last executing test programs: 6m15.38274044s ago: executing program 2 (id=437): openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) r0 = eventfd$auto(0x80) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x1a1000, 0x0) ioctl$auto_PROCMAP_QUERY(r1, 0xc0686611, &(0x7f0000000080)={0x67, 0x10001, 0x7fff, 0x5, 0x80000000007, 0x3, 0x6, 0xff, 0x5, 0x7f, 0xfbfffffe, 0xfff, 0x7fb, 0x4, 0x9}) readv$auto(r0, &(0x7f0000000380)={0x0, 0x8}, 0x8) read$auto_random_fops_random(r0, &(0x7f0000000080)=""/47, 0x2f) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0xc, 0x24, 0x1, 0xffffffffffffffff, 0x0, 0x5}, 0x4f4) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, r2, 0x1, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/pagemap\x00', 0x80240, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7f, 0xd, 0x1, 0x948f, 0x1005, 0x206, 0x7, 0xfffffffffffffff6, 0x7, 0x9, 0x79d, 0x6, 0x100000000000000, 0xfffffffffffffffe, 0xf]}, 0x0) 6m13.831885045s ago: executing program 2 (id=441): mmap$auto(0x4f, 0x2020009, 0xffffffffffffffff, 0xeb5, 0xfffffffffffffffa, 0x8000) mmap$auto(0x6, 0x2000e, 0x0, 0x17, 0x404, 0x10008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) write$auto_drm_connector_fops_drm_debugfs(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0xa, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listen$auto(0x3, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x17) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2062, 0x0) 6m12.038442635s ago: executing program 2 (id=450): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r2, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) read$auto(r2, &(0x7f0000000000)='\x00', 0x91e2) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 6m11.808350896s ago: executing program 2 (id=443): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x88042, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) timer_settime$auto(0x0, 0x519a, &(0x7f0000000100)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x100) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@L2TP_ATTR_RECV_SEQ={0x5}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x101}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000011}, 0x800) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) 6m11.427131122s ago: executing program 2 (id=446): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7ffffffffffffffb, 0x3) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x40, 0x0) pread64$auto(r0, 0x0, 0x1ffffffffc, 0xe) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x1ff) write$auto(r1, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x2, 0x1) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x288800, 0x0) write$auto_uhid_fops_uhid(0xffffffffffffffff, 0x0, 0xfccd) 6m10.959909759s ago: executing program 2 (id=448): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xc6\xe8\xfc@6=\xab\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4U\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t\x13\xf6\x8e\xcf\xabI\xb8\x16\\\x00'/129, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x644040, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 6m10.53264282s ago: executing program 32 (id=448): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xc6\xe8\xfc@6=\xab\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4U\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t\x13\xf6\x8e\xcf\xabI\xb8\x16\\\x00'/129, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x644040, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 2m15.3641156s ago: executing program 4 (id=1343): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer2\x00', 0x200, 0x0) epoll_create$auto(0x6) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.7/usb8/ltm_capable\x00', 0x181800, 0x0) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd4/integrity/read_verify\x00', 0x20a800, 0x0) socket(0x10, 0x2, 0x4) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/seq/oss\x00', 0x20082, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x40100, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 2m14.975866645s ago: executing program 4 (id=1346): mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) unshare$auto(0x40000080) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, 0x0, 0x24000080) r0 = socket(0x11, 0xa, 0x9) bind$auto(r0, &(0x7f0000000140), 0x10) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0xfffffffffffffffd, 0x40000b, 0x20000df, 0x10, 0xffffffffffffffff, 0xb9) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x400c091) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) socket(0x2, 0x80802, 0x0) socket(0x2b, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) select$auto(0x8, &(0x7f0000000240)={[0x8, 0x8, 0x3, 0x4, 0xffffffffffff7fff, 0x8000, 0x4, 0x5, 0xd3b, 0x34, 0x5, 0x0, 0x5, 0x5, 0x3, 0x5]}, 0x0, 0x0, 0x0) 2m12.979733913s ago: executing program 4 (id=1351): r0 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000180), 0x48402, 0x0) r1 = socket(0x2, 0x5, 0x0) getsockname$auto(r1, &(0x7f0000000000)=@ethernet={0x1, @broadcast}, &(0x7f00000000c0)=0x5) read$auto(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/pci/drivers/pata_sch/new_id\x00', 0x2, 0x0) r2 = socket(0x2, 0x80002, 0x73) r3 = io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404c081}, 0x80) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000001040), 0x80, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) io_uring_enter$auto(r3, 0x7, 0x7ffffffb, 0x3, 0x0, 0x3) move_pages$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0x2) io_uring_enter$auto(0x3, 0x5, 0x5f3, 0x3, 0x0, 0x2) io_uring_register$auto_IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000000)="2beb275f14a9f960f3b6eb4c34eab67e5d219e57210d81f8ec665502226e532fd1fea44e3ad61ff85f901c7f807293e4586fb387c00159395b35fc4631a6b065dbf6dc12b7f83680212529ee69a7307d515f358d004726f334a6fa83c8d2d859fcdfbdbdf5129cdeeef13df1bdcc9aa26d0f57659fc66eaeed02dc15e712f7a900b5bb510360133b9341363e273da8f8f20969d8377a99b38a1ab04ac52d23d0f6061e6aba2722c31a387b3ac2f6c0474e41aaf0ba82f2c01e2bbdfde519c20fa0fdff7a750c0b997b228e60b33483a92f18709a0fc747f8239fee3b3fb9831926af2f1296ce9f10c2190010e78999f29f696e881b6b64dd981eedf0a8c3bcded675a7b214b4056d450cfcf30949b601c41f2d4220b24f5b75748228ea4250e5ceaaa35083483371c257a0123ae1489868b211d1878465908ead954af5bc88a6f6b27438c7fcd2de647dc989ab484b2781d8938d3168762d10c462463ece441436745bcbb578cf4123c0e2a4db32e043a690bf73a9cb0598ec02d204930eb96a66c153243cc8b1727cb7a8c5c1f2db71bfbc5def0aad382bbf44c7bebc28d23b8e682b78b492c7644cd496440896fe9200e371c029569b770273edaf8f72c96d301a73b2dd36cb2bfab0c59556d36b0dfbf0f06bfb0899f7592bea3da3747e6f0ee282123fd2acf4c2df67fc7bc45683deee2a7e9f4ee0a69744885c46c91ad1ea07646017b010bd37126d461f05b362eebd4e0d3b8bb5bd24f293736473983c55f7d29e627840882886e397c30754689a0f4a615bdcb6c206362e1addb444d6def7516ac1b565896463d6a7f148f3bc90ddd6ff8a5a6eb42c2337e94533f07713a837a7372bc869e3fc109731f54ca236d5cc7dd83671bca879c204122e61b1424bdff949c8c465280982527727f211d91a49142696010ca778fdda6b7158b6679bcf14e7412e5950e8333066eca6239bc3f52bc0db86fb0b47585f17e0f0fb71bea166d3c6348a694065ab7b2915377d878012784ce5b92dd6c6aca84e7d6cc2b641f3cb0f432d388f69117b4b6c707878bbba8cd886360f732a2d2a9e954c89fd58e5a5c112fadf137f4b530711691395f71fe30a712ee8f5105360e1145460ed37c419462430dfb25246a7e81dc855c692e166a971642717c2235146207b17ca22e12ffbed78db074715a476a6e4404d806cd62592fea851547f6bad26ca31388febb38fc8b4c028164132fc34b59640eb575a87873ddd6624fada81db1b4cda254fc50ba83314488cfde65bc6c964531d677eaf595212bd53770f00cde8c34e531010f975668a7001a822b799d98ffa29007d5d6e3e1db22f72feaa01dd98f68eaaa4901daabbeeeb3391f724978b31314a32d85e218d3b45f9b935937cf9d0acbddb29be6170d59c879f83bf3c2820a64ca1033a0371ff4e253a4d86fbd8a3f0704c533dd20ba6b732c428309530fabd823b4139156eccc20ebe1d7541838647d555af356bdfad8a6627cbef0f44505833ccb23e7e5bc9f0f5bb26572cabd7d8d1b4129e33448f133de8a7caff6a4248c23010a185bd64638edfbe4891eca5ad971ce7e2ca10159873851f0f15878045ca76684deca6549b7bb4cb398aad69de4ecf9a0fafc4c1fee7022ee9762a973c812c7bceae69436369b22b32a4c1b5bede1ce338bdb5e96544bf03bd5dc59a4ddd6b7fada189c15947db122fad82c6a2602c45c7523a2d4a61674b4d37b2647367e1154cc6247ef3fe61f3a867e26b2a7b13f63e872a0f8ebd20ac476d9642e5d353dc3665da6eaf08f9f83a27d8f7358e8dcf5d8aeca430b511e17122bececfb14cd34f48196305ce13b424a253d161914970cba256d4773e38d354f2c90399bf213b686242a65a32b4a438b1c68644244210df760dc4db6b412797d0a4679165aa3a49ada66fbc3ddc7df354fcc328ee83420a80983dafb795f0275b27e3c490a18e15cbbf2069f85599747003bf445e119b992c9ef99a4364d2948e513f4a44f740ff37c786e44f2e23aa01404d786b7c1af4aab6b15907e0581073f141229504afe1e10f0969d1f2e6cdef965585006d33336ecaa0038c4310c8c6ed6e1efce8b383a4b85e2824e243669912d7b439738a48600eb07cd95a28bc0dbaffd3a82a6c4950457d869ebded950bbbea53f5ccc842c1d5db16d2bf93d1c92101f8b2ecfc0e7a3d1c162e6012be0a194d7873416a7e0b37059797c6384cb0d3851c9469a89158de9bcd3174cb504dc376c174e9df9dd938df2dfab674e160d26dd3e6277c1351765cea16b9c822707395d7deb8e80d54535ea181660d13244fba45642fbd57794c5b4c6ed40a32abe16fb81a3fd6f9f5794a8790c444a9b8c15bf211114f19f5f68fef5669bcfe3f662a11ff57967444c7dbc3cdf7f9231444890fa87c1d9fb20e193f38c529eafc189fd83f7ce77af2f7a77deef102fb546fdb1ffc69ba20dac2661bb8577d9b752fccbcee97f7634765b6462b53ccb991304e59e0b54139b2a3711a2e048dcc7ec279def08c6329ff3aabc245a17b4b5ba508c7bf757a6acc832f22f2e5ef405490c46224f7b34e49a8887d7e79ad4a706e8db45a898d30a2892a04f88a6f9f2e1bfe012f8ba830bc676c59eeddbb39e790a849145020447747e8e727f2f09bb95807fc60b6840700f6a611fbf72beae13e434624b2083126b8582db5358ab067f5b04b8fd4fa5fad4dc49a844128fcfcaf7b2ed956a8393c9cd47c3c35fcf6703f05803521f0c627bad2fb307e008ca3a6f88fbc39a0431bb38319a04aeb4d1fd76c7793eb869d37f0bed0d429ed8411dfdd2f79cd92b23a1360a0d3886572fe14b43a309703e7bfd35daa808aeb0becb57a10b42f972f2acd4a06744ffdcef9dea9bad5fba9ebef63fc79fb871400bebfe50ee29f6e443908a37cb42b6e6ae1b02b0935f3a8e8356c86bb6603adb52ec2aec14bd87b5707a7d1ac60c1e0465c4822c627e4d1ee3f5206035f20477c5a2defa72c9cd4f97539ee0a17dc72c6f4d1e49e15dd93e11a525ebaa7bac4babdbb50b9e85dc5ff441c0dd4710eb535042eb7b7888e3013682c4ff0f3ed823a84ec1145b53766533d491af50e509276bf7270ef18b9f382711cc9ce33b0165dc8de12eca7b135423c84a4e8b4f8a17000387ed748a446f5967a550580ad5e0f9cda1dd0a65043ffea933c2da5df5b98668098f76f50c7872c849af16418321e335a07c54b80b1f9dd4ec3b3143c882b7216c679684aa4dbf6059117fd6e72121383ee5236f29a5cfa08a2353f247111185d98248ac919603be086926db627c3d9bdd02873ef1382ab9c883e13e49e23e4fa7f9d59423bc2bdbeeefd002c7a7177aba1037b691d8492b16c3408ecedc53fd30cdf348fc6d33321fc34ac9227ce6cfd98a31390485f644975519f96fb184a821e75b19cac0ea8cd9a8b4e1e5825a391e3114016bed29c9230487a628cb05682ee41d05d6722bbaaa309d3ca8a790768bb844038fd6aca5a03f1c0244cd0b5cfda73a32cb93638e295a0dfe0e382af437fa38950d66daeefa70a3a0b5dc5044d26ada5a1b0f14dae2dc16ecedb5747e1af724d178904230001d726610fa25d39da3ce73b46d9b3b049f33114c82bd26ba583b2088dbf8e7a1f3262e8bb92ea80fa813dbd90d24cb9d9775e2ca983f0f58d12f11c7c54749c805a1ad32925d78df700bf76d7d256084608c8fff08bd85e0a33ccf172669007c4634cfefb7450206576fe25550ce78f2a67bb1decac8424e2ee7ea3d4ffdcd79eb1601afc097e9807ce96bc797dcbea05dc554d4b29dbf944694e2cf3b3b67979fa4d2e65b56ec6580bf61204fd24a2969069c1dee6de462a1adea456dd5ca9b5bae546907f4aeb07d162d31918bd2815abac85de098c0589c3d0682cfe5245b707ae9516e7b166fa0831ba633e9afddf9af7bd46e1b21692dbe40bf5ee3b67a43c1200449bcab7d1c82b4199fb20edce34873dbed8816f2582ee1d7e825d5898feebd285c8645142ee27f9fd2439e37f9fdfc0f7576c0850a1d280bc7b6588e67f56b9c5100489edfd62b8a4a8d80e8de5724cf15c7fde534281716fb52119bb5a44512a62a19ed7727d70cd686c221fc1d1be110ef73e729b69998150158ac4698c2d2e050a1d486db8980410e063690c6887ddd6c74ec07abeaa3f2419542918c0f3702f235a969eac8aeeb171a4767a27c8a0dc600fcad474149697af91d79f7c57871dbaea255faaa4788afe59dd614c0d14fd7ce38f1a62aa327e61327ab441a79e288caa7b3a5f7c76d4cbecd1062607bbba7895783a1ef08c00d1cb4659fc846d9c64a05863394c2eb098de7177069c794c04853c110029ab635523df8f59d40e73a85be3c9aea753b765f3f978dfce54350be4f4cc3efe67ab13e0eebaaa3d85fca592b5f64382720929934a554d31110df2b4fb3b14ecbcc8a8dae5b44681ef4e955a1b3a7ec74a23656b0dec6f0c7dfccd47228a7b0b305ce28b5481aa8c51fb8ef2c0b058f96bcd09ef01229636b11ffa972f3a8a34ec78ad61bd84df91adb564be4f80f0957d962c605cf118b07e488e2e8e628f1ef07fb93607c378223cf0fdc586c9f9c9217e26d9f993bc68030c429dd8a4027fa455619c0a3d7c4916939583b126d7db28fe69670ecf028dd07922d014c96653302c4e45e71f348bbc2980d1a06e4c23eeb1a3685baf1bdb6b4be38fbb3608902a8b594e9856bd971bc4370b579ee41a41688c6ace8b1437de9a79311eb331dba5a6fd1dfaa80ef5b6069b06ec2686a23c01a9f37be677f01f3813376e9a023870ad71cecf5c5691cddbc5c37d277caee7dcb6770f6df1045a70bebbdc0958fd49a87cfe6af9bef5d5e14d10354984792f693f612b3441a2e4bd03df9392311574d156f06e57dc5b46b6a9e89591f22fddc5863a462fd1d0ed2d93b701d0f1604a9fafe7baa043421220e765a10cd25c865da1d8f7d9828931342e7061ef627b1a3708ea4385c1eb6e0d298a0a903d069084b8cba872c4591fdee156fd6fd116ff42529280cfc372bcf4d4b86ec1535404a2d1c5bf0ee7d4681d394ba51583e3ba9d427a07d706a3f9263608ee65db801a28e437b0e563d19498a7c726b9491799a39b071f1032b2606a45f46b7e30a8af7092ce2320afc9af2f9b13400a1613a20ecdef4d786ae48d84d86b9aa7e631e8098be245d5f9d0ded16101d57d5027123d0095076841007802cca1848bb0abb4af9b767749c7132ae0c542dc7348eb24434a2e1bd572c79f8950b8d6d614a31f9e64a146bb89ee69386ba423aa7daff8869f6cef8db1c11f8387aff280973c84af0abcd42aadc03fe06709f01c1703b869e9f55aa265d385c026ef20b9e9ce492326090dd9bb720b68a558c595c52a7e3de575508803710e839c31d6ee044eac2ca2af84987f42bb4b22631afedf43d3bed8d988383123c565e2c0149edfa461e0763c0dc4400aaf3bc30eadf1e47fd57cc5ee752c2e7a642a1c58eefd947116020aaad6219d032c823a5abdd2d161d5fdb67aed58ac6cf330003b828d2d05c54576289f6953d630701394a2a23711bc42582439026c159416ddb8a0b99892909fa8cf211b9f209bf133eb55b6665651b1cc961e853e7e1ac6e6b268631684edce37c61492c69100b2c1be52d80f8551916d33fe9c4d56ca2efce8cc9f58658caefdaed9e0920b31dd3e63b84a7de1e401ae74b6931f82a28df19c537495476cf8ca142a9c444a9188a0ba8152ce5e9fa0149561e9350229b451", 0x7) 2m6.526262655s ago: executing program 4 (id=1367): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x401, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000240)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\"CZ\xbeA\x11W$\xe0*\x8e\x00\xef\xd9~JZx\x9d\xf2\xc0O\x91\xe2\xb2K\xc0D\xdd\xf2\x9b\xc1VO\x02\xd4\x92+)$\x1e\x87\xaa*k\x9d\xd5z\xcdxlA\x1b\xce\x86\xbe\x1e\\\xf2je\xa4\xd0R\xb8L1cg\xcc\xa6\xbd\xf9[$\xfd\xf6\x91@k\xc3\xf2B\xeb\xbcU\xf94\xc7\xeb\xb6\xb2*\x83\x99\x11\xfd\x8dI\xd4\xa9\x1f\x9b@+\xab\x90\x83DJ\x9e\xb1\xf0\x14S\xbfE\x03\x18\xf8<\xe9b\xe0\xa1\xf5\xbb\v\xe6\x89\x12\x90)M\xc3\x17x\xce\xb2\xc0\xf3\xfd\x1fM\xfe>W\x00\xd7e\x91P\xcb\x91]\xcf\x93H;\xa4\xa4\xa3^G\xaf\x90F-\xa6g_\xb1|\xc3\xaf\x8c\t\xc6\xb6\xbbR8.@R\xb1G@\xcf\x10\xa3eg\x93\xd7B\x8c\x83\x9dY\xa8\xd9\xa6$-\xd6z\x98J\xd7\xbb\x9e@Aw\xb9iu\bn\x88\x93C\xb1\xb6\xef\xb9\xaa\xf8d\xa5\xcc\xc2@*{\xe2|[\xc7F\xe7wS\x96\x80(P\x02\xea\x94-y\xba\xd3I\x98Q\xf0\xb6\xf5\\\x02\vJ\xc6\x1d\xb3#\xfe\x99R/\xe3@\a>)\xd2\xeb\x92\\\xd5\xb6\xe4\x19\x1e\xa8\x18Qb\x9d8\xb8\xad_\x8c\n5\x99\x87\x93\xe2\x96\xd2\xb3\x85f\xbc\xa4\xa4\xa3\f\x9a\xbb\xf0\xf2\x1e\xca\xa4\xb8\x05\x8a\'\x98\r\x97F@\x85=z\xef\x89\xa2\x90\xf4\xf2', 0x81) listen$auto(r1, 0x1f64b57d) fcntl$auto(0xff80000000000000, 0x4, 0xfffffffffffffffc) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8003) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_4={0x17, 0xffffffffffffffff, 0x4}, 0x7) syz_clone3(&(0x7f0000000300)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = socketpair$auto(0x1, 0xfffffffe, 0x10000006, 0x0) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xcf, 0xfffffffffffffffc, 0x0) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000140), r2) getsockopt$auto(r0, 0x84, 0x7d, 0x0, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cpu/0/cpuid\x00', 0x2008c0, 0x0) 2m1.661407201s ago: executing program 4 (id=1379): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x0, 0x2000000005, 0x6) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0xa, 0x3, 0x3b) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x80100, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0) r0 = socket(0x10, 0x3, 0x6) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x28, r1, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'tunl0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x48d0) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x40000) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xc2c02, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5453, 0x0) 1m56.411426005s ago: executing program 4 (id=1390): openat$auto_fops_u64_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/psample/out_tc_occ_max\x00', 0x2, 0x0) r0 = socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x60540, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1000001, 0x5, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptywe\x00', 0x101c81, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) write$auto(0x3, 0x0, 0x7fffffff) 1m41.288226775s ago: executing program 33 (id=1390): openat$auto_fops_u64_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/psample/out_tc_occ_max\x00', 0x2, 0x0) r0 = socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x60540, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1000001, 0x5, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptywe\x00', 0x101c81, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) write$auto(0x3, 0x0, 0x7fffffff) 7.326712724s ago: executing program 5 (id=1745): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r4, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r4) read$auto(r4, &(0x7f0000000000)='\x00', 0x91e2) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) unshare$auto(0x40000080) 5.747376715s ago: executing program 1 (id=1752): mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x40008000) r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x0, 0x0) readv$auto(r0, &(0x7f0000001080)={0x0, 0x5c2}, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8, 0x0) 5.709069905s ago: executing program 5 (id=1753): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x23, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = setfsuid$auto(0xee00) setresuid$auto(r1, 0x0, r1) setreuid$auto(0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) shmctl$auto_IPC_SET(0xc, 0x1, &(0x7f0000000300)={{0xffffffff, 0xffffffffffffffff, 0xee01, 0x1000, 0xae, 0x9, 0x6}, 0x1, 0x7, 0x2, 0x280, @raw, @raw=0x5, 0x3, 0x0, &(0x7f0000000140)="4666def67af41b4f051e39fd6511fd6cfab11faa93fdd757f3a42ab52c0db46c7c57737a54cb9ad1fccd9f47e3400debebecee8c4b3ab4b0ecd15cb89799d7a8a423d738e2914ff98f43b494873650cfa841ca9b379cdbceb067f222f9", &(0x7f0000000240)="41b431f15aa64d11716c2908cc9f948827ddb702f4ae4ad578a4d9e2fa81507ca870d066e25696b0b2ac35abb53a8fc6e9df9fdbbc11fe705ab85e88111e5684e28f8599bc486b93eea020ee76a340a548c82e805e2d182d741e51d53c799f7bb722a591e8ac4c48f3317ac8926b8bfb8d1ffa178e0f324273"}) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) bind$auto(r2, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) epoll_ctl$auto_EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x4, 0x3}) read$auto(0x3, 0x0, 0x1f40) 5.510271651s ago: executing program 0 (id=1754): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r1 = socket(0x2, 0x801, 0x106) getsockopt$auto(r1, 0x11c, 0x3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x80002, 0x73) socket(0x2, 0x80805, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) timer_create$auto(0x0, 0x0, 0x0) timer_create$auto(0x3, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xa, 0x8000) ptrace$auto(0x4, 0xffffffffffffffff, 0x3, 0x496c) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0) write$auto(r2, &(0x7f0000000000)='/sys/kernel/security/integrity/evm/evm_xattrs\x00', 0x3) 4.635220529s ago: executing program 0 (id=1756): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/fib_multipath_hash_fields\x00', 0x202, 0x0) mmap$auto(0x0, 0x20009, 0xb17a, 0xeb1, 0x3fd, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) setgroups$auto(0xe32, 0x0) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) wait4$auto(0x0, 0x0, 0xf, &(0x7f0000000140)={{0x2599}, {0xffffffffffffffff, 0x1000000009}, 0x2, 0x800080000001, 0x1, 0x1000, 0x5, 0x7, 0x5, 0x5, 0xb11c, 0x8, 0xfffffffffffffffd, 0x7, 0xffff, 0x801c0000000}) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) 4.300190471s ago: executing program 1 (id=1758): r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x0, 0x0) readv$auto(r0, &(0x7f0000001080)={&(0x7f0000000080), 0x5c2}, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.687145432s ago: executing program 0 (id=1759): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8001, 0x0) ioctl$auto_HDIO_GETGEO(r1, 0x301, &(0x7f00000001c0)) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0200, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) rt_sigprocmask$auto(0x0, 0x0, 0x0, 0x8) mmap$auto(0x0, 0x7, 0x4000000000df, 0x80000010, 0x401, 0x7ffd) recvmmsg$auto(0xffffffffffffffff, 0x0, 0xfffffff9, 0x10, 0x0) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0x2, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x0, 0x2}) 3.544061908s ago: executing program 5 (id=1761): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x7, 0x12, 0xffffffffffffffff, 0xf4e) mmap$auto(0x3, 0x9, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000840)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee7fa7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d55745eff6aa689e859dcaeff39bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205278c5e60507f5bf17a3c822a6e70e087df68022c1315cf499750e86ea1e060e63ebf63973eebe34ba6e687eda5ef020b61896a187842d219b2b9787be7910fc5180b277f2b00d760629816aa6a7240d7b1984158107eab929d79d6264611d404f2331eda49fe426edc34793dd3252aa54eb44544774d060269913cfcb105f55836eb6702c6034a3fe98bc9678850e54903d3", 