last executing test programs: 9.783488766s ago: executing program 0 (id=290): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) setresuid$auto(0x8000000000000001, 0x1, 0x200) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0x1f40) r2 = setfsuid$auto(0xee00) r3 = setfsuid$auto(0xee01) setresuid$auto(r2, r3, r2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'pimreg\x00', 0x0}) shmctl$auto_IPC_SET(0x502b, 0x1, &(0x7f0000000200)={{0x1, 0xee00, 0x0, 0x8, 0xb, 0x401, 0x9}, 0x80000001, 0x7fffffff, 0x0, 0xfffffffffffffff9, @inferred=0xffffffffffffffff, @inferred, 0x7fff, 0x0, &(0x7f00000000c0)="8fb29c90367915b2de1646bd8d1a0f3eaed3b04c3338f9d7062b4e3db4c0192acab6859a60f492b6fe9cea0130fae02fe6e6882e5d0cf6bcb67a72d8fd683b589fc87be0c2e91308dc66d6a2ec4403be23375a3845a45bce2922cf238e9c1bf52d44ae20c3cf5ab7f6696057ede2160afd9764a096956e165862530bce2b2950154b836d1479f13171142c6c83352552be3b87607f1e2acd0199418bec5f78dcc2a65887c4ae0e6dd628e2f611c2c33a6a0ff4126ae302cf6849705e6f99fe71bd5b021b09ec9717644b9b4fbd6f6f810116974c5945ec49fe9de889f9f63d88eb6ff3a7842f632439a571bc5ed99963efcf0601186a1e5c37271572e0", &(0x7f00000001c0)="6617aeb620669f004fbf8c8b34c6314e2851136cfcf32e5fcc3682604ec1c4fe261dab3d512de6"}) r6 = waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000280)={@_si_pad}, 0x4, &(0x7f0000000300)={{0x6450, 0x8}, {0x8, 0xee70}, 0xe0e7, 0x3, 0x90, 0xfffffffffffffff8, 0x3, 0x4, 0x5, 0x8001, 0xffb, 0x6, 0x1f, 0x9, 0x6, 0x1}) sendmsg$auto_MACSEC_CMD_UPD_TXSA(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000900)={&(0x7f00000003c0)={0x540, 0x0, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@MACSEC_ATTR_SA_CONFIG={0x1c8, 0x3, 0x0, 0x1, [@nested={0x102, 0x2e, 0x0, 0x1, [@nested={0x4, 0x62}, @typed={0x50, 0x47, 0x0, 0x0, @binary="1665aa359ec2800c7872d4b674420824d5963c1a3592099a73fbc5722e3392835b2507012af2e11754c94d3ed3bed48a97ff7e3f3b696e8ac5ac1486bbf9ce30a22f604e4a842215d3c871d7"}, @generic="58d1c8f1c71b6b3ff482e77ad37e0246547c6229c5a8d60c4d8555671a69cd2e960f6b60ff1f810eca24624298df11", @nested={0x4, 0x4f}, @generic="c6b0a780", @nested={0x4, 0x90}, @generic="d668b198a1d9305a23cda1aa948f2def4371ec6878dd8031cf18c7e078f4f7df0577abf6fec478f53678aa1fe7e1201dada921851d8d86a676e994a492cb4c45fd6fe56a12b0907f0f7ddcc3666ccb4f6f2b3800aaac84502c0332489a05b39c7237ad878f38cd", @typed={0x8, 0xf1, 0x0, 0x0, @uid=r3}]}, @generic="b01dad37a03a5383ba5f63f8e6b784a349080337e317defd69a1e1b3c5f316fbf6ab3f60fa8e42631e5f6faa554410d711a4375c12ac841cef4ad7d695e61f0f3f5c1c6bb1f65edd525e69b074e3a9fd49557a7ccaf992f716a5602c51da190320b8394eb7d632f54e25c081bdae1cfe125f8cd36f0110b796a930cb7d70a155bf310d12942876ff88c8c54e9dc233fe9cf8d11d0ad2cd59aa0ba2daf8f4980d5414476e81171437a03877af7f82c08e5cb460d9aed1539c5e63dda6c7799c7f"]}, @MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r4}, @MACSEC_ATTR_SA_CONFIG={0x33f, 0x3, 0x0, 0x1, [@typed={0xc, 0x35, 0x0, 0x0, @u64=0x1}, @typed={0x8, 0xa9, 0x0, 0x0, @uid=r5}, @nested={0x4d, 0x28, 0x0, 0x1, [@generic="d6c6d5ae8f398d0c8cb402d6d30634a2dcdcc6b9cef4681931b77c1ad94a735ef7b2dab02b1c680efc511a4e009871f636e72c42875ddc53f2282293d3e0448c09d4f47cc0e3c05117"]}, @nested={0x8, 0x63, 0x0, 0x1, [@nested={0x4, 0xad}]}, @generic, @generic="1f17e6930359161e650eed55d25be190f1f94690ff732d902e65849656eb70948d076e58ef11aa7c6ce8b19c066705599627443490185010cb0f319a56e2c10a3f2d755262d815849f0be389911d6271b5127758d759f5fdb653eb9fa582d6ba0ed9f3212227b01d3e207fc209d9b64b1bd11ff1cb3d52e93657456c363919248d24bc08cfb5e132de225d7f70c1e78b4010825fd28b00efb4539b67158fc49dc7f202536e67fcd142c67719b2add99b7159541889908c6db7f2dfb47ce265a9e3540c51525f253c0df8973d452ca6bdd0016781389149fc62366af74876061ea8adbdf3c873fa8ba6bff6adbbc4f038fea2e38b1ac71f", @nested={0xca, 0x70, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @pid=r6}, @generic="de6355b734d1a702dba5bb1a3a2471154ebbfedfd0c6ab5775ae4ad2fa34b8078e36b03a94260ffa41", @nested={0x4, 0x43}, @nested={0x4, 0x110}, @generic="fa4227a6e6ca0bb7bc4f50007fb22c5cbe6d4758024453c3690e529468367e37ff8430e70c031e734b7d92c7ff1249c161544e2f3ac751a43ad575e9bfbda4fb9013f87b860685f1dc341b3f", @generic="1dceca663004773db17d7d7be99d2e94106c84bc8f5846e079316873fb4eec63ff18764fa032cb840f225a007967003ddfb100440d6188827f2f7965c7", @nested={0x4, 0x69}]}, @nested={0x10, 0x3, 0x0, 0x1, [@typed={0x8, 0x8, 0x0, 0x0, @ipv4=@loopback}, @nested={0x4, 0x7ee}]}, @typed={0x8, 0x14c, 0x0, 0x0, @fd=r1}, @typed={0xf2, 0x148, 0x0, 0x0, @binary="63409debb3503d74d820ffe4718c8f608333668d80c6b47c1769018d61ef15416eaa0353781a4231cb252fc2691945f80a7216a33fae5de0ffee98dc78581fb661e40a7e1cecb71aeacf94d3eb6d25206925338a9aec4676d0a1e6654ed0002ffbe38c87d86d01dd1463c2fe8fedfe794c2b5bee6fc7745decaf6845e8856d9f30d04b156508ac5cab350eb2e4ffb37ae72bf646d67b05065e648926ee5b3b6f497709bf0f230a64220383b205e51b4187c99708371f30619be89bc124109a0e25b94fe9467284fbb771a3cfe85994f077c7ec41588728577cd9708b3a69fef2da576f83ed1ca90dde40283df13d"}]}, @MACSEC_ATTR_SA_CONFIG={0x12, 0x3, 0x0, 0x1, [@generic="7c07fb2f4301fe8bf19917441b3b"]}]}, 0x540}, 0x1, 0x0, 0x0, 0xc04c801}, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="b2", 0x1) mmap$auto(0xfffffffffffffffd, 0x8, 0xdc, 0x1ba3d378, 0x2, 0x8008) 9.323798795s ago: executing program 0 (id=291): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x5522, 0xf15) ioctl$auto(r0, 0x5523, r0) syz_clone3(&(0x7f00000004c0)={0xa0120000, &(0x7f0000000180)=0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000240), {0x3}, &(0x7f0000000280)=""/237, 0xed, &(0x7f0000000380)=""/223, &(0x7f0000000480)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x8}, 0x58) process_madvise$auto_MADV_POPULATE_READ(r1, &(0x7f0000000740)={&(0x7f0000000540)="ee0cbbe34ff59435779bde112f11d17cc1814696d429d84dcf4bf5fbd65f3e9f4579e6566c97c3c40793c35f8935bc65ee0e6797be5fef25dcf1f14d856ef92c60d3d3309f", 0x4}, 0x9, 0x16, 0x80) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) bpf$auto(0x6, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0x9, 0x9, 0x80, 0x8, 0x4, 0x1, 0x200, 0x8, 0x401, 0x2, 0xe6, 0x4, 0xc28}, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2062, 0x0) write$auto(r3, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r3, &(0x7f00000005c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) unshare$auto(0x40000080) mmap$auto(0xffffffffffffffff, 0x2000d, 0x8, 0xeb1, 0x404, 0x80000000) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3b) socket(0xa, 0x3, 0x3b) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) socketpair$auto(0x1, 0x1, 0x2a340, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 6.687757079s ago: executing program 0 (id=305): mmap$auto(0x0, 0x400009, 0xdc, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) setresuid$auto(0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r1 = open(0x0, 0x0, 0x408) getdents$auto(r1, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) rseq$auto(0x0, 0x8000, 0x0, 0x8000006) membarrier$auto(0x4, 0x8000000000000000, 0xffffffff) r2 = openat$auto_nsim_udp_tunnels_info_reset_fops_udp_tunnels(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim6/ports/1/udp_ports_reset\x00', 0x24200, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2d, 0x2, 0x0) ioctl$auto(0x3, 0x89e1, 0x91) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r5, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000000)={0x34, r6, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_FLAGS={0x8, 0x4, 0x1}, @HWSIM_ATTR_ADDR_TRANSMITTER={0xa, 0x2, "a060292f83d9"}, @HWSIM_ATTR_COOKIE={0xc}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000041}, 0x800) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)={0x2c, r4, 0x1, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x278e18a297a8387c}, 0x24000802) fcntl$auto_F_WRLCK(r2, 0x3, 0x1) 3.397123549s ago: executing program 1 (id=316): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyy2\x00', 0x100, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x73) pipe2$auto(0x0, 0x0) r1 = io_uring_setup$auto(0x7e1b, 0x0) r2 = socket(0x2, 0x5, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x7ffc) mmap$auto(0x0, 0x202000a, 0x5, 0xeb5, 0xfffffffffffffffa, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r4) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f00000002c0)=ANY=[@ANYRES64=r4, @ANYRESOCT=r0, @ANYRES8=r2, @ANYRESDEC=0x0], 0x34}, 0x1, 0x0, 0x0, 0xc804}, 0x4048005) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40a01, 0x0) ioctl$auto_USBDEVFS_CONTROL(r5, 0xc0185500, 0x0) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x208181, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x3) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f00000001c0)) io_pgetevents$auto(0x4, 0x9, 0xa31f, 0x0, 0x0, 0x0) socket(0x2, 0x2, 0x88) mmap$auto(0x9, 0x402000a, 0x2df, 0xeb1, r1, 0x8000) 3.167695275s ago: executing program 1 (id=318): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x48041, 0x0) (fail_nth: 5) 2.552549711s ago: executing program 1 (id=320): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer\x00', 0x101401, 0x0) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000180)="868d180916c735e093b9861f0bde02ef6484efd1225c2444fcc82c0d59436954f1c5f1868337cc88c0551ac5e2456b2d59f35d15836a45174dd7a65e2b9c11584402a2d233711c1075c65047b196855f291971f6fa05a6ce417e5956bc9c1b3d364815d3f66cf7e1f2579c955b9490f89af6f234d145f17a3830dd2773e81e48dae316b7eedc93a2d3aa1f6e25ae9345a238bb040fbe002bfa003e9067ebdc1eff0c263241c8f40b", 0xa8) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0xb, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5e, 0x80000001, 0x7, 0x2, 0x9ac7, 0x400000001, 0x2]}, 0x0) 2.408351647s ago: executing program 3 (id=321): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) (fail_nth: 7) 2.408155192s ago: executing program 1 (id=322): mmap$auto(0xf000, 0x400009, 0xdc, 0x9b72, 0x2, 0x8000) 2.311137762s ago: executing program 2 (id=323): openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0xf000) 2.279425146s ago: executing program 0 (id=324): mmap$auto(0xf000, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) 1.953475988s ago: executing program 1 (id=325): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/nfs/parameters/nfs_mountpoint_expiry_timeout\x00', 0x80040, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) socket(0xa, 0x5, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x9) ioctl$auto(0xffffffffffffffff, 0x5407, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm1c/sub1/xrun_injection\x00', 0x103040, 0x0) mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x3, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_score\x00', 0x0, 0x0) semctl$auto_IPC_INFO(0x2, 0x8, 0x3, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x100000001) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) msgctl$auto(0x2, 0xec, &(0x7f00000000c0)={{0x1, 0xee00, 0xffffffffffffffff, 0x7ff, 0x0, 0x7ff, 0xff00}, &(0x7f0000000000)=0x80, &(0x7f0000000080)=0x1, 0x0, 0x3, 0x7f, 0x1, 0x1, 0xb33f, 0x7, 0x1, @raw=0x81, @inferred=0xffffffffffffffff}) r3 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xffffffffffffffff, 0xffffffffffbfff22, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000280)=@isdn={0x22, 0x81, 0x3, 0x7f, 0x8}, 0xea84) getsockopt$auto(r3, 0x84, 0x1, 0x0, &(0x7f0000000000)=0x98) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x6, 0x3f, 0x63, r2, 0x0, 0x0, 0x2, 0xfffffffffffffff7, 0x80000000000080a, 0x0, 0x80, 0x9, 0xffffffff80000000, 0x20000000007, 0x6, 0x400002}) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0xe, 0xfffffffffffffffe, 0x100000001, 0x1000, 0x0, 0x0, 0x0, 0xfa98, 0x8, 0x7fffffffffffffff, 0x8000000004, 0x100000007fffffff, 0x5, 0x0, 0x7, 0x3, 0xb}) 1.852570291s ago: executing program 2 (id=326): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyy2\x00', 0x100, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x73) pipe2$auto(0x0, 0x0) r1 = io_uring_setup$auto(0x7e1b, 0x0) r2 = socket(0x2, 0x5, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x7ffc) mmap$auto(0x0, 0x202000a, 0x5, 0xeb5, 0xfffffffffffffffa, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r4) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f00000002c0)=ANY=[@ANYRES64=r4, @ANYRESOCT=r0, @ANYRES8=r2, @ANYRESDEC=0x0], 0x34}, 0x1, 0x0, 0x0, 0xc804}, 0x4048005) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40a01, 0x0) ioctl$auto_USBDEVFS_CONTROL(r5, 0xc0185500, 0x0) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x208181, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x3) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f00000001c0)) io_pgetevents$auto(0x4, 0x9, 0xa31f, 0x0, 0x0, 0x0) socket(0x2, 0x2, 0x88) mmap$auto(0x9, 0x402000a, 0x2df, 0xeb1, r1, 0x8000) 1.852433131s ago: executing program 3 (id=327): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x5, 0x0, 0xa) get_robust_list$auto(0x0, 0x0, 0x0) 1.811254068s ago: executing program 2 (id=328): r0 = socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x2, 0x801, 0x106) memfd_create$auto(&(0x7f0000000100)='\x00', 0xf0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/hugetlb.1GB.rsvd.limit_in_bytes\x00', 0xc2481, 0x0) write$auto(r2, &(0x7f0000000040)='E\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x8) setsockopt$auto(r1, 0x0, 0x8, 0x0, 0x4) getsockopt$auto(r0, 0x0, 0x9, 0x0, 0x0) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mouse0\x00', 0x381502, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x3, 0x6, 0x8c48, 0x29b, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) socket(0x2, 0x3, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2a, 0x2, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sda\x00', 0x48001, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) io_uring_setup$auto(0xa, 0x0) socket(0x1e, 0x1, 0x0) 1.708751202s ago: executing program 0 (id=329): r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) ioperm$auto(0x800000005f4, 0x5ad2, 0xffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0) write$auto(r1, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1000000007e) mremap$auto(0x200000000000, 0x4, 0x4, 0x3, 0x100000000) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f00000000c0)={0x24, r0, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x10, 0x9, 0x0, 0x1, [@typed={0x9, 0x1, 0x0, 0x0, @str='$!.}\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000010}, 0xc050) 1.560126068s ago: executing program 2 (id=330): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/macvlan1/stable_secret\x00', 0x88542, 0x0) 1.500360016s ago: executing program 3 (id=331): msync$auto(0x1ffff0fb, 0x1800000000000fe, 0x400000004) 1.384694359s ago: executing program 2 (id=332): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x40) r0 = fanotify_init$auto(0x5, 0x0) creat$auto(&(0x7f0000000000)='./file0\x00', 0x3ff) fanotify_mark$auto(r0, 0x205, 0xa, 0x4, 0x0) read$auto(0x3, 0x0, 0x87f) close_range$auto(0x2, 0x8, 0x0) 1.224436678s ago: executing program 3 (id=333): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) write$auto(r0, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001) (fail_nth: 2) 1.204891328s ago: executing program 1 (id=334): sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x7, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x5, 0x4, 0xc) prctl$auto(0x349c, 0x1, 0x0, 0x5, 0x7) unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x1002, 0x9, 0x4, 0x200000eb0, 0x401, 0x701cf82a) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r1 = socket(0x10, 0x2, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="c80d1b5d399b71", 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xd, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x100000000003, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0xf, &(0x7f0000000080)={&(0x7f0000000040), 0x81}, 0x3, 0x0, 0x80000000, 0x6}, 0x40009}, 0x7, 0x8, 0x0) r3 = open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) copy_file_range$auto(r3, 0x0, r3, &(0x7f0000000080)=0xeb2f, 0xfffffffffffffffe, 0x0) socket(0xa, 0x80004, 0x7) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(r6, 0x10000000084, 0x23, 0x0, 0x8) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYRESOCT=r0, @ANYRES16=r4, @ANYRES16, @ANYRES32=r7], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) syz_genetlink_get_family_id$auto_tipcv2(0x0, r1) 763.945219ms ago: executing program 2 (id=335): mmap$auto(0x0, 0x400009, 0xdc, 0x9b72, 0x2, 0x8000) readv$auto(0xffffffffffffffff, 0x0, 0x3) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x4a0842, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/ext4/sda1/last_trim_minblks\x00', 0x10b142, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x7111}, 0x8) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000080)={{@inferred=0xffffffffffffffff, 0x7ff, 0xa, 0x2, "26d718b7d3ee69350e4ede7079dcb0c24c8aa1e3c7ee2e00308b8a7d74b0a707f7045e6d035b196ca83379bb", @raw=0x8}, 0xfffffffc, 0x0, 0x2, @inferred, @reserved="7326f7ea4efb676a2bd8b0028f5dbddffaf8676f5de47a4598e270eec64d6b20c8ad2e0e61e586fb3cdcc504e4ff28de3813a975b7d9083a498e7eddfef726c1e534ac4ef3708db961561149bf555b4897b3ae71bdaacceb24dfbe5622cf67b8f1c744244c94a2f1e85d62c51d2a72a088ff4374c7da6c1f4fdec24777565c4a", "18a817f26a5c7f8773b2dbc01ac4bd5359eeadc8357752b72fa176254d8797cdffd02539e383a07983eeddcd24b626f54ad9d763dcdc91a4af8b7c848ceb55a7"}) rmdir$auto(&(0x7f0000000000)='./file0\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) getsockopt$auto_SO_PEERPIDFD(0xffffffffffffffff, 0xb5, 0x4d, &(0x7f00000000c0)='#\x00', &(0x7f0000000100)=0x8001) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) sendfile$auto(r4, r4, 0x0, 0x7ffff000) shmctl$auto(0xa, 0x3, &(0x7f0000000300)={{0x7fffffff, 0xee01, 0xee00, 0x0, 0xd4, 0x83, 0x9cb2}, 0x8, 0xffffffffffff5958, 0x659a0270, 0x7, @inferred, @raw=0xc, 0x6, 0x0, &(0x7f0000000140)="35c6ca969386c382439af0184d9943920af75e0e205f37eb18202fa9392ed9a99ad7a850200e9591b3d54a2eccfeeb676751d21ef2d41911f74f4d73e50e5ae4c5c7c0272f3dee2d23f174b7f5520c3e2ecbd328b9fc8325f59ef5322e37a17144acc7caaaa277623db7112f554ee681a8a2126ac2933a3e958b67a220ac4d472d6603982a889fc67643290f90fa7fd590cf4382ae153598720cd484733dbd17562b72d5f6e243d410cf77977433274f0e3db333fe20046de0c3e7882d0c4ac3cc3d21408575931f1c533f8afa", &(0x7f0000000240)="3391e26f74dc2884233a84765f26bc219bdc6df3b7df4da48e815e409f9bdef26a001f34a0d7fe59753daf121135627699ce9c9b8cfb2f4c440a265fb5b26b9d7637d07e1b678b08dbeade9e6ea9fdf1e93e97b7cc893a3391a36100fc2f715e93c650a8605a2583411a61b207e170531f116c8148454d2bae8d4f44c95673c1001070f81f3d4c3a0436460da601443e18e4cdeecf3681c742"}) r5 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x121001, 0x0) ioctl$auto_UI_SET_MSCBIT(r5, 0x40045568, 0x0) write$auto(r5, &(0x7f00000000c0)=')]..