last executing test programs: 14m58.061929327s ago: executing program 1 (id=2556): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x1, 0xa, 0xbffffffffffff801, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) dup3$auto(r0, r0, 0x4) 14m56.602303254s ago: executing program 1 (id=2565): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zl10353/parameters/debug\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x9) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{&(0x7f0000000000), 0x406a33, &(0x7f0000000140)={0x0, 0x7f}, 0x4, 0x0, 0xfff, 0x84}, 0xfffffffb}, 0x7b, 0xdb22, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan1\x00'}) r1 = socket(0x2, 0xa, 0x0) sendmmsg$auto(r1, &(0x7f00000000c0)={{&(0x7f0000000000), 0xd1, &(0x7f0000000080)={0x0, 0x5ea}, 0x1, 0x0, 0x1, 0xaf23}, 0x6}, 0x5, 0x1997b23d) 14m56.221243071s ago: executing program 1 (id=2566): mmap$auto(0x0, 0xb, 0x2, 0xeb1, 0x3ff, 0x8000) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x100000001, 0x7ff) io_uring_setup$auto(0x12, 0x0) r1 = open(0x0, 0x22240, 0x55) statx$auto(r1, 0x0, 0x1003, 0x4005, 0x0) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, r0, 0x7f, 0x5) 14m55.842068425s ago: executing program 1 (id=2573): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x400, 0x2b, 0x940, 0x1ffe0, 0x5a6, 0x3, 0x100002, 0x7f, 0x767, 0xfff, 0x7, 0xb2, 0x9, 0x4, 0x3, 0x1, 0x4, 0x20, 0x0, 0x1, 0x202, 0x62c, 0x40000000, 0x0, 0x9, 0x0, 0x0, 0x2, [0x251, 0xffffffff, 0x0, 0x4, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x200000, 0x1, 0x8000000000000000, 0x1, 0x0, 0x1, 0x0, 0x87ffd, 0x0, 0x6, 0xffffffffffffffff, 0x6, 0xb, 0x0, 0x0, 0x6, 0x0, 0x5, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1]}, 0x1fa, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 14m55.177736349s ago: executing program 1 (id=2580): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40400, 0x48) 14m54.909845534s ago: executing program 1 (id=2581): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) waitid$auto(0x0, 0x594d0417, 0x0, 0x1000004, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) statmount$auto(&(0x7f0000000040)={0x1f, @raw, 0x80000002, 0xf5ff, 0x8}, 0x0, 0x7ffffffff000, 0x0) mmap$auto(0x0, 0x400005, 0x40000000000df, 0x9b72, 0x2, 0x8000) 14m39.785856963s ago: executing program 32 (id=2581): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) waitid$auto(0x0, 0x594d0417, 0x0, 0x1000004, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) statmount$auto(&(0x7f0000000040)={0x1f, @raw, 0x80000002, 0xf5ff, 0x8}, 0x0, 0x7ffffffff000, 0x0) mmap$auto(0x0, 0x400005, 0x40000000000df, 0x9b72, 0x2, 0x8000) 13m49.19185917s ago: executing program 2 (id=2968): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fbdbdf25040000002d0011009b"], 0x44}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffff}, 0x1, 0x0, 0x0, 0x29}, 0x20100007}, 0x3, 0x0) 13m48.617251405s ago: executing program 2 (id=2973): openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x40c880, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa9202, 0x0) mmap$auto(0xffff8000, 0x280009, 0xb, 0x8000000008011, r0, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) get_mempolicy$auto(0x0, 0x0, 0x7f, 0x8, 0x3) 13m48.026352081s ago: executing program 2 (id=2976): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 13m46.995567616s ago: executing program 2 (id=2981): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 13m46.55242404s ago: executing program 2 (id=2982): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x9, 0x2, 0x8000000000000000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) semtimedop$auto(0x8000000b, 0x0, 0x3, 0x0) 13m45.889951833s ago: executing program 2 (id=2987): r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) r3 = socket(0x1d, 0x2, 0x7) r4 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r3, &(0x7f0000000000)=@can={0x1d, r5}, 0x6a) 13m45.323629597s ago: executing program 33 (id=2987): r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) r3 = socket(0x1d, 0x2, 0x7) r4 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r3, &(0x7f0000000000)=@can={0x1d, r5}, 0x6a) 2m43.610533919s ago: executing program 5 (id=6147): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0106"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m43.311596935s ago: executing program 5 (id=6141): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) socket(0x11, 0x3, 0x9) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4ad00, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r2, 0xc10c5541, r1) 2m41.486036855s ago: executing program 5 (id=6143): openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x40000, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_MACSEC_CMD_GET_TXSC(r0, 0x0, 0x40080c4) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x2, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x141000, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, &(0x7f0000000000)={0x3, 0x1, 0x80000000, 0x70, 0x9, 0x1}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 2m40.169683639s ago: executing program 5 (id=6152): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fcntl$auto(0x3, 0x8, 0x9ebfffffffffffff) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu0/cache/index0/type\x00', 0x183142, 0x0) getrlimit$auto(0x8, 0x0) keyctl$auto(0x7ff, 0xfffffffe, 0xffffffffffffffff, 0x0, 0x7) ioctl$auto_FS_IOC_UNRESVSP(0xffffffffffffffff, 0x40305829, 0x100) statmount$auto(0x0, 0x0, 0x1fe, 0x5) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) 2m39.449965705s ago: executing program 5 (id=6155): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) socket(0x29, 0x2, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000003e01b878eb479b027ac21f194e192ea38307da7f54a5f331933ec3ccb5a2cc337706aea3d20b54ceac7dea5abae711fa550df2485d5ef6ec49e1c486a4cad56808fafcd75d9aae6a30d1b639deb1b4e71206bcbf6500efdf", @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x1, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='.\x00', 0x100, 0x161) socket(0xa, 0x3, 0x3a) shmctl$auto(0x691, 0x3, 0x0) ioctl$auto(0x1, 0x8941, 0x8) 2m38.188660195s ago: executing program 5 (id=6162): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000000200)={0x14, r3, 0x1, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x48080) sendmsg$auto_NFSD_CMD_LISTENER_GET(r1, 0x0, 0x50) read$auto(r0, 0x0, 0x80) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) ioctl$auto_UI_SET_ABSBIT(r4, 0x40045567, 0x0) syz_clone3(&(0x7f0000000380)={0x103700, &(0x7f0000002380), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 2m30.133771997s ago: executing program 3 (id=6187): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x5, 0x84) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(r0, 0x10000000084, 0x23, 0x0, 0x8) 2m28.874883618s ago: executing program 3 (id=6190): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/tty/ttyv7/power/control\x00', 0x22902, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socketcall$auto(0x5, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) pwrite64$auto(0xffffffffffffffff, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x06\x00\x06\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0x2, 0x3) ioctl$auto_KVM_GET_MSRS(r0, 0x4400ae8f, &(0x7f0000000040)={0xdd}) 2m28.514779514s ago: executing program 3 (id=6192): mmap$auto(0x0, 0x9d90, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x9) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) fanotify_init$auto(0x5, 0x2000000000002) pipe$auto(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8, @ANYRES8=r1], 0x18}, 0x1, 0x2000, 0x0, 0x40010}, 0x80) write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef) 2m28.070706226s ago: executing program 3 (id=6195): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x3, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x71, 0x0, &(0x7f0000000280)=0x22a) write$auto(0x3, 0x0, 0x5c8) 2m27.934811817s ago: executing program 3 (id=6197): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) 2m26.840498395s ago: executing program 3 (id=6199): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe8202, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x101901, 0x0) mmap$auto(0x0, 0x10008, 0x4000000000df, 0xeb1, 0x401, 0x8000) getsockopt$auto_SO_SNDLOWAT(r0, 0x8001, 0x13, &(0x7f0000000040)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x40200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x8000, 0x0) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) sendfile$auto(r2, r1, 0x0, 0x1003f) close_range$auto(0x2, 0xa, 0x0) 2m22.876870479s ago: executing program 34 (id=6162): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000000200)={0x14, r3, 0x1, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x48080) sendmsg$auto_NFSD_CMD_LISTENER_GET(r1, 0x0, 0x50) read$auto(r0, 0x0, 0x80) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) ioctl$auto_UI_SET_ABSBIT(r4, 0x40045567, 0x0) syz_clone3(&(0x7f0000000380)={0x103700, &(0x7f0000002380), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 2m19.288682492s ago: executing program 6 (id=6208): socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f0000000080)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000100)=':,\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001a80)={'wg2\x00'}) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) getpriority$auto_PRIO_USER(0x2, 0x0) mmap$auto(0x8, 0xfffffffffffffff7, 0x7, 0xffffffff, 0xffffffffffffffff, 0x66) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x2000c801) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) 2m18.930130949s ago: executing program 6 (id=6210): socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) 2m17.434538877s ago: executing program 6 (id=6213): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x21) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r2, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) 2m11.374837982s ago: executing program 35 (id=6199): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe8202, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x101901, 0x0) mmap$auto(0x0, 0x10008, 0x4000000000df, 0xeb1, 0x401, 0x8000) getsockopt$auto_SO_SNDLOWAT(r0, 0x8001, 0x13, &(0x7f0000000040)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x40200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x8000, 0x0) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) sendfile$auto(r2, r1, 0x0, 0x1003f) close_range$auto(0x2, 0xa, 0x0) 2m2.365879178s ago: executing program 36 (id=6213): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x21) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r2, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) 1m16.309980672s ago: executing program 7 (id=6349): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/rpc/nfsd.fh/channel\x00', 0x8f3b7a51b8063981, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=' \\x', 0x3) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x20040890) unshare$auto(0x40000080) mmap$auto(0x0, 0x402000d, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x40e00, 0x0) socket(0x1d, 0x3, 0x1) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) ioctl$auto_PPPIOCATTACH(r2, 0x4004743d, 0x0) close_range$auto(0x2, 0x8, 0x0) 1m14.763334547s ago: executing program 7 (id=6350): landlock_add_rule$auto(0xffffffffffffffff, 0x2, 0x0, 0x9) mmap$auto(0x0, 0x2020089, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff) 1m13.443117293s ago: executing program 7 (id=6356): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi22\x00', 0x100, 0x0) r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) faccessat$auto(r0, &(0x7f0000000080)='./file1\x00', 0xfffffffe) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x10001, 0xdf, 0x9b71, 0xffffffffffffffff, 0x0) socket(0xa, 0x1, 0x100) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x9, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000380)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1000001, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x80000000003fffff, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) 1m11.159842836s ago: executing program 7 (id=6364): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x8000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x1, 0x2020009, 0x203, 0x16, 0xfffffffffffffffa, 0x7ffd) unshare$auto(0x40000080) r2 = openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) move_mount$auto(r2, 0x0, r1, 0x0, 0x9) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x22003, 0x0) 1m9.406413125s ago: executing program 7 (id=6369): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) mmap$auto(0x0, 0x4, 0x1ff, 0x40eb1, 0x401, 0x300000000001) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4006b) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) sendmsg$auto_OVS_FLOW_CMD_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x10) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) 1m8.751590358s ago: executing program 7 (id=6371): socket(0x2, 0x80802, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x30, r1, 0x1, 0x70bc28, 0x25dfdbfd, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x800}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x93b}, @NFSD_A_SERVER_SCOPE={0x9, 0x4, 'nfsd\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x90) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) setrlimit$auto(0x1000000007, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) socket(0xa, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) 53.274192509s ago: executing program 37 (id=6371): socket(0x2, 0x80802, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x30, r1, 0x1, 0x70bc28, 0x25dfdbfd, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x800}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x93b}, @NFSD_A_SERVER_SCOPE={0x9, 0x4, 'nfsd\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x90) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) setrlimit$auto(0x1000000007, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) socket(0xa, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) 26.335221801s ago: executing program 4 (id=6449): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x1cb602, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x3, 0x5) lseek$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000080df, 0xeb1, 0x6, 0x8000) writev$auto(0xffffffffffffffff, 0x0, 0x3) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/0000:00:02.0/Virtual-2/edid_override\x00', 0x228c41, 0x0) write$auto(0x3, 0x0, 0xfdef) munmap$auto(0x8000, 0xffffffff) 23.618121415s ago: executing program 4 (id=6456): r0 = socket(0x2, 0x1, 0x106) r1 = socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) connect$auto(0x3, 0x0, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x42802, 0x0) setsockopt$auto(r1, 0x1, 0x9, 0x0, 0xeb66) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) shutdown$auto(0x200000003, 0x2) 18.792917163s ago: executing program 4 (id=6476): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="cb5b"], 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x4, 0x0, 0x0, 0x1009}, 0x7}, 0x3, 0x0) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x6, 0x0) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f00000000c0)={{0x0, 0x5, 0x0, 0x3, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0) r2 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0) write$auto_ftrace_event_filter_fops_trace_events(r2, &(0x7f0000000300)="2baf82c1a5bc872318c266c40109c6b2b8e16198d96732ec3515702f77291f", 0x1f) ioctl$auto(r0, 0x89f1, 0x24) 17.784754328s ago: executing program 4 (id=6481): sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x96bc}, 0x2, 0x0, 0x7, 0xe945}, 0x9}, 0x7, 0x4008) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC2(r0, 0x80044dff, &(0x7f0000000280)) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/ip_vs_app\x00', 0x101000, 0x0) pread64$auto(r1, 0x0, 0x8, 0xffff) landlock_restrict_self$auto(r1, 0x5) r2 = socket(0x10, 0x2, 0x0) bpf$auto(0x1, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x81, r0, 0x2, 0x8}, 0x100000cf) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r2, 0x89fb, 0x24) 16.899565483s ago: executing program 4 (id=6477): unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) readv$auto(r1, &(0x7f0000000100)={&(0x7f0000000280), 0x1}, 0x4) sendmsg$auto_IPVS_CMD_GET_DEST(0xffffffffffffffff, 0x0, 0x40010) getcwd$auto(0x0, 0xffffffffffffffff) unlinkat$auto(0xffffffffffffffff, 0x0, 0x200) mprotect$auto(0x0, 0x8000000000000001, 0x8) 15.3692215s ago: executing program 4 (id=6483): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'}) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) mmap$auto(0x3, 0x128009, 0xdf, 0x12, r0, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyb9\x00', 0x40800, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x80000001, 0x80000000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x3, 0x5) 4.589445051s ago: executing program 8 (id=6511): mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) socket(0x11, 0x3, 0x9) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x2, 0x1, 0x100948b, 0x8, 0x15f4da07, 0x3, 0x10, 0x8, 0x80000020, 0x6, 0x3, 0x8, 0x400000000002, 0xd8]}, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.174247339s ago: executing program 0 (id=6512): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi22\x00', 0x100, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) socket(0xa, 0x3, 0x100) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x9, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000380)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1000001, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x80000000003fffff, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 4.136799674s ago: executing program 8 (id=6513): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000f7, 0x3, 0x1) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x4188aec6, 0x38) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00') set_mempolicy_home_node$auto(0x0, 0x2010001, 0x0, 0x0) 3.22331674s ago: executing program 8 (id=6515): r0 = socket(0x2, 0x1, 0x106) r1 = socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) connect$auto(0x3, 0x0, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x42802, 0x0) setsockopt$auto(r1, 0x1, 0x9, 0x0, 0xeb66) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) shutdown$auto(0x200000003, 0x2) 3.223166604s ago: executing program 9 (id=6516): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x1, 0x100) pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\b\x06\x11\x00\x00\x00\x00?W\xff\xff\xba\xae\xb8-\x14\xe4\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf6\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9\xc5\x93\x1dD\x811\xb9_\xdd*j\xfd\xeb\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;\x9e\x83\x120\x81\x11\x9a?g`sFh\x00\x00\xda,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xdex\xd8\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/228, 0x8fdef, 0x4000000000000007) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x20008800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYRES32=r0], 0x38}}, 0x40008c0) close_range$auto(0x2, 0x8, 0x0) fanotify_init$auto(0x1, 