0xdd4) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0x7fffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1000000000000001, 0x0, 0x1, 0x0) unshare$auto(0x1) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x80000000001002, 0x12000000000000, 0x1, 0xeb4, 0x6, 0x8000008003) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) socket(0x31, 0x6, 0x7fff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x10001, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r0, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) 3.006842594s ago: executing program 1 (id=1762): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r4, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r4) read$auto(r4, &(0x7f0000000000)='\x00', 0x91e2) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) unshare$auto(0x40000080) 3.006055864s ago: executing program 3 (id=1763): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x6) socket(0x23, 0x80805, 0x0) fanotify_init$auto(0x5, 0x2000000000002) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) socket(0x2, 0x3, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x106) socket(0x10, 0x2, 0x0) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r0, @ANYRES64], 0x18}, 0x1, 0x2000, 0x0, 0x40000}, 0x80) 2.804768217s ago: executing program 3 (id=1764): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) 2.716110433s ago: executing program 3 (id=1765): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) getsockopt$auto_SO_NO_CHECK(r0, 0x7, 0xb, 0x0, 0x0) getcwd$auto(0x0, 0x3) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_l2cap_debugfs_fops_(r2, 0x0, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2a}) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) tkill$auto(0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) ioctl$auto(r3, 0xfffffff9, 0xffffffffffffffff) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) unshare$auto(0x2) 1.879817084s ago: executing program 0 (id=1766): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x13e, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x2) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2400000) syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff) gettid() close_range$auto(r1, r0, 0xf8c) sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, 0x0, 0x20008010) r2 = socket(0x2, 0x1, 0x0) getsockopt$auto(r2, 0x6, 0x6, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) unshare$auto(0x40000080) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007) 1.704264474s ago: executing program 3 (id=1767): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) setresuid$auto(0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x9, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r2, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) 1.648948235s ago: executing program 1 (id=1768): r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/media11\x00', 0x1, 0x0) mmap$auto(0x1, 0x7, 0xdf, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) setitimer$auto(0x1, &(0x7f0000000000)={{0x2, 0x4}, {0x5, 0x6}}, 0x0) 1.457918332s ago: executing program 5 (id=1769): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/fib_multipath_hash_fields\x00', 0x202, 0x0) mmap$auto(0x0, 0x20009, 0xb17a, 0xeb1, 0x3fd, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) setgroups$auto(0xe32, 0x0) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) wait4$auto(0x0, 0x0, 0xf, &(0x7f0000000140)={{0x2599}, {0xffffffffffffffff, 0x1000000009}, 0x2, 0x800080000001, 0x1, 0x1000, 0x5, 0x7, 0x5, 0x5, 0xb11c, 0x8, 0xfffffffffffffffd, 0x7, 0xffff, 0x801c0000000}) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) 1.018935183s ago: executing program 1 (id=1770): mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x40008000) r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0) readv$auto(r0, &(0x7f0000001080)={&(0x7f0000000080), 0x5c2}, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8, 0x0) 439.272238ms ago: executing program 0 (id=1771): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/dummy_hcd.3/usb4/power/runtime_status\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ustat$auto(0x801, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy6/aql_enable\x00', 0x22481, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffffffff, &(0x7f0000000040)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) io_uring_setup$auto(0xffd, 0x0) read$auto_dfs_dom_ops_debugfs(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 438.73994ms ago: executing program 5 (id=1772): r0 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/media11\x00', 0x1, 0x0) mmap$auto(0x1, 0x7, 0xdf, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) close_range$auto(0x0, 0xfffff004, 0x2) 434.99734ms ago: executing program 3 (id=1773): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) 387.228391ms ago: executing program 3 (id=1774): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x9) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) fcntl$auto(0x3, 0x4, 0xa553) swapon$auto(0x0, 0x4) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0x40000000000eb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000080)) r1 = openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0) read$auto_ocfs2_control_fops_stack_user(r1, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0x8, 0x0) 272.573487ms ago: executing program 5 (id=1775): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x9, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r2, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) 6.922772ms ago: executing program 1 (id=1776): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) getsockopt$auto_SO_NO_CHECK(r0, 0x7, 0xb, 0x0, 0x0) getcwd$auto(0x0, 0x3) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_l2cap_debugfs_fops_(r2, 0x0, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2a}) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) tkill$auto(0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) ioctl$auto(r3, 0xfffffff9, 0xffffffffffffffff) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) unshare$auto(0x2) 0s ago: executing program 0 (id=1784): mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x40008000) r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0) readv$auto(r0, &(0x7f0000001080)={&(0x7f0000000080), 0x5c2}, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x200, 0x0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): lock nbd10: not configured, cannot reconfigure [ 370.330087][T10322] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 370.399842][T10319] kvm: kvm [10318]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc1) = 0x2 [ 370.429036][T10324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1101'. [ 370.743052][T10328] input: f as /devices/virtual/input/input18 [ 372.046623][T10341] zswap: compressor not available [ 372.960301][T10366] bond0: option all_slaves_active: invalid value () [ 372.992189][T10369] bond0: option all_slaves_active: invalid value () [ 377.346831][T10430] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1126'. [ 378.293432][T10447] input: f as /devices/virtual/input/input19 [ 378.329725][T10453] ima: policy update failed [ 378.364794][ T30] audit: type=1802 audit(4294967346.099:10): pid=10453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1135" res=0 errno=0 [ 378.408718][T10453] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1135'. [ 378.650989][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.657428][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.702460][T10461] ptrace attach of "./syz-executor exec"[5832] was attempted by "a}V\x22{a>Dz%h6WNbaPa#\x0aRı/~5PF}%/\x07O\x0d7ݣ/>?J۷T?İf\x1b\x0b\x1bCeb^O}FPh 54l\x07V__!1]k:o5\x07\x09,]/u%)E/z\x1bvG!Zǧ\x0aI4%9MZ\x0b/TcN WVj;*8#cs>\x1bnk<>-C12qg\x5czNH$gR(n 't\x1bY~;>E,;h5+)J\x09'sϤ\x0cFv|Cbqыb4gQ#H'ƓMDe\x0b$¾A^iʡJYҹb'pL1zp&iagwD1%LOeak3Oe@zܪZ.>D:duk[SHɰ|{^Zv$boubS{?aB Ez(caa!g'\x0cI8%5D-%\x5co4G_8K]jP%)|&65\x07;yMPQS*'ݣAQAi),=d˒|o; IhJKI2{疽8Τ`/^6^^-a\x0a,Bm:jȏ8/9x/\x0bb2I\x22Vg;ӻ8lO?ؘG9XSvӵ#l$m!OV7Qu_\x0cXkDX/lkcgBat$Zp.\x0a{N,UzឥP-\x0dtPQ'\x0dRuNa<b|̥e|v$#Q\x5c\x1bl [ 379.645259][T10475] mmap: syz.0.1147 (10475): VmData 45883392 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 379.759659][T10469] rtc_cmos 00:00: Alarms can be up to one day in the future [ 379.878249][T10480] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1142'. [ 380.208603][ T9] rtc_cmos 00:00: Alarms can be up to one day in the future [ 380.247296][ T9] rtc_cmos 00:00: Alarms can be up to one day in the future [ 380.298370][ T9] rtc_cmos 00:00: Alarms can be up to one day in the future [ 380.305839][ T9] rtc_cmos 00:00: Alarms can be up to one day in the future [ 380.389751][ T9] rtc rtc0: __rtc_set_alarm: err=-22 [ 380.440011][T10490] blktrace: Concurrent blktraces are not allowed on loop5 [ 382.083006][T10501] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1150'. [ 383.173889][T10528] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1155'. [ 383.368145][T10532] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 383.733170][T10537] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1156'. [ 384.703669][T10534] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 385.858850][T10553] netlink: 11 bytes leftover after parsing attributes in process `syz.1.1159'. [ 388.544888][T10598] FAULT_INJECTION: forcing a failure. [ 388.544888][T10598] name failslab, interval 1, probability 0, space 0, times 0 [ 388.760279][T10598] CPU: 0 UID: 0 PID: 10598 Comm: syz.0.1172 Tainted: G U syzkaller #0 PREEMPT(full) [ 388.760305][T10598] Tainted: [U]=USER [ 388.760310][T10598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 388.760319][T10598] Call Trace: [ 388.760324][T10598] [ 388.760330][T10598] dump_stack_lvl+0x16c/0x1f0 [ 388.760350][T10598] should_fail_ex+0x512/0x640 [ 388.760368][T10598] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 388.760391][T10598] should_failslab+0xc2/0x120 [ 388.760413][T10598] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 388.760432][T10598] ? __mutex_lock+0x1c5/0x1060 [ 388.760447][T10598] ? argv_split+0x35/0x440 [ 388.760470][T10598] ? kstrndup+0x6d/0x160 [ 388.760486][T10598] kstrndup+0x6d/0x160 [ 388.760503][T10598] ? __pfx___trace_eprobe_create+0x10/0x10 [ 388.760522][T10598] argv_split+0x35/0x440 [ 388.760543][T10598] ? __pfx___trace_eprobe_create+0x10/0x10 [ 388.760561][T10598] trace_probe_create+0x7d/0x100 [ 388.760583][T10598] ? __pfx_trace_probe_create+0x10/0x10 [ 388.760609][T10598] create_dyn_event+0xee/0x1c0 [ 388.760628][T10598] trace_parse_run_command+0x1a9/0x400 [ 388.760643][T10598] ? __pfx_create_dyn_event+0x10/0x10 [ 388.760662][T10598] ? __pfx_dyn_event_write+0x10/0x10 [ 388.760678][T10598] vfs_write+0x2a0/0x11d0 [ 388.760699][T10598] ? __pfx___mutex_lock+0x10/0x10 [ 388.760713][T10598] ? __pfx_vfs_write+0x10/0x10 [ 388.760736][T10598] ? __fget_files+0x20e/0x3c0 [ 388.760758][T10598] ksys_write+0x12a/0x250 [ 388.760775][T10598] ? __pfx_ksys_write+0x10/0x10 [ 388.760799][T10598] do_syscall_64+0xcd/0xfa0 [ 388.760814][T10598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.760828][T10598] RIP: 0033:0x7f6d6398f7c9 [ 388.760841][T10598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 388.760854][T10598] RSP: 002b:00007f6d64844038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 388.760868][T10598] RAX: ffffffffffffffda RBX: 00007f6d63be5fa0 RCX: 00007f6d6398f7c9 [ 388.760878][T10598] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000005 [ 388.760886][T10598] RBP: 00007f6d63a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 388.760894][T10598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 388.760902][T10598] R13: 00007f6d63be6038 R14: 00007f6d63be5fa0 R15: 00007ffcf4b67cf8 [ 388.760922][T10598] [ 391.620733][T10642] FAULT_INJECTION: forcing a failure. [ 391.620733][T10642] name fail_futex, interval 1, probability 0, space 0, times 0 [ 391.685178][T10642] CPU: 0 UID: 0 PID: 10642 Comm: syz.1.1184 Tainted: G U syzkaller #0 PREEMPT(full) [ 391.685204][T10642] Tainted: [U]=USER [ 391.685209][T10642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 391.685218][T10642] Call Trace: [ 391.685223][T10642] [ 391.685229][T10642] dump_stack_lvl+0x16c/0x1f0 [ 391.685249][T10642] should_fail_ex+0x512/0x640 [ 391.685270][T10642] get_futex_key+0x1d0/0x1560 [ 391.685293][T10642] ? stack_depot_save_flags+0x29/0x9c0 [ 391.685310][T10642] ? __pfx_get_futex_key+0x10/0x10 [ 391.685330][T10642] ? kasan_save_stack+0x42/0x60 [ 391.685347][T10642] ? kasan_save_stack+0x33/0x60 [ 391.685364][T10642] ? kasan_save_track+0x14/0x30 [ 391.685380][T10642] ? __kasan_slab_alloc+0x89/0x90 [ 391.685398][T10642] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 391.685416][T10642] futex_wait_setup+0x9d/0x550 [ 391.685436][T10642] __futex_wait+0x193/0x2f0 [ 391.685451][T10642] ? __pfx___futex_wait+0x10/0x10 [ 391.685468][T10642] ? __pfx_futex_wake_mark+0x10/0x10 [ 391.685485][T10642] ? futex_hash+0x2c5/0x380 [ 391.685505][T10642] ? futex_private_hash_put+0xd5/0x190 [ 391.685525][T10642] futex_wait+0xe8/0x380 [ 391.685539][T10642] ? __pfx_futex_wait+0x10/0x10 [ 391.685559][T10642] ? file_init_path+0x4fe/0x760 [ 391.685583][T10642] do_futex+0x229/0x350 [ 391.685603][T10642] ? __pfx_do_futex+0x10/0x10 [ 391.685623][T10642] ? fd_install+0x223/0x570 [ 391.685651][T10642] __x64_sys_futex+0x1e0/0x4c0 [ 391.685673][T10642] ? __sys_socket+0xac/0x260 [ 391.685689][T10642] ? __pfx___x64_sys_futex+0x10/0x10 [ 391.685710][T10642] ? xfd_validate_state+0x61/0x180 [ 391.685736][T10642] do_syscall_64+0xcd/0xfa0 [ 391.685753][T10642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.685767][T10642] RIP: 0033:0x7f1fe898f7c9 [ 391.685780][T10642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.685794][T10642] RSP: 002b:00007f1fe97ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 391.685809][T10642] RAX: ffffffffffffffda RBX: 00007f1fe8be5fa8 RCX: 00007f1fe898f7c9 [ 391.685818][T10642] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1fe8be5fa8 [ 391.685826][T10642] RBP: 00007f1fe8be5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 391.685835][T10642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 391.685843][T10642] R13: 00007f1fe8be6038 R14: 00007ffc58009980 R15: 00007ffc58009a68 [ 391.685863][T10642] [ 392.606445][ T7640] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 392.686001][ T7640] CPU: 0 UID: 0 PID: 7640 Comm: syz-executor Tainted: G U syzkaller #0 PREEMPT(full) [ 392.686026][ T7640] Tainted: [U]=USER [ 392.686031][ T7640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 392.686039][ T7640] Call Trace: [ 392.686044][ T7640] [ 392.686050][ T7640] dump_stack_lvl+0x16c/0x1f0 [ 392.686069][ T7640] dump_header+0x101/0x930 [ 392.686088][ T7640] oom_kill_process+0x272/0xa40 [ 392.686106][ T7640] out_of_memory+0x350/0x1700 [ 392.686126][ T7640] ? __pfx_out_of_memory+0x10/0x10 [ 392.686147][ T7640] mem_cgroup_out_of_memory+0x118/0x130 [ 392.686166][ T7640] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 392.686187][ T7640] ? do_raw_spin_unlock+0x172/0x230 [ 392.686204][ T7640] try_charge_memcg+0x695/0xd30 [ 392.686231][ T7640] ? __pfx_try_charge_memcg+0x10/0x10 [ 392.686254][ T7640] ? find_held_lock+0x2b/0x80 [ 392.686273][ T7640] charge_memcg+0x8a/0x230 [ 392.686292][ T7640] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 392.686316][ T7640] __read_swap_cache_async+0x397/0x500 [ 392.686336][ T7640] ? __pfx___read_swap_cache_async+0x10/0x10 [ 392.686360][ T7640] swap_cluster_readahead+0x528/0x770 [ 392.686382][ T7640] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 392.686399][ T7640] ? kasan_save_stack+0x42/0x60 [ 392.686417][ T7640] ? kasan_record_aux_stack+0xa7/0xc0 [ 392.686430][ T7640] ? __call_rcu_common.constprop.0+0xa5/0xa10 [ 392.686443][ T7640] ? put_task_struct_rcu_user+0x75/0xc0 [ 392.686463][ T7640] ? schedule+0xe7/0x3a0 [ 392.686473][ T7640] ? do_nanosleep+0x219/0x580 [ 392.686490][ T7640] ? hrtimer_nanosleep+0x155/0x380 [ 392.686513][ T7640] ? get_vma_policy+0x242/0x3c0 [ 392.686527][ T7640] swapin_readahead+0x160/0x1180 [ 392.686549][ T7640] ? __pfx_swapin_readahead+0x10/0x10 [ 392.686566][ T7640] ? find_held_lock+0x2b/0x80 [ 392.686580][ T7640] ? swap_cache_get_folio+0x267/0x8e0 [ 392.686594][ T7640] ? swap_cache_get_folio+0x267/0x8e0 [ 392.686607][ T7640] ? swap_cache_get_folio+0x267/0x8e0 [ 392.686624][ T7640] ? swap_cache_get_folio+0x267/0x8e0 [ 392.686638][ T7640] ? swap_cache_get_folio+0x1f/0x8e0 [ 392.686652][ T7640] ? swap_cache_get_folio+0x293/0x8e0 [ 392.686668][ T7640] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 392.686682][ T7640] ? __pfx_get_swap_device+0x10/0x10 [ 392.686702][ T7640] ? do_swap_page+0x125/0x6340 [ 392.686729][ T7640] ? do_swap_page+0x86c/0x6340 [ 392.686747][ T7640] do_swap_page+0x86c/0x6340 [ 392.686775][ T7640] ? __pfx_do_swap_page+0x10/0x10 [ 392.686797][ T7640] ? __pfx_default_wake_function+0x10/0x10 [ 392.686814][ T7640] ? __lock_acquire+0x622/0x1c90 [ 392.686835][ T7640] ? rcu_is_watching+0x12/0xc0 [ 392.686852][ T7640] ? ___pte_offset_map+0x2ad/0x4f0 [ 392.686875][ T7640] __handle_mm_fault+0x17d1/0x2aa0 [ 392.686895][ T7640] ? __pfx___handle_mm_fault+0x10/0x10 [ 392.686913][ T7640] ? lock_vma_under_rcu+0x176/0x580 [ 392.686933][ T7640] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 392.686946][ T7640] ? get_timespec64+0x136/0x1b0 [ 392.686969][ T7640] handle_mm_fault+0x589/0xd10 [ 392.686984][ T7640] ? __pkru_allows_pkey+0x21/0xb0 [ 392.687006][ T7640] do_user_addr_fault+0x60c/0x1370 [ 392.687029][ T7640] ? rcu_is_watching+0x12/0xc0 [ 392.687047][ T7640] exc_page_fault+0x64/0xc0 [ 392.687061][ T7640] asm_exc_page_fault+0x26/0x30 [ 392.687075][ T7640] RIP: 0033:0x7f08391c2088 [ 392.687087][ T7640] Code: 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f [ 392.687101][ T7640] RSP: 002b:00007fffed8b3860 EFLAGS: 00010293 [ 392.687113][ T7640] RAX: 0000000000000000 RBX: 0000000000000271 RCX: 00007f08391c2085 [ 392.687122][ T7640] RDX: 00007fffed8b38a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 392.687130][ T7640] RBP: 00007fffed8b390c R08: 0000000000000000 R09: 0000000000000000 [ 392.687138][ T7640] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388 [ 392.687146][ T7640] R13: 00000000000927c0 R14: 000000000005fbcf R15: 00007fffed8b3960 [ 392.687165][ T7640] [ 392.687191][ T7640] memory: usage 2292kB, limit 3072kB, failcnt 12931 [ 393.758311][ T7640] memory+swap: usage 9928kB, limit 9007199254740988kB, failcnt 0 [ 393.780662][ T7640] kmem: usage 1132kB, limit 9007199254740988kB, failcnt 0 [ 393.800587][ T7640] Memory cgroup stats for /syz4: [ 393.800691][ T7640] cache 4096 [ 393.813342][T10657] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 393.813342][T10657] M' is too long [ 393.834374][ T7640] rss 28672 [ 393.840963][T10657] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 393.840963][T10657] W ' is too long [ 393.858443][ T7640] rss_huge 0 [ 393.861968][ T7640] shmem 4096 [ 393.873752][ T7640] mapped_file 0 [ 393.877799][ T7640] dirty 0 [ 393.888222][ T7640] writeback 0 [ 393.894860][ T7640] workingset_refault_anon 5215 [ 393.920611][ T7640] workingset_refault_file 129 [ 393.930801][ T7640] swap 8884224 [ 393.949805][ T7640] swapcached 65536 [ 393.963191][ T7640] pgpgin 191990 [ 393.975621][ T7640] pgpgout 195066 [ 393.984879][ T7640] pgfault 206136 [ 393.997254][ T7640] pgmajfault 1034 [ 394.022525][ T7640] inactive_anon 86016 [ 394.038521][ T7640] active_anon 0 [ 394.054004][ T7640] inactive_file 0 [ 394.074197][ T7640] active_file 0 [ 394.088610][ T7640] unevictable 0 [ 394.107301][ T7640] hierarchical_memory_limit 3145728 [ 394.126002][ T7640] hierarchical_memsw_limit 9223372036854771712 [ 394.152896][ T7640] total_cache 4096 [ 394.170328][ T7640] total_rss 28672 [ 394.186137][ T7640] total_rss_huge 0 [ 394.203006][ T7640] total_shmem 4096 [ 394.220328][ T7640] total_mapped_file 0 [ 394.246597][ T7640] total_dirty 0 [ 394.250078][ T7640] total_writeback 0 [ 394.253873][ T7640] total_workingset_refault_anon 5215 [ 394.322838][ T7640] total_workingset_refault_file 129 [ 394.362117][ T7640] total_swap 8884224 [ 394.385456][ T7640] total_swapcached 65536 [ 394.412391][ T7640] total_pgpgin 191990 [ 394.437104][ T7640] total_pgpgout 195066 [ 394.441214][ T7640] total_pgfault 206136 [ 394.445276][ T7640] total_pgmajfault 1034 [ 394.514766][ T7640] total_inactive_anon 86016 [ 394.530358][ T7640] total_active_anon 0 [ 394.556725][ T7640] total_inactive_file 0 [ 394.571658][ T7640] total_active_file 0 [ 394.575675][ T7640] total_unevictable 0 [ 394.584692][T10660] rtc_cmos 00:00: Alarms can be up to one day in the future [ 394.629564][ T7640] anon_cost 627 [ 394.633035][ T7640] file_cost 0 [ 394.676004][ T7640] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1168,pid=10610,uid=0 [ 394.797612][ T7640] Memory cgroup out of memory: Killed process 10610 (syz.4.1168) total-vm:137116kB, anon-rss:1268kB, file-rss:23132kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 395.206415][ T5885] rtc_cmos 00:00: Alarms can be up to one day in the future [ 395.213898][ T5885] rtc_cmos 00:00: Alarms can be up to one day in the future [ 395.256232][ T5885] rtc_cmos 00:00: Alarms can be up to one day in the future [ 395.289487][ T5885] rtc_cmos 00:00: Alarms can be up to one day in the future [ 395.342717][ T5885] rtc rtc0: __rtc_set_alarm: err=-22 [ 395.447007][T10638] snd_aloop snd_aloop.0: control 16781581:65539:6:'x?F/zF˷fC:7 is already present [ 395.978773][T10692] netlink: 'syz.4.1197': attribute type 1 has an invalid length. [ 396.359942][T10688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1196'. [ 