$(\xbc:\x00\x0f\b!\x9b\xe3\a1\xac\xb9Mm\x04\xb7\x88\'\xae\x05\xf3\xeb\xf5\x0fkl\x81\x8bpLY\x80\x17\xa6|x\xbb\x0fy\xb5\x80\x10z\xea\xff\x10\xf5\xa0V\x7f\r\x16\x1dz\xd5\xbd\x81\xceSRY\x98\xf0\xd7a\xf0\xce\xe7\x82\x8b\xaaP/\x11\t-W\xae\b\xe5\x1b\xea\x04\xe1\xce\xbf|', 0x45c) geteuid() wait4$auto(0x0, &(0x7f0000000380)=0x2, 0x6, &(0x7f00000003c0)={{0xfffffffffffff1f1, 0x7ff}, {0x0, 0xfffffffffffffff8}, 0x4d0, 0xf, 0x1, 0x6, 0x6, 0x1, 0xdca, 0x4, 0x10000, 0x6, 0x4fe3, 0x3, 0x1, 0x5}) r6 = timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x3) ioctl$auto(r6, 0x4, 0xffffffffffffffff) lstat$auto(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x3, 0x9, 0x7, 0x3f, 0xee00, 0xee01, 0x0, 0x7fffffff, 0x115, 0x7f, 0x2, 0xd, 0x4, 0x100, 0x8000000000000001, 0x8001, 0x8}) shmctl$auto_IPC_INFO(0x4, 0x3, &(0x7f0000000680)={{0xfff, 0xee00, 0xee00, 0x60, 0x6, 0xfffffff7}, 0x48a, 0x5, 0x1, 0x5, @inferred=0xffffffffffffffff, @raw=0xe0000000, 0x7, 0x0, &(0x7f0000000580)="7706368220011ddc0c949138fa024e10d7581efcbb916212bff232e157b866db871de9c1ee167a6f7604514c699085ff7bf11bafebbe09d169fdb01594940143fc152d23aa01c1c46f657b6581506343a271e0a6a102c7b94be23deafb0881eee4bb85e673842622f317c6e8897e1bd2dd7b6d9cc68f4a0d", &(0x7f0000000600)="3be8c3a9ce03c64994a22a7d172207c920b06710a7a027a1c0f463835ad84315741aeae48fa3084e9a622e0b78ac0784aa7585f192b6162138627dd50c32c36849a07ac7ea02a418d8bea097681459f8507d8f698a8a9699fbe59cbf7a6ad8f63870fcaded793644f2626fc129202af67fdeeb634f9eb9929816e0834a3eb440"}) sendmsg$auto_TIPC_NL_BEARER_ADD(r2, &(0x7f0000002780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000002740)={&(0x7f0000004800)={0x14, r3, 0x0, 0x70bd26, 0x25df5bfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x4048800) 657.969671ms ago: executing program 3 (id=336): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyy2\x00', 0x100, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x73) pipe2$auto(0x0, 0x0) r1 = io_uring_setup$auto(0x7e1b, 0x0) r2 = socket(0x2, 0x5, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x7ffc) mmap$auto(0x0, 0x202000a, 0x5, 0xeb5, 0xfffffffffffffffa, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r4) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f00000002c0)=ANY=[@ANYRES64=r4, @ANYRESOCT=r0, @ANYRES8=r2, @ANYRESDEC=0x0], 0x34}, 0x1, 0x0, 0x0, 0xc804}, 0x4048005) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40a01, 0x0) ioctl$auto_USBDEVFS_CONTROL(r5, 0xc0185500, 0x0) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x208181, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x3) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f00000001c0)) io_pgetevents$auto(0x4, 0x9, 0xa31f, 0x0, 0x0, 0x0) socket(0x2, 0x2, 0x88) mmap$auto(0x9, 0x402000a, 0x2df, 0xeb1, r1, 0x8000) 469.551729ms ago: executing program 3 (id=337): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) adjtimex$auto(0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0403d11, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x200, 0x0, 0x6, @_sigsys={&(0x7f00000000c0)="55eb8df319677f9aebf453b195011dc75b314a6a2de037085459dc03a1ad199752151699faea53575d94e9e2f930abeb4f1cd2fa58eef0e25b15baeca5f900c19f32e51de1ba99fb4f82871232b300"/88, 0x1000, 0x826}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0x969d}, {0x2, 0x6}, 0x8000000000000000, 0xa, 0x8, 0xd11c, 0xb871, 0x6, 0x9ffd, 0x81, 0x4, 0x1000000000f8c5, 0x1000, 0x81, 0xc, 0xd}) mmap$auto(0x0, 0x5, 0x3, 0x14, r2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2a, 0x1, 0x300) socket(0x2a, 0x6, 0x20000) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) 0s ago: executing program 0 (id=338): set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) unshare$auto(0x8000000000000000) socket(0xa, 0x5, 0x0) r0 = socket(0x2, 0x1, 0x106) sendmsg$auto_OVS_VPORT_CMD_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4100}, 0x20000000) setsockopt$auto(r0, 0x6, 0x6, &(0x7f0000000080)='*\x00', 0xe6) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) set_mempolicy$auto(0x5, &(0x7f0000000400)=0xfffffffffffffffd, 0x3b) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto(0xffffffffffffffff, 0x540a, 0x0) select$auto(0x5, &(0x7f0000000280)={[0x5, 0xe89c, 0x1, 0xd7fa, 0x0, 0x81, 0x200, 0x101, 0x0, 0x5, 0x8000000000000001, 0x7, 0x6, 0x400, 0x4, 0x1]}, &(0x7f0000000440)={[0x9, 0x5, 0x0, 0x1000, 0x3, 0x8, 0x8, 0x80000001, 0x5, 0x9, 0x441, 0x100, 0x7f, 0xfffffffffffffff7, 0xffffffffffffffff, 0xb]}, &(0x7f00000004c0)={[0x1, 0x3, 0x8, 0x7, 0x1, 0x3b3d, 0x2, 0x5, 0x8, 0x8000, 0x8, 0x0, 0x3, 0x401, 0x7fffffffffffffff, 0x50a]}, &(0x7f00000001c0)={0x1}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) utime$auto(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)={0xffff, 0xd73}) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) write$auto(r2, &(0x7f0000000300)='j\xc27\b\\\xa1\xe9v*\xb6]ax\x04\xa9O\xb7\x1f\xae\ri\x1e\xe2\x12\x93\xd5\xe1\x17k`\b\xe6H\xd5\xc3\x05o1\xac,\xe0\xfd\xcc*\xb0g\xa6\x93\xd9\xf64d\xf3\xeb\x0ff\xea^\xf9\xc3\xb8\xc0_\xde\x1dE\xae\x82#\x00\x96\xa6w\xf4\xf1\xdd\xd4\xb1\xcez+c\xe4\x98\x1cLWl\xb6$\x1f\xd1\xec\x1dc\x90t%\xd3\x16E\xe2@8\xcfgT\xcb\xdb\xd3', 0xb) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.181' (ED25519) to the list of known hosts. [ 100.627362][ T5816] cgroup: Unknown subsys name 'net' [ 100.780265][ T5816] cgroup: Unknown subsys name 'cpuset' [ 100.789743][ T5816] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 102.178145][ T91] cfg80211: failed to load regulatory.db [ 102.723047][ T5816] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 104.974504][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.974794][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 104.982850][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.991409][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 105.005552][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 105.006010][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 105.014331][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 105.021112][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 105.034260][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 105.034904][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 105.043605][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 105.049775][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 105.064442][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 105.067408][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 105.073717][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 105.080546][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 105.087266][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 105.100647][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 105.111013][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 105.123469][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 105.703201][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 105.732763][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 105.873969][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 105.922444][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 106.051124][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.059137][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.066905][ T5834] bridge_slave_0: entered allmulticast mode [ 106.074381][ T5834] bridge_slave_0: entered promiscuous mode [ 106.083721][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.090963][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.098278][ T5835] bridge_slave_0: entered allmulticast mode [ 106.105632][ T5835] bridge_slave_0: entered promiscuous mode [ 106.128262][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.135504][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.142926][ T5834] bridge_slave_1: entered allmulticast mode [ 106.150394][ T5834] bridge_slave_1: entered promiscuous mode [ 106.158467][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.165613][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.173283][ T5835] bridge_slave_1: entered allmulticast mode [ 106.181007][ T5835] bridge_slave_1: entered promiscuous mode [ 106.271522][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.278979][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.286536][ T5831] bridge_slave_0: entered allmulticast mode [ 106.293851][ T5831] bridge_slave_0: entered promiscuous mode [ 106.316921][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.329534][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.339940][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.347378][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.354600][ T5831] bridge_slave_1: entered allmulticast mode [ 106.362966][ T5831] bridge_slave_1: entered promiscuous mode [ 106.384286][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.396544][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.430610][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.437835][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.445282][ T5833] bridge_slave_0: entered allmulticast mode [ 106.453248][ T5833] bridge_slave_0: entered promiscuous mode [ 106.497499][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.504772][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.512195][ T5833] bridge_slave_1: entered allmulticast mode [ 106.519596][ T5833] bridge_slave_1: entered promiscuous mode [ 106.541959][ T5835] team0: Port device team_slave_0 added [ 106.551682][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.575599][ T5834] team0: Port device team_slave_0 added [ 106.584261][ T5835] team0: Port device team_slave_1 added [ 106.592876][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.623579][ T5834] team0: Port device team_slave_1 added [ 106.667460][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.690091][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.697187][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.723572][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.750776][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.772052][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.779283][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.805984][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.819821][ T5831] team0: Port device team_slave_0 added [ 106.838232][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.845301][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.871881][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.893587][ T5831] team0: Port device team_slave_1 added [ 106.916510][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.923502][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.950245][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.984423][ T5833] team0: Port device team_slave_0 added [ 106.993524][ T5833] team0: Port device team_slave_1 added [ 107.046696][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.053724][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 107.080136][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.127291][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.134380][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 107.161165][ T53] Bluetooth: hci3: command tx timeout [ 107.161259][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.167755][ T5844] Bluetooth: hci2: command tx timeout [ 107.179665][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.189985][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 107.216374][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.226084][ T53] Bluetooth: hci1: command tx timeout [ 107.233328][ T5844] Bluetooth: hci0: command tx timeout [ 107.238819][ T5835] hsr_slave_0: entered promiscuous mode [ 107.240166][ T5835] hsr_slave_1: entered promiscuous mode [ 107.258249][ T5834] hsr_slave_0: entered promiscuous mode [ 107.264723][ T5834] hsr_slave_1: entered promiscuous mode [ 107.271268][ T5834] debugfs: 'hsr0' already exists in 'hsr' [ 107.277291][ T5834] Cannot create hsr debugfs directory [ 107.291942][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.299234][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 107.325599][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.424825][ T5831] hsr_slave_0: entered promiscuous mode [ 107.431377][ T5831] hsr_slave_1: entered promiscuous mode [ 107.437921][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 107.443693][ T5831] Cannot create hsr debugfs directory [ 107.540544][ T5833] hsr_slave_0: entered promiscuous mode [ 107.547280][ T5833] hsr_slave_1: entered promiscuous mode [ 107.553516][ T5833] debugfs: 'hsr0' already exists in 'hsr' [ 107.560188][ T5833] Cannot create hsr debugfs directory [ 107.986824][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 108.002938][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 108.015637][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 108.039004][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 108.114720][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 108.128397][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 108.142587][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 108.158706][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 108.260018][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 108.273288][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 108.290108][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 108.303184][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 108.418953][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 108.437142][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 108.452511][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 108.471688][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 108.522019][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.550522][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.608085][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.628704][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.641120][ T2968] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.648436][ T2968] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.676821][ T2968] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.684077][ T2968] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.694324][ T2968] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.701639][ T2968] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.753256][ T3472] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.760442][ T3472] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.813103][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.901330][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.934540][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.941947][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.962730][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.994044][ T2968] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.001298][ T2968] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.113426][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 109.183887][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.191569][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.219020][ T53] Bluetooth: hci3: command tx timeout [ 109.224590][ T5844] Bluetooth: hci2: command tx timeout [ 109.240537][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.247840][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.300769][ T53] Bluetooth: hci1: command tx timeout [ 109.306473][ T5844] Bluetooth: hci0: command tx timeout [ 109.499107][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.570616][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.665635][ T5834] veth0_vlan: entered promiscuous mode [ 109.678933][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.730439][ T5834] veth1_vlan: entered promiscuous mode [ 109.775014][ T5835] veth0_vlan: entered promiscuous mode [ 109.810392][ T5835] veth1_vlan: entered promiscuous mode [ 109.871513][ T5834] veth0_macvtap: entered promiscuous mode [ 109.880535][ T5833] veth0_vlan: entered promiscuous mode [ 109.894182][ T5834] veth1_macvtap: entered promiscuous mode [ 109.909715][ T5833] veth1_vlan: entered promiscuous mode [ 109.923101][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.975089][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.997245][ T5835] veth0_macvtap: entered promiscuous mode [ 110.011431][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.041739][ T5835] veth1_macvtap: entered promiscuous mode [ 110.067244][ T3472] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.077606][ T3472] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.095039][ T5833] veth0_macvtap: entered promiscuous mode [ 110.104267][ T3472] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.114337][ T3472] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.134036][ T5833] veth1_macvtap: entered promiscuous mode [ 110.168777][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.210345][ T5831] veth0_vlan: entered promiscuous mode [ 110.231429][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.254439][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.299678][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.309390][ T38] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.319892][ T38] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.333918][ T38] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.348841][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.352046][ T5831] veth1_vlan: entered promiscuous mode [ 110.361496][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.379389][ T38] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.393143][ T38] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.412486][ T38] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.423876][ T38] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.442871][ T38] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.495223][ T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.506944][ T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.569313][ T5831] veth0_macvtap: entered promiscuous mode [ 110.621700][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.621778][ T5831] veth1_macvtap: entered promiscuous mode [ 110.630994][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.653533][ T5834] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 110.731029][ T2968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.765994][ T2968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.778664][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.805350][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.872559][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.884132][ T2968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.901232][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.912912][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.915168][ T2968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.941872][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.961084][ T3472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.986924][ T3472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.998570][ T5920] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 111.253379][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.288699][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.295977][ T5844] Bluetooth: hci3: command tx timeout [ 111.301574][ T53] Bluetooth: hci2: command tx timeout [ 111.376439][ T5844] Bluetooth: hci0: command tx timeout [ 111.382383][ T53] Bluetooth: hci1: command tx timeout [ 111.419203][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.437322][ T5929] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.453165][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.993262][ T5926] tipc: Started in network mode [ 112.009874][ T5926] tipc: Node identity ee00, cluster identity 4711 [ 112.036856][ T5926] tipc: Node number set to 60928 [ 112.086016][ T5944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 112.142673][ T5944] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 112.163342][ T5944] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 112.182524][ T5944] page_type: f5(slab) [ 112.191129][ T5944] raw: 00fff00000000040 ffff88801c282640 dead000000000100 dead000000000122 [ 112.201315][ T5944] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 112.252337][ T5944] head: 00fff00000000040 ffff88801c282640 dead000000000100 dead000000000122 [ 112.290609][ T5944] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 112.315867][ T5944] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 112.345510][ T5944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 112.381382][ T5944] page dumped because: unmovable page [ 112.416844][ T5944] page_owner tracks the page as allocated [ 112.431841][ T5944] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5207, tgid 5207 (udevd), ts 47621106408, free_ts 37736314759 [ 112.484252][ T5944] post_alloc_hook+0x1af/0x220 [ 112.509696][ T5944] get_page_from_freelist+0xd0b/0x31a0 [ 112.515260][ T5944] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 112.524644][ T5944] alloc_pages_mpol+0x1fb/0x550 [ 112.539501][ T5944] new_slab+0x2c3/0x430 [ 112.547644][ T5944] ___slab_alloc+0xe18/0x1c90 [ 112.566472][ T5944] __slab_alloc.constprop.0+0x63/0x110 [ 112.573998][ T5944] kmem_cache_alloc_noprof+0x44d/0x770 [ 112.585968][ T5944] getname_flags.part.0+0x4c/0x550 [ 112.595944][ T5944] getname_flags+0x93/0xf0 [ 112.605873][ T5944] vfs_fstatat+0xe1/0xf0 [ 112.614758][ T5944] __do_sys_newfstatat+0x97/0x120 [ 112.652162][ T5944] do_syscall_64+0xcd/0xf80 [ 112.696384][ T5944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.718045][ T5944] page last free pid 1 tgid 1 stack trace: [ 112.723929][ T5944] __free_frozen_pages+0x7df/0x1170 [ 112.729370][ T5944] free_contig_range+0x183/0x4a0 [ 112.734392][ T5944] destroy_args+0xb95/0x14e0 [ 112.746330][ T5959] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 112.775826][ T5944] debug_vm_pgtable+0x2220/0x38d0 [ 112.781008][ T5944] do_one_initcall+0x123/0x680 [ 112.789522][ T5944] kernel_init_freeable+0x5c8/0x920 [ 112.794812][ T5944] kernel_init+0x1c/0x2b0 [ 112.845901][ T5944] ret_from_fork+0x983/0xb10 [ 112.874666][ T5944] ret_from_fork_asm+0x1a/0x30 [ 113.375975][ T5844] Bluetooth: hci3: command tx timeout [ 113.376734][ T53] Bluetooth: hci2: command tx timeout [ 113.456569][ T53] Bluetooth: hci1: command tx timeout [ 113.456784][ T5844] Bluetooth: hci0: command tx timeout [ 113.598897][ T5949] syz.0.9 (5949) used greatest stack depth: 19688 bytes left [ 114.178623][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.186463][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.188029][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.636251][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.666122][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.676089][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.708406][ T5988] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 114.737361][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 115.361172][ T6003] netlink: 'syz.0.18': attribute type 1 has an invalid length. [ 116.576306][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 116.670252][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.846262][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 117.969107][ T6032] __vm_enough_memory: pid: 6032, comm: syz.1.23, bytes: 8589938688 not enough memory for the allocation [ 117.991336][ T6038] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 118.079140][ T6034] bridge_slave_1: left allmulticast mode [ 118.084904][ T6034] bridge_slave_1: left promiscuous mode [ 118.102934][ T6034] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.287548][ T6046] Invalid ELF header magic: != ELF [ 118.325623][ T6042] zswap: compressor not available [ 118.577502][ T5844] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 118.577545][ T5844] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 118.592751][ T5844] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 118.632757][ T6057] FAULT_INJECTION: forcing a failure. [ 118.632757][ T6057] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 118.706354][ T6057] CPU: 0 UID: 0 PID: 6057 Comm: syz.1.30 Not tainted syzkaller #0 PREEMPT(full) [ 118.706403][ T6057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 118.706431][ T6057] Call Trace: [ 118.706443][ T6057] [ 118.706458][ T6057] dump_stack_lvl+0x16c/0x1f0 [ 118.706516][ T6057] should_fail_ex+0x512/0x640 [ 118.706562][ T6057] should_fail_alloc_page+0xe7/0x130 [ 118.706622][ T6057] prepare_alloc_pages+0x401/0x670 [ 118.706676][ T6057] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 118.706736][ T6057] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 118.706782][ T6057] ? find_held_lock+0x2b/0x80 [ 118.706833][ T6057] ? finish_fault+0xb37/0x13e0 [ 118.706897][ T6057] ? finish_fault+0x885/0x13e0 [ 118.706951][ T6057] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 118.707012][ T6057] ? folio_unlock+0x7d/0xd0 [ 118.707062][ T6057] ? do_fault+0x6bc/0x1ad0 [ 118.707121][ T6057] ? __pfx_filemap_map_pages+0x10/0x10 [ 118.707170][ T6057] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 118.707226][ T6057] ? policy_nodemask+0xea/0x4e0 [ 118.707286][ T6057] alloc_pages_mpol+0x1fb/0x550 [ 118.707347][ T6057] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 118.707413][ T6057] folio_alloc_mpol_noprof+0x36/0x2f0 [ 118.707450][ T6057] shmem_alloc_folio+0x135/0x160 [ 118.707503][ T6057] shmem_alloc_and_add_folio+0x494/0xc20 [ 118.707556][ T6057] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 118.707598][ T6057] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 118.707651][ T6057] shmem_get_folio_gfp+0x67f/0x1610 [ 118.707704][ T6057] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 118.707747][ T6057] ? fault_in_readable+0x132/0x1d0 [ 118.707801][ T6057] shmem_write_begin+0x1a4/0x3b0 [ 118.707842][ T6057] ? __pfx_shmem_write_begin+0x10/0x10 [ 118.707883][ T6057] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 118.707941][ T6057] generic_perform_write+0x3c4/0x900 [ 118.708016][ T6057] ? __pfx_generic_perform_write+0x10/0x10 [ 118.708083][ T6057] ? file_update_time_flags+0x35c/0x520 [ 118.708134][ T6057] shmem_file_write_iter+0x10e/0x140 [ 118.708185][ T6057] vfs_write+0x7d3/0x11d0 [ 118.708240][ T6057] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 118.708297][ T6057] ? __pfx_vfs_write+0x10/0x10 [ 118.708378][ T6057] ksys_write+0x12a/0x250 [ 118.708427][ T6057] ? __pfx_ksys_write+0x10/0x10 [ 118.708492][ T6057] do_syscall_64+0xcd/0xf80 [ 118.708551][ T6057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.708586][ T6057] RIP: 0033:0x7ff9a4d8f7c9 [ 118.708621][ T6057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.708659][ T6057] RSP: 002b:00007ff9a5c8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 118.708692][ T6057] RAX: ffffffffffffffda RBX: 00007ff9a4fe5fa0 RCX: 00007ff9a4d8f7c9 [ 118.708715][ T6057] RDX: 000000100000a3d9 RSI: 0000000000000000 RDI: 0000000000000008 [ 118.708739][ T6057] RBP: 00007ff9a4e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 118.708760][ T6057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.708779][ T6057] R13: 00007ff9a4fe6038 R14: 00007ff9a4fe5fa0 R15: 00007ffc5e9e4c38 [ 118.708826][ T6057] [ 119.341601][ T6057] zram0: detected capacity change from 0 to 8 [ 120.417923][ T6079] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 120.424244][ T6079] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 120.454199][ T6079] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 120.468428][ T6079] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 120.476564][ T6079] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 120.489078][ T6079] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 120.498645][ T6079] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 120.512135][ T6079] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 120.612526][ T6079] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 120.652371][ T6079] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 120.676765][ T6079] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 120.724173][ T6079] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 120.946250][ T6089] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 121.171024][ T6094] netlink: 12 bytes leftover after parsing attributes in process `syz.1.37'. [ 121.688235][ T6103] futex_wake_op: syz.1.38 tries to shift op by -2048; fix this program [ 121.700677][ T6103] futex_wake_op: syz.1.38 tries to shift op by -2048; fix this program [ 121.740839][ T6103] 0x000000000001-0x000000020000 : "" [ 121.814638][ T6103] ftl_cs: FTL header corrupt! [ 121.827189][ T6090] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 122.118357][ T6095] block2mtd: illegal erase size [ 122.496294][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 122.496302][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 122.585449][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout [ 122.664912][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 122.718365][ T6120] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 124.480082][ T6155] process 'syz.1.48' launched '/dev/fd/7' with NULL argv: empty string added [ 124.580285][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 124.592485][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 124.655929][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 124.741777][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 125.285541][ T6166] netlink: 'syz.0.50': attribute type 2 has an invalid length. [ 126.656232][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 126.662354][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.736013][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 126.815874][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 128.661876][ T6233] syz.1.66 uses obsolete (PF_INET,SOCK_PACKET) [ 128.685657][ T6233] sd 0:0:1:0: PR command failed: 1026 [ 128.691508][ T6233] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 128.698845][ T6233] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 129.494074][ T6250] zswap: compressor not available [ 129.671192][ T6263] FAULT_INJECTION: forcing a failure. [ 129.671192][ T6263] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 129.715436][ T6263] CPU: 0 UID: 0 PID: 6263 Comm: syz.2.72 Not tainted syzkaller #0 PREEMPT(full) [ 129.715482][ T6263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 129.715503][ T6263] Call Trace: [ 129.715514][ T6263] [ 129.715535][ T6263] dump_stack_lvl+0x16c/0x1f0 [ 129.715592][ T6263] should_fail_ex+0x512/0x640 [ 129.715635][ T6263] should_fail_alloc_page+0xe7/0x130 [ 129.715690][ T6263] prepare_alloc_pages+0x401/0x670 [ 129.715755][ T6263] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 129.715796][ T6263] ? stack_trace_save+0x8e/0xc0 [ 129.715845][ T6263] ? __pfx_stack_trace_save+0x10/0x10 [ 129.715904][ T6263] ? rcu_is_watching+0x12/0xc0 [ 129.715953][ T6263] ? stack_depot_save_flags+0x29/0x9b0 [ 129.715999][ T6263] ? kasan_save_stack+0x42/0x60 [ 129.716041][ T6263] ? kasan_save_stack+0x33/0x60 [ 129.716082][ T6263] ? kasan_save_track+0x14/0x30 [ 129.716128][ T6263] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 129.716170][ T6263] ? move_page_tables+0x32a9/0x4380 [ 129.716209][ T6263] ? move_vma+0x545/0x1790 [ 129.716245][ T6263] ? do_mremap+0x13a8/0x2020 [ 129.716280][ T6263] ? __do_sys_mremap+0x119/0x170 [ 129.716316][ T6263] ? do_syscall_64+0xcd/0xf80 [ 129.716364][ T6263] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.716419][ T6263] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 129.716475][ T6263] ? policy_nodemask+0xea/0x4e0 [ 129.716531][ T6263] alloc_pages_mpol+0x1fb/0x550 [ 129.716584][ T6263] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 129.716648][ T6263] alloc_pages_noprof+0x131/0x390 [ 129.716701][ T6263] pte_alloc_one+0x1e/0x3d0 [ 129.716750][ T6263] __pte_alloc+0x6d/0x3f0 [ 129.716796][ T6263] ? __pfx___pte_alloc+0x10/0x10 [ 129.716844][ T6263] ? _raw_spin_unlock+0x28/0x50 [ 129.716893][ T6263] ? __pmd_alloc+0x6aa/0x9c0 [ 129.716948][ T6263] move_page_tables+0x2c0a/0x4380 [ 129.716999][ T6263] ? __pfx_copy_vma+0x10/0x10 [ 129.717047][ T6263] ? __pfx_move_page_tables+0x10/0x10 [ 129.717103][ T6263] ? kvm_sched_clock_read+0x11/0x20 [ 129.717149][ T6263] ? sched_clock+0x38/0x60 [ 129.717209][ T6263] copy_vma_and_data+0x24e/0x790 [ 129.717253][ T6263] ? __pfx_copy_vma_and_data+0x10/0x10 [ 129.717310][ T6263] ? find_held_lock+0x2b/0x80 [ 129.717355][ T6263] ? move_vma+0x533/0x1790 [ 129.717391][ T6263] ? __vm_enough_memory+0x184/0x3f0 [ 129.717448][ T6263] move_vma+0x545/0x1790 [ 129.717496][ T6263] ? __pfx_move_vma+0x10/0x10 [ 129.717540][ T6263] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 129.717594][ T6263] ? cap_mmap_addr+0x4b/0x120 [ 129.717623][ T6263] ? bpf_lsm_mmap_addr+0x9/0x10 [ 129.717662][ T6263] ? security_mmap_addr+0x6c/0x1e0 [ 129.717704][ T6263] ? __get_unmapped_area+0x267/0x3f0 [ 129.717758][ T6263] ? vrm_set_new_addr+0x208/0x290 [ 129.717801][ T6263] mremap_to+0x1b7/0x450 [ 129.717843][ T6263] do_mremap+0x13a8/0x2020 [ 129.717892][ T6263] ? futex_private_hash_put+0x110/0x1b0 [ 129.717939][ T6263] ? __pfx_do_mremap+0x10/0x10 [ 129.717975][ T6263] ? __pfx_futex_wake+0x10/0x10 [ 129.718029][ T6263] ? ksys_write+0x190/0x250 [ 129.718088][ T6263] __do_sys_mremap+0x119/0x170 [ 129.718124][ T6263] ? __pfx___do_sys_mremap+0x10/0x10 [ 129.718176][ T6263] ? __x64_sys_futex+0x1e0/0x4c0 [ 129.718236][ T6263] do_syscall_64+0xcd/0xf80 [ 129.718291][ T6263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.718326][ T6263] RIP: 0033:0x7ff17b18f7c9 [ 129.718352][ T6263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.718384][ T6263] RSP: 002b:00007ff1793cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 129.718415][ T6263] RAX: ffffffffffffffda RBX: 00007ff17b3e6090 RCX: 00007ff17b18f7c9 [ 129.718437][ T6263] RDX: 0000000000000004 RSI: 0000000000000002 RDI: 0000200000000000 [ 129.718458][ T6263] RBP: 00007ff17b213f91 R08: 0000000100000000 R09: 0000000000000000 [ 129.718478][ T6263] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 129.718498][ T6263] R13: 00007ff17b3e6128 R14: 00007ff17b3e6090 R15: 00007ffc436a79d8 [ 129.718541][ T6263] [ 130.274344][ T6255] __vm_enough_memory: pid: 6255, comm: syz.3.70, bytes: 4398046511104 not enough memory for the allocation [ 130.619947][ T6269] bridge0: port 2(batadv0) entered blocking state [ 130.636035][ T6269] bridge0: port 2(batadv0) entered disabled state [ 130.652597][ T6269] batadv0: entered allmulticast mode [ 130.667058][ T6269] batadv0: entered promiscuous mode [ 130.685519][ T6271] binder: 6270:6271 ioctl c018620c 0 returned -1 [ 130.686835][ T6269] bridge0: port 2(batadv0) entered blocking state [ 130.698562][ T6269] bridge0: port 2(batadv0) entered forwarding state [ 130.710842][ T6271] Zero length message leads to an empty skb [ 131.194979][ T6211] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 131.204614][ T6211] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 131.352468][ T6276] zswap: compressor not available [ 131.681469][ T6273] netlink: 'syz.0.76': attribute type 1 has an invalid length. [ 132.362490][ T6304] netlink: 8 bytes leftover after parsing attributes in process `syz.1.82'. [ 132.653550][ T6311] FAULT_INJECTION: forcing a failure. [ 132.653550][ T6311] name failslab, interval 1, probability 0, space 0, times 1 [ 132.726591][ T6311] CPU: 0 UID: 0 PID: 6311 Comm: syz.3.85 Not tainted syzkaller #0 PREEMPT(full) [ 132.726633][ T6311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 132.726660][ T6311] Call Trace: [ 132.726670][ T6311] [ 132.726682][ T6311] dump_stack_lvl+0x16c/0x1f0 [ 132.726731][ T6311] should_fail_ex+0x512/0x640 [ 132.726756][ T6311] ? fs_reclaim_acquire+0xae/0x150 [ 132.726796][ T6311] should_failslab+0xc2/0x120 [ 132.726833][ T6311] __kmalloc_noprof+0xeb/0x910 [ 132.726858][ T6311] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 132.726897][ T6311] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 132.726929][ T6311] tomoyo_realpath_from_path+0xc2/0x6e0 [ 132.726965][ T6311] ? tomoyo_profile+0x47/0x60 [ 132.727003][ T6311] tomoyo_path_number_perm+0x245/0x580 [ 132.727029][ T6311] ? tomoyo_path_number_perm+0x237/0x580 [ 132.727059][ T6311] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 132.727088][ T6311] ? find_held_lock+0x2b/0x80 [ 132.727145][ T6311] ? hook_file_ioctl_common+0x144/0x410 [ 132.727186][ T6311] security_file_ioctl+0x9b/0x240 [ 132.727216][ T6311] __x64_sys_ioctl+0xb7/0x210 [ 132.727247][ T6311] do_syscall_64+0xcd/0xf80 [ 132.727285][ T6311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.727309][ T6311] RIP: 0033:0x7f228498f7c9 [ 132.727327][ T6311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.727349][ T6311] RSP: 002b:00007f22857d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 132.727369][ T6311] RAX: ffffffffffffffda RBX: 00007f2284be5fa0 RCX: 00007f228498f7c9 [ 132.727384][ T6311] RDX: 0000000000000000 RSI: 00000000c018620c RDI: 000000000000000a [ 132.727398][ T6311] RBP: 00007f22857d0090 R08: 0000000000000000 R09: 0000000000000000 [ 132.727411][ T6311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 132.727424][ T6311] R13: 00007f2284be6038 R14: 00007f2284be5fa0 R15: 00007ffcca5b0a48 [ 132.727454][ T6311] [ 132.727463][ T6311] ERROR: Out of memory at tomoyo_realpath_from_path. [ 132.956359][ T6311] binder: 6310:6311 ioctl c018620c 0 returned -1 [ 133.366378][ T6318] binder: 6315:6318 ioctl c018620c 0 returned -1 [ 133.461577][ T53] block nbd0: Receive control failed (result -107) [ 133.546974][ T6324] nbd0: detected capacity change from 0 to 137438953472 [ 133.557829][ T5821] block nbd0: Dead connection, failed to find a fallback [ 133.565075][ T5821] block nbd0: shutting down sockets [ 133.646022][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 133.690907][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 133.726174][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 133.735732][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 133.807151][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 133.855842][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 133.863731][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 133.909251][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 133.917368][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 133.927061][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 133.935262][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 133.949345][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 133.958036][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 133.960856][ T6331] netlink: 28 bytes leftover after parsing attributes in process `syz.3.87'. [ 134.017026][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 134.056150][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 134.104243][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 134.156016][ T5821] ldm_validate_partition_table(): Disk read failed. [ 134.165930][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 134.212273][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 134.241878][ T5821] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 134.287562][ T5821] Buffer I/O error on dev nbd0, logical block 0, async page read [ 134.331913][ T5821] Dev nbd0: unable to read RDB block 0 [ 134.359017][ T5821] nbd0: unable to read partition table [ 134.416943][ T5821] ldm_validate_partition_table(): Disk read failed. [ 134.438256][ T6333] zswap: compressor not available [ 134.446009][ T5821] Dev nbd0: unable to read RDB block 0 [ 134.486164][ T5821] nbd0: unable to read partition table [ 136.452233][ T30] audit: type=1800 audit(1765906004.984:2): pid=6364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.92" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 136.771085][ T6380] binder: 6379:6380 ioctl c018620c 0 returned -1 [ 136.868074][ T6382] netlink: 12 bytes leftover after parsing attributes in process `syz.3.93'. [ 137.585177][ T6396] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 138.405010][ T6406] zswap: compressor not available [ 139.000591][ T6412] tipc: Can't bind to reserved service type 0 [ 139.037664][ T6406] could not allocate digest TFM handle [ 140.720351][ T6451] netlink: 330 bytes leftover after parsing attributes in process `syz.2.108'. [ 140.812234][ T6449] bond0: option all_slaves_active: invalid value () [ 142.969582][ T6496] zram: Cannot change disksize for initialized device [ 143.144539][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.156554][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.348186][ T6520] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 144.962610][ T6526] vhci_hcd: not connected 4 [ 146.989351][ T6582] blkio.reset_stats is deprecated [ 147.028853][ T6581] FAULT_INJECTION: forcing a failure. [ 147.028853][ T6581] name failslab, interval 1, probability 0, space 0, times 0 [ 147.072329][ T6581] CPU: 1 UID: 0 PID: 6581 Comm: syz.3.134 Not tainted syzkaller #0 PREEMPT(full) [ 147.072375][ T6581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 147.072395][ T6581] Call Trace: [ 147.072407][ T6581] [ 147.072432][ T6581] dump_stack_lvl+0x16c/0x1f0 [ 147.072490][ T6581] should_fail_ex+0x512/0x640 [ 147.072535][ T6581] should_failslab+0xc2/0x120 [ 147.072588][ T6581] kmem_cache_alloc_noprof+0x83/0x770 [ 147.072628][ T6581] ? find_held_lock+0x2b/0x80 [ 147.072670][ T6581] ? __inet_bhash2_update_saddr+0x1ba/0x18d0 [ 147.072722][ T6581] ? __inet_bhash2_update_saddr+0x1ba/0x18d0 [ 147.072765][ T6581] __inet_bhash2_update_saddr+0x1ba/0x18d0 [ 147.072830][ T6581] tcp_v4_connect+0x1546/0x1c10 [ 147.072883][ T6581] ? __pfx_tcp_v4_connect+0x10/0x10 [ 147.072924][ T6581] ? __local_bh_enable_ip+0xa4/0x120 [ 147.072978][ T6581] mptcp_connect+0x4b5/0xae0 [ 147.073021][ T6581] __inet_stream_connect+0x915/0xf50 [ 147.073072][ T6581] ? __pfx___inet_stream_connect+0x10/0x10 [ 147.073113][ T6581] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 147.073157][ T6581] ? __pfx_inet_stream_connect+0x10/0x10 [ 147.073199][ T6581] ? __local_bh_enable_ip+0xa4/0x120 [ 147.073251][ T6581] ? __pfx_inet_stream_connect+0x10/0x10 [ 147.073287][ T6581] inet_stream_connect+0x57/0xa0 [ 147.073326][ T6581] __sys_connect_file+0x141/0x1a0 [ 147.073369][ T6581] __sys_connect+0x13b/0x160 [ 147.073405][ T6581] ? __pfx___sys_connect+0x10/0x10 [ 147.073466][ T6581] ? xfd_validate_state+0x61/0x180 [ 147.073509][ T6581] __x64_sys_connect+0x72/0xb0 [ 147.073543][ T6581] ? lockdep_hardirqs_on+0x7c/0x110 [ 147.073592][ T6581] do_syscall_64+0xcd/0xf80 [ 147.073645][ T6581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.073678][ T6581] RIP: 0033:0x7f228498f7c9 [ 147.073703][ T6581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.073735][ T6581] RSP: 002b:00007f22857d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 147.073766][ T6581] RAX: ffffffffffffffda RBX: 00007f2284be5fa0 RCX: 00007f228498f7c9 [ 147.073787][ T6581] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 147.073807][ T6581] RBP: 00007f2284a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 147.073827][ T6581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.073846][ T6581] R13: 00007f2284be6038 R14: 00007f2284be5fa0 R15: 00007ffcca5b0a48 [ 147.073891][ T6581] [ 148.449927][ T6610] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 148.899973][ T6616] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 150.362275][ T6605] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 151.156442][ T6643] binder: 6642:6643 ioctl c018620c 0 returned -1 [ 155.223812][ T6697] netlink: 'syz.2.156': attribute type 1 has an invalid length. [ 155.304270][ T6697] netlink: 322 bytes leftover after parsing attributes in process `syz.2.156'. [ 155.461056][ T6697] netlink: 'syz.2.156': attribute type 1 has an invalid length. [ 155.606946][ T6697] netlink: 322 bytes leftover after parsing attributes in process `syz.2.156'. [ 156.363648][ T6700] zswap: compressor ûW–îë“;Å0못„?u=8å}Öƒ•L­Ö(£E‘¤¤Ö¹‰jj–8+ÕÄxp¥—Èœ‹ŒNkR³¦°¤uoêÇo‹ÿ¬<µSÔH ¾}ïEd }¡ìöP¢…8a [ 162.026173][ T6752] dump_stack_lvl+0x16c/0x1f0 [ 162.026239][ T6752] should_fail_ex+0x512/0x640 [ 162.026283][ T6752] should_failslab+0xc2/0x120 [ 162.026337][ T6752] kmem_cache_alloc_node_noprof+0x86/0x800 [ 162.026381][ T6752] ? zswap_store+0x850/0x2800 [ 162.026425][ T6752] ? zswap_store+0x850/0x2800 [ 162.026459][ T6752] zswap_store+0x850/0x2800 [ 162.026512][ T6752] ? __pfx_zswap_store+0x10/0x10 [ 162.026551][ T6752] ? folio_free_swap+0x229/0x740 [ 162.026604][ T6752] ? do_raw_spin_unlock+0x172/0x230 [ 162.026646][ T6752] ? _raw_spin_unlock+0x28/0x50 [ 162.026690][ T6752] ? folio_free_swap+0x285/0x740 [ 162.026740][ T6752] ? __pfx_try_to_unmap+0x10/0x10 [ 162.026783][ T6752] swap_writeout+0x3f4/0x1090 [ 162.026830][ T6752] shrink_folio_list+0x3f0a/0x4bc0 [ 162.026879][ T6752] ? __pfx_shrink_folio_list+0x10/0x10 [ 162.026922][ T6752] ? debug_check_no_obj_freed+0x31f/0x600 [ 162.026995][ T6752] ? __lock_acquire+0x436/0x2890 [ 162.027060][ T6752] ? mark_held_locks+0x49/0x80 [ 162.027092][ T6752] ? smp_call_function_many_cond+0x120f/0x15e0 [ 162.027149][ T6752] ? lockdep_hardirqs_on+0x7c/0x110 [ 162.027211][ T6752] ? __pfx_flush_tlb_func+0x10/0x10 [ 162.027252][ T6752] reclaim_folio_list+0xda/0x5a0 [ 162.027291][ T6752] ? __pfx_reclaim_folio_list+0x10/0x10 [ 162.027353][ T6752] ? do_raw_spin_lock+0x12c/0x2b0 [ 162.027393][ T6752] ? lru_gen_del_folio+0x32b/0x540 [ 162.027451][ T6752] reclaim_pages+0x3ec/0x570 [ 162.027490][ T6752] ? __pfx_reclaim_pages+0x10/0x10 [ 162.027523][ T6752] ? find_held_lock+0x2b/0x80 [ 162.027569][ T6752] ? madvise_cold_or_pageout_pte_range+0x739/0x2100 [ 162.027636][ T6752] madvise_cold_or_pageout_pte_range+0x1624/0x2100 [ 162.027714][ T6752] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 162.027774][ T6752] ? debug_check_no_obj_freed+0x31f/0x600 [ 162.027842][ T6752] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 162.027905][ T6752] walk_pgd_range+0xc10/0x1f80 [ 162.027956][ T6752] ? do_raw_spin_unlock+0x172/0x230 [ 162.028014][ T6752] ? __pfx_walk_pgd_range+0x10/0x10 [ 162.028062][ T6752] ? folios_put_refs+0x51d/0x750 [ 162.028108][ T6752] __walk_page_range+0x163/0x820 [ 162.028171][ T6752] walk_page_range_vma_unsafe+0x23f/0x9e0 [ 162.028233][ T6752] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 162.028288][ T6752] ? find_held_lock+0x2b/0x80 [ 162.028334][ T6752] ? mlock_drain_local+0x22d/0x4e0 [ 162.028381][ T6752] walk_page_range_vma+0x63/0x90 [ 162.028428][ T6752] madvise_pageout+0x257/0x540 [ 162.028482][ T6752] ? __pfx_madvise_pageout+0x10/0x10 [ 162.028553][ T6752] ? mtree_range_walk+0x718/0xc00 [ 162.028608][ T6752] madvise_vma_behavior+0x912/0x29e0 [ 162.028646][ T6752] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 162.028682][ T6752] ? __pfx_mt_find+0x10/0x10 [ 162.028722][ T6752] ? find_vma_prev+0xd3/0x150 [ 162.028781][ T6752] ? find_vma+0xbf/0x140 [ 162.028823][ T6752] ? __pfx_find_vma+0x10/0x10 [ 162.028867][ T6752] ? preempt_schedule_common+0x44/0xc0 [ 162.028921][ T6752] madvise_walk_vmas+0x31f/0xac0 [ 162.028959][ T6752] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 162.029004][ T6752] madvise_do_behavior+0x1e2/0x530 [ 162.029034][ T6752] ? futex_private_hash_put+0x160/0x1b0 [ 162.029071][ T6752] ? __pfx_madvise_do_behavior+0x10/0x10 [ 162.029106][ T6752] ? down_read+0x13d/0x460 [ 162.029156][ T6752] do_madvise+0x176/0x240 [ 162.029194][ T6752] ? __pfx_do_madvise+0x10/0x10 [ 162.029224][ T6752] ? do_futex+0x122/0x350 [ 162.029290][ T6752] ? xfd_validate_state+0x61/0x180 [ 162.029329][ T6752] __x64_sys_madvise+0xa9/0x110 [ 162.029360][ T6752] ? lockdep_hardirqs_on+0x7c/0x110 [ 162.029409][ T6752] do_syscall_64+0xcd/0xf80 [ 162.029463][ T6752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.029496][ T6752] RIP: 0033:0x7ff17b18f7c9 [ 162.029525][ T6752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.029558][ T6752] RSP: 002b:00007ff1793cd038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 162.029590][ T6752] RAX: ffffffffffffffda RBX: 