0x2) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x53) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0xb, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x38}, 0x6, 0x0, 0x4, 0x9}, 0x9}, 0x6, 0x1f00) 2.87889107s ago: executing program 9 (id=6517): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, 0x0, 0x20000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000036c0)='/proc/sys/net/ipv6/conf/xfrm0/stable_secret\x00', 0x2000, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) preadv2$auto(0xffffffffffffffff, 0x0, 0x6, 0x3, 0x4, 0x2a) mprotect$auto(0x1000, 0x401000, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) 2.829605881s ago: executing program 0 (id=6519): mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) r1 = socket(0xa, 0x1, 0x84) capget$auto(0x0, 0xfffffffffffffffe) getsockopt$auto(r1, 0x84, 0x85, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) open(0x0, 0x2040, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) 2.616642252s ago: executing program 9 (id=6520): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000) socket(0x2, 0x2, 0x1) bind$auto(0x3, 0x0, 0x6a) close_range$auto(0x2, 0x8, 0x0) setfsgid$auto(0x9) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) socketpair$auto(0xffffff6c, 0x4, 0x8000000, 0x0) r0 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8953, 0x0) 2.588728571s ago: executing program 0 (id=6522): mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000001080)="7a47301037954c081c9a0bb04ef84993eab91abe1686f43e43d786e91365f04455bd620de9f3fb6d25e6c078c1a672c549dbc7876cb528ba081a81d884bfc00dd4eef57cedc0cc3756ff6a5b0aa8ba9511fe2b07c6e7f4732fe36ba2") read$auto(0xffffffffffffffff, 0x0, 0x1f40) ioctl$auto(0xc8, 0x800454e1, 0x5c8d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(0x3, 0x0, 0x8080) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) sendmsg$auto_SMC_NETLINK_DUMP_UEID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40015}, 0x4) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) write$auto(0x3, 0x0, 0x100082) 2.3925113s ago: executing program 9 (id=6523): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff) unshare$auto(0x40000080) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000040), 0x7111}, 0x8) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x73) setsockopt$auto(0x400000000000003, 0xff, 0x24, 0x0, 0xfff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_FS_IOC_SETFLAGS2(0xffffffffffffffff, 0x40086602, 0x0) mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x600006, 0x19) sendfile$auto(r0, r0, 0x0, 0x3) 1.451199315s ago: executing program 0 (id=6524): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0x2, 0x0) socket(0x2, 0x5, 0x84) keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0x0, 0xe) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @rand_addr=0x640100ff}, 0x55) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) 948.067769ms ago: executing program 9 (id=6525): mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) write$auto(r0, 0x0, 0x45c) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202640, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0x104002, 0x0) unshare$auto(0x40000080) waitid$auto_P_PGID(0x2, 0x0, &(0x7f00000002c0)={@_si_pad}, 0x36, &(0x7f0000000340)={{0x9, 0x7}, {0x8000000000000001, 0x800}, 0x7, 0x5, 0x8, 0x0, 0x6fb, 0x400, 0x6b, 0x10000, 0x5, 0x1, 0xffffffffffffff9a, 0x1, 0x1000, 0x8}) mmap$auto(0x0, 0x100000000, 0x1ff, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4ad00, 0x0) io_uring_setup$auto(0x1, &(0x7f0000000000)={0x4, 0xffffffff, 0x8, 0x9, 0x3, 0x10000, 0xffffffffffffffff, [0x8000, 0x3], {0x1, 0x18, 0x9, 0x25, 0x7, 0x900000, 0x800, 0x7, 0x1}, {0xfffffe00, 0x8e, 0x8, 0x0, 0x4, 0x9, 0x10001, 0x80000000}}) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC2\x00', 0x80, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto(r2, 0xc10c5541, r1) 947.228363ms ago: executing program 8 (id=6533): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae8a, 0x0) 711.517899ms ago: executing program 8 (id=6526): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x06\x11\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9', 0xfdef, 0x3) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) r1 = socketcall$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) 412.297406ms ago: executing program 0 (id=6527): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bpf$auto(0x0, 0x0, 0xa3) 392.901429ms ago: executing program 9 (id=6528): unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) gettid() socket(0x11, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/034/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x18, 0x2006, 0x7fa, 0x7fb, &(0x7f0000000280)}) openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, 0x0, 0x0, 0x0) rt_sigqueueinfo$auto(0x0, 0x20000009, &(0x7f00000000c0)={@_si_pad}) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) shmat$auto(0x0, &(0x7f0000000000)='(\x00', 0xfffffffb) 193.941208ms ago: executing program 38 (id=6483): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'}) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) mmap$auto(0x3, 0x128009, 0xdf, 0x12, r0, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyb9\x00', 0x40800, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x80000001, 0x80000000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x3, 0x5) 163.311507ms ago: executing program 8 (id=6530): r0 = openat$auto_memtype_fops_memtype(0xffffffffffffff9c, &(0x7f0000000000), 0xa8200, 0x0) pread64$auto(r0, &(0x7f0000000080)='\x00', 0x40b6, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/loop8/queue/atomic_write_unit_max_bytes\x00', 0x400, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) statmount$auto(0x0, &(0x7f0000000300)={0x7, 0x8, 0x1, 0x80000003, 0x2, 0x1, 0xff, 0xbad, 0xd0, 0xae0000000000, 0x8001, 0x1e2b, 0x8, 0x7fff, 0x9, 0x46c8ace, 0x80000001, 0x400000, 0x3ff, 0x6a, 0xc2a, 0x2, 0xbf64, 0x4, 0x7, 0x4, 0x9, 0x8, 0x8001, 0x1, 0x2009, [0x101, 0xe3, 0x3, 0x1, 0x10000000007, 0x40000000000000e, 0x2000000000003, 0x6, 0xe, 0xffffffffffffa7e2, 0x2000000000000000, 0x7fffffff, 0x4b, 0x5, 0x9, 0x8, 0xffffffffffffff96, 0x7fffffff, 0xa1a4, 0xcf, 0x7fffffffffffffff, 0xffffffffffffff40, 0x2, 0x1a, 0x8001000000000000, 0x3ff, 0x9, 0xe, 0x3c, 0x9, 0x4, 0xfffffffffffefff8, 0x4, 0x3, 0x9, 0x3, 0x7fffffff, 0x100, 0x142, 0xe29, 0x2, 0x7, 0x7]}, 0x2, 0xef) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) 0s ago: executing program 0 (id=6531): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'}) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x3, &(0x7f0000000280)=@prog_bind_map={r0, r2, 0x9}, 0xffffffff) r3 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/0/msr\x00', 0x181f82, 0x0) readv$auto(r3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) kernel console output (not intermixed with test programs): erm_and_set_mode+0x17a/0xa80 [ 1080.177151][T23399] do_dentry_open+0x6d8/0x1660 [ 1080.177186][T23399] ? __pfx_chrdev_open+0x10/0x10 [ 1080.177225][T23399] vfs_open+0x82/0x3f0 [ 1080.177265][T23399] path_openat+0x208c/0x31a0 [ 1080.177306][T23399] ? __pfx_path_openat+0x10/0x10 [ 1080.177349][T23399] do_file_open+0x20e/0x430 [ 1080.177403][T23399] ? __pfx_do_file_open+0x10/0x10 [ 1080.177462][T23399] ? alloc_fd+0x476/0x790 [ 1080.177495][T23399] ? do_getname+0x191/0x390 [ 1080.177535][T23399] do_sys_openat2+0x10d/0x1e0 [ 1080.177574][T23399] ? __pfx_do_sys_openat2+0x10/0x10 [ 1080.177624][T23399] __x64_sys_openat+0x12d/0x210 [ 1080.177664][T23399] ? __pfx___x64_sys_openat+0x10/0x10 [ 1080.177709][T23399] ? rcu_is_watching+0x12/0xc0 [ 1080.177743][T23399] do_syscall_64+0x10b/0xf80 [ 1080.177780][T23399] ? clear_bhb_loop+0x40/0x90 [ 1080.177810][T23399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.177835][T23399] RIP: 0033:0x7f6046b9ce59 [ 1080.177855][T23399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1080.177879][T23399] RSP: 002b:00007f6044df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1080.177903][T23399] RAX: ffffffffffffffda RBX: 00007f6046e16090 RCX: 00007f6046b9ce59 [ 1080.177919][T23399] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1080.177935][T23399] RBP: 00007f6046c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1080.177951][T23399] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1080.177967][T23399] R13: 00007f6046e16128 R14: 00007f6046e16090 R15: 00007fff897a8338 [ 1080.177998][T23399] [ 1080.667310][T23409] FAULT_INJECTION: forcing a failure. [ 1080.667310][T23409] name failslab, interval 1, probability 0, space 0, times 0 [ 1080.680278][T23409] CPU: 0 UID: 0 PID: 23409 Comm: syz.4.5636 Tainted: G L syzkaller #0 PREEMPT(full) [ 1080.680317][T23409] Tainted: [L]=SOFTLOCKUP [ 1080.680327][T23409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1080.680342][T23409] Call Trace: [ 1080.680351][T23409] [ 1080.680360][T23409] dump_stack_lvl+0x100/0x190 [ 1080.680391][T23409] should_fail_ex.cold+0x5/0xa [ 1080.680423][T23409] should_failslab+0xc2/0x120 [ 1080.680452][T23409] __kvmalloc_node_noprof+0xfa/0xa00 [ 1080.680477][T23409] ? alloc_shrinker_info+0xf0/0x470 [ 1080.680513][T23409] alloc_shrinker_info+0xf0/0x470 [ 1080.680545][T23409] ? __pfx_mem_cgroup_css_online+0x10/0x10 [ 1080.680587][T23409] mem_cgroup_css_online+0xa4/0xbf0 [ 1080.680636][T23409] ? __pfx_mem_cgroup_css_online+0x10/0x10 [ 1080.680679][T23409] online_css+0xb2/0x350 [ 1080.680709][T23409] cgroup_apply_control_enable+0xa8d/0xdd0 [ 1080.680755][T23409] cgroup_mkdir+0x59c/0x1310 [ 1080.680797][T23409] ? __pfx_cgroup_mkdir+0x10/0x10 [ 1080.680836][T23409] kernfs_iop_mkdir+0x111/0x190 [ 1080.680866][T23409] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 1080.680905][T23409] vfs_mkdir+0x361/0x850 [ 1080.680933][T23409] filename_mkdirat+0x48b/0x5e0 [ 1080.680970][T23409] ? __pfx_filename_mkdirat+0x10/0x10 [ 1080.681004][T23409] ? strncpy_from_user+0x19d/0x2d0 [ 1080.681034][T23409] ? do_getname+0x191/0x390 [ 1080.681074][T23409] __x64_sys_mkdir+0x6b/0x90 [ 1080.681108][T23409] do_syscall_64+0x10b/0xf80 [ 1080.681146][T23409] ? clear_bhb_loop+0x40/0x90 [ 1080.681176][T23409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.681201][T23409] RIP: 0033:0x7f3dd799ce59 [ 1080.681221][T23409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1080.681246][T23409] RSP: 002b:00007f3dd887b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1080.681269][T23409] RAX: ffffffffffffffda RBX: 00007f3dd7c15fa0 RCX: 00007f3dd799ce59 [ 1080.681285][T23409] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 1080.681300][T23409] RBP: 00007f3dd7a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1080.681315][T23409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1080.681330][T23409] R13: 00007f3dd7c16038 R14: 00007f3dd7c15fa0 R15: 00007fff9c52bf98 [ 1080.681362][T23409] [ 1081.391921][T23413] netlink: 25 bytes leftover after parsing attributes in process `syz.0.5637'. [ 1082.981328][T23439] FAULT_INJECTION: forcing a failure. [ 1082.981328][T23439] name failslab, interval 1, probability 0, space 0, times 0 [ 1083.270875][T23439] CPU: 0 UID: 0 PID: 23439 Comm: syz.0.5651 Tainted: G L syzkaller #0 PREEMPT(full) [ 1083.270916][T23439] Tainted: [L]=SOFTLOCKUP [ 1083.270925][T23439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1083.270941][T23439] Call Trace: [ 1083.270949][T23439] [ 1083.270960][T23439] dump_stack_lvl+0x100/0x190 [ 1083.270991][T23439] should_fail_ex.cold+0x5/0xa [ 1083.271023][T23439] should_failslab+0xc2/0x120 [ 1083.271053][T23439] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1083.271089][T23439] ? cec_open+0xdb/0x690 [ 1083.271127][T23439] ? __lock_acquire+0x4a5/0x2630 [ 1083.271154][T23439] cec_open+0xdb/0x690 [ 1083.271199][T23439] ? __pfx_cec_open+0x10/0x10 [ 1083.271240][T23439] ? kobject_get_unless_zero+0x156/0x200 [ 1083.271267][T23439] ? find_held_lock+0x2b/0x80 [ 1083.271306][T23439] ? chrdev_open+0x10b/0x6a0 [ 1083.271337][T23439] ? chrdev_open+0x10b/0x6a0 [ 1083.271373][T23439] ? __pfx_cec_open+0x10/0x10 [ 1083.271411][T23439] chrdev_open+0x234/0x6a0 [ 1083.271442][T23439] ? __pfx_apparmor_file_open+0x10/0x10 [ 1083.271483][T23439] ? __pfx_chrdev_open+0x10/0x10 [ 1083.271516][T23439] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1083.271556][T23439] do_dentry_open+0x6d8/0x1660 [ 1083.271587][T23439] ? __pfx_chrdev_open+0x10/0x10 [ 1083.271625][T23439] vfs_open+0x82/0x3f0 [ 1083.271665][T23439] path_openat+0x208c/0x31a0 [ 1083.271706][T23439] ? __pfx_path_openat+0x10/0x10 [ 1083.271748][T23439] do_file_open+0x20e/0x430 [ 1083.271782][T23439] ? __pfx_do_file_open+0x10/0x10 [ 1083.271833][T23439] ? alloc_fd+0x476/0x790 [ 1083.271866][T23439] ? do_getname+0x191/0x390 [ 1083.271905][T23439] do_sys_openat2+0x10d/0x1e0 [ 1083.271944][T23439] ? __pfx_do_sys_openat2+0x10/0x10 [ 1083.271985][T23439] ? do_raw_spin_lock+0x128/0x260 [ 1083.272020][T23439] __x64_sys_openat+0x12d/0x210 [ 1083.272060][T23439] ? __pfx___x64_sys_openat+0x10/0x10 [ 1083.272104][T23439] ? rcu_is_watching+0x12/0xc0 [ 1083.272138][T23439] do_syscall_64+0x10b/0xf80 [ 1083.272175][T23439] ? clear_bhb_loop+0x40/0x90 [ 1083.272205][T23439] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1083.272230][T23439] RIP: 0033:0x7f6046b9ce59 [ 1083.272251][T23439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1083.272285][T23439] RSP: 002b:00007f60449b2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1083.272308][T23439] RAX: ffffffffffffffda RBX: 00007f6046e16270 RCX: 00007f6046b9ce59 [ 1083.272325][T23439] RDX: 0000000000101901 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 1083.272341][T23439] RBP: 00007f6046c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1083.272357][T23439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1083.272372][T23439] R13: 00007f6046e16308 R14: 00007f6046e16270 R15: 00007fff897a8338 [ 1083.272403][T23439] [ 1085.695025][ T5635] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1085.805993][T23435] Process accounting paused [ 1087.985145][T23505] netlink: 252 bytes leftover after parsing attributes in process `syz.0.5662'. [ 1088.094989][T23508] netlink: 252 bytes leftover after parsing attributes in process `syz.0.5662'. [ 1088.682109][T23502] Process accounting resumed [ 1089.846980][T23520] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5674'. [ 1089.899188][T23520] netlink: 'syz.5.5674': attribute type 1 has an invalid length. [ 1089.933328][T23520] netlink: 13 bytes leftover after parsing attributes in process `syz.5.5674'. [ 1092.592877][T23566] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5678'. [ 1092.637528][T23566] netlink: 'syz.3.5678': attribute type 1 has an invalid length. [ 1092.681345][T23566] netlink: 13 bytes leftover after parsing attributes in process `syz.3.5678'. [ 1093.604472][T23580] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5682'. [ 1093.652884][T23580] veth1_macvtap: left promiscuous mode [ 1093.679474][T23580] macsec0: entered promiscuous mode [ 1093.698776][T23580] macsec0: entered allmulticast mode [ 1094.474476][T23590] netlink: 146 bytes leftover after parsing attributes in process `syz.3.5685'. [ 1094.852733][T23598] netlink: 25 bytes leftover after parsing attributes in process `syz.3.5686'. [ 1095.154090][T23602] FAULT_INJECTION: forcing a failure. [ 1095.154090][T23602] name failslab, interval 1, probability 0, space 0, times 0 [ 1095.264898][T23602] CPU: 0 UID: 0 PID: 23602 Comm: syz.4.5696 Tainted: G L syzkaller #0 PREEMPT(full) [ 1095.264946][T23602] Tainted: [L]=SOFTLOCKUP [ 1095.264955][T23602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1095.264970][T23602] Call Trace: [ 1095.264979][T23602] [ 1095.264989][T23602] dump_stack_lvl+0x100/0x190 [ 1095.265021][T23602] should_fail_ex.cold+0x5/0xa [ 1095.265053][T23602] should_failslab+0xc2/0x120 [ 1095.265084][T23602] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1095.265120][T23602] ? snd_hrtimer_open+0x43/0xf0 [ 1095.265148][T23602] ? __pfx_snd_hrtimer_open+0x10/0x10 [ 1095.265173][T23602] snd_hrtimer_open+0x43/0xf0 [ 1095.265197][T23602] snd_timer_open+0xb65/0x1100 [ 1095.265241][T23602] ? __pfx_snd_timer_open+0x10/0x10 [ 1095.265283][T23602] ? kstrdup+0xb3/0xe0 [ 1095.265313][T23602] snd_seq_timer_open+0x289/0x5d0 [ 1095.265345][T23602] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 1095.265383][T23602] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1095.265419][T23602] ? lockdep_hardirqs_on+0x78/0x100 [ 1095.265457][T23602] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1095.265503][T23602] queue_use+0xdc/0x1f0 [ 1095.265544][T23602] snd_seq_queue_alloc+0x2e5/0x540 [ 1095.265572][T23602] snd_seq_ioctl_create_queue+0xa9/0x370 [ 1095.265612][T23602] call_seq_client_ctl+0xa3/0x130 [ 1095.265647][T23602] snd_seq_kernel_client_ctl+0x77/0xd0 [ 1095.265682][T23602] alloc_seq_queue+0xdb/0x180 [ 1095.265717][T23602] ? __pfx_alloc_seq_queue+0x10/0x10 [ 1095.265768][T23602] ? mark_held_locks+0x40/0x70 [ 1095.265797][T23602] snd_seq_oss_open+0x2b2/0xa10 [ 1095.265837][T23602] odev_open+0x6f/0x90 [ 1095.265868][T23602] ? __pfx_odev_open+0x10/0x10 [ 1095.265900][T23602] soundcore_open+0x2e3/0x5a0 [ 1095.265936][T23602] ? __pfx_soundcore_open+0x10/0x10 [ 1095.265970][T23602] chrdev_open+0x234/0x6a0 [ 1095.266002][T23602] ? __pfx_apparmor_file_open+0x10/0x10 [ 1095.266043][T23602] ? __pfx_chrdev_open+0x10/0x10 [ 1095.266076][T23602] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1095.266118][T23602] do_dentry_open+0x6d8/0x1660 [ 1095.266148][T23602] ? __pfx_chrdev_open+0x10/0x10 [ 1095.266187][T23602] vfs_open+0x82/0x3f0 [ 1095.266227][T23602] path_openat+0x208c/0x31a0 [ 1095.266269][T23602] ? __pfx_path_openat+0x10/0x10 [ 1095.266317][T23602] do_file_open+0x20e/0x430 [ 1095.266351][T23602] ? __pfx_do_file_open+0x10/0x10 [ 1095.266404][T23602] ? alloc_fd+0x476/0x790 [ 1095.266437][T23602] ? do_getname+0x191/0x390 [ 1095.266478][T23602] do_sys_openat2+0x10d/0x1e0 [ 1095.266523][T23602] ? __pfx_do_sys_openat2+0x10/0x10 [ 1095.266574][T23602] __x64_sys_openat+0x12d/0x210 [ 1095.266616][T23602] ? __pfx___x64_sys_openat+0x10/0x10 [ 1095.266655][T23602] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 1095.266685][T23602] ? rcu_is_watching+0x12/0xc0 [ 1095.266720][T23602] do_syscall_64+0x10b/0xf80 [ 1095.266757][T23602] ? clear_bhb_loop+0x40/0x90 [ 1095.266786][T23602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1095.266811][T23602] RIP: 0033:0x7f3dd799ce59 [ 1095.266831][T23602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1095.266855][T23602] RSP: 002b:00007f3dd887b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1095.266879][T23602] RAX: ffffffffffffffda RBX: 00007f3dd7c15fa0 RCX: 00007f3dd799ce59 [ 1095.266895][T23602] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1095.266911][T23602] RBP: 00007f3dd7a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1095.266926][T23602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1095.266941][T23602] R13: 00007f3dd7c16038 R14: 00007f3dd7c15fa0 R15: 00007fff9c52bf98 [ 1095.266972][T23602] [ 1097.146127][ T5635] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 1097.967445][T23648] FAULT_INJECTION: forcing a failure. [ 1097.967445][T23648] name failslab, interval 1, probability 0, space 0, times 0 [ 1098.228312][T23648] CPU: 0 UID: 0 PID: 23648 Comm: syz.5.5693 Tainted: G L syzkaller #0 PREEMPT(full) [ 