396.394099][T10688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1196'. [ 397.750296][T10721] FAULT_INJECTION: forcing a failure. [ 397.750296][T10721] name failslab, interval 1, probability 0, space 0, times 0 [ 397.794239][T10721] CPU: 0 UID: 0 PID: 10721 Comm: syz.4.1204 Tainted: G U syzkaller #0 PREEMPT(full) [ 397.794266][T10721] Tainted: [U]=USER [ 397.794271][T10721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 397.794280][T10721] Call Trace: [ 397.794285][T10721] [ 397.794291][T10721] dump_stack_lvl+0x16c/0x1f0 [ 397.794311][T10721] should_fail_ex+0x512/0x640 [ 397.794329][T10721] ? __kmalloc_noprof+0xca/0x880 [ 397.794350][T10721] should_failslab+0xc2/0x120 [ 397.794372][T10721] __kmalloc_noprof+0xdd/0x880 [ 397.794387][T10721] ? quirks_param_set+0x200/0x750 [ 397.794406][T10721] ? quirks_param_set+0x200/0x750 [ 397.794421][T10721] quirks_param_set+0x200/0x750 [ 397.794438][T10721] ? __pfx_quirks_param_set+0x10/0x10 [ 397.794463][T10721] param_attr_store+0x199/0x300 [ 397.794481][T10721] ? __pfx_param_attr_store+0x10/0x10 [ 397.794495][T10721] module_attr_store+0x58/0x80 [ 397.794516][T10721] ? __pfx_module_attr_store+0x10/0x10 [ 397.794538][T10721] sysfs_kf_write+0xf2/0x150 [ 397.794559][T10721] kernfs_fop_write_iter+0x3af/0x570 [ 397.794575][T10721] ? __pfx_sysfs_kf_write+0x10/0x10 [ 397.794597][T10721] do_iter_readv_writev+0x662/0x9e0 [ 397.794615][T10721] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 397.794642][T10721] vfs_writev+0x35f/0xde0 [ 397.794663][T10721] ? __pfx_vfs_writev+0x10/0x10 [ 397.794678][T10721] ? __mutex_lock+0x1c5/0x1060 [ 397.794700][T10721] ? __pfx___mutex_lock+0x10/0x10 [ 397.794722][T10721] ? __fget_files+0x20e/0x3c0 [ 397.794744][T10721] ? do_writev+0x132/0x340 [ 397.794758][T10721] do_writev+0x132/0x340 [ 397.794774][T10721] ? __pfx_do_writev+0x10/0x10 [ 397.794796][T10721] do_syscall_64+0xcd/0xfa0 [ 397.794813][T10721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.794827][T10721] RIP: 0033:0x7f083918f7c9 [ 397.794839][T10721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 397.794853][T10721] RSP: 002b:00007f0839fad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 397.794868][T10721] RAX: ffffffffffffffda RBX: 00007f08393e5fa0 RCX: 00007f083918f7c9 [ 397.794877][T10721] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 397.794886][T10721] RBP: 00007f0839213f91 R08: 0000000000000000 R09: 0000000000000000 [ 397.794894][T10721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 397.794902][T10721] R13: 00007f08393e6038 R14: 00007f08393e5fa0 R15: 00007fffed8b3548 [ 397.794924][T10721] [ 398.040573][ C0] vkms_vblank_simulate: vblank timer overrun [ 398.049156][T10731] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1206'. [ 400.232792][T10733] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input22 [ 400.528915][T10746] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1211'. [ 401.067081][T10755] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 401.575479][T10762] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1213'. [ 401.706894][T10764] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1215'. [ 401.977972][T10768] FAULT_INJECTION: forcing a failure. [ 401.977972][T10768] name failslab, interval 1, probability 0, space 0, times 0 [ 402.043960][T10768] CPU: 0 UID: 0 PID: 10768 Comm: syz.0.1216 Tainted: G U syzkaller #0 PREEMPT(full) [ 402.043985][T10768] Tainted: [U]=USER [ 402.043990][T10768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 402.043999][T10768] Call Trace: [ 402.044004][T10768] [ 402.044011][T10768] dump_stack_lvl+0x16c/0x1f0 [ 402.044031][T10768] should_fail_ex+0x512/0x640 [ 402.044048][T10768] ? __kmalloc_noprof+0xca/0x880 [ 402.044066][T10768] should_failslab+0xc2/0x120 [ 402.044087][T10768] __kmalloc_noprof+0xdd/0x880 [ 402.044102][T10768] ? __register_sysctl_table+0xb3/0x1900 [ 402.044122][T10768] ? __register_sysctl_table+0xb3/0x1900 [ 402.044136][T10768] __register_sysctl_table+0xb3/0x1900 [ 402.044152][T10768] ? rcu_is_watching+0x12/0xc0 [ 402.044171][T10768] ? __pfx___register_sysctl_table+0x10/0x10 [ 402.044189][T10768] ? __asan_memcpy+0x3c/0x60 [ 402.044206][T10768] setup_ipc_sysctls+0x1aa/0x300 [ 402.044223][T10768] copy_ipcs+0x53c/0x790 [ 402.044242][T10768] create_new_namespaces+0x20a/0xab0 [ 402.044258][T10768] ? security_capable+0x7e/0x260 [ 402.044276][T10768] copy_namespaces+0x468/0x570 [ 402.044293][T10768] copy_process+0x2830/0x76b0 [ 402.044319][T10768] ? __pfx_copy_process+0x10/0x10 [ 402.044340][T10768] ? _copy_from_user+0x59/0xd0 [ 402.044360][T10768] kernel_clone+0xfc/0x930 [ 402.044377][T10768] ? __pfx_kernel_clone+0x10/0x10 [ 402.044392][T10768] ? futex_private_hash_put+0xd5/0x190 [ 402.044415][T10768] ? __pfx_futex_wait+0x10/0x10 [ 402.044440][T10768] __do_sys_clone3+0x212/0x290 [ 402.044458][T10768] ? __pfx___do_sys_clone3+0x10/0x10 [ 402.044483][T10768] ? find_held_lock+0x2b/0x80 [ 402.044515][T10768] do_syscall_64+0xcd/0xfa0 [ 402.044531][T10768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.044545][T10768] RIP: 0033:0x7f6d6398f7c9 [ 402.044558][T10768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.044571][T10768] RSP: 002b:00007f6d64843f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 402.044586][T10768] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f6d6398f7c9 [ 402.044595][T10768] RDX: 00007f6d64843f20 RSI: 0000000000000058 RDI: 00007f6d64843f20 [ 402.044604][T10768] RBP: 00007f6d63a13f91 R08: 0000000000000000 R09: 0000000000000058 [ 402.044613][T10768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 402.044622][T10768] R13: 00007f6d63be6038 R14: 00007f6d63be5fa0 R15: 00007ffcf4b67cf8 [ 402.044642][T10768] [ 402.290353][ C0] vkms_vblank_simulate: vblank timer overrun [ 402.700342][T10759] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 403.155730][T10782] blktrace: Concurrent blktraces are not allowed on loop5 [ 403.466896][T10790] Falling back ldisc for pty66. [ 404.412423][T10806] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 404.574144][T10807] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 404.726851][ T52] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 404.773080][T10806] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1227'. [ 405.332341][T10818] program syz.3.1231 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 406.971020][T10840] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1236'. [ 407.547201][T10848] netlink: 'syz.1.1237': attribute type 1 has an invalid length. [ 408.239560][T10862] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1241'. [ 408.298412][T10862] vlan1: entered promiscuous mode [ 408.303709][T10862] vlan1: entered allmulticast mode [ 408.335510][T10862] veth0_vlan: entered allmulticast mode [ 408.364978][T10864] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1243'. [ 408.994072][T10873] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1245'. [ 410.821216][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807eec8400: rx timeout, send abort [ 410.838930][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807eec8400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 411.820714][T10894] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1249'. [ 412.191406][T10904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1251'. [ 412.474679][ T30] audit: type=1804 audit(4294967380.209:11): pid=10910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1253" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=18 res=1 errno=0 [ 413.225448][T10917] binder: BINDER_SET_CONTEXT_MGR already set [ 413.250445][T10917] binder: 10916:10917 ioctl 4018620d 9 returned -16 [ 414.494215][T10946] FAULT_INJECTION: forcing a failure. [ 414.494215][T10946] name failslab, interval 1, probability 0, space 0, times 0 [ 414.549364][T10946] CPU: 0 UID: 0 PID: 10946 Comm: syz.3.1265 Tainted: G U syzkaller #0 PREEMPT(full) [ 414.549391][T10946] Tainted: [U]=USER [ 414.549396][T10946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 414.549405][T10946] Call Trace: [ 414.549410][T10946] [ 414.549416][T10946] dump_stack_lvl+0x16c/0x1f0 [ 414.549437][T10946] should_fail_ex+0x512/0x640 [ 414.549454][T10946] ? __kmalloc_noprof+0xca/0x880 [ 414.549472][T10946] should_failslab+0xc2/0x120 [ 414.549494][T10946] __kmalloc_noprof+0xdd/0x880 [ 414.549509][T10946] ? __register_sysctl_table+0xea2/0x1900 [ 414.549529][T10946] ? __register_sysctl_table+0xea2/0x1900 [ 414.549544][T10946] __register_sysctl_table+0xea2/0x1900 [ 414.549563][T10946] ? __pfx___register_sysctl_table+0x10/0x10 [ 414.549578][T10946] ? is_module_address+0x69/0xf0 [ 414.549599][T10946] ? register_net_sysctl_sz+0x228/0x3e0 [ 414.549622][T10946] __devinet_sysctl_register+0x1b9/0x360 [ 414.549640][T10946] ? rcu_is_watching+0x12/0xc0 [ 414.549656][T10946] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 414.549673][T10946] ? __kmalloc_node_track_caller_noprof+0x362/0x8a0 [ 414.549696][T10946] ? __asan_memcpy+0x3c/0x60 [ 414.549714][T10946] devinet_init_net+0x315/0x910 [ 414.549730][T10946] ? __pfx_devinet_init_net+0x10/0x10 [ 414.549746][T10946] ops_init+0x1e2/0x5f0 [ 414.549768][T10946] setup_net+0x11d/0x3a0 [ 414.549787][T10946] ? __pfx_setup_net+0x10/0x10 [ 414.549807][T10946] ? debug_mutex_init+0x37/0x70 [ 414.549825][T10946] copy_net_ns+0x351/0x5d0 [ 414.549848][T10946] create_new_namespaces+0x3ea/0xab0 [ 414.549869][T10946] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 414.549886][T10946] ksys_unshare+0x45b/0xa40 [ 414.549904][T10946] ? __pfx_ksys_unshare+0x10/0x10 [ 414.549922][T10946] ? xfd_validate_state+0x61/0x180 [ 414.549959][T10946] __x64_sys_unshare+0x31/0x40 [ 414.549979][T10946] do_syscall_64+0xcd/0xfa0 [ 414.549996][T10946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.550010][T10946] RIP: 0033:0x7f7c27d8f7c9 [ 414.550023][T10946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 414.550037][T10946] RSP: 002b:00007f7c28c60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 414.550051][T10946] RAX: ffffffffffffffda RBX: 00007f7c27fe5fa0 RCX: 00007f7c27d8f7c9 [ 414.550060][T10946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 414.550069][T10946] RBP: 00007f7c27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 414.550078][T10946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 414.550086][T10946] R13: 00007f7c27fe6038 R14: 00007f7c27fe5fa0 R15: 00007ffd39696af8 [ 414.550107][T10946] [ 414.552330][T10946] sysctl could not get directory: /net/ipv4/conf -12 [ 415.731961][T10966] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1270'. [ 416.331071][T10975] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1271'. [ 417.668320][T10993] FAULT_INJECTION: forcing a failure. [ 417.668320][T10993] name fail_futex, interval 1, probability 0, space 0, times 0 [ 417.733076][T10993] CPU: 0 UID: 0 PID: 10993 Comm: syz.4.1278 Tainted: G U syzkaller #0 PREEMPT(full) [ 417.733102][T10993] Tainted: [U]=USER [ 417.733107][T10993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 417.733116][T10993] Call Trace: [ 417.733121][T10993] [ 417.733127][T10993] dump_stack_lvl+0x16c/0x1f0 [ 417.733147][T10993] should_fail_ex+0x512/0x640 [ 417.733168][T10993] get_futex_key+0x1d0/0x1560 [ 417.733190][T10993] ? stack_depot_save_flags+0x29/0x9c0 [ 417.733207][T10993] ? __pfx_get_futex_key+0x10/0x10 [ 417.733225][T10993] ? __lock_acquire+0x622/0x1c90 [ 417.733247][T10993] ? kasan_save_stack+0x42/0x60 [ 417.733264][T10993] ? kasan_save_stack+0x33/0x60 [ 417.733280][T10993] ? kasan_save_track+0x14/0x30 [ 417.733300][T10993] ? __kasan_slab_alloc+0x89/0x90 [ 417.733318][T10993] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 417.733336][T10993] futex_wait_setup+0x9d/0x550 [ 417.733356][T10993] __futex_wait+0x193/0x2f0 [ 417.733372][T10993] ? __pfx___futex_wait+0x10/0x10 [ 417.733389][T10993] ? __pfx_futex_wake_mark+0x10/0x10 [ 417.733407][T10993] ? futex_hash+0x2c5/0x380 [ 417.733427][T10993] ? futex_private_hash_put+0xd5/0x190 [ 417.733447][T10993] futex_wait+0xe8/0x380 [ 417.733461][T10993] ? __pfx_futex_wait+0x10/0x10 [ 417.733481][T10993] ? file_init_path+0x4fe/0x760 [ 417.733504][T10993] do_futex+0x229/0x350 [ 417.733525][T10993] ? __pfx_do_futex+0x10/0x10 [ 417.733544][T10993] ? fd_install+0x223/0x570 [ 417.733563][T10993] __x64_sys_futex+0x1e0/0x4c0 [ 417.733584][T10993] ? __sys_socket+0xac/0x260 [ 417.733599][T10993] ? __pfx___x64_sys_futex+0x10/0x10 [ 417.733619][T10993] ? xfd_validate_state+0x61/0x180 [ 417.733645][T10993] do_syscall_64+0xcd/0xfa0 [ 417.733661][T10993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.733675][T10993] RIP: 0033:0x7f083918f7c9 [ 417.733688][T10993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 417.733701][T10993] RSP: 002b:00007f0839fad0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 417.733715][T10993] RAX: ffffffffffffffda RBX: 00007f08393e5fa8 RCX: 00007f083918f7c9 [ 417.733724][T10993] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f08393e5fa8 [ 417.733733][T10993] RBP: 00007f08393e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 417.733741][T10993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.733749][T10993] R13: 00007f08393e6038 R14: 00007fffed8b3460 R15: 00007fffed8b3548 [ 417.733769][T10993] [ 417.982878][ C0] vkms_vblank_simulate: vblank timer overrun [ 418.093375][T11000] netlink: 'syz.1.1277': attribute type 1 has an invalid length. [ 418.844362][T11013] netlink: Unknown conntrack attr (type=257, max=9) [ 419.416170][T11017] can0: slcan on ptm0. [ 419.637105][T11015] can0 (unregistered): slcan off ptm0. [ 419.674144][T11030] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1288'. [ 419.737162][T11031] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1288'. [ 423.227416][T11102] netlink: 'syz.3.1299': attribute type 2 has an invalid length. [ 423.665066][T11107] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1301'. [ 423.763104][T11109] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1301'. [ 425.195331][T11130] random: crng reseeded on system resumption [ 425.243548][T11130] FAULT_INJECTION: forcing a failure. [ 425.243548][T11130] name failslab, interval 1, probability 0, space 0, times 0 [ 425.377405][T11130] CPU: 0 UID: 0 PID: 11130 Comm: syz.0.1307 Tainted: G U syzkaller #0 PREEMPT(full) [ 425.377432][T11130] Tainted: [U]=USER [ 425.377437][T11130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 425.377446][T11130] Call Trace: [ 425.377452][T11130] [ 425.377458][T11130] dump_stack_lvl+0x16c/0x1f0 [ 425.377479][T11130] should_fail_ex+0x512/0x640 [ 425.377496][T11130] ? __kmalloc_cache_noprof+0x5f/0x780 [ 425.377515][T11130] should_failslab+0xc2/0x120 [ 425.377536][T11130] __kmalloc_cache_noprof+0x72/0x780 [ 425.377552][T11130] ? memory_bm_create+0x154/0x810 [ 425.377571][T11130] ? memory_bm_create+0x154/0x810 [ 425.377587][T11130] memory_bm_create+0x154/0x810 [ 425.377610][T11130] create_basic_memory_bitmaps+0x10b/0x320 [ 425.377631][T11130] snapshot_open+0x235/0x2b0 [ 425.377649][T11130] ? __pfx_snapshot_open+0x10/0x10 [ 425.377668][T11130] misc_open+0x26d/0x450 [ 425.377685][T11130] ? __pfx_misc_open+0x10/0x10 [ 425.377701][T11130] chrdev_open+0x234/0x6a0 [ 425.377719][T11130] ? __pfx_apparmor_file_open+0x10/0x10 [ 425.377736][T11130] ? __pfx_chrdev_open+0x10/0x10 [ 425.377755][T11130] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 425.377778][T11130] do_dentry_open+0x6fe/0x1560 [ 425.377795][T11130] ? __pfx_chrdev_open+0x10/0x10 [ 425.377819][T11130] vfs_open+0x82/0x3f0 [ 425.377834][T11130] path_openat+0x2016/0x2f90 [ 425.377858][T11130] ? __pfx_path_openat+0x10/0x10 [ 425.377877][T11130] ? __lock_acquire+0xb8a/0x1c90 [ 425.377900][T11130] do_filp_open+0x20b/0x470 [ 425.377917][T11130] ? __pfx_do_filp_open+0x10/0x10 [ 425.377956][T11130] ? alloc_fd+0x471/0x7d0 [ 425.377979][T11130] do_sys_openat2+0x11b/0x1d0 [ 425.377993][T11130] ? __pfx_do_sys_openat2+0x10/0x10 [ 425.378015][T11130] __x64_sys_openat+0x174/0x210 [ 425.378029][T11130] ? __pfx___x64_sys_openat+0x10/0x10 [ 425.378051][T11130] do_syscall_64+0xcd/0xfa0 [ 425.378068][T11130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.378082][T11130] RIP: 0033:0x7f6d6398f7c9 [ 425.378095][T11130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.378108][T11130] RSP: 002b:00007f6d64844038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 425.378122][T11130] RAX: ffffffffffffffda RBX: 00007f6d63be5fa0 RCX: 00007f6d6398f7c9 [ 425.378132][T11130] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 425.378141][T11130] RBP: 00007f6d63a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 425.378149][T11130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 425.378158][T11130] R13: 00007f6d63be6038 R14: 00007f6d63be5fa0 R15: 00007ffcf4b67cf8 [ 425.378178][T11130] [ 426.486681][T11154] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1313'. [ 428.959490][T11188] netlink: 338 bytes leftover after parsing attributes in process `syz.4.1321'. [ 430.328237][T10769] Bluetooth: hci4: command 0x1003 tx timeout [ 430.334665][ T52] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 431.301727][T11220] random: crng reseeded on system resumption [ 431.352956][T11216] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1328'. [ 431.451967][T11222] delete_channel: no stack [ 431.760837][T11232] FAULT_INJECTION: forcing a failure. [ 431.760837][T11232] name failslab, interval 1, probability 0, space 0, times 0 [ 431.819712][T11232] CPU: 0 UID: 0 PID: 11232 Comm: syz.0.1332 Tainted: G U syzkaller #0 PREEMPT(full) [ 431.819738][T11232] Tainted: [U]=USER [ 431.819743][T11232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 431.819752][T11232] Call Trace: [ 431.819757][T11232] [ 431.819762][T11232] dump_stack_lvl+0x16c/0x1f0 [ 431.819783][T11232] should_fail_ex+0x512/0x640 [ 431.819801][T11232] ? __kmalloc_cache_noprof+0x5f/0x780 [ 431.819820][T11232] should_failslab+0xc2/0x120 [ 431.819842][T11232] __kmalloc_cache_noprof+0x72/0x780 [ 431.819858][T11232] ? v4l2_fh_open+0x4c/0xa0 [ 431.819875][T11232] ? v4l2_fh_open+0x4c/0xa0 [ 431.819887][T11232] v4l2_fh_open+0x4c/0xa0 [ 431.819900][T11232] v4l2_open+0x1d2/0x5e0 [ 431.819920][T11232] ? __pfx_v4l2_open+0x10/0x10 [ 431.819940][T11232] chrdev_open+0x234/0x6a0 [ 431.819959][T11232] ? __pfx_apparmor_file_open+0x10/0x10 [ 431.819975][T11232] ? __pfx_chrdev_open+0x10/0x10 [ 431.819995][T11232] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 431.820018][T11232] do_dentry_open+0x6fe/0x1560 [ 431.820044][T11232] ? __pfx_chrdev_open+0x10/0x10 [ 431.820076][T11232] vfs_open+0x82/0x3f0 [ 431.820091][T11232] path_openat+0x2016/0x2f90 [ 431.820115][T11232] ? __pfx_path_openat+0x10/0x10 [ 431.820135][T11232] ? __lock_acquire+0xb8a/0x1c90 [ 431.820158][T11232] do_filp_open+0x20b/0x470 [ 431.820175][T11232] ? __pfx_do_filp_open+0x10/0x10 [ 431.820206][T11232] ? alloc_fd+0x471/0x7d0 [ 431.820227][T11232] do_sys_openat2+0x11b/0x1d0 [ 431.820246][T11232] ? __pfx_do_sys_openat2+0x10/0x10 [ 431.820267][T11232] __x64_sys_openat+0x174/0x210 [ 431.820281][T11232] ? __pfx___x64_sys_openat+0x10/0x10 [ 431.820303][T11232] do_syscall_64+0xcd/0xfa0 [ 431.820320][T11232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.820338][T11232] RIP: 0033:0x7f6d6398f7c9 [ 431.820350][T11232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 431.820364][T11232] RSP: 002b:00007f6d64823038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 431.820379][T11232] RAX: ffffffffffffffda RBX: 00007f6d63be6090 RCX: 00007f6d6398f7c9 [ 431.820389][T11232] RDX: 0000000000020081 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 431.820398][T11232] RBP: 00007f6d63a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 431.820407][T11232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 431.820416][T11232] R13: 00007f6d63be6128 R14: 00007f6d63be6090 R15: 00007ffcf4b67cf8 [ 431.820435][T11232] [ 432.072295][ C0] vkms_vblank_simulate: vblank timer overrun [ 432.866693][T11243] FAULT_INJECTION: forcing a failure. [ 432.866693][T11243] name failslab, interval 1, probability 0, space 0, times 0 [ 432.926082][T11243] CPU: 0 UID: 5 PID: 11243 Comm: syz.0.1337 Tainted: G U syzkaller #0 PREEMPT(full) [ 432.926109][T11243] Tainted: [U]=USER [ 432.926114][T11243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 432.926123][T11243] Call Trace: [ 432.926128][T11243] [ 432.926135][T11243] dump_stack_lvl+0x16c/0x1f0 [ 432.926156][T11243] should_fail_ex+0x512/0x640 [ 432.926174][T11243] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 432.926198][T11243] should_failslab+0xc2/0x120 [ 432.926220][T11243] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 432.926239][T11243] ? fib_rules_register+0x30/0x500 [ 432.926263][T11243] ? kmemdup_noprof+0x29/0x60 [ 432.926279][T11243] kmemdup_noprof+0x29/0x60 [ 432.926296][T11243] fib_rules_register+0x30/0x500 [ 432.926319][T11243] fib4_rules_init+0x1f/0x1c0 [ 432.926338][T11243] fib_net_init+0x1dc/0x3f0 [ 432.926351][T11243] ? __pfx___register_sysctl_table+0x10/0x10 [ 432.926368][T11243] ? __pfx_fib_net_init+0x10/0x10 [ 432.926381][T11243] ? lockdep_init_map_type+0x5c/0x280 [ 432.926402][T11243] ? do_init_timer+0xc9/0x110 [ 432.926421][T11243] ? devinet_init_net+0x5c2/0x910 [ 432.926438][T11243] ? __pfx_fib_net_init+0x10/0x10 [ 432.926450][T11243] ops_init+0x1e2/0x5f0 [ 432.926473][T11243] setup_net+0x11d/0x3a0 [ 432.926492][T11243] ? __pfx_setup_net+0x10/0x10 [ 432.926512][T11243] ? debug_mutex_init+0x37/0x70 [ 432.926530][T11243] copy_net_ns+0x351/0x5d0 [ 432.926553][T11243] create_new_namespaces+0x3ea/0xab0 [ 432.926573][T11243] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 432.926591][T11243] ksys_unshare+0x45b/0xa40 [ 