last executing test programs: 8m27.068121346s ago: executing program 3 (id=3516): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x1d, 0x2, 0x6) fstatfs$auto(0x3, 0x0) setsockopt$auto(r0, 0x6a, 0x1, 0x0, 0xc) mmap$auto(0x0, 0x5c, 0xdf, 0xeb1, 0x401, 0x100000000008000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r1, 0x0) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (fail_nth: 15) 8m26.444088188s ago: executing program 3 (id=3517): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x306, 0x0) mmap$auto(0x0, 0x200, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd1, 0x0, 0x4) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) socket(0x23, 0x5, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={"273f222be916072938fdd468ec5078136165d68749242efafc1e4adc8323f2d7", 0x8, 0x8000, 0x6, 0x80, 0x7fffffffffffffff, 0xffffffffffffffff}) prctl$auto(0x400002, 0xdafffbfbfffffffc, r2, 0x64c, 0x3) 8m26.210606403s ago: executing program 3 (id=3519): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x40, 0x942, 0x1fee0, 0x3, 0x6, 0xfffffffffffffffe, 0x1ff, 0x5, 0x8005, 0x7, 0xb0, 0x9, 0x5, 0x2000003, 0x8, 0x4, 0x10, 0xb65, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x800, 0x0, 0x0, [0x2, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffffffffffc, 0x0, 0x2d24, 0x9, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffff, 0x9, 0x0, 0x0, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x1fe, 0x82) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty48\x00', 0x40000, 0x0) ioctl$auto_TIOCSWINSZ2(r0, 0x5414, &(0x7f0000000080)="d82acb") r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000080)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (fail_nth: 7) mmap$auto(0x0, 0x400008, 0x4000000df, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x70ed581b) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000100)='./cgroup\x00', 0x42400, 0x482) getdents64$auto(0x0, 0x0, 0x41) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mseal$auto(0x0, 0x7dda, 0x0) 8m25.078123215s ago: executing program 3 (id=3523): ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0) r0 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0xa000, 0x0) r3 = socket(0x2c, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bind$auto(r3, &(0x7f0000000100)=@xdp={0x2c, 0xc, r5, 0x1e}, 0x6b) r6 = fcntl$auto_F_GETOWN(r0, 0x9, 0x7) bpf$auto(0x9, &(0x7f0000000100)=@link_create={@map_fd=r2, @target_ifindex=r5, 0x9, 0x97, @uprobe_multi={0x4, 0x8, 0xf153, 0x3, 0x8, 0x7fffffff, r6}}, 0x8) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x7) r7 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000240), r4) sendmsg$auto_NBD_CMD_STATUS(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x42000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, r7, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0xff}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x8}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x2}]}, 0x34}}, 0x1) readv$auto(r1, &(0x7f0000000080)={0x0, 0x4c786f74}, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(&(0x7f0000000040)={0x1f, @raw, 0x80000029, 0xf5ff, 0x8}, 0x0, 0x7ffffffff000, 0x0) 8m24.995020083s ago: executing program 3 (id=3524): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000080), 0x41180, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x12, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket(0x2c, 0x3, 0x0) bind$auto(r0, &(0x7f0000000080)=@xdp={0x2c, 0xc, 0x0, 0x1c}, 0x6b) setsockopt$auto_SO_BROADCAST(r0, 0x5, 0x6, 0x0, 0x7) r1 = openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x14b881, 0x0) connect$auto(r1, &(0x7f0000000180)=@ax25={0x3, @null, 0x1}, 0x8) r2 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r2, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "01e983638bffff4993021400"}, 0x17) socket(0x18, 0x3, 0x2) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) epoll_create$auto(0x40fb) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0) write$auto(r3, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1000000007e) setresgid$auto(0x81, 0x800000a0, 0x8) setgroups$auto(0x10, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) fcntl$auto(0x0, 0x408, 0x100000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x400, 0x7ff) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/oss/devices\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000000)=""/65, 0x41) 8m23.906185525s ago: executing program 3 (id=3529): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x8, 0x800, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/input/mouse0\x00', 0x800, 0x0) read$auto_mousedev_fops_mousedev(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1d, 0x2, 0x9) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) write$auto(0xffffffffffffffff, 0x0, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(r2, 0x0, 0x800000006) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/fib_multipath_hash_seed\x00', 0x8a042, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r3, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r5) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 8m8.758750534s ago: executing program 32 (id=3529): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x8, 0x800, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/input/mouse0\x00', 0x800, 0x0) read$auto_mousedev_fops_mousedev(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1d, 0x2, 0x9) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) write$auto(0xffffffffffffffff, 0x0, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(r2, 0x0, 0x800000006) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/fib_multipath_hash_seed\x00', 0x8a042, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r3, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r5) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 7.510883319s ago: executing program 1 (id=5179): mmap$auto(0x0, 0x2000a, 0xdf, 0xe31, 0x40000000000a5, 0x8000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) r0 = io_uring_setup$auto(0x9, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0xab42, 0x0) ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x4, 0x0) socket(0xa, 0x1, 0x84) socketpair$auto(0x3, 0x80001, 0x7d, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) socket(0x11, 0xa, 0x300) socket(0xa, 0x2, 0x0) connect$auto(0xffffffffffffffff, &(0x7f00000018c0)=@xdp={0x2c, 0x7, 0x0, 0xf}, 0x55) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80402, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) read$auto_uinput_fops_uinput(r0, &(0x7f0000000200)=""/195, 0xc3) read$auto(0x3, 0x0, 0x80) sendmsg$auto_BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYRES16, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4048004}, 0x24028000) 7.442767894s ago: executing program 2 (id=5180): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) socket(0xa, 0x2, 0x88) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf25150000000500120010000000080027000c000000380b2b80330b248004008080ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b98186d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec9904006d80460a8e80b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed548e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1938f4e799cc0e09beb23791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41"], 0xb5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x48880) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1) capget$auto(0x0, 0xfffffffffffffffe) 7.312010747s ago: executing program 4 (id=5181): socket(0x2, 0x2, 0x0) unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x810007, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f00000002c0)={0x0, 0x8}, 0x6, 0x0, 0xc3, 0x2f) capset$auto(0x0, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/mtd0\x00', 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x0, 0x0) socket(0x2b, 0x1, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x7, 0xa, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x8, 0x7f, 0x101, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x5, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a242, 0x0) ioctl$auto(r1, 0x5646, r1) statmount$auto(0x0, &(0x7f0000000180)={0x6, 0xffffffff, 0xd, 0x9, 0x1, 0x3ff, 0x1ffde, 0x7, 0x401, 0x2, 0x9, 0x1, 0x6, 0x4, 0xb0, 0x9, 0x0, 0xfff8, 0x7f, 0x7, 0x40000, 0x7, 0x2000, 0x0, 0x0, 0x81, 0x0, 0x9, 0x0, 0x0, 0x0, [0x1000000004, 0x0, 0x4, 0x0, 0x0, 0x4, 0x1ff, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x9, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x4, 0x1, 0xfffffffffffffffc, 0x2000000, 0x0, 0x800000000000000, 0x0, 0x0, 0x3, 0x0, 0x9, 0xd, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x4]}, 0x202, 0xd) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) close_range$auto(0x2, 0xffffffffffffffff, 0x2000000) 6.493777685s ago: executing program 1 (id=5184): getsid$auto(0xffffffffffffffff) socket(0x15, 0x5, 0x3) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) r0 = pidfd_open$auto(0x1, 0x0) r1 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r1, 0x65, 0x3, 0x0, 0x4) setns(r0, 0x60020000) madvise$auto(0x800, 0x3, 0x4) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) getsockopt$auto(0xffffffffffffffff, 0x84, 0x24, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x80000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'}) socket(0x1d, 0x2, 0x7) r2 = socket(0x2, 0x1, 0x0) sendmsg$auto_NL80211_CMD_ADD_LINK(r0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000140)={0x1c, 0x0, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_COLOR_CHANGE_COUNT={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40814}, 0x20000090) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x40, 0x801ffdf, 0x1, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x3b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x5, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000]}, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e}, 0x40000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@raw=0x200, 0x20000001, 0x19d1d554, 0x81, "3112d585006b614d19e22af9fff4be6b7fe5e2f94bd90484b0755015e48d00", @raw=0x7ff}, 0x503, 0x5, 0x4, @raw=0x7, @enumerated={0x2, 0x0, "cb0c80699beb33ab05dc27d4bf2a711a4378ba926b660e893ca63be6c004786ceac50991aa4975421eebb8e24b11006a359336cf5c603240dff7022f6bd2af13", 0x3, 0x10001}, "7a9fc199a16a2311eacf2fc7ae1d8778dc618090334fdd73340238d21000debe0eda71bdd709254592b67f9cb5adb17884a16f7ce8cbce0bb32791702b8d7c2d"}) r4 = socket(0x11, 0x80000, 0x9) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x42}, 0x30000) sendmmsg$auto(r4, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x11}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) 6.012382812s ago: executing program 4 (id=5185): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x2c, 0x0, 0x936355e497c8b7e5, 0x70bd24, 0x25dfdbfb, {}, [@ETHTOOL_A_TSINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) 5.83792406s ago: executing program 0 (id=5186): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) write$auto(r0, 0x0, 0x2) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snd/controlC2\x00', 0x400, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) fcntl$auto(0x0, 0x407, 0xffffffff80000000) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) 5.747741639s ago: executing program 1 (id=5187): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) r0 = socket(0x1d, 0x2, 0x6) fstatfs$auto(0x3, 0x0) setsockopt$auto(r0, 0x6a, 0x1, 0x0, 0xc) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xffbffffa) futex$auto(&(0x7f0000000080)=0xfffffffa, 0xc, 0x1, 0x0, 0x0, 0xfffffffa) 5.722085209s ago: executing program 4 (id=5188): r0 = syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x800008000) socket(0x2, 0x1, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) shutdown$auto(0x200000003, 0x1) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = pidfd_open$auto(0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) setresuid$auto(0xd, 0x0, 0x221) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmmsg$auto(r1, 0x0, 0x70000000, 0x81) setns(r1, 0x60020000) getcwd$auto(0x0, 0xffffffffffffffff) mount_setattr$auto(0x5, 0x0, 0x0, 0x0, 0x7ff) socket(0x1a, 0x4, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800008000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40001, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$auto(0x1f, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TCFLSH2(r3, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto(r2, 0x89f2, r2) bind$auto(0x3, 0x0, 0x6a) setrlimit$auto(0x1000000007, 0x0) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xae30, 0x8, 0xfff, 0xffffffffffffffff, 0x2e, 0x7ff}, 0x6f4) ptrace$auto(0x4206, r0, 0x0, 0x200005) waitid$auto_P_ALL(0x0, 0x5, 0x0, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4000, 0x20000043) 4.745106766s ago: executing program 1 (id=5189): syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000140)='/dev/media3\x00', 0x40, 0x0) r0 = openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000b80)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x202, 0x0) readv$auto(r0, &(0x7f00000000c0)={&(0x7f0000000000)="7fdf050d89c0575355055578d7ef6ca46bbfa0cd1e1fd71ce052ebde96b8b46168ec83bdcbf584deaef0445cc7830cca8d5793c1219981f7f6c25ecbad916851c9aa52c3d2306d79a36405dc4edaafc3b8ea464d8d6889cc2cf75f2f4d0f6b50878dc0e7a8676c3ce52d1413ecdfdc70b6536cce328d83a7bdbd0b404a75862871fb40c41082221d75c5165f66d4550969f4650cd8b4a433ec606c8111bae04ef2619a0ef3138cda7b1289c38f", 0x6}, 0x2) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) fchdir$auto(0xffffffffffffffff) mmap$auto(0x0, 0x400005, 0x100000df, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x10000, 0x7, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x200000001000000, 0xfffff7fffffffff7, 0x3ee) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) bpf$auto(0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x9000, 0x8002, 0x2) mprotect$auto(0x0, 0x806121, 0x6) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20443, 0x0) r1 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x100, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) socket(0x10, 0x2, 0x0) 4.730840639s ago: executing program 2 (id=5190): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r0 = openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000004340), 0x0, 0x0) pread64$auto(r0, 0x0, 0x28, 0x10000000000004c0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x0, &(0x7f00000000c0)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x7, 0x4008) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) listmount$auto(&(0x7f0000000080)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x8}, 0x0, 0xf4240, 0x1) 3.614317153s ago: executing program 1 (id=5191): setresuid$auto(0xee01, 0x0, 0x607) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5a) sysfs$auto(0xffffff70, 0x1, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mlock$auto(0xfff, 0xde7f) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x5) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x8, 0x75, 0xeb1, r0, 0x3) getsockopt$auto(0xffffffffffffffff, 0x0, 0x32, 0x0, 0x0) futex$auto(0x0, 0x7, 0x9, 0x0, 0x0, 0x6393) close_range$auto(0x2, 0x8, 0xfffffffe) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) rseq$auto(0x0, 0x8000, 0x0, 0x6) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = io_uring_setup$auto(0x6, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x40e00, 0x0) pread64$auto(r4, 0x0, 0x3, 0x5ef6) msync$auto(0x1ffff000, 0x180000000000101, 0x400000004) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000100)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r3, @ANYRESOCT=r5, @ANYRES64], 0x4c}}, 0x44800) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, r0, 0x8011) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)=0xe) 3.2844103s ago: executing program 0 (id=5192): syz_clone(0x8899b200, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(&(0x7f0000000080), 0x109, 0x0, 0x0, 0x0, 0xfffffffa) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r1 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x2643, 0x0) write$auto(r1, &(0x7f0000000700)='!dev_vhc&\x00', 0x9) read$auto(r0, 0x0, 0x7) setresuid$auto(0x0, 0x0, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x2ec802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000080), 0xffffffffffffffff) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000c00), 0xffffffffffffffff) prctl$auto(0x2008, 0x80000002, 0xffffffffffffffff, 0x4, 0xf9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000000240)="0a8536f517e742db86f4a062fc3fb31000cfdb7a45e4884270ba9285fe301ac26b20847cc1c5142972dd570a76516b24392078b6c705a326d92bdebe0845260c4b8ef57b53ff3bf17e4fe3f52aa888ebd6eff85b8fd3c55b45367babb5d1d90fb6948b1e9a3e39266bcfe16e2f034139800bd490a907aec616517de6432cf6b2855c9d450019f633d19a03ef8e8bbafdfc6f135a2f5ed280d6b88375d3617a9acd91820d8b7077768cb115584742a80479f6c648b8c126189024b68faacb1eed54d06e72b79329dfda6c9f947ab06ede2ba5ef52064a750678d515988e835f358a5559f80006569667db7d455e1d1bb642f25f20bdb066bc", 0xf8) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kfence/parameters/sample_interval\x00', 0x102, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) rt_sigqueueinfo$auto(0x0, 0x9, &(0x7f00000000c0)={@_si_pad}) socket(0x29, 0x2, 0x88) close_range$auto(0x2, 0x8, 0x0) shmget$auto(0x200, 0xfffffffe, 0x7fff) 3.169356254s ago: executing program 4 (id=5193): openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000100), 0x8c000, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) getxattrat$auto(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0, 0x10) read$auto(0xffffffffffffffff, 0x0, 0x20) pipe2$auto(&(0x7f0000000000), 0x0) read$auto(0x3, 0x0, 0xfdef) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) r1 = socket(0x2a, 0x2, 0x0) setsockopt$auto(r1, 0x29, 0x30, 0x0, 0x1) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2a01, 0x0) mmap$auto(0xe, 0x7, 0x9c, 0x9b72, 0x2, 0x66bb) socket(0x10, 0x1, 0x106) writev$auto(0x3, 0x0, 0xe) mmap$auto(0x0, 0x46ada017, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x59, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r2, &(0x7f0000000080)='MJC802154_HWSIM\x00\xcb\x0fX\xc7\xfdx!