1098.228352][T23648] Tainted: [L]=SOFTLOCKUP [ 1098.228361][T23648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1098.228376][T23648] Call Trace: [ 1098.228385][T23648] [ 1098.228396][T23648] dump_stack_lvl+0x100/0x190 [ 1098.228427][T23648] should_fail_ex.cold+0x5/0xa [ 1098.228459][T23648] should_failslab+0xc2/0x120 [ 1098.228488][T23648] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1098.228525][T23648] ? cec_open+0xdb/0x690 [ 1098.228566][T23648] ? __lock_acquire+0x4a5/0x2630 [ 1098.228593][T23648] cec_open+0xdb/0x690 [ 1098.228632][T23648] ? __pfx_cec_open+0x10/0x10 [ 1098.228673][T23648] ? kobject_get_unless_zero+0x156/0x200 [ 1098.228699][T23648] ? find_held_lock+0x2b/0x80 [ 1098.228731][T23648] ? chrdev_open+0x10b/0x6a0 [ 1098.228763][T23648] ? chrdev_open+0x10b/0x6a0 [ 1098.228798][T23648] ? __pfx_cec_open+0x10/0x10 [ 1098.228836][T23648] chrdev_open+0x234/0x6a0 [ 1098.228867][T23648] ? __pfx_apparmor_file_open+0x10/0x10 [ 1098.228908][T23648] ? __pfx_chrdev_open+0x10/0x10 [ 1098.228941][T23648] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1098.228982][T23648] do_dentry_open+0x6d8/0x1660 [ 1098.229012][T23648] ? __pfx_chrdev_open+0x10/0x10 [ 1098.229050][T23648] vfs_open+0x82/0x3f0 [ 1098.229090][T23648] path_openat+0x208c/0x31a0 [ 1098.229132][T23648] ? __pfx_path_openat+0x10/0x10 [ 1098.229174][T23648] do_file_open+0x20e/0x430 [ 1098.229208][T23648] ? __pfx_do_file_open+0x10/0x10 [ 1098.229260][T23648] ? alloc_fd+0x476/0x790 [ 1098.229300][T23648] ? do_getname+0x191/0x390 [ 1098.229341][T23648] do_sys_openat2+0x10d/0x1e0 [ 1098.229380][T23648] ? __pfx_do_sys_openat2+0x10/0x10 [ 1098.229421][T23648] ? do_raw_spin_lock+0x128/0x260 [ 1098.229457][T23648] __x64_sys_openat+0x12d/0x210 [ 1098.229497][T23648] ? __pfx___x64_sys_openat+0x10/0x10 [ 1098.229542][T23648] ? rcu_is_watching+0x12/0xc0 [ 1098.229576][T23648] do_syscall_64+0x10b/0xf80 [ 1098.229613][T23648] ? clear_bhb_loop+0x40/0x90 [ 1098.229643][T23648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1098.229668][T23648] RIP: 0033:0x7ff8fb79ce59 [ 1098.229688][T23648] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1098.229713][T23648] RSP: 002b:00007ff8fc5c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1098.229737][T23648] RAX: ffffffffffffffda RBX: 00007ff8fba16270 RCX: 00007ff8fb79ce59 [ 1098.229754][T23648] RDX: 0000000000101901 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 1098.229771][T23648] RBP: 00007ff8fb832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1098.229787][T23648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1098.229802][T23648] R13: 00007ff8fba16308 R14: 00007ff8fba16270 R15: 00007ffe1a3fba48 [ 1098.229833][T23648] [ 1099.622824][T23661] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5701'. [ 1101.834334][T23666] Process accounting resumed [ 1103.184515][T23703] FAULT_INJECTION: forcing a failure. [ 1103.184515][T23703] name failslab, interval 1, probability 0, space 0, times 0 [ 1103.225782][T23705] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5709'. [ 1103.256564][T23703] CPU: 0 UID: 0 PID: 23703 Comm: syz.5.5710 Tainted: G L syzkaller #0 PREEMPT(full) [ 1103.256603][T23703] Tainted: [L]=SOFTLOCKUP [ 1103.256616][T23703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1103.256632][T23703] Call Trace: [ 1103.256640][T23703] [ 1103.256649][T23703] dump_stack_lvl+0x100/0x190 [ 1103.256682][T23703] should_fail_ex.cold+0x5/0xa [ 1103.256713][T23703] should_failslab+0xc2/0x120 [ 1103.256743][T23703] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1103.256780][T23703] ? drm_atomic_state_alloc+0xb8/0x120 [ 1103.256824][T23703] drm_atomic_state_alloc+0xb8/0x120 [ 1103.256862][T23703] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 1103.256888][T23703] ? rcu_is_watching+0x12/0xc0 [ 1103.256919][T23703] ? trace_contention_end+0x122/0x170 [ 1103.256948][T23703] ? __mutex_lock+0x26d/0x1b10 [ 1103.256995][T23703] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1103.257023][T23703] ? drm_master_internal_acquire+0x21/0x80 [ 1103.257090][T23703] drm_client_modeset_commit_locked+0x14d/0x580 [ 1103.257122][T23703] drm_client_modeset_commit+0x4f/0x80 [ 1103.257149][T23703] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1103.257198][T23703] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1103.257242][T23703] drm_fbdev_client_restore+0x1b/0x30 [ 1103.257275][T23703] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1103.257308][T23703] drm_client_dev_restore+0x205/0x2a0 [ 1103.257356][T23703] drm_release+0x2c6/0x360 [ 1103.257395][T23703] ? __pfx_drm_release+0x10/0x10 [ 1103.257434][T23703] __fput+0x3ff/0xb50 [ 1103.257476][T23703] task_work_run+0x150/0x240 [ 1103.257502][T23703] ? __pfx_task_work_run+0x10/0x10 [ 1103.257531][T23703] ? rcu_is_watching+0x12/0xc0 [ 1103.257564][T23703] exit_to_user_mode_loop+0x107/0x4f0 [ 1103.257589][T23703] ? rcu_is_watching+0x12/0xc0 [ 1103.257622][T23703] do_syscall_64+0x6f2/0xf80 [ 1103.257660][T23703] ? clear_bhb_loop+0x40/0x90 [ 1103.257690][T23703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1103.257715][T23703] RIP: 0033:0x7ff8fb79ce59 [ 1103.257736][T23703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1103.257761][T23703] RSP: 002b:00007ff8fc623028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1103.257784][T23703] RAX: 0000000000000000 RBX: 00007ff8fba15fa0 RCX: 00007ff8fb79ce59 [ 1103.257800][T23703] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1103.257814][T23703] RBP: 00007ff8fb832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1103.257830][T23703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1103.257844][T23703] R13: 00007ff8fba16038 R14: 00007ff8fba15fa0 R15: 00007ffe1a3fba48 [ 1103.257876][T23703] [ 1103.716917][T23709] ubi3: attaching mtd1 [ 1104.176547][T23717] FAULT_INJECTION: forcing a failure. [ 1104.176547][T23717] name failslab, interval 1, probability 0, space 0, times 0 [ 1104.257147][T23717] CPU: 0 UID: 0 PID: 23717 Comm: syz.3.5714 Tainted: G L syzkaller #0 PREEMPT(full) [ 1104.257186][T23717] Tainted: [L]=SOFTLOCKUP [ 1104.257196][T23717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1104.257210][T23717] Call Trace: [ 1104.257218][T23717] [ 1104.257228][T23717] dump_stack_lvl+0x100/0x190 [ 1104.257259][T23717] should_fail_ex.cold+0x5/0xa [ 1104.257291][T23717] should_failslab+0xc2/0x120 [ 1104.257320][T23717] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1104.257360][T23717] ? anon_vma_clone+0x2ba/0xcd0 [ 1104.257399][T23717] anon_vma_clone+0x2ba/0xcd0 [ 1104.257442][T23717] __split_vma+0x51f/0xd90 [ 1104.257483][T23717] ? __pfx___split_vma+0x10/0x10 [ 1104.257536][T23717] vma_modify+0x12ad/0x25c0 [ 1104.257585][T23717] ? __pfx_vma_modify+0x10/0x10 [ 1104.257640][T23717] vma_modify_policy+0x238/0x300 [ 1104.257681][T23717] ? __pfx_vma_modify_policy+0x10/0x10 [ 1104.257721][T23717] ? find_held_lock+0x2b/0x80 [ 1104.257776][T23717] mbind_range+0x175/0x550 [ 1104.257818][T23717] do_mbind+0x7dc/0xfd0 [ 1104.257860][T23717] ? __pfx_do_mbind+0x10/0x10 [ 1104.257895][T23717] ? ksys_write+0x190/0x250 [ 1104.257944][T23717] ? __pfx_get_nodes+0x10/0x10 [ 1104.257978][T23717] kernel_mbind+0x1b7/0x200 [ 1104.258015][T23717] ? __pfx_kernel_mbind+0x10/0x10 [ 1104.258052][T23717] ? rcu_is_watching+0x12/0xc0 [ 1104.258087][T23717] do_syscall_64+0x10b/0xf80 [ 1104.258125][T23717] ? clear_bhb_loop+0x40/0x90 [ 1104.258155][T23717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1104.258180][T23717] RIP: 0033:0x7fb4ee19ce59 [ 1104.258200][T23717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1104.258225][T23717] RSP: 002b:00007fb4ec3f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1104.258247][T23717] RAX: ffffffffffffffda RBX: 00007fb4ee416180 RCX: 00007fb4ee19ce59 [ 1104.258263][T23717] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 1104.258278][T23717] RBP: 00007fb4ee232d6f R08: 0000000000000006 R09: 0000000000000002 [ 1104.258293][T23717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1104.258308][T23717] R13: 00007fb4ee416218 R14: 00007fb4ee416180 R15: 00007ffd4deed158 [ 1104.258338][T23717] [ 1106.392665][T23738] netlink: 'syz.3.5721': attribute type 15 has an invalid length. [ 1106.452353][T23738] netlink: 'syz.3.5721': attribute type 16 has an invalid length. [ 1106.492247][T23738] netlink: 194 bytes leftover after parsing attributes in process `syz.3.5721'. [ 1108.675488][T23777] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5732'. [ 1108.746700][T23777] netlink: 354 bytes leftover after parsing attributes in process `syz.5.5732'. [ 1114.410907][T23876] ubi3: attaching mtd1 [ 1115.480555][ T5635] Bluetooth: hci1: unexpected subevent 0x18 length: 123 > 19 [ 1115.488737][ T5635] Bluetooth: hci1: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 1115.531979][T23892] binder: 23891:23892 ioctl c0306201 200000000000 returned -11 [ 1115.631988][T23894] FAULT_INJECTION: forcing a failure. [ 1115.631988][T23894] name failslab, interval 1, probability 0, space 0, times 0 [ 1115.871010][T23894] CPU: 0 UID: 0 PID: 23894 Comm: syz.3.5759 Tainted: G L syzkaller #0 PREEMPT(full) [ 1115.871050][T23894] Tainted: [L]=SOFTLOCKUP [ 1115.871059][T23894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1115.871075][T23894] Call Trace: [ 1115.871083][T23894] [ 1115.871093][T23894] dump_stack_lvl+0x100/0x190 [ 1115.871126][T23894] should_fail_ex.cold+0x5/0xa [ 1115.871158][T23894] should_failslab+0xc2/0x120 [ 1115.871193][T23894] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1115.871230][T23894] ? cec_open+0xdb/0x690 [ 1115.871267][T23894] ? __lock_acquire+0x4a5/0x2630 [ 1115.871295][T23894] cec_open+0xdb/0x690 [ 1115.871333][T23894] ? __pfx_cec_open+0x10/0x10 [ 1115.871374][T23894] ? kobject_get_unless_zero+0x156/0x200 [ 1115.871400][T23894] ? find_held_lock+0x2b/0x80 [ 1115.871432][T23894] ? chrdev_open+0x10b/0x6a0 [ 1115.871462][T23894] ? chrdev_open+0x10b/0x6a0 [ 1115.871498][T23894] ? __pfx_cec_open+0x10/0x10 [ 1115.871536][T23894] chrdev_open+0x234/0x6a0 [ 1115.871567][T23894] ? __pfx_apparmor_file_open+0x10/0x10 [ 1115.871607][T23894] ? __pfx_chrdev_open+0x10/0x10 [ 1115.871641][T23894] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1115.871684][T23894] do_dentry_open+0x6d8/0x1660 [ 1115.871715][T23894] ? __pfx_chrdev_open+0x10/0x10 [ 1115.871753][T23894] vfs_open+0x82/0x3f0 [ 1115.871794][T23894] path_openat+0x208c/0x31a0 [ 1115.871834][T23894] ? __pfx_path_openat+0x10/0x10 [ 1115.871876][T23894] do_file_open+0x20e/0x430 [ 1115.871910][T23894] ? __pfx_do_file_open+0x10/0x10 [ 1115.871961][T23894] ? alloc_fd+0x476/0x790 [ 1115.871994][T23894] ? do_getname+0x191/0x390 [ 1115.872033][T23894] do_sys_openat2+0x10d/0x1e0 [ 1115.872072][T23894] ? __pfx_do_sys_openat2+0x10/0x10 [ 1115.872112][T23894] ? do_raw_spin_lock+0x128/0x260 [ 1115.872148][T23894] __x64_sys_openat+0x12d/0x210 [ 1115.872194][T23894] ? __pfx___x64_sys_openat+0x10/0x10 [ 1115.872239][T23894] ? rcu_is_watching+0x12/0xc0 [ 1115.872273][T23894] do_syscall_64+0x10b/0xf80 [ 1115.872311][T23894] ? clear_bhb_loop+0x40/0x90 [ 1115.872341][T23894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1115.872367][T23894] RIP: 0033:0x7fb4ee19ce59 [ 1115.872387][T23894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1115.872412][T23894] RSP: 002b:00007fb4ebfd3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1115.872436][T23894] RAX: ffffffffffffffda RBX: 00007fb4ee416270 RCX: 00007fb4ee19ce59 [ 1115.872452][T23894] RDX: 0000000000101901 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 1115.872469][T23894] RBP: 00007fb4ee232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1115.872484][T23894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1115.872499][T23894] R13: 00007fb4ee416308 R14: 00007fb4ee416270 R15: 00007ffd4deed158 [ 1115.872530][T23894] [ 1116.476126][T23898] Process accounting resumed [ 1116.742768][ T5635] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 1116.751309][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.763311][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1119.369367][T23923] Process accounting paused [ 1119.992252][ T5635] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 1120.255345][T23937] FAULT_INJECTION: forcing a failure. [ 1120.255345][T23937] name failslab, interval 1, probability 0, space 0, times 0 [ 1120.330347][T23940] netlink: 202 bytes leftover after parsing attributes in process `syz.3.5772'. [ 1120.350169][T23937] CPU: 0 UID: 0 PID: 23937 Comm: syz.4.5781 Tainted: G L syzkaller #0 PREEMPT(full) [ 1120.350210][T23937] Tainted: [L]=SOFTLOCKUP [ 1120.350219][T23937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1120.350233][T23937] Call Trace: [ 1120.350242][T23937] [ 1120.350251][T23937] dump_stack_lvl+0x100/0x190 [ 1120.350285][T23937] should_fail_ex.cold+0x5/0xa [ 1120.350317][T23937] should_failslab+0xc2/0x120 [ 1120.350347][T23937] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1120.350389][T23937] ? __d_alloc+0x34/0xa40 [ 1120.350427][T23937] ? __pfx_stack_trace_save+0x10/0x10 [ 1120.350467][T23937] __d_alloc+0x34/0xa40 [ 1120.350504][T23937] d_alloc_parallel+0x111/0x14e0 [ 1120.350538][T23937] ? find_held_lock+0x2b/0x80 [ 1120.350571][T23937] ? __d_lookup+0x25c/0x4a0 [ 1120.350595][T23937] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1120.350625][T23937] ? __d_lookup+0x266/0x4a0 [ 1120.350656][T23937] lookup_open.isra.0+0x57c/0x11b0 [ 1120.350689][T23937] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1120.350721][T23937] ? __pfx___might_resched+0x10/0x10 [ 1120.350749][T23937] ? mnt_get_write_access+0x52/0x2f0 [ 1120.350801][T23937] ? __pfx_down_write+0x10/0x10 [ 1120.350826][T23937] ? mnt_get_write_access+0x1e9/0x2f0 [ 1120.350871][T23937] path_openat+0x2291/0x31a0 [ 1120.350909][T23937] ? entry_SYSCALL_64_after_hwframe+0x48/0x7f [ 1120.350938][T23937] ? __pfx_path_openat+0x10/0x10 [ 1120.350988][T23937] do_file_open+0x20e/0x430 [ 1120.351022][T23937] ? __pfx_do_file_open+0x10/0x10 [ 1120.351075][T23937] ? _raw_spin_unlock+0x28/0x50 [ 1120.351107][T23937] ? alloc_fd+0x476/0x790 [ 1120.351146][T23937] do_sys_openat2+0x10d/0x1e0 [ 1120.351186][T23937] ? __pfx_do_sys_openat2+0x10/0x10 [ 1120.351236][T23937] __x64_sys_open+0xfe/0x1d0 [ 1120.351300][T23937] ? __pfx___x64_sys_open+0x10/0x10 [ 1120.351339][T23937] ? ksys_write+0x1ac/0x250 [ 1120.351371][T23937] ? rcu_is_watching+0x12/0xc0 [ 1120.351405][T23937] do_syscall_64+0x10b/0xf80 [ 1120.351442][T23937] ? clear_bhb_loop+0x40/0x90 [ 1120.351473][T23937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1120.351498][T23937] RIP: 0033:0x7f3dd799ce59 [ 1120.351519][T23937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1120.351544][T23937] RSP: 002b:00007f3dd887b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 1120.351568][T23937] RAX: ffffffffffffffda RBX: 00007f3dd7c15fa0 RCX: 00007f3dd799ce59 [ 1120.351586][T23937] RDX: 0000000000000000 RSI: 0000000000149443 RDI: 0000200000000040 [ 1120.351601][T23937] RBP: 00007f3dd7a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1120.351617][T23937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1120.351631][T23937] R13: 00007f3dd7c16038 R14: 00007f3dd7c15fa0 R15: 00007fff9c52bf98 [ 1120.351662][T23937] [ 1124.350461][T23973] ubi3: attaching mtd1 [ 1125.742749][ T5635] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1126.564129][T23972] kexec: Could not allocate control_code_buffer [ 1127.324939][T23996] FAULT_INJECTION: forcing a failure. [ 1127.324939][T23996] name failslab, interval 1, probability 0, space 0, times 0 [ 1127.388766][T23996] CPU: 0 UID: 0 PID: 23996 Comm: syz.4.5790 Tainted: G L syzkaller #0 PREEMPT(full) [ 1127.388808][T23996] Tainted: [L]=SOFTLOCKUP [ 1127.388818][T23996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1127.388833][T23996] Call Trace: [ 1127.388843][T23996] [ 1127.388852][T23996] dump_stack_lvl+0x100/0x190 [ 1127.388884][T23996] should_fail_ex.cold+0x5/0xa [ 1127.388915][T23996] should_failslab+0xc2/0x120 [ 1127.388944][T23996] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1127.388986][T23996] ? alloc_inode+0x183/0x250 [ 1127.389025][T23996] ? do_futex+0x192/0x350 [ 1127.389057][T23996] alloc_inode+0x183/0x250 [ 1127.389095][T23996] create_pipe_files+0x4c/0x970 [ 1127.389132][T23996] do_pipe2+0xbd/0x1e0 [ 1127.389163][T23996] ? __pfx_do_pipe2+0x10/0x10 [ 1127.389194][T23996] ? xfd_validate_state+0x129/0x190 [ 1127.389224][T23996] ? syscall_user_dispatch+0x76/0x130 [ 1127.389256][T23996] __x64_sys_pipe+0x33/0x50 [ 1127.389288][T23996] do_syscall_64+0x10b/0xf80 [ 1127.389325][T23996] ? clear_bhb_loop+0x40/0x90 [ 1127.389355][T23996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1127.389381][T23996] RIP: 0033:0x7f3dd799ce59 [ 1127.389400][T23996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1127.389425][T23996] RSP: 002b:00007f3dd887b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1127.389456][T23996] RAX: ffffffffffffffda RBX: 00007f3dd7c15fa0 RCX: 00007f3dd799ce59 [ 1127.389473][T23996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1127.389488][T23996] RBP: 00007f3dd7a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1127.389503][T23996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1127.389519][T23996] R13: 00007f3dd7c16038 R14: 00007f3dd7c15fa0 R15: 00007fff9c52bf98 [ 1127.389550][T23996] [ 1128.838055][T24013] zswap: compressor not available [ 1130.593883][T24020] kexec: Could not allocate control_code_buffer [ 1131.650534][T24043] ubi3: attaching mtd1 [ 1132.986531][T24039] Process accounting paused [ 1133.828383][T24064] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1134.023051][T24072] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5817'. [ 1134.125840][T24069] smpboot: CPU 1 is now offline [ 1134.172750][T24069] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 1135.557175][T24071] kexec: Could not allocate control_code_buffer [ 1136.772475][ T5635] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 1141.698071][T24154] ubi3: attaching mtd1 [ 1146.840901][T24204] Process accounting paused [ 1148.092367][T24229] ubi3: attaching mtd1 [ 1148.701258][T24237] vhci_hcd vhci_hcd.2: invalid port number 111 [ 1148.732529][T24237] vhci_hcd vhci_hcd.2: default hub control req: a356 va1b7 i006f l230 [ 1149.011199][T24240] FAULT_INJECTION: forcing a failure. [ 1149.011199][T24240] name failslab, interval 1, probability 0, space 0, times 0 [ 1149.074716][T24240] CPU: 0 UID: 0 PID: 24240 Comm: syz.0.5848 Tainted: G L syzkaller #0 PREEMPT(full) [ 1149.074756][T24240] Tainted: [L]=SOFTLOCKUP [ 1149.074766][T24240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1149.074781][T24240] Call Trace: [ 1149.074789][T24240] [ 1149.074799][T24240] dump_stack_lvl+0x100/0x190 [ 1149.074832][T24240] should_fail_ex.cold+0x5/0xa [ 1149.074863][T24240] should_failslab+0xc2/0x120 [ 1149.074894][T24240] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1149.074931][T24240] ? snd_seq_oss_readq_new+0x4a/0x290 [ 1149.074965][T24240] snd_seq_oss_readq_new+0x4a/0x290 [ 1149.074994][T24240] snd_seq_oss_open+0x476/0xa10 [ 1149.075035][T24240] odev_open+0x6f/0x90 [ 1149.075066][T24240] ? __pfx_odev_open+0x10/0x10 [ 1149.075103][T24240] soundcore_open+0x2e3/0x5a0 [ 1149.075147][T24240] ? __pfx_soundcore_open+0x10/0x10 [ 