432.926609][T11243] ? __pfx_ksys_unshare+0x10/0x10 [ 432.926628][T11243] ? xfd_validate_state+0x61/0x180 [ 432.926653][T11243] __x64_sys_unshare+0x31/0x40 [ 432.926670][T11243] do_syscall_64+0xcd/0xfa0 [ 432.926686][T11243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.926700][T11243] RIP: 0033:0x7f6d6398f7c9 [ 432.926712][T11243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.926726][T11243] RSP: 002b:00007f6d64844038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 432.926740][T11243] RAX: ffffffffffffffda RBX: 00007f6d63be5fa0 RCX: 00007f6d6398f7c9 [ 432.926749][T11243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 432.926758][T11243] RBP: 00007f6d63a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 432.926766][T11243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.926774][T11243] R13: 00007f6d63be6038 R14: 00007f6d63be5fa0 R15: 00007ffcf4b67cf8 [ 432.926794][T11243] [ 433.192199][ C0] vkms_vblank_simulate: vblank timer overrun [ 433.229497][T11245] Invalid ELF header magic: != ELF [ 433.961166][ T52] Bluetooth: hci1: unexpected event 0x0f length: 440 > 4 [ 433.962100][ T52] Bluetooth: hci1: unexpected event for opcode 0x0010 [ 435.259341][T11293] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1347'. [ 435.408826][T11299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1348'. [ 435.499838][T11301] FAULT_INJECTION: forcing a failure. [ 435.499838][T11301] name failslab, interval 1, probability 0, space 0, times 0 [ 435.546071][T11301] CPU: 0 UID: 0 PID: 11301 Comm: syz.1.1349 Tainted: G U syzkaller #0 PREEMPT(full) [ 435.546098][T11301] Tainted: [U]=USER [ 435.546103][T11301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 435.546112][T11301] Call Trace: [ 435.546117][T11301] [ 435.546124][T11301] dump_stack_lvl+0x16c/0x1f0 [ 435.546147][T11301] should_fail_ex+0x512/0x640 [ 435.546165][T11301] ? __kmalloc_noprof+0xca/0x880 [ 435.546183][T11301] should_failslab+0xc2/0x120 [ 435.546203][T11301] __kmalloc_noprof+0xdd/0x880 [ 435.546219][T11301] ? lsm_blob_alloc+0x68/0x90 [ 435.546239][T11301] ? lsm_blob_alloc+0x68/0x90 [ 435.546250][T11301] lsm_blob_alloc+0x68/0x90 [ 435.546263][T11301] security_sk_alloc+0x30/0x270 [ 435.546279][T11301] sk_prot_alloc+0x1c7/0x2a0 [ 435.546303][T11301] sk_alloc+0x36/0xb80 [ 435.546320][T11301] __netlink_create+0x5e/0x2c0 [ 435.546338][T11301] ? __wake_up+0x3f/0x60 [ 435.546357][T11301] netlink_create+0x39e/0x620 [ 435.546374][T11301] ? __pfx_genl_bind+0x10/0x10 [ 435.546386][T11301] ? __pfx_genl_unbind+0x10/0x10 [ 435.546396][T11301] ? __pfx_genl_release+0x10/0x10 [ 435.546411][T11301] __sock_create+0x338/0x8d0 [ 435.546428][T11301] __sys_socket+0x14d/0x260 [ 435.546442][T11301] ? __pfx___sys_socket+0x10/0x10 [ 435.546457][T11301] ? do_user_addr_fault+0x843/0x1370 [ 435.546482][T11301] __x64_sys_socket+0x72/0xb0 [ 435.546495][T11301] ? lockdep_hardirqs_on+0x7c/0x110 [ 435.546509][T11301] do_syscall_64+0xcd/0xfa0 [ 435.546524][T11301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.546538][T11301] RIP: 0033:0x7f1fe89916e7 [ 435.546550][T11301] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 435.546564][T11301] RSP: 002b:00007f1fe97ebfa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 435.546578][T11301] RAX: ffffffffffffffda RBX: 00007f1fe8be5fa0 RCX: 00007f1fe89916e7 [ 435.546587][T11301] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 435.546595][T11301] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 435.546603][T11301] R10: 0000200000000080 R11: 0000000000000286 R12: 0000000000000000 [ 435.546612][T11301] R13: 00007f1fe8be6038 R14: 00007f1fe8be5fa0 R15: 00007ffc58009a68 [ 435.546630][T11301] [ 435.780607][ C0] vkms_vblank_simulate: vblank timer overrun [ 436.132057][T11293] bond0: entered allmulticast mode [ 436.142209][T11293] bond_slave_0: entered allmulticast mode [ 436.160130][T11293] bond_slave_1: entered allmulticast mode [ 436.595852][T11307] binder: BINDER_SET_CONTEXT_MGR already set [ 436.644928][T11307] binder: 11305:11307 ioctl 4018620d 9 returned -16 [ 436.852283][T11318] delete_channel: no stack [ 438.006397][ T52] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 438.015147][ T52] Bluetooth: hci1: Injecting HCI hardware error event [ 438.024138][ T52] Bluetooth: hci1: hardware error 0x00 [ 439.403667][T11310] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 439.723579][T11360] FAULT_INJECTION: forcing a failure. [ 439.723579][T11360] name fail_futex, interval 1, probability 0, space 0, times 0 [ 439.770281][T11362] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1359'. [ 439.790951][T11360] CPU: 0 UID: 0 PID: 11360 Comm: syz.1.1358 Tainted: G U syzkaller #0 PREEMPT(full) [ 439.790977][T11360] Tainted: [U]=USER [ 439.790982][T11360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 439.790991][T11360] Call Trace: [ 439.790996][T11360] [ 439.791002][T11360] dump_stack_lvl+0x16c/0x1f0 [ 439.791022][T11360] should_fail_ex+0x512/0x640 [ 439.791043][T11360] get_futex_key+0x1d0/0x1560 [ 439.791067][T11360] ? __pfx_get_futex_key+0x10/0x10 [ 439.791086][T11360] ? stack_trace_save+0x8e/0xc0 [ 439.791104][T11360] ? __pfx_stack_trace_save+0x10/0x10 [ 439.791123][T11360] ? stack_depot_save_flags+0x29/0x9c0 [ 439.791142][T11360] futex_wait_setup+0x9d/0x550 [ 439.791162][T11360] __futex_wait+0x193/0x2f0 [ 439.791176][T11360] ? __pfx___futex_wait+0x10/0x10 [ 439.791193][T11360] ? __pfx_futex_wake_mark+0x10/0x10 [ 439.791210][T11360] ? futex_hash+0x2c5/0x380 [ 439.791230][T11360] ? futex_private_hash_put+0xd5/0x190 [ 439.791250][T11360] futex_wait+0xe8/0x380 [ 439.791263][T11360] ? __pfx_futex_wait+0x10/0x10 [ 439.791281][T11360] ? kmem_cache_free+0x2d4/0x6c0 [ 439.791298][T11360] ? putname+0xf5/0x1a0 [ 439.791372][T11360] do_futex+0x229/0x350 [ 439.791394][T11360] ? __pfx_do_futex+0x10/0x10 [ 439.791419][T11360] __x64_sys_futex+0x1e0/0x4c0 [ 439.791442][T11360] ? __x64_sys_openat+0x174/0x210 [ 439.791456][T11360] ? __pfx___x64_sys_futex+0x10/0x10 [ 439.791485][T11360] do_syscall_64+0xcd/0xfa0 [ 439.791501][T11360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.791515][T11360] RIP: 0033:0x7f1fe898f7c9 [ 439.791527][T11360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.791542][T11360] RSP: 002b:00007f1fe97ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 439.791557][T11360] RAX: ffffffffffffffda RBX: 00007f1fe8be5fa8 RCX: 00007f1fe898f7c9 [ 439.791566][T11360] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1fe8be5fa8 [ 439.791574][T11360] RBP: 00007f1fe8be5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 439.791583][T11360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 439.791591][T11360] R13: 00007f1fe8be6038 R14: 00007ffc58009980 R15: 00007ffc58009a68 [ 439.791610][T11360] [ 440.258884][T11360] FAULT_INJECTION: forcing a failure. [ 440.258884][T11360] name failslab, interval 1, probability 0, space 0, times 0 [ 440.272047][T11360] CPU: 0 UID: 0 PID: 11360 Comm: syz.1.1358 Tainted: G U syzkaller #0 PREEMPT(full) [ 440.272072][T11360] Tainted: [U]=USER [ 440.272077][T11360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 440.272086][T11360] Call Trace: [ 440.272091][T11360] [ 440.272096][T11360] dump_stack_lvl+0x16c/0x1f0 [ 440.272117][T11360] should_fail_ex+0x512/0x640 [ 440.272138][T11360] should_failslab+0xc2/0x120 [ 440.272161][T11360] kmem_cache_alloc_node_noprof+0x78/0x770 [ 440.272178][T11360] ? __alloc_skb+0x2b2/0x380 [ 440.272199][T11360] ? __alloc_skb+0x2b2/0x380 [ 440.272215][T11360] __alloc_skb+0x2b2/0x380 [ 440.272231][T11360] ? __pfx___alloc_skb+0x10/0x10 [ 440.272253][T11360] ? do_raw_write_lock+0x11c/0x3a0 [ 440.272271][T11360] tipc_buf_acquire+0x26/0xe0 [ 440.272300][T11360] named_prepare_buf+0x29/0x170 [ 440.272324][T11360] tipc_named_publish+0x1f2/0x770 [ 440.272349][T11360] tipc_nametbl_publish+0x17d/0x280 [ 440.272369][T11360] tipc_sk_publish+0x1d8/0x430 [ 440.272387][T11360] ? __pfx_tipc_sk_publish+0x10/0x10 [ 440.272405][T11360] ? __local_bh_enable_ip+0xa4/0x120 [ 440.272423][T11360] tipc_sk_bind+0x16f/0x380 [ 440.272441][T11360] tipc_bind+0x190/0x2a0 [ 440.272459][T11360] __sys_bind+0x1a7/0x260 [ 440.272474][T11360] ? __pfx___sys_bind+0x10/0x10 [ 440.272495][T11360] ? xfd_validate_state+0x61/0x180 [ 440.272518][T11360] __x64_sys_bind+0x72/0xb0 [ 440.272531][T11360] ? lockdep_hardirqs_on+0x7c/0x110 [ 440.272546][T11360] do_syscall_64+0xcd/0xfa0 [ 440.272561][T11360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.272575][T11360] RIP: 0033:0x7f1fe898f7c9 [ 440.272588][T11360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.272601][T11360] RSP: 002b:00007f1fe97ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 440.272616][T11360] RAX: ffffffffffffffda RBX: 00007f1fe8be5fa0 RCX: 00007f1fe898f7c9 [ 440.272625][T11360] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 000000000000000a [ 440.272633][T11360] RBP: 00007f1fe8a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 440.272642][T11360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 440.272650][T11360] R13: 00007f1fe8be6038 R14: 00007f1fe8be5fa0 R15: 00007ffc58009a68 [ 440.272668][T11360] [ 440.272675][T11360] tipc: Publication distribution failure [ 440.556544][ T52] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 440.563056][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 440.569584][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.582645][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.524768][T11395] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(4) [ 444.580365][T11405] can0: slcan on ttyS2. [ 444.687153][T11403] can0 (unregistered): slcan off ttyS2. [ 446.815972][ T30] audit: type=1800 audit(4294967414.549:12): pid=11435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1377" name="features" dev="configfs" ino=39480 res=0 errno=0 [ 449.896465][T11452] zero sized request [ 451.836591][T11488] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1386'. [ 453.523691][T11509] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1391'. [ 454.967094][T11528] FAULT_INJECTION: forcing a failure. [ 454.967094][T11528] name fail_futex, interval 1, probability 0, space 0, times 0 [ 454.980008][T11528] CPU: 0 UID: 0 PID: 11528 Comm: syz.3.1395 Tainted: G U syzkaller #0 PREEMPT(full) [ 454.980043][T11528] Tainted: [U]=USER [ 454.980051][T11528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 454.980060][T11528] Call Trace: [ 454.980066][T11528] [ 454.980072][T11528] dump_stack_lvl+0x16c/0x1f0 [ 454.980096][T11528] should_fail_ex+0x512/0x640 [ 454.980117][T11528] should_fail_futex+0x4c/0x60 [ 454.980138][T11528] futex_lock_pi_atomic+0x101/0xd50 [ 454.980156][T11528] futex_lock_pi+0x23f/0x7c0 [ 454.980173][T11528] ? __pfx_futex_lock_pi+0x10/0x10 [ 454.980185][T11528] ? __futex_wait+0x24b/0x2f0 [ 454.980215][T11528] ? futex_private_hash_put+0xd5/0x190 [ 454.980239][T11528] ? __pfx_futex_wake_mark+0x10/0x10 [ 454.980258][T11528] ? ksys_write+0x190/0x250 [ 454.980279][T11528] do_futex+0x11a/0x350 [ 454.980300][T11528] ? __pfx_do_futex+0x10/0x10 [ 454.980324][T11528] __x64_sys_futex+0x1e0/0x4c0 [ 454.980346][T11528] ? fput+0x9b/0xd0 [ 454.980365][T11528] ? __pfx___x64_sys_futex+0x10/0x10 [ 454.980385][T11528] ? xfd_validate_state+0x61/0x180 [ 454.980404][T11528] ? __pfx_ksys_write+0x10/0x10 [ 454.980426][T11528] do_syscall_64+0xcd/0xfa0 [ 454.980441][T11528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.980455][T11528] RIP: 0033:0x7f7c27d8f7c9 [ 454.980468][T11528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 454.980481][T11528] RSP: 002b:00007f7c28c60038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 454.980494][T11528] RAX: ffffffffffffffda RBX: 00007f7c27fe5fa0 RCX: 00007f7c27d8f7c9 [ 454.980503][T11528] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 454.980512][T11528] RBP: 00007f7c27e13f91 R08: 0000000000000000 R09: 000000008000fff5 [ 454.980521][T11528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 454.980529][T11528] R13: 00007f7c27fe6038 R14: 00007f7c27fe5fa0 R15: 00007ffd39696af8 [ 454.980549][T11528] [ 458.788174][T11535] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12 [ 458.800971][T11535] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12 [ 458.851925][T11535] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 459.072395][T11552] FAULT_INJECTION: forcing a failure. [ 459.072395][T11552] name fail_futex, interval 1, probability 0, space 0, times 0 [ 459.098064][T11552] CPU: 0 UID: 0 PID: 11552 Comm: syz.3.1403 Tainted: G U syzkaller #0 PREEMPT(full) [ 459.098092][T11552] Tainted: [U]=USER [ 459.098097][T11552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 459.098105][T11552] Call Trace: [ 459.098110][T11552] [ 459.098116][T11552] dump_stack_lvl+0x16c/0x1f0 [ 459.098137][T11552] should_fail_ex+0x512/0x640 [ 459.098158][T11552] get_futex_key+0x1d0/0x1560 [ 459.098182][T11552] ? __pfx_get_futex_key+0x10/0x10 [ 459.098200][T11552] ? find_held_lock+0x2b/0x80 [ 459.098223][T11552] futex_wake+0xea/0x530 [ 459.098248][T11552] ? __pfx_futex_wake+0x10/0x10 [ 459.098265][T11552] ? __lock_acquire+0x622/0x1c90 [ 459.098290][T11552] do_futex+0x1e3/0x350 [ 459.098311][T11552] ? __pfx_do_futex+0x10/0x10 [ 459.098333][T11552] ? find_held_lock+0x2b/0x80 [ 459.098351][T11552] __x64_sys_futex+0x1e0/0x4c0 [ 459.098372][T11552] ? __fget_files+0x20e/0x3c0 [ 459.098388][T11552] ? __fget_files+0x140/0x3c0 [ 459.098403][T11552] ? __pfx___x64_sys_futex+0x10/0x10 [ 459.098423][T11552] ? fput+0x9b/0xd0 [ 459.098443][T11552] ? io_uring_register_get_file+0x12e/0x1f0 [ 459.098462][T11552] do_syscall_64+0xcd/0xfa0 [ 459.098478][T11552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.098492][T11552] RIP: 0033:0x7f7c27d8f7c9 [ 459.098504][T11552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 459.098517][T11552] RSP: 002b:00007f7c28c600e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 459.098531][T11552] RAX: ffffffffffffffda RBX: 00007f7c27fe5fa8 RCX: 00007f7c27d8f7c9 [ 459.098540][T11552] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7c27fe5fac [ 459.098549][T11552] RBP: 00007f7c27fe5fa0 R08: 00007f7c28c61000 R09: 0000000000000000 [ 459.098557][T11552] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 459.098567][T11552] R13: 00007f7c27fe6038 R14: 00007ffd39696a10 R15: 00007ffd39696af8 [ 459.098586][T11552] [ 464.709102][T11593] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1413'. [ 467.337464][T11632] FAULT_INJECTION: forcing a failure. [ 467.337464][T11632] name failslab, interval 1, probability 0, space 0, times 0 [ 467.486073][T11632] CPU: 0 UID: 0 PID: 11632 Comm: syz.0.1422 Tainted: G U syzkaller #0 PREEMPT(full) [ 467.486100][T11632] Tainted: [U]=USER [ 467.486105][T11632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 467.486114][T11632] Call Trace: [ 467.486120][T11632] [ 467.486126][T11632] dump_stack_lvl+0x16c/0x1f0 [ 467.486146][T11632] should_fail_ex+0x512/0x640 [ 467.486164][T11632] ? __kmalloc_cache_noprof+0x5f/0x780 [ 467.486183][T11632] should_failslab+0xc2/0x120 [ 467.486203][T11632] __kmalloc_cache_noprof+0x72/0x780 [ 467.486219][T11632] ? kvm_uevent_notify_change.part.0+0x2b2/0x450 [ 467.486241][T11632] ? kvm_uevent_notify_change.part.0+0x2b2/0x450 [ 467.486258][T11632] kvm_uevent_notify_change.part.0+0x2b2/0x450 [ 467.486276][T11632] ? __pfx_kvm_vm_release+0x10/0x10 [ 467.486290][T11632] kvm_put_kvm+0xe3/0xb00 [ 467.486304][T11632] ? lockdep_hardirqs_on+0x7c/0x110 [ 467.486326][T11632] ? _raw_spin_unlock_irq+0x2e/0x50 [ 467.486350][T11632] ? __pfx_kvm_vm_release+0x10/0x10 [ 467.486365][T11632] kvm_vm_release+0x3c/0x50 [ 467.486380][T11632] __fput+0x402/0xb70 [ 467.486403][T11632] ? _raw_spin_unlock_irq+0x23/0x50 [ 467.486425][T11632] task_work_run+0x150/0x240 [ 467.486446][T11632] ? __pfx_task_work_run+0x10/0x10 [ 467.486467][T11632] ? __pfx___do_sys_close_range+0x10/0x10 [ 467.486489][T11632] exit_to_user_mode_loop+0xec/0x130 [ 467.486503][T11632] do_syscall_64+0x426/0xfa0 [ 467.486519][T11632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.486533][T11632] RIP: 0033:0x7f6d6398f7c9 [ 467.486546][T11632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.486559][T11632] RSP: 002b:00007f6d64823038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 467.486573][T11632] RAX: 0000000000000000 RBX: 00007f6d63be6090 RCX: 00007f6d6398f7c9 [ 467.486583][T11632] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 467.486591][T11632] RBP: 00007f6d63a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 467.486600][T11632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 467.486608][T11632] R13: 00007f6d63be6128 R14: 00007f6d63be6090 R15: 00007ffcf4b67cf8 [ 467.486627][T11632] [ 467.824525][T11629] delete_channel: no stack [ 467.892098][T11639] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1425'. [ 467.902594][T11639] netlink: 'syz.3.1425': attribute type 1 has an invalid length. [ 467.910501][T11639] netlink: 'syz.3.1425': attribute type 6 has an invalid length. [ 468.092542][T11642] random: crng reseeded on system resumption [ 468.160625][T11644] FAULT_INJECTION: forcing a failure. [ 468.160625][T11644] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 468.195295][T11645] Restarting kernel threads ... [ 468.212101][T11642] hub 1-0:1.0: USB hub found [ 468.220949][T11645] Done restarting kernel threads. [ 468.226289][T11642] hub 1-0:1.0: 1 port detected [ 468.292379][T11644] CPU: 0 UID: 0 PID: 11644 Comm: syz.0.1427 Tainted: G U syzkaller #0 PREEMPT(full) [ 468.292404][T11644] Tainted: [U]=USER [ 468.292409][T11644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 468.292418][T11644] Call Trace: [ 468.292423][T11644] [ 468.292429][T11644] dump_stack_lvl+0x16c/0x1f0 [ 468.292448][T11644] should_fail_ex+0x512/0x640 [ 468.292469][T11644] should_fail_alloc_page+0xe7/0x130 [ 468.292492][T11644] prepare_alloc_pages+0x3c2/0x610 [ 468.292512][T11644] ? rcu_is_watching+0x12/0xc0 [ 468.292531][T11644] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 468.292547][T11644] ? kasan_save_stack+0x33/0x60 [ 468.292564][T11644] ? kasan_save_track+0x14/0x30 [ 468.292586][T11644] ? __lock_acquire+0x622/0x1c90 [ 468.292610][T11644] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 468.292629][T11644] ? css_rstat_updated+0x1c2/0x510 [ 468.292651][T11644] ? __lock_acquire+0x622/0x1c90 [ 468.292673][T11644] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 468.292690][T11644] ? policy_nodemask+0xea/0x4e0 [ 468.292711][T11644] alloc_pages_mpol+0x1fb/0x550 [ 468.292732][T11644] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 468.292758][T11644] folio_alloc_mpol_noprof+0x36/0x2f0 [ 468.292773][T11644] vma_alloc_folio_noprof+0xed/0x1e0 [ 468.292787][T11644] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 468.292807][T11644] do_pte_missing+0x2202/0x3ba0 [ 468.292823][T11644] ? find_held_lock+0x2b/0x80 [ 468.292843][T11644] __handle_mm_fault+0x1556/0x2aa0 [ 468.292863][T11644] ? __pfx___handle_mm_fault+0x10/0x10 [ 468.292879][T11644] ? __pte_offset_map_lock+0x174/0x310 [ 468.292899][T11644] ? find_held_lock+0x2b/0x80 [ 468.292919][T11644] ? follow_page_pte+0x5cf/0x1390 [ 468.292944][T11644] handle_mm_fault+0x589/0xd10 [ 468.292962][T11644] __get_user_pages+0x54e/0x3530 [ 468.292991][T11644] ? __pfx___get_user_pages+0x10/0x10 [ 468.293017][T11644] populate_vma_page_range+0x267/0x3f0 [ 468.293040][T11644] ? __pfx_populate_vma_page_range+0x10/0x10 [ 468.293061][T11644] ? __pfx_find_vma_intersection+0x10/0x10 [ 468.293081][T11644] ? do_mmap+0x69c/0x1210 [ 468.293103][T11644] __mm_populate+0x1d8/0x380 [ 468.293116][T11644] ? __pfx___mm_populate+0x10/0x10 [ 468.293130][T11644] ? up_write+0x1b2/0x520 [ 468.293144][T11644] vm_mmap_pgoff+0x37f/0x470 [ 468.293167][T11644] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 468.293190][T11644] ? __x64_sys_futex+0x1e0/0x4c0 [ 468.293210][T11644] ? __x64_sys_futex+0x1e9/0x4c0 [ 468.293232][T11644] ksys_mmap_pgoff+0x7d/0x5c0 [ 468.293261][T11644] ? xfd_validate_state+0x61/0x180 [ 468.293281][T11644] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 468.293303][T11644] __x64_sys_mmap+0x125/0x190 [ 468.293326][T11644] do_syscall_64+0xcd/0xfa0 [ 468.293342][T11644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.293356][T11644] RIP: 0033:0x7f6d6398f7c9 [ 468.293369][T11644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.293383][T11644] RSP: 002b:00007f6d64844038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 468.293396][T11644] RAX: ffffffffffffffda RBX: 00007f6d63be5fa0 RCX: 00007f6d6398f7c9 [ 468.293406][T11644] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 468.293415][T11644] RBP: 00007f6d63a13f91 R08: 0000000000000002 R09: 0000000000008000 [ 468.293423][T11644] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 468.293432][T11644] R13: 00007f6d63be6038 R14: 00007f6d63be5fa0 R15: 00007ffcf4b67cf8 [ 468.293452][T11644] [ 469.064784][ T52] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 469.082062][ T52] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 469.106310][ T52] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 469.246069][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 469.349942][ T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 469.767305][T11658] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 469.767305][T11658] M' is too long [ 469.876567][T11658] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 469.876567][T11658] W ' is too long [ 469.935705][T11660] can0: slcan on ttyS2. [ 470.077875][T11659] can0 (unregistered): slcan off ttyS2. [ 470.167418][ T30] audit: type=1800 audit(4294967437.889:13): pid=11664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1433" name="dbroot" dev="configfs" ino=41015 res=0 errno=0 [ 470.533596][T11646] chnl_net:caif_netlink_parms(): no