last executing test programs: 6.355101804s ago: executing program 2 (id=372): mmap$auto(0x80000000000003, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0xfffffffffffffffa, 0x40000a, 0x1000000000df, 0x9b72, 0x2, 0x8000) (async) madvise$auto(0xfffffffffffffffc, 0x3, 0x66) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) close_range$auto(0x0, 0xe903, 0x2) (async) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async) r1 = setfsgid$auto(0x0) timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, &(0x7f00000010c0)={@sival_ptr=&(0x7f0000000000)="717f26169d688fd2d0a8352a1ec2935a08323f893444a4dcb4432b24b24a59a555426cebcf83c1c150dc5cf86a71421dabed3eb1ce8fe470ef0be7a4f4af0cfa094ea69c65aab2f425372278569001e7167095084ceb006dad736e4aa9a758dfbf69d7439346b13ebabc9e69483ecdd1315f729b57ade0026e89e9924dd489c46452ab039d4c840db0c41057ec465aef848e1f176508fe35609e0f6106e6b5ac22666016cc379538de437a9f28f974363d9d683ff3fa6dec02951d91b20a49ccbe3a6f14707718551fd1e47da43defd49218f730f9be754e7c4083aae1bd98a937e26243117ea00c6d0e30137f320109d6e57cb52a8e4c633dcd0e8820d28ba54cafd67cadfbf9552654df2dc069d9f8b7809377a7e3294fb08baad1fa5c9d9404e03e44613dd1bc9debffa97d3c6ff29902295396071ea00ee1546f89ab9b682ab7ec1dce847f9b5c0371463f96a1e10f8c9bb423f342665681cfee25512923326fa94bfe06e18ad88cf003a9808a60525b917fbf63bc43b8b764d6e396ae4ba8a0ed426c62ea7fa9966cc8d2d5ae1b6feae49b1622ef5e6b822672d01fddb404d713b763136dc7fb02ccb4a857dc2e4c840d048804a626a918832366b5a984bc95ecf1bda8f723bdb2b74a1f85b867256c79e49342bf04525f7940ff8db3bc3dbb82226c5bff24e984c97377e95d4ec51b4428f0f6f3dd99705f83107de67af9be7c506c375563210aa657168a9dcb8d5c30c125f632482d93eec8d2f3a8e5217b1859d9ff3e49fd5edb3cd03ea13342aa37bb72c21a4013ecbccee18754470694f7b24c9d3131b79668c35d0f475fe4148ed39cac3d507f27aa48ca246e126135a2391db3c5130f8cacedb0b9ac325671f9dd8fa2e296cd03b1a34d0225e0a3bf46600280250d2014b0cf4826b45a39e652bcd150d3da8a913b6178dfd0b76915864946c91614958efa7c02d206f3249ae05fa364801a3a6a4c755b01369b9724c8a04b394260e34782cc613386dbe32e31449f9eaa65ada745051ea84a1cbad0701631174f6fc862b665875a7c384b5cd3e72a6a9160c2f9e6d0592d9580b526311060862fd121130f877c84b4241761fd704ad92457f93e9b596160565c05fd70a0393e4b521912109305c2c83afe18ac11184e4dbb8a8009bdfa69e7d915a5ee493a13cf884f44ff3c01e3912b2c8249224098006effc51e8996e9b5940fbb903bcf960264a55f556bb1a41d2593f5ad4a1c4602769fb95da7494e4db01395b65a1a605f8081ccad2ee0bcf5bfe2cc12dd68212134ef7584397be38fdf112503204050ec2fddfbd77af719c1df4305caa93d88306d96657c20ce2cf63962cee5de6584ee58a72b6df5f5e66188f729a38704087cfa17481e6663107f2e7bd1709ea6891d54fc197018daccc3b9069e6c87392076bbf2eed58785640e810f5e1436fb97328c628ead8f27365be204c22ab91406acd8eaa437763c250870ba0453bb1841fde10ab089bade1ac87cc87fe203e3f8429eb193520f20b97e05f6803a186d1872373f54f481a758b8adf45acdde3f2ef168f8aec710bae85d8ae9a9d3b65996fb2279a51c351333b542f03f7db63102de2ff79327275e5a8a3ea0ab4f86495b90ffd47bf62de5eb81905b4b51281d34a0736d3e9a8eb63404fb53da7f5e7a9a53d8cb5738e149c24373f39ff9a0cc7ea16c568744a29f652c2315e63fe75c039c3ff942522dda7a5f4caa5cab7481481abb5b58cebbf81bc705473e89a6082a159d0fc818678c176ab914ce8d41ef7963a8e6377ae8f7ab842dce8ce8b25050350b