1149.075180][T24240] chrdev_open+0x234/0x6a0 [ 1149.075211][T24240] ? __pfx_apparmor_file_open+0x10/0x10 [ 1149.075260][T24240] ? __pfx_chrdev_open+0x10/0x10 [ 1149.075299][T24240] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1149.075340][T24240] do_dentry_open+0x6d8/0x1660 [ 1149.075377][T24240] ? __pfx_chrdev_open+0x10/0x10 [ 1149.075417][T24240] vfs_open+0x82/0x3f0 [ 1149.075458][T24240] path_openat+0x208c/0x31a0 [ 1149.075500][T24240] ? __pfx_path_openat+0x10/0x10 [ 1149.075543][T24240] do_file_open+0x20e/0x430 [ 1149.075577][T24240] ? __pfx_do_file_open+0x10/0x10 [ 1149.075630][T24240] ? alloc_fd+0x476/0x790 [ 1149.075663][T24240] ? do_getname+0x191/0x390 [ 1149.075703][T24240] do_sys_openat2+0x10d/0x1e0 [ 1149.075745][T24240] ? __pfx_do_sys_openat2+0x10/0x10 [ 1149.075795][T24240] __x64_sys_openat+0x12d/0x210 [ 1149.075836][T24240] ? __pfx___x64_sys_openat+0x10/0x10 [ 1149.075874][T24240] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 1149.075905][T24240] ? rcu_is_watching+0x12/0xc0 [ 1149.075939][T24240] do_syscall_64+0x10b/0xf80 [ 1149.075976][T24240] ? clear_bhb_loop+0x40/0x90 [ 1149.076007][T24240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1149.076032][T24240] RIP: 0033:0x7f6046b9ce59 [ 1149.076052][T24240] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1149.076077][T24240] RSP: 002b:00007f6047988028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1149.076100][T24240] RAX: ffffffffffffffda RBX: 00007f6046e15fa0 RCX: 00007f6046b9ce59 [ 1149.076124][T24240] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1149.076140][T24240] RBP: 00007f6046c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1149.076155][T24240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1149.076170][T24240] R13: 00007f6046e16038 R14: 00007f6046e15fa0 R15: 00007fff897a8338 [ 1149.076201][T24240] [ 1150.081085][T24246] netlink: 186 bytes leftover after parsing attributes in process `syz.0.5850'. [ 1151.704745][T24233] Process accounting resumed [ 1152.863126][T24267] FAULT_INJECTION: forcing a failure. [ 1152.863126][T24267] name failslab, interval 1, probability 0, space 0, times 0 [ 1153.060829][T24267] CPU: 0 UID: 0 PID: 24267 Comm: syz.0.5854 Tainted: G L syzkaller #0 PREEMPT(full) [ 1153.060871][T24267] Tainted: [L]=SOFTLOCKUP [ 1153.060880][T24267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1153.060895][T24267] Call Trace: [ 1153.060903][T24267] [ 1153.060913][T24267] dump_stack_lvl+0x100/0x190 [ 1153.060945][T24267] should_fail_ex.cold+0x5/0xa [ 1153.060984][T24267] should_failslab+0xc2/0x120 [ 1153.061019][T24267] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1153.061056][T24267] ? cec_open+0xdb/0x690 [ 1153.061093][T24267] ? __lock_acquire+0x4a5/0x2630 [ 1153.061120][T24267] cec_open+0xdb/0x690 [ 1153.061159][T24267] ? __pfx_cec_open+0x10/0x10 [ 1153.061199][T24267] ? kobject_get_unless_zero+0x156/0x200 [ 1153.061226][T24267] ? find_held_lock+0x2b/0x80 [ 1153.061257][T24267] ? chrdev_open+0x10b/0x6a0 [ 1153.061288][T24267] ? chrdev_open+0x10b/0x6a0 [ 1153.061323][T24267] ? __pfx_cec_open+0x10/0x10 [ 1153.061360][T24267] chrdev_open+0x234/0x6a0 [ 1153.061390][T24267] ? __pfx_apparmor_file_open+0x10/0x10 [ 1153.061431][T24267] ? __pfx_chrdev_open+0x10/0x10 [ 1153.061464][T24267] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1153.061503][T24267] do_dentry_open+0x6d8/0x1660 [ 1153.061534][T24267] ? __pfx_chrdev_open+0x10/0x10 [ 1153.061577][T24267] vfs_open+0x82/0x3f0 [ 1153.061618][T24267] path_openat+0x208c/0x31a0 [ 1153.061659][T24267] ? __pfx_path_openat+0x10/0x10 [ 1153.061700][T24267] do_file_open+0x20e/0x430 [ 1153.061734][T24267] ? __pfx_do_file_open+0x10/0x10 [ 1153.061785][T24267] ? alloc_fd+0x476/0x790 [ 1153.061864][T24267] ? do_getname+0x191/0x390 [ 1153.061904][T24267] do_sys_openat2+0x10d/0x1e0 [ 1153.061942][T24267] ? __pfx_do_sys_openat2+0x10/0x10 [ 1153.061983][T24267] ? do_raw_spin_lock+0x128/0x260 [ 1153.062020][T24267] __x64_sys_openat+0x12d/0x210 [ 1153.062060][T24267] ? __pfx___x64_sys_openat+0x10/0x10 [ 1153.062106][T24267] ? rcu_is_watching+0x12/0xc0 [ 1153.062140][T24267] do_syscall_64+0x10b/0xf80 [ 1153.062177][T24267] ? clear_bhb_loop+0x40/0x90 [ 1153.062207][T24267] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1153.062233][T24267] RIP: 0033:0x7f6046b9ce59 [ 1153.062253][T24267] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1153.062278][T24267] RSP: 002b:00007f60449b2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1153.062302][T24267] RAX: ffffffffffffffda RBX: 00007f6046e16270 RCX: 00007f6046b9ce59 [ 1153.062319][T24267] RDX: 0000000000101901 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 1153.062335][T24267] RBP: 00007f6046c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1153.062350][T24267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1153.062364][T24267] R13: 00007f6046e16308 R14: 00007f6046e16270 R15: 00007fff897a8338 [ 1153.062395][T24267] [ 1154.852124][T24279] ubi3: attaching mtd1 [ 1158.265965][T24317] netlink: 54 bytes leftover after parsing attributes in process `syz.5.5865'. [ 1159.179354][T24334] FAULT_INJECTION: forcing a failure. [ 1159.179354][T24334] name failslab, interval 1, probability 0, space 0, times 0 [ 1159.470860][T24334] CPU: 0 UID: 0 PID: 24334 Comm: syz.0.5867 Tainted: G L syzkaller #0 PREEMPT(full) [ 1159.470901][T24334] Tainted: [L]=SOFTLOCKUP [ 1159.470911][T24334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1159.470926][T24334] Call Trace: [ 1159.470933][T24334] [ 1159.470943][T24334] dump_stack_lvl+0x100/0x190 [ 1159.470975][T24334] should_fail_ex.cold+0x5/0xa [ 1159.471007][T24334] should_failslab+0xc2/0x120 [ 1159.471037][T24334] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1159.471074][T24334] ? cec_open+0xdb/0x690 [ 1159.471111][T24334] ? __lock_acquire+0x4a5/0x2630 [ 1159.471139][T24334] cec_open+0xdb/0x690 [ 1159.471178][T24334] ? __pfx_cec_open+0x10/0x10 [ 1159.471218][T24334] ? kobject_get_unless_zero+0x156/0x200 [ 1159.471244][T24334] ? find_held_lock+0x2b/0x80 [ 1159.471276][T24334] ? chrdev_open+0x10b/0x6a0 [ 1159.471307][T24334] ? chrdev_open+0x10b/0x6a0 [ 1159.471343][T24334] ? __pfx_cec_open+0x10/0x10 [ 1159.471380][T24334] chrdev_open+0x234/0x6a0 [ 1159.471410][T24334] ? __pfx_apparmor_file_open+0x10/0x10 [ 1159.471452][T24334] ? __pfx_chrdev_open+0x10/0x10 [ 1159.471485][T24334] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1159.471525][T24334] do_dentry_open+0x6d8/0x1660 [ 1159.471555][T24334] ? __pfx_chrdev_open+0x10/0x10 [ 1159.471593][T24334] vfs_open+0x82/0x3f0 [ 1159.471634][T24334] path_openat+0x208c/0x31a0 [ 1159.471675][T24334] ? __pfx_path_openat+0x10/0x10 [ 1159.471723][T24334] do_file_open+0x20e/0x430 [ 1159.471758][T24334] ? __pfx_do_file_open+0x10/0x10 [ 1159.471810][T24334] ? alloc_fd+0x476/0x790 [ 1159.471844][T24334] ? do_getname+0x191/0x390 [ 1159.471884][T24334] do_sys_openat2+0x10d/0x1e0 [ 1159.471923][T24334] ? __pfx_do_sys_openat2+0x10/0x10 [ 1159.471969][T24334] ? do_raw_spin_lock+0x128/0x260 [ 1159.472005][T24334] __x64_sys_openat+0x12d/0x210 [ 1159.472045][T24334] ? __pfx___x64_sys_openat+0x10/0x10 [ 1159.472090][T24334] ? rcu_is_watching+0x12/0xc0 [ 1159.472124][T24334] do_syscall_64+0x10b/0xf80 [ 1159.472161][T24334] ? clear_bhb_loop+0x40/0x90 [ 1159.472191][T24334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1159.472216][T24334] RIP: 0033:0x7f6046b9ce59 [ 1159.472237][T24334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1159.472261][T24334] RSP: 002b:00007f60449b2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1159.472284][T24334] RAX: ffffffffffffffda RBX: 00007f6046e16270 RCX: 00007f6046b9ce59 [ 1159.472301][T24334] RDX: 0000000000101901 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 1159.472317][T24334] RBP: 00007f6046c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1159.472332][T24334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1159.472347][T24334] R13: 00007f6046e16308 R14: 00007f6046e16270 R15: 00007fff897a8338 [ 1159.472378][T24334] [ 1161.382621][T24363] ubi3: attaching mtd1 [ 1161.891289][T24370] netlink: 'syz.0.5881': attribute type 15 has an invalid length. [ 1161.936339][T24370] netlink: 'syz.0.5881': attribute type 16 has an invalid length. [ 1161.972796][T24370] netlink: 194 bytes leftover after parsing attributes in process `syz.0.5881'. [ 1163.143727][T24385] Process accounting resumed [ 1163.879705][T24405] netlink: 306 bytes leftover after parsing attributes in process `syz.0.5892'. [ 1164.691135][T24417] netlink: 9 bytes leftover after parsing attributes in process `syz.4.5903'. [ 1164.797879][T24417] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5903'. [ 1165.194964][T24429] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5898'. [ 1165.262561][T24430] netlink: 25 bytes leftover after parsing attributes in process `syz.5.5898'. [ 1166.781424][T24463] netlink: 'syz.4.5910': attribute type 1 has an invalid length. [ 1166.790582][T24464] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input10 [ 1168.011985][T24483] netlink: 'syz.5.5915': attribute type 10 has an invalid length. [ 1168.045867][T24483] netlink: 230 bytes leftover after parsing attributes in process `syz.5.5915'. [ 1171.094080][T24503] kexec: Could not allocate control_code_buffer [ 1172.080223][T24538] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5932'. [ 1172.134542][T24538] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1172.196856][T24538] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1174.719628][T24575] FAULT_INJECTION: forcing a failure. [ 1174.719628][T24575] name failslab, interval 1, probability 0, space 0, times 0 [ 1174.784661][T24575] CPU: 0 UID: 0 PID: 24575 Comm: syz.5.5943 Tainted: G L syzkaller #0 PREEMPT(full) [ 1174.784700][T24575] Tainted: [L]=SOFTLOCKUP [ 1174.784709][T24575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1174.784725][T24575] Call Trace: [ 1174.784733][T24575] [ 1174.784743][T24575] dump_stack_lvl+0x100/0x190 [ 1174.784775][T24575] should_fail_ex.cold+0x5/0xa [ 1174.784806][T24575] ? ops_init+0x77/0x5f0 [ 1174.784837][T24575] should_failslab+0xc2/0x120 [ 1174.784867][T24575] __kmalloc_noprof+0xe0/0x850 [ 1174.784890][T24575] ? mutex_init_lockdep+0xf1/0x120 [ 1174.784920][T24575] ops_init+0x77/0x5f0 [ 1174.784952][T24575] setup_net+0x118/0x3a0 [ 1174.784982][T24575] ? __pfx_setup_net+0x10/0x10 [ 1174.785012][T24575] ? mutex_init_lockdep+0xf1/0x120 [ 1174.785043][T24575] copy_net_ns+0x46f/0x7c0 [ 1174.785079][T24575] create_new_namespaces+0x3ea/0xac0 [ 1174.785118][T24575] unshare_nsproxy_namespaces+0xf2/0x220 [ 1174.785154][T24575] ksys_unshare+0x438/0xab0 [ 1174.785193][T24575] ? __pfx_ksys_unshare+0x10/0x10 [ 1174.785229][T24575] ? xfd_validate_state+0x129/0x190 [ 1174.785254][T24575] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 1174.785289][T24575] __x64_sys_unshare+0x31/0x40 [ 1174.785326][T24575] do_syscall_64+0x10b/0xf80 [ 1174.785363][T24575] ? clear_bhb_loop+0x40/0x90 [ 1174.785394][T24575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1174.785419][T24575] RIP: 0033:0x7ff8fb79ce59 [ 1174.785439][T24575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1174.785470][T24575] RSP: 002b:00007ff8fc623028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1174.785495][T24575] RAX: ffffffffffffffda RBX: 00007ff8fba15fa0 RCX: 00007ff8fb79ce59 [ 1174.785512][T24575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1174.785527][T24575] RBP: 00007ff8fb832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1174.785543][T24575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1174.785558][T24575] R13: 00007ff8fba16038 R14: 00007ff8fba15fa0 R15: 00007ffe1a3fba48 [ 1174.785589][T24575] [ 1175.430252][T24582] bond0: invalid ARP target specified [ 1176.094206][T24584] MTRR 2 not used [ 1176.254688][T24588] vcan0: tx drop: invalid da for name 0x000000000000003f [ 1176.753597][T24607] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 1176.952826][T24587] Process accounting resumed [ 1178.122497][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1178.129113][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1178.471761][T24633] zswap: compressor not available [ 1179.013711][T24654] FAULT_INJECTION: forcing a failure. [ 1179.013711][T24654] name failslab, interval 1, probability 0, space 0, times 0 [ 1179.107518][T24654] CPU: 0 UID: 0 PID: 24654 Comm: syz.5.5959 Tainted: G L syzkaller #0 PREEMPT(full) [ 1179.107558][T24654] Tainted: [L]=SOFTLOCKUP [ 1179.107567][T24654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1179.107583][T24654] Call Trace: [ 1179.107591][T24654] [ 1179.107600][T24654] dump_stack_lvl+0x100/0x190 [ 1179.107633][T24654] should_fail_ex.cold+0x5/0xa [ 1179.107665][T24654] should_failslab+0xc2/0x120 [ 1179.107695][T24654] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1179.107732][T24654] ? trace_pid_list_alloc+0x2fe/0x480 [ 1179.107774][T24654] trace_pid_list_alloc+0x2fe/0x480 [ 1179.107813][T24654] trace_pid_write+0x110/0x460 [ 1179.107849][T24654] ? __pfx_trace_pid_write+0x10/0x10 [ 1179.107902][T24654] event_pid_write.isra.0+0x1e4/0x7d0 [ 1179.107942][T24654] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 1179.107989][T24654] vfs_write+0x2aa/0x1070 [ 1179.108019][T24654] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 1179.108060][T24654] ? __pfx_vfs_write+0x10/0x10 [ 1179.108088][T24654] ? __fget_files+0x215/0x3d0 [ 1179.108125][T24654] ? __fget_files+0x21f/0x3d0 [ 1179.108162][T24654] ksys_write+0x12a/0x250 [ 1179.108197][T24654] ? __pfx_ksys_write+0x10/0x10 [ 1179.108229][T24654] ? rcu_is_watching+0x12/0xc0 [ 1179.108263][T24654] do_syscall_64+0x10b/0xf80 [ 1179.108301][T24654] ? clear_bhb_loop+0x40/0x90 [ 1179.108331][T24654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1179.108356][T24654] RIP: 0033:0x7ff8fb79ce59 [ 1179.108376][T24654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1179.108400][T24654] RSP: 002b:00007ff8fc623028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1179.108423][T24654] RAX: ffffffffffffffda RBX: 00007ff8fba15fa0 RCX: 00007ff8fb79ce59 [ 1179.108439][T24654] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1179.108457][T24654] RBP: 00007ff8fb832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1179.108472][T24654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1179.108487][T24654] R13: 00007ff8fba16038 R14: 00007ff8fba15fa0 R15: 00007ffe1a3fba48 [ 1179.108519][T24654] [ 1179.833875][T24663] netlink: 'syz.3.5963': attribute type 10 has an invalid length. [ 1179.853708][T24666] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 1179.884128][T24663] netlink: 'syz.3.5963': attribute type 13 has an invalid length. [ 1182.126395][T24700] Process accounting paused [ 1182.406290][ T5635] Bluetooth: hci0: unexpected subevent 0x01 length: 3 < 18 [ 1183.718039][T24732] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5983'. [ 1184.606216][T24753] netlink: 13 bytes leftover after parsing attributes in process `syz.5.5989'. [ 1186.565570][T24782] ACPI: button: Initial lid state set to 'ignore' [ 1188.492445][T24784] kexec: Could not allocate control_code_buffer [ 1189.736209][ T5635] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 1191.632687][T24876] FAULT_INJECTION: forcing a failure. [ 1191.632687][T24876] name failslab, interval 1, probability 0, space 0, times 0 [ 1191.719125][T24876] CPU: 0 UID: 0 PID: 24876 Comm: syz.5.6027 Tainted: G L syzkaller #0 PREEMPT(full) [ 1191.719167][T24876] Tainted: [L]=SOFTLOCKUP [ 1191.719177][T24876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1191.719192][T24876] Call Trace: [ 1191.719210][T24876] [ 1191.719220][T24876] dump_stack_lvl+0x100/0x190 [ 1191.719254][T24876] should_fail_ex.cold+0x5/0xa [ 1191.719285][T24876] should_failslab+0xc2/0x120 [ 1191.719316][T24876] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1191.719343][T24876] ? kasprintf+0xc7/0x100 [ 1191.719370][T24876] ? __lock_acquire+0x4a5/0x2630 [ 1191.719405][T24876] kvasprintf+0xbc/0x150 [ 1191.719430][T24876] ? __pfx_kvasprintf+0x10/0x10 [ 1191.719467][T24876] kasprintf+0xc7/0x100 [ 1191.719493][T24876] ? __pfx_kasprintf+0x10/0x10 [ 1191.719521][T24876] ? __is_module_percpu_address+0x1c2/0x430 [ 1191.719571][T24876] wq_init_lockdep+0x3f/0xe0 [ 1191.719608][T24876] alloc_workqueue_noprof+0xdc/0x130 [ 1191.719646][T24876] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 1191.719690][T24876] ? __pfx___debug_object_init+0x10/0x10 [ 1191.719736][T24876] nci_register_device+0x21e/0xb80 [ 1191.719769][T24876] ? __pfx_nci_register_device+0x10/0x10 [ 1191.719804][T24876] ? lockdep_init_map_type+0x5c/0x250 [ 1191.719834][T24876] virtual_ncidev_open+0x141/0x220 [ 1191.719875][T24876] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1191.719914][T24876] misc_open+0x26d/0x450 [ 1191.719945][T24876] ? __pfx_misc_open+0x10/0x10 [ 1191.719980][T24876] chrdev_open+0x234/0x6a0 [ 1191.720013][T24876] ? __pfx_apparmor_file_open+0x10/0x10 [ 1191.720053][T24876] ? __pfx_chrdev_open+0x10/0x10 [ 1191.720087][T24876] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1191.720126][T24876] do_dentry_open+0x6d8/0x1660 [ 1191.720156][T24876] ? __pfx_chrdev_open+0x10/0x10 [ 1191.720195][T24876] vfs_open+0x82/0x3f0 [ 1191.720235][T24876] path_openat+0x208c/0x31a0 [ 1191.720276][T24876] ? __pfx_path_openat+0x10/0x10 [ 1191.720318][T24876] do_file_open+0x20e/0x430 [ 1191.720352][T24876] ? __pfx_do_file_open+0x10/0x10 [ 1191.720411][T24876] ? alloc_fd+0x476/0x790 [ 1191.720445][T24876] ? do_getname+0x191/0x390 [ 1191.720486][T24876] do_sys_openat2+0x10d/0x1e0 [ 1191.720525][T24876] ? __pfx_do_sys_openat2+0x10/0x10 [ 1191.720575][T24876] __x64_sys_openat+0x12d/0x210 [ 1191.720615][T24876] ? __pfx___x64_sys_openat+0x10/0x10 [ 1191.720660][T24876] ? rcu_is_watching+0x12/0xc0 [ 1191.720694][T24876] do_syscall_64+0x10b/0xf80 [ 1191.720731][T24876] ? clear_bhb_loop+0x40/0x90 [ 1191.720761][T24876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1191.720787][T24876] RIP: 0033:0x7ff8fb79ce59 [ 1191.720808][T24876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1191.720831][T24876] RSP: 002b:00007ff8fc602028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1191.720855][T24876] RAX: ffffffffffffffda RBX: 00007ff8fba16090 RCX: 00007ff8fb79ce59 [ 1191.720873][T24876] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1191.720889][T24876] RBP: 00007ff8fb832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1191.720905][T24876] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1191.720920][T24876] R13: 00007ff8fba16128 R14: 00007ff8fba16090 R15: 00007ffe1a3fba48 [ 1191.720952][T24876] [ 1192.501590][T24876] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 1192.524300][T24882] netlink: 25 bytes leftover after parsing attributes in process `syz.0.6028'. [ 1192.771816][T24887] usb usb2: usbfs: process 24887 (syz.5.6030) did not claim interface 4 before use [ 1193.742854][T24867] Process accounting paused [ 1194.818484][T24914] zswap: compressor û not available [ 1195.356010][T24927] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer. [ 1196.022128][T24941] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6048'. [ 1196.286866][ T5635] block nbd3: Receive control failed (result -32) [ 1196.572693][T24946] zswap: compressor û not