params data found [ 470.878329][T11675] ======================================================= [ 470.878329][T11675] WARNING: The mand mount option has been deprecated and [ 470.878329][T11675] and is ignored by this kernel. Remove the mand [ 470.878329][T11675] option from the mount to silence this warning. [ 470.878329][T11675] ======================================================= [ 471.048714][T11646] bridge0: port 1(bridge_slave_0) entered blocking state [ 471.080467][T11646] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.112924][T11646] bridge_slave_0: entered allmulticast mode [ 471.143526][T11646] bridge_slave_0: entered promiscuous mode [ 471.178735][T11646] bridge0: port 2(bridge_slave_1) entered blocking state [ 471.216470][T11646] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.254814][T11646] bridge_slave_1: entered allmulticast mode [ 471.291594][T11646] bridge_slave_1: entered promiscuous mode [ 471.319680][T11276] syz.4.1343 (11276) used greatest stack depth: 18696 bytes left [ 471.420613][T11646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 471.446685][T10769] Bluetooth: hci4: command tx timeout [ 471.479555][T11646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 471.697220][T11646] team0: Port device team_slave_0 added [ 471.778717][T11646] team0: Port device team_slave_1 added [ 471.821992][T11686] FAULT_INJECTION: forcing a failure. [ 471.821992][T11686] name failslab, interval 1, probability 0, space 0, times 0 [ 471.849645][T11686] CPU: 0 UID: 0 PID: 11686 Comm: syz.3.1438 Tainted: G U syzkaller #0 PREEMPT(full) [ 471.849672][T11686] Tainted: [U]=USER [ 471.849677][T11686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 471.849686][T11686] Call Trace: [ 471.849691][T11686] [ 471.849698][T11686] dump_stack_lvl+0x16c/0x1f0 [ 471.849717][T11686] should_fail_ex+0x512/0x640 [ 471.849735][T11686] ? __kmalloc_cache_noprof+0x5f/0x780 [ 471.849754][T11686] should_failslab+0xc2/0x120 [ 471.849776][T11686] __kmalloc_cache_noprof+0x72/0x780 [ 471.849792][T11686] ? ip_vs_protocol_net_init+0xbe/0x300 [ 471.849810][T11686] ? ip_vs_protocol_net_init+0xbe/0x300 [ 471.849824][T11686] ip_vs_protocol_net_init+0xbe/0x300 [ 471.849848][T11686] __ip_vs_init+0x239/0x520 [ 471.849867][T11686] ? __pfx___ip_vs_init+0x10/0x10 [ 471.849885][T11686] ops_init+0x1e2/0x5f0 [ 471.849908][T11686] setup_net+0x11d/0x3a0 [ 471.849928][T11686] ? __pfx_setup_net+0x10/0x10 [ 471.849947][T11686] ? debug_mutex_init+0x37/0x70 [ 471.849966][T11686] copy_net_ns+0x351/0x5d0 [ 471.849989][T11686] create_new_namespaces+0x3ea/0xab0 [ 471.850013][T11686] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 471.850030][T11686] ksys_unshare+0x45b/0xa40 [ 471.850049][T11686] ? __pfx_ksys_unshare+0x10/0x10 [ 471.850068][T11686] ? xfd_validate_state+0x61/0x180 [ 471.850092][T11686] __x64_sys_unshare+0x31/0x40 [ 471.850110][T11686] do_syscall_64+0xcd/0xfa0 [ 471.850126][T11686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.850139][T11686] RIP: 0033:0x7f7c27d8f7c9 [ 471.850152][T11686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 471.850165][T11686] RSP: 002b:00007f7c28c60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 471.850179][T11686] RAX: ffffffffffffffda RBX: 00007f7c27fe5fa0 RCX: 00007f7c27d8f7c9 [ 471.850188][T11686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 471.850196][T11686] RBP: 00007f7c27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 471.850204][T11686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 471.850212][T11686] R13: 00007f7c27fe6038 R14: 00007f7c27fe5fa0 R15: 00007ffd39696af8 [ 471.850232][T11686] [ 472.446616][ T1144] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.516180][T11646] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 472.523303][T11646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 472.586139][T11646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 472.635738][ T1144] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.689705][T11646] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 472.697229][T11646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 472.840343][T11694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1442'. [ 472.927901][T11697] FAULT_INJECTION: forcing a failure. [ 472.927901][T11697] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 472.942058][T11697] CPU: 0 UID: 0 PID: 11697 Comm: syz.3.1443 Tainted: G U syzkaller #0 PREEMPT(full) [ 472.942083][T11697] Tainted: [U]=USER [ 472.942088][T11697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 472.942097][T11697] Call Trace: [ 472.942102][T11697] [ 472.942107][T11697] dump_stack_lvl+0x16c/0x1f0 [ 472.942128][T11697] should_fail_ex+0x512/0x640 [ 472.942149][T11697] should_fail_alloc_page+0xe7/0x130 [ 472.942173][T11697] prepare_alloc_pages+0x3c2/0x610 [ 472.942194][T11697] ? stack_depot_save_flags+0x29/0x9c0 [ 472.942213][T11697] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 472.942231][T11697] ? kasan_save_stack+0x33/0x60 [ 472.942253][T11697] ? kasan_save_track+0x14/0x30 [ 472.942270][T11697] ? __kasan_slab_alloc+0x89/0x90 [ 472.942289][T11697] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 472.942305][T11697] ? ptlock_alloc+0x1f/0x70 [ 472.942318][T11697] ? pte_alloc_one+0x84/0x350 [ 472.942332][T11697] ? __pte_alloc+0x6d/0x380 [ 472.942349][T11697] ? walk_pgd_range+0xb84/0x1f50 [ 472.942364][T11697] ? __walk_page_range+0x163/0x820 [ 472.942380][T11697] ? walk_page_range_mm+0x461/0xb40 [ 472.942395][T11697] ? madvise_vma_behavior+0xa54/0x2d50 [ 472.942415][T11697] ? madvise_walk_vmas+0x31f/0x9c0 [ 472.942426][T11697] ? madvise_do_behavior+0x1e2/0x530 [ 472.942438][T11697] ? do_madvise+0x176/0x240 [ 472.942448][T11697] ? __x64_sys_madvise+0xa9/0x110 [ 472.942459][T11697] ? do_syscall_64+0xcd/0xfa0 [ 472.942472][T11697] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.942488][T11697] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 472.942508][T11697] ? look_up_lock_class+0x6b/0x150 [ 472.942530][T11697] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 472.942547][T11697] ? policy_nodemask+0xea/0x4e0 [ 472.942569][T11697] alloc_pages_mpol+0x1fb/0x550 [ 472.942590][T11697] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 472.942610][T11697] ? do_raw_spin_lock+0x12c/0x2b0 [ 472.942624][T11697] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 472.942641][T11697] alloc_pages_noprof+0x131/0x390 [ 472.942662][T11697] pte_alloc_one+0x1e/0x350 [ 472.942678][T11697] __pte_alloc+0x6d/0x380 [ 472.942696][T11697] ? __pfx___pte_alloc+0x10/0x10 [ 472.942715][T11697] ? walk_pgd_range+0x13b4/0x1f50 [ 472.942734][T11697] walk_pgd_range+0xb84/0x1f50 [ 472.942753][T11697] ? __pfx_guard_install_set_pte+0x10/0x10 [ 472.942773][T11697] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 472.942801][T11697] ? __pfx_guard_install_set_pte+0x10/0x10 [ 472.942826][T11697] ? __pfx_guard_install_set_pte+0x10/0x10 [ 472.942847][T11697] ? __pfx_guard_install_set_pte+0x10/0x10 [ 472.942869][T11697] ? __pfx_walk_pgd_range+0x10/0x10 [ 472.942888][T11697] ? __lock_acquire+0xb8a/0x1c90 [ 472.942911][T11697] __walk_page_range+0x163/0x820 [ 472.942930][T11697] ? find_vma+0xbf/0x140 [ 472.942948][T11697] ? __pfx_find_vma+0x10/0x10 [ 472.942967][T11697] ? walk_page_test+0x9b/0x180 [ 472.942985][T11697] walk_page_range_mm+0x461/0xb40 [ 472.943005][T11697] ? __pfx_walk_page_range_mm+0x10/0x10 [ 472.943028][T11697] ? __anon_vma_prepare+0x2e2/0x5e0 [ 472.943045][T11697] madvise_vma_behavior+0xa54/0x2d50 [ 472.943069][T11697] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 472.943084][T11697] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 472.943106][T11697] ? mas_prev+0x9b/0xf0 [ 472.943120][T11697] ? __pfx_mas_prev+0x10/0x10 [ 472.943139][T11697] ? find_vma_prev+0xd3/0x150 [ 472.943158][T11697] ? find_held_lock+0x2b/0x80 [ 472.943173][T11697] ? __pfx_find_vma_prev+0x10/0x10 [ 472.943199][T11697] ? __futex_wait+0x24b/0x2f0 [ 472.943216][T11697] madvise_walk_vmas+0x31f/0x9c0 [ 472.943232][T11697] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 472.943259][T11697] madvise_do_behavior+0x1e2/0x530 [ 472.943271][T11697] ? futex_private_hash_put+0xd5/0x190 [ 472.943290][T11697] ? __pfx_madvise_do_behavior+0x10/0x10 [ 472.943304][T11697] ? down_read+0x13d/0x480 [ 472.943329][T11697] do_madvise+0x176/0x240 [ 472.943341][T11697] ? __pfx_do_madvise+0x10/0x10 [ 472.943353][T11697] ? do_futex+0x122/0x350 [ 472.943376][T11697] ? __pfx___might_resched+0x10/0x10 [ 472.943400][T11697] ? xfd_validate_state+0x61/0x180 [ 472.943423][T11697] __x64_sys_madvise+0xa9/0x110 [ 472.943436][T11697] ? lockdep_hardirqs_on+0x7c/0x110 [ 472.943450][T11697] do_syscall_64+0xcd/0xfa0 [ 472.943465][T11697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.943479][T11697] RIP: 0033:0x7f7c27d8f7c9 [ 472.943492][T11697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 472.943506][T11697] RSP: 002b:00007f7c28c60038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 472.943520][T11697] RAX: ffffffffffffffda RBX: 00007f7c27fe5fa0 RCX: 00007f7c27d8f7c9 [ 472.943530][T11697] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 472.943538][T11697] RBP: 00007f7c27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 472.943547][T11697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 472.943555][T11697] R13: 00007f7c27fe6038 R14: 00007f7c27fe5fa0 R15: 00007ffd39696af8 [ 472.943590][T11697] [ 472.943649][T11646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 473.623977][T10769] Bluetooth: hci4: command tx timeout [ 474.542609][ T1144] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.181100][ T1144] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.326651][T11646] hsr_slave_0: entered promiscuous mode [ 475.343265][T11646] hsr_slave_1: entered promiscuous mode [ 475.364113][T11646] debugfs: 'hsr0' already exists in 'hsr' [ 475.378541][T11646] Cannot create hsr debugfs directory [ 475.686587][T10769] Bluetooth: hci4: command tx timeout [ 476.370288][T10769] Bluetooth: hci3: unexpected event 0x3e length: 728 > 260 [ 476.370312][T10769] Bluetooth: hci3: unexpected subevent 0x0c length: 727 > 5 [ 476.962827][ T1144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 477.026680][ T1144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 477.071239][ T1144] bond0 (unregistering): Released all slaves [ 477.164543][T11738] FAULT_INJECTION: forcing a failure. [ 477.164543][T11738] name failslab, interval 1, probability 0, space 0, times 0 [ 477.178432][T11738] CPU: 0 UID: 0 PID: 11738 Comm: syz.3.1451 Tainted: G U syzkaller #0 PREEMPT(full) [ 477.178456][T11738] Tainted: [U]=USER [ 477.178461][T11738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 477.178470][T11738] Call Trace: [ 477.178475][T11738] [ 477.178481][T11738] dump_stack_lvl+0x16c/0x1f0 [ 477.178502][T11738] should_fail_ex+0x512/0x640 [ 477.178519][T11738] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 477.178539][T11738] should_failslab+0xc2/0x120 [ 477.178560][T11738] kmem_cache_alloc_noprof+0x75/0x6e0 [ 477.178576][T11738] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 477.178601][T11738] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 477.178620][T11738] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 477.178644][T11738] idr_get_free+0x528/0xa30 [ 477.178671][T11738] idr_alloc_u32+0x190/0x2f0 [ 477.178693][T11738] ? __pfx_idr_alloc_u32+0x10/0x10 [ 477.178717][T11738] ? __pfx___mutex_lock+0x10/0x10 [ 477.178736][T11738] idr_alloc+0xc0/0x130 [ 477.178756][T11738] ? __pfx_idr_alloc+0x10/0x10 [ 477.178777][T11738] ? __radix_tree_lookup+0x21f/0x2c0 [ 477.178801][T11738] ppp_dev_configure+0x989/0xd40 [ 477.178822][T11738] ppp_ioctl+0x170e/0x2880 [ 477.178838][T11738] ? find_held_lock+0x2b/0x80 [ 477.178854][T11738] ? __pfx_ppp_ioctl+0x10/0x10 [ 477.178873][T11738] ? __fget_files+0x20e/0x3c0 [ 477.178893][T11738] ? __pfx_ppp_ioctl+0x10/0x10 [ 477.178910][T11738] __x64_sys_ioctl+0x18e/0x210 [ 477.178926][T11738] do_syscall_64+0xcd/0xfa0 [ 477.178941][T11738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.178955][T11738] RIP: 0033:0x7f7c27d8f7c9 [ 477.178968][T11738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 477.178981][T11738] RSP: 002b:00007f7c28c60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 477.178995][T11738] RAX: ffffffffffffffda RBX: 00007f7c27fe5fa0 RCX: 00007f7c27d8f7c9 [ 477.179005][T11738] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000008 [ 477.179013][T11738] RBP: 00007f7c27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 477.179021][T11738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.179029][T11738] R13: 00007f7c27fe6038 R14: 00007f7c27fe5fa0 R15: 00007ffd39696af8 [ 477.179048][T11738] [ 477.451697][T11646] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 477.483110][T11753] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1453'. [ 477.712722][T11646] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 477.811191][T11646] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 477.835229][T10769] Bluetooth: hci4: command tx timeout [ 477.859783][T11646] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 478.232330][T11758] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 479.183585][ T1144] hsr_slave_0: left promiscuous mode [ 479.200548][ T1144] hsr_slave_1: left promiscuous mode [ 479.219928][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 479.243433][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 479.257869][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 479.265438][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 479.317217][ T1144] veth1_macvtap: left promiscuous mode [ 479.322962][ T1144] veth0_macvtap: left promiscuous mode [ 480.198743][T11811] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1462'. [ 480.393949][ T1144] team0 (unregistering): Port device team_slave_1 removed [ 480.457431][ T1144] team0 (unregistering): Port device team_slave_0 removed [ 481.471948][T11646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 481.525712][T11646] 8021q: adding VLAN 0 to HW filter on device team0 [ 481.580935][ T1153] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.588161][ T1153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 481.664885][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.672032][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 484.386188][T11646] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 485.485173][T11877] binder: 11876:11877 ioctl 5380 2000000000c0 returned -22 [ 485.551628][T11877] sd 0:0:1:0: PR command failed: 1026 [ 485.573365][T11877] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 485.603160][T11877] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 485.694001][T11646] veth0_vlan: entered promiscuous mode [ 485.737489][T11646] veth1_vlan: entered promiscuous mode [ 486.248725][T11646] veth0_macvtap: entered promiscuous mode [ 486.903523][T11646] veth1_macvtap: entered promiscuous mode [ 487.324801][T11646] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 487.345657][T11646] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 487.535247][ T60] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 487.545235][ T60] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 487.555162][ T60] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 487.568335][ T60] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.013806][T11836] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 488.052861][T11836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 488.128886][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 488.192830][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 490.685400][T11993] FAULT_INJECTION: forcing a failure. [ 490.685400][T11993] name failslab, interval 1, probability 0, space 0, times 0 [ 490.698269][T11993] CPU: 1 UID: 0 PID: 11993 Comm: syz.3.1495 Tainted: G U syzkaller #0 PREEMPT(full) [ 490.698293][T11993] Tainted: [U]=USER [ 490.698298][T11993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 490.698307][T11993] Call Trace: [ 490.698313][T11993] [ 490.698318][T11993] dump_stack_lvl+0x16c/0x1f0 [ 490.698339][T11993] should_fail_ex+0x512/0x640 [ 490.698357][T11993] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 490.698377][T11993] should_failslab+0xc2/0x120 [ 490.698399][T11993] kmem_cache_alloc_noprof+0x75/0x6e0 [ 490.698416][T11993] ? ptlock_alloc+0x1f/0x70 [ 490.698434][T11993] ? ptlock_alloc+0x1f/0x70 [ 490.698446][T11993] ptlock_alloc+0x1f/0x70 [ 490.698459][T11993] pte_alloc_one+0x84/0x350 [ 490.698476][T11993] __pte_alloc+0x6d/0x380 [ 490.698494][T11993] ? __pfx___pte_alloc+0x10/0x10 [ 490.698512][T11993] ? __lock_acquire+0x622/0x1c90 [ 490.698536][T11993] do_pte_missing+0x282c/0x3ba0 [ 490.698550][T11993] ? mtree_range_walk+0x718/0xc00 [ 490.698573][T11993] ? find_held_lock+0x2b/0x80 [ 490.698590][T11993] __handle_mm_fault+0x1556/0x2aa0 [ 490.698610][T11993] ? __pfx___handle_mm_fault+0x10/0x10 [ 490.698640][T11993] handle_mm_fault+0x589/0xd10 [ 490.698659][T11993] __get_user_pages+0x54e/0x3530 [ 490.698688][T11993] ? __pfx___get_user_pages+0x10/0x10 [ 490.698714][T11993] populate_vma_page_range+0x267/0x3f0 [ 490.698736][T11993] ? __pfx_populate_vma_page_range+0x10/0x10 [ 490.698760][T11993] ? __pfx_find_vma_intersection+0x10/0x10 [ 490.698781][T11993] ? do_mmap+0x69c/0x1210 [ 490.698802][T11993] __mm_populate+0x1d8/0x380 [ 490.698816][T11993] ? __pfx___mm_populate+0x10/0x10 [ 490.698830][T11993] ? up_write+0x1b2/0x520 [ 490.698845][T11993] vm_mmap_pgoff+0x37f/0x470 [ 490.698867][T11993] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 490.698890][T11993] ? __x64_sys_futex+0x1e0/0x4c0 [ 490.698910][T11993] ? __x64_sys_futex+0x1e9/0x4c0 [ 490.698932][T11993] ksys_mmap_pgoff+0x7d/0x5c0 [ 490.698951][T11993] ? xfd_validate_state+0x61/0x180 [ 490.698969][T11993] ? __pfx_do_writev+0x10/0x10 [ 490.698988][T11993] __x64_sys_mmap+0x125/0x190 [ 490.699020][T11993] do_syscall_64+0xcd/0xfa0 [ 490.699037][T11993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 490.699051][T11993] RIP: 0033:0x7f7c27d8f7c9 [ 490.699064][T11993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 490.699079][T11993] RSP: 002b:00007f7c28c3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 490.699094][T11993] RAX: ffffffffffffffda RBX: 00007f7c27fe6090 RCX: 00007f7c27d8f7c9 [ 490.699104][T11993] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 490.699113][T11993] RBP: 00007f7c27e13f91 R08: ffffffffffffffff R09: 0000000000008000 [ 490.699122][T11993] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 490.699132][T11993] R13: 00007f7c27fe6128 R14: 00007f7c27fe6090 R15: 00007ffd39696af8 [ 490.699152][T11993] [ 491.180907][T11997] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1497'. [ 493.781343][T12044] ima: policy update failed [ 494.026079][ T30] audit: type=1802 audit(4294967306.980:14): pid=12044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.1504" res=0 errno=0 [ 494.152541][T12044] netlink: 25 bytes leftover after parsing attributes in process `syz.5.1504'. [ 494.297587][T12052] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1506'. [ 494.396072][T12055] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1507'. [ 494.560478][T12055] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1507'. [ 494.949269][T12070] vhci_hcd: invalid port number 16 [ 494.954451][T12070] vhci_hcd: invalid port number 16 [ 496.047212][T12084] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 497.986730][T12118] FAULT_INJECTION: forcing a failure. [ 497.986730][T12118] name failslab, interval 1, probability 0, space 0, times 0 [ 498.009967][T12118] CPU: 0 UID: 0 PID: 12118 Comm: syz.3.1524 Tainted: G U syzkaller #0 PREEMPT(full) [ 498.010010][T12118] Tainted: [U]=USER [ 498.010018][T12118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 498.010032][T12118] Call Trace: [ 498.010041][T12118] [ 498.010050][T12118] dump_stack_lvl+0x16c/0x1f0 [ 498.010089][T12118] should_fail_ex+0x512/0x640 [ 498.010118][T12118] ? __kmalloc_noprof+0xca/0x880 [ 498.010151][T12118] should_failslab+0xc2/0x120 [ 498.010188][T12118] __kmalloc_noprof+0xdd/0x880 [ 498.010212][T12118] ? maybe_get_net+0x216/0x3c0 [ 498.010242][T12118] ? __seq_open_private+0x22/0xd0 [ 498.010274][T12118] ? __seq_open_private+0x22/0xd0 [ 498.010297][T12118] __seq_open_private+0x22/0xd0 [ 498.010321][T12118] seq_open_net+0x1ab/0x2a0 [ 498.010347][T12118] ? __pfx_seq_open_net+0x10/0x10 [ 498.010375][T12118] proc_reg_open+0x2ab/0x5f0 [ 498.010402][T12118] do_dentry_open+0x6fe/0x1560 [ 498.010433][T12118] ? __pfx_proc_reg_open+0x10/0x10 [ 498.010463][T12118] vfs_open+0x82/0x3f0 [ 498.010489][T12118] path_openat+0x2016/0x2f90 [ 498.010532][T12118] ? __pfx_path_openat+0x10/0x10 [ 498.010565][T12118] ? __lock_acquire+0xb8a/0x1c90 [ 498.010604][T12118] do_filp_open+0x20b/0x470 [ 498.010635][T12118] ? __pfx_do_filp_open+0x10/0x10 [ 498.010678][T12118] ? __pfx_kfree_link+0x10/0x10 [ 498.010710][T12118] ? alloc_fd+0x471/0x7d0 [ 498.010749][T12118] do_sys_openat2+0x11b/0x1d0 [ 498.010772][T12118] ? __pfx_do_sys_openat2+0x10/0x10 [ 498.010796][T12118] ? find_held_lock+0x2b/0x80 [ 498.010832][T12118] __x64_sys_openat+0x174/0x210 [ 498.010858][T12118] ? __pfx___x64_sys_openat+0x10/0x10 [ 498.010898][T12118] do_syscall_64+0xcd/0xfa0 [ 498.010927][T12118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.010954][T12118] RIP: 0033:0x7f7c27d8f7c9 [ 498.010976][T12118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 498.011000][T12118] RSP: 002b:00007f7c28c60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 498.011025][T12118] RAX: ffffffffffffffda RBX: 00007f7c27fe5fa0 RCX: 00007f7c27d8f7c9 [ 498.011042][T12118] RDX: 