00007ff17b3e6090 RCX: 00007ff17b18f7c9 [ 162.029611][ T6752] RDX: 0000000000000015 RSI: ffffffffffff0001 RDI: 0000000000000000 [ 162.029632][ T6752] RBP: 00007ff17b213f91 R08: 0000000000000000 R09: 0000000000000000 [ 162.029652][ T6752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 162.029672][ T6752] R13: 00007ff17b3e6128 R14: 00007ff17b3e6090 R15: 00007ffc436a79d8 [ 162.029716][ T6752] [ 163.182408][ T6764] openvswitch: netlink: Key type 1539 is out of range max 32 [ 163.493782][ T6764] nfs: Unknown parameter 'w¾Ã`_…à‚ûÏI+;ýá ÑöHYø º†»·«ÏLuõ>>ËÕuh*àéC<+ °ðÀÛ' [ 165.785493][ T6790] vhci_hcd vhci_hcd.0: invalid port number 16 [ 166.890008][ T6805] binder: 6802:6805 ioctl c018620c 0 returned -1 [ 167.574994][ T6813] FAULT_INJECTION: forcing a failure. [ 167.574994][ T6813] name failslab, interval 1, probability 0, space 0, times 0 [ 167.610281][ T6813] CPU: 0 UID: 0 PID: 6813 Comm: syz.2.190 Not tainted syzkaller #0 PREEMPT(full) [ 167.610319][ T6813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 167.610335][ T6813] Call Trace: [ 167.610343][ T6813] [ 167.610354][ T6813] dump_stack_lvl+0x16c/0x1f0 [ 167.610399][ T6813] should_fail_ex+0x512/0x640 [ 167.610428][ T6813] ? fs_reclaim_acquire+0xae/0x150 [ 167.610482][ T6813] should_failslab+0xc2/0x120 [ 167.610525][ T6813] __kmalloc_noprof+0xeb/0x910 [ 167.610554][ T6813] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 167.610599][ T6813] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 167.610714][ T6813] tomoyo_realpath_from_path+0xc2/0x6e0 [ 167.610757][ T6813] ? tomoyo_profile+0x47/0x60 [ 167.610810][ T6813] tomoyo_path_number_perm+0x245/0x580 [ 167.610840][ T6813] ? tomoyo_path_number_perm+0x237/0x580 [ 167.610878][ T6813] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 167.610909][ T6813] ? futex_wake+0x1ad/0x530 [ 167.610975][ T6813] ? find_held_lock+0x2b/0x80 [ 167.611010][ T6813] ? hook_file_ioctl_common+0x144/0x410 [ 167.611049][ T6813] ? __fget_files+0x20e/0x3c0 [ 167.611094][ T6813] security_file_ioctl+0x9b/0x240 [ 167.611128][ T6813] __x64_sys_ioctl+0xb7/0x210 [ 167.611163][ T6813] do_syscall_64+0xcd/0xf80 [ 167.611208][ T6813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.611236][ T6813] RIP: 0033:0x7ff17b18f7c9 [ 167.611258][ T6813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.611284][ T6813] RSP: 002b:00007ff1793ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 167.611308][ T6813] RAX: ffffffffffffffda RBX: 00007ff17b3e5fa0 RCX: 00007ff17b18f7c9 [ 167.611326][ T6813] RDX: 0000000000000000 RSI: 0000000000007005 RDI: 0000000000000007 [ 167.611342][ T6813] RBP: 00007ff17b213f91 R08: 0000000000000000 R09: 0000000000000000 [ 167.611359][ T6813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.611374][ T6813] R13: 00007ff17b3e6038 R14: 00007ff17b3e5fa0 R15: 00007ffc436a79d8 [ 167.611409][ T6813] [ 167.611420][ T6813] ERROR: Out of memory at tomoyo_realpath_from_path. [ 168.029286][ T6815] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 168.114006][ T6815] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 168.163881][ T6815] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 168.238320][ T6815] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 168.974902][ T6828] FAULT_INJECTION: forcing a failure. [ 168.974902][ T6828] name failslab, interval 1, probability 0, space 0, times 0 [ 169.073126][ T6828] CPU: 0 UID: 0 PID: 6828 Comm: syz.2.194 Not tainted syzkaller #0 PREEMPT(full) [ 169.073168][ T6828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 169.073186][ T6828] Call Trace: [ 169.073198][ T6828] [ 169.073211][ T6828] dump_stack_lvl+0x16c/0x1f0 [ 169.073268][ T6828] should_fail_ex+0x512/0x640 [ 169.073305][ T6828] ? fs_reclaim_acquire+0xae/0x150 [ 169.073362][ T6828] should_failslab+0xc2/0x120 [ 169.073414][ T6828] __kmalloc_noprof+0xeb/0x910 [ 169.073451][ T6828] ? tomoyo_encode2+0x100/0x3e0 [ 169.073503][ T6828] ? tomoyo_encode2+0x100/0x3e0 [ 169.073555][ T6828] tomoyo_encode2+0x100/0x3e0 [ 169.073605][ T6828] tomoyo_encode+0x29/0x50 [ 169.073648][ T6828] tomoyo_realpath_from_path+0x18f/0x6e0 [ 169.073707][ T6828] tomoyo_path_number_perm+0x245/0x580 [ 169.073744][ T6828] ? tomoyo_path_number_perm+0x237/0x580 [ 169.073788][ T6828] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 169.073825][ T6828] ? futex_wake+0x1ad/0x530 [ 169.073911][ T6828] ? find_held_lock+0x2b/0x80 [ 169.073953][ T6828] ? hook_file_ioctl_common+0x144/0x410 [ 169.074001][ T6828] ? __fget_files+0x20e/0x3c0 [ 169.074055][ T6828] security_file_ioctl+0x9b/0x240 [ 169.074096][ T6828] __x64_sys_ioctl+0xb7/0x210 [ 169.074140][ T6828] do_syscall_64+0xcd/0xf80 [ 169.074193][ T6828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.074226][ T6828] RIP: 0033:0x7ff17b18f7c9 [ 169.074254][ T6828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.074287][ T6828] RSP: 002b:00007ff1793ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 169.074319][ T6828] RAX: ffffffffffffffda RBX: 00007ff17b3e5fa0 RCX: 00007ff17b18f7c9 [ 169.074340][ T6828] RDX: 0000000000000000 RSI: 0000000000007005 RDI: 0000000000000007 [ 169.074359][ T6828] RBP: 00007ff17b213f91 R08: 0000000000000000 R09: 0000000000000000 [ 169.074378][ T6828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.074398][ T6828] R13: 00007ff17b3e6038 R14: 00007ff17b3e5fa0 R15: 00007ffc436a79d8 [ 169.074441][ T6828] [ 169.605474][ T6828] ERROR: Out of memory at tomoyo_realpath_from_path. [ 169.656308][ T6837] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 169.693143][ T6837] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 169.702293][ T6837] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 169.785296][ T6837] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 170.837145][ T6847] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 170.845408][ T6847] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 170.855660][ T6847] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 170.863458][ T6847] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 171.219585][ T6849] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 171.236271][ T6849] File: /dev/nullb0 PID: 6849 Comm: syz.3.201 [ 171.656339][ T6860] FAULT_INJECTION: forcing a failure. [ 171.656339][ T6860] name failslab, interval 1, probability 0, space 0, times 0 [ 171.735964][ T6860] CPU: 1 UID: 0 PID: 6860 Comm: syz.1.205 Not tainted syzkaller #0 PREEMPT(full) [ 171.736007][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 171.736026][ T6860] Call Trace: [ 171.736037][ T6860] [ 171.736049][ T6860] dump_stack_lvl+0x16c/0x1f0 [ 171.736104][ T6860] should_fail_ex+0x512/0x640 [ 171.736140][ T6860] ? fs_reclaim_acquire+0xae/0x150 [ 171.736195][ T6860] should_failslab+0xc2/0x120 [ 171.736248][ T6860] __kmalloc_noprof+0xeb/0x910 [ 171.736284][ T6860] ? lockdep_hardirqs_on+0x7c/0x110 [ 171.736332][ T6860] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 171.736386][ T6860] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 171.736432][ T6860] tomoyo_realpath_from_path+0xc2/0x6e0 [ 171.736482][ T6860] ? tomoyo_profile+0x47/0x60 [ 171.736537][ T6860] tomoyo_path_number_perm+0x245/0x580 [ 171.736574][ T6860] ? tomoyo_path_number_perm+0x237/0x580 [ 171.736639][ T6860] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 171.736725][ T6860] ? find_held_lock+0x2b/0x80 [ 171.736770][ T6860] ? hook_file_ioctl_common+0x144/0x410 [ 171.736819][ T6860] ? __fget_files+0x20e/0x3c0 [ 171.736875][ T6860] security_file_ioctl+0x9b/0x240 [ 171.736918][ T6860] __x64_sys_ioctl+0xb7/0x210 [ 171.736961][ T6860] do_syscall_64+0xcd/0xf80 [ 171.737013][ T6860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.737049][ T6860] RIP: 0033:0x7ff9a4d8f7c9 [ 171.737076][ T6860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.737109][ T6860] RSP: 002b:00007ff9a5c8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 171.737141][ T6860] RAX: ffffffffffffffda RBX: 00007ff9a4fe5fa0 RCX: 00007ff9a4d8f7c9 [ 171.737163][ T6860] RDX: 0000000000000000 RSI: 0000000000007005 RDI: 0000000000000007 [ 171.737181][ T6860] RBP: 00007ff9a4e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 171.737202][ T6860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.737222][ T6860] R13: 00007ff9a4fe6038 R14: 00007ff9a4fe5fa0 R15: 00007ffc5e9e4c38 [ 171.737266][ T6860] [ 171.737505][ T6860] ERROR: Out of memory at tomoyo_realpath_from_path. [ 172.076963][ T6865] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 172.083289][ T6865] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 172.089893][ T6865] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 172.096630][ T6865] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 174.096844][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 174.102972][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 174.109110][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 174.175945][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 174.247554][ T6888] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 177.752964][ T6936] FAULT_INJECTION: forcing a failure. [ 177.752964][ T6936] name failslab, interval 1, probability 0, space 0, times 0 [ 177.776603][ T6936] CPU: 1 UID: 0 PID: 6936 Comm: syz.3.226 Not tainted syzkaller #0 PREEMPT(full) [ 177.776646][ T6936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 177.776665][ T6936] Call Trace: [ 177.776676][ T6936] [ 177.776689][ T6936] dump_stack_lvl+0x16c/0x1f0 [ 177.776744][ T6936] should_fail_ex+0x512/0x640 [ 177.776780][ T6936] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 177.776834][ T6936] should_failslab+0xc2/0x120 [ 177.776888][ T6936] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 177.776939][ T6936] ? kasprintf+0xc7/0x100 [ 177.776984][ T6936] ? kvasprintf+0xbc/0x150 [ 177.777018][ T6936] kvasprintf+0xbc/0x150 [ 177.777053][ T6936] ? __pfx_kvasprintf+0x10/0x10 [ 177.777099][ T6936] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 177.777146][ T6936] ? lockdep_hardirqs_on+0x7c/0x110 [ 177.777197][ T6936] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 177.777251][ T6936] kasprintf+0xc7/0x100 [ 177.777287][ T6936] ? __pfx_kasprintf+0x10/0x10 [ 177.777345][ T6936] ieee80211_alloc_led_names+0x243/0x420 [ 177.777405][ T6936] ieee80211_alloc_hw_nm+0x197c/0x22b0 [ 177.777468][ T6936] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 177.777520][ T6936] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 177.777576][ T6936] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 177.777628][ T6936] hwsim_new_radio_nl+0xba2/0x1330 [ 177.777670][ T6936] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 177.777722][ T6936] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 177.777781][ T6936] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 177.777847][ T6936] genl_family_rcv_msg_doit+0x209/0x2f0 [ 177.777897][ T6936] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 177.777955][ T6936] ? genl_get_cmd+0x194/0x580 [ 177.778015][ T6936] ? bpf_lsm_capable+0x9/0x10 [ 177.778060][ T6936] ? security_capable+0x7e/0x260 [ 177.778125][ T6936] ? ns_capable+0xd7/0x110 [ 177.778172][ T6936] genl_rcv_msg+0x55c/0x800 [ 177.778207][ T6936] ? __pfx_genl_rcv_msg+0x10/0x10 [ 177.778238][ T6936] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 177.778290][ T6936] netlink_rcv_skb+0x158/0x420 [ 177.778338][ T6936] ? __pfx_genl_rcv_msg+0x10/0x10 [ 177.778371][ T6936] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 177.778438][ T6936] ? netlink_deliver_tap+0x1ae/0xd30 [ 177.778487][ T6936] genl_rcv+0x28/0x40 [ 177.778535][ T6936] netlink_unicast+0x5aa/0x870 [ 177.778588][ T6936] ? __pfx_netlink_unicast+0x10/0x10 [ 177.778652][ T6936] netlink_sendmsg+0x8c8/0xdd0 [ 177.778708][ T6936] ? __pfx_netlink_sendmsg+0x10/0x10 [ 177.778762][ T6936] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 177.778825][ T6936] ____sys_sendmsg+0xa5d/0xc30 [ 177.778879][ T6936] ? copy_msghdr_from_user+0x10a/0x160 [ 177.778923][ T6936] ? __pfx_____sys_sendmsg+0x10/0x10 [ 177.778988][ T6936] ? __pfx_futex_wake_mark+0x10/0x10 [ 177.779042][ T6936] ___sys_sendmsg+0x134/0x1d0 [ 177.779095][ T6936] ? __pfx____sys_sendmsg+0x10/0x10 [ 177.779139][ T6936] ? futex_private_hash_put+0x160/0x1b0 [ 177.779223][ T6936] __sys_sendmsg+0x16d/0x220 [ 177.779267][ T6936] ? __pfx___sys_sendmsg+0x10/0x10 [ 177.779310][ T6936] ? __x64_sys_futex+0x1e0/0x4c0 [ 177.779374][ T6936] do_syscall_64+0xcd/0xf80 [ 177.779428][ T6936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.779463][ T6936] RIP: 0033:0x7f228498f7c9 [ 177.779491][ T6936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.779519][ T6936] RSP: 002b:00007f22857d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 177.779544][ T6936] RAX: ffffffffffffffda RBX: 00007f2284be5fa0 RCX: 00007f228498f7c9 [ 177.779563][ T6936] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 177.779580][ T6936] RBP: 00007f2284a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 177.779598][ T6936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.779613][ T6936] R13: 00007f2284be6038 R14: 00007f2284be5fa0 R15: 00007ffcca5b0a48 [ 177.779649][ T6936] [ 178.459102][ T6939] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 178.465307][ T6939] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 178.514678][ T6939] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 178.537617][ T6939] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 178.992554][ T6950] binder: 6949:6950 ioctl c018620c 0 returned -1 [ 179.233139][ T6955] FAULT_INJECTION: forcing a failure. [ 179.233139][ T6955] name failslab, interval 1, probability 0, space 0, times 0 [ 179.248389][ T6955] CPU: 0 UID: 0 PID: 6955 Comm: syz.1.232 Not tainted syzkaller #0 PREEMPT(full) [ 179.248433][ T6955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 179.248453][ T6955] Call Trace: [ 179.248463][ T6955] [ 179.248480][ T6955] dump_stack_lvl+0x16c/0x1f0 [ 179.248536][ T6955] should_fail_ex+0x512/0x640 [ 179.248571][ T6955] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 179.248625][ T6955] should_failslab+0xc2/0x120 [ 179.248677][ T6955] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 179.248728][ T6955] ? kasprintf+0xc7/0x100 [ 179.248773][ T6955] ? kvasprintf+0xbc/0x150 [ 179.248806][ T6955] kvasprintf+0xbc/0x150 [ 179.248842][ T6955] ? __pfx_kvasprintf+0x10/0x10 [ 179.248882][ T6955] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 179.248929][ T6955] ? lockdep_hardirqs_on+0x7c/0x110 [ 179.248979][ T6955] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 179.249041][ T6955] kasprintf+0xc7/0x100 [ 179.249079][ T6955] ? __pfx_kasprintf+0x10/0x10 [ 179.249137][ T6955] ieee80211_alloc_led_names+0x11b/0x420 [ 179.249197][ T6955] ieee80211_alloc_hw_nm+0x197c/0x22b0 [ 179.249261][ T6955] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 179.249317][ T6955] ? __asan_memset+0x23/0x50 [ 179.249359][ T6955] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 179.249411][ T6955] hwsim_new_radio_nl+0xba2/0x1330 [ 179.249455][ T6955] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 179.249507][ T6955] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 179.249567][ T6955] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 179.249634][ T6955] genl_family_rcv_msg_doit+0x209/0x2f0 [ 179.249695][ T6955] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 179.249751][ T6955] ? genl_get_cmd+0x194/0x580 [ 179.249810][ T6955] ? bpf_lsm_capable+0x9/0x10 [ 179.249855][ T6955] ? security_capable+0x7e/0x260 [ 179.249911][ T6955] ? ns_capable+0xd7/0x110 [ 179.249958][ T6955] genl_rcv_msg+0x55c/0x800 [ 179.250002][ T6955] ? __pfx_genl_rcv_msg+0x10/0x10 [ 179.250036][ T6955] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 179.250089][ T6955] netlink_rcv_skb+0x158/0x420 [ 179.250139][ T6955] ? __pfx_genl_rcv_msg+0x10/0x10 [ 179.250173][ T6955] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 179.250240][ T6955] ? netlink_deliver_tap+0x1ae/0xd30 [ 179.250293][ T6955] genl_rcv+0x28/0x40 [ 179.250341][ T6955] netlink_unicast+0x5aa/0x870 [ 179.250394][ T6955] ? __pfx_netlink_unicast+0x10/0x10 [ 179.250461][ T6955] netlink_sendmsg+0x8c8/0xdd0 [ 179.250517][ T6955] ? __pfx_netlink_sendmsg+0x10/0x10 [ 179.250570][ T6955] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 179.250635][ T6955] ____sys_sendmsg+0xa5d/0xc30 [ 179.250690][ T6955] ? copy_msghdr_from_user+0x10a/0x160 [ 179.250733][ T6955] ? __pfx_____sys_sendmsg+0x10/0x10 [ 179.250798][ T6955] ? __pfx_futex_wake_mark+0x10/0x10 [ 179.250853][ T6955] ___sys_sendmsg+0x134/0x1d0 [ 179.250898][ T6955] ? __pfx____sys_sendmsg+0x10/0x10 [ 179.250941][ T6955] ? futex_private_hash_put+0x160/0x1b0 [ 179.251034][ T6955] __sys_sendmsg+0x16d/0x220 [ 179.251078][ T6955] ? __pfx___sys_sendmsg+0x10/0x10 [ 