available [ 1196.906053][T24963] &#$@\]\-: entered promiscuous mode [ 1199.637268][T24994] zswap: compressor û not available [ 1202.019096][T25029] random: crng reseeded on system resumption [ 1207.404759][T25095] Process accounting paused [ 1211.913882][T25147] FAULT_INJECTION: forcing a failure. [ 1211.913882][T25147] name failslab, interval 1, probability 0, space 0, times 0 [ 1212.035577][T25147] CPU: 0 UID: 0 PID: 25147 Comm: syz.3.6110 Tainted: G L syzkaller #0 PREEMPT(full) [ 1212.035618][T25147] Tainted: [L]=SOFTLOCKUP [ 1212.035627][T25147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1212.035642][T25147] Call Trace: [ 1212.035650][T25147] [ 1212.035660][T25147] dump_stack_lvl+0x100/0x190 [ 1212.035691][T25147] should_fail_ex.cold+0x5/0xa [ 1212.035723][T25147] should_failslab+0xc2/0x120 [ 1212.035752][T25147] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1212.035789][T25147] ? ima_calc_file_hash_tfm+0x236/0x350 [ 1212.035830][T25147] ? sha256_init+0xd/0xc0 [ 1212.035859][T25147] ima_calc_file_hash_tfm+0x236/0x350 [ 1212.035901][T25147] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1212.035973][T25147] ? look_up_lock_class+0x55/0x120 [ 1212.036012][T25147] ? ima_alloc_tfm+0x21a/0x2e0 [ 1212.036055][T25147] ima_calc_file_hash+0x1e3/0x380 [ 1212.036080][T25147] ima_collect_measurement+0x94f/0xb30 [ 1212.036112][T25147] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1212.036153][T25147] ? process_measurement+0x5ab/0x2350 [ 1212.036234][T25147] ? is_bad_inode+0xd/0x40 [ 1212.036260][T25147] ? xattr_resolve_name+0x27d/0x3f0 [ 1212.036294][T25147] ? vfs_getxattr_alloc+0xec/0x350 [ 1212.036331][T25147] ? ima_get_hash_algo+0x22d/0x400 [ 1212.036366][T25147] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1212.036407][T25147] ? process_measurement+0xdfe/0x2350 [ 1212.036443][T25147] process_measurement+0xdfe/0x2350 [ 1212.036488][T25147] ? stack_trace_save+0x8e/0xc0 [ 1212.036523][T25147] ? __pfx_process_measurement+0x10/0x10 [ 1212.036562][T25147] ? __lock_acquire+0x4a5/0x2630 [ 1212.036587][T25147] ? __kasan_slab_alloc+0x89/0x90 [ 1212.036612][T25147] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1212.036652][T25147] ? init_file+0x95/0x480 [ 1212.036688][T25147] ? alloc_empty_file+0x79/0x1c0 [ 1212.036723][T25147] ? alloc_file_pseudo+0x13a/0x230 [ 1212.036759][T25147] ? ksys_mmap_pgoff+0x242/0x610 [ 1212.036787][T25147] ? __x64_sys_mmap+0x125/0x190 [ 1212.036812][T25147] ? do_syscall_64+0x10b/0xf80 [ 1212.036876][T25147] ? __pfx_aa_file_perm+0x10/0x10 [ 1212.036917][T25147] ima_file_mmap+0x1c4/0x1f0 [ 1212.036956][T25147] ? __pfx_ima_file_mmap+0x10/0x10 [ 1212.037002][T25147] security_mmap_file+0x278/0x9b0 [ 1212.037033][T25147] vm_mmap_pgoff+0xec/0x470 [ 1212.037067][T25147] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1212.037097][T25147] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1212.037136][T25147] ? hugetlbfs_get_inode+0x3f5/0x700 [ 1212.037186][T25147] ksys_mmap_pgoff+0x285/0x610 [ 1212.037220][T25147] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1212.037250][T25147] ? xfd_validate_state+0x129/0x190 [ 1212.037281][T25147] __x64_sys_mmap+0x125/0x190 [ 1212.037312][T25147] do_syscall_64+0x10b/0xf80 [ 1212.037348][T25147] ? clear_bhb_loop+0x40/0x90 [ 1212.037378][T25147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1212.037403][T25147] RIP: 0033:0x7fb4ee19ce59 [ 1212.037424][T25147] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1212.037448][T25147] RSP: 002b:00007fb4eef9c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1212.037471][T25147] RAX: ffffffffffffffda RBX: 00007fb4ee415fa0 RCX: 00007fb4ee19ce59 [ 1212.037487][T25147] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 1212.037503][T25147] RBP: 00007fb4ee232d6f R08: 0000000000000401 R09: 0000300000000000 [ 1212.037519][T25147] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1212.037533][T25147] R13: 00007fb4ee416038 R14: 00007fb4ee415fa0 R15: 00007ffd4deed158 [ 1212.037565][T25147] [ 1212.897110][T25147] Process accounting resumed [ 1212.996973][ T30] audit: type=1800 audit(4294967437.453:26): pid=25147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6110" name="anon_hugepage" dev="hugetlbfs" ino=110601 res=0 errno=0 [ 1213.328959][T25156] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input13 [ 1215.115841][T25180] netlink: 'syz.0.6119': attribute type 1 has an invalid length. [ 1215.165565][T25180] netlink: 13 bytes leftover after parsing attributes in process `syz.0.6119'. [ 1215.213252][T25180] netlink: 'syz.0.6119': attribute type 1 has an invalid length. [ 1215.345057][T25184] FAULT_INJECTION: forcing a failure. [ 1215.345057][T25184] name failslab, interval 1, probability 0, space 0, times 0 [ 1215.427622][T25184] CPU: 0 UID: 0 PID: 25184 Comm: syz.3.6120 Tainted: G L syzkaller #0 PREEMPT(full) [ 1215.427666][T25184] Tainted: [L]=SOFTLOCKUP [ 1215.427676][T25184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1215.427692][T25184] Call Trace: [ 1215.427701][T25184] [ 1215.427710][T25184] dump_stack_lvl+0x100/0x190 [ 1215.427742][T25184] should_fail_ex.cold+0x5/0xa [ 1215.427774][T25184] should_failslab+0xc2/0x120 [ 1215.427804][T25184] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1215.427841][T25184] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 1215.427887][T25184] snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 1215.427928][T25184] ? lockdep_hardirqs_on+0x78/0x100 [ 1215.427967][T25184] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1215.428013][T25184] ? snd_pcm_oss_change_params_locked+0xa40/0x39f0 [ 1215.428052][T25184] ? snd_pcm_oss_change_params_locked+0xa6d/0x39f0 [ 1215.428092][T25184] ? kfree+0x223/0x6c0 [ 1215.428131][T25184] snd_pcm_oss_change_params_locked+0xae1/0x39f0 [ 1215.428182][T25184] ? find_held_lock+0x2b/0x80 [ 1215.428215][T25184] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1215.428255][T25184] ? __pfx___mutex_lock+0x10/0x10 [ 1215.428313][T25184] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1215.428359][T25184] snd_pcm_oss_ioctl+0x25e1/0x37c0 [ 1215.428400][T25184] ? __fget_files+0x215/0x3d0 [ 1215.428428][T25184] ? hook_file_ioctl_common+0x149/0x410 [ 1215.428457][T25184] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1215.428499][T25184] ? __fget_files+0x21f/0x3d0 [ 1215.428534][T25184] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1215.428575][T25184] __x64_sys_ioctl+0x18e/0x210 [ 1215.428603][T25184] do_syscall_64+0x10b/0xf80 [ 1215.428640][T25184] ? clear_bhb_loop+0x40/0x90 [ 1215.428670][T25184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1215.428695][T25184] RIP: 0033:0x7fb4ee19ce59 [ 1215.428716][T25184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1215.428741][T25184] RSP: 002b:00007fb4eef7b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1215.428764][T25184] RAX: ffffffffffffffda RBX: 00007fb4ee416090 RCX: 00007fb4ee19ce59 [ 1215.428781][T25184] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000004 [ 1215.428796][T25184] RBP: 00007fb4ee232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1215.428811][T25184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1215.428826][T25184] R13: 00007fb4ee416128 R14: 00007fb4ee416090 R15: 00007ffd4deed158 [ 1215.428857][T25184] [ 1219.414562][T25237] netlink: 306 bytes leftover after parsing attributes in process `syz.5.6147'. [ 1221.537155][T25261] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6144'. [ 1221.620377][T25262] ubi3: attaching mtd1 [ 1223.680114][T25294] random: crng reseeded on system resumption [ 1224.900180][T25289] Process accounting resumed [ 1225.141634][T25321] FAULT_INJECTION: forcing a failure. [ 1225.141634][T25321] name failslab, interval 1, probability 0, space 0, times 0 [ 1225.215632][T25321] CPU: 0 UID: 0 PID: 25321 Comm: syz.5.6162 Tainted: G L syzkaller #0 PREEMPT(full) [ 1225.215671][T25321] Tainted: [L]=SOFTLOCKUP [ 1225.215679][T25321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1225.215694][T25321] Call Trace: [ 1225.215702][T25321] [ 1225.215711][T25321] dump_stack_lvl+0x100/0x190 [ 1225.215743][T25321] should_fail_ex.cold+0x5/0xa [ 1225.215774][T25321] should_failslab+0xc2/0x120 [ 1225.215803][T25321] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1225.215843][T25321] ? anon_vma_clone+0x2ba/0xcd0 [ 1225.215881][T25321] anon_vma_clone+0x2ba/0xcd0 [ 1225.215924][T25321] anon_vma_fork+0x1bb/0x6b0 [ 1225.215964][T25321] dup_mmap+0x141f/0x2180 [ 1225.216008][T25321] ? __pfx_dup_mmap+0x10/0x10 [ 1225.216038][T25321] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1225.216079][T25321] ? __lock_acquire+0x4a5/0x2630 [ 1225.216104][T25321] ? find_held_lock+0x2b/0x80 [ 1225.216135][T25321] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 1225.216185][T25321] copy_process+0x6c78/0x7ed0 [ 1225.216219][T25321] ? futex_unqueue+0x133/0x2c0 [ 1225.216260][T25321] ? __pfx_copy_process+0x10/0x10 [ 1225.216302][T25321] ? _copy_from_user+0x59/0xd0 [ 1225.216330][T25321] kernel_clone+0x12e/0x9c0 [ 1225.216367][T25321] ? __pfx_kernel_clone+0x10/0x10 [ 1225.216411][T25321] ? __pfx_futex_wait+0x10/0x10 [ 1225.216451][T25321] __do_sys_clone3+0x214/0x290 [ 1225.216486][T25321] ? __pfx___do_sys_clone3+0x10/0x10 [ 1225.216534][T25321] ? find_held_lock+0x2b/0x80 [ 1225.216582][T25321] ? rcu_is_watching+0x12/0xc0 [ 1225.216622][T25321] do_syscall_64+0x10b/0xf80 [ 1225.216658][T25321] ? clear_bhb_loop+0x40/0x90 [ 1225.216691][T25321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1225.216716][T25321] RIP: 0033:0x7ff8fb79ce59 [ 1225.216736][T25321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1225.216760][T25321] RSP: 002b:00007ff8fc601ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1225.216783][T25321] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007ff8fb79ce59 [ 1225.216798][T25321] RDX: 00007ff8fc601f10 RSI: 0000000000000058 RDI: 00007ff8fc601f10 [ 1225.216814][T25321] RBP: 00007ff8fb832d6f R08: 0000000000000000 R09: 0000000000000058 [ 1225.216828][T25321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1225.216843][T25321] R13: 00007ff8fba16128 R14: 00007ff8fba16090 R15: 00007ffe1a3fba48 [ 1225.216873][T25321] [ 1226.704398][T25343] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6167'. [ 1226.704603][T25343] IPv6: Can't replace route, no match found [ 1226.788893][T25343] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6167'. [ 1226.788986][T25343] IPv6: Can't replace route, no match found [ 1227.595642][T25354] netlink: 202 bytes leftover after parsing attributes in process `syz.0.6171'. [ 1227.849263][ T5635] Bluetooth: hci1: Malformed Event: 0x02 [ 1229.608821][T25377] netlink: 'syz.0.6180': attribute type 19 has an invalid length. [ 1229.651083][T25377] netlink: 226 bytes leftover after parsing attributes in process `syz.0.6180'. [ 1230.122239][T25381] FAULT_INJECTION: forcing a failure. [ 1230.122239][T25381] name failslab, interval 1, probability 0, space 0, times 0 [ 1230.225965][T25381] CPU: 0 UID: 0 PID: 25381 Comm: syz.0.6181 Tainted: G L syzkaller #0 PREEMPT(full) [ 1230.226010][T25381] Tainted: [L]=SOFTLOCKUP [ 1230.226019][T25381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1230.226034][T25381] Call Trace: [ 1230.226043][T25381] [ 1230.226052][T25381] dump_stack_lvl+0x100/0x190 [ 1230.226086][T25381] should_fail_ex.cold+0x5/0xa [ 1230.226117][T25381] should_failslab+0xc2/0x120 [ 1230.226147][T25381] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1230.226184][T25381] ? snd_seq_port_connect+0x61/0x550 [ 1230.226216][T25381] ? snd_seq_port_use_ptr+0x136/0x1a0 [ 1230.226248][T25381] ? snd_seq_port_use_ptr+0x136/0x1a0 [ 1230.226284][T25381] snd_seq_port_connect+0x61/0x550 [ 1230.226317][T25381] ? _raw_read_unlock+0x28/0x50 [ 1230.226352][T25381] ? check_subscription_permission.isra.0+0x146/0x240 [ 1230.226391][T25381] snd_seq_ioctl_subscribe_port+0x219/0x490 [ 1230.226432][T25381] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 1230.226482][T25381] call_seq_client_ctl+0xa3/0x130 [ 1230.226517][T25381] snd_seq_kernel_client_ctl+0x77/0xd0 [ 1230.226552][T25381] snd_seq_oss_midi_open+0x474/0x690 [ 1230.226579][T25381] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 1230.226621][T25381] snd_seq_oss_synth_setup_midi+0x131/0x590 [ 1230.226673][T25381] snd_seq_oss_open+0x82e/0xa10 [ 1230.226714][T25381] odev_open+0x6f/0x90 [ 1230.226744][T25381] ? __pfx_odev_open+0x10/0x10 [ 1230.226775][T25381] soundcore_open+0x2e3/0x5a0 [ 1230.226811][T25381] ? __pfx_soundcore_open+0x10/0x10 [ 1230.226845][T25381] chrdev_open+0x234/0x6a0 [ 1230.226876][T25381] ? __pfx_apparmor_file_open+0x10/0x10 [ 1230.226916][T25381] ? __pfx_chrdev_open+0x10/0x10 [ 1230.226950][T25381] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1230.226999][T25381] do_dentry_open+0x6d8/0x1660 [ 1230.227030][T25381] ? __pfx_chrdev_open+0x10/0x10 [ 1230.227069][T25381] vfs_open+0x82/0x3f0 [ 1230.227110][T25381] path_openat+0x208c/0x31a0 [ 1230.227152][T25381] ? __pfx_path_openat+0x10/0x10 [ 1230.227195][T25381] do_file_open+0x20e/0x430 [ 1230.227229][T25381] ? __pfx_do_file_open+0x10/0x10 [ 1230.227282][T25381] ? alloc_fd+0x476/0x790 [ 1230.227315][T25381] ? do_getname+0x191/0x390 [ 1230.227355][T25381] do_sys_openat2+0x10d/0x1e0 [ 1230.227395][T25381] ? __pfx_do_sys_openat2+0x10/0x10 [ 1230.227445][T25381] __x64_sys_openat+0x12d/0x210 [ 1230.227485][T25381] ? __pfx___x64_sys_openat+0x10/0x10 [ 1230.227530][T25381] ? rcu_is_watching+0x12/0xc0 [ 1230.227564][T25381] do_syscall_64+0x10b/0xf80 [ 1230.227601][T25381] ? clear_bhb_loop+0x40/0x90 [ 1230.227631][T25381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1230.227657][T25381] RIP: 0033:0x7f6046b9ce59 [ 1230.227676][T25381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1230.227701][T25381] RSP: 002b:00007f6047988028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1230.227724][T25381] RAX: ffffffffffffffda RBX: 00007f6046e15fa0 RCX: 00007f6046b9ce59 [ 1230.227741][T25381] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1230.227757][T25381] RBP: 00007f6046c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1230.227772][T25381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1230.227787][T25381] R13: 00007f6046e16038 R14: 00007f6046e15fa0 R15: 00007fff897a8338 [ 1230.227824][T25381] [ 1234.908968][T25421] netlink: 504 bytes leftover after parsing attributes in process `syz.0.6196'. [ 1237.407592][T25449] bond0: invalid ARP target specified [ 1237.437567][T25449] Process accounting resumed [ 1239.565232][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.573295][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1240.288851][T25466] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1240.310628][T25466] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1240.323283][T25466] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1240.335519][T25466] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1240.345576][T25466] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1241.145736][T25465] bridge0: port 1(bridge_slave_0) entered blocking state [ 1241.158258][T25465] bridge0: port 1(bridge_slave_0) entered disabled state [ 1241.167086][T25465] bridge_slave_0: entered allmulticast mode [ 1241.175989][T25465] bridge_slave_0: entered promiscuous mode [ 1241.188192][T25465] bridge0: port 2(bridge_slave_1) entered blocking state [ 1241.196072][T25465] bridge0: port 2(bridge_slave_1) entered disabled state [ 1241.203861][T25465] bridge_slave_1: entered allmulticast mode [ 1241.212143][T25465] bridge_slave_1: entered promiscuous mode [ 1241.266374][T25465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1241.280655][T25465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1241.324777][T25465] team0: Port device team_slave_0 added [ 1241.336063][T25465] team0: Port device team_slave_1 added [ 1241.372767][T25465] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1241.380763][T25465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1241.407999][T25465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1241.422350][T25465] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1241.429849][T25465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1241.459817][T25465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1241.519422][T25465] hsr_slave_0: entered promiscuous mode [ 1241.527889][T25465] hsr_slave_1: entered promiscuous mode [ 1241.534912][T25465] debugfs: 'hsr0' already exists in 'hsr' [ 1241.542743][T25465] Cannot create hsr debugfs directory [ 1241.812370][T25465] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1241.833966][T25465] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1241.846826][T25465] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1241.857341][T25465] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1241.865947][T25465] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1241.877548][T25465] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1241.887992][T25465] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1241.902352][T25465] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1241.951593][T25465] bridge0: port 2(bridge_slave_1) entered blocking state [ 1241.958833][T25465] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1241.966460][T25465] bridge0: port 1(bridge_slave_0) entered blocking state [ 1241.973634][T25465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1242.045989][ T3326] bridge0: port 1(bridge_slave_0) entered disabled state [ 1242.057743][ T3326] bridge0: port 2(bridge_slave_1) entered disabled state [ 1242.090727][T25465] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1242.117999][T25465] 8021q: adding VLAN 0 to HW filter on device team0 [ 1242.147295][ T3326] bridge0: port 1(bridge_slave_0) entered blocking state [ 1242.154532][ T3326] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1242.191052][ T3326] bridge0: port 2(bridge_slave_1) entered blocking state [ 1242.198210][ T3326] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1242.442982][T25466] Bluetooth: hci2: command tx timeout [ 1242.702140][T25465] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1242.989262][T25465] veth0_vlan: entered promiscuous mode [ 1243.007727][T25465] veth1_vlan: entered promiscuous mode [ 1243.051855][T25465] veth0_macvtap: entered promiscuous mode [ 1243.063981][T25465] veth1_macvtap: entered promiscuous mode [ 1243.101063][T25465] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1243.115698][T25465] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1243.140047][ T3326] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1243.165384][ T3326] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1243.190014][ T3326] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1243.272204][ T3326] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1243.404051][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1243.427839][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1243.496860][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1243.506115][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1244.519820][T25466] Bluetooth: hci2: command tx timeout [ 1246.599103][ T5635] Bluetooth: hci2: command tx timeout [ 1248.679985][T25466] Bluetooth: hci2: command tx timeout [ 1251.651113][ T5635] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1251.668860][ T5635] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1251.679752][ T5635] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1251.696686][ T5635] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1251.705115][ T5635] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1252.130113][T25552] &#$@\]\-: entered promiscuous mode [ 1252.968232][T25538] bridge0: port 1(bridge_slave_0) entered blocking state [ 1252.989403][T25538] bridge0: port 1(bridge_slave_0) entered disabled state [ 1253.007741][T25538] bridge_slave_0: entered allmulticast mode [ 1253.024300][T25538] bridge_slave_0: entered promiscuous mode [ 1253.047341][T25538] bridge0: port 2(bridge_slave_1) entered blocking state [ 1253.059688][T25538] bridge0: port 2(bridge_slave_1) entered disabled state [ 1253.067036][T25538] bridge_slave_1: entered allmulticast mode [ 1253.076815][T25538] bridge_slave_1: entered promiscuous mode [ 1253.121881][T25538] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1253.138428][T25538] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1253.178206][T25538] team0: Port device team_slave_0 added [ 1253.188390][T25538] team0: Port device team_slave_1 added [ 1253.223967][T25538] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1253.231260][T25538] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1253.261538][T25538] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1253.275630][T25538] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1253.285385][T25538] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1253.317586][T25538] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1253.373581][T25538] hsr_slave_0: entered promiscuous mode [ 1253.381848][T25538] hsr_slave_1: entered promiscuous mode [ 1253.388269][T25538] debugfs: 'hsr0' already exists in 'hsr' [ 1253.395944][T25538] Cannot create hsr debugfs directory [ 1253.650732][T25538] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1253.661144][T25538] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1253.669718][T25538] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1253.679891][T25538] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1253.688029][T25538] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1253.701085][T25538] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1253.713794][T25538] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1253.727307][T25538] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1253.799766][ T5635] Bluetooth: hci5: command tx timeout [ 1253.846440][T25538] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1253.874258][T25538] 8021q: adding VLAN 0 to HW filter on device team0 [ 1253.892097][T22478] bridge0: port 1(bridge_slave_0) entered blocking state [ 1253.899326][T22478] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1253.923525][T22478] bridge0: port 2(bridge_slave_1) entered blocking state [ 1253.930733][T22478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1254.437924][T25538] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1254.726308][T25538] veth0_vlan: entered promiscuous mode [ 1254.744491][T25538] veth1_vlan: entered promiscuous mode [ 1254.782852][T25538] veth0_macvtap: entered promiscuous mode [ 1254.793221][T25538] veth1_macvtap: entered promiscuous mode [ 1254.816339][T25538] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1254.837930][T25538] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1254.859941][T22478] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1254.877296][T22478] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1254.903179][T22478] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1254.961244][T22478] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.136815][T22478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1255.171261][T22478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1255.214721][T22478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1255.223982][T22478] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1255.548370][T25588] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1255.878977][ T5635] Bluetooth: hci5: command tx timeout [ 1257.567764][T25594] kexec: Could not allocate control_code_buffer [ 1257.959003][ T5635] Bluetooth: hci5: command tx timeout [ 1258.714228][T25617] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6226'. [ 1258.771798][T25617] netlink: 13 bytes leftover after parsing attributes in process `syz.0.6226'. [ 1259.345404][T25614] Process accounting paused [ 1260.040004][T25466] Bluetooth: hci5: command tx timeout [ 1260.718854][T25466] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1260.738988][T25466] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1260.750074][T25466] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1260.764923][T25466] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1260.784315][T25466] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1261.118887][T25640] netlink: 98 bytes leftover after parsing attributes in process `syz.4.6233'. [ 1261.166029][T25640] netlink: 50 bytes leftover after parsing attributes in process `syz.4.6233'. [ 1262.372349][T25639] kexec: Could not allocate control_code_buffer [ 1262.787853][T25632] bridge0: port 1(bridge_slave_0) entered blocking state [ 1262.805672][T25632] bridge0: port 1(bridge_slave_0) entered disabled state [ 1262.824853][T25632] bridge_slave_0: entered allmulticast mode [ 1262.842653][T25466] Bluetooth: hci6: command tx timeout [ 1262.861285][T25632] bridge_slave_0: entered promiscuous mode [ 1263.155774][T25632] bridge0: port 2(bridge_slave_1) entered blocking state [ 1263.205646][T25632] bridge0: port 2(bridge_slave_1) entered disabled state [ 1263.243177][T25674] FAULT_INJECTION: forcing a failure. [ 1263.243177][T25674] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1263.263611][T25632] bridge_slave_1: entered allmulticast mode [ 1263.293326][T25632] bridge_slave_1: entered promiscuous mode [ 1263.320215][T25674] CPU: 0 UID: 0 PID: 25674 Comm: syz.0.6236 Tainted: G L syzkaller #0 PREEMPT(full) [ 1263.320258][T25674] Tainted: [L]=SOFTLOCKUP [ 1263.320268][T25674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1263.320283][T25674] Call Trace: [ 1263.320291][T25674] [ 1263.320301][T25674] dump_stack_lvl+0x100/0x190 [ 1263.320334][T25674] should_fail_ex.cold+0x5/0xa [ 1263.320365][T25674] get_futex_key+0x1d2/0x1510 [ 1263.320394][T25674] ? __pfx_get_futex_key+0x10/0x10 [ 1263.320419][T25674] ? find_held_lock+0x2b/0x80 [ 1263.320452][T25674] ? futex_wake+0x456/0x530 [ 1263.320491][T25674] futex_wake+0xea/0x530 [ 1263.320523][T25674] ? __pfx_futex_wait+0x10/0x10 [ 1263.320556][T25674] ? __pfx_futex_wake+0x10/0x10 [ 1263.320593][T25674] ? __lock_acquire+0x4a5/0x2630 [ 1263.320627][T25674] ? do_sys_openat2+0x1b4/0x1e0 [ 1263.320675][T25674] do_futex+0x32b/0x350 [ 1263.320703][T25674] ? __pfx_do_futex+0x10/0x10 [ 1263.320733][T25674] ? find_held_lock+0x2b/0x80 [ 1263.320769][T25674] __x64_sys_futex+0x34f/0x4d0 [ 1263.320799][T25674] ? __fget_files+0x21f/0x3d0 [ 1263.320830][T25674] ? __pfx___x64_sys_futex+0x10/0x10 [ 1263.320864][T25674] ? rcu_is_watching+0x12/0xc0 [ 1263.320898][T25674] do_syscall_64+0x10b/0xf80 [ 1263.320937][T25674] ? clear_bhb_loop+0x40/0x90 [ 1263.320967][T25674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1263.320993][T25674] RIP: 0033:0x7f6046b9ce59 [ 1263.321015][T25674] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1263.321040][T25674] RSP: 002b:00007f6044dd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1263.321070][T25674] RAX: ffffffffffffffda RBX: 00007f6046e16188 RCX: 00007f6046b9ce59 [ 1263.321087][T25674] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6046e1618c [ 1263.321103][T25674] RBP: 00007f6046e16180 R08: 0000000000000001 R09: 0000000000000000 [ 1263.321118][T25674] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1263.321133][T25674] R13: 00007f6046e16218 R14: 00007fff897a8250 R15: 00007fff897a8338 [ 1263.321164][T25674] [ 1263.903388][T25632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1263.952641][T25632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1264.053719][T25632] team0: Port device team_slave_0 added [ 1264.134229][T25632] team0: Port device team_slave_1 added [ 1264.242624][T25632] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1264.253728][T25632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1264.290271][T25632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1264.307988][T25632] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1264.315464][T25632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1264.349560][T25632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1264.415306][T25632] hsr_slave_0: entered promiscuous mode [ 1264.422067][T25632] hsr_slave_1: entered promiscuous mode [ 1264.428411][T25632] debugfs: 'hsr0' already exists in 'hsr' [ 1264.434906][T25632] Cannot create hsr debugfs directory [ 1264.692434][T25632] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1264.705885][T25632] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1264.715278][T25632] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1264.729980][T25632] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1264.738110][T25632] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1264.751664][T25632] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1264.774563][T25632] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1264.787024][T25632] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1264.887546][T25632] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1264.916014][T25632] 8021q: adding VLAN 0 to HW filter on device team0 [ 1264.924332][T25466] Bluetooth: hci6: command tx timeout [ 1264.936656][T22478] bridge0: port 1(bridge_slave_0) entered blocking state [ 1264.943960][T22478] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1264.989985][T22478] bridge0: port 2(bridge_slave_1) entered blocking state [ 1264.997159][T22478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1265.524384][T25632] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1265.828282][T25632] veth0_vlan: entered promiscuous mode [ 1265.853286][T25632] veth1_vlan: entered promiscuous mode [ 1265.888249][T25632] veth0_macvtap: entered promiscuous mode [ 1265.906725][T25632] veth1_macvtap: entered promiscuous mode [ 1265.929924][T25632] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1265.946990][T25632] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1265.972657][ T36] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1265.989480][ T36] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1266.055657][ T3326] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1266.127243][ T3326] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1266.237415][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1266.261277][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1266.324347][T22478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1266.333574][T22478] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1266.634271][T25706] FAULT_INJECTION: forcing a failure. [ 1266.634271][T25706] name failslab, interval 1, probability 0, space 0, times 0 [ 1266.714357][T25706] CPU: 0 UID: 0 PID: 25706 Comm: syz.0.6246 Tainted: G L syzkaller #0 PREEMPT(full) [ 1266.714397][T25706] Tainted: [L]=SOFTLOCKUP [ 1266.714407][T25706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1266.714423][T25706] Call Trace: [ 1266.714431][T25706] [ 1266.714441][T25706] dump_stack_lvl+0x100/0x190 [ 1266.714473][T25706] should_fail_ex.cold+0x5/0xa [ 1266.714504][T25706] ? __alloc_workqueue+0x148/0x1980 [ 1266.714539][T25706] should_failslab+0xc2/0x120 [ 1266.714569][T25706] __kmalloc_noprof+0xe0/0x850 [ 1266.714599][T25706] __alloc_workqueue+0x148/0x1980 [ 1266.714639][T25706] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1266.714674][T25706] ? lockdep_hardirqs_on+0x78/0x100 [ 1266.714712][T25706] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1266.714750][T25706] alloc_workqueue_noprof+0xc7/0x130 [ 1266.714787][T25706] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 1266.714831][T25706] ? __pfx___debug_object_init+0x10/0x10 [ 1266.714878][T25706] nci_register_device+0x394/0xb80 [ 1266.714912][T25706] ? __pfx_nci_register_device+0x10/0x10 [ 1266.714954][T25706] ? lockdep_init_map_type+0x5c/0x250 [ 1266.714985][T25706] virtual_ncidev_open+0x141/0x220 [ 1266.715026][T25706] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1266.715065][T25706] misc_open+0x26d/0x450 [ 1266.715098][T25706] ? __pfx_misc_open+0x10/0x10 [ 1266.715128][T25706] chrdev_open+0x234/0x6a0 [ 1266.715160][T25706] ? __pfx_apparmor_file_open+0x10/0x10 [ 1266.715202][T25706] ? __pfx_chrdev_open+0x10/0x10 [ 1266.715235][T25706] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1266.715276][T25706] do_dentry_open+0x6d8/0x1660 [ 1266.715306][T25706] ? __pfx_chrdev_open+0x10/0x10 [ 1266.715345][T25706] vfs_open+0x82/0x3f0 [ 1266.715386][T25706] path_openat+0x208c/0x31a0 [ 1266.715428][T25706] ? __pfx_path_openat+0x10/0x10 [ 1266.715470][T25706] do_file_open+0x20e/0x430 [ 1266.715504][T25706] ? __pfx_do_file_open+0x10/0x10 [ 1266.715557][T25706] ? alloc_fd+0x476/0x790 [ 1266.715590][T25706] ? do_getname+0x191/0x390 [ 1266.715630][T25706] do_sys_openat2+0x10d/0x1e0 [ 1266.715670][T25706] ? __pfx_do_sys_openat2+0x10/0x10 [ 1266.715719][T25706] __x64_sys_openat+0x12d/0x210 [ 1266.715760][T25706] ? __pfx___x64_sys_openat+0x10/0x10 [ 1266.715805][T25706] ? rcu_is_watching+0x12/0xc0 [ 1266.715839][T25706] do_syscall_64+0x10b/0xf80 [ 1266.715876][T25706] ? clear_bhb_loop+0x40/0x90 [ 1266.715906][T25706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1266.715940][T25706] RIP: 0033:0x7f6046b9ce59 [ 1266.715961][T25706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1266.715986][T25706] RSP: 002b:00007f6044df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1266.716010][T25706] RAX: ffffffffffffffda RBX: 00007f6046e16090 RCX: 00007f6046b9ce59 [ 1266.716027][T25706] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1266.716043][T25706] RBP: 00007f6046c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1266.716058][T25706] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1266.716073][T25706] R13: 00007f6046e16128 R14: 00007f6046e16090 R15: 00007fff897a8338 [ 1266.716104][T25706] [ 1267.133076][T25714] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1267.459296][T25466] Bluetooth: hci6: command tx timeout [ 1267.528364][T25706] Process accounting paused [ 1268.331223][T25707] FAULT_INJECTION: forcing a failure. [ 1268.331223][T25707] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1268.377395][T25707] CPU: 0 UID: 0 PID: 25707 Comm: syz.7.6247 Tainted: G L syzkaller #0 PREEMPT(full) [ 1268.377436][T25707] Tainted: [L]=SOFTLOCKUP [ 1268.377446][T25707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1268.377461][T25707] Call Trace: [ 1268.377469][T25707] [ 1268.377479][T25707] dump_stack_lvl+0x100/0x190 [ 1268.377512][T25707] should_fail_ex.cold+0x5/0xa [ 1268.377543][T25707] get_futex_key+0x1d2/0x1510 [ 1268.377572][T25707] ? __pfx_get_futex_key+0x10/0x10 [ 1268.377597][T25707] ? find_held_lock+0x2b/0x80 [ 1268.377647][T25707] ? futex_wake+0x456/0x530 [ 1268.377687][T25707] futex_wake+0xea/0x530 [ 1268.377719][T25707] ? __pfx_futex_wait+0x10/0x10 [ 1268.377752][T25707] ? __pfx_futex_wake+0x10/0x10 [ 1268.377789][T25707] ? __lock_acquire+0x4a5/0x2630 [ 1268.377815][T25707] ? do_sys_openat2+0x1b4/0x1e0 [ 1268.377858][T25707] do_futex+0x32b/0x350 [ 1268.377886][T25707] ? __pfx_do_futex+0x10/0x10 [ 1268.377915][T25707] ? find_held_lock+0x2b/0x80 [ 1268.377950][T25707] __x64_sys_futex+0x34f/0x4d0 [ 1268.377980][T25707] ? __fget_files+0x21f/0x3d0 [ 1268.378010][T25707] ? __pfx___x64_sys_futex+0x10/0x10 [ 1268.378043][T25707] ? rcu_is_watching+0x12/0xc0 [ 1268.378077][T25707] do_syscall_64+0x10b/0xf80 [ 1268.378114][T25707] ? clear_bhb_loop+0x40/0x90 [ 1268.378144][T25707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1268.378169][T25707] RIP: 0033:0x7f56fdd9ce59 [ 1268.378190][T25707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1268.378214][T25707] RSP: 002b:00007f56febe60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1268.378238][T25707] RAX: ffffffffffffffda RBX: 00007f56fe016098 RCX: 00007f56fdd9ce59 [ 1268.378255][T25707] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f56fe01609c [ 1268.378271][T25707] RBP: 00007f56fe016090 R08: 0000000000000001 R09: 0000000000000000 [ 1268.378286][T25707] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1268.378302][T25707] R13: 00007f56fe016128 R14: 00007fff2baa9af0 R15: 00007fff2baa9bd8 [ 1268.378333][T25707] [ 1269.479018][T25466] Bluetooth: hci6: command tx timeout [ 1271.676254][T25754] vcan0: tx drop: invalid da for name 0x000000000000003f [ 1272.603492][T25765] netlink: 98 bytes leftover after parsing attributes in process `syz.7.6244'. [ 1272.672649][T25768] netlink: 50 bytes leftover after parsing attributes in process `syz.7.6244'. [ 1277.843038][T25821] vcan0: tx drop: invalid da for name 0x000000000000003f [ 1284.311005][T25885] kexec: Could not allocate control_code_buffer [ 1286.840122][T25937] netlink: 98 bytes leftover after parsing attributes in process `syz.8.6289'. [ 1286.866898][T25937] netlink: 50 bytes leftover after parsing attributes in process `syz.8.6289'. [ 1289.569668][T25988] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6304'. [ 1289.743563][T25987] Process accounting resumed [ 1289.821190][T25995] FAULT_INJECTION: forcing a failure. [ 1289.821190][T25995] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1289.974711][T25995] CPU: 0 UID: 0 PID: 25995 Comm: syz.4.6305 Tainted: G L syzkaller #0 PREEMPT(full) [ 1289.974751][T25995] Tainted: [L]=SOFTLOCKUP [ 1289.974761][T25995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1289.974781][T25995] Call Trace: [ 1289.974790][T25995] [ 1289.974800][T25995] dump_stack_lvl+0x100/0x190 [ 1289.974832][T25995] should_fail_ex.cold+0x5/0xa [ 1289.974864][T25995] get_futex_key+0x1d2/0x1510 [ 1289.974892][T25995] ? __pfx_get_futex_key+0x10/0x10 [ 1289.974915][T25995] ? futex_hash+0x2ad/0x370 [ 1289.974941][T25995] ? futex_hash+0x141/0x370 [ 1289.974967][T25995] futex_wake+0xea/0x530 [ 1289.975000][T25995] ? __pfx_futex_wait+0x10/0x10 [ 1289.975033][T25995] ? __pfx_futex_wake+0x10/0x10 [ 1289.975069][T25995] ? __lock_acquire+0x4a5/0x2630 [ 1289.975093][T25995] ? do_sys_openat2+0x1b4/0x1e0 [ 1289.975137][T25995] do_futex+0x32b/0x350 [ 1289.975164][T25995] ? __pfx_do_futex+0x10/0x10 [ 1289.975193][T25995] ? find_held_lock+0x2b/0x80 [ 1289.975235][T25995] __x64_sys_futex+0x34f/0x4d0 [ 1289.975266][T25995] ? __fget_files+0x21f/0x3d0 [ 1289.975295][T25995] ? __pfx___x64_sys_futex+0x10/0x10 [ 1289.975329][T25995] ? rcu_is_watching+0x12/0xc0 [ 1289.975363][T25995] do_syscall_64+0x10b/0xf80 [ 1289.975401][T25995] ? clear_bhb_loop+0x40/0x90 [ 1289.975430][T25995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1289.975456][T25995] RIP: 0033:0x7f3dd799ce59 [ 1289.975477][T25995] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1289.975501][T25995] RSP: 002b:00007f3dd88390e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1289.975524][T25995] RAX: ffffffffffffffda RBX: 00007f3dd7c16188 