0000000000040900 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 498.011067][T12118] RBP: 00007f7c27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 498.011083][T12118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 498.011098][T12118] R13: 00007f7c27fe6038 R14: 00007f7c27fe5fa0 R15: 00007ffd39696af8 [ 498.011136][T12118] [ 498.365056][T12116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1523'. [ 498.745857][T12131] FAULT_INJECTION: forcing a failure. [ 498.745857][T12131] name failslab, interval 1, probability 0, space 0, times 0 [ 498.764049][T12131] CPU: 1 UID: 0 PID: 12131 Comm: syz.3.1528 Tainted: G U syzkaller #0 PREEMPT(full) [ 498.764093][T12131] Tainted: [U]=USER [ 498.764109][T12131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 498.764125][T12131] Call Trace: [ 498.764133][T12131] [ 498.764144][T12131] dump_stack_lvl+0x16c/0x1f0 [ 498.764242][T12131] should_fail_ex+0x512/0x640 [ 498.764269][T12131] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 498.764304][T12131] should_failslab+0xc2/0x120 [ 498.764338][T12131] kmem_cache_alloc_noprof+0x75/0x6e0 [ 498.764365][T12131] ? __proc_create+0x2ce/0x8e0 [ 498.764400][T12131] ? __proc_create+0x2ce/0x8e0 [ 498.764427][T12131] __proc_create+0x2ce/0x8e0 [ 498.764457][T12131] ? __pfx___proc_create+0x10/0x10 [ 498.764482][T12131] ? __register_sysctl_table+0x736/0x1900 [ 498.764517][T12131] ? _raw_spin_unlock+0x28/0x50 [ 498.764561][T12131] proc_create_reg+0x7d/0x180 [ 498.764594][T12131] proc_create_net_data+0x8e/0x1c0 [ 498.764625][T12131] ? __pfx_proc_create_net_data+0x10/0x10 [ 498.764662][T12131] ? __pfx_arp_net_init+0x10/0x10 [ 498.764693][T12131] arp_net_init+0x53/0x70 [ 498.764723][T12131] ops_init+0x1e2/0x5f0 [ 498.764763][T12131] setup_net+0x11d/0x3a0 [ 498.764801][T12131] ? __pfx_setup_net+0x10/0x10 [ 498.764839][T12131] ? debug_mutex_init+0x37/0x70 [ 498.764874][T12131] copy_net_ns+0x351/0x5d0 [ 498.764917][T12131] create_new_namespaces+0x3ea/0xab0 [ 498.764956][T12131] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 498.765015][T12131] ksys_unshare+0x45b/0xa40 [ 498.765051][T12131] ? __pfx_ksys_unshare+0x10/0x10 [ 498.765099][T12131] __x64_sys_unshare+0x31/0x40 [ 498.765132][T12131] do_syscall_64+0xcd/0xfa0 [ 498.765162][T12131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.765188][T12131] RIP: 0033:0x7f7c27d8f7c9 [ 498.765211][T12131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 498.765237][T12131] RSP: 002b:00007f7c28c3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 498.765261][T12131] RAX: ffffffffffffffda RBX: 00007f7c27fe6090 RCX: 00007f7c27d8f7c9 [ 498.765279][T12131] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 498.765294][T12131] RBP: 00007f7c27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 498.765310][T12131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 498.765325][T12131] R13: 00007f7c27fe6128 R14: 00007f7c27fe6090 R15: 00007ffd39696af8 [ 498.765363][T12131] [ 499.238747][T12143] FAULT_INJECTION: forcing a failure. [ 499.238747][T12143] name failslab, interval 1, probability 0, space 0, times 0 [ 499.251644][T12143] CPU: 0 UID: 0 PID: 12143 Comm: syz.3.1531 Tainted: G U syzkaller #0 PREEMPT(full) [ 499.251688][T12143] Tainted: [U]=USER [ 499.251698][T12143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 499.251713][T12143] Call Trace: [ 499.251722][T12143] [ 499.251732][T12143] dump_stack_lvl+0x16c/0x1f0 [ 499.251765][T12143] should_fail_ex+0x512/0x640 [ 499.251794][T12143] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 499.251831][T12143] should_failslab+0xc2/0x120 [ 499.251870][T12143] kmem_cache_alloc_noprof+0x75/0x6e0 [ 499.251901][T12143] ? getname_flags.part.0+0x4c/0x550 [ 499.251930][T12143] ? getname_flags.part.0+0x4c/0x550 [ 499.251950][T12143] getname_flags.part.0+0x4c/0x550 [ 499.251979][T12143] getname_flags+0x93/0xf0 [ 499.252009][T12143] do_sys_openat2+0xb8/0x1d0 [ 499.252033][T12143] ? __pfx_do_sys_openat2+0x10/0x10 [ 499.252088][T12143] __x64_sys_openat+0x174/0x210 [ 499.252115][T12143] ? __pfx___x64_sys_openat+0x10/0x10 [ 499.252156][T12143] do_syscall_64+0xcd/0xfa0 [ 499.252192][T12143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.252218][T12143] RIP: 0033:0x7f7c27d8e010 [ 499.252239][T12143] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 499.252263][T12143] RSP: 002b:00007f7c28c3ef10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 499.252290][T12143] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f7c27d8e010 [ 499.252308][T12143] RDX: 0000000000000002 RSI: 00007f7c28c3efa0 RDI: 00000000ffffff9c [ 499.252324][T12143] RBP: 00007f7c28c3efa0 R08: 0000000000000000 R09: 0000000000000000 [ 499.252341][T12143] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 499.252356][T12143] R13: 00007f7c27fe6128 R14: 00007f7c27fe6090 R15: 00007ffd39696af8 [ 499.252394][T12143] [ 501.533810][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.540292][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.616718][T12180] FAULT_INJECTION: forcing a failure. [ 501.616718][T12180] name failslab, interval 1, probability 0, space 0, times 0 [ 501.661953][T12180] CPU: 0 UID: 0 PID: 12180 Comm: syz.5.1536 Tainted: G U syzkaller #0 PREEMPT(full) [ 501.661993][T12180] Tainted: [U]=USER [ 501.662001][T12180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 501.662015][T12180] Call Trace: [ 501.662023][T12180] [ 501.662033][T12180] dump_stack_lvl+0x16c/0x1f0 [ 501.662064][T12180] should_fail_ex+0x512/0x640 [ 501.662091][T12180] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 501.662125][T12180] should_failslab+0xc2/0x120 [ 501.662160][T12180] kmem_cache_alloc_noprof+0x75/0x6e0 [ 501.662189][T12180] ? taskstats_exit+0x654/0xbe0 [ 501.662221][T12180] ? taskstats_exit+0x654/0xbe0 [ 501.662244][T12180] ? acct_update_integrals+0x2ce/0x4a0 [ 501.662267][T12180] taskstats_exit+0x654/0xbe0 [ 501.662296][T12180] ? __pfx_taskstats_exit+0x10/0x10 [ 501.662325][T12180] ? exit_signals+0x38e/0xb40 [ 501.662356][T12180] do_exit+0x5dc/0x2bf0 [ 501.662394][T12180] ? __pfx_do_exit+0x10/0x10 [ 501.662437][T12180] ? do_raw_spin_lock+0x12c/0x2b0 [ 501.662459][T12180] ? find_held_lock+0x2b/0x80 [ 501.662492][T12180] do_group_exit+0xd3/0x2a0 [ 501.662527][T12180] get_signal+0x2671/0x26d0 [ 501.662567][T12180] ? __pfx_get_signal+0x10/0x10 [ 501.662593][T12180] ? do_futex+0x122/0x350 [ 501.662627][T12180] ? __pfx_do_futex+0x10/0x10 [ 501.662664][T12180] arch_do_signal_or_restart+0x8f/0x790 [ 501.662696][T12180] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 501.662736][T12180] ? xfd_validate_state+0x61/0x180 [ 501.662776][T12180] exit_to_user_mode_loop+0x85/0x130 [ 501.662802][T12180] do_syscall_64+0x426/0xfa0 [ 501.662835][T12180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.662859][T12180] RIP: 0033:0x7fb460d8f7c9 [ 501.662878][T12180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 501.662902][T12180] RSP: 002b:00007fb461b4b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 501.662926][T12180] RAX: fffffffffffffe00 RBX: 00007fb460fe5fa8 RCX: 00007fb460d8f7c9 [ 501.662943][T12180] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb460fe5fa8 [ 501.662958][T12180] RBP: 00007fb460fe5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 501.662972][T12180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 501.662987][T12180] R13: 00007fb460fe6038 R14: 00007fff989cbe50 R15: 00007fff989cbf38 [ 501.663022][T12180] [ 507.255765][T12287] FAULT_INJECTION: forcing a failure. [ 507.255765][T12287] name failslab, interval 1, probability 0, space 0, times 0 [ 507.269057][T12287] CPU: 1 UID: 0 PID: 12287 Comm: syz.1.1551 Tainted: G U syzkaller #0 PREEMPT(full) [ 507.269100][T12287] Tainted: [U]=USER [ 507.269108][T12287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 507.269124][T12287] Call Trace: [ 507.269132][T12287] [ 507.269142][T12287] dump_stack_lvl+0x16c/0x1f0 [ 507.269176][T12287] should_fail_ex+0x512/0x640 [ 507.269208][T12287] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 507.269243][T12287] should_failslab+0xc2/0x120 [ 507.269281][T12287] kmem_cache_alloc_noprof+0x75/0x6e0 [ 507.269310][T12287] ? prepare_creds+0x2c/0x740 [ 507.269339][T12287] ? prepare_creds+0x2c/0x740 [ 507.269359][T12287] prepare_creds+0x2c/0x740 [ 507.269385][T12287] __sys_setregid+0x101/0x910 [ 507.269410][T12287] ? rcu_is_watching+0x12/0xc0 [ 507.269440][T12287] do_syscall_64+0xcd/0xfa0 [ 507.269468][T12287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.269493][T12287] RIP: 0033:0x7f1fe898f7c9 [ 507.269513][T12287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 507.269537][T12287] RSP: 002b:00007f1fe97ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000072 [ 507.269561][T12287] RAX: ffffffffffffffda RBX: 00007f1fe8be5fa0 RCX: 00007f1fe898f7c9 [ 507.269578][T12287] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000002000 [ 507.269594][T12287] RBP: 00007f1fe8a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 507.269609][T12287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 507.269624][T12287] R13: 00007f1fe8be6038 R14: 00007f1fe8be5fa0 R15: 00007ffc58009a68 [ 507.269660][T12287] [ 509.306661][T12321] random: crng reseeded on system resumption [ 509.508623][T12325] random: crng reseeded on system resumption [ 511.916659][T12354] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1568'. [ 512.721002][T12367] random: crng reseeded on system resumption [ 513.135536][T12378] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1575'. [ 513.497292][T12385] Invalid ELF header magic: != ELF [ 515.622029][T12427] random: crng reseeded on system resumption [ 518.348389][T12463] FAULT_INJECTION: forcing a failure. [ 518.348389][T12463] name failslab, interval 1, probability 0, space 0, times 0 [ 518.486575][T12463] CPU: 0 UID: 0 PID: 12463 Comm: syz.1.1593 Tainted: G U syzkaller #0 PREEMPT(full) [ 518.486620][T12463] Tainted: [U]=USER [ 518.486630][T12463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 518.486645][T12463] Call Trace: [ 518.486654][T12463] [ 518.486664][T12463] dump_stack_lvl+0x16c/0x1f0 [ 518.486697][T12463] should_fail_ex+0x512/0x640 [ 518.486726][T12463] ? __kmalloc_cache_noprof+0x5f/0x780 [ 518.486760][T12463] should_failslab+0xc2/0x120 [ 518.486807][T12463] __kmalloc_cache_noprof+0x72/0x780 [ 518.486837][T12463] ? v4l2_fh_open+0x4c/0xa0 [ 518.486869][T12463] ? v4l2_fh_open+0x4c/0xa0 [ 518.486886][T12463] v4l2_fh_open+0x4c/0xa0 [ 518.486910][T12463] v4l2_open+0x1d2/0x5e0 [ 518.486946][T12463] ? __pfx_v4l2_open+0x10/0x10 [ 518.486981][T12463] chrdev_open+0x234/0x6a0 [ 518.487014][T12463] ? __pfx_apparmor_file_open+0x10/0x10 [ 518.487042][T12463] ? __pfx_chrdev_open+0x10/0x10 [ 518.487079][T12463] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 518.487122][T12463] do_dentry_open+0x6fe/0x1560 [ 518.487154][T12463] ? __pfx_chrdev_open+0x10/0x10 [ 518.487198][T12463] vfs_open+0x82/0x3f0 [ 518.487226][T12463] path_openat+0x2016/0x2f90 [ 518.487271][T12463] ? __pfx_path_openat+0x10/0x10 [ 518.487305][T12463] ? __lock_acquire+0xb8a/0x1c90 [ 518.487346][T12463] do_filp_open+0x20b/0x470 [ 518.487379][T12463] ? __pfx_do_filp_open+0x10/0x10 [ 518.487438][T12463] ? alloc_fd+0x471/0x7d0 [ 518.487481][T12463] do_sys_openat2+0x11b/0x1d0 [ 518.487506][T12463] ? __pfx_do_sys_openat2+0x10/0x10 [ 518.487544][T12463] __x64_sys_openat+0x174/0x210 [ 518.487569][T12463] ? __pfx___x64_sys_openat+0x10/0x10 [ 518.487607][T12463] do_syscall_64+0xcd/0xfa0 [ 518.487635][T12463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 518.487661][T12463] RIP: 0033:0x7f1fe898f7c9 [ 518.487681][T12463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 518.487705][T12463] RSP: 002b:00007f1fe97cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 518.487729][T12463] RAX: ffffffffffffffda RBX: 00007f1fe8be6090 RCX: 00007f1fe898f7c9 [ 518.487746][T12463] RDX: 0000000000020081 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 518.487762][T12463] RBP: 00007f1fe8a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 518.487785][T12463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 518.487800][T12463] R13: 00007f1fe8be6128 R14: 00007f1fe8be6090 R15: 00007ffc58009a68 [ 518.487836][T12463] [ 519.116156][T12475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1599'. [ 520.762537][T12501] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 522.748918][T12522] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 523.212659][T12522] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1611'. [ 523.266196][T12522] bond0: entered allmulticast mode [ 523.306823][T12522] bond_slave_0: entered allmulticast mode [ 523.312761][T12522] bond_slave_1: entered allmulticast mode [ 523.815843][T12535] FAULT_INJECTION: forcing a failure. [ 523.815843][T12535] name failslab, interval 1, probability 0, space 0, times 0 [ 523.829241][T12535] CPU: 0 UID: 0 PID: 12535 Comm: syz.3.1615 Tainted: G U syzkaller #0 PREEMPT(full) [ 523.829266][T12535] Tainted: [U]=USER [ 523.829271][T12535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 523.829279][T12535] Call Trace: [ 523.829284][T12535] [ 523.829290][T12535] dump_stack_lvl+0x16c/0x1f0 [ 523.829309][T12535] should_fail_ex+0x512/0x640 [ 523.829327][T12535] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 523.829347][T12535] should_failslab+0xc2/0x120 [ 523.829369][T12535] kmem_cache_alloc_noprof+0x75/0x6e0 [ 523.829385][T12535] ? fasync_helper+0x3d/0xd0 [ 523.829401][T12535] ? fasync_helper+0x3d/0xd0 [ 523.829412][T12535] fasync_helper+0x3d/0xd0 [ 523.829425][T12535] pipe_fasync+0xc7/0x200 [ 523.829443][T12535] ? __pfx_pipe_fasync+0x10/0x10 [ 523.829459][T12535] do_fcntl+0xa3d/0x15a0 [ 523.829480][T12535] ? __pfx_do_fcntl+0x10/0x10 [ 523.829505][T12535] ? tomoyo_file_fcntl+0xa5/0xc0 [ 523.829522][T12535] __x64_sys_fcntl+0x163/0x200 [ 523.829544][T12535] do_syscall_64+0xcd/0xfa0 [ 523.829560][T12535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.829574][T12535] RIP: 0033:0x7f7c27d8f7c9 [ 523.829586][T12535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 523.829599][T12535] RSP: 002b:00007f7c28c60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 523.829612][T12535] RAX: ffffffffffffffda RBX: 00007f7c27fe5fa0 RCX: 00007f7c27d8f7c9 [ 523.829621][T12535] RDX: fffffffffffffffc RSI: 0000000000000004 RDI: ff80000000000000 [ 523.829630][T12535] RBP: 00007f7c27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 523.829638][T12535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 523.829646][T12535] R13: 00007f7c27fe6038 R14: 00007f7c27fe5fa0 R15: 00007ffd39696af8 [ 523.829665][T12535] [ 525.134760][T12547] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 525.143259][T12547] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 525.149709][T12547] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 525.207379][T12547] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 526.066826][T12560] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 526.087676][T12560] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 527.234351][T12596] random: crng reseeded on system resumption [ 527.362404][T12601] FAULT_INJECTION: forcing a failure. [ 527.362404][T12601] name failslab, interval 1, probability 0, space 0, times 0 [ 527.375126][T12601] CPU: 1 UID: 0 PID: 12601 Comm: syz.5.1630 Tainted: G U syzkaller #0 PREEMPT(full) [ 527.375151][T12601] Tainted: [U]=USER [ 527.375156][T12601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 527.375165][T12601] Call Trace: [ 527.375170][T12601] [ 527.375175][T12601] dump_stack_lvl+0x16c/0x1f0 [ 527.375197][T12601] should_fail_ex+0x512/0x640 [ 527.375214][T12601] ? __kmalloc_cache_noprof+0x5f/0x780 [ 527.375233][T12601] should_failslab+0xc2/0x120 [ 527.375254][T12601] __kmalloc_cache_noprof+0x72/0x780 [ 527.375270][T12601] ? v4l2_fh_open+0x4c/0xa0 [ 527.375286][T12601] ? v4l2_fh_open+0x4c/0xa0 [ 527.375298][T12601] v4l2_fh_open+0x4c/0xa0 [ 527.375311][T12601] v4l2_open+0x1d2/0x5e0 [ 527.375331][T12601] ? __pfx_v4l2_open+0x10/0x10 [ 527.375351][T12601] chrdev_open+0x234/0x6a0 [ 527.375369][T12601] ? __pfx_apparmor_file_open+0x10/0x10 [ 527.375386][T12601] ? __pfx_chrdev_open+0x10/0x10 [ 527.375405][T12601] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 527.375427][T12601] do_dentry_open+0x6fe/0x1560 [ 527.375444][T12601] ? __pfx_chrdev_open+0x10/0x10 [ 527.375467][T12601] vfs_open+0x82/0x3f0 [ 527.375482][T12601] path_openat+0x2016/0x2f90 [ 527.375506][T12601] ? __pfx_path_openat+0x10/0x10 [ 527.375525][T12601] ? __lock_acquire+0xb8a/0x1c90 [ 527.375547][T12601] do_filp_open+0x20b/0x470 [ 527.375565][T12601] ? __pfx_do_filp_open+0x10/0x10 [ 527.375595][T12601] ? alloc_fd+0x471/0x7d0 [ 527.375616][T12601] do_sys_openat2+0x11b/0x1d0 [ 527.375629][T12601] ? __pfx_do_sys_openat2+0x10/0x10 [ 527.375649][T12601] __x64_sys_openat+0x174/0x210 [ 527.375662][T12601] ? __pfx___x64_sys_openat+0x10/0x10 [ 527.375683][T12601] do_syscall_64+0xcd/0xfa0 [ 527.375699][T12601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.375713][T12601] RIP: 0033:0x7fb460d8f7c9 [ 527.375725][T12601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.375739][T12601] RSP: 002b:00007fb45eff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 527.375752][T12601] RAX: ffffffffffffffda RBX: 00007fb460fe6090 RCX: 00007fb460d8f7c9 [ 527.375762][T12601] RDX: 0000000000020081 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 527.375770][T12601] RBP: 00007fb460e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 527.375779][T12601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.375786][T12601] R13: 00007fb460fe6128 R14: 00007fb460fe6090 R15: 00007fff989cbf38 [ 527.375805][T12601] [ 527.766282][T10769] Bluetooth: hci3: command 0x0c1a tx timeout [ 528.176482][T10769] Bluetooth: hci4: command 0x0c1a tx timeout [ 530.266009][T10769] Bluetooth: hci4: command 0x0c1a tx timeout [ 530.662119][T12613] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 530.694388][T12613] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 530.867900][T12639] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 530.879973][T12639] File: /dev/nullb0 PID: 12639 Comm: syz.0.1639 [ 531.286084][T10769] Bluetooth: hci3: command 0x0c1a tx timeout [ 532.196207][T12658] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 532.208032][T12658] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 532.611357][T12665] random: crng reseeded on system resumption [ 533.560436][T12674] FAULT_INJECTION: forcing a failure. [ 533.560436][T12674] name fail_futex, interval 1, probability 0, space 0, times 0 [ 533.575798][T12674] CPU: 0 UID: 0 PID: 12674 Comm: syz.1.1646 Tainted: G U syzkaller #0 PREEMPT(full) [ 533.575840][T12674] Tainted: [U]=USER [ 533.575849][T12674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 533.575865][T12674] Call Trace: [ 533.575874][T12674] [ 533.575884][T12674] dump_stack_lvl+0x16c/0x1f0 [ 533.575921][T12674] should_fail_ex+0x512/0x640 [ 533.575956][T12674] get_futex_key+0x1d0/0x1560 [ 533.575998][T12674] ? __pfx_get_futex_key+0x10/0x10 [ 533.576032][T12674] ? __lock_acquire+0xb8a/0x1c90 [ 533.576071][T12674] ? find_held_lock+0x2b/0x80 [ 533.576105][T12674] futex_wake+0xea/0x530 [ 533.576136][T12674] ? __pfx_futex_wake+0x10/0x10 [ 533.576161][T12674] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 533.576205][T12674] do_futex+0x1e3/0x350 [ 533.576243][T12674] ? __pfx_do_futex+0x10/0x10 [ 533.576281][T12674] ? _raw_spin_unlock+0x28/0x50 [ 533.576318][T12674] ? do_fcntl+0x1eb/0x15a0 [ 533.576359][T12674] __x64_sys_futex+0x1e0/0x4c0 [ 533.576429][T12674] ? __pfx___x64_sys_futex+0x10/0x10 [ 533.576469][T12674] ? xfd_validate_state+0x61/0x180 [ 533.576516][T12674] do_syscall_64+0xcd/0xfa0 [ 533.576544][T12674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.576569][T12674] RIP: 0033:0x7f1fe898f7c9 [ 533.576589][T12674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 533.576613][T12674] RSP: 002b:00007f1fe97ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 533.576638][T12674] RAX: ffffffffffffffda RBX: 00007f1fe8be5fa8 RCX: 00007f1fe898f7c9 [ 533.576656][T12674] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1fe8be5fac [ 533.576672][T12674] RBP: 00007f1fe8be5fa0 R08: 00007f1fe97ee000 R09: 0000000000000000 [ 533.576688][T12674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 533.576704][T12674] R13: 00007f1fe8be6038 R14: 00007ffc58009980 R15: 00007ffc58009a68 [ 533.576743][T12674] [ 533.957032][T12683] Invalid ELF header magic: != ELF [ 534.246284][T10769] Bluetooth: hci4: command 0x0c1a tx timeout [ 534.252425][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 535.287365][T12717] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1657'. [ 536.395392][T12725] random: crng reseeded on system resumption [ 537.327912][T12741] random: crng reseeded on system resumption [ 538.523767][T12755] Invalid ELF header magic: != ELF [ 539.841717][ T30] audit: type=1800 audit(4294967352.800:15): pid=12777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1668" name="dbroot" dev="configfs" ino=46556 res=0 errno=0 [ 540.665549][T12792] random: crng reseeded on system resumption [ 540.850652][T12792] hub 1-0:1.0: USB hub found [ 540.880194][T12792] hub 1-0:1.0: 1 port detected [ 540.968494][T12794] Restarting kernel threads ... [ 541.002427][T12794] Done restarting kernel threads. [ 541.386446][T12803] FAULT_INJECTION: forcing a failure. [ 541.386446][T12803] name failslab, interval 1, probability 0, space 0, times 0 [ 541.408716][T12803] CPU: 0 UID: 0 PID: 12803 Comm: syz.1.1677 Tainted: G U syzkaller #0 PREEMPT(full) [ 541.408758][T12803] Tainted: [U]=USER [ 541.408767][T12803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 541.408780][T12803] Call