179.251121][ T6955] ? __x64_sys_futex+0x1e0/0x4c0 [ 179.251187][ T6955] do_syscall_64+0xcd/0xf80 [ 179.251240][ T6955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.251275][ T6955] RIP: 0033:0x7ff9a4d8f7c9 [ 179.251302][ T6955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.251333][ T6955] RSP: 002b:00007ff9a5c8e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 179.251364][ T6955] RAX: ffffffffffffffda RBX: 00007ff9a4fe5fa0 RCX: 00007ff9a4d8f7c9 [ 179.251387][ T6955] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 179.251407][ T6955] RBP: 00007ff9a4e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 179.251427][ T6955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.251447][ T6955] R13: 00007ff9a4fe6038 R14: 00007ff9a4fe5fa0 R15: 00007ffc5e9e4c38 [ 179.251490][ T6955] [ 179.967526][ T6956] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 179.973870][ T6956] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 179.980748][ T6956] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 180.016779][ T6956] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 180.690014][ T6972] FAULT_INJECTION: forcing a failure. [ 180.690014][ T6972] name failslab, interval 1, probability 0, space 0, times 0 [ 180.722110][ T6972] CPU: 0 UID: 0 PID: 6972 Comm: syz.3.238 Not tainted syzkaller #0 PREEMPT(full) [ 180.722157][ T6972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 180.722177][ T6972] Call Trace: [ 180.722188][ T6972] [ 180.722200][ T6972] dump_stack_lvl+0x16c/0x1f0 [ 180.722257][ T6972] should_fail_ex+0x512/0x640 [ 180.722293][ T6972] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 180.722347][ T6972] should_failslab+0xc2/0x120 [ 180.722400][ T6972] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 180.722449][ T6972] ? kasprintf+0xc7/0x100 [ 180.722493][ T6972] ? kvasprintf+0xbc/0x150 [ 180.722527][ T6972] kvasprintf+0xbc/0x150 [ 180.722562][ T6972] ? __pfx_kvasprintf+0x10/0x10 [ 180.722603][ T6972] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 180.722649][ T6972] ? lockdep_hardirqs_on+0x7c/0x110 [ 180.722698][ T6972] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 180.722753][ T6972] kasprintf+0xc7/0x100 [ 180.722790][ T6972] ? __pfx_kasprintf+0x10/0x10 [ 180.722856][ T6972] ieee80211_alloc_led_names+0x1b0/0x420 [ 180.722916][ T6972] ieee80211_alloc_hw_nm+0x197c/0x22b0 [ 180.722980][ T6972] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 180.723034][ T6972] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 180.723090][ T6972] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 180.723143][ T6972] hwsim_new_radio_nl+0xba2/0x1330 [ 180.723185][ T6972] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 180.723238][ T6972] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 180.723298][ T6972] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 180.723367][ T6972] genl_family_rcv_msg_doit+0x209/0x2f0 [ 180.723425][ T6972] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 180.723481][ T6972] ? genl_get_cmd+0x194/0x580 [ 180.723542][ T6972] ? bpf_lsm_capable+0x9/0x10 [ 180.723586][ T6972] ? security_capable+0x7e/0x260 [ 180.723642][ T6972] ? ns_capable+0xd7/0x110 [ 180.723690][ T6972] genl_rcv_msg+0x55c/0x800 [ 180.723726][ T6972] ? __pfx_genl_rcv_msg+0x10/0x10 [ 180.723758][ T6972] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 180.723811][ T6972] netlink_rcv_skb+0x158/0x420 [ 180.723867][ T6972] ? __pfx_genl_rcv_msg+0x10/0x10 [ 180.723902][ T6972] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 180.723969][ T6972] ? netlink_deliver_tap+0x1ae/0xd30 [ 180.724021][ T6972] genl_rcv+0x28/0x40 [ 180.724069][ T6972] netlink_unicast+0x5aa/0x870 [ 180.724124][ T6972] ? __pfx_netlink_unicast+0x10/0x10 [ 180.724188][ T6972] netlink_sendmsg+0x8c8/0xdd0 [ 180.724244][ T6972] ? __pfx_netlink_sendmsg+0x10/0x10 [ 180.724297][ T6972] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 180.724360][ T6972] ____sys_sendmsg+0xa5d/0xc30 [ 180.724414][ T6972] ? copy_msghdr_from_user+0x10a/0x160 [ 180.724457][ T6972] ? __pfx_____sys_sendmsg+0x10/0x10 [ 180.724507][ T6972] ? preempt_schedule_thunk+0x16/0x30 [ 180.724548][ T6972] ? try_to_wake_up+0xa67/0x1860 [ 180.724600][ T6972] ___sys_sendmsg+0x134/0x1d0 [ 180.724646][ T6972] ? __pfx____sys_sendmsg+0x10/0x10 [ 180.724687][ T6972] ? futex_private_hash_put+0x160/0x1b0 [ 180.724772][ T6972] __sys_sendmsg+0x16d/0x220 [ 180.724816][ T6972] ? __pfx___sys_sendmsg+0x10/0x10 [ 180.724866][ T6972] ? __x64_sys_futex+0x1e0/0x4c0 [ 180.724930][ T6972] do_syscall_64+0xcd/0xf80 [ 180.724985][ T6972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.725019][ T6972] RIP: 0033:0x7f228498f7c9 [ 180.725047][ T6972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.725081][ T6972] RSP: 002b:00007f22857d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 180.725113][ T6972] RAX: ffffffffffffffda RBX: 00007f2284be5fa0 RCX: 00007f228498f7c9 [ 180.725134][ T6972] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 180.725154][ T6972] RBP: 00007f2284a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 180.725175][ T6972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.725195][ T6972] R13: 00007f2284be6038 R14: 00007f2284be5fa0 R15: 00007ffcca5b0a48 [ 180.725241][ T6972] [ 181.316625][ T6975] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 181.338199][ T6975] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 181.344429][ T6975] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 181.361016][ T6975] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 181.859692][ T6979] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 182.246778][ T6985] binder: 6984:6985 ioctl c018620c 0 returned -1 [ 182.486996][ T6992] HSR: entered promiscuous mode [ 182.856439][ T6296] syz.0.76 (6296) used greatest stack depth: 17816 bytes left [ 183.376545][ T5147] Bluetooth: hci2: command 0x0c1a tx timeout [ 183.382735][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 183.391160][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 183.396016][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 183.462831][ T6969] FAULT_INJECTION: forcing a failure. [ 183.462831][ T6969] name failslab, interval 1, probability 0, space 0, times 0 [ 183.488445][ T6969] CPU: 1 UID: 0 PID: 6969 Comm: syz.0.237 Not tainted syzkaller #0 PREEMPT(full) [ 183.488491][ T6969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 183.488511][ T6969] Call Trace: [ 183.488524][ T6969] [ 183.488537][ T6969] dump_stack_lvl+0x16c/0x1f0 [ 183.488601][ T6969] should_fail_ex+0x512/0x640 [ 183.488636][ T6969] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 183.488699][ T6969] should_failslab+0xc2/0x120 [ 183.488751][ T6969] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 183.488802][ T6969] ? kasprintf+0xc7/0x100 [ 183.488846][ T6969] ? kvasprintf+0xbc/0x150 [ 183.488879][ T6969] kvasprintf+0xbc/0x150 [ 183.488914][ T6969] ? __pfx_kvasprintf+0x10/0x10 [ 183.488953][ T6969] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 183.489000][ T6969] ? lockdep_hardirqs_on+0x7c/0x110 [ 183.489049][ T6969] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 183.489102][ T6969] kasprintf+0xc7/0x100 [ 183.489138][ T6969] ? __pfx_kasprintf+0x10/0x10 [ 183.489194][ T6969] ieee80211_alloc_led_names+0x86/0x420 [ 183.489253][ T6969] ieee80211_alloc_hw_nm+0x197c/0x22b0 [ 183.489317][ T6969] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 183.489374][ T6969] ? __asan_memset+0x23/0x50 [ 183.489417][ T6969] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 183.489474][ T6969] hwsim_new_radio_nl+0xba2/0x1330 [ 183.489517][ T6969] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 183.489575][ T6969] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 183.489635][ T6969] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 183.489703][ T6969] genl_family_rcv_msg_doit+0x209/0x2f0 [ 183.489762][ T6969] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 183.489817][ T6969] ? genl_get_cmd+0x194/0x580 [ 183.489877][ T6969] ? bpf_lsm_capable+0x9/0x10 [ 183.489922][ T6969] ? security_capable+0x7e/0x260 [ 183.489976][ T6969] ? ns_capable+0xd7/0x110 [ 183.490023][ T6969] genl_rcv_msg+0x55c/0x800 [ 183.490058][ T6969] ? __pfx_genl_rcv_msg+0x10/0x10 [ 183.490090][ T6969] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 183.490142][ T6969] netlink_rcv_skb+0x158/0x420 [ 183.490191][ T6969] ? __pfx_genl_rcv_msg+0x10/0x10 [ 183.490224][ T6969] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 183.490291][ T6969] ? netlink_deliver_tap+0x1ae/0xd30 [ 183.490345][ T6969] genl_rcv+0x28/0x40 [ 183.490394][ T6969] netlink_unicast+0x5aa/0x870 [ 183.490448][ T6969] ? __pfx_netlink_unicast+0x10/0x10 [ 183.490513][ T6969] netlink_sendmsg+0x8c8/0xdd0 [ 183.490581][ T6969] ? __pfx_netlink_sendmsg+0x10/0x10 [ 183.490635][ T6969] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 183.490701][ T6969] ____sys_sendmsg+0xa5d/0xc30 [ 183.490754][ T6969] ? copy_msghdr_from_user+0x10a/0x160 [ 183.490797][ T6969] ? __pfx_____sys_sendmsg+0x10/0x10 [ 183.490860][ T6969] ? __pfx_futex_wake_mark+0x10/0x10 [ 183.490913][ T6969] ___sys_sendmsg+0x134/0x1d0 [ 183.490957][ T6969] ? __pfx____sys_sendmsg+0x10/0x10 [ 183.491001][ T6969] ? futex_private_hash_put+0x160/0x1b0 [ 183.491086][ T6969] __sys_sendmsg+0x16d/0x220 [ 183.491129][ T6969] ? __pfx___sys_sendmsg+0x10/0x10 [ 183.491171][ T6969] ? __x64_sys_futex+0x1e0/0x4c0 [ 183.491236][ T6969] do_syscall_64+0xcd/0xf80 [ 183.491290][ T6969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.491326][ T6969] RIP: 0033:0x7efdecb8f7c9 [ 183.491353][ T6969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.491386][ T6969] RSP: 002b:00007efdeda4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 183.491418][ T6969] RAX: ffffffffffffffda RBX: 00007efdecde5fa0 RCX: 00007efdecb8f7c9 [ 183.491440][ T6969] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 183.491461][ T6969] RBP: 00007efdecc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 183.491481][ T6969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.491500][ T6969] R13: 00007efdecde6038 R14: 00007efdecde5fa0 R15: 00007ffde1cc4b28 [ 183.491546][ T6969] [ 183.960252][ T7002] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 183.986086][ T7002] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 184.014276][ T7002] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 184.046190][ T7002] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 185.962637][ T7042] FAULT_INJECTION: forcing a failure. [ 185.962637][ T7042] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 186.119609][ T5844] Bluetooth: hci3: command 0x0c1a tx timeout [ 186.119681][ T5147] Bluetooth: hci1: command 0x0c1a tx timeout [ 186.136198][ T7042] CPU: 0 UID: 0 PID: 7042 Comm: syz.3.260 Not tainted syzkaller #0 PREEMPT(full) [ 186.136219][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 186.136239][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 186.136257][ T7042] Call Trace: [ 186.136267][ T7042] [ 186.136277][ T7042] dump_stack_lvl+0x16c/0x1f0 [ 186.136331][ T7042] should_fail_ex+0x512/0x640 [ 186.136379][ T7042] _copy_from_user+0x2e/0xd0 [ 186.136421][ T7042] kstrtobool_from_user+0x99/0x180 [ 186.136475][ T7042] ? __pfx_kstrtobool_from_user+0x10/0x10 [ 186.136535][ T7042] ? __pfx_cifs_lookup_cache_proc_write+0x10/0x10 [ 186.136578][ T7042] cifs_lookup_cache_proc_write+0x23/0x60 [ 186.136620][ T7042] proc_reg_write+0x240/0x330 [ 186.136669][ T7042] ? __pfx_proc_reg_write+0x10/0x10 [ 186.136714][ T7042] vfs_write+0x2a0/0x11d0 [ 186.136770][ T7042] ? __pfx___mutex_lock+0x10/0x10 [ 186.136832][ T7042] ? __pfx_vfs_write+0x10/0x10 [ 186.136897][ T7042] ? __fget_files+0x20e/0x3c0 [ 186.136963][ T7042] ksys_write+0x12a/0x250 [ 186.137014][ T7042] ? __pfx_ksys_write+0x10/0x10 [ 186.137086][ T7042] do_syscall_64+0xcd/0xf80 [ 186.137153][ T7042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.137191][ T7042] RIP: 0033:0x7f228498f7c9 [ 186.137220][ T7042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.137253][ T7042] RSP: 002b:00007f22857d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 186.137287][ T7042] RAX: ffffffffffffffda RBX: 00007f2284be5fa0 RCX: 00007f228498f7c9 [ 186.137311][ T7042] RDX: 00000000000008ed RSI: 0000000000000000 RDI: 0000000000000003 [ 186.137337][ T7042] RBP: 00007f22857d0090 R08: 0000000000000000 R09: 0000000000000000 [ 186.137358][ T7042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.137380][ T7042] R13: 00007f2284be6038 R14: 00007f2284be5fa0 R15: 00007ffcca5b0a48 [ 186.137429][ T7042] [ 186.140534][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 186.596591][ T7048] FAULT_INJECTION: forcing a failure. [ 186.596591][ T7048] name failslab, interval 1, probability 0, space 0, times 0 [ 186.629850][ T7048] CPU: 1 UID: 0 PID: 7048 Comm: syz.3.262 Not tainted syzkaller #0 PREEMPT(full) [ 186.629882][ T7048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 186.629897][ T7048] Call Trace: [ 186.629905][ T7048] [ 186.629914][ T7048] dump_stack_lvl+0x16c/0x1f0 [ 186.629955][ T7048] should_fail_ex+0x512/0x640 [ 186.629982][ T7048] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 186.630022][ T7048] should_failslab+0xc2/0x120 [ 186.630060][ T7048] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 186.630097][ T7048] ? kasprintf+0xc7/0x100 [ 186.630129][ T7048] ? kvasprintf+0xbc/0x150 [ 186.630153][ T7048] kvasprintf+0xbc/0x150 [ 186.630179][ T7048] ? __pfx_kvasprintf+0x10/0x10 [ 186.630207][ T7048] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 186.630244][ T7048] ? lockdep_hardirqs_on+0x7c/0x110 [ 186.630280][ T7048] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 186.630341][ T7048] kasprintf+0xc7/0x100 [ 186.630368][ T7048] ? __pfx_kasprintf+0x10/0x10 [ 186.630409][ T7048] ieee80211_alloc_led_names+0x1b0/0x420 [ 186.630454][ T7048] ieee80211_alloc_hw_nm+0x197c/0x22b0 [ 186.630500][ T7048] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 186.630539][ T7048] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 186.630581][ T7048] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 186.630618][ T7048] hwsim_new_radio_nl+0xba2/0x1330 [ 186.630648][ T7048] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 186.630684][ T7048] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 186.630728][ T7048] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 186.630776][ T7048] genl_family_rcv_msg_doit+0x209/0x2f0 [ 186.630819][ T7048] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 186.630859][ T7048] ? genl_get_cmd+0x194/0x580 [ 186.630902][ T7048] ? bpf_lsm_capable+0x9/0x10 [ 186.630935][ T7048] ? security_capable+0x7e/0x260 [ 186.630975][ T7048] ? ns_capable+0xd7/0x110 [ 186.631009][ T7048] genl_rcv_msg+0x55c/0x800 [ 186.631034][ T7048] ? __pfx_genl_rcv_msg+0x10/0x10 [ 186.631056][ T7048] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 186.631096][ T7048] netlink_rcv_skb+0x158/0x420 [ 186.631131][ T7048] ? __pfx_genl_rcv_msg+0x10/0x10 [ 186.631154][ T7048] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 186.631202][ T7048] ? netlink_deliver_tap+0x1ae/0xd30 [ 186.631239][ T7048] genl_rcv+0x28/0x40 [ 186.631274][ T7048] netlink_unicast+0x5aa/0x870 [ 186.631319][ T7048] ? __pfx_netlink_unicast+0x10/0x10 [ 186.631366][ T7048] netlink_sendmsg+0x8c8/0xdd0 [ 186.631406][ T7048] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.631446][ T7048] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 186.631492][ T7048] ____sys_sendmsg+0xa5d/0xc30 [ 186.631532][ T7048] ? copy_msghdr_from_user+0x10a/0x160 [ 186.631563][ T7048] ? __pfx_____sys_sendmsg+0x10/0x10 [ 186.631600][ T7048] ? preempt_schedule_thunk+0x16/0x30 [ 186.631629][ T7048] ? try_to_wake_up+0xa67/0x1860 [ 186.631667][ T7048] ___sys_sendmsg+0x134/0x1d0 [ 186.631699][ T7048] ? __pfx____sys_sendmsg+0x10/0x10 [ 186.631730][ T7048] ? futex_private_hash_put+0x160/0x1b0 [ 186.631791][ T7048] __sys_sendmsg+0x16d/0x220 [ 186.631823][ T7048] ? __pfx___sys_sendmsg+0x10/0x10 [ 186.631853][ T7048] ? __x64_sys_futex+0x1e0/0x4c0 [ 186.631899][ T7048] do_syscall_64+0xcd/0xf80 [ 186.631937][ T7048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.631962][ T7048] RIP: 0033:0x7f228498f7c9 [ 186.631982][ T7048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.632005][ T7048] RSP: 002b:00007f22857d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 186.632027][ T7048] RAX: ffffffffffffffda RBX: 00007f2284be5fa0 RCX: 00007f228498f7c9 [ 186.632043][ T7048] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 186.632058][ T7048] RBP: 00007f2284a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 186.632072][ T7048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.632086][ T7048] R13: 00007f2284be6038 