][ T8416] netlink: zone id is out of range [ 296.959542][ T8416] netlink: zone id is out of range [ 296.994340][ T8416] netlink: zone id is out of range [ 296.995636][ T8418] netlink: zone id is out of range [ 297.000330][ T8416] netlink: zone id is out of range [ 298.074272][ T8432] netlink: 28 bytes leftover after parsing attributes in process `syz.1.589'. [ 298.237180][ T8435] ptp ptp0: new virtual clock ptp1 [ 298.245571][ T8435] ptp ptp0: guarantee physical clock free running [ 298.258421][ T8435] ptp ptp0: delete virtual clock ptp1 [ 298.337722][ T8435] ptp ptp0: only physical clock in use now [ 299.519875][ T8438] can: request_module (can-proto-3) failed. [ 301.070282][ T8478] zswap: compressor 000 not available [ 304.307013][ T8533] netlink: 4 bytes leftover after parsing attributes in process `syz.2.599'. [ 305.226083][ T8543] netlink: 28 bytes leftover after parsing attributes in process `syz.2.603'. [ 305.395247][ T8532] can: request_module (can-proto-3) failed. [ 305.405899][ T8543] net_ratelimit: 10 callbacks suppressed [ 305.405927][ T8543] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 305.418192][ T8543] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 306.576734][ T8563] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 306.617781][ T8563] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 307.544304][ T8564] [U] [ 308.249573][ T5843] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 308.473836][ T8580] zswap: compressor G not available [ 312.073442][ T8642] futex_wake_op: syz.1.625 tries to shift op by -2048; fix this program [ 312.107201][ T8642] futex_wake_op: syz.1.625 tries to shift op by -2048; fix this program [ 312.129357][ T8642] 0x000000000001-0x000000020000 : "" [ 312.166630][ T8642] ftl_cs: FTL header corrupt! [ 313.917231][ T8662] FAULT_INJECTION: forcing a failure. [ 313.917231][ T8662] name failslab, interval 1, probability 0, space 0, times 0 [ 314.045618][ T8662] CPU: 1 UID: 0 PID: 8662 Comm: syz.0.628 Tainted: G L syzkaller #0 PREEMPT(full) [ 314.045672][ T8662] Tainted: [L]=SOFTLOCKUP [ 314.045684][ T8662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 314.045708][ T8662] Call Trace: [ 314.045719][ T8662] [ 314.045732][ T8662] dump_stack_lvl+0x100/0x190 [ 314.045789][ T8662] should_fail_ex.cold+0x5/0xa [ 314.045837][ T8662] should_failslab+0xc2/0x120 [ 314.045875][ T8662] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 314.045927][ T8662] ? security_inode_alloc+0x3b/0x2c0 [ 314.045962][ T8662] ? lockdep_init_map_type+0x5c/0x250 [ 314.046016][ T8662] security_inode_alloc+0x3b/0x2c0 [ 314.046053][ T8662] inode_init_always_gfp+0xced/0x1040 [ 314.046090][ T8662] ? __pfx_nfsd_fill_super+0x10/0x10 [ 314.046128][ T8662] alloc_inode+0x8e/0x250 [ 314.046172][ T8662] new_inode+0x22/0x1c0 [ 314.046215][ T8662] ? __pfx_nfsd_fill_super+0x10/0x10 [ 314.046251][ T8662] nfsd_fill_super+0x145/0x560 [ 314.046295][ T8662] ? __pfx_nfsd_fill_super+0x10/0x10 [ 314.046332][ T8662] get_tree_keyed+0x10e/0x1d0 [ 314.046388][ T8662] vfs_get_tree+0x92/0x320 [ 314.046437][ T8662] path_mount+0x7d0/0x23d0 [ 314.046484][ T8662] ? __pfx_path_mount+0x10/0x10 [ 314.046522][ T8662] ? lockdep_hardirqs_on+0x78/0x100 [ 314.046576][ T8662] ? putname+0xb1/0x110 [ 314.046610][ T8662] ? kmem_cache_free+0x124/0x6a0 [ 314.046671][ T8662] ? __x64_sys_mount+0x293/0x310 [ 314.046710][ T8662] __x64_sys_mount+0x293/0x310 [ 314.046753][ T8662] ? __pfx___x64_sys_mount+0x10/0x10 [ 314.046804][ T8662] do_syscall_64+0x106/0xf80 [ 314.046860][ T8662] ? clear_bhb_loop+0x40/0x90 [ 314.046903][ T8662] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.046937][ T8662] RIP: 0033:0x7f9dae99c799 [ 314.046965][ T8662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 314.046997][ T8662] RSP: 002b:00007f9daf8d3028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 314.047036][ T8662] RAX: ffffffffffffffda RBX: 00007f9daec16090 RCX: 00007f9dae99c799 [ 314.047059][ T8662] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000 [ 314.047081][ T8662] RBP: 00007f9daea32c99 R08: 0000000000000000 R09: 0000000000000000 [ 314.047102][ T8662] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 314.047122][ T8662] R13: 00007f9daec16128 R14: 00007f9daec16090 R15: 00007fffc569c6f8 [ 314.047168][ T8662] [ 314.656408][ T8669] netlink: 'syz.2.629': attribute type 2 has an invalid length. [ 315.598785][ T8683] netlink: 28 bytes leftover after parsing attributes in process `syz.3.633'. [ 315.769420][ T8690] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 315.776019][ T8690] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 316.369484][ T8703] netlink: 25 bytes leftover after parsing attributes in process `syz.1.638'. [ 316.670879][ T5843] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 316.686095][ T8705] random: crng reseeded on system resumption [ 317.284086][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.292836][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.569809][ T8738] Process accounting resumed [ 319.528094][ T8750] random: crng reseeded on system resumption [ 319.946966][ T8758] zswap: compressor G not available [ 320.693149][ T8769] [U] [ 321.805596][ T8802] FAULT_INJECTION: forcing a failure. [ 321.805596][ T8802] name fail_futex, interval 1, probability 0, space 0, times 0 [ 321.818509][ T8802] CPU: 1 UID: 0 PID: 8802 Comm: syz.0.660 Tainted: G L syzkaller #0 PREEMPT(full) [ 321.818547][ T8802] Tainted: [L]=SOFTLOCKUP [ 321.818555][ T8802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 321.818569][ T8802] Call Trace: [ 321.818577][ T8802] [ 321.818586][ T8802] dump_stack_lvl+0x100/0x190 [ 321.818628][ T8802] should_fail_ex.cold+0x5/0xa [ 321.818656][ T8802] should_fail_futex+0x4c/0x60 [ 321.818686][ T8802] futex_lock_pi_atomic+0xe7/0xaf0 [ 321.818730][ T8802] futex_lock_pi+0x246/0x7b0 [ 321.818771][ T8802] ? __pfx_futex_lock_pi+0x10/0x10 [ 321.818812][ T8802] ? __pfx___futex_wait+0x10/0x10 [ 321.818877][ T8802] ? __pfx_futex_wake_mark+0x10/0x10 [ 321.818922][ T8802] ? ksys_write+0x190/0x250 [ 321.818944][ T8802] ? ksys_write+0x190/0x250 [ 321.818971][ T8802] do_futex+0x18a/0x350 [ 321.819004][ T8802] ? __pfx_do_futex+0x10/0x10 [ 321.819043][ T8802] __x64_sys_futex+0x34f/0x4d0 [ 321.819080][ T8802] ? __pfx___x64_sys_futex+0x10/0x10 [ 321.819124][ T8802] do_syscall_64+0x106/0xf80 [ 321.819159][ T8802] ? clear_bhb_loop+0x40/0x90 [ 321.819189][ T8802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.819214][ T8802] RIP: 0033:0x7f9dae99c799 [ 321.819236][ T8802] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 321.819259][ T8802] RSP: 002b:00007f9daf8f4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 321.819282][ T8802] RAX: ffffffffffffffda RBX: 00007f9daec15fa0 RCX: 00007f9dae99c799 [ 321.819305][ T8802] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000200000000080 [ 321.819319][ T8802] RBP: 00007f9daea32c99 R08: 0000000000000000 R09: 00000000fffffffa [ 321.819335][ T8802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.819349][ T8802] R13: 00007f9daec16038 R14: 00007f9daec15fa0 R15: 00007fffc569c6f8 [ 321.819380][ T8802] [ 323.663803][ T8816] netlink: 4 bytes leftover after parsing attributes in process `syz.1.664'. [ 323.674748][ T8816] netlink: 'syz.1.664': attribute type 1 has an invalid length. [ 323.683139][ T8816] netlink: 5 bytes leftover after parsing attributes in process `syz.1.664'. [ 323.697389][ T8816] netlink: 'syz.1.664': attribute type 1 has an invalid length. [ 324.789183][ T8836] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 324.814181][ T8836] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 324.904111][ T8836] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 324.958228][ T8836] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 325.689654][ T8821] can: request_module (can-proto-3) failed. [ 326.798078][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 326.876017][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 326.958195][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 327.036300][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 327.100063][ T8857] __vm_enough_memory: pid: 8857, comm: syz.3.674, bytes: 4398046511104 not enough memory for the allocation [ 327.336262][ T8879] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 327.343290][ T8879] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 327.351329][ T8879] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 327.360263][ T8879] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 329.401004][ T8901] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 329.436332][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 329.436353][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 329.442530][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout [ 329.448631][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 329.463618][ T8901] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 333.245971][ T8943] syz.0.695 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 333.389828][ T8947] futex_wake_op: syz.3.697 tries to shift op by -2048; fix this program [ 333.435935][ T8947] futex_wake_op: syz.3.697 tries to shift op by -2048; fix this program [ 333.478852][ T8947] 0x000000000001-0x000000020000 : "" [ 333.545941][ T8947] ftl_cs: FTL header corrupt! [ 335.897539][ T8983] netlink: 9 bytes leftover after parsing attributes in process `syz.2.705'. [ 341.537350][ T9058] ======================================================= [ 341.537350][ T9058] WARNING: The mand mount option has been deprecated and [ 341.537350][ T9058] and is ignored by this kernel. Remove the mand [ 341.537350][ T9058] option from the mount to silence this warning. [ 341.537350][ T9058] ======================================================= [ 343.607136][ T9092] : Can't lookup blockdev [ 345.955506][ T9123] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 345.988929][ T9123] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 348.588705][ T9155] netlink: 25 bytes leftover after parsing attributes in process `syz.1.743'. [ 352.002247][ T9203] mmap: syz.0.760 (9203) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 354.929107][ T9243] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 354.980882][ T9243] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 356.749553][ T9269] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input8 [ 356.804290][ T9273] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 356.833846][ T9273] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 359.272025][ T9305] tipc: Started in network mode [ 359.277304][ T9305] tipc: Node identity ffffffff, cluster identity 4711 [ 359.336787][ T9305] tipc: Node number set to 4294967295 [ 359.466242][ T9310] netlink: 25 bytes leftover after parsing attributes in process `syz.2.775'. [ 361.517863][ T9340] ptrace attach of "./syz-executor exec"[5833] was attempted by "f[1g\x09p \x5c;𒬀w:Aw@r9VֽZl0;n[_5Nؘ3sg(?n:\x0bC']NU(]%;n;0>{+ȸV\x1b}\x5c4-(Y&;0/VHB^`:zw.$Mut(qi0\x1bcԼ2\x07\x0ak(H?PE>,6?%-\x090\x0av+6maK\x22qIpMT@Lhtb䪞@][R&mN$ߤz\x1b0>| ?UZb^]\x5c']sD*ֿTɹnX{'*Jw &8\x0az݉TcbcKNa[2ڡ;몳gSY>2y?&9AD}Xԡʞ_>m.!\x0a>\x09hQMC:`6t*N Q24ӓMN{\x0a̯Ĩ-lZu\x22Xry*׀jel#SmS\x0a#?i#v&R84Pbd6|\x0c7 F! [)B\x0cYM?L\x1bdZ^'~\x1bcfX(\x075%\x1bE[z\x0aYcc?/HzR-Gebs!͇\x0b\x0973\x07JvTT $pSg~jtiF?w\x1b; QUn;2Q`Ng\x0b'% [ 361.629182][ T9330] __vm_enough_memory: pid: 9330, comm: syz.0.783, bytes: 4398046511104 not enough memory for the allocation [ 361.934723][ T9346] netlink: 17 bytes leftover after parsing attributes in process `syz.1.788'. [ 362.681894][ T9355] : Can't lookup blockdev [ 364.267884][ T9377] netlink: 5 bytes leftover after parsing attributes in process `syz.3.796'. [ 364.285510][ T9377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.796'. [ 365.956137][ T9408] netlink: 4 bytes leftover after parsing attributes in process `syz.2.803'. [ 376.339748][ T9570] netlink: 4 bytes leftover after parsing attributes in process `syz.2.846'. [ 376.363842][ T9570] netlink: 354 bytes leftover after parsing attributes in process `syz.2.846'. [ 377.161482][ T9578] can: request_module (can-proto-5) failed. [ 378.737662][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.744066][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.105125][ T9619] FAULT_INJECTION: forcing a failure. [ 381.105125][ T9619] name failslab, interval 1, probability 0, space 0, times 0 [ 381.289059][ T9619] CPU: 0 UID: 0 PID: 9619 Comm: syz.2.856 Tainted: G L syzkaller #0 PREEMPT(full) [ 381.289105][ T9619] Tainted: [L]=SOFTLOCKUP [ 381.289113][ T9619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 381.289135][ T9619] Call Trace: [ 381.289144][ T9619] [ 381.289153][ T9619] dump_stack_lvl+0x100/0x190 [ 381.289196][ T9619] should_fail_ex.cold+0x5/0xa [ 381.289230][ T9619] should_failslab+0xc2/0x120 [ 381.289256][ T9619] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 381.289296][ T9619] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 381.289328][ T9619] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 381.289352][ T9619] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 381.289378][ T9619] alloc_inode+0x68/0x250 [ 381.289412][ T9619] new_inode+0x22/0x1c0 [ 381.289447][ T9619] hugetlbfs_get_inode+0x313/0x750 [ 381.289477][ T9619] hugetlb_file_setup+0x3cc/0x5b0 [ 381.289531][ T9619] newseg+0xabb/0xed0 [ 381.289648][ T9619] ? __pfx_newseg+0x10/0x10 [ 381.289700][ T9619] ? down_write+0x146/0x1f0 [ 381.289818][ T9619] ? ksys_write+0x190/0x250 [ 381.289841][ T9619] ? ksys_write+0x190/0x250 [ 381.289867][ T9619] ipcget+0xee/0xf50 [ 381.289898][ T9619] ? do_futex+0x192/0x350 [ 381.289931][ T9619] ? __pfx_do_futex+0x10/0x10 [ 381.289968][ T9619] ? __pfx_ipcget+0x10/0x10 [ 381.290007][ T9619] ? __x64_sys_futex+0x34f/0x4d0 [ 381.290038][ T9619] ? __x64_sys_futex+0x358/0x4d0 [ 381.290075][ T9619] __x64_sys_shmget+0x13b/0x1b0 [ 381.290115][ T9619] ? __pfx___x64_sys_shmget+0x10/0x10 [ 381.290156][ T9619] do_syscall_64+0x106/0xf80 [ 381.290216][ T9619] ? clear_bhb_loop+0x40/0x90 [ 381.290248][ T9619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.290274][ T9619] RIP: 0033:0x7ff11159c799 [ 381.290294][ T9619] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 381.290318][ T9619] RSP: 002b:00007ff10f7f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 381.290349][ T9619] RAX: ffffffffffffffda RBX: 00007ff111815fa0 RCX: 00007ff11159c799 [ 381.290365][ T9619] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 381.290380][ T9619] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 381.290395][ T9619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.290410][ T9619] R13: 00007ff111816038 R14: 00007ff111815fa0 R15: 00007ffdeb0889e8 [ 381.290441][ T9619] [ 382.162582][ T9684] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 382.293001][ T9689] netlink: 25 bytes leftover after parsing attributes in process `syz.3.868'. [ 382.309847][ T9690] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 384.941903][ T9728] netlink: 25 bytes leftover after parsing attributes in process `syz.1.878'. [ 385.989542][ T9751] netlink: 28 bytes leftover after parsing attributes in process `syz.1.883'. [ 386.033236][ T9754] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 387.376660][ T9773] netlink: 4 bytes leftover after parsing attributes in process `syz.3.888'. [ 387.387599][ T9773] netlink: 'syz.3.888': attribute type 1 has an invalid length. [ 387.401299][ T9773] netlink: 'syz.3.888': attribute type 6 has an invalid length. [ 387.660831][ T9778] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 387.671107][ T9778] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 388.353785][ T9789] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input10 [ 390.105213][ T9816] netlink: 25 bytes leftover after parsing attributes in process `syz.3.898'. [ 394.475185][ T9857] netlink: 25 bytes leftover after parsing attributes in process `syz.2.910'. [ 396.073005][ T9873] netlink: 4 bytes leftover after parsing attributes in process `syz.2.915'. [ 396.083651][ T9873] netlink: 13 bytes leftover after parsing attributes in process `syz.2.915'. [ 398.677584][ T9920] hub 1-0:1.0: USB hub found [ 398.686304][ T9920] hub 1-0:1.0: 1 port detected [ 400.712484][ T9944] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 402.015886][ T29] audit: type=1800 audit(1773788414.693:10): pid=9984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.947" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 403.628201][T10006] sd 0:0:1:0: PR command failed: 1026 [ 403.633981][T10006] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 403.643287][T10006] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 405.659991][T10037] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 405.736241][T10037] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 409.822233][T10097] netlink: 326 bytes leftover after parsing attributes in process `syz.0.968'. [ 410.602294][T10108] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 Ij[ 415.623480][T10173] FAULT_INJECTION: forcing a failure. [ 415.623480][T10173] name failslab, interval 1, probability 0, space 0, times 0 [ 415.672313][T10173] CPU: 0 UID: 0 PID: 10173 Comm: syz.2.985 Tainted: G L syzkaller #0 PREEMPT(full) [ 415.672371][T10173] Tainted: [L]=SOFTLOCKUP [ 415.672384][T10173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 415.672404][T10173] Call Trace: [ 415.672415][T10173] [ 415.672427][T10173] dump_stack_lvl+0x100/0x190 [ 415.672485][T10173] should_fail_ex.cold+0x5/0xa [ 415.672527][T10173] should_failslab+0xc2/0x120 [ 415.672562][T10173] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 415.672616][T10173] ? security_inode_alloc+0x3b/0x2c0 [ 415.672728][T10173] ? lockdep_init_map_type+0x5c/0x250 [ 415.672783][T10173] security_inode_alloc+0x3b/0x2c0 [ 415.672820][T10173] inode_init_always_gfp+0xced/0x1040 [ 415.672863][T10173] alloc_inode+0x8e/0x250 [ 415.672910][T10173] new_inode+0x22/0x1c0 [ 415.672961][T10173] configfs_new_inode+0x24/0x4a0 [ 415.673020][T10173] configfs_create+0xd9/0x370 [ 415.673087][T10173] configfs_lookup+0x38f/0x780 [ 415.673129][T10173] lookup_open.isra.0+0x631/0x11b0 [ 415.673191][T10173] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 415.673267][T10173] ? mnt_get_write_access+0x1e9/0x2f0 [ 415.673322][T10173] path_openat+0xa98/0x31a0 [ 415.673373][T10173] ? __pfx_path_openat+0x10/0x10 [ 415.673427][T10173] do_file_open+0x20e/0x430 [ 415.673467][T10173] ? __pfx_do_file_open+0x10/0x10 [ 415.673536][T10173] ? alloc_fd+0x476/0x790 [ 