Trace: [ 541.408789][T12803] [ 541.408798][T12803] dump_stack_lvl+0x16c/0x1f0 [ 541.408832][T12803] should_fail_ex+0x512/0x640 [ 541.408862][T12803] ? __kmalloc_cache_noprof+0x5f/0x780 [ 541.408897][T12803] should_failslab+0xc2/0x120 [ 541.408936][T12803] __kmalloc_cache_noprof+0x72/0x780 [ 541.408966][T12803] ? kvm_uevent_notify_change.part.0+0x2b2/0x450 [ 541.409004][T12803] ? kvm_uevent_notify_change.part.0+0x2b2/0x450 [ 541.409036][T12803] kvm_uevent_notify_change.part.0+0x2b2/0x450 [ 541.409071][T12803] ? __pfx_kvm_vm_release+0x10/0x10 [ 541.409096][T12803] kvm_put_kvm+0xe3/0xb00 [ 541.409123][T12803] ? lockdep_hardirqs_on+0x7c/0x110 [ 541.409149][T12803] ? _raw_spin_unlock_irq+0x2e/0x50 [ 541.409192][T12803] ? __pfx_kvm_vm_release+0x10/0x10 [ 541.409218][T12803] kvm_vm_release+0x3c/0x50 [ 541.409244][T12803] __fput+0x402/0xb70 [ 541.409284][T12803] ? _raw_spin_unlock_irq+0x23/0x50 [ 541.409323][T12803] task_work_run+0x150/0x240 [ 541.409359][T12803] ? __pfx_task_work_run+0x10/0x10 [ 541.409395][T12803] ? __pfx___do_sys_close_range+0x10/0x10 [ 541.409428][T12803] exit_to_user_mode_loop+0xec/0x130 [ 541.409454][T12803] do_syscall_64+0x426/0xfa0 [ 541.409481][T12803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.409503][T12803] RIP: 0033:0x7f1fe898f7c9 [ 541.409522][T12803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 541.409547][T12803] RSP: 002b:00007f1fe97cc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 541.409580][T12803] RAX: 0000000000000000 RBX: 00007f1fe8be6090 RCX: 00007f1fe898f7c9 [ 541.409598][T12803] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 541.409613][T12803] RBP: 00007f1fe8a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 541.409628][T12803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 541.409643][T12803] R13: 00007f1fe8be6128 R14: 00007f1fe8be6090 R15: 00007ffc58009a68 [ 541.409681][T12803] [ 541.947794][T12814] random: crng reseeded on system resumption [ 543.269624][T12821] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 543.554904][T12821] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 544.122412][ T30] audit: type=1800 audit(4294967357.090:16): pid=12845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1688" name="dbroot" dev="configfs" ino=45841 res=0 errno=0 [ 545.038791][T12856] random: crng reseeded on system resumption [ 545.162865][T12854] hub 1-0:1.0: USB hub found [ 545.173018][T12854] hub 1-0:1.0: 1 port detected [ 545.447616][T10769] Bluetooth: hci3: command 0x0c1a tx timeout [ 545.543681][T12854] Restarting kernel threads ... [ 545.578808][T12854] Done restarting kernel threads. [ 545.607823][T10769] Bluetooth: hci4: command 0x0c1a tx timeout [ 546.945834][T12890] FAULT_INJECTION: forcing a failure. [ 546.945834][T12890] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 546.959603][T12890] CPU: 0 UID: 0 PID: 12890 Comm: syz.5.1699 Tainted: G U syzkaller #0 PREEMPT(full) [ 546.959644][T12890] Tainted: [U]=USER [ 546.959653][T12890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 546.959677][T12890] Call Trace: [ 546.959686][T12890] [ 546.959697][T12890] dump_stack_lvl+0x16c/0x1f0 [ 546.959728][T12890] should_fail_ex+0x512/0x640 [ 546.959765][T12890] should_fail_alloc_page+0xe7/0x130 [ 546.959805][T12890] prepare_alloc_pages+0x3c2/0x610 [ 546.959843][T12890] ? stack_depot_save_flags+0x29/0x9c0 [ 546.959879][T12890] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 546.959913][T12890] ? kasan_save_stack+0x33/0x60 [ 546.959942][T12890] ? kasan_save_track+0x14/0x30 [ 546.959973][T12890] ? __kasan_slab_alloc+0x89/0x90 [ 546.960004][T12890] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 546.960031][T12890] ? ptlock_alloc+0x1f/0x70 [ 546.960054][T12890] ? pte_alloc_one+0x84/0x350 [ 546.960079][T12890] ? __pte_alloc+0x6d/0x380 [ 546.960111][T12890] ? walk_pgd_range+0xb84/0x1f50 [ 546.960139][T12890] ? __walk_page_range+0x163/0x820 [ 546.960168][T12890] ? walk_page_range_mm+0x461/0xb40 [ 546.960197][T12890] ? madvise_vma_behavior+0xa54/0x2d50 [ 546.960234][T12890] ? madvise_walk_vmas+0x31f/0x9c0 [ 546.960254][T12890] ? madvise_do_behavior+0x1e2/0x530 [ 546.960275][T12890] ? do_madvise+0x176/0x240 [ 546.960295][T12890] ? __x64_sys_madvise+0xa9/0x110 [ 546.960315][T12890] ? do_syscall_64+0xcd/0xfa0 [ 546.960337][T12890] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.960365][T12890] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 546.960404][T12890] ? look_up_lock_class+0x6b/0x150 [ 546.960444][T12890] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 546.960476][T12890] ? policy_nodemask+0xea/0x4e0 [ 546.960517][T12890] alloc_pages_mpol+0x1fb/0x550 [ 546.960556][T12890] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 546.960592][T12890] ? do_raw_spin_lock+0x12c/0x2b0 [ 546.960620][T12890] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 546.960652][T12890] alloc_pages_noprof+0x131/0x390 [ 546.960701][T12890] pte_alloc_one+0x1e/0x350 [ 546.960730][T12890] __pte_alloc+0x6d/0x380 [ 546.960765][T12890] ? __pfx___pte_alloc+0x10/0x10 [ 546.960800][T12890] ? walk_pgd_range+0x13b4/0x1f50 [ 546.960837][T12890] walk_pgd_range+0xb84/0x1f50 [ 546.960872][T12890] ? __pfx_guard_install_set_pte+0x10/0x10 [ 546.960909][T12890] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 546.960948][T12890] ? __pfx_guard_install_set_pte+0x10/0x10 [ 546.960991][T12890] ? __pfx_guard_install_set_pte+0x10/0x10 [ 546.961029][T12890] ? __pfx_guard_install_set_pte+0x10/0x10 [ 546.961068][T12890] ? __pfx_walk_pgd_range+0x10/0x10 [ 546.961102][T12890] ? __lock_acquire+0xb8a/0x1c90 [ 546.961142][T12890] __walk_page_range+0x163/0x820 [ 546.961177][T12890] ? find_vma+0xbf/0x140 [ 546.961209][T12890] ? __pfx_find_vma+0x10/0x10 [ 546.961246][T12890] ? walk_page_test+0x9b/0x180 [ 546.961279][T12890] walk_page_range_mm+0x461/0xb40 [ 546.961317][T12890] ? __pfx_walk_page_range_mm+0x10/0x10 [ 546.961360][T12890] ? __anon_vma_prepare+0x2e2/0x5e0 [ 546.961393][T12890] madvise_vma_behavior+0xa54/0x2d50 [ 546.961437][T12890] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 546.961465][T12890] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 546.961506][T12890] ? mas_prev+0x9b/0xf0 [ 546.961533][T12890] ? __pfx_mas_prev+0x10/0x10 [ 546.961569][T12890] ? find_vma_prev+0xd3/0x150 [ 546.961603][T12890] ? find_held_lock+0x2b/0x80 [ 546.961631][T12890] ? __pfx_find_vma_prev+0x10/0x10 [ 546.961686][T12890] ? __futex_wait+0x24b/0x2f0 [ 546.961720][T12890] madvise_walk_vmas+0x31f/0x9c0 [ 546.961751][T12890] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 546.961802][T12890] madvise_do_behavior+0x1e2/0x530 [ 546.961824][T12890] ? futex_private_hash_put+0xd5/0x190 [ 546.961861][T12890] ? __pfx_madvise_do_behavior+0x10/0x10 [ 546.961887][T12890] ? down_read+0x13d/0x480 [ 546.961935][T12890] do_madvise+0x176/0x240 [ 546.961958][T12890] ? __pfx_do_madvise+0x10/0x10 [ 546.961981][T12890] ? do_futex+0x122/0x350 [ 546.962018][T12890] ? __pfx___might_resched+0x10/0x10 [ 546.962060][T12890] ? xfd_validate_state+0x61/0x180 [ 546.962104][T12890] __x64_sys_madvise+0xa9/0x110 [ 546.962128][T12890] ? lockdep_hardirqs_on+0x7c/0x110 [ 546.962155][T12890] do_syscall_64+0xcd/0xfa0 [ 546.962184][T12890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.962210][T12890] RIP: 0033:0x7fb460d8f7c9 [ 546.962232][T12890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 546.962263][T12890] RSP: 002b:00007fb461b4b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 546.962288][T12890] RAX: ffffffffffffffda RBX: 00007fb460fe5fa0 RCX: 00007fb460d8f7c9 [ 546.962306][T12890] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 546.962322][T12890] RBP: 00007fb460e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 546.962338][T12890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 546.962354][T12890] R13: 00007fb460fe6038 R14: 00007fb460fe5fa0 R15: 00007fff989cbf38 [ 546.962393][T12890] [ 554.313741][T12956] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 554.340425][T12956] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 556.326137][T10769] Bluetooth: hci3: command 0x0c1a tx timeout [ 556.407717][T10769] Bluetooth: hci4: command 0x0c1a tx timeout [ 556.618013][ T30] audit: type=1800 audit(4294967369.590:17): pid=12987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1723" name="features" dev="configfs" ino=46977 res=0 errno=0 [ 557.384530][ T30] audit: type=1800 audit(4294967370.350:18): pid=12996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1726" name="dbroot" dev="configfs" ino=47283 res=0 errno=0 [ 558.226160][T13008] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 558.232401][T13008] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 559.114145][T13024] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 559.114145][T13024] M' is too long [ 559.136113][T13024] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 559.136113][T13024] W ' is too long [ 560.246133][T10769] Bluetooth: hci4: command 0x0c1a tx timeout [ 560.246140][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 560.649566][ T30] audit: type=1800 audit(4294967373.610:19): pid=13041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1736" name="features" dev="configfs" ino=47374 res=0 errno=0 [ 562.506809][T13070] FAULT_INJECTION: forcing a failure. [ 562.506809][T13070] name failslab, interval 1, probability 0, space 0, times 0 [ 562.567042][T13070] CPU: 1 UID: 0 PID: 13070 Comm: syz.5.1745 Tainted: G U syzkaller #0 PREEMPT(full) [ 562.567069][T13070] Tainted: [U]=USER [ 562.567074][T13070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 562.567083][T13070] Call Trace: [ 562.567088][T13070] [ 562.567094][T13070] dump_stack_lvl+0x16c/0x1f0 [ 562.567115][T13070] should_fail_ex+0x512/0x640 [ 562.567133][T13070] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 562.567157][T13070] should_failslab+0xc2/0x120 [ 562.567187][T13070] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 562.567208][T13070] ? ip_vs_control_net_init+0x84b/0x1d20 [ 562.567225][T13070] ? __pfx_proc_create_net_single+0x10/0x10 [ 562.567245][T13070] ? kmemdup_noprof+0x29/0x60 [ 562.567262][T13070] kmemdup_noprof+0x29/0x60 [ 562.567281][T13070] ip_vs_control_net_init+0x84b/0x1d20 [ 562.567303][T13070] __ip_vs_init+0x217/0x520 [ 562.567321][T13070] ? __pfx___ip_vs_init+0x10/0x10 [ 562.567338][T13070] ops_init+0x1e2/0x5f0 [ 562.567360][T13070] setup_net+0x11d/0x3a0 [ 562.567380][T13070] ? __pfx_setup_net+0x10/0x10 [ 562.567399][T13070] ? debug_mutex_init+0x37/0x70 [ 562.567418][T13070] copy_net_ns+0x351/0x5d0 [ 562.567440][T13070] create_new_namespaces+0x3ea/0xab0 [ 562.567461][T13070] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 562.567478][T13070] ksys_unshare+0x45b/0xa40 [ 562.567497][T13070] ? __pfx_ksys_unshare+0x10/0x10 [ 562.567515][T13070] ? xfd_validate_state+0x61/0x180 [ 562.567540][T13070] __x64_sys_unshare+0x31/0x40 [ 562.567557][T13070] do_syscall_64+0xcd/0xfa0 [ 562.567573][T13070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.567587][T13070] RIP: 0033:0x7fb460d8f7c9 [ 562.567599][T13070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 562.567613][T13070] RSP: 002b:00007fb461b4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 562.567627][T13070] RAX: ffffffffffffffda RBX: 00007fb460fe5fa0 RCX: 00007fb460d8f7c9 [ 562.567636][T13070] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 562.567645][T13070] RBP: 00007fb460e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 562.567654][T13070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 562.567662][T13070] R13: 00007fb460fe6038 R14: 00007fb460fe5fa0 R15: 00007fff989cbf38 [ 562.567682][T13070] [ 562.976153][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.982633][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.469213][T13103] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 565.509620][T13103] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 566.321737][T13129] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1763'. [ 566.707619][ T5885] smpboot: CPU 1 is now offline [ 566.745112][T13136] FAULT_INJECTION: forcing a failure. [ 566.745112][T13136] name failslab, interval 1, probability 0, space 0, times 0 [ 566.795073][T13139] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 566.856164][T13136] CPU: 1 UID: 0 PID: 13136 Comm: syz.1.1762 Tainted: G U syzkaller #0 PREEMPT(full) [ 566.856204][T13136] Tainted: [U]=USER [ 566.856216][T13136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 566.856231][T13136] Call Trace: [ 566.856240][T13136] [ 566.856251][T13136] dump_stack_lvl+0x16c/0x1f0 [ 566.856285][T13136] should_fail_ex+0x512/0x640 [ 566.856316][T13136] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 566.856356][T13136] should_failslab+0xc2/0x120 [ 566.856391][T13136] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 566.856428][T13136] ? ip_vs_est_add_kthread+0x5c2/0x850 [ 566.856474][T13136] ? krealloc_node_align_noprof+0x2c5/0x470 [ 566.856509][T13136] krealloc_node_align_noprof+0x2c5/0x470 [ 566.856550][T13136] ip_vs_est_add_kthread+0x5c2/0x850 [ 566.856596][T13136] ip_vs_start_estimator+0x250/0x430 [ 566.856639][T13136] ip_vs_control_net_init+0x158c/0x1d20 [ 566.856676][T13136] __ip_vs_init+0x217/0x520 [ 566.856720][T13136] ? __pfx___ip_vs_init+0x10/0x10 [ 566.856751][T13136] ops_init+0x1e2/0x5f0 [ 566.856792][T13136] setup_net+0x11d/0x3a0 [ 566.856829][T13136] ? __pfx_setup_net+0x10/0x10 [ 566.856866][T13136] ? debug_mutex_init+0x37/0x70 [ 566.856901][T13136] copy_net_ns+0x351/0x5d0 [ 566.856944][T13136] create_new_namespaces+0x3ea/0xab0 [ 566.856983][T13136] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 566.857017][T13136] ksys_unshare+0x45b/0xa40 [ 566.857051][T13136] ? __pfx_ksys_unshare+0x10/0x10 [ 566.857080][T13136] ? xfd_validate_state+0x61/0x180 [ 566.857125][T13136] __x64_sys_unshare+0x31/0x40 [ 566.857155][T13136] do_syscall_64+0xcd/0xfa0 [ 566.857184][T13136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.857210][T13136] RIP: 0033:0x7f1fe898f7c9 [ 566.857231][T13136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 566.857256][T13136] RSP: 002b:00007f1fe97ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 566.857280][T13136] RAX: ffffffffffffffda RBX: 00007f1fe8be5fa0 RCX: 00007f1fe898f7c9 [ 566.857297][T13136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 566.857312][T13136] RBP: 00007f1fe8a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 566.857325][T13136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 566.857337][T13136] R13: 00007f1fe8be6038 R14: 00007f1fe8be5fa0 R15: 00007ffc58009a68 [ 566.857369][T13136] [ 567.526120][T10769] Bluetooth: hci3: command 0x0c1a tx timeout [ 567.532256][ T5835] Bluetooth: hci4: command 0x0c1a tx timeout [ 568.597384][T13154] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 568.616965][T13154] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 569.357580][ T5899] smpboot: CPU 1 is now offline [ 569.398946][T13180] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 569.421098][T13181] ------------[ cut here ]------------ [ 569.422496][T13181] [ 569.422504][T13181] ====================================================== [ 569.422512][T13181] WARNING: possible circular locking dependency detected [ 569.422521][T13181] syzkaller #0 Tainted: G U [ 569.422528][T13181] ------------------------------------------------------ [ 569.422533][T13181] syz.5.1775/13181 is trying to acquire lock: [ 569.422541][T13181] ffffffff8e2d10e0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80 [ 569.422578][T13181] [ 569.422578][T13181] but task is already holding lock: [ 569.422582][T13181] ffff8880b843a4d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 569.422611][T13181] [ 569.422611][T13181] which lock already depends on the new lock. [ 569.422611][T13181] [ 569.422616][T13181] [ 569.422616][T13181] the existing dependency chain (in reverse order) is: [ 569.422620][T13181] [ 569.422620][T13181] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 569.422639][T13181] _raw_spin_lock_nested+0x31/0x40 [ 569.422660][T13181] raw_spin_rq_lock_nested+0x29/0x130 [ 569.422676][T13181] task_rq_lock+0xcf/0x490 [ 569.422692][T13181] cgroup_move_task+0x81/0x2a0 [ 569.422710][T13181] css_set_move_task+0x288/0x5f0 [ 569.422730][T13181] cgroup_post_fork+0x201/0x9e0 [ 569.422743][T13181] copy_process+0x6035/0x76b0 [ 569.422759][T13181] kernel_clone+0xfc/0x930 [ 569.422774][T13181] user_mode_thread+0xc8/0x110 [ 569.422791][T13181] rest_init+0x23/0x2b0 [ 569.422807][T13181] start_kernel+0x3f6/0x4e0 [ 569.422824][T13181] x86_64_start_reservations+0x18/0x30 [ 569.422841][T13181] x86_64_start_kernel+0x130/0x190 [ 569.422858][T13181] common_startup_64+0x13e/0x148 [ 569.422870][T13181] [ 569.422870][T13181] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 569.422886][T13181] _raw_spin_lock_irqsave+0x3a/0x60 [ 569.422905][T13181] try_to_wake_up+0xb7/0x1870 [ 569.422918][T13181] __wake_up_common+0x135/0x1f0 [ 569.422935][T13181] __wake_up+0x31/0x60 [ 569.422950][T13181] tty_port_default_wakeup+0x47/0x60 [ 569.422970][T13181] serial8250_tx_chars+0x68e/0x860 [ 569.422989][T13181] serial8250_handle_irq+0x761/0xcb0 [ 569.423000][T13181] serial8250_default_handle_irq+0x9e/0x270 [ 569.423011][T13181] serial8250_interrupt+0xf8/0x1d0 [ 569.423025][T13181] __handle_irq_event_percpu+0x236/0x920 [ 569.423039][T13181] handle_irq_event+0xab/0x1e0 [ 569.423052][T13181] handle_edge_irq+0x3ca/0x9e0 [ 569.423064][T13181] __common_interrupt+0xd0/0x2f0 [ 569.423080][T13181] common_interrupt+0xba/0xe0 [ 569.423096][T13181] asm_common_interrupt+0x26/0x40 [ 569.423108][T13181] pv_native_safe_halt+0xf/0x20 [ 569.423119][T13181] default_idle+0x13/0x20 [ 569.423133][T13181] default_idle_call+0x6c/0xb0 [ 569.423148][T13181] do_idle+0x38d/0x500 [ 569.423160][T13181] cpu_startup_entry+0x4f/0x60 [ 569.423174][T13181] rest_init+0x16b/0x2b0 [ 569.423189][T13181] start_kernel+0x3f6/0x4e0 [ 569.423205][T13181] x86_64_start_reservations+0x18/0x30 [ 569.423223][T13181] x86_64_start_kernel+0x130/0x190 [ 569.423240][T13181] common_startup_64+0x13e/0x148 [ 569.423259][T13181] [ 569.423259][T13181] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 569.423276][T13181] _raw_spin_lock_irqsave+0x3a/0x60 [ 569.423296][T13181] __wake_up+0x1c/0x60 [ 569.423311][T13181] tty_port_default_wakeup+0x47/0x60 [ 569.423331][T13181] serial8250_tx_chars+0x68e/0x860 [ 569.423351][T13181] serial8250_handle_irq+0x761/0xcb0 [ 569.423362][T13181] serial8250_default_handle_irq+0x9e/0x270 [ 569.423374][T13181] serial8250_interrupt+0xf8/0x1d0 [ 569.423387][T13181] __handle_irq_event_percpu+0x236/0x920 [ 569.423401][T13181] handle_irq_event+0xab/0x1e0 [ 569.423415][T13181] handle_edge_irq+0x3ca/0x9e0 [ 569.423427][T13181] __common_interrupt+0xd0/0x2f0 [ 569.423442][T13181] common_interrupt+0xba/0xe0 [ 569.423457][T13181] asm_common_interrupt+0x26/0x40 [ 569.423469][T13181] pv_native_safe_halt+0xf/0x20 [ 569.423480][T13181] default_idle+0x13/0x20 [ 569.423494][T13181] default_idle_call+0x6c/0xb0 [ 569.423511][T13181] do_idle+0x38d/0x500 [ 569.423524][T13181] cpu_startup_entry+0x4f/0x60 [ 569.423537][T13181] rest_init+0x16b/0x2b0 [ 569.423552][T13181] start_kernel+0x3f6/0x4e0 [ 569.423567][T13181] x86_64_start_reservations+0x18/0x30 [ 569.423584][T13181] x86_64_start_kernel+0x130/0x190 [ 569.423601][T13181] common_startup_64+0x13e/0x148 [ 569.423613][T13181] [ 569.423613][T13181] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 569.423629][T13181] _raw_spin_lock_irqsave+0x3a/0x60 [ 569.423648][T13181] serial8250_console_write+0x181/0x1890 [ 569.423660][T13181] console_flush_all+0x801/0xc60 [ 569.423673][T13181] console_unlock+0xd8/0x210 [ 569.423686][T13181] vprintk_emit+0x3d7/0x680 [ 569.423699][T13181] _printk+0xc7/0x100 [ 569.423716][T13181] register_console+0xc2d/0x11b0 [ 569.423731][T13181] univ8250_console_init+0x5f/0x90 [ 569.423749][T13181] console_init+0x152/0x680 [ 569.423767][T13181] start_kernel+0x29f/0x4e0 [ 569.423783][T13181] x86_64_start_reservations+0x18/0x30 [ 569.423800][T13181] x86_64_start_kernel+0x130/0x190 [ 569.423817][T13181] common_startup_64+0x13e/0x148 [ 569.423828][T13181] [ 569.423828][T13181] -> #0 (console_owner){-.-.