R14: 00007f2284be5fa0 R15: 00007ffcca5b0a48 [ 186.632117][ T7048] [ 187.289389][ T7051] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 187.296401][ T7051] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 187.304603][ T7051] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 187.311998][ T7051] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 187.489193][ T7054] FAULT_INJECTION: forcing a failure. [ 187.489193][ T7054] name failslab, interval 1, probability 0, space 0, times 0 [ 187.509955][ T7054] CPU: 0 UID: 0 PID: 7054 Comm: syz.1.263 Not tainted syzkaller #0 PREEMPT(full) [ 187.509999][ T7054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 187.510013][ T7054] Call Trace: [ 187.510021][ T7054] [ 187.510031][ T7054] dump_stack_lvl+0x16c/0x1f0 [ 187.510072][ T7054] should_fail_ex+0x512/0x640 [ 187.510098][ T7054] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 187.510139][ T7054] should_failslab+0xc2/0x120 [ 187.510176][ T7054] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 187.510213][ T7054] ? kasprintf+0xc7/0x100 [ 187.510244][ T7054] ? kvasprintf+0xbc/0x150 [ 187.510268][ T7054] kvasprintf+0xbc/0x150 [ 187.510294][ T7054] ? __pfx_kvasprintf+0x10/0x10 [ 187.510322][ T7054] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 187.510356][ T7054] ? lockdep_hardirqs_on+0x7c/0x110 [ 187.510392][ T7054] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 187.510430][ T7054] kasprintf+0xc7/0x100 [ 187.510456][ T7054] ? __pfx_kasprintf+0x10/0x10 [ 187.510496][ T7054] ieee80211_alloc_led_names+0x243/0x420 [ 187.510541][ T7054] ieee80211_alloc_hw_nm+0x197c/0x22b0 [ 187.510587][ T7054] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 187.510626][ T7054] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 187.510667][ T7054] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 187.510704][ T7054] hwsim_new_radio_nl+0xba2/0x1330 [ 187.510735][ T7054] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 187.510771][ T7054] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 187.510815][ T7054] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 187.510863][ T7054] genl_family_rcv_msg_doit+0x209/0x2f0 [ 187.510906][ T7054] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 187.510947][ T7054] ? genl_get_cmd+0x194/0x580 [ 187.510999][ T7054] ? bpf_lsm_capable+0x9/0x10 [ 187.511032][ T7054] ? security_capable+0x7e/0x260 [ 187.511073][ T7054] ? ns_capable+0xd7/0x110 [ 187.511107][ T7054] genl_rcv_msg+0x55c/0x800 [ 187.511132][ T7054] ? __pfx_genl_rcv_msg+0x10/0x10 [ 187.511155][ T7054] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 187.511193][ T7054] netlink_rcv_skb+0x158/0x420 [ 187.511265][ T7054] ? __pfx_genl_rcv_msg+0x10/0x10 [ 187.511288][ T7054] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 187.511336][ T7054] ? netlink_deliver_tap+0x1ae/0xd30 [ 187.511373][ T7054] genl_rcv+0x28/0x40 [ 187.511409][ T7054] netlink_unicast+0x5aa/0x870 [ 187.511448][ T7054] ? __pfx_netlink_unicast+0x10/0x10 [ 187.511494][ T7054] netlink_sendmsg+0x8c8/0xdd0 [ 187.511535][ T7054] ? __pfx_netlink_sendmsg+0x10/0x10 [ 187.511574][ T7054] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 187.511620][ T7054] ____sys_sendmsg+0xa5d/0xc30 [ 187.511659][ T7054] ? copy_msghdr_from_user+0x10a/0x160 [ 187.511690][ T7054] ? __pfx_____sys_sendmsg+0x10/0x10 [ 187.511726][ T7054] ? preempt_schedule_thunk+0x16/0x30 [ 187.511756][ T7054] ? try_to_wake_up+0xa67/0x1860 [ 187.511794][ T7054] ___sys_sendmsg+0x134/0x1d0 [ 187.511826][ T7054] ? __pfx____sys_sendmsg+0x10/0x10 [ 187.511857][ T7054] ? futex_private_hash_put+0x160/0x1b0 [ 187.511915][ T7054] __sys_sendmsg+0x16d/0x220 [ 187.511946][ T7054] ? __pfx___sys_sendmsg+0x10/0x10 [ 187.511982][ T7054] ? __x64_sys_futex+0x1e0/0x4c0 [ 187.512028][ T7054] do_syscall_64+0xcd/0xf80 [ 187.512067][ T7054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.512091][ T7054] RIP: 0033:0x7ff9a4d8f7c9 [ 187.512111][ T7054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.512134][ T7054] RSP: 002b:00007ff9a5c8e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 187.512157][ T7054] RAX: ffffffffffffffda RBX: 00007ff9a4fe5fa0 RCX: 00007ff9a4d8f7c9 [ 187.512173][ T7054] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 187.512187][ T7054] RBP: 00007ff9a4e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 187.512202][ T7054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 187.512216][ T7054] R13: 00007ff9a4fe6038 R14: 00007ff9a4fe5fa0 R15: 00007ffc5e9e4c38 [ 187.512248][ T7054] [ 188.156335][ T7059] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 188.180448][ T7059] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 188.230758][ T7059] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 188.247803][ T7059] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 188.719546][ T30] audit: type=1800 audit(1765906057.264:3): pid=7078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.270" name="discovery_nqn" dev="configfs" ino=14080 res=0 errno=0 [ 189.505486][ T7085] FAULT_INJECTION: forcing a failure. [ 189.505486][ T7085] name failslab, interval 1, probability 0, space 0, times 0 [ 189.524769][ T7085] CPU: 0 UID: 0 PID: 7085 Comm: syz.2.273 Not tainted syzkaller #0 PREEMPT(full) [ 189.524825][ T7085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 189.524846][ T7085] Call Trace: [ 189.524857][ T7085] [ 189.524869][ T7085] dump_stack_lvl+0x16c/0x1f0 [ 189.524926][ T7085] should_fail_ex+0x512/0x640 [ 189.524963][ T7085] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 189.525017][ T7085] should_failslab+0xc2/0x120 [ 189.525070][ T7085] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 189.525121][ T7085] ? kasprintf+0xc7/0x100 [ 189.525167][ T7085] ? kvasprintf+0xbc/0x150 [ 189.525207][ T7085] kvasprintf+0xbc/0x150 [ 189.525243][ T7085] ? __pfx_kvasprintf+0x10/0x10 [ 189.525290][ T7085] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 189.525338][ T7085] ? lockdep_hardirqs_on+0x7c/0x110 [ 189.525387][ T7085] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 189.525440][ T7085] kasprintf+0xc7/0x100 [ 189.525476][ T7085] ? __pfx_kasprintf+0x10/0x10 [ 189.525531][ T7085] ieee80211_alloc_led_names+0x11b/0x420 [ 189.525592][ T7085] ieee80211_alloc_hw_nm+0x197c/0x22b0 [ 189.525654][ T7085] mac80211_hwsim_new_radio+0x1d3/0x5150 [ 189.525708][ T7085] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 189.525767][ T7085] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 189.525826][ T7085] hwsim_new_radio_nl+0xba2/0x1330 [ 189.525870][ T7085] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 189.525923][ T7085] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 189.525989][ T7085] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 189.526058][ T7085] genl_family_rcv_msg_doit+0x209/0x2f0 [ 189.526118][ T7085] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 189.526174][ T7085] ? genl_get_cmd+0x194/0x580 [ 189.526232][ T7085] ? bpf_lsm_capable+0x9/0x10 [ 189.526276][ T7085] ? security_capable+0x7e/0x260 [ 189.526331][ T7085] ? ns_capable+0xd7/0x110 [ 189.526378][ T7085] genl_rcv_msg+0x55c/0x800 [ 189.526415][ T7085] ? __pfx_genl_rcv_msg+0x10/0x10 [ 189.526447][ T7085] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 189.526501][ T7085] netlink_rcv_skb+0x158/0x420 [ 189.526557][ T7085] ? __pfx_genl_rcv_msg+0x10/0x10 [ 189.526591][ T7085] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 189.526660][ T7085] ? netlink_deliver_tap+0x1ae/0xd30 [ 189.526714][ T7085] genl_rcv+0x28/0x40 [ 189.526763][ T7085] netlink_unicast+0x5aa/0x870 [ 189.526823][ T7085] ? __pfx_netlink_unicast+0x10/0x10 [ 189.526889][ T7085] netlink_sendmsg+0x8c8/0xdd0 [ 189.526945][ T7085] ? __pfx_netlink_sendmsg+0x10/0x10 [ 189.527001][ T7085] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 189.527067][ T7085] ____sys_sendmsg+0xa5d/0xc30 [ 189.527121][ T7085] ? copy_msghdr_from_user+0x10a/0x160 [ 189.527164][ T7085] ? __pfx_____sys_sendmsg+0x10/0x10 [ 189.527227][ T7085] ? __pfx_futex_wake_mark+0x10/0x10 [ 189.527278][ T7085] ___sys_sendmsg+0x134/0x1d0 [ 189.527324][ T7085] ? __pfx____sys_sendmsg+0x10/0x10 [ 189.527367][ T7085] ? futex_private_hash_put+0x160/0x1b0 [ 189.527448][ T7085] __sys_sendmsg+0x16d/0x220 [ 189.527490][ T7085] ? __pfx___sys_sendmsg+0x10/0x10 [ 189.527531][ T7085] ? __x64_sys_futex+0x1e0/0x4c0 [ 189.527592][ T7085] do_syscall_64+0xcd/0xf80 [ 189.527645][ T7085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.527679][ T7085] RIP: 0033:0x7ff17b18f7c9 [ 189.527705][ T7085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.527736][ T7085] RSP: 002b:00007ff1793ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 189.527768][ T7085] RAX: ffffffffffffffda RBX: 00007ff17b3e5fa0 RCX: 00007ff17b18f7c9 [ 189.527801][ T7085] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 189.527820][ T7085] RBP: 00007ff17b213f91 R08: 0000000000000000 R09: 0000000000000000 [ 189.527841][ T7085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.527860][ T7085] R13: 00007ff17b3e6038 R14: 00007ff17b3e5fa0 R15: 00007ffc436a79d8 [ 189.527904][ T7085] [ 190.011483][ T7089] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 190.025194][ T7089] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 190.031850][ T7089] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 190.044264][ T7089] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 190.790034][ T7103] binder: 7102:7103 ioctl c018620c 0 returned -1 [ 191.876574][ T53] Bluetooth: hci3: Unable to find connection for big 0xd2 [ 192.016825][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 192.095992][ T5147] Bluetooth: hci1: command 0x0c1a tx timeout [ 192.102085][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 192.108758][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 194.926052][ T7171] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 195.106911][ T7175] random: crng reseeded on system resumption [ 195.237769][ T7174] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 195.459018][ T7183] tc_dump_action: action bad kind [ 199.532340][ T7245] netlink: 28 bytes leftover after parsing attributes in process `syz.3.317'. [ 199.651790][ T7247] FAULT_INJECTION: forcing a failure. [ 199.651790][ T7247] name failslab, interval 1, probability 0, space 0, times 0 [ 199.719178][ T7247] CPU: 0 UID: 0 PID: 7247 Comm: syz.1.318 Not tainted syzkaller #0 PREEMPT(full) [ 199.719216][ T7247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 199.719230][ T7247] Call Trace: [ 199.719237][ T7247] [ 199.719247][ T7247] dump_stack_lvl+0x16c/0x1f0 [ 199.719287][ T7247] should_fail_ex+0x512/0x640 [ 199.719312][ T7247] ? fs_reclaim_acquire+0xae/0x150 [ 199.719352][ T7247] should_failslab+0xc2/0x120 [ 199.719389][ T7247] __kmalloc_noprof+0xeb/0x910 [ 199.719415][ T7247] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 199.719454][ T7247] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 199.719498][ T7247] tomoyo_realpath_from_path+0xc2/0x6e0 [ 199.719554][ T7247] tomoyo_check_open_permission+0x2ab/0x3c0 [ 199.719593][ T7247] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 199.719669][ T7247] ? lock_acquire+0x179/0x330 [ 199.719700][ T7247] ? find_held_lock+0x2b/0x80 [ 199.719743][ T7247] ? mnt_get_write_access+0x52/0x2f0 [ 199.719783][ T7247] tomoyo_file_open+0x6b/0x90 [ 199.719834][ T7247] security_file_open+0x84/0x1e0 [ 199.719875][ T7247] do_dentry_open+0x597/0x1590 [ 199.719925][ T7247] ? security_inode_permission+0xbf/0x260 [ 199.719968][ T7247] vfs_open+0x82/0x3f0 [ 199.720013][ T7247] path_openat+0x2078/0x3140 [ 199.720075][ T7247] ? __pfx_path_openat+0x10/0x10 [ 199.720140][ T7247] do_filp_open+0x20b/0x470 [ 199.720189][ T7247] ? __pfx_do_filp_open+0x10/0x10 [ 199.720267][ T7247] ? alloc_fd+0x471/0x7d0 [ 199.720326][ T7247] do_sys_openat2+0x121/0x290 [ 199.720363][ T7247] ? __pfx_do_sys_openat2+0x10/0x10 [ 199.720403][ T7247] ? __fget_files+0x20e/0x3c0 [ 199.720457][ T7247] __x64_sys_openat+0x174/0x210 [ 199.720494][ T7247] ? __pfx___x64_sys_openat+0x10/0x10 [ 199.720528][ T7247] ? ksys_write+0x1ac/0x250 [ 199.720589][ T7247] do_syscall_64+0xcd/0xf80 [ 199.720637][ T7247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.720660][ T7247] RIP: 0033:0x7ff9a4d8f7c9 [ 199.720679][ T7247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.720700][ T7247] RSP: 002b:00007ff9a5c8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 199.720722][ T7247] RAX: ffffffffffffffda RBX: 00007ff9a4fe5fa0 RCX: 00007ff9a4d8f7c9 [ 199.720737][ T7247] RDX: 0000000000048041 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 199.720751][ T7247] RBP: 00007ff9a5c8e090 R08: 0000000000000000 R09: 0000000000000000 [ 199.720765][ T7247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 199.720778][ T7247] R13: 00007ff9a4fe6038 R14: 00007ff9a4fe5fa0 R15: 00007ffc5e9e4c38 [ 199.720808][ T7247] [ 199.990107][ T7247] ERROR: Out of memory at tomoyo_realpath_from_path. [ 200.477337][ T7256] FAULT_INJECTION: forcing a failure. [ 200.477337][ T7256] name failslab, interval 1, probability 0, space 0, times 0 [ 200.536036][ T7256] CPU: 0 UID: 0 PID: 7256 Comm: syz.3.321 Not tainted syzkaller #0 PREEMPT(full) [ 200.536076][ T7256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 200.536094][ T7256] Call Trace: [ 200.536104][ T7256] [ 200.536123][ T7256] dump_stack_lvl+0x16c/0x1f0 [ 200.536175][ T7256] should_fail_ex+0x512/0x640 [ 200.536210][ T7256] ? kmem_cache_alloc_noprof+0x62/0x770 [ 200.536254][ T7256] should_failslab+0xc2/0x120 [ 200.536304][ T7256] kmem_cache_alloc_noprof+0x83/0x770 [ 200.536342][ T7256] ? security_file_alloc+0x34/0x2b0 [ 200.536391][ T7256] ? security_file_alloc+0x34/0x2b0 [ 200.536428][ T7256] security_file_alloc+0x34/0x2b0 [ 200.536468][ T7256] init_file+0x93/0x4c0 [ 200.536502][ T7256] alloc_empty_file+0x73/0x1e0 [ 200.536538][ T7256] alloc_file_pseudo+0x13a/0x230 [ 200.536575][ T7256] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 200.536612][ T7256] ? hugetlbfs_get_inode+0x31f/0x700 [ 200.536649][ T7256] hugetlb_file_setup+0x4ce/0x620 [ 200.536684][ T7256] ksys_mmap_pgoff+0x189/0x5c0 [ 200.536733][ T7256] __x64_sys_mmap+0x125/0x190 [ 200.536766][ T7256] do_syscall_64+0xcd/0xf80 [ 200.536810][ T7256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.536838][ T7256] RIP: 0033:0x7f228498f7c9 [ 200.536860][ T7256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.536887][ T7256] RSP: 002b:00007f22857d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 200.536912][ T7256] RAX: ffffffffffffffda RBX: 00007f2284be5fa0 RCX: 00007f228498f7c9 [ 200.536931][ T7256] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 200.536947][ T7256] RBP: 00007f22857d0090 R08: 0000000000000602 R09: 0000300000000000 [ 200.536964][ T7256] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000001 [ 200.536980][ T7256] R13: 00007f2284be6038 R14: 00007f2284be5fa0 R15: 00007ffcca5b0a48 [ 200.537015][ T7256] [ 201.372613][ T7269] zswap: compressor -1 not available [ 201.627126][ T7290] FAULT_INJECTION: forcing a failure. [ 201.627126][ T7290] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 201.676714][ T7290] CPU: 1 UID: 0 PID: 7290 Comm: syz.3.333 Not tainted syzkaller #0 PREEMPT(full) [ 201.676760][ T7290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 201.676778][ T7290] Call Trace: [ 201.676788][ T7290] [ 201.676798][ T7290] dump_stack_lvl+0x16c/0x1f0 [ 201.676847][ T7290] should_fail_ex+0x512/0x640 [ 201.676884][ T7290] _copy_from_user+0x2e/0xd0 [ 201.676915][ T7290] input_event_from_user+0xb9/0x290 [ 201.676956][ T7290] ? __pfx_input_event_from_user+0x10/0x10 [ 201.676996][ T7290] ? __pfx___might_resched+0x10/0x10 [ 201.677036][ T7290] ? input_inject_event+0x51/0x3b0 [ 201.677078][ T7290] evdev_write+0x26b/0x440 [ 201.677132][ T7290] ? __pfx_evdev_write+0x10/0x10 [ 201.677177][ T7290] ? bpf_lsm_file_permission+0x9/0x10 [ 201.677215][ T7290] ? security_file_permission+0x71/0x210 [ 201.677256][ T7290] ? rw_verify_area+0xcf/0x6c0 [ 201.677299][ T7290] ? __pfx_evdev_write+0x10/0x10 [ 201.677338][ T7290] vfs_write+0x2a0/0x11d0 [ 201.677391][ T7290] ? __pfx_vfs_write+0x10/0x10 [ 201.677435][ T7290] ? find_held_lock+0x2b/0x80 [ 201.677476][ T7290] ? __fget_files+0x204/0x3c0 [ 201.677528][ T7290] ? __fget_files+0x20e/0x3c0 [ 201.677585][ T7290] ksys_write+0x1f8/0x250 [ 201.677630][ T7290] ? __pfx_ksys_write+0x10/0x10 [ 201.677688][ T7290] do_syscall_64+0xcd/0xf80 [ 201.677738][ T7290] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.677770][ T7290] RIP: 0033:0x7f228498f7c9 [ 201.677796][ T7290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.677825][ T7290] RSP: 002b:00007f22857d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 201.677854][ T7290] RAX: ffffffffffffffda