\xf7\xb5T\x04\xad\x96\xf4\xbc\xca\xa52UWT1\a\x00\x00\x00\x00\x00\x007\xc9\xa6\x8a', 0x1060) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r3, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r3, 0x5501, 0x0) writev$auto(r1, &(0x7f0000000340)={0x0, 0x5}, 0x4f) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa40, 0x0) ioctl$auto(r4, 0x5607, r4) clone$auto(0x20003b4a, 0x2, 0x0, 0x0, 0x2) openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) 3.136874112s ago: executing program 1 (id=5194): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/025/001\x00', 0x8901, 0x0) ioctl$auto(r0, 0x5522, r0) ioctl$auto(r0, 0x5521, 0xffffffffffffffff) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000884) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_IOC_PR_CLEAR(r1, 0x401070cd, &(0x7f0000000000)={0xe87, 0x4}) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r2, 0x5646, r2) read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f0000000280)=""/40, 0x28) ioctl$auto(r2, 0x2400000, 0xffffffffffffffff) futex$auto(0x0, 0x4f549, 0xc, 0x0, 0x0, 0x404) unshare$auto(0x40000080) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r3, &(0x7f0000000180)="0a1b9a5c2b00006e163bb154d7886d8edeea371cadb848770dc8f745d1c76eedba12b9f694dabdbcf3401910000000000060000023b5d40a", 0x38) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0) socket(0x18, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa) write$auto(r4, 0x0, 0xfffffdf1) linkat$auto(r4, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r4, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) mprotect$auto(0x0, 0x8000000000000001, 0x8) 2.179102767s ago: executing program 4 (id=5195): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x540, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) socket(0x15, 0x5, 0x0) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, r0, 0x0, 0x80000004, 0x9) write$auto(0x6, 0x0, 0x1) 2.170529097s ago: executing program 0 (id=5196): getsid$auto(0xffffffffffffffff) socket(0x15, 0x5, 0x3) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) r0 = pidfd_open$auto(0x1, 0x0) r1 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r1, 0x65, 0x3, 0x0, 0x4) setns(r0, 0x60020000) madvise$auto(0x800, 0x3, 0x4) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) getsockopt$auto(0xffffffffffffffff, 0x84, 0x24, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x80000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'}) socket(0x1d, 0x2, 0x7) r2 = socket(0x2, 0x1, 0x0) sendmsg$auto_NL80211_CMD_ADD_LINK(r0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000140)={0x1c, 0x0, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_COLOR_CHANGE_COUNT={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40814}, 0x20000090) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x40, 0x801ffdf, 0x1, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x3b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x5, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000]}, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e}, 0x40000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@raw=0x200, 0x20000001, 0x19d1d554, 0x81, "3112d585006b614d19e22af9fff4be6b7fe5e2f94bd90484b0755015e48d00", @raw=0x7ff}, 0x503, 0x5, 0x4, @raw=0x7, @enumerated={0x2, 0x0, "cb0c80699beb33ab05dc27d4bf2a711a4378ba926b660e893ca63be6c004786ceac50991aa4975421eebb8e24b11006a359336cf5c603240dff7022f6bd2af13", 0x3, 0x10001}, "7a9fc199a16a2311eacf2fc7ae1d8778dc618090334fdd73340238d21000debe0eda71bdd709254592b67f9cb5adb17884a16f7ce8cbce0bb32791702b8d7c2d"}) r4 = socket(0x11, 0x80000, 0x9) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x42}, 0x30000) sendmmsg$auto(r4, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x11}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) 1.80665805s ago: executing program 2 (id=5197): mmap$auto(0x0, 0x3, 0x3, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x800, 0x0) read$auto(r0, 0x0, 0x5) 1.663117213s ago: executing program 2 (id=5198): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326"], 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRES64, @ANYBLOB='\"'], 0x1ac}}, 0x40000) socket(0x23, 0x5, 0x0) ioctl$auto(0x3, 0x541b, 0x38) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x800) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[], 0x14}}, 0x24048004) madvise$auto(0x200, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/pagemap\x00', 0x309801, 0x0) r2 = getpid() waitid$auto_P_PID(0x1, r2, &(0x7f0000000200)={@siginfo_0_0={0x87b, 0xff, 0x8, @_sigsys={&(0x7f0000000180)="a066b8e840c6311618ee915dcba2b561883f43193d2a5631fe8489c54c2e58e828919abdaea9ede3515e3e06ef5d9e26a356338ed2792d285c9166f052064c40c858589a8fc08743324746bfd929a8d9ab975df177246f1824ee62a621dc9c9b00fe", 0xffffffff, 0x7}}}, 0x1, &(0x7f0000000340)={{0x1, 0x8}, {0x8000000, 0x9}, 0x8, 0x6, 0x8, 0x1, 0x9, 0x6, 0x69, 0x3, 0x6, 0x0, 0x2, 0x37, 0x4, 0x6}) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 1.24935054s ago: executing program 4 (id=5199): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x60000, 0x0) mmap$auto(0x4, 0xffff800000000000, 0xffff, 0x100000000040eb1, 0x602, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x102020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) getdents64$auto(0xffffffffffffffff, &(0x7f0000000ac0)={0x5, 0x2, 0x5, 0x10, "5fd42d2266a8a18d1c1de1e81b17ef92fcc21928e7d6a0536f96e09d86aa0325b8315e496588603dfa2eb3c790aa0bb7ded07c016c319a10bf1bce5ae65da02347cfad43ea6334ea7fe1eaf8fa7df21ecfedc214f70172787d7291c1042456d02c20a4fe2e0a2ddc46349489ef00d348e9beaf500ad464c86dcc8769507f8d677bdc7fcce0bd9407ad41e290391c685095eb9e8ae3c49d2b32f3184e8e2ddb381fc50901b4480c8c2735dcfa6c2f2ef92391c9d60a03399da809d257ed50f8d5623ed9bd8949d63f9f5fc26a48955da87393227f92b0ec705599a4d5c2dc05dd6ca0e02c41ecfbce2a27e1fd6b46d05e01c26094c2403512113ceb4ebce2e8a23b4520628270632fc81909efe27cce404503bac907b3a198b9fb74826df86e22650150b4f532f64fc8254415111d5e46d553d0addbb478c2c968a08a88e924275947e9fc3728303269c4439412a5fbed2dd80bf64ae14715f26549e1aa62888201330ecee58c30fabb928d6ce6ec89effc0610c62688d16afe59f0366ab90e4f3d9879be1f79c2a3f648e69e89fce1f2ea3f40a439e33ee847265150acf0c33d83b1ca194b23b0dacdbcf92e6213f9c5a6582e7518efe5e8cca2025b4f487e6f3641d350318c7f1b94fc75d7c2c90de480d391230a8dba0a892c4d9f1828b40e06ff528e2a6b0021595f7594cabfc6b955b4b62eee54e2e96fa18f6c6273c2293888a76c1f7e5424e927b1b6eb31fe427573fc96de81575db6d8003d110f5654b293d4ee17bbff61b283bd7982e5e4d291537f3f0a76fce8371ce794c0f016ee762b0b6cb72ab8b385e1617a117ac72cc6f807020e951ce80fc58c89fb48ff5bc15bfa729eec6f6333d44d65f899f585441a5cf6a485e0a0919c301316e91241215b4f764e87c5cc98b22081e17671ed1fb999e5efb98a81bec5a2ccfc291f29c297832a086dcdbec9321f4bce9f0f932b46c6c11abe9c2d4d5f7dfd52b9e326e64b575c8046cb2c1d612cf15c2391682ee692dd249554ece71c65c6574f3089c1009f71e19f94684b6bbd87bb80784afaa58a3652c896331472ae04c2a5f8e67f5eb56a76fbe10a1e4c9bfb9b916ce5ba015fb26f581bfd2dbc7e9f06e40661814e3086e0b4c1f7bc794248d26eb7c9e8d412679e042c54fb5659805688c25172727fc02c06452710181a53db904f18b0d6bfcdaced3dc9f0712f1e5cfa1d0271e65b8a7371c5e50219b46e06ca89455e7c2501254084285ea757ba5d66bc5a8694cf51289bd5a8c5d6b141307530e895f1082b2bc7498e34393da96b059dca3409b5d00d20ecf4460259b571f7174d01cd8ece0c4f83c0231313c9ae572110c63a14ac4e4ab958c0dacb63eadca9e02cf7117ee451b0ca860e9896ab6a72ce00a7a4b157e7384b35cebbeec238411bc901a5d8541f87dc8e9cbc69777ebefcfcc4bed55902a264ef0ea01017bc6a9e3eadd4ce5a5ce3aead20a7eb441a00a2278e52903eee74b0f9a393406914c8873412713b139abe4a240a185a71877dbec93a633dd29e2685b471eb233f1c41180528a06e150fefb4c89f857dc69dba87a05743df4c011226f0a1271b4f5b3d92756e7d390bcace7bbd0256c67e5d1f3bd8336a3dbd24a236ac1c20da9f42384dad06d4dac824840dc5ad6a71314763a714a05ec056e47bcf7096b34f24323163c33b0bc4662a08fbb9d28c55fe7152d9a9fb402dba7cb3b79571780b62a3dc662b2230b9312eea4af4f0ede14dfc1eca3b7c6d6005a91e497da68f790c1c589188998c946be168f710d89ab718e26103b34d2cad4622de510eade88b088611e942c286d894f630f0c36c0bf3cafbe251ea950954152689010fd912040ed6822f89b96c762693db5bcc5f6aea8f9a9d8a87d48352daa80209b6e191d3dbead277635371b50569d23af86276adc93703c077bb93176af6190e01649b200e32837489000ab23868ff40e26f412eff56bcbee1a6f45dedcdc28bf4004b293436260710eb9a0841e9799e8c059c76626293abc02dc700e00d4c9426e0014502805f137ed46e0aad93ad6b409fb410494134a34a1ec57e362b0f0b156e41931f87b7b155cefd656d3ea4115eec2bd6721efe63fbfa74585407d7b020a5311e567de5b3bc44a899284f385282ba50fa7eaae78c9a3e6a9ab457d5affa6a8e0cae302f62d1411b39fdcae30164217696e22a96d823566ed5234d4ef0ca8ed0f6cf73dc0f48fc13eea6c5f00f0fa770be6e80a583d72e6bc35d5fdf1129874e2d23d1b6668b2cacd872628490a5724b095199e6ce3b2229cab8a8cdc14999738e6a34d6416d4b8aed744da4c62fa94fe03b0fd5aa02db9049a1ac18f9e376afab43c8ddf1d153e107f7ab17e6960c5bbcb0b1f4f04273296ca7676e2d0f7729dc93a47a99d4619cdc0fd0c21434ab5dc7e2bc08006bc1b3bb0cbfba9e0d68bb046b86d4aa11c757d14905a6cd0e6b34bff03ec390e4bf0bba8a1075512d7fc7cb18ab6cac69cfd53c7dd9149d5e8b176366ba25f9541a04fe7da31ea8e93609752cb00eaac8a602d0c5bd538e8187c08c7e0109d85e116ed6b5b0817873dc2cd939bf90c1fa530fa0040e9842e1b8701df3ee3e188cb65c1998c40f6db69e207cdac6122d1c63c2d6a4c657f0e9c43e670f84d569b3b8daf3fb51b3923e8dfd538f63822891c2fabdc0e898902e548c3d8a4d85c1d7779f9f13fd4eb4a041ad5eb6bd3e5e636e52b6dd7c08e5584e613f45e05265c554a6bcb0f9b5cdc727e036a683295843b3282ed679a267908625f2149664f154677906d229dec379d0cc6cfa663192007573eb230cff9c0d4e96ba5b2845b6500524459e0b919bcd599569f51746d37b7ec74da303ae0257caf6292eac56"}, 0x1) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) unshare$auto(0x40000080) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000005440)='/dev/snd/controlC1\x00', 0x24001, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, 0xfffffffffffffffd) ioctl$auto(0xffffffffffffffff, 0x5429, 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x583142, 0x0) shmctl$auto(0x7f, 0x401, &(0x7f00000000c0)={{0x9d, 0xee01, 0xee01, 0xe1, 0x8, 0xfe, 0x40a}, 0xe, 0x5, 0x0, 0x0, @raw=0x5, @inferred=0xffffffffffffffff, 0x7f, 0x0, &(0x7f0000001300)="e185d9d6004d43630125a1df432e58bedaefefa75705ba965ceb6fcb5f3118d70630b128c42bbd96a55479af6825697ab1a91702ec41b8418516a1c1f02901be5e68761b7ad3fc15ee3594ae26b3eff76f7caedec9a892162ec47b407266ebec025cd44d1cdb0977e74f237bf32605df5dff9f6bdc65e1d623da2693c9869942da1d99075bf329b06aa427bba54c6f2b4fb3afa7a94c6391066ce20a09a2e7787d012f1e8223f2bd51ab23bbfcb66e7b7d44cbf869af7a342cdf9b10fc4bb82aa7b8d4056469c4460d746bb80aba52e2f32256a09df69ed1adf8163cd8565f4318d3e43ea9c8b52402868d04f8e2631fd732ce59512badde79445e443cce13520cc350da5b6b487d861bddbf318a1d70304d46d228aec70832c4eb32083b09b2ae71a0c703d7cb09a11e25f7b4b6cb4834bac4cab98b0fff08ce07c79f7dbf326aea9283dd4a98502e3feae3906c1e3c6c9f2e36f2defb9070e47fd05757fafb0c2c706398b91f13077c9752d58fa9fcd4e5fe842cd7141c3a35d07d31119077ca313c5ddaa06e296c7b402b2f5ea395ca5c1318f7149dec1b9ea271239f75d62170729315404750935c3c4ae5328ecc813eff34fd16c2bdc8e17184a413993e8f7a590e3b7f14d959e07ec3e3842360412244c12dfb6bf1c2399c06cb2c272eb0ef160b09cb7eea192ba04908ce28cf48c7e4df2cbe9ae09d85cfa088ea1ec4bef94b75cc51986c2b61d0d7a3b91ff677bf784035bc622a81d53080293ae51130168f2698519021306aeac05d371dc9f9fea04b41ef546d945632b84c7eae7ddcb248e3c0d1c7e03d010f85df43c83806038c67ee5572ee74fd62779a040a00c146762f843641fdb612c3c2ffaf15d4eafcd3c769534f7cfe7648f784ed67b02c850dc2b0ea6eba70b4e538a29a8c4121e134299f92e1f43f0e3d3155311d01fe41778eebf32a8c22af4dc8251397e453d04e3c3ba75676150e9caeb0d01f9128558c1c0f068eaa0cec5c65aaaaf3f63e2ee535731d5637b37f74484a7cc6fe7ddb299fb456acd595eaf542523b5776e26097bf576c5c8556fb35a9ecef46a5d077e566031f7cec8bc040cc57f6669c0989f1b4244785c54bc771cd235ce4c6af4bc5dda9f9026f9eec8e3a3a7b1dd93486b62c1d37223e1a47a6c216bd7a359dde3d4a13f61457f3225a2b9baf9e86afaa0c9a0e6daf41259c454b54f295d4fc57dee8d336d3f90951bc9302b8753b4e08189fdd4b3e74c2a145ccfe0862c3468bc3d79e345cf19a236efcad4f369b6af04fc74ebfea7688777c84b661cdf62bb465127337e3103329f1cd9d746d89a12c786a6ce7839b70a280a4201f0ea410c333e7f55bbb5df2ac61723e59ccf37726dab9f32423c9dfdc698e763b22bd287b8cc0d5e246c2b2f3aba3a6ed12915a91f320b45243c774375b19e1c81179e754f3adff9fbdefe192451adc7abbc7e4d0ace37dc6dc45cefd45e5dff035f51662972d343920dfa5ca8b555146bc26e9f30df2d915ebc4a83bf35a6761a9cec94a91bff79b213b69ba90af903f8dc3fd81be6909aed6b1dcc3c2e315b9745c7ffa1fd8eca7d9dba2f673e90574e90d94759713a4356154cf3ad1e6cde8caa551dd2fb1f06e6d6fdeac61a2031cd25cc1e6d605c6f3a1f148cddcba7b5ccc124eb3d30f9816a0277797fd5bc87e9ad3fab81b5367e626570d95a18cd2a8742fcf175bfca0aee439ad34657f5435f3f9a0e38b9c3a44d7b9d43aa3e560a509f87984e88aa361de947dc4150b28027d439f5ca42b52b7d685d0ef2500d5c4ee10d2d21fdf14dfde6677c200802c78ac654936902f545615d2fe7e41f6eafb0ce41d71ecbcea0b70e9312b62f090d2e77423fc970b4a8b70d35f1912d5d118443a011293c14985eb80ae9e7d4695bfd88b2e6009e92c542078379f637c9fd7e55e3be2e8c188859a62721d8f19da7b557de571af441f726c25a213c39746ea3a98595953410da7a400415e740c62ebc1fe2c080a4ce813ac88b6856f78607e516f3aff31eafbda4b9513a2f8776a1ae27cbd5b4de17d4857c5c4bde3514e5e53972ad8a0ef8a3adf30a8ca28a34547e3c237e8b63948df22a6dbf3006388b6f9398464bb2ad1973672dd42375035964174e9c94c374a8dd7670cf949cb6df6f9a9f7056f186335c70aafc2bdc275434d8f3d4a3d8bc6977b4e08f86621a03b1cbd287d1e868a0fb3087f5ff18050b7ef830af72ae0e00dd450c69bb9d92cb28f0fefb0bc6ded914d23c70abdb9c3e4a99fcbf53347138d4c5fb80ab75e0ea738c0e0210d0988e943020b7dba40f75a9ec92ee7c6658764ca685fb8036e0a0f706be07d9ee47d405111f02e6915dd0210248b664c2c57f86b4d3b34b8db6e0bb98b48bec701e70a4f1542463500b8ed414ef1f9683a99d18c2758d6860e31df766277dd343a885723f9bc38a7e8c5376be80dc2ec4524eb8fae6a7ab0f68c0fed349f669aa7a7b54e01523d95047f5a13bb205b69811d73897e3fb9fdb3ac02a99027bcd9e44deab54fff0955124a08c9f3621358d7fe8a8dd59f504f8f6ae9721da79946dd39aad129836e78bb569335bda1b41a59ca62c988432244512659b06808f381ce42bea25215dba7e2dca9f62f6c94dc0e24c4161e13ec0b937db2f47c72ebd44727f1f3c421b98be4d7ba0d82f67151625f9ebb42814d73a53b033fbc3a1ba3b170f84dfc93c2a89340f18394687789e86fee13b02b03033a2e223d12361e2796b142791aecb97a4e9b4797e8ec52a8f356088286b5a6c2d4d79d4b7c31d9baf0bf3434fe44e8f0608a865c5cd3262254acf57cc60d7fcfedd200d0c5426004faecc9ecd00cdf8612e24e0d193ca9b382bb533e0587c2b5f582d1ca4dba5245655c69089d21383167cd8f7e67eb759e562da4b0790de25ba3719e9ff4cc0202e312deba359fc8f494d64dacaa065ed28fbd5c51ac1c83d2007250cdb9225cdeebf001d4a6ca7b737ae867ce9932542acc5c1926ae4b5fa715d8d553ee34dbac3f44eccec5e1d0af80d6cb4231c6af769adfa240fcbc88da2b20f47836ff14f7dc7213a63aa172cdc35c2b8649b365fc84bf444814974d9cd446d000734524e47679bd11dbbbe9bcc71fd7c208076a663b23fea23225a31888f6d307780afa5c31dd9a0b8e046fe6ba2f76667a64f83e42558a9c94b64756fb6ffbf23cd9720a9f94fe076df47695adf0e3245c2b8e8c5cf258172704c5bbf51e9cd956d804ab9a8d0a69814bbcc26ee2c31fbb46238cdf37e8906173a747624744f2f54420af27ad509e6db1b4cb20dbdd86adb7b84827cfa18d25b04fbe80a4c3824c11a0067a450c5ea4e9b188515a850cee148bddfc5e7a7f1460c72e207c92f8f5560b3977b7116925b7a071f11da2c9b5018db2abc9d1c16e1630601a6a48e9e9ca0d8db045b0cbc36b344331bf55b219ea1a6ec23e3b9be95de6c3f31d0d948e3c35333e4261965def3f2f787e3cff6d072133093b90db25c8c77d3a79135434f3dbb28e2d17c2c4ecb188ef430355fdea5b5cbccf98dc8cdb771422bd6e32a19507a9af3aa38630565fdb97ecf3905bb4635a798da8ae3270f8b1c3cf2df55b7a53243e9f6c7303e07f14563cb684c5a980f802a30f901f270e919a0b2e40519501144c136be7d5496407d1e9a3a0c61c66745b1d2a17acec81a29d21aba2c80dbcb234f0bb719a043762a1ceb2ddbff6c423c1ce8311e6669fa70a2324d2c6405af03a656717a14d912ffcaffaf9e46af561661c678b76071244e290bd9795b80470c48a840760360ac5366817f2ef489d9c4a0d965de7473d34b5828d0ed475c8055ec413e26664d060ac5beba6c6e367028f58690fe2bc9754074ed22b3448b46077f50a56bcf578475306bb451ae36a7691306d147f4dc6dda8e4bb395512e237cfcf75d37dfea93b714d43b7e607928b68f483b71e7ef3332167ed66d57f99d9d4379f836a1c2dbfd09b9236fcc5e18e483c429e98a7f9080a29432f8ec005b1d59cae9e958e0ec8c01072a8a449d34469d6b0ff9e1ca05f77ccdce07a382706085924970c22822e92814607cd579a19a58c08e37660bf2c813da708b5c4a25fb0cb38045da3290d8ace43e019e9cd392823f5c88b4894f37640a2f03e04191d0fb7bbd43d2bd3331fbf166a4e4e002b3f6617a9b8b0f58a69faea63038f4e17e2576c3a4799cf8f8f3b8e7c236053c464d94328422e93f0dd3e53e1fdd11cdfb9a1c18ec6832e8871a917872cc1fb5f2a49b6786ced5592b29cefa41028711bbb42fc317fb491f89dfe97d5236f80a5750b6b5f3164c29c587ee2d2f41c3ad0cec98be1a75dad6bb25e675a6ef6b2a2156512c44c31996838e4efc62ad8776fbb60ff068a4a2fe94c0e7f4119e91cc1806e783a790ca330852e43143eacf3837f0d5de156fdf7374c6a5c3795dd92a194b008570804d445fec076a182207cd9b811ff0bc3f674166837c16db236bda402c05c572c6c34c319b80f94751bfd194c930aca12ef5065dd1ae0680ca478753a39ce67c1bece7055cb61df780b00341cfbd8b2adef1396591cd8aa59c8b30fe6656952a1e741dab2b30e54bd7d518d2acbf0e475d35e8fa0d837374bf33382fb212c3896d9c711182f40ad403132c0e9ae5017af77b38cfac98fdeedadc5bc28529fe478bce9477a2a0c6b4aec75df6989edd1c401c56ef84425a8b55b1ec92838d86d9d3eb2b5ba84899ba322572a9820bbcfbac579ed6ef32a0aaa954e09a029747f545127d8cd0847d554fc21ec91f641f6392248147ec9e62a1bd0385b7702c57b5f4931189f3ad132b62fb767d83334727335c4a5e190f6736764aec416faaf98b2bdfe7f40ac67502db7e79240b15ef1e53a34f4d38b61b3de485f67effc93a9e7b24fc732b9fb5ba033aa81cf5ed0da8944ed61f29bd22f361224a5c124de4e126d1c94d401248e6ffb2763db1e6ac6f5caf5cca9f593273e8ab679b020947b2d09c7d5d042c8763c6510423ab6f66a63690de7d02f998ffb405d7226015808c7a5021c87e52d936e3bc5a713948de77d484b788209a630cb9db1d9b8adb12fff58f2a2ad4b25227ad13ad76beac69ff1ccc7245fd20cb65d9e8182734f9928bd10572b895d983a331bb00a4b9c5af433e549c4d664dd6b44d5a196f7fc56735afbbfa192609bda4655a0072502e36cd90cb5e47706943f2869d2cdcdeaf881a40d9dfd8ad157214cdfd46a2415013ae2e2a64b8dc0ed81394a796700b8ecd8fe896bba22179f9f60d1cbde754ddee9a6dfe99b328ff0913933d43e32d7b5d9df5e8aeb21693d554fb2ecdcb7c130a245878485cc956fd6c42c9f2a2337759632298d0e84b88a09423ca3030cbbeaa66b7d6fa4efb0abd51ab4da4a7b091db72832da62b2320e129bfc75796dfeb306f8db3b5b385f8f865b214bab0d7de72ecebf22fe2c905d64ad1d2adba4a99227035ee7937ae5837115ae5436f897225d79b9dde053a07f4de78f5e6b30c36648a0709d52f5183c85e8f8d7d95ceb80d3b11d2cc4efe3d02757b9b50b20e4ce1a751f6ab8e5b7095036651fc93ffe7081ab8bc16f6800a2376280936aed89bab2461dfa0cf1b4db02b69ae974939995558b09ba7353d595427d5b370a5e42ae25fb479de9830841bb6f982d43e03ac93d33d7f788d503c1a7c0f09aac72664a290fa4036b7b18dda5b9fe7702d76759e35f4306c43233e69c8eabbee0db82295bd0671d619ae66b6951a2a49300a064d258ba44a15deb0c4b09", &(0x7f0000000080)="aaa94ce4a7fc1593ccfe85614525bfa2379e4b4dc673156f105d5deeff82828526ca7743dcf9c38bcbf4c0b79cee6496dbfb3825bf30"}) keyctl$auto_KEY_REQKEY_DEFL_PROCESS_KEYRING(0x8, 0x2, r2, 0x0, 0x80) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0xc1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r3, 0x0) r4 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x364f9cefc8a0a83, 0x0) ioctl$auto_tracing_buffers_fops_trace(r4, 0x5220, 0x0) rseq$auto(0x0, 0x80000002, 0x8, 0xfd) socket(0x15, 0x5, 0x0) write$auto(0xca, 0x0, 0x2d9) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 1.154437885s ago: executing program 0 (id=5200): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) socket(0x1d, 0x2, 0x6) fstatfs$auto(0x3, 0x0) mmap$auto(0x0, 0x5c, 0xdf, 0xeb1, 0x401, 0x100000000008000) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xffbffffa) futex$auto(&(0x7f0000000080)=0xfffffffa, 0xc, 0x1, 0x0, 0x0, 0xfffffffa) 634.1464ms ago: executing program 0 (id=5201): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) io_uring_setup$auto(0x540, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) socket(0x15, 0x5, 0x0) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, r0, 0x0, 0x80000004, 0x9) write$auto(0x6, 0x0, 0x1) 510.584278ms ago: executing program 2 (id=5202): mmap$auto(0x0, 0x2000a, 0xdf, 0xe31, 0x40000000000a5, 0x8000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) r0 = io_uring_setup$auto(0x9, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0xab42, 0x0) ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x4, 0x0) socket(0xa, 0x1, 0x84) socketpair$auto(0x3, 0x80001, 0x7d, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) socket(0x11, 0xa, 0x300) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/scsi_mod/parameters/scan\x00', 0x102, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80402, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1) sendfile$auto(r1, r1, 0x0, 0x3) read$auto_uinput_fops_uinput(r0, &(0x7f0000000200)=""/195, 0xc3) read$auto(0x3, 0x0, 0x80) sendmsg$auto_BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYRES16, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4048004}, 0x24028000) 483.062545ms ago: executing program 0 (id=5203): mmap$auto(0x0, 0x8, 0x4, 0xeb1, 0xffffffffffffffff, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="519227a993a0fa8155ee2838112e4471bdd98b5588d54e22d2da48335cf1c6bd81fee967cca0e5f1b90e7d36ab8fb5596f8cd181e6e6105b9b48681265e42802496cd0a269fecd48f9f87ae6a504d7f78fff52590137aba8a5586f981cb200818bba037ea070535bb7bf9d7fc0eda683f1242b18f13a5273", @ANYRES16=r1, @ANYBLOB="01002bbd7000fedbdf251600000018000180140002007866726d3000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x4044000) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x8) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x282, 0x0) socketpair$auto(0xfffffffc, 0x2, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x64842, 0x0) socket(0x15, 0x2, 0x2) socket(0x2, 0x1, 0x106) getsockopt$auto(0x4, 0x6, 0x4, 0x0, 0x0) socket(0x18, 0xa, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='3\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="1b0026bd7000fddbdf250300000004000800040003800c000b000400000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250af4"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00'}) 0s ago: executing program 2 (id=5204): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) nanosleep$auto(0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101181, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/005/001\x00', 0x100, 0x0) socket(0xa, 0x5, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) socket(0xa, 0x1, 0x100) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec4\x00', 0x800, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nbd13\x00', 0xe081, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) (fail_nth: 8) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x100000000, 0x4, 0x5, 0x6, 0x3, 0x41b9, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x6, 0x2, 0x8000000000000006]}, 0x0) mmap$auto(0x0, 0x6, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4038ae7a, r0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya5\x00', 0x40081, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/nbd12\x00', 0x80000, 0x0) ioctl$auto_BLKRRPART(r2, 0x125f, 0x0) io_uring_setup$auto(0x23, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r3, 0x10e, 0x1, 0x0, 0xe) kernel console output (not intermixed with test programs): fx_newseg+0x10/0x10 [ 1397.511333][T28331] ? down_write+0x146/0x1f0 [ 1397.511355][T28331] ? ksys_write+0x190/0x250 [ 1397.511372][T28331] ? ksys_write+0x190/0x250 [ 1397.511393][T28331] ipcget+0xee/0xf50 [ 1397.511421][T28331] ? do_futex+0x192/0x350 [ 1397.511454][T28331] ? __pfx_do_futex+0x10/0x10 [ 1397.511491][T28331] ? __pfx_ipcget+0x10/0x10 [ 1397.511517][T28331] ? __x64_sys_futex+0x34f/0x4d0 [ 1397.511540][T28331] ? __x64_sys_futex+0x358/0x4d0 [ 1397.511568][T28331] __x64_sys_shmget+0x13b/0x1b0 [ 1397.511596][T28331] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1397.511629][T28331] do_syscall_64+0x106/0xf80 [ 1397.511648][T28331] ? clear_bhb_loop+0x40/0x90 [ 1397.511672][T28331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1397.511692][T28331] RIP: 0033:0x7f3a1519c819 [ 1397.511709][T28331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1397.511726][T28331] RSP: 002b:00007f3a1613e028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 1397.511745][T28331] RAX: ffffffffffffffda RBX: 00007f3a15415fa0 RCX: 00007f3a1519c819 [ 