RCX: 00007f3dd799ce59 [ 1289.975541][T25995] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3dd7c1618c [ 1289.975557][T25995] RBP: 00007f3dd7c16180 R08: 0000000000000001 R09: 0000000000000000 [ 1289.975573][T25995] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1289.975588][T25995] R13: 00007f3dd7c16218 R14: 00007fff9c52beb0 R15: 00007fff9c52bf98 [ 1289.975618][T25995] [ 1290.547492][T25991] Process accounting resumed [ 1292.249302][T26026] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1292.403622][T26027] smpboot: CPU 1 is now offline [ 1294.981397][T26066] FAULT_INJECTION: forcing a failure. [ 1294.981397][T26066] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1295.125771][T26066] CPU: 0 UID: 0 PID: 26066 Comm: syz.8.6319 Tainted: G L syzkaller #0 PREEMPT(full) [ 1295.125812][T26066] Tainted: [L]=SOFTLOCKUP [ 1295.125821][T26066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1295.125837][T26066] Call Trace: [ 1295.125845][T26066] [ 1295.125859][T26066] dump_stack_lvl+0x100/0x190 [ 1295.125891][T26066] should_fail_ex.cold+0x5/0xa [ 1295.125930][T26066] get_futex_key+0x1d2/0x1510 [ 1295.125959][T26066] ? __pfx_get_futex_key+0x10/0x10 [ 1295.125984][T26066] ? find_held_lock+0x2b/0x80 [ 1295.126017][T26066] ? futex_wake+0x456/0x530 [ 1295.126056][T26066] futex_wake+0xea/0x530 [ 1295.126088][T26066] ? __pfx_futex_wait+0x10/0x10 [ 1295.126122][T26066] ? __pfx_futex_wake+0x10/0x10 [ 1295.126158][T26066] ? __lock_acquire+0x4a5/0x2630 [ 1295.126181][T26066] ? do_sys_openat2+0x1b4/0x1e0 [ 1295.126225][T26066] do_futex+0x32b/0x350 [ 1295.126252][T26066] ? __pfx_do_futex+0x10/0x10 [ 1295.126281][T26066] ? find_held_lock+0x2b/0x80 [ 1295.126317][T26066] __x64_sys_futex+0x34f/0x4d0 [ 1295.126346][T26066] ? __fget_files+0x21f/0x3d0 [ 1295.126375][T26066] ? __pfx___x64_sys_futex+0x10/0x10 [ 1295.126409][T26066] ? rcu_is_watching+0x12/0xc0 [ 1295.126443][T26066] do_syscall_64+0x10b/0xf80 [ 1295.126480][T26066] ? clear_bhb_loop+0x40/0x90 [ 1295.126510][T26066] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1295.126535][T26066] RIP: 0033:0x7f7ca699ce59 [ 1295.126556][T26066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1295.126580][T26066] RSP: 002b:00007f7ca4bd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1295.126603][T26066] RAX: ffffffffffffffda RBX: 00007f7ca6c16188 RCX: 00007f7ca699ce59 [ 1295.126620][T26066] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7ca6c1618c [ 1295.126635][T26066] RBP: 00007f7ca6c16180 R08: 0000000000000001 R09: 0000000000000000 [ 1295.126650][T26066] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1295.126666][T26066] R13: 00007f7ca6c16218 R14: 00007ffcc0a33660 R15: 00007ffcc0a33748 [ 1295.126701][T26066] [ 1301.002723][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1301.013121][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1305.347135][T26177] FAULT_INJECTION: forcing a failure. [ 1305.347135][T26177] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1305.461295][T26177] CPU: 0 UID: 0 PID: 26177 Comm: syz.8.6346 Tainted: G L syzkaller #0 PREEMPT(full) [ 1305.461334][T26177] Tainted: [L]=SOFTLOCKUP [ 1305.461343][T26177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1305.461358][T26177] Call Trace: [ 1305.461366][T26177] [ 1305.461377][T26177] dump_stack_lvl+0x100/0x190 [ 1305.461409][T26177] should_fail_ex.cold+0x5/0xa [ 1305.461441][T26177] get_futex_key+0x1d2/0x1510 [ 1305.461469][T26177] ? __pfx_get_futex_key+0x10/0x10 [ 1305.461494][T26177] ? find_held_lock+0x2b/0x80 [ 1305.461527][T26177] ? futex_wake+0x456/0x530 [ 1305.461572][T26177] futex_wake+0xea/0x530 [ 1305.461605][T26177] ? __pfx_futex_wait+0x10/0x10 [ 1305.461639][T26177] ? __pfx_futex_wake+0x10/0x10 [ 1305.461676][T26177] ? __lock_acquire+0x4a5/0x2630 [ 1305.461700][T26177] ? do_sys_openat2+0x1b4/0x1e0 [ 1305.461743][T26177] do_futex+0x32b/0x350 [ 1305.461771][T26177] ? __pfx_do_futex+0x10/0x10 [ 1305.461800][T26177] ? find_held_lock+0x2b/0x80 [ 1305.461837][T26177] __x64_sys_futex+0x34f/0x4d0 [ 1305.461871][T26177] ? __fget_files+0x21f/0x3d0 [ 1305.461900][T26177] ? __pfx___x64_sys_futex+0x10/0x10 [ 1305.461934][T26177] ? rcu_is_watching+0x12/0xc0 [ 1305.461967][T26177] do_syscall_64+0x10b/0xf80 [ 1305.462005][T26177] ? clear_bhb_loop+0x40/0x90 [ 1305.462034][T26177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1305.462060][T26177] RIP: 0033:0x7f7ca699ce59 [ 1305.462080][T26177] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1305.462105][T26177] RSP: 002b:00007f7ca4bd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1305.462128][T26177] RAX: ffffffffffffffda RBX: 00007f7ca6c16188 RCX: 00007f7ca699ce59 [ 1305.462145][T26177] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7ca6c1618c [ 1305.462160][T26177] RBP: 00007f7ca6c16180 R08: 0000000000000001 R09: 0000000000000000 [ 1305.462174][T26177] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1305.462190][T26177] R13: 00007f7ca6c16218 R14: 00007ffcc0a33660 R15: 00007ffcc0a33748 [ 1305.462220][T26177] [ 1309.580578][T26215] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1314.500231][T26280] FAULT_INJECTION: forcing a failure. [ 1314.500231][T26280] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1314.629774][T26280] CPU: 0 UID: 0 PID: 26280 Comm: syz.0.6381 Tainted: G L syzkaller #0 PREEMPT(full) [ 1314.629816][T26280] Tainted: [L]=SOFTLOCKUP [ 1314.629825][T26280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1314.629839][T26280] Call Trace: [ 1314.629848][T26280] [ 1314.629857][T26280] dump_stack_lvl+0x100/0x190 [ 1314.629889][T26280] should_fail_ex.cold+0x5/0xa [ 1314.629921][T26280] get_futex_key+0x1d2/0x1510 [ 1314.629949][T26280] ? __pfx_get_futex_key+0x10/0x10 [ 1314.629972][T26280] ? futex_hash+0x2ad/0x370 [ 1314.629997][T26280] ? futex_hash+0x141/0x370 [ 1314.630024][T26280] futex_wake+0xea/0x530 [ 1314.630056][T26280] ? __pfx_futex_wait+0x10/0x10 [ 1314.630090][T26280] ? __pfx_futex_wake+0x10/0x10 [ 1314.630126][T26280] ? __lock_acquire+0x4a5/0x2630 [ 1314.630149][T26280] ? do_sys_openat2+0x1b4/0x1e0 [ 1314.630193][T26280] do_futex+0x32b/0x350 [ 1314.630221][T26280] ? __pfx_do_futex+0x10/0x10 [ 1314.630250][T26280] ? find_held_lock+0x2b/0x80 [ 1314.630286][T26280] __x64_sys_futex+0x34f/0x4d0 [ 1314.630316][T26280] ? __fget_files+0x21f/0x3d0 [ 1314.630345][T26280] ? __pfx___x64_sys_futex+0x10/0x10 [ 1314.630379][T26280] ? rcu_is_watching+0x12/0xc0 [ 1314.630413][T26280] do_syscall_64+0x10b/0xf80 [ 1314.630450][T26280] ? clear_bhb_loop+0x40/0x90 [ 1314.630480][T26280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1314.630510][T26280] RIP: 0033:0x7f6046b9ce59 [ 1314.630530][T26280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1314.630555][T26280] RSP: 002b:00007f6044dd50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1314.630578][T26280] RAX: ffffffffffffffda RBX: 00007f6046e16188 RCX: 00007f6046b9ce59 [ 1314.630595][T26280] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6046e1618c [ 1314.630611][T26280] RBP: 00007f6046e16180 R08: 0000000000000001 R09: 0000000000000000 [ 1314.630626][T26280] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1314.630642][T26280] R13: 00007f6046e16218 R14: 00007fff897a8250 R15: 00007fff897a8338 [ 1314.630694][T26280] [ 1329.768821][ T5635] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1329.806210][ T5635] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1329.816994][ T5635] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1329.826899][ T5635] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1329.835971][ T5635] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1331.520450][T26324] Process accounting paused [ 1331.591479][T26318] Process accounting paused [ 1331.717398][T26308] bridge0: port 1(bridge_slave_0) entered blocking state [ 1331.730026][T26308] bridge0: port 1(bridge_slave_0) entered disabled state [ 1331.741169][T26308] bridge_slave_0: entered allmulticast mode [ 1331.749072][T26308] bridge_slave_0: entered promiscuous mode [ 1331.759836][T26308] bridge0: port 2(bridge_slave_1) entered blocking state [ 1331.767079][T26308] bridge0: port 2(bridge_slave_1) entered disabled state [ 1331.775525][T26308] bridge_slave_1: entered allmulticast mode [ 1331.786858][T26308] bridge_slave_1: entered promiscuous mode [ 1331.826444][T26308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1331.843675][T26308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1331.878812][T25466] Bluetooth: hci7: command tx timeout [ 1331.896462][T26308] team0: Port device team_slave_0 added [ 1331.906544][T26308] team0: Port device team_slave_1 added [ 1331.937956][T26308] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1331.948670][T26308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1331.977612][T26308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1331.991081][T26308] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1331.998133][T26308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1332.032018][T26308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1332.093307][T26308] hsr_slave_0: entered promiscuous mode [ 1332.100130][T26308] hsr_slave_1: entered promiscuous mode [ 1332.106360][T26308] debugfs: 'hsr0' already exists in 'hsr' [ 1332.112788][T26308] Cannot create hsr debugfs directory [ 1332.377386][T26308] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1332.390793][T26308] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1332.400050][T26308] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1332.413377][T26308] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1332.422170][T26308] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1332.432651][T26308] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1332.441360][T26308] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1332.455576][T26308] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1332.564926][T26308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1332.607346][T26308] 8021q: adding VLAN 0 to HW filter on device team0 [ 1332.621234][T14644] bridge0: port 1(bridge_slave_0) entered blocking state [ 1332.628439][T14644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1332.649611][T14644] bridge0: port 2(bridge_slave_1) entered blocking state [ 1332.656794][T14644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1333.178243][T26308] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1333.487137][T26308] veth0_vlan: entered promiscuous mode [ 1333.503797][T26308] veth1_vlan: entered promiscuous mode [ 1333.537719][T26308] veth0_macvtap: entered promiscuous mode [ 1333.549686][T26308] veth1_macvtap: entered promiscuous mode [ 1333.588149][T26308] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1333.606972][T26308] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1333.622654][ T3326] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1333.638022][ T3326] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1333.660242][ T3326] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1333.712918][ T3326] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1333.896276][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1333.927298][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1333.961062][T25466] Bluetooth: hci7: command tx timeout [ 1333.978030][ T3326] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1333.992846][ T3326] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1336.038677][T25466] Bluetooth: hci7: command tx timeout [ 1337.167862][T26401] FAULT_INJECTION: forcing a failure. [ 1337.167862][T26401] name failslab, interval 1, probability 0, space 0, times 0 [ 1337.364344][T26401] CPU: 0 UID: 0 PID: 26401 Comm: syz.9.6386 Tainted: G L syzkaller #0 PREEMPT(full) [ 1337.364386][T26401] Tainted: [L]=SOFTLOCKUP [ 1337.364395][T26401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1337.364411][T26401] Call Trace: [ 1337.364419][T26401] [ 1337.364429][T26401] dump_stack_lvl+0x100/0x190 [ 1337.364462][T26401] should_fail_ex.cold+0x5/0xa [ 1337.364493][T26401] should_failslab+0xc2/0x120 [ 1337.364523][T26401] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1337.364564][T26401] ? anon_vma_clone+0x2ba/0xcd0 [ 1337.364604][T26401] anon_vma_clone+0x2ba/0xcd0 [ 1337.364647][T26401] __split_vma+0x51f/0xd90 [ 1337.364692][T26401] ? __pfx___split_vma+0x10/0x10 [ 1337.364736][T26401] ? clockevents_program_event+0x23e/0x820 [ 1337.364774][T26401] vma_modify+0x12ad/0x25c0 [ 1337.364823][T26401] ? __pfx_vma_modify+0x10/0x10 [ 1337.364861][T26401] ? __hrtimer_rearm_deferred+0x24d/0x740 [ 1337.364894][T26401] ? find_held_lock+0x2b/0x80 [ 1337.364926][T26401] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 1337.364973][T26401] vma_modify_flags+0x257/0x3d0 [ 1337.365013][T26401] ? __pfx_vma_modify_flags+0x10/0x10 [ 1337.365076][T26401] mlock_fixup+0x46e/0xb10 [ 1337.365119][T26401] ? __pfx_mlock_fixup+0x10/0x10 [ 1337.365173][T26401] apply_vma_lock_flags+0x256/0x370 [ 1337.365216][T26401] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 1337.365264][T26401] ? __pfx___might_resched+0x10/0x10 [ 1337.365300][T26401] ? __pfx_down_write_killable+0x10/0x10 [ 1337.365329][T26401] ? do_futex+0x192/0x350 [ 1337.365359][T26401] do_mlock+0x261/0x7f0 [ 1337.365411][T26401] ? __pfx_do_mlock+0x10/0x10 [ 1337.365448][T26401] ? __x64_sys_futex+0x34f/0x4d0 [ 1337.365475][T26401] ? __x64_sys_futex+0x358/0x4d0 [ 1337.365505][T26401] ? xfd_validate_state+0x129/0x190 [ 1337.365541][T26401] __x64_sys_mlock+0x59/0x80 [ 1337.365566][T26401] do_syscall_64+0x10b/0xf80 [ 1337.365602][T26401] ? clear_bhb_loop+0x40/0x90 [ 1337.365632][T26401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1337.365658][T26401] RIP: 0033:0x7f569919ce59 [ 1337.365677][T26401] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1337.365701][T26401] RSP: 002b:00007f569a0a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 1337.365725][T26401] RAX: ffffffffffffffda RBX: 00007f5699416270 RCX: 00007f569919ce59 [ 1337.365742][T26401] RDX: 0000000000000000 RSI: 0000000000007fff RDI: 0000000000007c88 [ 1337.365757][T26401] RBP: 00007f5699232d6f R08: 0000000000000000 R09: 0000000000000000 [ 1337.365772][T26401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1337.365786][T26401] R13: 00007f5699416308 R14: 00007f5699416270 R15: 00007ffe4d427128 [ 1337.365817][T26401] [ 1338.122274][T25466] Bluetooth: hci7: command tx timeout [ 1338.731139][T26417] FAULT_INJECTION: forcing a failure. [ 1338.731139][T26417] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1338.757663][T26415] netlink: 110 bytes leftover after parsing attributes in process `syz.9.6391'. [ 1338.913767][T26417] CPU: 0 UID: 0 PID: 26417 Comm: syz.4.6404 Tainted: G L syzkaller #0 PREEMPT(full) [ 1338.913807][T26417] Tainted: [L]=SOFTLOCKUP [ 1338.913816][T26417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1338.913832][T26417] Call Trace: [ 1338.913840][T26417] [ 1338.913850][T26417] dump_stack_lvl+0x100/0x190 [ 1338.913883][T26417] should_fail_ex.cold+0x5/0xa [ 1338.913914][T26417] get_futex_key+0x1d2/0x1510 [ 1338.913944][T26417] ? __pfx_get_futex_key+0x10/0x10 [ 1338.913970][T26417] ? futex_hash+0x2ad/0x370 [ 1338.913995][T26417] ? futex_hash+0x141/0x370 [ 1338.914023][T26417] futex_wake+0xea/0x530 [ 1338.914055][T26417] ? __pfx_futex_wait+0x10/0x10 [ 1338.914090][T26417] ? __pfx_futex_wake+0x10/0x10 [ 1338.914126][T26417] ? __lock_acquire+0x4a5/0x2630 [ 1338.914149][T26417] ? do_sys_openat2+0x1b4/0x1e0 [ 1338.914193][T26417] do_futex+0x32b/0x350 [ 1338.914221][T26417] ? __pfx_do_futex+0x10/0x10 [ 1338.914257][T26417] ? find_held_lock+0x2b/0x80 [ 1338.914293][T26417] __x64_sys_futex+0x34f/0x4d0 [ 1338.914324][T26417] ? __fget_files+0x21f/0x3d0 [ 1338.914354][T26417] ? __pfx___x64_sys_futex+0x10/0x10 [ 1338.914388][T26417] ? rcu_is_watching+0x12/0xc0 [ 1338.914422][T26417] do_syscall_64+0x10b/0xf80 [ 1338.914460][T26417] ? clear_bhb_loop+0x40/0x90 [ 1338.914489][T26417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1338.914514][T26417] RIP: 0033:0x7f3dd799ce59 [ 1338.914535][T26417] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1338.914561][T26417] RSP: 002b:00007f3dd88390e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1338.914584][T26417] RAX: ffffffffffffffda RBX: 00007f3dd7c16188 RCX: 00007f3dd799ce59 [ 1338.914601][T26417] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3dd7c1618c [ 1338.914617][T26417] RBP: 00007f3dd7c16180 R08: 0000000000000001 R09: 0000000000000000 [ 1338.914632][T26417] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1338.914648][T26417] R13: 00007f3dd7c16218 R14: 00007fff9c52beb0 R15: 00007fff9c52bf98 [ 1338.914679][T26417] [ 1340.560389][T26438] FAULT_INJECTION: forcing a failure. [ 1340.560389][T26438] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1340.627477][T26438] CPU: 0 UID: 0 PID: 26438 Comm: syz.4.6409 Tainted: G L syzkaller #0 PREEMPT(full) [ 1340.627517][T26438] Tainted: [L]=SOFTLOCKUP [ 1340.627526][T26438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1340.627541][T26438] Call Trace: [ 1340.627550][T26438] [ 1340.627559][T26438] dump_stack_lvl+0x100/0x190 [ 1340.627590][T26438] should_fail_ex.cold+0x5/0xa [ 1340.627617][T26438] ? prepare_alloc_pages+0x16d/0x5f0 [ 1340.627652][T26438] should_fail_alloc_page+0xeb/0x140 [ 1340.627684][T26438] prepare_alloc_pages+0x1f0/0x5f0 [ 1340.627720][T26438] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1340.627768][T26438] ? rcu_is_watching+0x12/0xc0 [ 1340.627798][T26438] ? trace_mm_page_alloc+0x163/0x1d0 [ 1340.627831][T26438] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1340.627875][T26438] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1340.627922][T26438] ? find_held_lock+0x2b/0x80 [ 1340.627955][T26438] ? is_bpf_text_address+0x8a/0x1a0 [ 1340.627989][T26438] ? is_bpf_text_address+0x8a/0x1a0 [ 1340.628026][T26438] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1340.628067][T26438] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1340.628114][T26438] ? is_bpf_text_address+0x94/0x1a0 [ 1340.628150][T26438] ? kernel_text_address+0x8d/0x100 [ 1340.628177][T26438] ? __kernel_text_address+0xd/0x30 [ 1340.628203][T26438] ? unwind_get_return_address+0x59/0xa0 [ 1340.628244][T26438] alloc_pages_bulk_noprof+0x657/0x1390 [ 1340.628275][T26438] ? policy_nodemask+0xed/0x4f0 [ 1340.628307][T26438] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1340.628334][T26438] ? kasan_save_stack+0x30/0x50 [ 1340.628370][T26438] __kasan_populate_vmalloc+0xf0/0x210 [ 1340.628417][T26438] alloc_vmap_area+0x95d/0x2b70 [ 1340.628461][T26438] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1340.628497][T26438] __get_vm_area_node+0x1ca/0x330 [ 1340.628532][T26438] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 1340.628557][T26438] get_vm_area_caller+0x71/0xa0 [ 1340.628612][T26438] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 1340.628638][T26438] vmap+0x131/0x2f0 [ 1340.628668][T26438] ? __pfx_vmap+0x10/0x10 [ 1340.628705][T26438] ringbuf_map_alloc+0x3a1/0x8b0 [ 1340.628736][T26438] ? __pfx_ringbuf_map_mem_usage+0x10/0x10 [ 1340.628761][T26438] map_create+0x84e/0x2bc0 [ 1340.628797][T26438] ? futex_unqueue+0x13d/0x2c0 [ 1340.628823][T26438] ? __futex_wait+0x256/0x300 [ 1340.628863][T26438] ? __pfx_map_create+0x10/0x10 [ 1340.628899][T26438] ? __might_fault+0xc5/0x140 [ 1340.628937][T26438] ? __might_fault+0xc5/0x140 [ 1340.628986][T26438] __sys_bpf+0x2091/0x4b90 [ 1340.629015][T26438] ? __pfx___sys_bpf+0x10/0x10 [ 1340.629040][T26438] ? __pfx_futex_wait+0x10/0x10 [ 1340.629080][T26438] ? errseq_sample+0x51/0x70 [ 1340.629111][T26438] ? file_init_path+0x48e/0x670 [ 1340.629151][T26438] ? do_futex+0x192/0x350 [ 1340.629194][T26438] ? xfd_validate_state+0x129/0x190 [ 1340.629233][T26438] __x64_sys_bpf+0x7b/0xc0 [ 1340.629260][T26438] ? lockdep_hardirqs_on+0x78/0x100 [ 1340.629298][T26438] do_syscall_64+0x10b/0xf80 [ 1340.629335][T26438] ? clear_bhb_loop+0x40/0x90 [ 1340.629365][T26438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1340.629390][T26438] RIP: 0033:0x7f3dd799ce59 [ 1340.629410][T26438] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1340.629435][T26438] RSP: 002b:00007f3dd887b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1340.629459][T26438] RAX: ffffffffffffffda RBX: 00007f3dd7c15fa0 RCX: 00007f3dd799ce59 [ 1340.629475][T26438] RDX: 0000000000000010 RSI: 00002000000000c0 RDI: 0000000000000000 [ 1340.629491][T26438] RBP: 00007f3dd7a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1340.629507][T26438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1340.629521][T26438] R13: 00007f3dd7c16038 R14: 00007f3dd7c15fa0 R15: 00007fff9c52bf98 [ 1340.629552][T26438] [ 1342.412237][T26412] kexec: Could not allocate control_code_buffer [ 1342.749781][T26453] &#$@\]\-: entered promiscuous mode [ 1343.665435][T26459] netlink: 98 bytes leftover after parsing attributes in process `syz.4.6407'. [ 1343.734396][T26459] netlink: 50 bytes leftover after parsing attributes in process `syz.4.6407'. [ 1347.977650][T26491] kexec: Could not allocate control_code_buffer [ 1349.921931][T26530] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1350.069718][T26531] smpboot: CPU 1 is now offline [ 1353.555863][T26551] kexec: Could not allocate control_code_buffer [ 1353.682450][T26581] usb usb2: usbfs: process 26581 (syz.4.6437) did not claim interface 4 before use [ 1357.512196][T26640] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6451'. [ 1357.567642][T26640] netlink: 'syz.0.6451': attribute type 1 has an invalid length. [ 1357.599423][T26640] netlink: 13 bytes leftover after parsing attributes in process `syz.0.6451'. [ 1360.493939][T26673] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1361.617338][T26656] Process accounting resumed [ 1361.824090][T26667] Process accounting resumed [ 1362.479171][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1362.490645][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1364.265320][T25466] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1364.317818][T26714] futex_wake_op: syz.0.6475 tries to shift op by -2048; fix this program [ 1364.357660][T26714] futex_wake_op: syz.0.6475 tries to shift op by -2048; fix this program [ 1364.521937][T26715] Bluetooth: hci2: command 0x0406 tx timeout [ 1364.597253][T26719] FAULT_INJECTION: forcing a failure. [ 1364.597253][T26719] name failslab, interval 1, probability 0, space 0, times 0 [ 1364.661730][T26719] CPU: 0 UID: 0 PID: 26719 Comm: syz.8.6468 Tainted: G L syzkaller #0 PREEMPT(full) [ 1364.661772][T26719] Tainted: [L]=SOFTLOCKUP [ 1364.661781][T26719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1364.661797][T26719] Call Trace: [ 1364.661805][T26719] [ 1364.661814][T26719] dump_stack_lvl+0x100/0x190 [ 1364.661847][T26719] should_fail_ex.cold+0x5/0xa [ 1364.661878][T26719] should_failslab+0xc2/0x120 [ 1364.661908][T26719] __kvmalloc_node_noprof+0xfa/0xa00 [ 1364.661933][T26719] ? proc_sys_call_handler+0x2c7/0x5a0 [ 1364.661973][T26719] proc_sys_call_handler+0x2c7/0x5a0 [ 1364.662008][T26719] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 1364.662044][T26719] ? rw_verify_area+0xce/0x6d0 [ 1364.662068][T26719] ? __pfx_proc_sys_read+0x10/0x10 [ 1364.662101][T26719] vfs_read+0x825/0xb30 [ 1364.662133][T26719] ? __pfx_vfs_read+0x10/0x10 [ 1364.662179][T26719] ksys_read+0x12a/0x250 [ 1364.662207][T26719] ? __pfx_ksys_read+0x10/0x10 [ 1364.662234][T26719] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 1364.662262][T26719] ? rcu_is_watching+0x12/0xc0 [ 1364.662296][T26719] do_syscall_64+0x10b/0xf80 [ 1364.662333][T26719] ? clear_bhb_loop+0x40/0x90 [ 1364.662363][T26719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1364.662389][T26719] RIP: 0033:0x7f7ca699ce59 [ 1364.662408][T26719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1364.662434][T26719] RSP: 002b:00007f7ca777b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1364.662457][T26719] RAX: ffffffffffffffda RBX: 00007f7ca6c15fa0 RCX: 00007f7ca699ce59 [ 1364.662474][T26719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 1364.662489][T26719] RBP: 00007f7ca6a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1364.662514][T26719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1364.662529][T26719] R13: 00007f7ca6c16038 R14: 00007f7ca6c15fa0 R15: 00007ffcc0a33748 [ 1364.662561][T26719] [ 1365.504042][T26733] &#$@\]\-: entered promiscuous mode [ 1368.290575][T26773] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1368.425313][T26779] smpboot: CPU 1 is now offline [ 1374.759685][T26715] Bluetooth: hci5: command 0x0406 tx timeout [ 1377.787281][T26872] openvswitch: &#$@\]\-: Dropping previously announced user features [ 1378.476278][T26885] netlink: 186 bytes leftover after parsing attributes in process `syz.0.6521'. [ 1378.585497][T26881] can: request_module (can-proto-5) failed. [ 1382.851959][ T30] audit: type=1800 audit(4294967607.513:27): pid=26934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.6528" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 1383.070074][T26937] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer. [ 1383.702024][ T4945] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1383.726388][ T4945] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1383.737495][ T4945] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1383.752143][ T4945] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1383.768267][ T4945] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1385.029900][ T4945] Bluetooth: hci6: command 0x0406 tx timeout [ 1385.388280][T26941] bridge0: port 1(bridge_slave_0) entered blocking state [ 1385.420619][T26941] bridge0: port 1(bridge_slave_0) entered disabled state [ 1385.440245][T26941] bridge_slave_0: entered allmulticast mode [ 1385.460287][T26941] bridge_slave_0: entered promiscuous mode [ 1385.472084][T26941] bridge0: port 2(bridge_slave_1) entered blocking state [ 1385.496526][T26941] bridge0: port 2(bridge_slave_1) entered disabled state [ 1385.519496][T26941] bridge_slave_1: entered allmulticast mode [ 1385.532137][T26941] bridge_slave_1: entered promiscuous mode [ 1385.621785][T26941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1385.651942][T26941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1385.744497][T26941] team0: Port device team_slave_0 added [ 1385.761384][T26941] team0: Port device team_slave_1 added [ 1385.838772][T26941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1385.859643][T26941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1385.898653][ T5635] Bluetooth: hci8: command tx timeout [ 1385.941840][T26941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1385.974339][T26941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1385.988710][T26941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1386.058717][T26941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1386.181388][T26941] hsr_slave_0: entered promiscuous mode [ 1386.192076][T26941] hsr_slave_1: entered promiscuous mode [ 1386.209554][T26941] debugfs: 'hsr0' already exists in 'hsr' [ 1386.228659][T26941] Cannot create hsr debugfs directory [ 1386.586012][T26941] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1386.688351][T26941] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1386.785175][T26941] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1386.856154][T26941] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1387.088127][T26941] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1387.100764][T26941] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1387.109391][T26941] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1387.119446][T26941] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1387.127573][T26941] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1387.142796][T26941] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1387.155642][T26941] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1387.174478][T26941] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1387.282204][T26941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1387.305666][T26941] 8021q: adding VLAN 0 to HW filter on device team0 [ 1387.321804][T14644] bridge0: port 1(bridge_slave_0) entered blocking state [ 1387.329115][T14644] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1387.349094][T14644] bridge0: port 2(bridge_slave_1) entered blocking state [ 1387.356323][T14644] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1387.893370][T26941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1387.957392][T26941] veth0_vlan: entered promiscuous mode [ 1387.963682][ T5635] Bluetooth: hci8: command tx timeout [ 1387.983476][T26941] veth1_vlan: entered promiscuous mode [ 1388.023519][T26941] veth0_macvtap: entered promiscuous mode [ 1388.036443][T26941] veth1_macvtap: entered promiscuous mode [ 1388.051272][ T31] INFO: task syz-executor:5639 blocked for more than 143 seconds. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1388.086719][ T31] Tainted: G L syzkaller #0 [ 1388.119259][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1388.136697][T26941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1388.151747][ T31] task:syz-executor state:D stack:23352 pid:5639 tgid:5639 ppid:1 task_flags:0x400140 flags:0x00080002 [ 1388.202659][T26941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1388.219608][ T31] Call Trace: [ 1388.223083][ T31] [ 1388.226087][ T31] __schedule+0x1295/0x67a0 [ 1388.248058][ T31] ? __pfx___schedule+0x10/0x10 [ 1388.254989][ T1112] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.277987][ T31] ? find_held_lock+0x2b/0x80 [ 1388.292553][ T1112] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.307172][ T31] ? schedule+0x2bf/0x390 [ 1388.318810][ T31] schedule+0xdd/0x390 [ 1388.333511][ T1112] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.342548][ T31] schedule_preempt_disabled+0x13/0x30 [ 1388.395851][ T31] __mutex_lock+0xced/0x1b10 [ 1388.430111][ T1112] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.476348][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 1388.549427][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1388.592382][ T31] ? net_generic+0xea/0x2a0 [ 1388.626912][ T31] ? net_generic+0xea/0x2a0 [ 1388.650539][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 1388.688736][ T31] nfsd_shutdown_threads+0x5b/0xf0 [ 1388.707778][ T31] nfsd_umount+0x3b/0x60 [ 1388.725333][ T31] deactivate_locked_super+0xc1/0x1b0 [ 1388.742250][ T31] deactivate_super+0xe7/0x110 [ 1388.754061][ T31] cleanup_mnt+0x21f/0x450 [ 1388.766039][ T31] task_work_run+0x150/0x240 [ 1388.773279][ T31] ? __pfx_task_work_run+0x10/0x10 [ 1388.780804][ T31] ? rcu_is_watching+0x12/0xc0 [ 1388.785661][ T31] exit_to_user_mode_loop+0x107/0x4f0 [ 1388.794270][ T31] ? rcu_is_watching+0x12/0xc0 [ 1388.799973][ T31] do_syscall_64+0x6f2/0xf80 [ 1388.804698][ T31] ? clear_bhb_loop+0x40/0x90 [ 1388.810239][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1388.817159][ T31] RIP: 0033:0x7fb4ee19e097 [ 1388.824502][ T31] RSP: 002b:00007ffd4deec3c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1388.835041][ T31] RAX: 0000000000000000 RBX: 00007fb4ee2321ca RCX: 00007fb4ee19e097 [ 1388.850906][ T31] RDX: 0000000000000004 RSI: 0000000000000009 RDI: 00007ffd4deed510 [ 1388.861561][ T31] RBP: 00007ffd4deed4fc R08: 0000000000000000 R09: 0000000000000000 [ 1388.870496][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd4deed510 [ 1388.882520][ T31] R13: 00007fb4ee2321ca R14: 000000000012db16 R15: 00007ffd4deed550 [ 1388.893369][ T31] [ 1388.939623][ T31] [ 1388.939623][ T31] Showing all locks held in the system: [ 1388.972645][ T31] 3 locks held by kworker/0:1/10: [ 1389.015139][ T31] 1 lock held by khungtaskd/31: [ 1389.053866][ T31] #0: ffffffff8e7e55a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 1389.120395][ T31] 2 locks held by syz-executor/5639: [ 1389.155789][ T31] #0: ffff88807da9c0d8 (&type->s_umount_key#56){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1389.261985][ T31] #1: ffffffff8ec61de0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1389.330175][ T31] 1 lock held by syz.0.2659/13534: [ 1389.363234][ T31] 2 locks held by syz-executor/13557: [ 1389.397075][ T31] #0: ffff88803064a0d8 (&type->s_umount_key#56){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1389.482130][ T31] #1: ffffffff8ec61de0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1389.550763][ T31] 3 locks held by kworker/0:0/22574: [ 1389.582257][ T31] #0: ffff88813fe5b140 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 1389.658024][ T31] #1: ffffc9000445fd08 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 1389.748990][ T31] #2: ffff888036a29250 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x1b8/0x63b0 [ 1389.825499][ T31] 2 locks held by syz.5.6162/25316: [ 1389.855865][ T31] #0: ffffffff906bde48 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1389.923299][ T31] #1: ffffffff8ec61de0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xd5/0x1a80 [ 1389.974706][ T31] 2 locks held by syz-executor/25465: [ 1389.996813][ T31] #0: ffff8880963340d8 (&type->s_umount_key#56){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1390.013358][ T31] #1: ffffffff8ec61de0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1390.027382][ T31] 3 locks held by kworker/0:5/25505: [ 1390.035736][ T31] #0: ffff88813fe5b140 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 1390.047123][ T5635] Bluetooth: hci8: command tx timeout [ 1390.056185][ T31] #1: ffffc9000382fd08 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 1390.066452][ T31] #2: ffffffff8e7f10e8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0 [ 1390.077144][ T31] 3 locks held by syz-executor/25632: [ 1390.082942][ T31] #0: ffff88805c3fcea0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0 [ 1390.113964][ T31] #1: ffff88805c3fc0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240 [ 1390.157347][ T31] #2: ffffffff908965e0 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280 [ 1390.167870][ T31] 2 locks held by syz.7.6371/26275: [ 1390.173499][ T31] #0: ffffffff906bde48 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1390.182101][ T31] #1: ffffffff8ec61de0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x8ec/0x12b0 [ 1390.192786][ T31] 2 locks held by syz.7.6371/26278: [ 1390.198032][ T31] #0: ffff888029c0a0d8 (&type->s_umount_key#56){++++}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1390.220393][ T31] #1: ffffffff8ec61de0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1390.232842][ T31] 3 locks held by syz.9.6423/26528: [ 1390.238108][ T31] #0: ffff8880579bcea0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0 [ 1390.254319][ T31] #1: ffff8880579bc0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240 [ 1390.264503][ T31] #2: ffffffff908965e0 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280 [ 1390.275033][ T31] 5 locks held by syz-executor/26941: [ 1390.289346][ T31] #0: ffff8880a97d0ea0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0 [ 1390.302003][ T31] #1: ffff8880a97d00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240 [ 1390.315997][ T31] #2: ffffffff908965e0 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280 [ 1390.330391][ T31] #3: ffff88805a8182f8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x95/0x710 [ 1390.340957][ T31] #4: ffffffff8e7f10e8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 1390.399839][ T31] [ 1390.406239][ T31] ============================================= [ 1390.406239][ T31] [ 1390.456883][ T31] NMI backtrace for cpu 0 [ 1390.456906][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 1390.456940][ T31] Tainted: [L]=SOFTLOCKUP [ 1390.456948][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1390.456969][ T31] Call Trace: [ 1390.456978][ T31] [ 1390.456988][ T31] dump_stack_lvl+0x100/0x190 [ 1390.457019][ T31] nmi_cpu_backtrace.cold+0x12d/0x151 [ 1390.457049][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1390.457076][ T31] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 1390.457109][ T31] sys_info+0x141/0x190 [ 1390.457132][ T31] watchdog+0xcb1/0x1030 [ 1390.457172][ T31] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1390.457206][ T31] ? __pfx_watchdog+0x10/0x10 [ 1390.457241][ T31] ? __kthread_parkme+0x18c/0x230 [ 1390.457277][ T31] ? kthread+0x13a/0x450 [ 1390.457296][ T31] ? __pfx_watchdog+0x10/0x10 [ 1390.457329][ T31] kthread+0x370/0x450 [ 1390.457348][ T31] ? __pfx_kthread+0x10/0x10 [ 1390.457371][ T31] ret_from_fork+0x72b/0xd50 [ 1390.457398][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1390.457426][ T31] ? __switch_to+0x800/0x1100 [ 1390.457458][ T31] ? __switch_to_asm+0x39/0x70 [ 1390.457490][ T31] ? __pfx_kthread+0x10/0x10 [ 1390.457513][ T31] ret_from_fork_asm+0x1a/0x30 [ 1390.457557][ T31] [ 1390.942149][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1390.949074][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 1390.959773][ T31] Tainted: [L]=SOFTLOCKUP [ 1390.964109][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1390.974193][ T31] Call Trace: [ 1390.977495][ T31] [ 1390.980468][ T31] dump_stack_lvl+0x100/0x190 [ 1390.985200][ T31] vpanic+0x552/0x970 [ 1390.989198][ T31] ? __pfx_vpanic+0x10/0x10 [ 1390.993802][ T31] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 1390.999980][ T31] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 1391.006162][ T31] panic+0xd1/0xe0 [ 1391.009947][ T31] ? __pfx_panic+0x10/0x10 [ 1391.014383][ T31] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 1391.020563][ T31] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 1391.026867][ T31] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 1391.033052][ T31] ? watchdog.cold+0x1ec/0x234 [ 1391.037887][ T31] ? watchdog+0xcc1/0x1030 [ 1391.042386][ T31] watchdog.cold+0x1fd/0x234 [ 1391.047015][ T31] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1391.052852][ T31] ? __pfx_watchdog+0x10/0x10 [ 1391.057660][ T31] ? __kthread_parkme+0x18c/0x230 [ 1391.062791][ T31] ? kthread+0x13a/0x450 [ 1391.067122][ T31] ? __pfx_watchdog+0x10/0x10 [ 1391.071992][ T31] kthread+0x370/0x450 [ 1391.076102][ T31] ? __pfx_kthread+0x10/0x10 [ 1391.080732][ T31] ret_from_fork+0x72b/0xd50 [ 1391.085383][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1391.090612][ T31] ? __switch_to+0x800/0x1100 [ 1391.095498][ T31] ? __switch_to_asm+0x39/0x70 [ 1391.100302][ T31] ? __pfx_kthread+0x10/0x10 [ 1391.104938][ T31] ret_from_fork_asm+0x1a/0x30 [ 1391.109759][ T31] [ 1391.112976][ T31] Kernel Offset: disabled [ 1391.117322][ T31] Rebooting in 86400 seconds..