RBX: 00007f2284be5fa0 RCX: 00007f228498f7c9 [ 201.677876][ T7290] RDX: 0000000000010001 RSI: 0000200000000040 RDI: 0000000000000003 [ 201.677895][ T7290] RBP: 00007f22857d0090 R08: 0000000000000000 R09: 0000000000000000 [ 201.677914][ T7290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 201.677933][ T7290] R13: 00007f2284be6038 R14: 00007f2284be5fa0 R15: 00007ffcca5b0a48 [ 201.677975][ T7290] [ 202.222772][ T7277] FAULT_INJECTION: forcing a failure. [ 202.222772][ T7277] name failslab, interval 1, probability 0, space 0, times 0 [ 202.247662][ T7277] CPU: 0 UID: 0 PID: 7277 Comm: syz.0.329 Not tainted syzkaller #0 PREEMPT(full) [ 202.247711][ T7277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 202.247740][ T7277] Call Trace: [ 202.247751][ T7277] [ 202.247764][ T7277] dump_stack_lvl+0x16c/0x1f0 [ 202.247822][ T7277] should_fail_ex+0x512/0x640 [ 202.247858][ T7277] ? kmem_cache_alloc_noprof+0x62/0x770 [ 202.247903][ T7277] should_failslab+0xc2/0x120 [ 202.247957][ T7277] kmem_cache_alloc_noprof+0x83/0x770 [ 202.247997][ T7277] ? ptlock_alloc+0x1f/0x70 [ 202.248039][ T7277] ? ptlock_alloc+0x1f/0x70 [ 202.248070][ T7277] ptlock_alloc+0x1f/0x70 [ 202.248103][ T7277] pte_alloc_one+0x84/0x3d0 [ 202.248151][ T7277] __pte_alloc+0x6d/0x3f0 [ 202.248198][ T7277] ? __pfx___pte_alloc+0x10/0x10 [ 202.248246][ T7277] ? _raw_spin_unlock+0x28/0x50 [ 202.248288][ T7277] ? __pmd_alloc+0x6aa/0x9c0 [ 202.248342][ T7277] move_page_tables+0x2c0a/0x4380 [ 202.248391][ T7277] ? __pfx_copy_vma+0x10/0x10 [ 202.248438][ T7277] ? __pfx_move_page_tables+0x10/0x10 [ 202.248494][ T7277] ? kvm_sched_clock_read+0x11/0x20 [ 202.248539][ T7277] ? sched_clock+0x38/0x60 [ 202.248598][ T7277] copy_vma_and_data+0x24e/0x790 [ 202.248641][ T7277] ? __pfx_copy_vma_and_data+0x10/0x10 [ 202.248695][ T7277] ? find_held_lock+0x2b/0x80 [ 202.248750][ T7277] ? move_vma+0x533/0x1790 [ 202.248786][ T7277] ? __vm_enough_memory+0x184/0x3f0 [ 202.248841][ T7277] move_vma+0x545/0x1790 [ 202.248886][ T7277] ? __pfx_move_vma+0x10/0x10 [ 202.248929][ T7277] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 202.248982][ T7277] ? cap_mmap_addr+0x4b/0x120 [ 202.249012][ T7277] ? bpf_lsm_mmap_addr+0x9/0x10 [ 202.249051][ T7277] ? security_mmap_addr+0x6c/0x1e0 [ 202.249094][ T7277] ? __get_unmapped_area+0x267/0x3f0 [ 202.249148][ T7277] ? vrm_set_new_addr+0x208/0x290 [ 202.249188][ T7277] mremap_to+0x1b7/0x450 [ 202.249229][ T7277] do_mremap+0x13a8/0x2020 [ 202.249271][ T7277] ? futex_private_hash_put+0x110/0x1b0 [ 202.249319][ T7277] ? __pfx_do_mremap+0x10/0x10 [ 202.249354][ T7277] ? __pfx_futex_wake+0x10/0x10 [ 202.249405][ T7277] ? ksys_write+0x190/0x250 [ 202.249462][ T7277] __do_sys_mremap+0x119/0x170 [ 202.249500][ T7277] ? __pfx___do_sys_mremap+0x10/0x10 [ 202.249562][ T7277] ? __x64_sys_futex+0x1e0/0x4c0 [ 202.249627][ T7277] do_syscall_64+0xcd/0xf80 [ 202.249680][ T7277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.249715][ T7277] RIP: 0033:0x7efdecb8f7c9 [ 202.249751][ T7277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.249793][ T7277] RSP: 002b:00007efdeda4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 202.249825][ T7277] RAX: ffffffffffffffda RBX: 00007efdecde5fa0 RCX: 00007efdecb8f7c9 [ 202.249847][ T7277] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 202.249868][ T7277] RBP: 00007efdecc13f91 R08: 0000000100000000 R09: 0000000000000000 [ 202.249888][ T7277] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 202.249908][ T7277] R13: 00007efdecde6038 R14: 00007efdecde5fa0 R15: 00007ffde1cc4b28 [ 202.249953][ T7277] [ 202.916586][ T7296] [ 202.918954][ T7296] ====================================================== [ 202.925986][ T7296] WARNING: possible circular locking dependency detected [ 202.933003][ T7296] syzkaller #0 Not tainted [ 202.937426][ T7296] ------------------------------------------------------ [ 202.944445][ T7296] syz.2.335/7296 is trying to acquire lock: [ 202.950339][ T7296] ffff8881417b98b0 (&q->elevator_lock){+.+.}-{4:4}, at: elevator_change+0x1ed/0x570 [ 202.959764][ T7296] [ 202.959764][ T7296] but task is already holding lock: [ 202.967126][ T7296] ffff8881417b9370 (&q->q_usage_counter(io)#66){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 202.978386][ T7296] [ 202.978386][ T7296] which lock already depends on the new lock. [ 202.978386][ T7296] [ 202.988801][ T7296] [ 202.988801][ T7296] the existing dependency chain (in reverse order) is: [ 202.997828][ T7296] [ 202.997828][ T7296] -> #6 (&q->q_usage_counter(io)#66){++++}-{0:0}: [ 203.006523][ T7296] blk_alloc_queue+0x610/0x750 [ 203.011834][ T7296] blk_mq_alloc_queue+0x172/0x280 [ 203.017410][ T7296] __blk_mq_alloc_disk+0x29/0x120 [ 203.023020][ T7296] null_add_dev+0xf2e/0x1eb0 [ 203.028191][ T7296] null_init+0x2c9/0x610 [ 203.032971][ T7296] do_one_initcall+0x123/0x680 [ 203.038280][ T7296] kernel_init_freeable+0x5c8/0x920 [ 203.044009][ T7296] kernel_init+0x1c/0x2b0 [ 203.048879][ T7296] ret_from_fork+0x983/0xb10 [ 203.054000][ T7296] ret_from_fork_asm+0x1a/0x30 [ 203.059312][ T7296] [ 203.059312][ T7296] -> #5 (fs_reclaim){+.+.}-{0:0}: [ 203.066548][ T7296] fs_reclaim_acquire+0x102/0x150 [ 203.072154][ T7296] kmem_cache_alloc_node_noprof+0x5e/0x800 [ 203.078513][ T7296] __alloc_skb+0x156/0x410 [ 203.083466][ T7296] tcp_stream_alloc_skb+0x34/0x670 [ 203.089115][ T7296] tcp_sendmsg_locked+0x12de/0x42a0 [ 203.094852][ T7296] tcp_sendmsg+0x2e/0x50 [ 203.099745][ T7296] inet_sendmsg+0xb9/0x140 [ 203.104730][ T7296] sock_write_iter+0x509/0x610 [ 203.110077][ T7296] vfs_write+0x7d3/0x11d0 [ 203.115037][ T7296] ksys_write+0x1f8/0x250 [ 203.119914][ T7296] do_syscall_64+0xcd/0xf80 [ 203.124965][ T7296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.131390][ T7296] [ 203.131390][ T7296] -> #4 (sk_lock-AF_INET){+.+.}-{0:0}: [ 203.139054][ T7296] lock_sock_nested+0x41/0xf0 [ 203.144266][ T7296] inet_shutdown+0x67/0x440 [ 203.149303][ T7296] nbd_mark_nsock_dead+0xae/0x5d0 [ 203.154858][ T7296] recv_work+0x66b/0xa70 [ 203.159639][ T7296] process_one_work+0x9ba/0x1b20 [ 203.165136][ T7296] worker_thread+0x6c8/0xf10 [ 203.170261][ T7296] kthread+0x3c5/0x780 [ 203.174866][ T7296] ret_from_fork+0x983/0xb10 [ 203.179992][ T7296] ret_from_fork_asm+0x1a/0x30 [ 203.185302][ T7296] [ 203.185302][ T7296] -> #3 (&nsock->tx_lock){+.+.}-{4:4}: [ 203.192974][ T7296] __mutex_lock+0x1aa/0x1ca0 [ 203.198111][ T7296] nbd_queue_rq+0x423/0x12d0 [ 203.203242][ T7296] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 203.209326][ T7296] __blk_mq_sched_dispatch_requests+0xcbd/0x15f0 [ 203.216188][ T7296] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 203.222739][ T7296] blk_mq_run_hw_queue+0x239/0x670 [ 203.228387][ T7296] blk_mq_dispatch_list+0x514/0x1300 [ 203.234207][ T7296] blk_mq_flush_plug_list+0x130/0x600 [ 203.240113][ T7296] __blk_flush_plug+0x2c4/0x4b0 [ 203.245514][ T7296] __submit_bio+0x542/0x690 [ 203.250564][ T7296] submit_bio_noacct_nocheck+0x53d/0xbe0 [ 203.256728][ T7296] submit_bio_noacct+0x5bd/0x1f40 [ 203.262285][ T7296] block_read_full_folio+0x4db/0x850 [ 203.268102][ T7296] filemap_read_folio+0xc8/0x2a0 [ 203.273572][ T7296] do_read_cache_folio+0x266/0x5c0 [ 203.279227][ T7296] read_part_sector+0xd4/0x370 [ 203.284520][ T7296] adfspart_check_ICS+0x93/0x940 [ 203.290094][ T7296] bdev_disk_changed+0x723/0x1520 [ 203.295646][ T7296] blkdev_get_whole+0x187/0x290 [ 203.301026][ T7296] bdev_open+0x2c7/0xe40 [ 203.305803][ T7296] blkdev_open+0x34e/0x4f0 [ 203.310753][ T7296] do_dentry_open+0x748/0x1590 [ 203.316060][ T7296] vfs_open+0x82/0x3f0 [ 203.320680][ T7296] path_openat+0x2078/0x3140 [ 203.325824][ T7296] do_filp_open+0x20b/0x470 [ 203.330880][ T7296] do_sys_openat2+0x121/0x290 [ 203.336098][ T7296] __x64_sys_openat+0x174/0x210 [ 203.341493][ T7296] do_syscall_64+0xcd/0xf80 [ 203.346561][ T7296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.353016][ T7296] [ 203.353016][ T7296] -> #2 (&cmd->lock){+.+.}-{4:4}: [ 203.360264][ T7296] __mutex_lock+0x1aa/0x1ca0 [ 203.365422][ T7296] nbd_queue_rq+0xbd/0x12d0 [ 203.370472][ T7296] blk_mq_dispatch_rq_list+0x416/0x1e20 [ 203.376568][ T7296] __blk_mq_sched_dispatch_requests+0xcbd/0x15f0 [ 203.383438][ T7296] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 203.389958][ T7296] blk_mq_run_hw_queue+0x239/0x670 [ 203.395610][ T7296] blk_mq_dispatch_list+0x514/0x1300 [ 203.401445][ T7296] blk_mq_flush_plug_list+0x130/0x600 [ 203.407365][ T7296] __blk_flush_plug+0x2c4/0x4b0 [ 203.412779][ T7296] __submit_bio+0x542/0x690 [ 203.417847][ T7296] submit_bio_noacct_nocheck+0x53d/0xbe0 [ 203.424090][ T7296] submit_bio_noacct+0x5bd/0x1f40 [ 203.429671][ T7296] block_read_full_folio+0x4db/0x850 [ 203.435512][ T7296] filemap_read_folio+0xc8/0x2a0 [ 203.440998][ T7296] do_read_cache_folio+0x266/0x5c0 [ 203.446919][ T7296] read_part_sector+0xd4/0x370 [ 203.452246][ T7296] adfspart_check_ICS+0x93/0x940 [ 203.457726][ T7296] bdev_disk_changed+0x723/0x1520 [ 203.463296][ T7296] blkdev_get_whole+0x187/0x290 [ 203.468689][ T7296] bdev_open+0x2c7/0xe40 [ 203.473482][ T7296] blkdev_open+0x34e/0x4f0 [ 203.478451][ T7296] do_dentry_open+0x748/0x1590 [ 203.483776][ T7296] vfs_open+0x82/0x3f0 [ 203.488390][ T7296] path_openat+0x2078/0x3140 [ 203.493537][ T7296] do_filp_open+0x20b/0x470 [ 203.498592][ T7296] do_sys_openat2+0x121/0x290 [ 203.503811][ T7296] __x64_sys_openat+0x174/0x210 [ 203.509221][ T7296] do_syscall_64+0xcd/0xf80 [ 203.514282][ T7296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.520724][ T7296] [ 203.520724][ T7296] -> #1 (set->srcu){.+.+}-{0:0}: [ 203.527888][ T7296] __synchronize_srcu+0xa2/0x250 [ 203.533374][ T7296] blk_mq_quiesce_queue+0x149/0x1b0 [ 203.539133][ T7296] elevator_switch+0x17d/0x7f0 [ 203.544439][ T7296] elevator_change+0x38b/0x570 [ 203.549764][ T7296] elevator_set_default+0x2d2/0x390 [ 203.555507][ T7296] blk_register_queue+0x384/0x4e0 [ 203.561090][ T7296] __add_disk+0x74a/0xf00 [ 203.565973][ T7296] add_disk_fwnode+0x13f/0x5d0 [ 203.571296][ T7296] nbd_dev_add+0x783/0xbb0 [ 203.576260][ T7296] nbd_init+0x181/0x320 [ 203.580957][ T7296] do_one_initcall+0x123/0x680 [ 203.586280][ T7296] kernel_init_freeable+0x5c8/0x920 [ 203.592014][ T7296] kernel_init+0x1c/0x2b0 [ 203.596894][ T7296] ret_from_fork+0x983/0xb10 [ 203.602022][ T7296] ret_from_fork_asm+0x1a/0x30 [ 203.607346][ T7296] [ 203.607346][ T7296] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 203.615199][ T7296] __lock_acquire+0x1669/0x2890 [ 203.620594][ T7296] lock_acquire+0x179/0x330 [ 203.625638][ T7296] __mutex_lock+0x1aa/0x1ca0 [ 203.630914][ T7296] elevator_change+0x1ed/0x570 [ 203.636223][ T7296] elv_iosched_store+0x3e8/0x4a0 [ 203.641712][ T7296] queue_attr_store+0x26b/0x310 [ 203.647143][ T7296] sysfs_kf_write+0xf2/0x150 [ 203.652275][ T7296] kernfs_fop_write_iter+0x3af/0x570 [ 203.658115][ T7296] iter_file_splice_write+0xa24/0x12b0 [ 203.664134][ T7296] direct_splice_actor+0x192/0x6c0 [ 203.669801][ T7296] splice_direct_to_actor+0x345/0xa30 [ 203.675752][ T7296] do_splice_direct+0x174/0x240 [ 203.681160][ T7296] do_sendfile+0xb06/0xe50 [ 203.686129][ T7296] __x64_sys_sendfile64+0x1d8/0x220 [ 203.691880][ T7296] do_syscall_64+0xcd/0xf80 [ 203.696939][ T7296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.703380][ T7296] [ 203.703380][ T7296] other info that might help us debug this: [ 203.703380][ T7296] [ 203.713619][ T7296] Chain exists of: [ 203.713619][ T7296] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#66 [ 203.713619][ T7296] [ 203.727403][ T7296] Possible unsafe locking scenario: [ 203.727403][ T7296] [ 203.734867][ T7296] CPU0 CPU1 [ 203.740243][ T7296] ---- ---- [ 203.745612][ T7296] lock(&q->q_usage_counter(io)#66); [ 203.751012][ T7296] lock(fs_reclaim); [ 203.757529][ T7296] lock(&q->q_usage_counter(io)#66); [ 203.765450][ T7296] lock(&q->elevator_lock); [ 203.770057][ T7296] [ 203.770057][ T7296] *** DEADLOCK *** [ 203.770057][ T7296] [ 203.778234][ T7296] 6 locks held by syz.2.335/7296: [ 203.783265][ T7296] #0: ffff888035064420 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x345/0xa30 [ 203.793343][ T7296] #1: ffff888032086888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 203.803235][ T7296] #2: ffff888141b38008 (kn->active#123){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 203.813394][ T7296] #3: ffff888027289208 (&set->update_nr_hwq_lock){++++}-{4:4}, at: elv_iosched_store+0x3d3/0x4a0 [ 203.824060][ T7296] #4: ffff8881417b9370 (&q->q_usage_counter(io)#66){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 203.835789][ T7296] #5: ffff8881417b93a8 (&q->q_usage_counter(queue)#49){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 203.847780][ T7296] [ 203.847780][ T7296] stack backtrace: [ 203.853777][ T7296] CPU: 1 UID: 0 PID: 7296 Comm: syz.2.335 Not tainted syzkaller #0 PREEMPT(full) [ 203.853811][ T7296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 203.853828][ T7296] Call Trace: [ 203.853838][ T7296] [ 203.853848][ T7296] dump_stack_lvl+0x116/0x1f0 [ 203.853898][ T7296] print_circular_bug+0x275/0x340 [ 203.853945][ T7296] check_noncircular+0x146/0x160 [ 203.853993][ T7296] __lock_acquire+0x1669/0x2890 [ 203.854022][ T7296] ? __flush_work+0xa48/0xcc0 [ 203.854057][ T7296] lock_acquire+0x179/0x330 [ 203.854082][ T7296] ? elevator_change+0x1ed/0x570 [ 203.854109][ T7296] ? __pfx___might_resched+0x10/0x10 [ 203.854149][ T7296] ? __pfx___flush_work+0x10/0x10 [ 203.854184][ T7296] __mutex_lock+0x1aa/0x1ca0 [ 203.854227][ T7296] ? elevator_change+0x1ed/0x570 [ 203.854254][ T7296] ? elevator_change+0x1ed/0x570 [ 203.854278][ T7296] ? lockdep_hardirqs_on+0x7c/0x110 [ 203.854319][ T7296] ? enable_work+0x245/0x310 [ 203.854350][ T7296] ? __pfx___mutex_lock+0x10/0x10 [ 203.854395][ T7296] ? find_held_lock+0x2b/0x80 [ 203.854432][ T7296] ? cancel_delayed_work_sync+0x96/0xf0 [ 203.854472][ T7296] ? blk_mq_cancel_work_sync+0x174/0x3c0 [ 203.854511][ T7296] ? blk_mq_cancel_work_sync+0x9d/0x3c0 [ 203.854551][ T7296] ? elevator_change+0x1ed/0x570 [ 203.854575][ T7296] elevator_change+0x1ed/0x570 [ 203.854603][ T7296] elv_iosched_store+0x3e8/0x4a0 [ 203.854634][ T7296] ? __pfx_elv_iosched_store+0x10/0x10 [ 203.854662][ T7296] ? iter_file_splice_write+0xa24/0x12b0 [ 203.854714][ T7296] ? __pfx_elv_iosched_store+0x10/0x10 [ 203.854743][ T7296] queue_attr_store+0x26b/0x310 [ 203.854785][ T7296] ? __pfx_queue_attr_store+0x10/0x10 [ 203.854826][ T7296] ? __lock_acquire+0x436/0x2890 [ 203.854856][ T7296] ? __asan_memcpy+0x3c/0x60 [ 203.854894][ T7296] ? find_held_lock+0x2b/0x80 [ 203.854930][ T7296] ? sysfs_file_kobj+0xe4/0x290 [ 203.854957][ T7296] ? __pfx_queue_attr_store+0x10/0x10 [ 203.854997][ T7296] sysfs_kf_write+0xf2/0x150 [ 203.855024][ T7296] kernfs_fop_write_iter+0x3af/0x570 [ 203.855070][ T7296] ? __pfx_sysfs_kf_write+0x10/0x10 [ 203.855097][ T7296] iter_file_splice_write+0xa24/0x12b0 [ 203.855153][ T7296] ? __pfx_iter_file_splice_write+0x10/0x10 [ 203.855200][ T7296] ? __pfx_copy_splice_read+0x10/0x10 [ 203.855248][ T7296] ? __pfx_iter_file_splice_write+0x10/0x10 [ 203.855292][ T7296] direct_splice_actor+0x192/0x6c0 [ 203.855336][ T7296] splice_direct_to_actor+0x345/0xa30 [ 203.855378][ T7296] ? __pfx_direct_splice_actor+0x10/0x10 [ 203.855423][ T7296] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 203.855469][ T7296] do_splice_direct+0x174/0x240 [ 203.855510][ T7296] ? __pfx_do_splice_direct+0x10/0x10 [ 203.855550][ T7296] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 203.855594][ T7296] ? rw_verify_area+0xcf/0x6c0 [ 203.855631][ T7296] do_sendfile+0xb06/0xe50 [ 203.855671][ T7296] ? __pfx_do_sendfile+0x10/0x10 [ 203.855711][ T7296] ? __x64_sys_futex+0x1e0/0x4c0 [ 203.855744][ T7296] ? __x64_sys_futex+0x1e9/0x4c0 [ 203.855780][ T7296] __x64_sys_sendfile64+0x1d8/0x220 [ 203.855806][ T7296] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 203.855838][ T7296] do_syscall_64+0xcd/0xf80 [ 203.855887][ T7296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.855922][ T7296] RIP: 0033:0x7ff17b18f7c9 [ 203.855945][ T7296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.855972][ T7296] RSP: 002b:00007ff1793cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 203.855997][ T7296] RAX: ffffffffffffffda RBX: 00007ff17b3e6090 RCX: 00007ff17b18f7c9 [ 203.856015][ T7296] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 203.856032][ T7296] RBP: 00007ff17b213f91 R08: 0000000000000000 R09: 0000000000000000 [ 203.856048][ T7296] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000000 [ 203.856065][ T7296] R13: 00007ff17b3e6128 R14: 00007ff17b3e6090 R15: 00007ffc436a79d8 [ 203.856092][ T7296] [ 204.578601][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.584937][ T1300] ieee802154 phy1 wpan1: encryption failed: -22