415.673575][T10173] ? do_getname+0x191/0x390 [ 415.673622][T10173] do_sys_openat2+0x10d/0x1e0 [ 415.673670][T10173] ? __pfx_do_sys_openat2+0x10/0x10 [ 415.673719][T10173] ? __x64_sys_close_range+0x2d9/0x5d0 [ 415.673774][T10173] __x64_sys_openat+0x12d/0x210 [ 415.673823][T10173] ? __pfx___x64_sys_openat+0x10/0x10 [ 415.673889][T10173] do_syscall_64+0x106/0xf80 [ 415.673938][T10173] ? clear_bhb_loop+0x40/0x90 [ 415.673982][T10173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 415.674017][T10173] RIP: 0033:0x7ff11159c799 [ 415.674046][T10173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 415.674089][T10173] RSP: 002b:00007ff10f7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 415.674123][T10173] RAX: ffffffffffffffda RBX: 00007ff111815fa0 RCX: 00007ff11159c799 [ 415.674146][T10173] RDX: 0000000000109103 RSI: 0000200000001280 RDI: ffffffffffffff9c [ 415.674169][T10173] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 415.674190][T10173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 415.674210][T10173] R13: 00007ff111816038 R14: 00007ff111815fa0 R15: 00007ffdeb0889e8 [ 415.674255][T10173] [ 419.533444][T10217] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 419.620436][T10219] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 421.184496][T10229] netlink: 4 bytes leftover after parsing attributes in process `syz.0.997'. [ 421.240816][T10229] netlink: 354 bytes leftover after parsing attributes in process `syz.0.997'. [ 425.432004][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 427.515467][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 429.610555][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 435.181886][T10375] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1033'. [ 435.192109][T10375] netlink: 'syz.2.1033': attribute type 2 has an invalid length. [ 435.200231][T10375] netlink: 'syz.2.1033': attribute type 3 has an invalid length. [ 435.222318][T10375] netlink: 51505 bytes leftover after parsing attributes in process `syz.2.1033'. [ 437.448342][T10398] loop12: detected capacity change from 0 to 8192 [ 438.838251][T10409] FAULT_INJECTION: forcing a failure. [ 438.838251][T10409] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 438.921615][T10409] CPU: 0 UID: 0 PID: 10409 Comm: syz.2.1043 Tainted: G L syzkaller #0 PREEMPT(full) [ 438.921667][T10409] Tainted: [L]=SOFTLOCKUP [ 438.921679][T10409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 438.921698][T10409] Call Trace: [ 438.921709][T10409] [ 438.921722][T10409] dump_stack_lvl+0x100/0x190 [ 438.921778][T10409] should_fail_ex.cold+0x5/0xa [ 438.921813][T10409] ? prepare_alloc_pages+0x16d/0x5f0 [ 438.921855][T10409] should_fail_alloc_page+0xeb/0x140 [ 438.921894][T10409] prepare_alloc_pages+0x1f0/0x5f0 [ 438.921951][T10409] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 438.922008][T10409] ? lock_acquire+0x1cf/0x380 [ 438.922053][T10409] ? find_held_lock+0x2b/0x80 [ 438.922085][T10409] ? trace_ignore_this_task+0x56/0x100 [ 438.922138][T10409] ? trace_ignore_this_task+0x56/0x100 [ 438.922200][T10409] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 438.922265][T10409] ? __pfx_css_rstat_updated+0x10/0x10 [ 438.922315][T10409] ? lock_acquire+0x1cf/0x380 [ 438.922357][T10409] ? find_held_lock+0x2b/0x80 [ 438.922387][T10409] ? page_table_check_set+0x49a/0xa10 [ 438.922419][T10409] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 438.922479][T10409] ? policy_nodemask+0xed/0x4f0 [ 438.922518][T10409] alloc_pages_mpol+0x1fb/0x550 [ 438.922556][T10409] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 438.922604][T10409] folio_alloc_mpol_noprof+0x36/0x340 [ 438.922651][T10409] vma_alloc_folio_noprof+0xed/0x1d0 [ 438.922694][T10409] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 438.922748][T10409] do_anonymous_page+0xb3a/0x1fb0 [ 438.922811][T10409] __handle_mm_fault+0x1d42/0x2b60 [ 438.922870][T10409] ? __pfx___handle_mm_fault+0x10/0x10 [ 438.922919][T10409] ? pte_offset_map_lock+0x174/0x320 [ 438.922962][T10409] ? find_held_lock+0x2b/0x80 [ 438.923008][T10409] ? follow_page_pte+0x5b3/0x1400 [ 438.923055][T10409] handle_mm_fault+0x36d/0xa20 [ 438.923112][T10409] __get_user_pages+0xf9c/0x34d0 [ 438.923166][T10409] ? __pfx___get_user_pages+0x10/0x10 [ 438.923216][T10409] populate_vma_page_range+0x267/0x3f0 [ 438.923260][T10409] ? __pfx_populate_vma_page_range+0x10/0x10 [ 438.923300][T10409] ? __pfx_find_vma_intersection+0x10/0x10 [ 438.923349][T10409] __mm_populate+0x107/0x3a0 [ 438.923391][T10409] ? __pfx___mm_populate+0x10/0x10 [ 438.923435][T10409] ? up_write+0x406/0x4f0 [ 438.923489][T10409] vm_mmap_pgoff+0x37f/0x470 [ 438.923533][T10409] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 438.923575][T10409] ? do_futex+0x192/0x350 [ 438.923620][T10409] ? __pfx_do_futex+0x10/0x10 [ 438.923661][T10409] ? __pfx_do_sys_openat2+0x10/0x10 [ 438.923713][T10409] ksys_mmap_pgoff+0xe1/0x650 [ 438.923749][T10409] ? __x64_sys_futex+0x34f/0x4d0 [ 438.923791][T10409] ? __x64_sys_futex+0x358/0x4d0 [ 438.923836][T10409] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 438.923873][T10409] ? xfd_validate_state+0x129/0x190 [ 438.923931][T10409] __x64_sys_mmap+0x125/0x190 [ 438.923993][T10409] do_syscall_64+0x106/0xf80 [ 438.924040][T10409] ? clear_bhb_loop+0x40/0x90 [ 438.924082][T10409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.924117][T10409] RIP: 0033:0x7ff11159c799 [ 438.924145][T10409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 438.924176][T10409] RSP: 002b:00007ff10f7d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 438.924205][T10409] RAX: ffffffffffffffda RBX: 00007ff111816090 RCX: 00007ff11159c799 [ 438.924227][T10409] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 438.924247][T10409] RBP: 00007ff111632c99 R08: ffffffffffffffff R09: 0000000000000000 [ 438.924267][T10409] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 438.924287][T10409] R13: 00007ff111816128 R14: 00007ff111816090 R15: 00007ffdeb0889e8 [ 438.924331][T10409] [ 440.160856][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.167411][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 450.362611][T10543] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1069'. [ 450.414961][T10548] netlink: 'syz.2.1069': attribute type 1 has an invalid length. [ 450.503425][T10548] netlink: 51505 bytes leftover after parsing attributes in process `syz.2.1069'. [ 451.628256][T10560] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 452.542310][T10573] random: crng reseeded on system resumption [ 455.109315][T10612] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 455.530623][T10619] netlink: 122 bytes leftover after parsing attributes in process `syz.2.1084'. [ 465.453129][T10706] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 467.900160][T10726] random: crng reseeded on system resumption [ 468.576748][T10740] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1119'. [ 468.621247][T10740] veth0_vlan: entered allmulticast mode [ 470.175237][T10761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1122'. [ 477.447442][T10848] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1143'. [ 477.470114][T10848] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1143'. [ 477.572168][T10842] FAULT_INJECTION: forcing a failure. [ 477.572168][T10842] name failslab, interval 1, probability 0, space 0, times 0 [ 477.595513][T10842] CPU: 0 UID: 0 PID: 10842 Comm: syz.3.1142 Tainted: G L syzkaller #0 PREEMPT(full) [ 477.595566][T10842] Tainted: [L]=SOFTLOCKUP [ 477.595577][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 477.595605][T10842] Call Trace: [ 477.595616][T10842] [ 477.595630][T10842] dump_stack_lvl+0x100/0x190 [ 477.595687][T10842] should_fail_ex.cold+0x5/0xa [ 477.595728][T10842] should_failslab+0xc2/0x120 [ 477.595766][T10842] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 477.595818][T10842] ? __proc_create+0x2cb/0x8c0 [ 477.595883][T10842] __proc_create+0x2cb/0x8c0 [ 477.595940][T10842] ? __pfx___proc_create+0x10/0x10 [ 477.595995][T10842] ? __lock_acquire+0x4a5/0x2630 [ 477.596043][T10842] ? _raw_write_unlock+0x28/0x50 [ 477.596162][T10842] ? proc_register+0x559/0x8a0 [ 477.596201][T10842] proc_create_reg+0x75/0x170 [ 477.596240][T10842] proc_create_data+0x86/0x110 [ 477.596273][T10842] ? __pfx_proc_create_data+0x10/0x10 [ 477.596306][T10842] ? net_generic+0xea/0x2a0 [ 477.596410][T10842] gss_svc_init_net+0x2e7/0x640 [ 477.596455][T10842] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 477.596533][T10842] ? __pfx_rpcsec_gss_init_net+0x10/0x10 [ 477.596613][T10842] ops_init+0x1e2/0x5f0 [ 477.596697][T10842] setup_net+0x118/0x3a0 [ 477.596751][T10842] ? __pfx_setup_net+0x10/0x10 [ 477.596800][T10842] ? lockdep_init_map_type+0x5c/0x250 [ 477.596849][T10842] ? mutex_init_lockep+0x110/0x150 [ 477.596904][T10842] copy_net_ns+0x46f/0x7c0 [ 477.596940][T10842] create_new_namespaces+0x3ea/0xac0 [ 477.596987][T10842] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 477.597031][T10842] ksys_unshare+0x473/0xad0 [ 477.597078][T10842] ? __pfx_ksys_unshare+0x10/0x10 [ 477.597138][T10842] __x64_sys_unshare+0x31/0x40 [ 477.597182][T10842] do_syscall_64+0x106/0xf80 [ 477.597230][T10842] ? clear_bhb_loop+0x40/0x90 [ 477.597270][T10842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.597305][T10842] RIP: 