1397.511757][T28331] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 1397.511768][T28331] RBP: 00007f3a15232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1397.511779][T28331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1397.511790][T28331] R13: 00007f3a15416038 R14: 00007f3a15415fa0 R15: 00007ffc91225388 [ 1397.511814][T28331] [ 1397.760366][T28290] bridge_slave_1: entered allmulticast mode [ 1397.768352][T28290] bridge_slave_1: entered promiscuous mode [ 1397.794564][T28290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1397.806937][T28290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1397.836124][T28290] team0: Port device team_slave_0 added [ 1397.843826][T28290] team0: Port device team_slave_1 added [ 1397.867665][T28290] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1397.874877][T28290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1397.901307][T28290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1397.913441][T28290] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1397.920475][T28290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1397.949138][T28290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1397.989920][T28290] hsr_slave_0: entered promiscuous mode [ 1397.996563][T28290] hsr_slave_1: entered promiscuous mode [ 1398.271997][T26841] bridge_slave_1: left allmulticast mode [ 1398.297632][T26841] bridge_slave_1: left promiscuous mode [ 1398.313968][T26841] bridge0: port 2(bridge_slave_1) entered disabled state [ 1398.347326][T26841] bridge_slave_0: left allmulticast mode [ 1398.366278][T26841] bridge_slave_0: left promiscuous mode [ 1398.392526][T26841] bridge0: port 1(bridge_slave_0) entered disabled state [ 1398.471941][T28340] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4774'. [ 1399.226230][T19500] Bluetooth: hci0: command tx timeout [ 1400.021054][T28367] FAULT_INJECTION: forcing a failure. [ 1400.021054][T28367] name failslab, interval 1, probability 0, space 0, times 0 [ 1400.196551][T28367] CPU: 0 UID: 0 PID: 28367 Comm: syz.4.4776 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1400.196586][T28367] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1400.196593][T28367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1400.196605][T28367] Call Trace: [ 1400.196611][T28367] [ 1400.196619][T28367] dump_stack_lvl+0x100/0x190 [ 1400.196652][T28367] should_fail_ex.cold+0x5/0xa [ 1400.196675][T28367] should_failslab+0xc2/0x120 [ 1400.196698][T28367] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1400.196724][T28367] ? alloc_pipe_info+0x10e/0x590 [ 1400.196745][T28367] ? find_held_lock+0x2b/0x80 [ 1400.196767][T28367] alloc_pipe_info+0x10e/0x590 [ 1400.196790][T28367] splice_direct_to_actor+0x78f/0xa30 [ 1400.196812][T28367] ? __lock_acquire+0x4a5/0x2630 [ 1400.196835][T28367] ? __pfx_direct_splice_actor+0x10/0x10 [ 1400.196856][T28367] ? __pfx_aa_file_perm+0x10/0x10 [ 1400.196886][T28367] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1400.196912][T28367] do_splice_direct+0x174/0x240 [ 1400.196934][T28367] ? __pfx_do_splice_direct+0x10/0x10 [ 1400.196955][T28367] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1400.196988][T28367] ? bpf_lsm_file_permission+0x9/0x10 [ 1400.197006][T28367] ? security_file_permission+0x76/0x210 [ 1400.197033][T28367] ? rw_verify_area+0xce/0x6d0 [ 1400.197064][T28367] do_sendfile+0xadc/0xe20 [ 1400.197098][T28367] ? __pfx_do_sendfile+0x10/0x10 [ 1400.197128][T28367] ? __fget_files+0x21f/0x3d0 [ 1400.197153][T28367] __x64_sys_sendfile64+0x1d8/0x220 [ 1400.197175][T28367] ? ksys_write+0x1ac/0x250 [ 1400.197193][T28367] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1400.197222][T28367] do_syscall_64+0x106/0xf80 [ 1400.197241][T28367] ? clear_bhb_loop+0x40/0x90 [ 1400.197263][T28367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1400.197283][T28367] RIP: 0033:0x7f3a1519c819 [ 1400.197300][T28367] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1400.197318][T28367] RSP: 002b:00007f3a1611d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1400.197336][T28367] RAX: ffffffffffffffda RBX: 00007f3a15416090 RCX: 00007f3a1519c819 [ 1400.197348][T28367] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 1400.197359][T28367] RBP: 00007f3a1611d090 R08: 0000000000000000 R09: 0000000000000000 [ 1400.197371][T28367] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 1400.197390][T28367] R13: 00007f3a15416128 R14: 00007f3a15416090 R15: 00007ffc91225388 [ 1400.197413][T28367] [ 1400.198879][T28369] [U] [ 1400.448284][T28369] [U] [ 1400.450976][T28369] [U] [ 1400.453938][T28369] [U] [ 1400.844239][T28369] [U] [ 1400.846995][T28369] [U] [ 1400.849692][T28369] [U] [ 1400.852392][T28369] [U] [ 1400.866011][T28369] [U] [ 1400.868753][T28369] [U] [ 1400.871451][T28369] [U] [ 1400.874146][T28369] [U] [ 1400.891909][T28369] [U] [ 1400.894650][T28369] [U] [ 1400.897414][T28369] [U] [ 1400.900139][T28369] [U] [ 1400.916421][T28290] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1400.934114][T28369] [U] [ 1401.009365][T28290] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1401.058775][T28290] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1401.144627][T28290] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1401.299201][T28384] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4780'. [ 1401.310523][T19500] Bluetooth: hci0: command tx timeout [ 1401.822214][T28290] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1402.130857][T28290] 8021q: adding VLAN 0 to HW filter on device team0 [ 1402.279139][T19538] bridge0: port 1(bridge_slave_0) entered blocking state [ 1402.286345][T19538] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1402.483951][T28412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4784'. [ 1402.695120][T19499] bridge0: port 2(bridge_slave_1) entered blocking state [ 1402.702416][T19499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1402.814373][T28407] FAULT_INJECTION: forcing a failure. [ 1402.814373][T28407] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.936857][T28407] CPU: 0 UID: 0 PID: 28407 Comm: syz.1.4783 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1402.936892][T28407] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1402.936899][T28407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1402.936911][T28407] Call Trace: [ 1402.936918][T28407] [ 1402.936926][T28407] dump_stack_lvl+0x100/0x190 [ 1402.936958][T28407] should_fail_ex.cold+0x5/0xa [ 1402.936983][T28407] should_failslab+0xc2/0x120 [ 1402.937005][T28407] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1402.937035][T28407] ? security_inode_alloc+0x3b/0x2c0 [ 1402.937056][T28407] ? lockdep_init_map_type+0x5c/0x250 [ 1402.937085][T28407] security_inode_alloc+0x3b/0x2c0 [ 1402.937108][T28407] inode_init_always_gfp+0xced/0x1040 [ 1402.937132][T28407] alloc_inode+0x8e/0x250 [ 1402.937158][T28407] new_inode+0x22/0x1c0 [ 1402.937185][T28407] hugetlbfs_get_inode+0x313/0x750 [ 1402.937210][T28407] hugetlb_file_setup+0x3cc/0x5b0 [ 1402.937237][T28407] newseg+0xabb/0xed0 [ 1402.937266][T28407] ? __pfx_newseg+0x10/0x10 [ 1402.937291][T28407] ? down_write+0x146/0x1f0 [ 1402.937312][T28407] ? ksys_write+0x190/0x250 [ 1402.937330][T28407] ? ksys_write+0x190/0x250 [ 1402.937357][T28407] ipcget+0xee/0xf50 [ 1402.937383][T28407] ? do_futex+0x192/0x350 [ 1402.937408][T28407] ? __pfx_do_futex+0x10/0x10 [ 1402.937437][T28407] ? __pfx_ipcget+0x10/0x10 [ 1402.937464][T28407] ? __x64_sys_futex+0x34f/0x4d0 [ 1402.937488][T28407] ? __x64_sys_futex+0x358/0x4d0 [ 1402.937516][T28407] __x64_sys_shmget+0x13b/0x1b0 [ 1402.937542][T28407] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1402.937575][T28407] do_syscall_64+0x106/0xf80 [ 1402.937593][T28407] ? clear_bhb_loop+0x40/0x90 [ 1402.937624][T28407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1402.937644][T28407] RIP: 0033:0x7f7ca319c819 [ 1402.937661][T28407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1402.937678][T28407] RSP: 002b:00007f7ca4034028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 1402.937697][T28407] RAX: ffffffffffffffda RBX: 00007f7ca3416180 RCX: 00007f7ca319c819 [ 1402.937709][T28407] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 1402.937721][T28407] RBP: 00007f7ca3232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1402.937732][T28407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1402.937743][T28407] R13: 00007f7ca3416218 R14: 00007f7ca3416180 R15: 00007ffe238e7428 [ 1402.937767][T28407] [ 1403.553600][T19500] Bluetooth: hci0: command tx timeout [ 1403.961506][T28418] nbd: must specify at least one socket [ 1404.978323][T28290] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1405.241448][T28437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4788'. [ 1405.305724][T28290] veth0_vlan: entered promiscuous mode [ 1405.641073][T28290] veth1_vlan: entered promiscuous mode [ 1405.947677][T28290] veth0_macvtap: entered promiscuous mode [ 1405.979398][T28290] veth1_macvtap: entered promiscuous mode [ 1406.090475][T28290] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1406.156647][T28290] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1406.208021][T19531] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1406.237803][T19531] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1406.275146][T19531] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1406.381841][T19531] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1406.698620][T19538] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1406.738198][T19538] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1407.140482][T19515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1407.169483][T19515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1409.612500][T26841] hsr_slave_0: left promiscuous mode [ 1409.733105][T26841] hsr_slave_1: left promiscuous mode [ 1409.867140][T26841] veth0_macvtap: left promiscuous mode [ 1409.890636][T26841] veth1_vlan: left promiscuous mode [ 1409.910850][T26841] veth0_vlan: left promiscuous mode [ 1410.598040][T26841] team0 (unregistering): Port device team_slave_1 removed [ 1410.655884][T26841] team0 (unregistering): Port device team_slave_0 removed [ 1412.407482][T28509] FAULT_INJECTION: forcing a failure. [ 1412.407482][T28509] name failslab, interval 1, probability 0, space 0, times 0 [ 1412.635913][T28509] CPU: 0 UID: 0 PID: 28509 Comm: syz.2.4799 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1412.635949][T28509] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1412.635957][T28509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1412.635968][T28509] Call Trace: [ 1412.635975][T28509] [ 1412.635983][T28509] dump_stack_lvl+0x100/0x190 [ 1412.636018][T28509] should_fail_ex.cold+0x5/0xa [ 1412.636041][T28509] should_failslab+0xc2/0x120 [ 1412.636062][T28509] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1412.636093][T28509] ? security_inode_alloc+0x3b/0x2c0 [ 1412.636114][T28509] ? lockdep_init_map_type+0x5c/0x250 [ 1412.636143][T28509] security_inode_alloc+0x3b/0x2c0 [ 1412.636165][T28509] inode_init_always_gfp+0xced/0x1040 [ 1412.636189][T28509] alloc_inode+0x8e/0x250 [ 1412.636215][T28509] new_inode+0x22/0x1c0 [ 1412.636242][T28509] hugetlbfs_get_inode+0x313/0x750 [ 1412.636274][T28509] hugetlb_file_setup+0x3cc/0x5b0 [ 1412.636303][T28509] newseg+0xabb/0xed0 [ 1412.636333][T28509] ? __pfx_newseg+0x10/0x10 [ 1412.636358][T28509] ? down_write+0x146/0x1f0 [ 1412.636380][T28509] ? ksys_write+0x190/0x250 [ 1412.636401][T28509] ? ksys_write+0x190/0x250 [ 1412.636428][T28509] ipcget+0xee/0xf50 [ 1412.636453][T28509] ? do_futex+0x192/0x350 [ 1412.636478][T28509] ? __pfx_do_futex+0x10/0x10 [ 1412.636506][T28509] ? __pfx_ipcget+0x10/0x10 [ 1412.636533][T28509] ? __x64_sys_futex+0x34f/0x4d0 [ 1412.636556][T28509] ? __x64_sys_futex+0x358/0x4d0 [ 1412.636584][T28509] __x64_sys_shmget+0x13b/0x1b0 [ 1412.636610][T28509] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1412.636643][T28509] do_syscall_64+0x106/0xf80 [ 1412.636661][T28509] ? clear_bhb_loop+0x40/0x90 [ 1412.636684][T28509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1412.636703][T28509] RIP: 0033:0x7fe88c19c819 [ 1412.636719][T28509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1412.636737][T28509] RSP: 002b:00007fe88cf92028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 1412.636756][T28509] RAX: ffffffffffffffda RBX: 00007fe88c416180 RCX: 00007fe88c19c819 [ 1412.636769][T28509] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 1412.636780][T28509] RBP: 00007fe88c232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1412.636791][T28509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1412.636802][T28509] R13: 00007fe88c416218 R14: 00007fe88c416180 R15: 00007ffeb840a9c8 [ 1412.636826][T28509] [ 1412.993315][T28508] FAULT_INJECTION: forcing a failure. [ 1412.993315][T28508] name failslab, interval 1, probability 0, space 0, times 0 [ 1413.006245][T28508] CPU: 0 UID: 0 PID: 28508 Comm: syz.1.4800 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1413.006280][T28508] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1413.006288][T28508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1413.006300][T28508] Call Trace: [ 1413.006310][T28508] [ 1413.006320][T28508] dump_stack_lvl+0x100/0x190 [ 1413.006354][T28508] should_fail_ex.cold+0x5/0xa [ 1413.006378][T28508] should_failslab+0xc2/0x120 [ 1413.006400][T28508] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1413.006431][T28508] ? security_inode_alloc+0x3b/0x2c0 [ 1413.006453][T28508] ? lockdep_init_map_type+0x5c/0x250 [ 1413.006481][T28508] security_inode_alloc+0x3b/0x2c0 [ 1413.006524][T28508] inode_init_always_gfp+0xced/0x1040 [ 1413.006548][T28508] alloc_inode+0x8e/0x250 [ 1413.006671][T28508] new_inode+0x22/0x1c0 [ 1413.006700][T28508] hugetlbfs_get_inode+0x313/0x750 [ 1413.006725][T28508] hugetlb_file_setup+0x3cc/0x5b0 [ 1413.006756][T28508] newseg+0xabb/0xed0 [ 1413.006801][T28508] ? __pfx_newseg+0x10/0x10 [ 1413.006826][T28508] ? down_write+0x146/0x1f0 [ 1413.006849][T28508] ? ksys_write+0x190/0x250 [ 1413.006867][T28508] ? ksys_write+0x190/0x250 [ 1413.006889][T28508] ipcget+0xee/0xf50 [ 1413.006915][T28508] ? do_futex+0x192/0x350 [ 1413.006941][T28508] ? __pfx_do_futex+0x10/0x10 [ 1413.006970][T28508] ? __pfx_ipcget+0x10/0x10 [ 1413.006997][T28508] ? __x64_sys_futex+0x34f/0x4d0 [ 1413.007026][T28508] ? __x64_sys_futex+0x358/0x4d0 [ 1413.007073][T28508] __x64_sys_shmget+0x13b/0x1b0 [ 1413.007111][T28508] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1413.007158][T28508] do_syscall_64+0x106/0xf80 [ 1413.007187][T28508] ? clear_bhb_loop+0x40/0x90 [ 1413.007211][T28508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1413.007236][T28508] RIP: 0033:0x7f7ca319c819 [ 1413.007256][T28508] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1413.007282][T28508] RSP: 002b:00007f7ca4055028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 1413.007304][T28508] RAX: ffffffffffffffda RBX: 00007f7ca3416090 RCX: 00007f7ca319c819 [ 1413.007319][T28508] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 1413.007332][T28508] RBP: 00007f7ca3232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1413.007346][T28508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1413.007358][T28508] R13: 00007f7ca3416128 R14: 00007f7ca3416090 R15: 00007ffe238e7428 [ 1413.007388][T28508] [ 1413.797033][T28524] zswap: compressor not available [ 1414.024097][T28535] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1414.054914][T28535] vivid-007: ================= START STATUS ================= [ 1414.071869][T28535] vivid-007: Generate PTS: true [ 1414.083069][T28535] vivid-007: Generate SCR: true [ 1414.095506][T28535] tpg source WxH: 320x240 (Y'CbCr) [ 1414.109097][T28535] tpg field: 1 [ 1414.121383][T28535] tpg crop: (0,0)/320x240 [ 1414.136962][T28535] tpg compose: (0,0)/320x240 [ 1414.155508][T28535] tpg colorspace: 8 [ 1414.168597][T28535] tpg transfer function: 0/0 [ 1414.183379][T28535] tpg Y'CbCr encoding: 0/0 [ 1414.202005][T28535] tpg quantization: 0/0 [ 1414.233765][T28535] tpg RGB range: 0/2 [ 1414.273628][T28535] vivid-007: ================== END STATUS ================== [ 1414.297015][T28536] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4805'. [ 1415.637139][T28567] FAULT_INJECTION: forcing a failure. [ 1415.637139][T28567] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1415.731975][T28567] CPU: 0 UID: 0 PID: 28567 Comm: syz.4.4812 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1415.732010][T28567] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1415.732018][T28567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1415.732029][T28567] Call Trace: [ 1415.732036][T28567] [ 1415.732044][T28567] dump_stack_lvl+0x100/0x190 [ 1415.732086][T28567] should_fail_ex.cold+0x5/0xa [ 1415.732109][T28567] _copy_from_user+0x2e/0xd0 [ 1415.732135][T28567] copy_msghdr_from_user+0x9f/0x4f0 [ 1415.732161][T28567] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1415.732194][T28567] ? __lock_acquire+0x4a5/0x2630 [ 1415.732224][T28567] ___sys_recvmsg+0xdd/0x1a0 [ 1415.732248][T28567] ? __pfx____sys_recvmsg+0x10/0x10 [ 1415.732283][T28567] ? find_held_lock+0x2b/0x80 [ 1415.732314][T28567] do_recvmmsg+0x301/0x760 [ 1415.732341][T28567] ? __pfx_do_recvmmsg+0x10/0x10 [ 1415.732364][T28567] ? ksys_write+0x190/0x250 [ 1415.732382][T28567] ? ksys_write+0x190/0x250 [ 1415.732404][T28567] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1415.732432][T28567] ? __fget_files+0x21f/0x3d0 [ 1415.732456][T28567] __x64_sys_recvmmsg+0x22a/0x280 [ 1415.732476][T28567] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1415.732501][T28567] do_syscall_64+0x106/0xf80 [ 1415.732519][T28567] ? clear_bhb_loop+0x40/0x90 [ 1415.732542][T28567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1415.732562][T28567] RIP: 0033:0x7f3a1519c819 [ 1415.732578][T28567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1415.732596][T28567] RSP: 002b:00007f3a1611d028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1415.732614][T28567] RAX: ffffffffffffffda RBX: 00007f3a15416090 RCX: 00007f3a1519c819 [ 1415.732627][T28567] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1415.732639][T28567] RBP: 00007f3a1611d090 R08: 0000000000000000 R09: 0000000000000000 [ 1415.732650][T28567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1415.732662][T28567] R13: 00007f3a15416128 R14: 00007f3a15416090 R15: 00007ffc91225388 [ 1415.732686][T28567] [ 1416.236543][T28578] Invalid ELF header magic: != ELF [ 1416.805598][T28592] FAULT_INJECTION: forcing a failure. [ 1416.805598][T28592] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1416.836529][T28589] vivid-007: ================= START STATUS ================= [ 1416.873963][T28592] CPU: 0 UID: 0 PID: 28592 Comm: syz.1.4817 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1416.873997][T28592] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1416.874005][T28592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1416.874017][T28592] Call Trace: [ 1416.874024][T28592] [ 1416.874033][T28592] dump_stack_lvl+0x100/0x190 [ 1416.874067][T28592] should_fail_ex.cold+0x5/0xa [ 1416.874091][T28592] _copy_from_user+0x2e/0xd0 [ 1416.874117][T28592] kstrtouint_from_user+0xd6/0x1d0 [ 1416.874148][T28592] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 1416.874178][T28592] ? __lock_acquire+0x4a5/0x2630 [ 1416.874206][T28592] ? lock_acquire+0x1cf/0x380 [ 1416.874243][T28592] proc_fail_nth_write+0x83/0x220 [ 1416.874270][T28592] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1416.874302][T28592] vfs_write+0x2aa/0x1070 [ 1416.874322][T28592] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1416.874349][T28592] ? __pfx_vfs_write+0x10/0x10 [ 1416.874367][T28592] ? __fget_files+0x215/0x3d0 [ 1416.874391][T28592] ? __fget_files+0x21f/0x3d0 [ 1416.874416][T28592] ksys_write+0x12a/0x250 [ 1416.874434][T28592] ? __pfx_ksys_write+0x10/0x10 [ 1416.874460][T28592] do_syscall_64+0x106/0xf80 [ 1416.874479][T28592] ? clear_bhb_loop+0x40/0x90 [ 1416.874502][T28592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1416.874522][T28592] RIP: 0033:0x7f7ca315d04e [ 1416.874539][T28592] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1416.874557][T28592] RSP: 002b:00007f7ca4075fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1416.874576][T28592] RAX: ffffffffffffffda RBX: 00007f7ca40766c0 RCX: 00007f7ca315d04e [ 1416.874589][T28592] RDX: 0000000000000001 RSI: 00007f7ca40760a0 RDI: 0000000000000006 [ 1416.874600][T28592] RBP: 00007f7ca4076090 R08: 0000000000000000 R09: 0000000000000000 [ 1416.874612][T28592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1416.874622][T28592] R13: 00007f7ca3416038 R14: 00007f7ca3415fa0 R15: 00007ffe238e7428 [ 1416.874646][T28592] [ 1417.321619][T28589] vivid-007: Generate PTS: true [ 1417.353843][T28589] vivid-007: Generate SCR: true [ 1417.358756][T28589] tpg source WxH: 320x240 (Y'CbCr) [ 1417.464487][T28589] tpg field: 1 [ 1417.467999][T28589] tpg crop: (0,0)/320x240 [ 1417.472332][T28589] tpg compose: (0,0)/320x240 [ 1417.557372][T28589] tpg colorspace: 8 [ 1417.561231][T28589] tpg transfer function: 0/0 [ 1417.606347][T28589] tpg Y'CbCr encoding: 0/0 [ 1417.630565][T28589] tpg quantization: 0/0 [ 1417.652305][T28589] tpg RGB range: 0/2 [ 1417.675845][T28589] vivid-007: ================== END STATUS ================== [ 1418.208447][T28606] futex_wake_op: syz.1.4820 tries to shift op by -2048; fix this program [ 1418.393949][T28606] misc userio: Invalid payload size [ 1420.384350][T19500] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1420.398968][T19500] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1420.407592][T19500] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1420.416039][T19500] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1420.423979][T19500] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1421.602800][T19515] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1421.728351][T28635] chnl_net:caif_netlink_parms(): no params data found [ 1421.866040][T19515] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1422.151029][T19515] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1422.351802][T19515] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1422.505458][T19500] Bluetooth: hci4: command tx timeout [ 1422.574463][T28635] bridge0: port 1(bridge_slave_0) entered blocking state [ 1422.614584][T28635] bridge0: port 1(bridge_slave_0) entered disabled state [ 1422.647378][T28635] bridge_slave_0: entered allmulticast mode [ 1422.679682][T28635] bridge_slave_0: entered promiscuous mode [ 1422.901443][T28635] bridge0: port 2(bridge_slave_1) entered blocking state [ 1422.935099][T28635] bridge0: port 2(bridge_slave_1) entered disabled state [ 1422.957490][T28635] bridge_slave_1: entered allmulticast mode [ 1422.969600][T28635] bridge_slave_1: entered promiscuous mode [ 1423.137824][T28635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1423.228539][T28635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1423.452267][T28635] team0: Port device team_slave_0 added [ 1423.547883][T28635] team0: Port device team_slave_1 added [ 1423.674189][T19515] bridge_slave_1: left allmulticast mode [ 1423.679954][T19515] bridge_slave_1: left promiscuous mode [ 1423.741643][T19515] bridge0: port 2(bridge_slave_1) entered disabled state [ 1423.808848][T19515] bridge_slave_0: left allmulticast mode [ 1423.853931][T19515] bridge_slave_0: left promiscuous mode [ 1423.859694][T19515] bridge0: port 1(bridge_slave_0) entered disabled state [ 1424.079575][T28685] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4833'. [ 1424.583614][T19500] Bluetooth: hci4: command tx timeout [ 1424.800083][T19515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1424.885521][T19515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1424.929667][T19515] bond0 (unregistering): Released all slaves [ 1425.072970][T28635] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1425.104775][T28635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1425.204784][T28635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1425.245123][T28635] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1425.270541][T28635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1425.363708][T28635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1425.587158][T28635] hsr_slave_0: entered promiscuous mode [ 1425.616346][T28635] hsr_slave_1: entered promiscuous mode [ 1425.643979][T28635] debugfs: 'hsr0' already exists in 'hsr' [ 1425.667633][T28635] Cannot create hsr debugfs directory [ 1426.663628][T19500] Bluetooth: hci4: command tx timeout [ 1426.993698][T28734] bond0: option all_slaves_active: invalid value () [ 1427.294610][T28740] FAULT_INJECTION: forcing a failure. [ 1427.294610][T28740] name failslab, interval 1, probability 0, space 0, times 0 [ 1427.357135][T28740] CPU: 0 UID: 0 PID: 28740 Comm: syz.1.4840 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1427.357171][T28740] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1427.357179][T28740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1427.357190][T28740] Call Trace: [ 1427.357197][T28740] [ 1427.357213][T28740] dump_stack_lvl+0x100/0x190 [ 1427.357247][T28740] should_fail_ex.cold+0x5/0xa [ 1427.357269][T28740] should_failslab+0xc2/0x120 [ 1427.357291][T28740] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1427.357320][T28740] ? security_file_alloc+0x34/0x2c0 [ 1427.357346][T28740] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1427.357370][T28740] security_file_alloc+0x34/0x2c0 [ 1427.357397][T28740] init_file+0x95/0x480 [ 1427.357420][T28740] alloc_empty_file+0x73/0x1c0 [ 1427.357446][T28740] path_openat+0xe8/0x31a0 [ 1427.357465][T28740] ? kasan_save_stack+0x3f/0x50 [ 1427.357482][T28740] ? kasan_save_stack+0x30/0x50 [ 1427.357498][T28740] ? kasan_save_track+0x14/0x30 [ 1427.357515][T28740] ? __kasan_slab_alloc+0x89/0x90 [ 1427.357532][T28740] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1427.357561][T28740] ? do_getname+0x35/0x390 [ 1427.357584][T28740] ? do_sys_openat2+0xc5/0x1e0 [ 1427.357609][T28740] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1427.357632][T28740] ? __pfx_path_openat+0x10/0x10 [ 1427.357661][T28740] do_file_open+0x20e/0x430 [ 1427.357683][T28740] ? __pfx_do_file_open+0x10/0x10 [ 1427.357719][T28740] ? alloc_fd+0x476/0x790 [ 1427.357740][T28740] ? do_getname+0x191/0x390 [ 1427.357767][T28740] do_sys_openat2+0x10d/0x1e0 [ 1427.357793][T28740] ? __pfx_do_sys_openat2+0x10/0x10 [ 1427.357817][T28740] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1427.357842][T28740] ? __fget_files+0x21f/0x3d0 [ 1427.357864][T28740] __x64_sys_openat+0x12d/0x210 [ 1427.357891][T28740] ? __pfx___x64_sys_openat+0x10/0x10 [ 1427.357916][T28740] ? ksys_write+0x1ac/0x250 [ 1427.357935][T28740] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1427.357960][T28740] ? syscall_user_dispatch+0x76/0x130 [ 1427.357991][T28740] do_syscall_64+0x106/0xf80 [ 1427.358010][T28740] ? clear_bhb_loop+0x40/0x90 [ 1427.358032][T28740] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1427.358052][T28740] RIP: 0033:0x7f7ca319c819 [ 1427.358069][T28740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1427.358092][T28740] RSP: 002b:00007f7ca4076028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1427.358112][T28740] RAX: ffffffffffffffda RBX: 00007f7ca3415fa0 RCX: 00007f7ca319c819 [ 1427.358124][T28740] RDX: 0000000000000802 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1427.358136][T28740] RBP: 00007f7ca4076090 R08: 0000000000000000 R09: 0000000000000000 [ 1427.358147][T28740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1427.358158][T28740] R13: 00007f7ca3416038 R14: 00007f7ca3415fa0 R15: 00007ffe238e7428 [ 1427.358182][T28740] [ 1428.337523][T28751] usb usb24: usbfs: process 28751 (syz.2.4842) did not claim interface 0 before use [ 1428.743742][T19500] Bluetooth: hci4: command tx timeout [ 1429.167794][T28635] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1429.368086][T28635] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1429.554771][T28635] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1429.620842][T28635] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1431.420032][T28635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1431.905570][T28635] 8021q: adding VLAN 0 to HW filter on device team0 [ 1432.067493][T26841] bridge0: port 1(bridge_slave_0) entered blocking state [ 1432.074955][T26841] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1432.131560][T26841] bridge0: port 2(bridge_slave_1) entered blocking state [ 1432.138776][T26841] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1432.632302][T28837] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4853'. [ 1433.345694][T28864] __vm_enough_memory: pid: 28864, comm: syz.1.4857, bytes: 4398046511104 not enough memory for the allocation [ 1433.650258][T28635] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1434.190681][T19515] hsr_slave_0: left promiscuous mode [ 1434.244736][T19515] hsr_slave_1: left promiscuous mode [ 1434.304181][T19515] veth0_macvtap: left promiscuous mode [ 1434.363832][T19515] veth1_vlan: left promiscuous mode [ 1434.369175][T19515] veth0_vlan: left promiscuous mode [ 1435.624876][T19515] team0 (unregistering): Port device team_slave_1 removed [ 1435.684531][T19515] team0 (unregistering): Port device team_slave_0 removed [ 1436.010065][T28911] FAULT_INJECTION: forcing a failure. [ 1436.010065][T28911] name failslab, interval 1, probability 0, space 0, times 0 [ 1436.223661][T28911] CPU: 0 UID: 0 PID: 28911 Comm: syz.1.4863 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1436.223695][T28911] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1436.223703][T28911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1436.223715][T28911] Call Trace: [ 1436.223722][T28911] [ 1436.223730][T28911] dump_stack_lvl+0x100/0x190 [ 1436.223764][T28911] should_fail_ex.cold+0x5/0xa [ 1436.223787][T28911] should_failslab+0xc2/0x120 [ 1436.223809][T28911] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1436.223838][T28911] ? create_new_namespaces+0x30/0xac0 [ 1436.223859][T28911] ? rcu_is_watching+0x12/0xc0 [ 1436.223891][T28911] create_new_namespaces+0x30/0xac0 [ 1436.223928][T28911] ? bpf_lsm_capable+0x9/0x10 [ 1436.223949][T28911] ? security_capable+0x80/0x260 [ 1436.223971][T28911] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1436.223995][T28911] ksys_unshare+0x473/0xad0 [ 1436.224021][T28911] ? __pfx_ksys_unshare+0x10/0x10 [ 1436.224054][T28911] __x64_sys_unshare+0x31/0x40 [ 1436.224078][T28911] do_syscall_64+0x106/0xf80 [ 1436.224096][T28911] ? clear_bhb_loop+0x40/0x90 [ 1436.224119][T28911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1436.224139][T28911] RIP: 0033:0x7f7ca319c819 [ 1436.224155][T28911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1436.224173][T28911] RSP: 002b:00007f7ca4055028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1436.224192][T28911] RAX: ffffffffffffffda RBX: 00007f7ca3416090 RCX: 00007f7ca319c819 [ 1436.224205][T28911] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1436.224217][T28911] RBP: 00007f7ca3232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1436.224229][T28911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1436.224240][T28911] R13: 00007f7ca3416128 R14: 00007f7ca3416090 R15: 00007ffe238e7428 [ 1436.224267][T28911] [ 1436.458928][T28635] veth0_vlan: entered promiscuous mode [ 1436.468915][T28635] veth1_vlan: entered promiscuous mode [ 1436.488610][T28635] veth0_macvtap: entered promiscuous mode [ 1436.497915][T28635] veth1_macvtap: entered promiscuous mode [ 1436.513261][T28635] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1436.523993][T28635] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1436.930118][T19522] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1436.939343][T19522] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1436.964612][T19522] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1436.994315][T19522] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1437.340333][T19531] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1437.349210][T19531] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1437.546935][T19531] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1437.589112][T19531] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1437.845425][ T29] audit: type=1326 audit(4294968222.490:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28907 comm="syz.1.4863" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7ca319c819 code=0x0 [ 1438.944020][T27184] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1438.960237][T27184] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1438.968862][T27184] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1438.976950][T27184] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1438.986767][T27184] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1440.607681][T28951] chnl_net:caif_netlink_parms(): no params data found [ 1441.063673][T27184] Bluetooth: hci3: command tx timeout [ 1441.146254][T28951] bridge0: port 1(bridge_slave_0) entered blocking state [ 1441.199899][T28951] bridge0: port 1(bridge_slave_0) entered disabled state [ 1441.228055][T28951] bridge_slave_0: entered allmulticast mode [ 1441.263377][T28951] bridge_slave_0: entered promiscuous mode [ 1441.301372][T28951] bridge0: port 2(bridge_slave_1) entered blocking state [ 1441.333667][T28951] bridge0: port 2(bridge_slave_1) entered disabled state [ 1441.372403][T28951] bridge_slave_1: entered allmulticast mode [ 1441.404513][T28951] bridge_slave_1: entered promiscuous mode [ 1441.562427][T28951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1441.587745][T28982] zswap: compressor not available [ 1441.698353][T28951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1441.879559][T28951] team0: Port device team_slave_0 added [ 1441.937163][T28951] team0: Port device team_slave_1 added [ 1442.038862][T28951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1442.071627][T28951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1442.274320][T28951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1442.326474][T28951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1442.359577][T28951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1442.388466][T29002] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4875'. [ 1442.474841][T28951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1442.760497][T29006] bond0: option all_slaves_active: invalid value () [ 1442.914624][T28951] hsr_slave_0: entered promiscuous mode [ 1442.935026][T28951] hsr_slave_1: entered promiscuous mode [ 1442.948651][T28951] debugfs: 'hsr0' already exists in 'hsr' [ 1442.964507][T28951] Cannot create hsr debugfs directory [ 1443.144381][T27184] Bluetooth: hci3: command tx timeout [ 1443.801699][T29026] [U] [ 1443.804541][T29026] [U] [ 1443.807382][T29026] [U] [ 1443.810098][T29026] [U] [ 1443.850993][T29024] zswap: compressor not available [ 1443.907535][T29026] [U] [ 1443.910361][T29026] [U] [ 1443.913054][T29026] [U] [ 1443.915756][T29026] [U] [ 1444.056983][T29026] [U] [ 1444.059733][T29026] [U] [ 1444.062435][T29026] [U] [ 1444.065149][T29026] [U] [ 1444.095779][T28951] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1444.164397][T29026] [U] [ 1444.167201][T29026] [U] [ 1444.169918][T29026] [U] [ 1444.172606][T29026] [U] [ 1444.255251][T29026] [U] [ 1444.258010][T29026] [U] [ 1444.260719][T29026] [U] [ 1444.263433][T29026] [U] [ 1444.300600][T28951] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1444.328790][T29026] [U] [ 1444.331548][T29026] [U] [ 1444.334352][T29026] [U] [ 1444.337139][T29026] [U] [ 1444.431584][T29026] [U] [ 1444.434507][T29026] [U] [ 1444.437212][T29026] [U] [ 1444.439906][T29026] [U] [ 1444.453381][T28951] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1444.515702][T29026] [U] [ 1444.518549][T29026] [U] [ 1444.521350][T29026] [U] [ 1444.524064][T29026] [U] [ 1444.596272][T29026] [U] [ 1444.599026][T29026] [U] [ 1444.601819][T29026] [U] [ 1444.604536][T29026] [U] [ 1444.680484][T29026] [U] [ 1444.683205][T29026] [U] [ 1444.685899][T29026] [U] [ 1444.688591][T29026] [U] [ 1444.704807][T28951] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1444.835086][T29026] [U] [ 1445.187801][T29043] futex_wake_op: syz.2.4884 tries to shift op by -2048; fix this program [ 1445.232713][T27184] Bluetooth: hci3: command tx timeout [ 1445.258469][T28951] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1445.294278][T29044] misc userio: No port type given on /dev/userio [ 1445.341022][T29043] futex_wake_op: syz.2.4884 tries to shift op by -2048; fix this program [ 1445.433700][T28951] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1445.531935][T28951] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1445.617680][T28951] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1445.928893][T29068] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4887'. [ 1446.392943][ T29] audit: type=1804 audit(4294968231.030:38): pid=29076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4888" name="/newroot/24/file0" dev="tmpfs" ino=145 res=1 errno=0 [ 1446.487896][T28951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1446.766488][T28951] 8021q: adding VLAN 0 to HW filter on device team0 [ 1446.886715][T19522] bridge0: port 1(bridge_slave_0) entered blocking state [ 1446.893971][T19522] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1447.016262][T19522] bridge0: port 2(bridge_slave_1) entered blocking state [ 1447.023549][T19522] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1447.082890][T29091] random: crng reseeded on system resumption [ 1447.278605][T28951] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1447.313146][T27184] Bluetooth: hci3: command tx timeout [ 1448.274527][T28951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1448.495648][T28951] veth0_vlan: entered promiscuous mode [ 1448.568820][T28951] veth1_vlan: entered promiscuous mode [ 1448.745438][T28951] veth0_macvtap: entered promiscuous mode [ 1448.845776][T28951] veth1_macvtap: entered promiscuous mode [ 1448.984955][T28951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1449.028145][T28951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1449.096320][T19504] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1449.140762][T19504] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1449.194623][T19504] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1449.263246][T19504] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1449.747440][T19515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1449.770779][T19515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1450.079162][T19515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1450.128508][T19515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1450.627254][T29148] FAULT_INJECTION: forcing a failure. [ 1450.627254][T29148] name failslab, interval 1, probability 0, space 0, times 0 [ 1450.715029][T29148] CPU: 0 UID: 0 PID: 29148 Comm: syz.2.4898 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1450.715065][T29148] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1450.715073][T29148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1450.715084][T29148] Call Trace: [ 1450.715091][T29148] [ 1450.715099][T29148] dump_stack_lvl+0x100/0x190 [ 1450.715132][T29148] should_fail_ex.cold+0x5/0xa [ 1450.715156][T29148] should_failslab+0xc2/0x120 [ 1450.715178][T29148] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1450.715212][T29148] ? security_inode_alloc+0x3b/0x2c0 [ 1450.715234][T29148] ? lockdep_init_map_type+0x5c/0x250 [ 1450.715264][T29148] security_inode_alloc+0x3b/0x2c0 [ 1450.715286][T29148] inode_init_always_gfp+0xced/0x1040 [ 1450.715311][T29148] alloc_inode+0x8e/0x250 [ 1450.715337][T29148] new_inode+0x22/0x1c0 [ 1450.715365][T29148] __debugfs_create_file+0x105/0x4f0 [ 1450.715391][T29148] debugfs_create_file_full+0x41/0x60 [ 1450.715416][T29148] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 1450.715443][T29148] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 1450.715470][T29148] ? find_held_lock+0x2b/0x80 [ 1450.715508][T29148] ? lockdep_init_map_type+0x5c/0x250 [ 1450.715539][T29148] preinit_net.part.0+0x437/0x8f0 [ 1450.715562][T29148] copy_net_ns+0x339/0x7c0 [ 1450.715584][T29148] create_new_namespaces+0x3ea/0xac0 [ 1450.715611][T29148] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1450.715634][T29148] ksys_unshare+0x473/0xad0 [ 1450.715660][T29148] ? __pfx_ksys_unshare+0x10/0x10 [ 1450.715692][T29148] __x64_sys_unshare+0x31/0x40 [ 1450.715716][T29148] do_syscall_64+0x106/0xf80 [ 1450.715734][T29148] ? clear_bhb_loop+0x40/0x90 [ 1450.715757][T29148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1450.715776][T29148] RIP: 0033:0x7fe88c19c819 [ 1450.715793][T29148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1450.715811][T29148] RSP: 002b:00007fe88cf92028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1450.715829][T29148] RAX: ffffffffffffffda RBX: 00007fe88c416180 RCX: 00007fe88c19c819 [ 1450.715841][T29148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1450.715852][T29148] RBP: 00007fe88c232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1450.715863][T29148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1450.715874][T29148] R13: 00007fe88c416218 R14: 00007fe88c416180 R15: 00007ffeb840a9c8 [ 1450.715899][T29148] [ 1450.719833][T29148] debugfs: out of free dentries, can not create file 'net_notrefcnt@ffff888069d5a978' [ 1453.315705][T29186] FAULT_INJECTION: forcing a failure. [ 1453.315705][T29186] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.373372][T29186] CPU: 0 UID: 0 PID: 29186 Comm: syz.4.4906 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1453.373406][T29186] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1453.373414][T29186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1453.373427][T29186] Call Trace: [ 1453.373434][T29186] [ 1453.373447][T29186] dump_stack_lvl+0x100/0x190 [ 1453.373481][T29186] should_fail_ex.cold+0x5/0xa [ 1453.373506][T29186] should_failslab+0xc2/0x120 [ 1453.373528][T29186] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1453.373556][T29186] ? security_file_alloc+0x34/0x2c0 [ 1453.373581][T29186] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1453.373606][T29186] security_file_alloc+0x34/0x2c0 [ 1453.373632][T29186] init_file+0x95/0x480 [ 1453.373655][T29186] alloc_empty_file+0x73/0x1c0 [ 1453.373680][T29186] alloc_file_pseudo+0x13a/0x230 [ 1453.373706][T29186] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1453.373729][T29186] ? inode_init_always_gfp+0xd0e/0x1040 [ 1453.373757][T29186] sock_alloc_file+0x50/0x210 [ 1453.373777][T29186] do_accept+0x242/0x530 [ 1453.373802][T29186] ? 