}-{0:0}: [ 569.423845][T13181] __lock_acquire+0x126f/0x1c90 [ 569.423862][T13181] lock_acquire+0x179/0x350 [ 569.423879][T13181] console_lock_spinning_enable+0x72/0x80 [ 569.423893][T13181] console_flush_all+0x7aa/0xc60 [ 569.423905][T13181] console_unlock+0xd8/0x210 [ 569.423918][T13181] vprintk_emit+0x3d7/0x680 [ 569.423931][T13181] _printk+0xc7/0x100 [ 569.423948][T13181] report_bug+0x435/0x580 [ 569.423966][T13181] handle_bug+0x184/0x210 [ 569.423980][T13181] exc_invalid_op+0x17/0x50 [ 569.423994][T13181] asm_exc_invalid_op+0x1a/0x20 [ 569.424005][T13181] update_rq_clock+0x34a/0xc70 [ 569.424019][T13181] __schedule+0x27fc/0x5de0 [ 569.424029][T13181] preempt_schedule_common+0x44/0xc0 [ 569.424041][T13181] preempt_schedule_thunk+0x16/0x30 [ 569.424060][T13181] _raw_spin_unlock_irqrestore+0x61/0x80 [ 569.424080][T13181] rcu_preempt_deferred_qs_irqrestore+0x8e6/0xbc0 [ 569.424100][T13181] __rcu_read_unlock+0x2bc/0x550 [ 569.424111][T13181] unwind_next_frame+0x3fe/0x20a0 [ 569.424124][T13181] arch_stack_walk+0x94/0x100 [ 569.424135][T13181] stack_trace_save+0x8e/0xc0 [ 569.424151][T13181] kasan_save_stack+0x33/0x60 [ 569.424167][T13181] kasan_save_track+0x14/0x30 [ 569.424183][T13181] __kasan_slab_alloc+0x89/0x90 [ 569.424201][T13181] kmem_cache_alloc_noprof+0x250/0x6e0 [ 569.424215][T13181] mempool_alloc_noprof+0x179/0x390 [ 569.424233][T13181] bvec_alloc+0x192/0x210 [ 569.424252][T13181] bio_alloc_bioset+0x4b4/0x8d0 [ 569.424266][T13181] ext4_bio_write_folio+0x7c3/0x1dc0 [ 569.424284][T13181] mpage_process_page_bufs+0x47c/0x8d0 [ 569.424302][T13181] mpage_prepare_extent_to_map+0x765/0x14b0 [ 569.424323][T13181] ext4_do_writepages+0xa11/0x3cf0 [ 569.424335][T13181] ext4_writepages+0x37a/0x7d0 [ 569.424346][T13181] do_writepages+0x27a/0x600 [ 569.424365][T13181] filemap_writeback+0x225/0x2d0 [ 569.424383][T13181] file_write_and_wait_range+0xcd/0x140 [ 569.424396][T13181] ext4_sync_file+0x310/0xf10 [ 569.424415][T13181] vfs_fsync_range+0x142/0x230 [ 569.424431][T13181] __do_sys_msync+0x3cb/0x5c0 [ 569.424445][T13181] do_syscall_64+0xcd/0xfa0 [ 569.424456][T13181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.424469][T13181] [ 569.424469][T13181] other info that might help us debug this: [ 569.424469][T13181] [ 569.424473][T13181] Chain exists of: [ 569.424473][T13181] console_owner --> &p->pi_lock --> &rq->__lock [ 569.424473][T13181] [ 569.424492][T13181] Possible unsafe locking scenario: [ 569.424492][T13181] [ 569.424496][T13181] CPU0 CPU1 [ 569.424501][T13181] ---- ---- [ 569.424505][T13181] lock(&rq->__lock); [ 569.424513][T13181] lock(&p->pi_lock); [ 569.424521][T13181] lock(&rq->__lock); [ 569.424529][T13181] lock(console_owner); [ 569.424537][T13181] [ 569.424537][T13181] *** DEADLOCK *** [ 569.424537][T13181] [ 569.424540][T13181] 4 locks held by syz.5.1775/13181: [ 569.424547][T13181] #0: ffff88814dcdeb98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x27a/0x600 [ 569.424583][T13181] #1: ffff8880b843a4d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 569.424613][T13181] #2: ffffffff8e3b1520 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100 [ 569.424647][T13181] #3: ffffffff8e3b1590 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60 [ 569.424678][T13181] [ 569.424678][T13181] stack backtrace: [ 569.424687][T13181] CPU: 0 UID: 0 PID: 13181 Comm: syz.5.1775 Tainted: G U syzkaller #0 PREEMPT(full) [ 569.424705][T13181] Tainted: [U]=USER [ 569.424710][T13181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 569.424719][T13181] Call Trace: [ 569.424724][T13181] [ 569.424730][T13181] dump_stack_lvl+0x116/0x1f0 [ 569.424744][T13181] print_circular_bug+0x275/0x350 [ 569.424765][T13181] check_noncircular+0x14c/0x170 [ 569.424787][T13181] __lock_acquire+0x126f/0x1c90 [ 569.424809][T13181] lock_acquire+0x179/0x350 [ 569.424827][T13181] ? console_lock_spinning_enable+0x61/0x80 [ 569.424842][T13181] ? console_lock_spinning_enable+0x4a/0x80 [ 569.424858][T13181] console_lock_spinning_enable+0x72/0x80 [ 569.424872][T13181] ? console_lock_spinning_enable+0x61/0x80 [ 569.424886][T13181] console_flush_all+0x7aa/0xc60 [ 569.424902][T13181] ? __pfx_console_flush_all+0x10/0x10 [ 569.424919][T13181] ? is_printk_cpu_sync_owner+0x32/0x40 [ 569.424936][T13181] console_unlock+0xd8/0x210 [ 569.424950][T13181] ? __pfx_console_unlock+0x10/0x10 [ 569.424964][T13181] ? do_raw_spin_unlock+0x90/0x230 [ 569.424978][T13181] ? _printk+0xc7/0x100 [ 569.424996][T13181] ? __down_trylock_console_sem+0xb0/0x140 [ 569.425018][T13181] vprintk_emit+0x3d7/0x680 [ 569.425033][T13181] ? __pfx_vprintk_emit+0x10/0x10 [ 569.425050][T13181] _printk+0xc7/0x100 [ 569.425069][T13181] ? __pfx__printk+0x10/0x10 [ 569.425090][T13181] ? report_bug+0x429/0x580 [ 569.425110][T13181] ? update_rq_clock+0x34a/0xc70 [ 569.425124][T13181] report_bug+0x435/0x580 [ 569.425143][T13181] ? update_rq_clock+0x34a/0xc70 [ 569.425158][T13181] handle_bug+0x184/0x210 [ 569.425174][T13181] exc_invalid_op+0x17/0x50 [ 569.425189][T13181] asm_exc_invalid_op+0x1a/0x20 [ 569.425201][T13181] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 569.425218][T13181] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 569.425230][T13181] RSP: 0018:ffffc9000bcf6aa0 EFLAGS: 00010046 [ 569.425241][T13181] RAX: 0000000000000000 RBX: ffff8880b853a4c0 RCX: 0000000000000001 [ 569.425256][T13181] RDX: 0000000000000000 RSI: ffffffff8da064ea RDI: ffffffff8bf08840 [ 569.425265][T13181] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff2104d9a [ 569.425274][T13181] R10: ffffffff90826cd7 R11: 0000000000000001 R12: ffffffff90829d34 [ 569.425282][T13181] R13: ffff88801d6adac0 R14: ffff8880b853a4c0 R15: ffff8880b843afc8 [ 569.425297][T13181] ? pick_task_fair+0xdb/0x3f0 [ 569.425314][T13181] __schedule+0x27fc/0x5de0 [ 569.425326][T13181] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 569.425341][T13181] ? trace_sched_set_need_resched_tp+0x121/0x150 [ 569.425358][T13181] ? __pfx___schedule+0x10/0x10 [ 569.425369][T13181] ? try_to_wake_up+0xa5d/0x1870 [ 569.425384][T13181] ? do_raw_spin_unlock+0x172/0x230 [ 569.425397][T13181] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 569.425418][T13181] ? try_to_wake_up+0x160/0x1870 [ 569.425432][T13181] ? preempt_schedule_thunk+0x16/0x30 [ 569.425452][T13181] preempt_schedule_common+0x44/0xc0 [ 569.425464][T13181] preempt_schedule_thunk+0x16/0x30 [ 569.425486][T13181] _raw_spin_unlock_irqrestore+0x61/0x80 [ 569.425509][T13181] rcu_preempt_deferred_qs_irqrestore+0x8e6/0xbc0 [ 569.425533][T13181] __rcu_read_unlock+0x2bc/0x550 [ 569.425546][T13181] unwind_next_frame+0x3fe/0x20a0 [ 569.425559][T13181] ? bio_alloc_bioset+0x4b4/0x8d0 [ 569.425575][T13181] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 569.425593][T13181] arch_stack_walk+0x94/0x100 [ 569.425609][T13181] ? ext4_bio_write_folio+0x7c3/0x1dc0 [ 569.425628][T13181] stack_trace_save+0x8e/0xc0 [ 569.425644][T13181] ? __pfx_stack_trace_save+0x10/0x10 [ 569.425662][T13181] ? __lock_acquire+0x622/0x1c90 [ 569.425681][T13181] kasan_save_stack+0x33/0x60 [ 569.425698][T13181] ? kasan_save_stack+0x33/0x60 [ 569.425715][T13181] ? kasan_save_track+0x14/0x30 [ 569.425731][T13181] ? __kasan_slab_alloc+0x89/0x90 [ 569.425749][T13181] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 569.425764][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 569.425781][T13181] ? bvec_alloc+0x192/0x210 [ 569.425794][T13181] ? bio_alloc_bioset+0x4b4/0x8d0 [ 569.425817][T13181] kasan_save_track+0x14/0x30 [ 569.425834][T13181] __kasan_slab_alloc+0x89/0x90 [ 569.425853][T13181] kmem_cache_alloc_noprof+0x250/0x6e0 [ 569.425868][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 569.425888][T13181] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 569.425906][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 569.425923][T13181] mempool_alloc_noprof+0x179/0x390 [ 569.425942][T13181] ? __pfx_mempool_alloc_noprof+0x10/0x10 [ 569.425964][T13181] bvec_alloc+0x192/0x210 [ 569.425978][T13181] bio_alloc_bioset+0x4b4/0x8d0 [ 569.425993][T13181] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 569.426006][T13181] ? submit_bio_noacct+0x5bd/0x1f60 [ 569.426026][T13181] ext4_bio_write_folio+0x7c3/0x1dc0 [ 569.426047][T13181] mpage_process_page_bufs+0x47c/0x8d0 [ 569.426066][T13181] mpage_prepare_extent_to_map+0x765/0x14b0 [ 569.426090][T13181] ? __pfx_mpage_prepare_extent_to_map+0x10/0x10 [ 569.426117][T13181] ? kmem_cache_alloc_noprof+0x2a1/0x6e0 [ 569.426132][T13181] ? ext4_init_io_end+0x24/0x170 [ 569.426150][T13181] ext4_do_writepages+0xa11/0x3cf0 [ 569.426163][T13181] ? rcu_is_watching+0x12/0xc0 [ 569.426178][T13181] ? __schedule+0x11a3/0x5de0 [ 569.426190][T13181] ? find_held_lock+0x2b/0x80 [ 569.426209][T13181] ? __pfx_ext4_do_writepages+0x10/0x10 [ 569.426226][T13181] ? ext4_writepages+0x37a/0x7d0 [ 569.426237][T13181] ext4_writepages+0x37a/0x7d0 [ 569.426255][T13181] ? __pfx_ext4_writepages+0x10/0x10 [ 569.426271][T13181] ? do_writepages+0x4b7/0x600 [ 569.426291][T13181] ? __pfx_ext4_writepages+0x10/0x10 [ 569.426304][T13181] do_writepages+0x27a/0x600 [ 569.426324][T13181] ? __pfx_do_writepages+0x10/0x10 [ 569.426343][T13181] ? do_raw_spin_unlock+0x172/0x230 [ 569.426356][T13181] ? _raw_spin_unlock+0x28/0x50 [ 569.426377][T13181] filemap_writeback+0x225/0x2d0 [ 569.426397][T13181] ? __pfx_filemap_writeback+0x10/0x10 [ 569.426417][T13181] ? __lock_acquire+0x622/0x1c90 [ 569.426443][T13181] ? __pfx_mt_find+0x10/0x10 [ 569.426459][T13181] file_write_and_wait_range+0xcd/0x140 [ 569.426474][T13181] ext4_sync_file+0x310/0xf10 [ 569.426494][T13181] ? __pfx___up_read+0x10/0x10 [ 569.426508][T13181] ? __pfx_ext4_sync_file+0x10/0x10 [ 569.426527][T13181] vfs_fsync_range+0x142/0x230 [ 569.426546][T13181] __do_sys_msync+0x3cb/0x5c0 [ 569.426563][T13181] do_syscall_64+0xcd/0xfa0 [ 569.426576][T13181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.426589][T13181] RIP: 0033:0x7fb460d8f7c9 [ 569.426601][T13181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 569.426614][T13181] RSP: 002b:00007fb45efd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 569.426628][T13181] RAX: ffffffffffffffda RBX: 00007fb460fe6180 RCX: 00007fb460d8f7c9 [ 569.426637][T13181] RDX: 0000000400000004 RSI: 0180000000000000 RDI: 000000001ffff000 [ 569.426645][T13181] RBP: 00007fb460e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 569.426653][T13181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 569.426661][T13181] R13: 00007fb460fe6218 R14: 00007fb460fe6180 R15: 00007fff989cbf38 [ 569.426674][T13181] [ 570.994020][T13181] WARNING: CPU: 0 PID: 13181 at kernel/sched/sched.h:1538 update_rq_clock+0x34a/0xc70 [ 571.003563][T13181] Modules linked in: [ 571.007440][T13181] CPU: 0 UID: 0 PID: 13181 Comm: syz.5.1775 Tainted: G U syzkaller #0 PREEMPT(full) [ 571.018356][T13181] Tainted: [U]=USER [ 571.022135][T13181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 571.032169][T13181] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 571.037703][T13181] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 571.057387][T13181] RSP: 0018:ffffc9000bcf6aa0 EFLAGS: 00010046 [ 571.063436][T13181] RAX: 0000000000000000 RBX: ffff8880b853a4c0 RCX: 0000000000000001 [ 571.071389][T13181] RDX: 0000000000000000 RSI: ffffffff8da064ea RDI: ffffffff8bf08840 [ 571.079339][T13181] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff2104d9a [ 571.087291][T13181] R10: ffffffff90826cd7 R11: 0000000000000001 R12: ffffffff90829d34 [ 571.095244][T13181] R13: ffff88801d6adac0 R14: ffff8880b853a4c0 R15: ffff8880b843afc8 [ 571.103198][T13181] FS: 00007fb45efd56c0(0000) GS:ffff8881249fe000(0000) knlGS:0000000000000000 [ 571.112113][T13181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 571.118683][T13181] CR2: 00002000000bf000 CR3: 0000000055bbc000 CR4: 00000000003526f0 [ 571.126642][T13181] Call Trace: [ 571.129943][T13181] [ 571.132865][T13181] ? pick_task_fair+0xdb/0x3f0 [ 571.137629][T13181] __schedule+0x27fc/0x5de0 [ 571.142117][T13181] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 571.148603][T13181] ? trace_sched_set_need_resched_tp+0x121/0x150 [ 571.154917][T13181] ? __pfx___schedule+0x10/0x10 [ 571.159791][T13181] ? try_to_wake_up+0xa5d/0x1870 [ 571.164710][T13181] ? do_raw_spin_unlock+0x172/0x230 [ 571.169889][T13181] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 571.175709][T13181] ? try_to_wake_up+0x160/0x1870 [ 571.180634][T13181] ? preempt_schedule_thunk+0x16/0x30 [ 571.185996][T13181] preempt_schedule_common+0x44/0xc0 [ 571.191268][T13181] preempt_schedule_thunk+0x16/0x30 [ 571.196457][T13181] _raw_spin_unlock_irqrestore+0x61/0x80 [ 571.202079][T13181] rcu_preempt_deferred_qs_irqrestore+0x8e6/0xbc0 [ 571.208487][T13181] __rcu_read_unlock+0x2bc/0x550 [ 571.213410][T13181] unwind_next_frame+0x3fe/0x20a0 [ 571.218511][T13181] ? bio_alloc_bioset+0x4b4/0x8d0 [ 571.223523][T13181] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 571.229667][T13181] arch_stack_walk+0x94/0x100 [ 571.234327][T13181] ? ext4_bio_write_folio+0x7c3/0x1dc0 [ 571.239775][T13181] stack_trace_save+0x8e/0xc0 [ 571.244438][T13181] ? __pfx_stack_trace_save+0x10/0x10 [ 571.249799][T13181] ? __lock_acquire+0x622/0x1c90 [ 571.254725][T13181] kasan_save_stack+0x33/0x60 [ 571.259387][T13181] ? kasan_save_stack+0x33/0x60 [ 571.264219][T13181] ? kasan_save_track+0x14/0x30 [ 571.269055][T13181] ? __kasan_slab_alloc+0x89/0x90 [ 571.274066][T13181] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 571.279684][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 571.285044][T13181] ? bvec_alloc+0x192/0x210 [ 571.289531][T13181] ? bio_alloc_bioset+0x4b4/0x8d0 [ 571.294548][T13181] kasan_save_track+0x14/0x30 [ 571.299211][T13181] __kasan_slab_alloc+0x89/0x90 [ 571.304069][T13181] kmem_cache_alloc_noprof+0x250/0x6e0 [ 571.309510][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 571.314867][T13181] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 571.320399][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 571.325790][T13181] mempool_alloc_noprof+0x179/0x390 [ 571.330993][T13181] ? __pfx_mempool_alloc_noprof+0x10/0x10 [ 571.336707][T13181] bvec_alloc+0x192/0x210 [ 571.341024][T13181] bio_alloc_bioset+0x4b4/0x8d0 [ 571.345863][T13181] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 571.351217][T13181] ? submit_bio_noacct+0x5bd/0x1f60 [ 571.356404][T13181] ext4_bio_write_folio+0x7c3/0x1dc0 [ 571.361679][T13181] mpage_process_page_bufs+0x47c/0x8d0 [ 571.367126][T13181] mpage_prepare_extent_to_map+0x765/0x14b0 [ 571.373011][T13181] ? __pfx_mpage_prepare_extent_to_map+0x10/0x10 [ 571.379334][T13181] ? kmem_cache_alloc_noprof+0x2a1/0x6e0 [ 571.384948][T13181] ? ext4_init_io_end+0x24/0x170 [ 571.389871][T13181] ext4_do_writepages+0xa11/0x3cf0 [ 571.394962][T13181] ? rcu_is_watching+0x12/0xc0 [ 571.399710][T13181] ? __schedule+0x11a3/0x5de0 [ 571.404363][T13181] ? find_held_lock+0x2b/0x80 [ 571.409024][T13181] ? __pfx_ext4_do_writepages+0x10/0x10 [ 571.414560][T13181] ? ext4_writepages+0x37a/0x7d0 [ 571.419476][T13181] ext4_writepages+0x37a/0x7d0 [ 571.424221][T13181] ? __pfx_ext4_writepages+0x10/0x10 [ 571.429487][T13181] ? do_writepages+0x4b7/0x600 [ 571.434236][T13181] ? __pfx_ext4_writepages+0x10/0x10 [ 571.439502][T13181] do_writepages+0x27a/0x600 [ 571.444080][T13181] ? __pfx_do_writepages+0x10/0x10 [ 571.449183][T13181] ? do_raw_spin_unlock+0x172/0x230 [ 571.454366][T13181] ? _raw_spin_unlock+0x28/0x50 [ 571.459208][T13181] filemap_writeback+0x225/0x2d0 [ 571.464134][T13181] ? __pfx_filemap_writeback+0x10/0x10 [ 571.469579][T13181] ? __lock_acquire+0x622/0x1c90 [ 571.474510][T13181] ? __pfx_mt_find+0x10/0x10 [ 571.479087][T13181] file_write_and_wait_range+0xcd/0x140 [ 571.484613][T13181] ext4_sync_file+0x310/0xf10 [ 571.489275][T13181] ? __pfx___up_read+0x10/0x10 [ 571.494023][T13181] ? __pfx_ext4_sync_file+0x10/0x10 [ 571.499212][T13181] vfs_fsync_range+0x142/0x230 [ 571.503967][T13181] __do_sys_msync+0x3cb/0x5c0 [ 571.508630][T13181] do_syscall_64+0xcd/0xfa0 [ 571.513117][T13181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.518989][T13181] RIP: 0033:0x7fb460d8f7c9 [ 571.523385][T13181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 571.542973][T13181] RSP: 002b:00007fb45efd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 571.551366][T13181] RAX: ffffffffffffffda RBX: 00007fb460fe6180 RCX: 00007fb460d8f7c9 [ 571.559317][T13181] RDX: 0000000400000004 RSI: 0180000000000000 RDI: 000000001ffff000 [ 571.567267][T13181] RBP: 00007fb460e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 571.575217][T13181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 571.583182][T13181] R13: 00007fb460fe6218 R14: 00007fb460fe6180 R15: 00007fff989cbf38 [ 571.591151][T13181] [ 571.594154][T13181] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 571.601415][T13181] CPU: 0 UID: 0 PID: 13181 Comm: syz.5.1775 Tainted: G U syzkaller #0 PREEMPT(full) [ 571.612335][T13181] Tainted: [U]=USER [ 571.616119][T13181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 571.626240][T13181] Call Trace: [ 571.629503][T13181] [ 571.632416][T13181] dump_stack_lvl+0x3d/0x1f0 [ 571.636998][T13181] vpanic+0x640/0x6f0 [ 571.640971][T13181] ? update_rq_clock+0x34a/0xc70 [ 571.645893][T13181] panic+0xca/0xd0 [ 571.649601][T13181] ? __pfx_panic+0x10/0x10 [ 571.654004][T13181] check_panic_on_warn+0xab/0xb0 [ 571.658933][T13181] __warn+0xf6/0x3c0 [ 571.662817][T13181] ? update_rq_clock+0x34a/0xc70 [ 571.667738][T13181] report_bug+0x3c3/0x580 [ 571.672053][T13181] ? update_rq_clock+0x34a/0xc70 [ 571.676972][T13181] handle_bug+0x184/0x210 [ 571.681287][T13181] exc_invalid_op+0x17/0x50 [ 571.685774][T13181] asm_exc_invalid_op+0x1a/0x20 [ 571.690607][T13181] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 571.696152][T13181] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 571.715739][T13181] RSP: 0018:ffffc9000bcf6aa0 EFLAGS: 00010046 [ 571.721789][T13181] RAX: 0000000000000000 RBX: ffff8880b853a4c0 RCX: 0000000000000001 [ 571.729744][T13181] RDX: 0000000000000000 RSI: ffffffff8da064ea RDI: ffffffff8bf08840 [ 571.737697][T13181] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff2104d9a [ 571.745648][T13181] R10: ffffffff90826cd7 R11: 0000000000000001 R12: ffffffff90829d34 [ 571.753597][T13181] R13: ffff88801d6adac0 R14: ffff8880b853a4c0 R15: ffff8880b843afc8 [ 571.761560][T13181] ? pick_task_fair+0xdb/0x3f0 [ 571.766313][T13181] __schedule+0x27fc/0x5de0 [ 571.770888][T13181] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 571.777117][T13181] ? trace_sched_set_need_resched_tp+0x121/0x150 [ 571.783429][T13181] ? __pfx___schedule+0x10/0x10 [ 571.788267][T13181] ? try_to_wake_up+0xa5d/0x1870 [ 571.793199][T13181] ? do_raw_spin_unlock+0x172/0x230 [ 571.798395][T13181] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 571.804188][T13181] ? try_to_wake_up+0x160/0x1870 [ 571.809109][T13181] ? preempt_schedule_thunk+0x16/0x30 [ 571.814482][T13181] preempt_schedule_common+0x44/0xc0 [ 571.819749][T13181] preempt_schedule_thunk+0x16/0x30 [ 571.824940][T13181] _raw_spin_unlock_irqrestore+0x61/0x80 [ 571.830651][T13181] rcu_preempt_deferred_qs_irqrestore+0x8e6/0xbc0 [ 571.837059][T13181] __rcu_read_unlock+0x2bc/0x550 [ 571.841980][T13181] unwind_next_frame+0x3fe/0x20a0 [ 571.846988][T13181] ? bio_alloc_bioset+0x4b4/0x8d0 [ 571.851999][T13181] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 571.858138][T13181] arch_stack_walk+0x94/0x100 [ 571.862796][T13181] ? ext4_bio_write_folio+0x7c3/0x1dc0 [ 571.868240][T13181] stack_trace_save+0x8e/0xc0 [ 571.872906][T13181] ? __pfx_stack_trace_save+0x10/0x10 [ 571.878264][T13181] ? __lock_acquire+0x622/0x1c90 [ 571.883189][T13181] kasan_save_stack+0x33/0x60 [ 571.887863][T13181] ? kasan_save_stack+0x33/0x60 [ 571.892698][T13181] ? kasan_save_track+0x14/0x30 [ 571.897536][T13181] ? __kasan_slab_alloc+0x89/0x90 [ 571.902546][T13181] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 571.908160][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 571.913515][T13181] ? bvec_alloc+0x192/0x210 [ 571.917999][T13181] ? bio_alloc_bioset+0x4b4/0x8d0 [ 571.923013][T13181] kasan_save_track+0x14/0x30 [ 571.927673][T13181] __kasan_slab_alloc+0x89/0x90 [ 571.932511][T13181] kmem_cache_alloc_noprof+0x250/0x6e0 [ 571.937957][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 571.943315][T13181] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 571.948843][T13181] ? mempool_alloc_noprof+0x179/0x390 [ 571.954200][T13181] mempool_alloc_noprof+0x179/0x390 [ 571.959393][T13181] ? __pfx_mempool_alloc_noprof+0x10/0x10 [ 571.965100][T13181] bvec_alloc+0x192/0x210 [ 571.969411][T13181] bio_alloc_bioset+0x4b4/0x8d0 [ 571.974246][T13181] ? __pfx_bio_alloc_bioset+0x10/0x10 [ 571.979598][T13181] ? submit_bio_noacct+0x5bd/0x1f60 [ 571.984784][T13181] ext4_bio_write_folio+0x7c3/0x1dc0 [ 571.990058][T13181] mpage_process_page_bufs+0x47c/0x8d0 [ 571.995503][T13181] mpage_prepare_extent_to_map+0x765/0x14b0 [ 572.001384][T13181] ? __pfx_mpage_prepare_extent_to_map+0x10/0x10 [ 572.007705][T13181] ? kmem_cache_alloc_noprof+0x2a1/0x6e0 [ 572.013325][T13181] ? ext4_init_io_end+0x24/0x170 [ 572.018257][T13181] ext4_do_writepages+0xa11/0x3cf0 [ 572.023351][T13181] ? rcu_is_watching+0x12/0xc0 [ 572.028100][T13181] ? __schedule+0x11a3/0x5de0 [ 572.032766][T13181] ? find_held_lock+0x2b/0x80 [ 572.037430][T13181] ? __pfx_ext4_do_writepages+0x10/0x10 [ 572.042965][T13181] ? ext4_writepages+0x37a/0x7d0 [ 572.047884][T13181] ext4_writepages+0x37a/0x7d0 [ 572.052630][T13181] ? __pfx_ext4_writepages+0x10/0x10 [ 572.057900][T13181] ? do_writepages+0x4b7/0x600 [ 572.062650][T13181] ? __pfx_ext4_writepages+0x10/0x10 [ 572.067924][T13181] do_writepages+0x27a/0x600 [ 572.072502][T13181] ? __pfx_do_writepages+0x10/0x10 [ 572.077603][T13181] ? do_raw_spin_unlock+0x172/0x230 [ 572.082782][T13181] ? _raw_spin_unlock+0x28/0x50 [ 572.087621][T13181] filemap_writeback+0x225/0x2d0 [ 572.092547][T13181] ? __pfx_filemap_writeback+0x10/0x10 [ 572.097992][T13181] ? __lock_acquire+0x622/0x1c90 [ 572.102927][T13181] ? __pfx_mt_find+0x10/0x10 [ 572.107511][T13181] file_write_and_wait_range+0xcd/0x140 [ 572.113041][T13181] ext4_sync_file+0x310/0xf10 [ 572.117707][T13181] ? __pfx___up_read+0x10/0x10 [ 572.122448][T13181] ? __pfx_ext4_sync_file+0x10/0x10 [ 572.127648][T13181] vfs_fsync_range+0x142/0x230 [ 572.132396][T13181] __do_sys_msync+0x3cb/0x5c0 [ 572.137057][T13181] do_syscall_64+0xcd/0xfa0 [ 572.141541][T13181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 572.147415][T13181] RIP: 0033:0x7fb460d8f7c9 [ 572.151814][T13181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 572.171582][T13181] RSP: 002b:00007fb45efd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 572.180005][T13181] RAX: ffffffffffffffda RBX: 00007fb460fe6180 RCX: 00007fb460d8f7c9 [ 572.187958][T13181] RDX: 0000000400000004 RSI: 0180000000000000 RDI: 000000001ffff000 [ 572.195913][T13181] RBP: 00007fb460e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 572.203868][T13181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 572.211824][T13181] R13: 00007fb460fe6218 R14: 00007fb460fe6180 R15: 00007fff989cbf38 [ 572.219785][T13181] [ 572.223000][T13181] Kernel Offset: disabled [ 572.227324][T13181] Rebooting in 86400 seconds..