0033:0x7efff839c799 [ 477.597335][T10842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 477.597369][T10842] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 477.597403][T10842] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 477.597426][T10842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 477.597448][T10842] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 477.597469][T10842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.597490][T10842] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 477.597536][T10842] [ 484.364124][T10921] random: crng reseeded on system resumption [ 484.433186][T10921] Restarting kernel threads ... [ 484.451888][T10921] Done restarting kernel threads. [ 485.223633][T10932] FAULT_INJECTION: forcing a failure. [ 485.223633][T10932] name failslab, interval 1, probability 0, space 0, times 0 [ 485.293373][T10932] CPU: 0 UID: 0 PID: 10932 Comm: syz.2.1161 Tainted: G L syzkaller #0 PREEMPT(full) [ 485.293428][T10932] Tainted: [L]=SOFTLOCKUP [ 485.293439][T10932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 485.293461][T10932] Call Trace: [ 485.293471][T10932] [ 485.293495][T10932] dump_stack_lvl+0x100/0x190 [ 485.293552][T10932] should_fail_ex.cold+0x5/0xa [ 485.293591][T10932] should_failslab+0xc2/0x120 [ 485.293627][T10932] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 485.293691][T10932] ? alloc_inode+0x183/0x250 [ 485.293735][T10932] ? stashed_dentry_get+0x10a/0x2c0 [ 485.293772][T10932] ? stashed_dentry_get+0x10a/0x2c0 [ 485.293812][T10932] alloc_inode+0x183/0x250 [ 485.293856][T10932] path_from_stashed+0x25b/0x750 [ 485.293892][T10932] ? do_raw_spin_unlock+0x145/0x1e0 [ 485.293954][T10932] ns_get_path+0x60/0x80 [ 485.293988][T10932] proc_ns_get_link+0x121/0x230 [ 485.294038][T10932] ? __pfx_proc_ns_get_link+0x10/0x10 [ 485.294091][T10932] ? atime_needs_update+0x8b/0x6b0 [ 485.294144][T10932] pick_link+0xd17/0x13c0 [ 485.294193][T10932] ? __pfx_proc_ns_get_link+0x10/0x10 [ 485.294247][T10932] step_into_slowpath+0x9ba/0xf90 [ 485.294306][T10932] ? __pfx_step_into_slowpath+0x10/0x10 [ 485.294357][T10932] ? find_held_lock+0x2b/0x80 [ 485.294404][T10932] path_openat+0xf95/0x31a0 [ 485.294451][T10932] ? __pfx_path_openat+0x10/0x10 [ 485.294510][T10932] do_file_open+0x20e/0x430 [ 485.294548][T10932] ? __pfx_do_file_open+0x10/0x10 [ 485.294609][T10932] ? alloc_fd+0x476/0x790 [ 485.294646][T10932] ? do_getname+0x191/0x390 [ 485.294694][T10932] do_sys_openat2+0x10d/0x1e0 [ 485.294742][T10932] ? __pfx_do_sys_openat2+0x10/0x10 [ 485.294792][T10932] ? __fget_files+0x21f/0x3d0 [ 485.294833][T10932] __x64_sys_openat+0x12d/0x210 [ 485.294880][T10932] ? __pfx___x64_sys_openat+0x10/0x10 [ 485.294942][T10932] do_syscall_64+0x106/0xf80 [ 485.294992][T10932] ? clear_bhb_loop+0x40/0x90 [ 485.295033][T10932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.295067][T10932] RIP: 0033:0x7ff11155cfce [ 485.295096][T10932] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 485.295131][T10932] RSP: 002b:00007ff10f7f5ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 485.295163][T10932] RAX: ffffffffffffffda RBX: 00007ff10f7f66c0 RCX: 00007ff11155cfce [ 485.295186][T10932] RDX: 0000000000000002 RSI: 00007ff10f7f5f90 RDI: ffffffffffffff9c [ 485.295207][T10932] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 485.295229][T10932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 485.295249][T10932] R13: 00007ff111816038 R14: 00007ff111815fa0 R15: 00007ffdeb0889e8 [ 485.295291][T10932] [ 488.451560][T10963] ptp ptp0: new virtual clock ptp1 [ 488.475384][T10963] ptp ptp0: guarantee physical clock free running [ 488.503804][T10963] ptp ptp0: delete virtual clock ptp1 [ 488.590062][T10963] ptp ptp0: only physical clock in use now [ 489.019310][T10978] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 489.057051][T10978] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 501.609457][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.615932][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.263398][T11137] netlink: 122 bytes leftover after parsing attributes in process `syz.1.1206'. [ 506.540470][T11143] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 508.144419][T11167] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input14 [ 512.744841][T11226] zswap: compressor not available [ 515.203843][T11278] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 517.705793][T11300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1248'. [ 517.756072][T11300] netlink: 'syz.1.1248': attribute type 1 has an invalid length. [ 517.785422][T11300] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1248'. [ 519.170658][T11316] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 523.499849][T11375] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 523.552101][T11375] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 527.497960][T11426] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input16 [ 528.027901][T11433] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input17 [ 528.792531][T11448] FAULT_INJECTION: forcing a failure. [ 528.792531][T11448] name failslab, interval 1, probability 0, space 0, times 0 [ 528.945973][T11448] CPU: 1 UID: 0 PID: 11448 Comm: syz.2.1286 Tainted: G L syzkaller #0 PREEMPT(full) [ 528.946027][T11448] Tainted: [L]=SOFTLOCKUP [ 528.946048][T11448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 528.946068][T11448] Call Trace: [ 528.946080][T11448] [ 528.946093][T11448] dump_stack_lvl+0x100/0x190 [ 528.946151][T11448] should_fail_ex.cold+0x5/0xa [ 528.946190][T11448] ? udp_init_sock+0x24e/0x450 [ 528.946308][T11448] should_failslab+0xc2/0x120 [ 528.946345][T11448] __kmalloc_noprof+0xe0/0x850 [ 528.946399][T11448] ? lockdep_init_map_type+0x5c/0x250 [ 528.946453][T11448] udp_init_sock+0x24e/0x450 [ 528.946492][T11448] ? __pfx_udp_init_sock+0x10/0x10 [ 528.946536][T11448] inet_create+0x94c/0x1060 [ 528.946624][T11448] ? inet_create+0x94/0x1060 [ 528.946669][T11448] __sock_create+0x339/0x860 [ 528.946741][T11448] udp_sock_create4+0xa6/0x450 [ 528.946814][T11448] ? __pfx_udp_sock_create4+0x10/0x10 [ 528.946869][T11448] ? lockdep_hardirqs_on+0x78/0x100 [ 528.946920][T11448] ? crng_make_state+0x2b0/0x6c0 [ 528.946985][T11448] rxrpc_open_socket+0x4ef/0x6b0 [ 528.947055][T11448] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 528.947112][T11448] ? rcu_is_watching+0x12/0xc0 [ 528.947173][T11448] rxrpc_lookup_local+0xac7/0x1220 [ 528.947217][T11448] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 528.947257][T11448] ? __local_bh_enable_ip+0x9e/0x120 [ 528.947300][T11448] rxrpc_sendmsg+0x34a/0x680 [ 528.947377][T11448] sock_write_iter+0x524/0x5a0 [ 528.947413][T11448] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 528.947453][T11448] ? __pfx_sock_write_iter+0x10/0x10 [ 528.947504][T11448] ? bpf_lsm_file_permission+0x9/0x10 [ 528.947559][T11448] ? security_file_permission+0x76/0x210 [ 528.947604][T11448] ? rw_verify_area+0xce/0x6d0 [ 528.947658][T11448] vfs_write+0x6ac/0x1070 [ 528.947691][T11448] ? __pfx_sock_write_iter+0x10/0x10 [ 528.947731][T11448] ? __pfx_vfs_write+0x10/0x10 [ 528.947760][T11448] ? find_held_lock+0x2b/0x80 [ 528.947821][T11448] ksys_write+0x1f8/0x250 [ 528.947854][T11448] ? __pfx_ksys_write+0x10/0x10 [ 528.947899][T11448] do_syscall_64+0x106/0xf80 [ 528.947947][T11448] ? clear_bhb_loop+0x40/0x90 [ 528.947990][T11448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.948025][T11448] RIP: 0033:0x7ff11159c799 [ 528.948063][T11448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 528.948095][T11448] RSP: 002b:00007ff10f7d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 528.948127][T11448] RAX: ffffffffffffffda RBX: 00007ff111816090 RCX: 00007ff11159c799 [ 528.948150][T11448] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 528.948171][T11448] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 528.948191][T11448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 528.948210][T11448] R13: 00007ff111816128 R14: 00007ff111816090 R15: 00007ffdeb0889e8 [ 528.948254][T11448] [ 532.558646][T11477] zswap: compressor not available [ 537.825683][T11545] FAULT_INJECTION: forcing a failure. [ 537.825683][T11545] name failslab, interval 1, probability 0, space 0, times 0 [ 537.893520][T11545] CPU: 0 UID: 0 PID: 11545 Comm: syz.3.1307 Tainted: G L syzkaller #0 PREEMPT(full) [ 537.893577][T11545] Tainted: [L]=SOFTLOCKUP [ 537.893590][T11545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 537.893611][T11545] Call Trace: [ 537.893623][T11545] [ 537.893635][T11545] dump_stack_lvl+0x100/0x190 [ 537.893695][T11545] should_fail_ex.cold+0x5/0xa [ 537.893735][T11545] ? udp_init_sock+0x24e/0x450 [ 537.893775][T11545] should_failslab+0xc2/0x120 [ 537.893813][T11545] __kmalloc_noprof+0xe0/0x850 [ 537.893865][T11545] ? lockdep_init_map_type+0x5c/0x250 [ 537.893920][T11545] udp_init_sock+0x24e/0x450 [ 537.893959][T11545] ? __pfx_udp_init_sock+0x10/0x10 [ 537.894004][T11545] inet_create+0x94c/0x1060 [ 537.894043][T11545] ? inet_create+0x94/0x1060 [ 537.894086][T11545] __sock_create+0x339/0x860 [ 537.894132][T11545] udp_sock_create4+0xa6/0x450 [ 537.894183][T11545] ? __pfx_udp_sock_create4+0x10/0x10 [ 537.894250][T11545] ? lockdep_hardirqs_on+0x78/0x100 [ 537.894298][T11545] ? crng_make_state+0x2b0/0x6c0 [ 537.894339][T11545] rxrpc_open_socket+0x4ef/0x6b0 [ 537.894375][T11545] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 537.894433][T11545] ? rcu_is_watching+0x12/0xc0 [ 537.894492][T11545] rxrpc_lookup_local+0xac7/0x1220 [ 537.894536][T11545] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 537.894577][T11545] ? __local_bh_enable_ip+0x9e/0x120 [ 537.894622][T11545] rxrpc_sendmsg+0x34a/0x680 [ 537.894668][T11545] sock_write_iter+0x524/0x5a0 [ 537.894701][T11545] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 537.894741][T11545] ? __pfx_sock_write_iter+0x10/0x10 [ 537.894792][T11545] ? bpf_lsm_file_permission+0x9/0x10 [ 537.894849][T11545] ? security_file_permission+0x76/0x210 [ 537.894893][T11545] ? rw_verify_area+0xce/0x6d0 [ 537.894948][T11545] vfs_write+0x6ac/0x1070 [ 537.894982][T11545] ? __pfx_sock_write_iter+0x10/0x10 [ 537.895022][T11545] ? __pfx_vfs_write+0x10/0x10 [ 537.895051][T11545] ? find_held_lock+0x2b/0x80 [ 537.895109][T11545] ksys_write+0x1f8/0x250 [ 537.895142][T11545] ? __pfx_ksys_write+0x10/0x10 [ 537.895194][T11545] do_syscall_64+0x106/0xf80 [ 537.895243][T11545] ? clear_bhb_loop+0x40/0x90 [ 537.895290][T11545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.895323][T11545] RIP: 0033:0x7efff839c799 [ 537.895350][T11545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 537.895384][T11545] RSP: 002b:00007efff65f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 537.895417][T11545] RAX: ffffffffffffffda RBX: 00007efff8616090 RCX: 00007efff839c799 [ 537.895438][T11545] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 537.895459][T11545] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 537.895479][T11545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 537.895499][T11545] R13: 00007efff8616128 R14: 00007efff8616090 R15: 00007ffede941228 [ 537.895543][T11545] [ 543.714342][T11600] netlink: 306 bytes leftover after parsing attributes in process `syz.0.1327'. [ 544.797749][T11617] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1330'. [ 548.553571][ T51] Bluetooth: hci2: unexpected event 0x0e length: 440 > 260 [ 548.554795][ T51] Bluetooth: hci2: unexpected event for opcode 0x0f00 [ 552.558316][ T51] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 552.569103][ T51] Bluetooth: hci2: Injecting HCI hardware error event [ 552.579445][ T5843] Bluetooth: hci2: hardware error 0x00 [ 554.635412][ T5843] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 555.301068][T11726] random: crng reseeded on system resumption [ 557.359900][T11753] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1367'. [ 557.651640][T11755] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input18 [ 560.409899][T11786] zswap: compressor not available [ 562.951341][T11835] vivid-007: ================= START STATUS ================= [ 562.961194][T11835] vivid-007: Generate PTS: true [ 562.969170][T11835] vivid-007: Generate SCR: true [ 562.976186][T11835] tpg source WxH: 320x240 (Y'CbCr) [ 562.989497][T11835] tpg field: 1 [ 562.999711][T11835] tpg crop: (0,0)/320x240 [ 563.004480][T11835] tpg compose: (0,0)/320x240 [ 563.009905][T11835] tpg colorspace: 8 [ 563.013892][T11835] tpg transfer function: 0/0 [ 563.019995][T11835] tpg Y'CbCr encoding: 0/0 [ 563.025441][T11835] tpg quantization: 0/0 [ 563.034739][T11835] tpg RGB range: 0/2 [ 563.039593][T11835] vivid-007: ================== END STATUS ================== [ 563.119211][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.125689][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.457666][T11849] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1390'. [ 565.468656][T11849] netlink: 'syz.0.1390': attribute type 1 has an invalid length. [ 565.476587][T11849] netlink: 'syz.0.1390': attribute type 6 has an invalid length. [ 566.830702][T11871] Invalid ELF header magic: != ELF [ 574.349777][ T29] audit: type=1800 audit(4294979759.330:11): pid=11938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1414" name="dbroot" dev="configfs" ino=117615 res=0 errno=0 [ 575.560697][T11954] FAULT_INJECTION: forcing a failure. [ 575.560697][T11954] name failslab, interval 1, probability 0, space 0, times 0 [ 575.623521][T11954] CPU: 0 UID: 0 PID: 11954 Comm: syz.3.1420 Tainted: G L syzkaller #0 PREEMPT(full) [ 575.623581][T11954] Tainted: [L]=SOFTLOCKUP [ 575.623593][T11954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 575.623616][T11954] Call Trace: [ 575.623628][T11954] [ 575.623642][T11954] dump_stack_lvl+0x100/0x190 [ 575.623704][T11954] should_fail_ex.cold+0x5/0xa [ 575.623746][T11954] should_failslab+0xc2/0x120 [ 575.623784][T11954] __kmalloc_cache_node_noprof+0x7d/0x770 [ 575.623844][T11954] ? bdi_alloc+0x44/0x140 [ 575.623889][T11954] bdi_alloc+0x44/0x140 [ 575.623925][T11954] __alloc_disk_node+0xac/0x6b0 [ 575.624049][T11954] __blk_alloc_disk+0xd2/0x170 [ 575.624086][T11954] ? __pfx___blk_alloc_disk+0x10/0x10 [ 575.624158][T11954] ? __pfx_idr_alloc+0x10/0x10 [ 575.624262][T11954] ? lockdep_init_map_type+0x5c/0x250 [ 575.624311][T11954] ? __raw_spin_lock_init+0x3a/0x110 [ 575.624369][T11954] ? __pfx_hot_add_show+0x10/0x10 [ 575.624445][T11954] zram_add+0x1bf/0x610 [ 575.624492][T11954] ? __pfx_zram_add+0x10/0x10 [ 575.624567][T11954] ? find_held_lock+0x2b/0x80 [ 575.624599][T11954] ? sysfs_file_kobj+0xe4/0x290 [ 575.624649][T11954] ? __pfx_hot_add_show+0x10/0x10 [ 575.624696][T11954] hot_add_show+0x21/0x80 [ 575.624742][T11954] class_attr_show+0x72/0xa0 [ 575.624808][T11954] ? __pfx_class_attr_show+0x10/0x10 [ 575.624846][T11954] sysfs_kf_seq_show+0x217/0x3a0 [ 575.624899][T11954] seq_read_iter+0x32f/0x1270 [ 575.624975][T11954] kernfs_fop_read_iter+0x46c/0x610 [ 575.625017][T11954] ? rw_verify_area+0xce/0x6d0 [ 575.625069][T11954] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 575.625122][T11954] vfs_read+0x825/0xb30 [ 575.625185][T11954] ? __pfx_vfs_read+0x10/0x10 [ 575.625274][T11954] ksys_read+0x12a/0x250 [ 575.625303][T11954] ? __pfx_ksys_read+0x10/0x10 [ 575.625345][T11954] do_syscall_64+0x106/0xf80 [ 575.625394][T11954] ? clear_bhb_loop+0x40/0x90 [ 575.625438][T11954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.625475][T11954] RIP: 0033:0x7efff839c799 [ 575.625505][T11954] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 575.625538][T11954] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 575.625572][T11954] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 575.625595][T11954] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000007 [ 575.625616][T11954] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 575.625637][T11954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.625656][T11954] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 575.625700][T11954] [ 576.134994][T11954] zram: Error allocating disk structure for device 1 [ 579.628250][T12012] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 582.653176][T12047] vivid-007: ================= START STATUS ================= [ 582.702964][T12047] vivid-007: Generate PTS: true [ 582.713014][T12047] vivid-007: Generate SCR: true [ 582.790324][T12047] tpg source WxH: 320x240 (Y'CbCr) [ 582.818887][T12047] tpg field: 1 [ 582.841275][T12047] tpg crop: (0,0)/320x240 [ 582.876487][T12047] tpg compose: (0,0)/320x240 [ 582.897288][T12047] tpg colorspace: 8 [ 582.912099][T12047] tpg transfer function: 0/0 [ 582.923226][T12047] tpg Y'CbCr encoding: 0/0 [ 582.944001][T12047] tpg quantization: 0/0 [ 583.088598][T12047] tpg RGB range: 0/2 [ 583.092537][T12047] vivid-007: ================== END STATUS ================== [ 584.527190][T12073] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1446'. [ 584.852158][T12080] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input20 [ 585.639235][ T35] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.161956][T12134] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 588.194661][T12134] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 588.201969][T12134] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 590.235389][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 590.235432][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 590.235901][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 593.794523][T12201] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 593.801749][T12201] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 593.887282][T12201] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 595.276567][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 595.955464][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 595.963795][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 598.382933][T12251] can: request_module (can-proto-5) failed. [ 598.558619][T12251] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1490'. [ 600.853482][ T29] audit: type=1804 audit(4294980812.836:12): pid=12288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1497" name="/newroot/375/file0" dev="tmpfs" ino=1980 res=1 errno=0 [ 600.910220][ T29] audit: type=1804 audit(4294980812.836:13): pid=12290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1497" name="/newroot/375/file0" dev="tmpfs" ino=1980 res=1 errno=0 [ 601.968507][T12305] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1501'. [ 