0xffffffff81000000 [ 1453.373816][T29186] ? do_raw_spin_lock+0x128/0x260 [ 1453.373845][T29186] ? __pfx_do_accept+0x10/0x10 [ 1453.373887][T29186] ? 0xffffffff81000000 [ 1453.373899][T29186] __sys_accept4+0x108/0x200 [ 1453.373926][T29186] ? __pfx___sys_accept4+0x10/0x10 [ 1453.373958][T29186] __x64_sys_accept+0x74/0xb0 [ 1453.373983][T29186] ? lockdep_hardirqs_on+0x78/0x100 [ 1453.374002][T29186] do_syscall_64+0x106/0xf80 [ 1453.374020][T29186] ? clear_bhb_loop+0x40/0x90 [ 1453.374042][T29186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1453.374061][T29186] RIP: 0033:0x7f3a1519c819 [ 1453.374076][T29186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1453.374094][T29186] RSP: 002b:00007f3a1613e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 1453.374113][T29186] RAX: ffffffffffffffda RBX: 00007f3a15415fa0 RCX: 00007f3a1519c819 [ 1453.374134][T29186] RDX: ffffffff81000000 RSI: ffffffffffffffff RDI: 0000000000000003 [ 1453.374145][T29186] RBP: 00007f3a15232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1453.374156][T29186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1453.374167][T29186] R13: 00007f3a15416038 R14: 00007f3a15415fa0 R15: 00007ffc91225388 [ 1453.374185][T29186] ? 0xffffffff81000000 [ 1453.374203][T29186] [ 1454.456982][T29198] [U] 0="/ [ 1454.635945][T29200] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1454.808114][T29206] [U] [ 1454.810969][T29206] [U] [ 1454.813668][T29206] [U] [ 1454.816364][T29206] [U] [ 1454.913799][T29209] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4913'. [ 1454.924207][T29206] [U] [ 1454.926951][T29206] [U] [ 1454.929661][T29206] [U] [ 1454.932369][T29206] [U] [ 1454.951397][T29206] [U] [ 1455.222709][T29212] zswap: compressor not available [ 1456.124445][T29235] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4918'. [ 1458.478469][T29259] Invalid ELF header magic: != ELF [ 1458.576011][T29264] futex_wake_op: syz.1.4925 tries to shift op by -2048; fix this program [ 1458.576199][T29264] futex_wake_op: syz.1.4925 tries to shift op by -2048; fix this program [ 1458.577023][T29264] 0x000000000001-0x000000020000 : "" [ 1458.586515][T29264] ftl_cs: FTL header corrupt! [ 1458.639620][T29266] misc userio: No port type given on /dev/userio [ 1458.969206][T29269] Unable to find swap-space signature [ 1460.064391][T29291] FAULT_INJECTION: forcing a failure. [ 1460.064391][T29291] name failslab, interval 1, probability 0, space 0, times 0 [ 1460.238210][T29291] CPU: 0 UID: 0 PID: 29291 Comm: syz.1.4930 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1460.238250][T29291] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1460.238258][T29291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1460.238269][T29291] Call Trace: [ 1460.238275][T29291] [ 1460.238283][T29291] dump_stack_lvl+0x100/0x190 [ 1460.238316][T29291] should_fail_ex.cold+0x5/0xa [ 1460.238339][T29291] should_failslab+0xc2/0x120 [ 1460.238361][T29291] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1460.238388][T29291] ? proc_thread_self_get_link+0x1a6/0x210 [ 1460.238423][T29291] proc_thread_self_get_link+0x1a6/0x210 [ 1460.238453][T29291] pick_link+0xac2/0x13c0 [ 1460.238482][T29291] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 1460.238514][T29291] step_into_slowpath+0x9ba/0xf90 [ 1460.238548][T29291] ? __pfx_step_into_slowpath+0x10/0x10 [ 1460.238582][T29291] ? lookup_fast+0x2da/0x600 [ 1460.238608][T29291] ? inode_permission+0x374/0x620 [ 1460.238637][T29291] link_path_walk+0xf28/0x1cc0 [ 1460.238674][T29291] path_openat+0x1be/0x31a0 [ 1460.238694][T29291] ? kasan_save_stack+0x3f/0x50 [ 1460.238711][T29291] ? kasan_save_stack+0x30/0x50 [ 1460.238728][T29291] ? kasan_save_track+0x14/0x30 [ 1460.238748][T29291] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1460.238783][T29291] ? __pfx_path_openat+0x10/0x10 [ 1460.238812][T29291] do_file_open+0x20e/0x430 [ 1460.238835][T29291] ? __pfx_do_file_open+0x10/0x10 [ 1460.238882][T29291] ? alloc_fd+0x476/0x790 [ 1460.238908][T29291] ? do_getname+0x191/0x390 [ 1460.238935][T29291] do_sys_openat2+0x10d/0x1e0 [ 1460.238964][T29291] ? __pfx_do_sys_openat2+0x10/0x10 [ 1460.239006][T29291] __x64_sys_openat+0x12d/0x210 [ 1460.239033][T29291] ? __pfx___x64_sys_openat+0x10/0x10 [ 1460.239069][T29291] do_syscall_64+0x106/0xf80 [ 1460.239090][T29291] ? clear_bhb_loop+0x40/0x90 [ 1460.239116][T29291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1460.239138][T29291] RIP: 0033:0x7f5c5995d04e [ 1460.239156][T29291] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1460.239176][T29291] RSP: 002b:00007f5c57b92f98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1460.239195][T29291] RAX: ffffffffffffffda RBX: 00007f5c57b936c0 RCX: 00007f5c5995d04e [ 1460.239208][T29291] RDX: 0000000000000002 RSI: 00007f5c59a32598 RDI: ffffffffffffff9c [ 1460.239221][T29291] RBP: 00007f5c59a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1460.239232][T29291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1460.239243][T29291] R13: 00007f5c59c16308 R14: 00007f5c59c16270 R15: 00007fff254d9f38 [ 1460.239266][T29291] [ 1460.506159][T29291] FAULT_INJECTION: forcing a failure. [ 1460.506159][T29291] name failslab, interval 1, probability 0, space 0, times 0 [ 1460.521272][T29291] CPU: 0 UID: 0 PID: 29291 Comm: syz.1.4930 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1460.521306][T29291] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1460.521314][T29291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1460.521325][T29291] Call Trace: [ 1460.521332][T29291] [ 1460.521340][T29291] dump_stack_lvl+0x100/0x190 [ 1460.521374][T29291] should_fail_ex.cold+0x5/0xa [ 1460.521397][T29291] should_failslab+0xc2/0x120 [ 1460.521419][T29291] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1460.521445][T29291] ? newseg+0x269/0xed0 [ 1460.521474][T29291] newseg+0x269/0xed0 [ 1460.521500][T29291] ? find_held_lock+0x2b/0x80 [ 1460.521521][T29291] ? __pfx_newseg+0x10/0x10 [ 1460.521546][T29291] ? down_write+0x146/0x1f0 [ 1460.521568][T29291] ? ksys_write+0x190/0x250 [ 1460.521586][T29291] ? ksys_write+0x190/0x250 [ 1460.521608][T29291] ipcget+0xee/0xf50 [ 1460.521634][T29291] ? __fget_files+0x215/0x3d0 [ 1460.521654][T29291] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1460.521679][T29291] ? __pfx_ipcget+0x10/0x10 [ 1460.521712][T29291] __x64_sys_shmget+0x13b/0x1b0 [ 1460.521739][T29291] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1460.521772][T29291] do_syscall_64+0x106/0xf80 [ 1460.521791][T29291] ? clear_bhb_loop+0x40/0x90 [ 1460.521815][T29291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1460.521834][T29291] RIP: 0033:0x7f5c5999c819 [ 1460.521851][T29291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1460.521870][T29291] RSP: 002b:00007f5c57b93028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 1460.521889][T29291] RAX: ffffffffffffffda RBX: 00007f5c59c16270 RCX: 00007f5c5999c819 [ 1460.521901][T29291] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 1460.521913][T29291] RBP: 00007f5c57b93090 R08: 0000000000000000 R09: 0000000000000000 [ 1460.521924][T29291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1460.521935][T29291] R13: 00007f5c59c16308 R14: 00007f5c59c16270 R15: 00007fff254d9f38 [ 1460.521958][T29291] [ 1461.351873][T29304] zswap: compressor not available [ 1461.690508][T29324] FAULT_INJECTION: forcing a failure. [ 1461.690508][T29324] name failslab, interval 1, probability 0, space 0, times 0 [ 1461.925487][T29324] CPU: 0 UID: 0 PID: 29324 Comm: syz.4.4936 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1461.925520][T29324] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1461.925527][T29324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1461.925538][T29324] Call Trace: [ 1461.925545][T29324] [ 1461.925552][T29324] dump_stack_lvl+0x100/0x190 [ 1461.925585][T29324] should_fail_ex.cold+0x5/0xa [ 1461.925608][T29324] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1461.925636][T29324] should_failslab+0xc2/0x120 [ 1461.925658][T29324] __kmalloc_noprof+0xe0/0x850 [ 1461.925692][T29324] tomoyo_realpath_from_path+0xb6/0x690 [ 1461.925725][T29324] tomoyo_path_number_perm+0x23c/0x580 [ 1461.925748][T29324] ? tomoyo_path_number_perm+0x22e/0x580 [ 1461.925773][T29324] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1461.925818][T29324] ? find_held_lock+0x2b/0x80 [ 1461.925836][T29324] ? __fget_files+0x215/0x3d0 [ 1461.925854][T29324] ? hook_file_ioctl_common+0x146/0x410 [ 1461.925882][T29324] ? __fget_files+0x21f/0x3d0 [ 1461.925905][T29324] security_file_ioctl+0xd3/0x230 [ 1461.925930][T29324] __x64_sys_ioctl+0xb7/0x210 [ 1461.925961][T29324] do_syscall_64+0x106/0xf80 [ 1461.925980][T29324] ? clear_bhb_loop+0x40/0x90 [ 1461.926003][T29324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1461.926023][T29324] RIP: 0033:0x7f3a1519c819 [ 1461.926039][T29324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1461.926057][T29324] RSP: 002b:00007f3a1611d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1461.926077][T29324] RAX: ffffffffffffffda RBX: 00007f3a15416090 RCX: 00007f3a1519c819 [ 1461.926089][T29324] RDX: ffffffffffffffff RSI: 0000000000004b68 RDI: 0000000000000004 [ 1461.926101][T29324] RBP: 00007f3a1611d090 R08: 0000000000000000 R09: 0000000000000000 [ 1461.926120][T29324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1461.926131][T29324] R13: 00007f3a15416128 R14: 00007f3a15416090 R15: 00007ffc91225388 [ 1461.926154][T29324] [ 1461.926162][T29324] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1462.866658][T29348] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4939'. [ 1463.028762][T29357] vivid-007: ================= START STATUS ================= [ 1463.121677][T29357] vivid-007: Generate PTS: true [ 1463.217144][T29357] vivid-007: Generate SCR: true [ 1463.309194][T29357] tpg source WxH: 320x240 (Y'CbCr) [ 1463.396786][T29357] tpg field: 1 [ 1463.428066][T29357] tpg crop: (0,0)/320x240 [ 1463.468056][T29357] tpg compose: (0,0)/320x240 [ 1463.495104][T29357] tpg colorspace: 8 [ 1463.564758][T29357] tpg transfer function: 0/0 [ 1463.630504][T29357] tpg Y'CbCr encoding: 0/0 [ 1463.651345][T29357] tpg quantization: 0/0 [ 1463.676894][T29357] tpg RGB range: 0/2 [ 1463.698031][T29357] vivid-007: ================== END STATUS ================== [ 1463.718618][T29369] FAULT_INJECTION: forcing a failure. [ 1463.718618][T29369] name failslab, interval 1, probability 0, space 0, times 0 [ 1463.798906][T29369] CPU: 0 UID: 0 PID: 29369 Comm: syz.4.4941 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1463.798940][T29369] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1463.798947][T29369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1463.798959][T29369] Call Trace: [ 1463.798966][T29369] [ 1463.798974][T29369] dump_stack_lvl+0x100/0x190 [ 1463.799007][T29369] should_fail_ex.cold+0x5/0xa [ 1463.799031][T29369] should_failslab+0xc2/0x120 [ 1463.799054][T29369] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1463.799081][T29369] ? vkms_plane_duplicate_state+0x45/0x130 [ 1463.799109][T29369] vkms_plane_duplicate_state+0x45/0x130 [ 1463.799134][T29369] drm_atomic_get_plane_state+0x279/0x760 [ 1463.799163][T29369] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 1463.799192][T29369] ? trace_contention_end+0x140/0x180 [ 1463.799223][T29369] ? __mutex_lock+0x26a/0x1b90 [ 1463.799244][T29369] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1463.799274][T29369] ? drm_master_internal_acquire+0x21/0x80 [ 1463.799323][T29369] drm_client_modeset_commit_locked+0x14d/0x580 [ 1463.799356][T29369] drm_client_modeset_commit+0x4f/0x80 [ 1463.799385][T29369] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1463.799419][T29369] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1463.799451][T29369] drm_fbdev_client_restore+0x1b/0x30 [ 1463.799476][T29369] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1463.799499][T29369] drm_client_dev_restore+0x205/0x2a0 [ 1463.799532][T29369] drm_release+0x2c6/0x360 [ 1463.799559][T29369] ? __pfx_drm_release+0x10/0x10 [ 1463.799586][T29369] __fput+0x3ff/0xb40 [ 1463.799614][T29369] task_work_run+0x150/0x240 [ 1463.799643][T29369] ? __pfx_task_work_run+0x10/0x10 [ 1463.799677][T29369] exit_to_user_mode_loop+0x100/0x4a0 [ 1463.799707][T29369] do_syscall_64+0x668/0xf80 [ 1463.799725][T29369] ? clear_bhb_loop+0x40/0x90 [ 1463.799749][T29369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1463.799768][T29369] RIP: 0033:0x7f3a1519c819 [ 1463.799785][T29369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1463.799810][T29369] RSP: 002b:00007f3a1613e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1463.799829][T29369] RAX: 0000000000000000 RBX: 00007f3a15415fa0 RCX: 00007f3a1519c819 [ 1463.799840][T29369] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1463.799851][T29369] RBP: 00007f3a15232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1463.799862][T29369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1463.799873][T29369] R13: 00007f3a15416038 R14: 00007f3a15415fa0 R15: 00007ffc91225388 [ 1463.799898][T29369] [ 1464.322468][T29377] vivid-007: ================= START STATUS ================= [ 1464.332862][T29377] vivid-007: Generate PTS: true [ 1464.341057][T29377] vivid-007: Generate SCR: true [ 1464.348790][T29377] tpg source WxH: 320x240 (Y'CbCr) [ 1464.354955][T29377] tpg field: 1 [ 1464.358328][T29377] tpg crop: (0,0)/320x240 [ 1464.362656][T29377] tpg compose: (0,0)/320x240 [ 1464.367434][T29377] tpg colorspace: 8 [ 1464.371326][T29377] tpg transfer function: 0/0 [ 1464.382644][T29377] tpg Y'CbCr encoding: 0/0 [ 1464.389430][T29377] tpg quantization: 0/0 [ 1464.393903][T29377] tpg RGB range: 0/2 [ 1464.397816][T29377] vivid-007: ================== END STATUS ================== [ 1464.509434][T29359] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1464.549024][T29359] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1464.592630][T29359] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1464.605680][T29359] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1464.710688][T29359] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1464.769408][T29359] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1464.800632][T29359] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1464.878002][T29359] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1465.011621][T29359] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1465.057355][T29359] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1465.115815][T29359] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1465.153098][T29383] FAULT_INJECTION: forcing a failure. [ 1465.153098][T29383] name failslab, interval 1, probability 0, space 0, times 0 [ 1465.182010][T29386] vivid-007: ================= START STATUS ================= [ 1465.218100][T29386] vivid-007: Generate PTS: true [ 1465.223221][T29383] CPU: 0 UID: 0 PID: 29383 Comm: syz.4.4943 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1465.223255][T29383] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1465.223262][T29383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1465.223274][T29383] Call Trace: [ 1465.223281][T29383] [ 1465.223290][T29383] dump_stack_lvl+0x100/0x190 [ 1465.223323][T29383] should_fail_ex.cold+0x5/0xa [ 1465.223345][T29383] should_failslab+0xc2/0x120 [ 1465.223368][T29383] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1465.223398][T29383] ? security_inode_alloc+0x3b/0x2c0 [ 1465.223419][T29383] ? lockdep_init_map_type+0x5c/0x250 [ 1465.223455][T29383] security_inode_alloc+0x3b/0x2c0 [ 1465.223477][T29383] inode_init_always_gfp+0xced/0x1040 [ 1465.223503][T29383] alloc_inode+0x8e/0x250 [ 1465.223528][T29383] new_inode+0x22/0x1c0 [ 1465.223555][T29383] hugetlbfs_get_inode+0x313/0x750 [ 1465.223581][T29383] hugetlb_file_setup+0x3cc/0x5b0 [ 1465.223606][T29383] newseg+0xabb/0xed0 [ 1465.223635][T29383] ? __pfx_newseg+0x10/0x10 [ 1465.223659][T29383] ? down_write+0x146/0x1f0 [ 1465.223681][T29383] ? ksys_write+0x190/0x250 [ 1465.223699][T29383] ? ksys_write+0x190/0x250 [ 1465.223721][T29383] ipcget+0xee/0xf50 [ 1465.223746][T29383] ? do_futex+0x192/0x350 [ 1465.223771][T29383] ? __pfx_do_futex+0x10/0x10 [ 1465.223799][T29383] ? __pfx_ipcget+0x10/0x10 [ 1465.223833][T29383] ? __x64_sys_futex+0x34f/0x4d0 [ 1465.223857][T29383] ? __x64_sys_futex+0x358/0x4d0 [ 1465.223885][T29383] __x64_sys_shmget+0x13b/0x1b0 [ 1465.223912][T29383] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1465.223944][T29383] do_syscall_64+0x106/0xf80 [ 1465.223963][T29383] ? clear_bhb_loop+0x40/0x90 [ 1465.223986][T29383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1465.224006][T29383] RIP: 0033:0x7f3a1519c819 [ 1465.224022][T29383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1465.224040][T29383] RSP: 002b:00007f3a1613e028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 1465.224059][T29383] RAX: ffffffffffffffda RBX: 00007f3a15415fa0 RCX: 00007f3a1519c819 [ 1465.224071][T29383] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 1465.224082][T29383] RBP: 00007f3a15232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1465.224092][T29383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1465.224103][T29383] R13: 00007f3a15416038 R14: 00007f3a15415fa0 R15: 00007ffc91225388 [ 1465.224127][T29383] [ 1465.530944][T29386] vivid-007: Generate SCR: true [ 1465.535987][T29386] tpg source WxH: 320x240 (Y'CbCr) [ 1465.541238][T29386] tpg field: 1 [ 1465.544726][T29386] tpg crop: (0,0)/320x240 [ 1465.549076][T29386] tpg compose: (0,0)/320x240 [ 1465.553830][T29386] tpg colorspace: 8 [ 1465.557743][T29386] tpg transfer function: 0/0 [ 1465.562429][T29386] tpg Y'CbCr encoding: 0/0 [ 1465.567186][T29386] tpg quantization: 0/0 [ 1465.571455][T29386] tpg RGB range: 0/2 [ 1465.575622][T29386] vivid-007: ================== END STATUS ================== [ 1465.774445][T27184] Bluetooth: hci2: command 0x0406 tx timeout [ 1465.943701][T29395] FAULT_INJECTION: forcing a failure. [ 1465.943701][T29395] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1466.029950][T29395] CPU: 0 UID: 0 PID: 29395 Comm: syz.1.4946 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1466.029985][T29395] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1466.029993][T29395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1466.030004][T29395] Call Trace: [ 1466.030010][T29395] [ 1466.030019][T29395] dump_stack_lvl+0x100/0x190 [ 1466.030052][T29395] should_fail_ex.cold+0x5/0xa [ 1466.030075][T29395] _copy_from_user+0x2e/0xd0 [ 1466.030102][T29395] copy_msghdr_from_user+0x9f/0x4f0 [ 1466.030128][T29395] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1466.030156][T29395] ? rcu_is_watching+0x12/0xc0 [ 1466.030186][T29395] ? ___sys_recvmsg+0x177/0x1a0 [ 1466.030207][T29395] ? kfree+0x2ec/0x6b0 [ 1466.030236][T29395] ___sys_recvmsg+0xdd/0x1a0 [ 1466.030260][T29395] ? __pfx____sys_recvmsg+0x10/0x10 [ 1466.030296][T29395] ? __pfx___might_resched+0x10/0x10 [ 1466.030329][T29395] do_recvmmsg+0x301/0x760 [ 1466.030356][T29395] ? __pfx_do_recvmmsg+0x10/0x10 [ 1466.030378][T29395] ? ksys_write+0x190/0x250 [ 1466.030395][T29395] ? ksys_write+0x190/0x250 [ 1466.030417][T29395] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1466.030444][T29395] ? __fget_files+0x21f/0x3d0 [ 1466.030468][T29395] __x64_sys_recvmmsg+0x22a/0x280 [ 1466.030488][T29395] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1466.030514][T29395] do_syscall_64+0x106/0xf80 [ 1466.030532][T29395] ? clear_bhb_loop+0x40/0x90 [ 1466.030555][T29395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1466.030575][T29395] RIP: 0033:0x7f5c5999c819 [ 1466.030592][T29395] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1466.030611][T29395] RSP: 002b:00007f5c57bd5028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1466.030629][T29395] RAX: ffffffffffffffda RBX: 00007f5c59c16090 RCX: 00007f5c5999c819 [ 1466.030642][T29395] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1466.030652][T29395] RBP: 00007f5c57bd5090 R08: 0000000000000000 R09: 0000000000000000 [ 1466.030664][T29395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1466.030675][T29395] R13: 00007f5c59c16128 R14: 00007f5c59c16090 R15: 00007fff254d9f38 [ 1466.030698][T29395] [ 1466.753583][T19500] Bluetooth: hci0: command 0x0c1a tx timeout [ 1466.883125][T19500] Bluetooth: hci4: command 0x0c1a tx timeout [ 1467.075554][T19500] Bluetooth: hci3: command 0x0c1a tx timeout [ 1467.532509][T29412] block2mtd: illegal erase size [ 1467.585530][T29418] [U] 0="/ [ 1467.599251][T29418] [U] [ 1467.613019][T29418] [U] EeQ@ [ 1467.630316][T29417] [U]  [ 1467.787898][T19500] Bluetooth: hci2: command 0x0406 tx timeout [ 1468.238856][T29428] bond0: option all_slaves_active: invalid value () [ 1468.826485][T19500] Bluetooth: hci0: command 0x0c1a tx timeout [ 1468.905081][T19500] Bluetooth: hci4: command 0x0c1a tx timeout [ 1469.146042][T19500] Bluetooth: hci3: command 0x0c1a tx timeout [ 1469.905107][T29467] vivid-007: ================= START STATUS ================= [ 1469.943721][T29467] vivid-007: Generate PTS: true [ 1469.973749][T29467] vivid-007: Generate SCR: true [ 1470.004428][T29467] tpg source WxH: 320x240 (Y'CbCr) [ 1470.035853][T29467] tpg field: 1 [ 1470.053743][T29467] tpg crop: (0,0)/320x240 [ 1470.091160][T29467] tpg compose: (0,0)/320x240 [ 1470.101961][T29467] tpg colorspace: 8 [ 1470.122463][T29467] tpg transfer function: 0/0 [ 1470.137622][T29467] tpg Y'CbCr encoding: 0/0 [ 1470.184908][T29467] tpg quantization: 0/0 [ 1470.189223][T29467] tpg RGB range: 0/2 [ 1470.257399][T29467] vivid-007: ================== END STATUS ================== [ 1470.433850][T29474] Invalid ELF header magic: != ELF [ 1470.794757][T29481] FAULT_INJECTION: forcing a failure. [ 1470.794757][T29481] name failslab, interval 1, probability 0, space 0, times 0 [ 1470.874452][T29481] CPU: 0 UID: 0 PID: 29481 Comm: syz.4.4963 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1470.874487][T29481] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1470.874494][T29481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1470.874505][T29481] Call Trace: [ 1470.874512][T29481] [ 1470.874529][T29481] dump_stack_lvl+0x100/0x190 [ 1470.874563][T29481] should_fail_ex.cold+0x5/0xa [ 1470.874586][T29481] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 1470.874608][T29481] should_failslab+0xc2/0x120 [ 1470.874629][T29481] __kmalloc_noprof+0xe0/0x850 [ 1470.874673][T29481] kernfs_fop_write_iter+0x26a/0x5f0 [ 1470.874698][T29481] vfs_write+0x6ac/0x1070 [ 1470.874725][T29481] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1470.874749][T29481] ? __pfx_vfs_write+0x10/0x10 [ 1470.874782][T29481] ksys_write+0x12a/0x250 [ 1470.874800][T29481] ? __pfx_ksys_write+0x10/0x10 [ 1470.874826][T29481] do_syscall_64+0x106/0xf80 [ 1470.874845][T29481] ? clear_bhb_loop+0x40/0x90 [ 1470.874868][T29481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1470.874889][T29481] RIP: 0033:0x7f3a1519c819 [ 1470.874905][T29481] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1470.874923][T29481] RSP: 002b:00007f3a1613e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1470.874942][T29481] RAX: ffffffffffffffda RBX: 00007f3a15415fa0 RCX: 00007f3a1519c819 [ 1470.874954][T29481] RDX: 0000000000000081 RSI: 00002000000001c0 RDI: 0000000000000002 [ 1470.874966][T29481] RBP: 00007f3a1613e090 R08: 0000000000000000 R09: 0000000000000000 [ 1470.874977][T29481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1470.874988][T29481] R13: 00007f3a15416038 R14: 00007f3a15415fa0 R15: 00007ffc91225388 [ 1470.875012][T29481] [ 1471.204803][T27184] Bluetooth: hci0: command 0x0c1a tx timeout [ 1471.211120][T27184] Bluetooth: hci4: command 0x0c1a tx timeout [ 1471.252413][T21979] Bluetooth: hci3: command 0x0c1a tx timeout [ 1472.498230][T29510] zswap: compressor not available [ 1472.823664][T19500] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 1473.400752][T29506] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1473.432029][T29506] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1473.461818][T29506] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1473.492303][T29506] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1474.034895][T29538] zswap: compressor not available [ 1474.184333][T19500] Bluetooth: hci2: command 0x0406 tx timeout [ 1475.227878][T29553] bond0: option all_slaves_active: invalid value () [ 1475.463741][T21979] Bluetooth: hci0: command 0x0c1a tx timeout [ 1475.469962][T19500] Bluetooth: hci4: command 0x0c1a tx timeout [ 1475.545670][T19500] Bluetooth: hci3: command 0x0c1a tx timeout [ 1476.061607][T29571] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1476.542967][T29578] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1476.562945][T29578] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1476.576642][T29581] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4980'. [ 1476.601017][T29578] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1476.621152][T29578] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1476.727729][T19500] Bluetooth: hci2: unexpected subevent 0x03 length: 253 > 9 [ 1476.872590][T29588] FAULT_INJECTION: forcing a failure. [ 1476.872590][T29588] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.965203][T29588] CPU: 0 UID: 0 PID: 29588 Comm: syz.2.4984 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1476.965237][T29588] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1476.965244][T29588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1476.965256][T29588] Call Trace: [ 1476.965263][T29588] [ 1476.965270][T29588] dump_stack_lvl+0x100/0x190 [ 1476.965304][T29588] should_fail_ex.cold+0x5/0xa [ 1476.965327][T29588] ? tomoyo_encode2+0xfb/0x3c0 [ 1476.965353][T29588] should_failslab+0xc2/0x120 [ 1476.965376][T29588] __kmalloc_noprof+0xe0/0x850 [ 1476.965404][T29588] ? d_absolute_path+0x136/0x1b0 [ 1476.965435][T29588] tomoyo_encode2+0xfb/0x3c0 [ 1476.965465][T29588] tomoyo_encode+0x29/0x50 [ 1476.965491][T29588] tomoyo_realpath_from_path+0x18c/0x690 [ 1476.965524][T29588] tomoyo_check_open_permission+0x2af/0x3c0 [ 1476.965549][T29588] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1476.965595][T29588] ? do_raw_spin_lock+0x128/0x260 [ 1476.965625][T29588] ? path_get+0x61/0x80 [ 1476.965650][T29588] tomoyo_file_open+0x6b/0x90 [ 1476.965669][T29588] security_file_open+0xb5/0x1e0 [ 1476.965696][T29588] do_dentry_open+0x5aa/0x1660 [ 1476.965727][T29588] ? security_inode_permission+0xbf/0x250 [ 1476.965754][T29588] vfs_open+0x82/0x3f0 [ 1476.965781][T29588] path_openat+0x208c/0x31a0 [ 1476.965810][T29588] ? __pfx_path_openat+0x10/0x10 [ 1476.965839][T29588] do_file_open+0x20e/0x430 [ 1476.965862][T29588] ? __pfx_do_file_open+0x10/0x10 [ 1476.965898][T29588] ? alloc_fd+0x476/0x790 [ 1476.965920][T29588] ? do_getname+0x191/0x390 [ 1476.965947][T29588] do_sys_openat2+0x10d/0x1e0 [ 1476.965973][T29588] ? __pfx_do_sys_openat2+0x10/0x10 [ 1476.965998][T29588] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1476.966023][T29588] ? __fget_files+0x21f/0x3d0 [ 1476.966046][T29588] __x64_sys_openat+0x12d/0x210 [ 1476.966072][T29588] ? __pfx___x64_sys_openat+0x10/0x10 [ 1476.966098][T29588] ? ksys_write+0x1ac/0x250 [ 1476.966116][T29588] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1476.966142][T29588] ? syscall_user_dispatch+0x76/0x130 [ 1476.966172][T29588] do_syscall_64+0x106/0xf80 [ 1476.966191][T29588] ? clear_bhb_loop+0x40/0x90 [ 1476.966214][T29588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1476.966233][T29588] RIP: 0033:0x7fe88c19c819 [ 1476.966250][T29588] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1476.966268][T29588] RSP: 002b:00007fe88cfd4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1476.966287][T29588] RAX: ffffffffffffffda RBX: 00007fe88c415fa0 RCX: 00007fe88c19c819 [ 1476.966300][T29588] RDX: 0000000000000802 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1476.966311][T29588] RBP: 00007fe88cfd4090 R08: 0000000000000000 R09: 0000000000000000 [ 1476.966322][T29588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1476.966333][T29588] R13: 00007fe88c416038 R14: 00007fe88c415fa0 R15: 00007ffeb840a9c8 [ 1476.966356][T29588] [ 1476.966374][T29588] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1477.284204][T29601] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4986'. [ 1477.326921][T29601] bridge0: port 2(bridge_slave_1) entered disabled state [ 1477.334539][T29601] bridge0: port 1(bridge_slave_0) entered disabled state [ 1478.586076][T19500] Bluetooth: hci0: command 0x0c1a tx timeout [ 1478.592216][T19500] Bluetooth: hci2: command 0x0406 tx timeout [ 1478.663859][T19500] Bluetooth: hci3: command 0x0c1a tx timeout [ 1478.669908][T19500] Bluetooth: hci4: command 0x0c1a tx timeout [ 1478.726770][T29635] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 1480.330530][T29656] Invalid ELF header magic: != ELF [ 1480.594855][T29665] netlink: 326 bytes leftover after parsing attributes in process `syz.4.5001'. [ 1480.895843][T26841] bridge_slave_1: left allmulticast mode [ 1480.928744][T26841] bridge_slave_1: left promiscuous mode [ 1480.977542][T26841] bridge0: port 2(bridge_slave_1) entered disabled state [ 1481.015563][T26841] bridge_slave_0: left allmulticast mode [ 1481.103653][T26841] bridge_slave_0: left promiscuous mode [ 1481.109455][T26841] bridge0: port 1(bridge_slave_0) entered disabled state [ 1482.554956][T26841] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1482.579134][T29691] NFSD: Failed to start, no listeners configured. [ 1482.588513][T29693] vivid-007: ================= START STATUS ================= [ 1482.615777][T29693] vivid-007: Generate PTS: true [ 1482.631748][T29693] vivid-007: Generate SCR: true [ 1482.648853][T26841] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1482.663763][T29693] tpg source WxH: 320x240 (Y'CbCr) [ 1482.692724][T29693] tpg field: 1 [ 1482.700852][T26841] bond0 (unregistering): Released all slaves [ 1482.773547][T29693] tpg crop: (0,0)/320x240 [ 1482.913553][T29693] tpg compose: (0,0)/320x240 [ 1483.009337][T29693] tpg colorspace: 8 [ 1483.070624][T29693] tpg transfer function: 0/0 [ 1483.104924][T29693] tpg Y'CbCr encoding: 0/0 [ 1483.176118][T29693] tpg quantization: 0/0 [ 1483.231660][T29693] tpg RGB range: 0/2 [ 1483.297943][T29693] vivid-007: ================== END STATUS ================== [ 1483.579406][T29694] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1483.612390][T29694] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1483.640455][T29694] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1483.678513][T29694] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1483.898027][T29684] kexec: Could not allocate control_code_buffer [ 1483.985283][T29713] futex_wake_op: syz.0.5011 tries to shift op by -2048; fix this program [ 1484.020617][T29713] futex_wake_op: syz.0.5011 tries to shift op by -2048; fix this program [ 1484.075892][T29715] 0x000000000001-0x000000020000 : "" [ 1484.142211][T29713] misc userio: No port type given on /dev/userio [ 1484.188571][T29715] ftl_cs: FTL header corrupt! [ 1484.905509][T29732] vivid-007: ================= START STATUS ================= [ 1484.923687][T29699] FAULT_INJECTION: forcing a failure. [ 1484.923687][T29699] name failslab, interval 1, probability 0, space 0, times 0 [ 1484.953757][T29732] vivid-007: Generate PTS: true [ 1484.973577][T29732] vivid-007: Generate SCR: true [ 1484.978495][T29732] tpg source WxH: 320x240 (Y'CbCr) [ 1484.987991][T29699] CPU: 0 UID: 0 PID: 29699 Comm: syz.4.5009 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1484.988025][T29699] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1484.988033][T29699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1484.988044][T29699] Call Trace: [ 1484.988052][T29699] [ 1484.988059][T29699] dump_stack_lvl+0x100/0x190 [ 1484.988092][T29699] should_fail_ex.cold+0x5/0xa [ 1484.988116][T29699] should_failslab+0xc2/0x120 [ 1484.988137][T29699] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1484.988167][T29699] ? __kernfs_new_node+0xd2/0x960 [ 1484.988200][T29699] __kernfs_new_node+0xd2/0x960 [ 1484.988231][T29699] ? __pfx___kernfs_new_node+0x10/0x10 [ 1484.988264][T29699] ? find_held_lock+0x2b/0x80 [ 1484.988286][T29699] ? kernfs_root+0xee/0x2a0 [ 1484.988311][T29699] ? kernfs_root+0xee/0x2a0 [ 1484.988343][T29699] kernfs_new_node+0x11b/0x1a0 [ 1484.988365][T29699] __kernfs_create_file+0x53/0x350 [ 1484.988390][T29699] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1484.988422][T29699] internal_create_group+0x593/0xf40 [ 1484.988455][T29699] ? __pfx_internal_create_group+0x10/0x10 [ 1484.988488][T29699] ? kernfs_create_link+0x1bd/0x240 [ 1484.988513][T29699] internal_create_groups+0x9d/0x150 [ 1484.988544][T29699] device_add+0x77a/0x1950 [ 1484.988572][T29699] ? __pfx_device_add+0x10/0x10 [ 1484.988626][T29699] ? __pfx___might_resched+0x10/0x10 [ 1484.988653][T29699] ? lockdep_hardirqs_on+0x78/0x100 [ 1484.988680][T29699] __add_disk+0x518/0xe40 [ 1484.988705][T29699] add_disk_fwnode+0x118/0x5c0 [ 1484.988729][T29699] loop_add+0x90b/0xb60 [ 1484.988757][T29699] ? __pfx_loop_add+0x10/0x10 [ 1484.988799][T29699] ? find_held_lock+0x2b/0x80 [ 1484.988816][T29699] ? __fget_files+0x215/0x3d0 [ 1484.988838][T29699] loop_control_ioctl+0xae/0x620 [ 1484.988868][T29699] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1484.988900][T29699] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1484.988930][T29699] __x64_sys_ioctl+0x18e/0x210 [ 1484.988961][T29699] do_syscall_64+0x106/0xf80 [ 1484.988978][T29699] ? clear_bhb_loop+0x40/0x90 [ 1484.989002][T29699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1484.989027][T29699] RIP: 0033:0x7f3a1519c819 [ 1484.989043][T29699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1484.989062][T29699] RSP: 002b:00007f3a1613e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1484.989080][T29699] RAX: ffffffffffffffda RBX: 00007f3a15415fa0 RCX: 00007f3a1519c819 [ 1484.989092][T29699] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000e [ 1484.989104][T29699] RBP: 00007f3a15232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1484.989115][T29699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1484.989125][T29699] R13: 00007f3a15416038 R14: 00007f3a15415fa0 R15: 00007ffc91225388 [ 1484.989149][T29699] [ 1485.310176][T19500] Bluetooth: hci2: command 0x0406 tx timeout [ 1485.334465][T29732] tpg field: 1 [ 1485.377091][T29732] tpg crop: (0,0)/320x240 [ 1485.395674][T29732] tpg compose: (0,0)/320x240 [ 1485.426211][T29732] tpg colorspace: 8 [ 1485.441669][T29732] tpg transfer function: 0/0 [ 1485.476372][T29732] tpg Y'CbCr encoding: 0/0 [ 1485.513776][T29732] tpg quantization: 0/0 [ 1485.530945][T29732] tpg RGB range: 0/2 [ 1485.573636][T29732] vivid-007: ================== END STATUS ================== [ 1485.624282][T19500] Bluetooth: hci0: command 0x0c1a tx timeout [ 1485.679455][T29740] random: crng reseeded on system resumption [ 1485.706747][T21979] Bluetooth: hci4: command 0x0c1a tx timeout [ 1485.712895][T19500] Bluetooth: hci3: command 0x0c1a tx timeout [ 1486.012675][T19500] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 1486.133718][T29738] bond0: option all_slaves_active: invalid value () [ 1486.751285][T29755] bond0: option all_slaves_active: invalid value () [ 1487.100861][T29767] FAULT_INJECTION: forcing a failure. [ 1487.100861][T29767] name failslab, interval 1, probability 0, space 0, times 0 [ 1487.215080][T29767] CPU: 0 UID: 0 PID: 29767 Comm: syz.1.5025 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1487.215115][T29767] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1487.215123][T29767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1487.215133][T29767] Call Trace: [ 1487.215140][T29767] [ 1487.215147][T29767] dump_stack_lvl+0x100/0x190 [ 1487.215181][T29767] should_fail_ex.cold+0x5/0xa [ 1487.215203][T29767] should_failslab+0xc2/0x120 [ 1487.215226][T29767] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1487.215255][T29767] ? security_inode_alloc+0x3b/0x2c0 [ 1487.215276][T29767] ? lockdep_init_map_type+0x5c/0x250 [ 1487.215306][T29767] security_inode_alloc+0x3b/0x2c0 [ 1487.215328][T29767] inode_init_always_gfp+0xced/0x1040 [ 1487.215352][T29767] alloc_inode+0x8e/0x250 [ 1487.215378][T29767] sock_alloc+0x44/0x280 [ 1487.215396][T29767] ? security_socket_create+0x7f/0x250 [ 1487.215417][T29767] __sock_create+0xc2/0x860 [ 1487.215444][T29767] udp_sock_create6+0xc7/0x6a0 [ 1487.215465][T29767] ? __pfx_udp_sock_create6+0x10/0x10 [ 1487.215487][T29767] ? crng_make_state+0x477/0x6c0 [ 1487.215508][T29767] ? lockdep_hardirqs_on+0x78/0x100 [ 1487.215528][T29767] ? crng_make_state+0x2b0/0x6c0 [ 1487.215552][T29767] rxrpc_open_socket+0x206/0x6b0 [ 1487.215577][T29767] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 1487.215611][T29767] ? rcu_is_watching+0x12/0xc0 [ 1487.215644][T29767] rxrpc_lookup_local+0xac7/0x1220 [ 1487.215680][T29767] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 1487.215707][T29767] ? __local_bh_enable_ip+0x9e/0x120 [ 1487.215731][T29767] rxrpc_sendmsg+0x34a/0x680 [ 1487.215760][T29767] sock_write_iter+0x524/0x5a0 [ 1487.215782][T29767] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 1487.215808][T29767] ? __pfx_sock_write_iter+0x10/0x10 [ 1487.215839][T29767] ? bpf_lsm_file_permission+0x9/0x10 [ 1487.215858][T29767] ? security_file_permission+0x76/0x210 [ 1487.215885][T29767] ? rw_verify_area+0xce/0x6d0 [ 1487.215915][T29767] vfs_write+0x6ac/0x1070 [ 1487.215934][T29767] ? __pfx_sock_write_iter+0x10/0x10 [ 1487.215958][T29767] ? __pfx_vfs_write+0x10/0x10 [ 1487.215975][T29767] ? find_held_lock+0x2b/0x80 [ 1487.216007][T29767] ksys_write+0x1f8/0x250 [ 1487.216025][T29767] ? __pfx_ksys_write+0x10/0x10 [ 1487.216050][T29767] do_syscall_64+0x106/0xf80 [ 1487.216068][T29767] ? clear_bhb_loop+0x40/0x90 [ 1487.216091][T29767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1487.216111][T29767] RIP: 0033:0x7f5c5999c819 [ 1487.216127][T29767] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1487.216146][T29767] RSP: 002b:00007f5c57bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1487.216164][T29767] RAX: ffffffffffffffda RBX: 00007f5c59c15fa0 RCX: 00007f5c5999c819 [ 1487.216177][T29767] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 1487.216188][T29767] RBP: 00007f5c59a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1487.216199][T29767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1487.216209][T29767] R13: 00007f5c59c16038 R14: 00007f5c59c15fa0 R15: 00007fff254d9f38 [ 1487.216232][T29767] [ 1487.216260][T29767] socket: no more sockets [ 1487.774488][T29774] vivid-007: ================= START STATUS ================= [ 1487.793803][T29778] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5026'. [ 1487.826181][T29774] vivid-007: Generate PTS: true [ 1487.843533][T29774] vivid-007: Generate SCR: true [ 1487.853529][T29774] tpg source WxH: 320x240 (Y'CbCr) [ 1487.863619][T29774] tpg field: 1 [ 1487.867057][T29774] tpg crop: (0,0)/320x240 [ 1487.871399][T29774] tpg compose: (0,0)/320x240 [ 1487.924106][T29774] tpg colorspace: 8 [ 1487.927961][T29774] tpg transfer function: 0/0 [ 1487.962097][T29774] tpg Y'CbCr encoding: 0/0 [ 1487.973651][T29774] tpg quantization: 0/0 [ 1487.983229][T29774] tpg RGB range: 0/2 [ 1487.998174][T29774] vivid-007: ================== END STATUS ================== [ 1489.208977][T26841] hsr_slave_0: left promiscuous mode [ 1489.253220][T26841] hsr_slave_1: left promiscuous mode [ 1489.322410][T26841] veth0_macvtap: left promiscuous mode [ 1489.340049][T26841] veth1_vlan: left promiscuous mode [ 1489.365315][T26841] veth0_vlan: left promiscuous mode [ 1490.467449][T26841] team0 (unregistering): Port device team_slave_1 removed [ 1490.588064][T26841] team0 (unregistering): Port device team_slave_0 removed [ 1492.478594][T29862] FAULT_INJECTION: forcing a failure. [ 1492.478594][T29862] name failslab, interval 1, probability 0, space 0, times 0 [ 1492.478647][T29862] CPU: 0 UID: 0 PID: 29862 Comm: syz.1.5046 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1492.478676][T29862] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1492.478683][T29862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1492.478696][T29862] Call Trace: [ 1492.478702][T29862] [ 1492.478710][T29862] dump_stack_lvl+0x100/0x190 [ 1492.478743][T29862] should_fail_ex.cold+0x5/0xa [ 1492.478766][T29862] should_failslab+0xc2/0x120 [ 1492.478788][T29862] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1492.478814][T29862] ? append_filter_err+0xb8/0x620 [ 1492.478851][T29862] ? process_preds+0x93d/0x1d90 [ 1492.478882][T29862] append_filter_err+0xb8/0x620 [ 1492.478910][T29862] ? create_filter_start.constprop.0+0x134/0x310 [ 1492.478946][T29862] create_filter+0x1a6/0x210 [ 1492.478976][T29862] ? __pfx_create_filter+0x10/0x10 [ 1492.479007][T29862] ? find_held_lock+0x2b/0x80 [ 1492.479029][T29862] apply_event_filter+0x220/0x500 [ 1492.479060][T29862] ? __pfx_apply_event_filter+0x10/0x10 [ 1492.479097][T29862] event_filter_write+0x16d/0x290 [ 1492.479122][T29862] vfs_write+0x2aa/0x1070 [ 