606.346260][T12353] can0: slcan on ttyS2. [ 606.537303][T12354] can0 (unregistered): slcan off ttyS2. [ 608.058661][T12381] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input21 [ 615.554656][T12447] hugetlbfs: syz.2.1526 (12447): Using mlock ulimits for SHM_HUGETLB is obsolete [ 615.976334][ T29] audit: type=1804 audit(4294980827.966:14): pid=12458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1531" name="/newroot/333/file0" dev="tmpfs" ino=1766 res=1 errno=0 [ 616.049105][ T29] audit: type=1804 audit(4294980827.986:15): pid=12462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1531" name="/newroot/333/file0" dev="tmpfs" ino=1766 res=1 errno=0 [ 616.404591][T12469] netlink: zone id is out of range [ 616.418202][T12469] netlink: zone id is out of range [ 616.459706][T12469] netlink: zone id is out of range [ 616.504813][T12469] netlink: zone id is out of range [ 616.578165][T12472] netlink: zone id is out of range [ 616.583397][T12472] netlink: zone id is out of range [ 616.595985][T12469] netlink: zone id is out of range [ 616.602889][T12469] netlink: zone id is out of range [ 616.625449][T12472] netlink: zone id is out of range [ 616.630971][T12472] netlink: zone id is out of range [ 617.590346][T12496] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input22 [ 618.760084][T12517] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input23 [ 621.614246][T12550] zswap: compressor not available [ 623.745820][ T5838] Bluetooth: hci3: unexpected event 0x32 length: 727 > 9 [ 624.482629][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.496291][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.146033][T12602] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 625.205698][T12602] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 629.289525][ T5838] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9 [ 630.246878][T12644] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1575'. [ 630.350543][T12644] veth0_macvtap: left promiscuous mode [ 630.389463][T12644] macvtap0: entered promiscuous mode [ 630.395015][T12644] macvtap0: entered allmulticast mode [ 631.528663][T12656] futex_wake_op: syz.2.1577 tries to shift op by -2048; fix this program [ 633.761891][ T5838] Bluetooth: hci1: unexpected event 0x32 length: 727 > 9 [ 635.264853][T12702] netlink: 122 bytes leftover after parsing attributes in process `syz.1.1590'. [ 636.486530][T12721] Invalid ELF header magic: != ELF [ 639.889663][T12749] can: request_module (can-proto-5) failed. [ 640.073470][T12749] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1600'. [ 641.196654][T12775] can: request_module (can-proto-5) failed. [ 641.362998][T12775] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1606'. [ 641.937455][T12784] zswap: compressor not available [ 643.742661][T12814] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input24 [ 644.701847][T12832] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 647.133334][T12872] can: request_module (can-proto-5) failed. [ 647.447752][T12872] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1628'. [ 648.735582][T12870] zswap: compressor  not available [ 649.407980][T12902] can: request_module (can-proto-5) failed. [ 650.001388][T12905] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1635'. [ 651.640720][T12927] can: request_module (can-proto-5) failed. [ 651.894108][T12927] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1641'. [ 652.349504][T12930] FAULT_INJECTION: forcing a failure. [ 652.349504][T12930] name failslab, interval 1, probability 0, space 0, times 0 [ 652.429751][T12930] CPU: 0 UID: 0 PID: 12930 Comm: syz.2.1642 Tainted: G L syzkaller #0 PREEMPT(full) [ 652.429816][T12930] Tainted: [L]=SOFTLOCKUP [ 652.429830][T12930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 652.429854][T12930] Call Trace: [ 652.429867][T12930] [ 652.429882][T12930] dump_stack_lvl+0x100/0x190 [ 652.429950][T12930] should_fail_ex.cold+0x5/0xa [ 652.429996][T12930] ? ops_init+0x77/0x5f0 [ 652.430050][T12930] should_failslab+0xc2/0x120 [ 652.430093][T12930] __kmalloc_noprof+0xe0/0x850 [ 652.430170][T12930] ? __raw_spin_lock_init+0x3a/0x110 [ 652.430239][T12930] ops_init+0x77/0x5f0 [ 652.430306][T12930] setup_net+0x118/0x3a0 [ 652.430367][T12930] ? __pfx_setup_net+0x10/0x10 [ 652.430432][T12930] ? lockdep_init_map_type+0x5c/0x250 [ 652.430487][T12930] ? mutex_init_lockep+0x110/0x150 [ 652.430549][T12930] copy_net_ns+0x46f/0x7c0 [ 652.430592][T12930] create_new_namespaces+0x3ea/0xac0 [ 652.430647][T12930] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 652.430695][T12930] ksys_unshare+0x473/0xad0 [ 652.430749][T12930] ? __pfx_ksys_unshare+0x10/0x10 [ 652.430818][T12930] __x64_sys_unshare+0x31/0x40 [ 652.430868][T12930] do_syscall_64+0x106/0xf80 [ 652.430922][T12930] ? clear_bhb_loop+0x40/0x90 [ 652.430971][T12930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.431014][T12930] RIP: 0033:0x7ff11159c799 [ 652.431046][T12930] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 652.431087][T12930] RSP: 002b:00007ff10f7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 652.431126][T12930] RAX: ffffffffffffffda RBX: 00007ff111815fa0 RCX: 00007ff11159c799 [ 652.431152][T12930] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 652.431176][T12930] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 652.431201][T12930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.431225][T12930] R13: 00007ff111816038 R14: 00007ff111815fa0 R15: 00007ffdeb0889e8 [ 652.431277][T12930] [ 653.188603][T12946] can: request_module (can-proto-5) failed. [ 653.614375][T12948] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1645'. [ 656.873869][T12995] zswap: compressor not available [ 658.075164][T13010] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 658.758507][T13017] netlink: 122 bytes leftover after parsing attributes in process `syz.3.1661'. [ 658.891134][T13023] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 660.422424][T13039] can: request_module (can-proto-5) failed. [ 660.603576][T13039] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1669'. [ 664.796295][T13098] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 665.143348][T13103] netlink: 122 bytes leftover after parsing attributes in process `syz.2.1681'. [ 665.171951][T13103] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 666.491951][T13111] zswap: compressor not available [ 666.979453][T13117] zswap: compressor not available [ 667.515158][T13137] can: request_module (can-proto-5) failed. [ 669.670006][T13149] zswap: compressor  not available [ 677.729557][T13272] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 677.791436][T13268] can: request_module (can-proto-5) failed. [ 677.830266][T13245] futex_wake_op: syz.1.1721 tries to shift op by -2048; fix this program [ 680.840964][T13315] zswap: compressor not available [ 681.167201][T13319] zswap: compressor not available [ 681.709917][T13346] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input25 [ 682.901931][T13363] can: request_module (can-proto-5) failed. [ 685.060198][T13399] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input26 [ 685.922593][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.929595][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.177079][T13422] can: request_module (can-proto-5) failed. [ 686.495410][T13424] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1765'. [ 689.838422][T13487] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1784'. [ 690.905561][T13502] futex_wake_op: syz.0.1788 tries to shift op by -2048; fix this program [ 690.985437][T13502] futex_wake_op: syz.0.1788 tries to shift op by -2048; fix this program [ 693.510287][T13532] can: request_module (can-proto-5) failed. [ 694.089602][T13548] can: request_module (can-proto-5) failed. [ 697.586188][T13590] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1810'. [ 700.253949][T13615] can: request_module (can-proto-5) failed. [ 700.749315][T13622] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1818'. [ 701.775796][T13640] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input27 [ 702.595572][T13651] ptrace attach of "./syz-executor exec"[5832] was attempted by ""[13651] [ 703.056166][T13657] can: request_module (can-proto-5) failed. [ 703.879556][T13667] zswap: compressor not available [ 706.702022][T13681] futex_wake_op: syz.0.1829 tries to shift op by -2048; fix this program [ 707.269639][T13727] can: request_module (can-proto-5) failed. [ 708.224520][T13747] net_ratelimit: 42 callbacks suppressed [ 708.224551][T13747] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 710.358208][T13770] can: request_module (can-proto-5) failed. [ 710.571072][T13777] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1850'. [ 717.768337][T13906] can: request_module (can-proto-5) failed. [ 721.508961][T13960] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input29 [ 721.648316][T13958] can: request_module (can-proto-5) failed. [ 726.292010][T14020] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input30 [ 727.426147][T14040] FAULT_INJECTION: forcing a failure. [ 727.426147][T14040] name failslab, interval 1, probability 0, space 0, times 0 [ 727.443965][T14040] CPU: 0 UID: 0 PID: 14040 Comm: syz.3.1915 Tainted: G L syzkaller #0 PREEMPT(full) [ 727.444019][T14040] Tainted: [L]=SOFTLOCKUP [ 727.444031][T14040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 727.444051][T14040] Call Trace: [ 727.444061][T14040] [ 727.444074][T14040] dump_stack_lvl+0x100/0x190 [ 727.444130][T14040] should_fail_ex.cold+0x5/0xa [ 727.444168][T14040] should_failslab+0xc2/0x120 [ 727.444205][T14040] __kmalloc_cache_noprof+0x7a/0x6f0 [ 727.444251][T14040] ? percpu_ref_init+0xec/0x3f0 [ 727.444393][T14040] ? __pfx_io_ring_ctx_ref_free+0x10/0x10 [ 727.444440][T14040] percpu_ref_init+0xec/0x3f0 [ 727.444494][T14040] io_uring_setup.cold+0x23b/0x1d79 [ 727.444550][T14040] ? is_valid_madvise+0x34/0xd0 [ 727.444586][T14040] ? __pfx_io_uring_setup+0x10/0x10 [ 727.444667][T14040] ? do_futex+0x192/0x350 [ 727.444723][T14040] ? __pfx_do_futex+0x10/0x10 [ 727.444800][T14040] ? xfd_validate_state+0x129/0x190 [ 727.444867][T14040] __x64_sys_io_uring_setup+0xc2/0x170 [ 727.444919][T14040] do_syscall_64+0x106/0xf80 [ 727.444967][T14040] ? clear_bhb_loop+0x40/0x90 [ 727.445010][T14040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.445047][T14040] RIP: 0033:0x7efff839c799 [ 727.445077][T14040] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 727.445113][T14040] RSP: 002b:00007efff9188028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 727.445147][T14040] RAX: ffffffffffffffda RBX: 00007efff8615fa0 RCX: 00007efff839c799 [ 727.445170][T14040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 727.445190][T14040] RBP: 00007efff8432c99 R08: 0000000000000000 R09: 0000000000000000 [ 727.445209][T14040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.445228][T14040] R13: 00007efff8616038 R14: 00007efff8615fa0 R15: 00007ffede941228 [ 727.445270][T14040] [ 728.284539][T14046] can: request_module (can-proto-5) failed. [ 729.504049][ T29] audit: type=1800 audit(4294994292.525:16): pid=14075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1925" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 729.528777][T14071] can: request_module (can-proto-5) failed. [ 729.729122][T14073] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1924'. [ 731.277709][T14111] zram0: detected capacity change from 0 to 16 [ 731.615443][T14120] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input31 [ 732.355538][T14123] can: request_module (can-proto-5) failed. [ 732.640287][T14129] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1936'. [ 734.646174][T14139] syz.1.1940 (14139) used greatest stack depth: 19672 bytes left [ 736.415509][T14177] can: request_module (can-proto-5) failed. [ 736.575527][T14177] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1951'. [ 738.942541][T14225] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input32 [ 740.014423][T14244] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input33 [ 744.458431][T14289] can: request_module (can-proto-5) failed. [ 744.476325][T14288] Invalid ELF header magic: != ELF [ 744.601257][T14292] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1978'. [ 745.145409][T14299] can: request_module (can-proto-5) failed. [ 745.333341][T14299] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1979'. [ 745.798360][T14311] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1982'. [ 745.809132][T14311] netlink: 'syz.3.1982': attribute type 1 has an invalid length. [ 745.817933][T14311] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1982'. [ 747.370240][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.390747][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 749.337304][T14356] can: request_module (can-proto-5) failed. [ 749.491218][T14356] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1990'. [ 749.831193][T14370] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input36 [ 753.684095][T14405] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input38 [ 755.723942][T14445] Invalid ELF header magic: != ELF [ 759.445395][T14486] can: request_module (can-proto-5) failed. [ 759.554283][T14486] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2030'. [ 761.013382][T14512] can: request_module (can-proto-5) failed. [ 761.022442][T14516] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2037'. [ 761.792947][T14526] Invalid ELF header magic: != ELF [ 765.776234][T14570] can: request_module (can-proto-5) failed. [ 766.006670][T14582] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2049'. [ 771.373979][T14658] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 772.833209][T14678] can: request_module (can-proto-5) failed. [ 773.059341][T14688] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2069'. [ 774.534001][T14710] Invalid ELF header magic: != ELF [ 775.015471][T14716] can: request_module (can-proto-5) failed. [ 775.249297][T14722] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2076'. [ 775.826798][T14726] zswap: compressor not available [ 777.662134][T14764] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2088'. [ 777.697717][T14763] netlink: 354 bytes leftover after parsing attributes in process `syz.1.2088'. [ 778.282522][T14768] can: request_module (can-proto-5) failed. [ 778.416830][T14769] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2089'. [ 781.758302][ T29] audit: type=1326 audit(4295005641.829:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.0.2098" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9dae99c799 code=0x0 [ 786.402473][T14866] futex_wake_op: syz.1.2114 tries to shift op by -2048; fix this program [ 786.485516][T14866] futex_wake_op: syz.1.2114 tries to shift op by -2048; fix this program [ 789.019829][T14905] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2123'. [ 789.034368][T14900] can: request_module (can-proto-5) failed. [ 790.905530][T14934] can: request_module (can-proto-5) failed. [ 791.084645][T14934] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2130'. [ 792.281293][T14960] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 792.687842][T14963] can: request_module (can-proto-5) failed. [ 792.999875][T14963] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2138'. [ 797.709090][T14996] can: request_module (can-proto-5) failed. [ 797.914582][T14996] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2152'. [ 799.139191][T15011] can: request_module (can-proto-5) failed. [ 799.341214][T15012] zswap: compressor not available [ 799.461086][T15011] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2147'. [ 801.198909][T15048] can: request_module (can-proto-5) failed. [ 801.312228][T15048] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2154'. [ 802.764444][T15058] FAULT_INJECTION: forcing a failure. [ 802.764444][T15058] name fail_futex, interval 1, probability 0, space 0, times 0 [ 802.815393][T15058] CPU: 0 UID: 0 PID: 15058 Comm: syz.2.2155 Tainted: G L syzkaller #0 PREEMPT(full) [ 802.815449][T15058] Tainted: [L]=SOFTLOCKUP [ 802.815462][T15058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 802.815484][T15058] Call Trace: [ 802.815494][T15058] [ 802.815509][T15058] dump_stack_lvl+0x100/0x190 [ 802.815566][T15058] should_fail_ex.cold+0x5/0xa [ 802.815600][T15058] get_futex_key+0x1d2/0x1620 [ 802.815639][T15058] ? __pfx_get_futex_key+0x10/0x10 [ 802.815684][T15058] ? find_held_lock+0x2b/0x80 [ 802.815724][T15058] futex_wake+0xea/0x530 [ 802.815772][T15058] ? __mutex_unlock_slowpath+0x15c/0x790 [ 802.815823][T15058] ? __pfx_futex_wake+0x10/0x10 [ 802.815873][T15058] ? find_held_lock+0x2b/0x80 [ 802.815899][T15058] ? __might_fault+0xc5/0x140 [ 802.815944][T15058] do_futex+0x32b/0x350 [ 802.815984][T15058] ? __pfx_do_futex+0x10/0x10 [ 802.816021][T15058] ? snd_pcm_oss_ioctl+0x2b6/0x3720 [ 802.816181][T15058] __x64_sys_futex+0x34f/0x4d0 [ 802.816223][T15058] ? __fget_files+0x21f/0x3d0 [ 802.816251][T15058] ? __pfx___x64_sys_futex+0x10/0x10 [ 802.816302][T15058] do_syscall_64+0x106/0xf80 [ 802.816344][T15058] ? clear_bhb_loop+0x40/0x90 [ 802.816379][T15058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.816409][T15058] RIP: 0033:0x7ff11159c799 [ 802.816434][T15058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 802.816462][T15058] RSP: 002b:00007ff10f7f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 802.816490][T15058] RAX: ffffffffffffffda RBX: 00007ff111815fa8 RCX: 00007ff11159c799 [ 802.816509][T15058] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff111815fac [ 802.816528][T15058] RBP: 00007ff111815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 802.816546][T15058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 802.816563][T15058] R13: 00007ff111816038 R14: 00007ffdeb088900 R15: 00007ffdeb0889e8 [ 802.816599][T15058] [ 804.657603][T15088] ptrace attach of "./syz-executor exec"[5831] was attempted by ""[15088] [ 807.277267][T15112] can: request_module (can-proto-4) failed. [ 808.505967][T15131] can: request_module (can-proto-5) failed. [ 808.642277][T15131] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2168'. [ 808.805015][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.812411][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 811.051116][T15168] Invalid ELF header magic: != ELF [ 811.581500][T15179] can: request_module (can-proto-5) failed. [ 811.799745][T15179] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2179'. [ 812.245290][T15191] can: request_module (can-proto-5) failed. [ 812.503846][T15195] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2182'. [ 812.546833][T15201] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2184'. [ 812.695575][T15197] can: request_module (can-proto-5) failed. [ 814.721367][T15237] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2192'. [ 814.751350][T15235] can: request_module (can-proto-5) failed. [ 815.229995][T15244] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2194'. [ 815.377906][T15242] can: request_module (can-proto-5) failed. [ 821.845476][T15314] can: request_module (can-proto-5) failed. [ 822.144866][T15314] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2212'. [ 822.212506][T15323] Invalid ELF header magic: != ELF [ 822.555354][ T5838] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 823.412402][T15341] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2215'. [ 823.576493][T15339] can: request_module (can-proto-5) failed. [ 827.697048][T15386] can: request_module (can-proto-5) failed. [ 827.709260][T15390] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2225'. [ 827.839764][T15397] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2226'. [ 827.958871][ T5838] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 828.013259][T15394] can: request_module (can-proto-5) failed. [ 828.766945][T15407] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2229'. [ 829.995356][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 831.809450][T15458] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2240'. [ 831.927317][T15456] can: request_module (can-proto-5) failed. [ 832.075271][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 835.377028][T15520] Invalid ELF header magic: != ELF [ 835.701900][T15526] can: request_module (can-proto-5) failed. [ 835.949161][T15526] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2250'. [ 839.141022][T15575] FAULT_INJECTION: forcing a failure. [ 839.141022][T15575] name failslab, interval 1, probability 0, space 0, times 0 [ 839.184860][T15575] CPU: 0 UID: 0 PID: 15575 Comm: syz.2.2259 Tainted: G L syzkaller #0 PREEMPT(full) [ 839.184916][T15575] Tainted: [L]=SOFTLOCKUP [ 839.184928][T15575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 839.184947][T15575] Call Trace: [ 839.184958][T15575] [ 839.184971][T15575] dump_stack_lvl+0x100/0x190 [ 839.185028][T15575] should_fail_ex.cold+0x5/0xa [ 839.185079][T15575] should_failslab+0xc2/0x120 [ 839.185116][T15575] __kmalloc_cache_noprof+0x7a/0x6f0 [ 839.185164][T15575] ? vidtv_psi_pmt_stream_init+0x4e/0x3e0 [ 839.185282][T15575] ? vidtv_psi_pmt_table_init+0x363/0x430 [ 839.185335][T15575] vidtv_psi_pmt_stream_init+0x4e/0x3e0 [ 839.185383][T15575] vidtv_channel_si_init+0x1289/0x18d0 [ 839.185475][T15575] vidtv_mux_init+0x526/0xbf0 [ 839.185533][T15575] vidtv_start_feed+0x33e/0x4c0 [ 839.185571][T15575] ? __pfx_vidtv_start_feed+0x10/0x10 [ 839.185612][T15575] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 839.185659][T15575] ? mark_held_locks+0x40/0x70 [ 839.185710][T15575] ? __pfx_vidtv_start_feed+0x10/0x10 [ 839.185745][T15575] dmx_ts_feed_start_filtering+0xf6/0x220 [ 839.185824][T15575] dvb_dmxdev_start_feed+0x273/0x3f0 [ 839.185913][T15575] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 839.185955][T15575] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 839.185996][T15575] dvb_demux_do_ioctl+0xe64/0x1200 [ 839.186047][T15575] dvb_usercopy+0x167/0x340 [ 839.186113][T15575] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 839.186154][T15575] ? __pfx_dvb_usercopy+0x10/0x10 [ 839.186227][T15575] ? __fget_files+0x21f/0x3d0 [ 839.186270][T15575] dvb_demux_ioctl+0x29/0x40 [ 839.186301][T15575] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 839.186336][T15575] __x64_sys_ioctl+0x18e/0x210 [ 839.186391][T15575] do_syscall_64+0x106/0xf80 [ 839.186440][T15575] ? clear_bhb_loop+0x40/0x90 [ 839.186483][T15575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 839.186518][T15575] RIP: 0033:0x7ff11159c799 [ 839.186547][T15575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 839.186581][T15575] RSP: 002b:00007ff10f7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 839.186615][T15575] RAX: ffffffffffffffda RBX: 00007ff111815fa0 RCX: 00007ff11159c799 [ 839.186637][T15575] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 839.186658][T15575] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 839.186679][T15575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 839.186700][T15575] R13: 00007ff111816038 R14: 00007ff111815fa0 R15: 00007ffdeb0889e8 [ 839.186746][T15575] [ 839.628507][T15575] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 839.641194][T15575] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 839.649927][T15575] CPU: 1 UID: 0 PID: 15575 Comm: syz.2.2259 Tainted: G L syzkaller #0 PREEMPT(full) [ 839.661113][T15575] Tainted: [L]=SOFTLOCKUP [ 839.665580][T15575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 839.675876][T15575] RIP: 0010:vidtv_psi_desc_assign+0x24/0x90 [ 839.681950][T15575] Code: 90 90 90 90 90 90 0f 1f 40 d6 41 54 55 48 89 f5 53 48 89 fb e8 ed 9a db f9 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 75 4c 4c 8b 23 49 39 ec 74 36 e8 c9 9a db f9 4d 85 e4 [ 839.702144][T15575] RSP: 0018:ffffc90004dcfa10 EFLAGS: 00010247 [ 839.708274][T15575] RAX: dffffc0000000000 RBX: 0000000000000005 RCX: ffffc90006d39000 [ 839.716480][T15575] RDX: 0000000000000000 RSI: ffffffff882c7d73 RDI: 0000000000000005 [ 839.724528][T15575] RBP: ffff888029b76740 R08: 0000000000000000 R09: 4453534204050000 [ 839.732553][T15575] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000 [ 839.740852][T15575] R13: ffff88806d1198c0 R14: ffff888032c73ec0 R15: ffff88806d119e00 [ 839.748975][T15575] FS: 00007ff10f7f66c0(0000) GS:ffff88812444a000(0000) knlGS:0000000000000000 [ 839.757969][T15575] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 839.764723][T15575] CR2: 00007f1ee7632d72 CR3: 000000004efe8000 CR4: 00000000003526f0 [ 839.773400][T15575] Call Trace: [ 839.776877][T15575] [ 839.780139][T15575] vidtv_channel_si_init+0x12fc/0x18d0 [ 839.786303][T15575] vidtv_mux_init+0x526/0xbf0 [ 839.791349][T15575] vidtv_start_feed+0x33e/0x4c0 [ 839.797849][T15575] ? __pfx_vidtv_start_feed+0x10/0x10 [ 839.805051][T15575] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 839.812636][T15575] ? mark_held_locks+0x40/0x70 [ 839.817495][T15575] ? __pfx_vidtv_start_feed+0x10/0x10 [ 839.823033][T15575] dmx_ts_feed_start_filtering+0xf6/0x220 [ 839.829490][T15575] dvb_dmxdev_start_feed+0x273/0x3f0 [ 839.835442][T15575] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 839.841165][T15575] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 839.847147][T15575] dvb_demux_do_ioctl+0xe64/0x1200 [ 839.853749][T15575] dvb_usercopy+0x167/0x340 [ 839.859849][T15575] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 839.865479][T15575] ? __pfx_dvb_usercopy+0x10/0x10 [ 839.870974][T15575] ? __fget_files+0x21f/0x3d0 [ 839.876073][T15575] dvb_demux_ioctl+0x29/0x40 [ 839.880841][T15575] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 839.886199][T15575] __x64_sys_ioctl+0x18e/0x210 [ 839.891082][T15575] do_syscall_64+0x106/0xf80 [ 839.895774][T15575] ? clear_bhb_loop+0x40/0x90 [ 839.901060][T15575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 839.907549][T15575] RIP: 0033:0x7ff11159c799 [ 839.912045][T15575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 839.931886][T15575] RSP: 002b:00007ff10f7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 839.940539][T15575] RAX: ffffffffffffffda RBX: 00007ff111815fa0 RCX: 00007ff11159c799 [ 839.948682][T15575] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 839.957167][T15575] RBP: 00007ff111632c99 R08: 0000000000000000 R09: 0000000000000000 [ 839.965758][T15575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 839.974257][T15575] R13: 00007ff111816038 R14: 00007ff111815fa0 R15: 00007ffdeb0889e8 [ 839.983081][T15575] [ 839.986403][T15575] Modules linked in: [ 839.992175][T15575] ---[ end trace 0000000000000000 ]--- [ 840.035927][T15575] RIP: 0010:vidtv_psi_desc_assign+0x24/0x90 [ 840.080399][T15575] Code: 90 90 90 90 90 90 0f 1f 40 d6 41 54 55 48 89 f5 53 48 89 fb e8 ed 9a db f9 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 75 4c 4c 8b 23 49 39 ec 74 36 e8 c9 9a db f9 4d 85 e4 [ 840.132360][T15575] RSP: 0018:ffffc90004dcfa10 EFLAGS: 00010247 [ 840.139958][T15575] RAX: dffffc0000000000 RBX: 0000000000000005 RCX: ffffc90006d39000 [ 840.149316][T15575] RDX: 0000000000000000 RSI: ffffffff882c7d73 RDI: 0000000000000005 [ 840.158100][T15575] RBP: ffff888029b76740 R08: 0000000000000000 R09: 4453534204050000 [ 840.191536][T15575] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000 [ 840.201174][T15575] R13: ffff88806d1198c0 R14: ffff888032c73ec0 R15: ffff88806d119e00 [ 840.224762][T15575] FS: 00007ff10f7f66c0(0000) GS:ffff88812434a000(0000) knlGS:0000000000000000 [ 840.234465][T15575] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 840.242383][T15575] CR2: 00007f34f51e92f8 CR3: 000000004efe8000 CR4: 00000000003526f0 [ 840.252174][T15575] Kernel panic - not syncing: Fatal exception [ 840.259792][T15575] Kernel Offset: disabled [ 840.265555][T15575] Rebooting in 86400 seconds..