1492.479141][T29862] ? __pfx_event_filter_write+0x10/0x10 [ 1492.479166][T29862] ? __pfx_vfs_write+0x10/0x10 [ 1492.479184][T29862] ? __fget_files+0x215/0x3d0 [ 1492.479208][T29862] ? __fget_files+0x21f/0x3d0 [ 1492.479233][T29862] ksys_write+0x12a/0x250 [ 1492.479251][T29862] ? __pfx_ksys_write+0x10/0x10 [ 1492.479276][T29862] do_syscall_64+0x106/0xf80 [ 1492.479295][T29862] ? clear_bhb_loop+0x40/0x90 [ 1492.479318][T29862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1492.479337][T29862] RIP: 0033:0x7f5c5999c819 [ 1492.479353][T29862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1492.479371][T29862] RSP: 002b:00007f5c57bd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1492.479389][T29862] RAX: ffffffffffffffda RBX: 00007f5c59c16090 RCX: 00007f5c5999c819 [ 1492.479401][T29862] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1492.479411][T29862] RBP: 00007f5c59a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1492.479422][T29862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1492.479432][T29862] R13: 00007f5c59c16128 R14: 00007f5c59c16090 R15: 00007fff254d9f38 [ 1492.479456][T29862] [ 1492.517458][T29861] [U] 0="/ [ 1492.517502][T29861] [U] [ 1492.517512][T29861] [U] EeQ@ [ 1492.517974][T29860] [U]  [ 1494.701204][T29884] zswap: compressor not available [ 1495.113244][T29904] FAULT_INJECTION: forcing a failure. [ 1495.113244][T29904] name failslab, interval 1, probability 0, space 0, times 0 [ 1495.267939][T29904] CPU: 0 UID: 0 PID: 29904 Comm: syz.2.5058 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1495.267974][T29904] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1495.267982][T29904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1495.267994][T29904] Call Trace: [ 1495.268001][T29904] [ 1495.268009][T29904] dump_stack_lvl+0x100/0x190 [ 1495.268043][T29904] should_fail_ex.cold+0x5/0xa [ 1495.268066][T29904] ? drm_atomic_state_init+0xf4/0x490 [ 1495.268092][T29904] should_failslab+0xc2/0x120 [ 1495.268114][T29904] __kmalloc_noprof+0xe0/0x850 [ 1495.268148][T29904] drm_atomic_state_init+0xf4/0x490 [ 1495.268173][T29904] ? kasan_save_track+0x14/0x30 [ 1495.268194][T29904] drm_atomic_state_alloc+0xd3/0x120 [ 1495.268221][T29904] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 1495.268252][T29904] ? trace_contention_end+0x140/0x180 [ 1495.268280][T29904] ? __mutex_lock+0x26a/0x1b90 [ 1495.268301][T29904] ? __mutex_lock+0x26a/0x1b90 [ 1495.268320][T29904] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1495.268351][T29904] ? drm_master_internal_acquire+0x21/0x80 [ 1495.268400][T29904] drm_client_modeset_commit_locked+0x14d/0x580 [ 1495.268434][T29904] drm_client_modeset_commit+0x4f/0x80 [ 1495.268463][T29904] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1495.268520][T29904] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1495.268558][T29904] drm_fbdev_client_restore+0x1b/0x30 [ 1495.268582][T29904] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1495.268605][T29904] drm_client_dev_restore+0x205/0x2a0 [ 1495.268639][T29904] drm_release+0x2c6/0x360 [ 1495.268666][T29904] ? __pfx_drm_release+0x10/0x10 [ 1495.268693][T29904] __fput+0x3ff/0xb40 [ 1495.268723][T29904] task_work_run+0x150/0x240 [ 1495.268752][T29904] ? __pfx_task_work_run+0x10/0x10 [ 1495.268786][T29904] exit_to_user_mode_loop+0x100/0x4a0 [ 1495.268815][T29904] do_syscall_64+0x668/0xf80 [ 1495.268832][T29904] ? clear_bhb_loop+0x40/0x90 [ 1495.268856][T29904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1495.268875][T29904] RIP: 0033:0x7fe88c19c819 [ 1495.268892][T29904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1495.268910][T29904] RSP: 002b:00007fe88cfd4028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1495.268928][T29904] RAX: 0000000000000000 RBX: 00007fe88c415fa0 RCX: 00007fe88c19c819 [ 1495.268940][T29904] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1495.268950][T29904] RBP: 00007fe88c232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1495.268961][T29904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1495.268972][T29904] R13: 00007fe88c416038 R14: 00007fe88c415fa0 R15: 00007ffeb840a9c8 [ 1495.268997][T29904] [ 1495.914147][T29910] vivid-007: ================= START STATUS ================= [ 1495.921868][T29910] vivid-007: Generate PTS: true [ 1495.963919][T19500] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 1495.963948][T19500] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 1495.979395][T19500] Bluetooth: hci0: Dropping invalid advertising data [ 1495.988307][T19500] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 1496.012150][T29910] vivid-007: Generate SCR: true [ 1496.040967][T29910] tpg source WxH: 320x240 (Y'CbCr) [ 1496.065666][T29910] tpg field: 1 [ 1496.079403][T29910] tpg crop: (0,0)/320x240 [ 1496.089520][T29910] tpg compose: (0,0)/320x240 [ 1496.099636][T29910] tpg colorspace: 8 [ 1496.112788][T29910] tpg transfer function: 0/0 [ 1496.128503][T29910] tpg Y'CbCr encoding: 0/0 [ 1496.146366][T29910] tpg quantization: 0/0 [ 1496.156020][T29910] tpg RGB range: 0/2 [ 1496.173574][T29910] vivid-007: ================== END STATUS ================== [ 1496.958518][T29930] vivid-007: ================= START STATUS ================= [ 1497.085589][T29930] vivid-007: Generate PTS: true [ 1497.090509][T29930] vivid-007: Generate SCR: true [ 1497.205682][T29930] tpg source WxH: 320x240 (Y'CbCr) [ 1497.314368][T29930] tpg field: 1 [ 1497.387986][T29930] tpg crop: (0,0)/320x240 [ 1497.495494][T29930] tpg compose: (0,0)/320x240 [ 1497.593573][T29930] tpg colorspace: 8 [ 1497.597435][T29930] tpg transfer function: 0/0 [ 1497.602030][T29930] tpg Y'CbCr encoding: 0/0 [ 1497.722641][T29959] FAULT_INJECTION: forcing a failure. [ 1497.722641][T29959] name failslab, interval 1, probability 0, space 0, times 0 [ 1497.894967][T29959] CPU: 0 UID: 0 PID: 29959 Comm: syz.0.5066 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1497.895004][T29959] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1497.895011][T29959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1497.895023][T29959] Call Trace: [ 1497.895030][T29959] [ 1497.895038][T29959] dump_stack_lvl+0x100/0x190 [ 1497.895072][T29959] should_fail_ex.cold+0x5/0xa [ 1497.895097][T29959] should_failslab+0xc2/0x120 [ 1497.895119][T29959] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1497.895149][T29959] ? __d_alloc+0x34/0xa80 [ 1497.895176][T29959] __d_alloc+0x34/0xa80 [ 1497.895200][T29959] d_alloc+0x4a/0x1e0 [ 1497.895224][T29959] lookup_one_qstr_excl+0x175/0x250 [ 1497.895253][T29959] start_dirop+0x59/0xb0 [ 1497.895272][T29959] simple_start_creating+0xf9/0x110 [ 1497.895291][T29959] ? __pfx_simple_start_creating+0x10/0x10 [ 1497.895311][T29959] ? mntput+0x70/0xa0 [ 1497.895328][T29959] ? simple_pin_fs+0xa3/0x190 [ 1497.895358][T29959] debugfs_start_creating.part.0+0x82/0x170 [ 1497.895383][T29959] __debugfs_create_file+0xb3/0x4f0 [ 1497.895409][T29959] debugfs_create_file_full+0x41/0x60 [ 1497.895435][T29959] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 1497.895464][T29959] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 1497.895490][T29959] ? find_held_lock+0x2b/0x80 [ 1497.895528][T29959] ? lockdep_init_map_type+0x5c/0x250 [ 1497.895570][T29959] preinit_net.part.0+0x437/0x8f0 [ 1497.895593][T29959] copy_net_ns+0x339/0x7c0 [ 1497.895617][T29959] create_new_namespaces+0x3ea/0xac0 [ 1497.895644][T29959] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1497.895669][T29959] ksys_unshare+0x473/0xad0 [ 1497.895695][T29959] ? __pfx_ksys_unshare+0x10/0x10 [ 1497.895728][T29959] __x64_sys_unshare+0x31/0x40 [ 1497.895752][T29959] do_syscall_64+0x106/0xf80 [ 1497.895771][T29959] ? clear_bhb_loop+0x40/0x90 [ 1497.895794][T29959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1497.895815][T29959] RIP: 0033:0x7f522939c819 [ 1497.895833][T29959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1497.895851][T29959] RSP: 002b:00007f522a238028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1497.895870][T29959] RAX: ffffffffffffffda RBX: 00007f5229616180 RCX: 00007f522939c819 [ 1497.895882][T29959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1497.895893][T29959] RBP: 00007f5229432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1497.895904][T29959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1497.895916][T29959] R13: 00007f5229616218 R14: 00007f5229616180 R15: 00007ffda551c068 [ 1497.895939][T29959] [ 1498.197308][T29930] tpg quantization: 0/0 [ 1498.201502][T29930] tpg RGB range: 0/2 [ 1498.206300][T29930] vivid-007: ================== END STATUS ================== [ 1498.564035][T29970] : Can't lookup blockdev [ 1498.774794][T29974] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5071'. [ 1499.818223][T29990] netlink: 146 bytes leftover after parsing attributes in process `syz.4.5072'. [ 1500.246346][T30002] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1500.392238][T29995] [U] 0="/ [ 1500.429833][T29995] [U] [ 1500.473959][T29995] [U] EeQ@ [ 1500.536900][T29995] [U]  [ 1501.285391][T30021] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5080'. [ 1501.619485][T30022] Invalid ELF header magic: != ELF [ 1503.183687][T30041] FAULT_INJECTION: forcing a failure. [ 1503.183687][T30041] name failslab, interval 1, probability 0, space 0, times 0 [ 1503.283054][T30041] CPU: 0 UID: 0 PID: 30041 Comm: syz.4.5083 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1503.283088][T30041] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1503.283096][T30041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1503.283107][T30041] Call Trace: [ 1503.283115][T30041] [ 1503.283122][T30041] dump_stack_lvl+0x100/0x190 [ 1503.283156][T30041] should_fail_ex.cold+0x5/0xa [ 1503.283179][T30041] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1503.283207][T30041] should_failslab+0xc2/0x120 [ 1503.283229][T30041] __kmalloc_noprof+0xe0/0x850 [ 1503.283264][T30041] tomoyo_realpath_from_path+0xb6/0x690 [ 1503.283298][T30041] tomoyo_path_number_perm+0x23c/0x580 [ 1503.283321][T30041] ? tomoyo_path_number_perm+0x22e/0x580 [ 1503.283346][T30041] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1503.283392][T30041] ? find_held_lock+0x2b/0x80 [ 1503.283411][T30041] ? __fget_files+0x215/0x3d0 [ 1503.283429][T30041] ? hook_file_ioctl_common+0x146/0x410 [ 1503.283458][T30041] ? __fget_files+0x21f/0x3d0 [ 1503.283486][T30041] security_file_ioctl+0xd3/0x230 [ 1503.283512][T30041] __x64_sys_ioctl+0xb7/0x210 [ 1503.283542][T30041] do_syscall_64+0x106/0xf80 [ 1503.283561][T30041] ? clear_bhb_loop+0x40/0x90 [ 1503.283584][T30041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1503.283603][T30041] RIP: 0033:0x7f3a1519c819 [ 1503.283620][T30041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1503.283638][T30041] RSP: 002b:00007f3a1611d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1503.283656][T30041] RAX: ffffffffffffffda RBX: 00007f3a15416090 RCX: 00007f3a1519c819 [ 1503.283669][T30041] RDX: 0000000000000000 RSI: 00000000c008551c RDI: 0000000000000004 [ 1503.283680][T30041] RBP: 00007f3a1611d090 R08: 0000000000000000 R09: 0000000000000000 [ 1503.283691][T30041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1503.283702][T30041] R13: 00007f3a15416128 R14: 00007f3a15416090 R15: 00007ffc91225388 [ 1503.283726][T30041] [ 1504.270990][T30045] vivid-007: ================= START STATUS ================= [ 1504.299250][T30045] vivid-007: Generate PTS: true [ 1504.313619][T30045] vivid-007: Generate SCR: true [ 1504.331293][T30045] tpg source WxH: 320x240 (Y'CbCr) [ 1504.365876][T30045] tpg field: 1 [ 1504.374661][T30041] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1504.381782][T30045] tpg crop: (0,0)/320x240 [ 1504.396543][T30045] tpg compose: (0,0)/320x240 [ 1504.415903][T30045] tpg colorspace: 8 [ 1504.434857][T30045] tpg transfer function: 0/0 [ 1504.439521][T30045] tpg Y'CbCr encoding: 0/0 [ 1504.540426][T30045] tpg quantization: 0/0 [ 1504.573265][T30045] tpg RGB range: 0/2 [ 1504.636425][T30045] vivid-007: ================== END STATUS ================== [ 1505.603011][T30069] Invalid ELF header magic: != ELF [ 1505.980392][T30082] bond0: invalid ARP target specified [ 1506.604940][ T29] audit: type=1800 audit(4294968291.250:39): pid=30092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5096" name="dbroot" dev="configfs" ino=158856 res=0 errno=0 [ 1507.377782][T30109] program syz.1.5099 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1507.443679][T30109] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1507.530582][T30112] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5102'. [ 1507.561410][T30114] netlink: 326 bytes leftover after parsing attributes in process `syz.2.5103'. [ 1507.621467][T30114] bridge0: port 2(bridge_slave_1) entered disabled state [ 1507.629029][T30114] bridge0: port 1(bridge_slave_0) entered disabled state [ 1507.637143][T30109] nbd0: detected capacity change from 0 to 4294967296 [ 1508.245848][T21979] block nbd0: Receive control failed (result -104) [ 1508.295902][T30122] block nbd2: not configured, cannot reconfigure [ 1508.562476][T30129] random: crng reseeded on system resumption [ 1508.683208][T30131] vivid-007: ================= START STATUS ================= [ 1508.731275][T30131] vivid-007: Generate PTS: true [ 1508.753208][T30131] vivid-007: Generate SCR: true [ 1508.788912][T30131] tpg source WxH: 320x240 (Y'CbCr) [ 1508.814938][T30131] tpg field: 1 [ 1508.831590][T30131] tpg crop: (0,0)/320x240 [ 1508.851858][T30131] tpg compose: (0,0)/320x240 [ 1508.877534][T30131] tpg colorspace: 8 [ 1508.895578][T30131] tpg transfer function: 0/0 [ 1508.923756][T30131] tpg Y'CbCr encoding: 0/0 [ 1508.963710][T30131] tpg quantization: 0/0 [ 1508.979043][T30131] tpg RGB range: 0/2 [ 1508.999274][T30131] vivid-007: ================== END STATUS ================== [ 1509.978567][ T29] audit: type=1804 audit(4294968294.620:40): pid=30153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5111" name="/newroot/51/file0" dev="tmpfs" ino=288 res=1 errno=0 [ 1510.021837][T30153] netlink: 'syz.1.5111': attribute type 1 has an invalid length. [ 1510.997823][T30170] Invalid ELF header magic: != ELF [ 1512.587313][T30193] FAULT_INJECTION: forcing a failure. [ 1512.587313][T30193] name failslab, interval 1, probability 0, space 0, times 0 [ 1512.745379][T30193] CPU: 0 UID: 0 PID: 30193 Comm: syz.1.5121 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1512.745413][T30193] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1512.745421][T30193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1512.745432][T30193] Call Trace: [ 1512.745439][T30193] [ 1512.745447][T30193] dump_stack_lvl+0x100/0x190 [ 1512.745480][T30193] should_fail_ex.cold+0x5/0xa [ 1512.745503][T30193] should_failslab+0xc2/0x120 [ 1512.745525][T30193] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1512.745555][T30193] ? __proc_create+0x2cb/0x8c0 [ 1512.745578][T30193] __proc_create+0x2cb/0x8c0 [ 1512.745606][T30193] ? __pfx___proc_create+0x10/0x10 [ 1512.745628][T30193] ? _raw_write_unlock+0x28/0x50 [ 1512.745646][T30193] ? proc_register+0x559/0x8a0 [ 1512.745671][T30193] proc_create_reg+0x75/0x170 [ 1512.745693][T30193] ? __pfx_can_reset_stats_proc_show+0x10/0x10 [ 1512.745725][T30193] proc_create_net_single+0x86/0x180 [ 1512.745746][T30193] ? __pfx_proc_create_net_single+0x10/0x10 [ 1512.745769][T30193] ? round_jiffies+0x10a/0x160 [ 1512.745794][T30193] can_init_proc+0x112/0x4b0 [ 1512.745824][T30193] can_pernet_init+0x1e4/0x370 [ 1512.745854][T30193] ? __pfx_can_pernet_init+0x10/0x10 [ 1512.745880][T30193] ops_init+0x1e2/0x5f0 [ 1512.745902][T30193] setup_net+0x118/0x3a0 [ 1512.745921][T30193] ? __pfx_setup_net+0x10/0x10 [ 1512.745937][T30193] ? lockdep_init_map_type+0x5c/0x250 [ 1512.745967][T30193] ? mutex_init_lockep+0x110/0x150 [ 1512.745997][T30193] copy_net_ns+0x46f/0x7c0 [ 1512.746019][T30193] create_new_namespaces+0x3ea/0xac0 [ 1512.746045][T30193] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1512.746068][T30193] ksys_unshare+0x473/0xad0 [ 1512.746097][T30193] ? __pfx_ksys_unshare+0x10/0x10 [ 1512.746129][T30193] __x64_sys_unshare+0x31/0x40 [ 1512.746153][T30193] do_syscall_64+0x106/0xf80 [ 1512.746171][T30193] ? clear_bhb_loop+0x40/0x90 [ 1512.746194][T30193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1512.746213][T30193] RIP: 0033:0x7f5c5999c819 [ 1512.746229][T30193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1512.746247][T30193] RSP: 002b:00007f5c57bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1512.746266][T30193] RAX: ffffffffffffffda RBX: 00007f5c59c15fa0 RCX: 00007f5c5999c819 [ 1512.746278][T30193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1512.746289][T30193] RBP: 00007f5c59a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1512.746300][T30193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1512.746311][T30193] R13: 00007f5c59c16038 R14: 00007f5c59c15fa0 R15: 00007fff254d9f38 [ 1512.746334][T30193] [ 1513.296310][T30205] futex_wake_op: syz.2.5123 tries to shift op by -2048; fix this program [ 1513.397026][T30205] futex_wake_op: syz.2.5123 tries to shift op by -2048; fix this program [ 1513.630270][T30215] FAULT_INJECTION: forcing a failure. [ 1513.630270][T30215] name failslab, interval 1, probability 0, space 0, times 0 [ 1513.666867][T30215] CPU: 0 UID: 0 PID: 30215 Comm: syz.0.5126 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1513.666902][T30215] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1513.666909][T30215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1513.666921][T30215] Call Trace: [ 1513.666928][T30215] [ 1513.666937][T30215] dump_stack_lvl+0x100/0x190 [ 1513.666971][T30215] should_fail_ex.cold+0x5/0xa [ 1513.666995][T30215] should_failslab+0xc2/0x120 [ 1513.667018][T30215] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1513.667044][T30215] ? vkms_plane_duplicate_state+0x87/0x130 [ 1513.667072][T30215] vkms_plane_duplicate_state+0x87/0x130 [ 1513.667096][T30215] drm_atomic_get_plane_state+0x279/0x760 [ 1513.667125][T30215] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 1513.667155][T30215] ? trace_contention_end+0x140/0x180 [ 1513.667186][T30215] ? __mutex_lock+0x26a/0x1b90 [ 1513.667206][T30215] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1513.667237][T30215] ? drm_master_internal_acquire+0x21/0x80 [ 1513.667286][T30215] drm_client_modeset_commit_locked+0x14d/0x580 [ 1513.667319][T30215] drm_client_modeset_commit+0x4f/0x80 [ 1513.667349][T30215] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1513.667382][T30215] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1513.667414][T30215] drm_fbdev_client_restore+0x1b/0x30 [ 1513.667438][T30215] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1513.667462][T30215] drm_client_dev_restore+0x205/0x2a0 [ 1513.667494][T30215] drm_release+0x2c6/0x360 [ 1513.667521][T30215] ? __pfx_drm_release+0x10/0x10 [ 1513.667548][T30215] __fput+0x3ff/0xb40 [ 1513.667577][T30215] task_work_run+0x150/0x240 [ 1513.667606][T30215] ? __pfx_task_work_run+0x10/0x10 [ 1513.667640][T30215] exit_to_user_mode_loop+0x100/0x4a0 [ 1513.667677][T30215] do_syscall_64+0x668/0xf80 [ 1513.667695][T30215] ? clear_bhb_loop+0x40/0x90 [ 1513.667719][T30215] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1513.667738][T30215] RIP: 0033:0x7f522939c819 [ 1513.667755][T30215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1513.667773][T30215] RSP: 002b:00007f522a238028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1513.667810][T30215] RAX: 0000000000000000 RBX: 00007f5229616180 RCX: 00007f522939c819 [ 1513.667822][T30215] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1513.667838][T30215] RBP: 00007f5229432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1513.667849][T30215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1513.667859][T30215] R13: 00007f5229616218 R14: 00007f5229616180 R15: 00007ffda551c068 [ 1513.667885][T30215] [ 1514.382460][ T29] audit: type=1804 audit(4294968298.970:41): pid=30221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5128" name="/newroot/411/file0" dev="tmpfs" ino=2154 res=1 errno=0 [ 1514.414341][T30221] netlink: 'syz.4.5128': attribute type 1 has an invalid length. [ 1514.514764][T30217] zswap: compressor not available [ 1515.095412][T30229] vivid-007: ================= START STATUS ================= [ 1515.119910][T30229] vivid-007: Generate PTS: true [ 1515.136390][T30229] vivid-007: Generate SCR: true [ 1515.200903][T30229] tpg source WxH: 320x240 (Y'CbCr) [ 1515.233179][T30229] tpg field: 1 [ 1515.248798][T30229] tpg crop: (0,0)/320x240 [ 1515.287459][T30229] tpg compose: (0,0)/320x240 [ 1515.344649][T30229] tpg colorspace: 8 [ 1515.361968][T30229] tpg transfer function: 0/0 [ 1515.382674][T30229] tpg Y'CbCr encoding: 0/0 [ 1515.411923][T30229] tpg quantization: 0/0 [ 1515.467369][T30229] tpg RGB range: 0/2 [ 1515.529188][T30229] vivid-007: ================== END STATUS ================== [ 1515.656349][T30238] pci 0000:00:01.3: enabling device (0000 -> 0001) [ 1515.732140][T30212] vivid-007: ================= START STATUS ================= [ 1515.767603][T30212] vivid-007: Generate PTS: true [ 1515.801525][T30212] vivid-007: Generate SCR: true [ 1515.832728][T30212] tpg source WxH: 320x240 (Y'CbCr) [ 1515.872482][T30212] tpg field: 1 [ 1515.887760][T30212] tpg crop: (0,0)/320x240 [ 1515.901793][T30238] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 1515.930612][T30212] tpg compose: (0,0)/320x240 [ 1515.943644][T30212] tpg colorspace: 8 [ 1515.958615][T30212] tpg transfer function: 0/0 [ 1515.964623][T30249] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5131'. [ 1516.044242][T30212] tpg Y'CbCr encoding: 0/0 [ 1516.049091][T30238] pci 0000:00:01.3: PCI INT A: no GSI [ 1516.074253][T30212] tpg quantization: 0/0 [ 1516.093971][T30212] tpg RGB range: 0/2 [ 1516.123632][T30212] vivid-007: ================== END STATUS ================== [ 1516.694721][T30259] Invalid ELF header magic: != ELF [ 1517.481241][ T29] audit: type=1800 audit(4294968302.120:42): pid=30283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5137" name="dbroot" dev="configfs" ino=159858 res=0 errno=0 [ 1518.574214][T30301] Invalid ELF header magic: != ELF [ 1521.125199][T30348] FAULT_INJECTION: forcing a failure. [ 1521.125199][T30348] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.249861][T30348] CPU: 0 UID: 0 PID: 30348 Comm: syz.1.5148 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1521.249898][T30348] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1521.249906][T30348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1521.249918][T30348] Call Trace: [ 1521.249925][T30348] [ 1521.249934][T30348] dump_stack_lvl+0x100/0x190 [ 1521.249967][T30348] should_fail_ex.cold+0x5/0xa [ 1521.249991][T30348] ? __register_sysctl_table+0xbe4/0x1650 [ 1521.250013][T30348] should_failslab+0xc2/0x120 [ 1521.250035][T30348] __kmalloc_noprof+0xe0/0x850 [ 1521.250071][T30348] __register_sysctl_table+0xbe4/0x1650 [ 1521.250097][T30348] ? __pfx___register_sysctl_table+0x10/0x10 [ 1521.250117][T30348] ? is_module_address+0x69/0xf0 [ 1521.250143][T30348] ? register_net_sysctl_sz+0x222/0x430 [ 1521.250167][T30348] ? __asan_memcpy+0x3c/0x60 [ 1521.250197][T30348] sctp_sysctl_net_register+0x15e/0x200 [ 1521.250220][T30348] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1521.250239][T30348] sctp_defaults_init+0x6d2/0xd90 [ 1521.250260][T30348] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1521.250281][T30348] ops_init+0x1e2/0x5f0 [ 1521.250307][T30348] setup_net+0x118/0x3a0 [ 1521.250335][T30348] ? __pfx_setup_net+0x10/0x10 [ 1521.250353][T30348] ? lockdep_init_map_type+0x5c/0x250 [ 1521.250382][T30348] ? mutex_init_lockep+0x110/0x150 [ 1521.250412][T30348] copy_net_ns+0x46f/0x7c0 [ 1521.250434][T30348] create_new_namespaces+0x3ea/0xac0 [ 1521.250461][T30348] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1521.250485][T30348] ksys_unshare+0x473/0xad0 [ 1521.250510][T30348] ? __pfx_ksys_unshare+0x10/0x10 [ 1521.250542][T30348] __x64_sys_unshare+0x31/0x40 [ 1521.250566][T30348] do_syscall_64+0x106/0xf80 [ 1521.250584][T30348] ? clear_bhb_loop+0x40/0x90 [ 1521.250607][T30348] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1521.250626][T30348] RIP: 0033:0x7f5c5999c819 [ 1521.250642][T30348] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1521.250659][T30348] RSP: 002b:00007f5c57bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1521.250678][T30348] RAX: ffffffffffffffda RBX: 00007f5c59c15fa0 RCX: 00007f5c5999c819 [ 1521.250690][T30348] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1521.250701][T30348] RBP: 00007f5c59a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 1521.250713][T30348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1521.250724][T30348] R13: 00007f5c59c16038 R14: 00007f5c59c15fa0 R15: 00007fff254d9f38 [ 1521.250748][T30348] [ 1521.250757][T30348] sysctl could not get directory: /net/sctp -12 [ 1522.987105][T30377] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5154'. [ 1523.411723][T30384] bond0: option all_slaves_active: invalid value () [ 1523.431552][T30387] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 1523.529100][T30387] [U] 0="/ [ 1523.551188][T30387] [U] [ 1523.580003][T30387] [U] EeQ@ [ 1523.629876][T30385] [U]  [ 1524.529788][T30401] can: request_module (can-proto-3) failed. [ 1525.185174][T30425] FAULT_INJECTION: forcing a failure. [ 1525.185174][T30425] name failslab, interval 1, probability 0, space 0, times 0 [ 1525.303906][T30425] CPU: 0 UID: 0 PID: 30425 Comm: syz.0.5165 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1525.303940][T30425] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1525.303948][T30425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1525.303959][T30425] Call Trace: [ 1525.303966][T30425] [ 1525.303974][T30425] dump_stack_lvl+0x100/0x190 [ 1525.304008][T30425] should_fail_ex.cold+0x5/0xa [ 1525.304031][T30425] ? iovec_from_user+0x8d/0x140 [ 1525.304056][T30425] should_failslab+0xc2/0x120 [ 1525.304077][T30425] __kmalloc_noprof+0xe0/0x850 [ 1525.304112][T30425] iovec_from_user+0x8d/0x140 [ 1525.304139][T30425] __import_iovec+0x81/0x640 [ 1525.304169][T30425] import_iovec+0x82/0xb0 [ 1525.304196][T30425] vfs_writev+0x197/0xe10 [ 1525.304225][T30425] ? rcu_is_watching+0x12/0xc0 [ 1525.304255][T30425] ? trace_contention_end+0x140/0x180 [ 1525.304285][T30425] ? __pfx_vfs_writev+0x10/0x10 [ 1525.304313][T30425] ? fdget_pos+0x2aa/0x380 [ 1525.304342][T30425] ? find_held_lock+0x2b/0x80 [ 1525.304373][T30425] ? __fget_files+0x21f/0x3d0 [ 1525.304406][T30425] ? do_writev+0x13e/0x340 [ 1525.304421][T30425] do_writev+0x13e/0x340 [ 1525.304439][T30425] ? __pfx_do_writev+0x10/0x10 [ 1525.304462][T30425] do_syscall_64+0x106/0xf80 [ 1525.304481][T30425] ? clear_bhb_loop+0x40/0x90 [ 1525.304504][T30425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1525.304524][T30425] RIP: 0033:0x7f522939c819 [ 1525.304540][T30425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1525.304559][T30425] RSP: 002b:00007f522a238028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1525.304578][T30425] RAX: ffffffffffffffda RBX: 00007f5229616180 RCX: 00007f522939c819 [ 1525.304590][T30425] RDX: 000000000000000d RSI: 0000200000000200 RDI: 0000000000000006 [ 1525.304601][T30425] RBP: 00007f522a238090 R08: 0000000000000000 R09: 0000000000000000 [ 1525.304613][T30425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1525.304624][T30425] R13: 00007f5229616218 R14: 00007f5229616180 R15: 00007ffda551c068 [ 1525.304647][T30425] [ 1525.526187][T30432] netlink: 'syz.1.5167': attribute type 11 has an invalid length. [ 1525.710888][T30445] futex_wake_op: syz.1.5169 tries to shift op by -2048; fix this program [ 1525.719755][T30445] futex_wake_op: syz.1.5169 tries to shift op by -2048; fix this program [ 1525.731676][T30445] 0x000000000001-0x000000020000 : "" [ 1525.766419][T30445] ftl_cs: FTL header corrupt! [ 1526.117783][T30442] misc userio: No port type given on /dev/userio [ 1526.344951][T30458] futex_wake_op: syz.2.5172 tries to shift op by -2048; fix this program [ 1526.396061][T30458] 0x000100000001-0x00013b5787f1 : "" [ 1526.417850][T30458] mtd: partition "" is out of reach -- disabled [ 1526.511961][T30458] ftl_cs: FTL header not found. [ 1528.496800][T30490] zswap: compressor not available [ 1528.540375][T30503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5182'. [ 1528.575265][T30501] vivid-007: ================= START STATUS ================= [ 1528.648784][T30501] vivid-007: Generate PTS: true [ 1528.706932][T30501] vivid-007: Generate SCR: true [ 1528.768917][T30493] Invalid ELF header magic: != ELF [ 1528.786483][T30501] tpg source WxH: 320x240 (Y'CbCr) [ 1528.809852][ T29] audit: type=1326 audit(4294968313.450:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30506 comm="syz.0.5183" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f522939c819 code=0x0 [ 1528.865704][T21979] Bluetooth: hci4: unexpected subevent 0x04 length: 122 > 11 [ 1528.876381][T30501] tpg field: 1 [ 1528.895812][T30501] tpg crop: (0,0)/320x240 [ 1528.938311][T30501] tpg compose: (0,0)/320x240 [ 1528.988984][T30501] tpg colorspace: 8 [ 1529.047653][T30501] tpg transfer function: 0/0 [ 1529.101844][T30501] tpg Y'CbCr encoding: 0/0 [ 1529.157020][T30501] tpg quantization: 0/0 [ 1529.202674][T30501] tpg RGB range: 0/2 [ 1529.250886][T30501] vivid-007: ================== END STATUS ================== [ 1530.292678][T30530] Invalid ELF header magic: != ELF [ 1532.537311][T30557] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1532.549117][T30558] vivid-007: ================= START STATUS ================= [ 1532.567068][T30558] vivid-007: Generate PTS: true [ 1532.572074][T30558] vivid-007: Generate SCR: true [ 1532.614491][T30558] tpg source WxH: 320x240 (Y'CbCr) [ 1532.636493][T30558] tpg field: 1 [ 1532.648982][T30558] tpg crop: (0,0)/320x240 [ 1532.681265][T30558] tpg compose: (0,0)/320x240 [ 1532.714346][T30558] tpg colorspace: 8 [ 1532.727859][T30556] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input39 [ 1532.747768][T30558] tpg transfer function: 0/0 [ 1532.752406][T30558] tpg Y'CbCr encoding: 0/0 [ 1532.801109][T30558] tpg quantization: 0/0 [ 1532.828575][T30558] tpg RGB range: 0/2 [ 1532.868969][T30558] vivid-007: ================== END STATUS ================== [ 1533.988583][T30576] bond0: option all_slaves_active: invalid value () [ 1535.381540][T30604] zswap: compressor not available [ 1535.522043][T21979] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 1535.583859][T30606] netlink: 'syz.0.5203': attribute type 11 has an invalid length. [ 1535.626368][T30613] FAULT_INJECTION: forcing a failure. [ 1535.626368][T30613] name failslab, interval 1, probability 0, space 0, times 0 [ 1535.656788][T30606] netlink: 330 bytes leftover after parsing attributes in process `syz.0.5203'. [ 1535.672875][T30613] CPU: 0 UID: 0 PID: 30613 Comm: syz.2.5204 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1535.672906][T30613] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1535.672914][T30613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1535.672925][T30613] Call Trace: [ 1535.672932][T30613] [ 1535.672940][T30613] dump_stack_lvl+0x100/0x190 [ 1535.672973][T30613] should_fail_ex.cold+0x5/0xa [ 1535.672997][T30613] should_failslab+0xc2/0x120 [ 1535.673019][T30613] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1535.673046][T30613] ? usb_control_msg+0xbc/0x4b0 [ 1535.673073][T30613] ? __pfx___mutex_lock+0x10/0x10 [ 1535.673098][T30613] usb_control_msg+0xbc/0x4b0 [ 1535.673127][T30613] ? __pfx_usb_control_msg+0x10/0x10 [ 1535.673160][T30613] hub_ext_port_status+0x152/0x600 [ 1535.673193][T30613] hub_activate+0x6d8/0x1d50 [ 1535.673227][T30613] ? __pfx_hub_activate+0x10/0x10 [ 1535.673252][T30613] ? find_held_lock+0x2b/0x80 [ 1535.673271][T30613] ? usb_generic_driver_resume+0x70/0xa0 [ 1535.673298][T30613] ? usb_generic_driver_resume+0x70/0xa0 [ 1535.673331][T30613] hub_resume+0xb0/0x400 [ 1535.673358][T30613] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1535.673381][T30613] ? __pfx_hub_resume+0x10/0x10 [ 1535.673436][T30613] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1535.673465][T30613] usb_resume_interface.isra.0+0x2ce/0x3d0 [ 1535.673489][T30613] usb_resume_both+0x237/0x9a0 [ 1535.673511][T30613] ? __pfx_usb_resume_both+0x10/0x10 [ 1535.673530][T30613] ? __rpm_callback+0x272/0x620 [ 1535.673551][T30613] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1535.673573][T30613] ? rcu_is_watching+0x12/0xc0 [ 1535.673604][T30613] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1535.673628][T30613] __rpm_callback+0xc8/0x620 [ 1535.673647][T30613] ? read_tsc+0x9/0x20 [ 1535.673668][T30613] ? ktime_get_mono_fast_ns+0x1be/0x3c0 [ 1535.673689][T30613] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1535.673713][T30613] rpm_callback+0x16a/0x1b0 [ 1535.673733][T30613] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1535.673757][T30613] rpm_resume+0xd3e/0x1350 [ 1535.673783][T30613] ? __pfx_rpm_resume+0x10/0x10 [ 1535.673802][T30613] ? do_raw_spin_lock+0x128/0x260 [ 1535.673831][T30613] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1535.673862][T30613] ? _raw_spin_lock_irqsave+0x52/0x60 [ 1535.673895][T30613] __pm_runtime_resume+0xb6/0x170 [ 1535.673918][T30613] usb_autoresume_device+0x23/0xe0 [ 1535.673943][T30613] usbdev_open+0x228/0x870 [ 1535.673967][T30613] ? kobject_get_unless_zero+0x156/0x200 [ 1535.673990][T30613] ? __pfx_usbdev_open+0x10/0x10 [ 1535.674011][T30613] ? chrdev_open+0x10b/0x6a0 [ 1535.674031][T30613] ? chrdev_open+0x10b/0x6a0 [ 1535.674054][T30613] ? __pfx_usbdev_open+0x10/0x10 [ 1535.674077][T30613] chrdev_open+0x234/0x6a0 [ 1535.674096][T30613] ? __pfx_apparmor_file_open+0x10/0x10 [ 1535.674118][T30613] ? __pfx_chrdev_open+0x10/0x10 [ 1535.674140][T30613] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1535.674167][T30613] do_dentry_open+0x6d8/0x1660 [ 1535.674187][T30613] ? __pfx_chrdev_open+0x10/0x10 [ 1535.674213][T30613] vfs_open+0x82/0x3f0 [ 1535.674240][T30613] path_openat+0x208c/0x31a0 [ 1535.674270][T30613] ? __pfx_path_openat+0x10/0x10 [ 1535.674299][T30613] do_file_open+0x20e/0x430 [ 1535.674322][T30613] ? __pfx_do_file_open+0x10/0x10 [ 1535.674360][T30613] ? alloc_fd+0x476/0x790 [ 1535.674381][T30613] ? do_getname+0x191/0x390 [ 1535.674414][T30613] do_sys_openat2+0x10d/0x1e0 [ 1535.674440][T30613] ? __pfx_do_sys_openat2+0x10/0x10 [ 1535.674465][T30613] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1535.674489][T30613] ? __fget_files+0x21f/0x3d0 [ 1535.674512][T30613] __x64_sys_openat+0x12d/0x210 [ 1535.674538][T30613] ? __pfx___x64_sys_openat+0x10/0x10 [ 1535.674564][T30613] ? ksys_write+0x1ac/0x250 [ 1535.674583][T30613] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1535.674609][T30613] ? syscall_user_dispatch+0x76/0x130 [ 1535.674640][T30613] do_syscall_64+0x106/0xf80 [ 1535.674658][T30613] ? clear_bhb_loop+0x40/0x90 [ 1535.674681][T30613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1535.674701][T30613] RIP: 0033:0x7fe88c19c819 [ 1535.674717][T30613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1535.674736][T30613] RSP: 002b:00007fe88cfd4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1535.674756][T30613] RAX: ffffffffffffffda RBX: 00007fe88c415fa0 RCX: 00007fe88c19c819 [ 1535.674769][T30613] RDX: 0000000000000802 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1535.674781][T30613] RBP: 00007fe88cfd4090 R08: 0000000000000000 R09: 0000000000000000 [ 1535.674793][T30613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1535.674804][T30613] R13: 00007fe88c416038 R14: 00007fe88c415fa0 R15: 00007ffeb840a9c8 [ 1535.674829][T30613] [ 1536.762733][T30618] ------------[ cut here ]------------ [ 1536.769568][T30618] !reader [ 1536.769582][T30618] WARNING: kernel/trace/ring_buffer.c:7407 at ring_buffer_map_get_reader+0x659/0x880, CPU#0: syz.4.5199/30618 [ 1536.784185][T30618] Modules linked in: [ 1536.788926][T30618] CPU: 0 UID: 0 PID: 30618 Comm: syz.4.5199 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1536.800325][T30618] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1536.805618][T30618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1536.815687][T30618] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 1536.822304][T30618] Code: ff e8 5b d5 fb ff 48 8d 3d 74 65 d1 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 38 d5 fb ff 90 <0f> 0b 90 e8 2f d5 fb ff 48 89 df 31 db e8 25 10 fe ff 48 8b 74 24 [ 1536.841935][T30618] RSP: 0018:ffffc9000493fd90 EFLAGS: 00010083 [ 1536.848023][T30618] RAX: 000000000000079b RBX: ffff88813fea5000 RCX: ffffc900106e1000 [ 1536.856082][T30618] RDX: 0000000000080000 RSI: ffffffff820c73c8 RDI: ffff888076d9bd00 [ 1536.864136][T30618] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 1536.872290][T30618] R10: 0000000000000000 R11: ffff88813fea50b0 R12: ffff88813fea50b0 [ 1536.880342][T30618] R13: dffffc0000000000 R14: ffff88813fea5190 R15: ffff88813fea5018 [ 1536.888342][T30618] FS: 00007f3a160db6c0(0000) GS:ffff888124341000(0000) knlGS:0000000000000000 [ 1536.897375][T30618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1536.903984][T30618] CR2: 0000001b2f5dcff8 CR3: 00000000a1c28000 CR4: 00000000003526f0 [ 1536.911964][T30618] Call Trace: [ 1536.915249][T30618] [ 1536.918216][T30618] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 1536.924495][T30618] ? __fget_files+0x21f/0x3d0 [ 1536.929275][T30618] tracing_buffers_ioctl+0x30d/0x400 [ 1536.934754][T30618] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 1536.940569][T30618] __x64_sys_ioctl+0x18e/0x210 [ 1536.945353][T30618] do_syscall_64+0x106/0xf80 [ 1536.950045][T30618] ? clear_bhb_loop+0x40/0x90 [ 1536.954817][T30618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1536.960818][T30618] RIP: 0033:0x7f3a1519c819 [ 1536.965257][T30618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1536.984972][T30618] RSP: 002b:00007f3a160db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1536.993851][T30618] RAX: ffffffffffffffda RBX: 00007f3a15416270 RCX: 00007f3a1519c819 [ 1537.001868][T30618] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 0000000000000005 [ 1537.010387][T30618] RBP: 00007f3a15232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1537.018447][T30618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1537.026439][T30618] R13: 00007f3a15416308 R14: 00007f3a15416270 R15: 00007ffc91225388 [ 1537.034521][T30618] [ 1537.037555][T30618] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1537.044856][T30618] CPU: 0 UID: 0 PID: 30618 Comm: syz.4.5199 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1537.055892][T30618] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1537.061086][T30618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1537.071237][T30618] Call Trace: [ 1537.074520][T30618] [ 1537.077458][T30618] dump_stack_lvl+0x100/0x190 [ 1537.082158][T30618] vpanic+0x552/0x970 [ 1537.086153][T30618] ? __pfx_vpanic+0x10/0x10 [ 1537.090677][T30618] panic+0xd1/0xe0 [ 1537.094503][T30618] ? __pfx_panic+0x10/0x10 [ 1537.098957][T30618] check_panic_on_warn.cold+0x19/0x34 [ 1537.104353][T30618] ? ring_buffer_map_get_reader+0x659/0x880 [ 1537.110518][T30618] __warn.cold+0x191/0x348 [ 1537.115055][T30618] __report_bug+0x296/0x3d0 [ 1537.119577][T30618] ? ring_buffer_map_get_reader+0x659/0x880 [ 1537.125482][T30618] ? __pfx___report_bug+0x10/0x10 [ 1537.130522][T30618] ? add_lock_to_list+0x99/0x110 [ 1537.135466][T30618] ? lockdep_unlock+0x5a/0xc0 [ 1537.140243][T30618] ? rb_set_head_page+0x1e6/0x2f0 [ 1537.145293][T30618] ? ring_buffer_map_get_reader+0x659/0x880 [ 1537.151261][T30618] report_bug+0xb2/0x220 [ 1537.155535][T30618] ? ring_buffer_map_get_reader+0x659/0x880 [ 1537.161541][T30618] handle_bug+0x16a/0x2a0 [ 1537.166002][T30618] exc_invalid_op+0x17/0x50 [ 1537.170640][T30618] asm_exc_invalid_op+0x1a/0x20 [ 1537.175613][T30618] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 1537.182139][T30618] Code: ff e8 5b d5 fb ff 48 8d 3d 74 65 d1 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 38 d5 fb ff 90 <0f> 0b 90 e8 2f d5 fb ff 48 89 df 31 db e8 25 10 fe ff 48 8b 74 24 [ 1537.201964][T30618] RSP: 0018:ffffc9000493fd90 EFLAGS: 00010083 [ 1537.208608][T30618] RAX: 000000000000079b RBX: ffff88813fea5000 RCX: ffffc900106e1000 [ 1537.216691][T30618] RDX: 0000000000080000 RSI: ffffffff820c73c8 RDI: ffff888076d9bd00 [ 1537.224692][T30618] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 1537.232681][T30618] R10: 0000000000000000 R11: ffff88813fea50b0 R12: ffff88813fea50b0 [ 1537.240695][T30618] R13: dffffc0000000000 R14: ffff88813fea5190 R15: ffff88813fea5018 [ 1537.249072][T30618] ? ring_buffer_map_get_reader+0x658/0x880 [ 1537.255291][T30618] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 1537.261658][T30618] ? __fget_files+0x21f/0x3d0 [ 1537.266366][T30618] tracing_buffers_ioctl+0x30d/0x400 [ 1537.271932][T30618] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 1537.277864][T30618] __x64_sys_ioctl+0x18e/0x210 [ 1537.282671][T30618] do_syscall_64+0x106/0xf80 [ 1537.287729][T30618] ? clear_bhb_loop+0x40/0x90 [ 1537.292417][T30618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1537.298354][T30618] RIP: 0033:0x7f3a1519c819 [ 1537.302792][T30618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1537.322510][T30618] RSP: 002b:00007f3a160db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1537.330946][T30618] RAX: ffffffffffffffda RBX: 00007f3a15416270 RCX: 00007f3a1519c819 [ 1537.339239][T30618] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 0000000000000005 [ 1537.347280][T30618] RBP: 00007f3a15232c91 R08: 0000000000000000 R09: 0000000000000000 [ 1537.355267][T30618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1537.363240][T30618] R13: 00007f3a15416308 R14: 00007f3a15416270 R15: 00007ffc91225388 [ 1537.371234][T30618] [ 1537.374327][T30618] Kernel Offset: disabled [ 1537.378656][T30618] Rebooting in 86400 seconds..