49ec6bd85a8c58331befbeb79a7bb26cf7ae0409905dd2f306cc6375f3576690206c7098aac300ec9fec48f259c3a7aa894fb6a7632836834d3996141b33680b0167f8d9699df1c961c9686583fe79343026244dae3cd86dd3266b2d646f00127c083543956e0c75ebe7191d907dedf56014ff7e966a8fbb4060e0b6f47d54f84107262ce9269488564dbd68d497171a80de38f196ccc4973549948b3cecbdefb76d7a9c724760307e9dfcbff77a08529de9e0cecbfe56522f84dac936cfe246cbabf2f647bc8bbf18c3305c2d5f793bf957ea9c7b272b72e160b7c5d5e0c89c880987af78eddaaad25a1bf2c7295e04129402934a1bf77cde18eece92dba841a4bdb27201b98bc7339936263b80bdcb71c50d3a0450c5bb0100ce233c88d3599865a4faeff2e6ca1caa54687e70527ed93fd2d4a929f17cbe0f8aee7b7718a4c3f967907427e13d22b9c0cf3491ee5afad7ef7e3e781f0128750063fcb58bdbc3ddb54c840a1fdd30fde080331148eab6b37e72689ddfc6793ea2325f8d5ff8a6e9cfdd985ee6583a2364c3af371c058b941747e5682b8b0991652a8047ce566f745fdf4a4e79b9f10228d4ba2d55b59e7e7d3484d0d149d951535656f39d82f8ba1ff40280414792ac3a0ccb14fed9d9f2d35150d1fa2b6b68497ab8be5f4eb6f084cf88fcb887bd3289d4fa755335da23983de47ce82d8451b9968c1a012a5c4a754b568e8feb1cd8b8bb4c3347ffc8e86051d82ddca1ae72809329d7c0b70ec4f3e7b5649d7017ac754f6c56442fb166209c15b6f82e08a6515c92930d6146f1a65fec14e3064a4c517968df1ffedc3ee25f3cf854b0ca0a6c10206a9d374766af490a96ab3af1e62d9bdeaf21828ac7e646a957fd26a99473d3d79aa26957274c2836698a7eb2c131fcf50738e8475c913206cfe13491d1377ff717431d6d846e81e5d7328d5571f6e829f97bfe7d94c20e1c22bc4de05d308d43ba40d1bdd4c212a39045bd31f36fe3d343e8fd96f738b55e923c82a873632f89200c40e1001fbd78e55a517928d01e11cfd8df2cefe21b9c4d94edd151bec6c1b7650aa255bf0a8444ad66cb8111b111956d9f133d19414aace0be6ff7a1ee8a2e7912abbbdea70d63edf564deceaef3a213b90ef8606e0fe1d67fd1ce724a2f34f3cd3839169989f060ca8823981885f1981ff54884f07ae391c21f381ae3541120c3bc8eb0e318c7c0884a0030a890de360efd54a1b49acf51ac3bbf0a6924b208b9e72ec2d639902119d1fefcf14429187ba82afcf55227e6498e3cb0ac730eabfce2afed0559e80c03ee52a16c10e5723ef45c02acfa04d85a0356d4f39db5d53fdc33e046183cffed4ac0dd649e8ca5f7853b462bb08257befcd325ce71323c8ee765d5d11344eb76a50c371267a62697d4f9480425a37063e2de535065e02548548bcf2c6a160685eff92578f4166d0489208944da568e86b81ed867a4ae17655932311cc28bf4736ba9036d03890853057e0d2f79078f585dad59866c52f0caaa93c8e96bc76894b15ba26dc0826acef0d176fa16721ee51c42ba2533871bf46a6b94da7f0acead9ad7f466179c10e9ac1ddf8811f5686efaca945a80509544d2f03c561838406959b10e76c068e1ba2008cbd88d31be29bf225a8e85518b5e6c4e89e80a352e3095dfb6198c920d873ac40f29fdae99d60e5a62c1d6ad1dbaa4a3a60c43a53fc94030f1b2a3bf375f07c2798a9d1562a981be94b4fe41f5fc1ed1647c943b0109802dd01bd5a91b83ea7998dba0f5797d48dc8c2e2aabc3931c437b2edb5731c6d5d9c77c4ae1dfa3dc169aeb4f2663e6e22086693334e82ad84b332cd42013bf7a2702abab8dacae5c92e88faefe0e9ce6ced98d8d0fc9e954243b8514d45808802dcc6b5545321db98cae6436ffb439e670216324268d0d23b0dbfb3ec3d9e9672df3cbbba0272f3184adde875fc83da43cc67e9491aebca58bc4edecffeacc4dc87987fc930aa43d335f4c37efb71137cbfb3dabb3351af436a155c8eefc474d573ae0801d7181a7f13f04cb9bf74d69afc30b2aac56c916eba828f0bd36e3d73f03f39f0cbc1b0f455841dc95527b884a991565ac791f8ec998b21abf2f33a87eb0d8dd16bc9d261bc7b6a47b848f4631d9432981a5fd33d87ff2c4acf967cfe9489d139ce9b8f01ef07533b4b1341ca9cd64311f21bbd6bc5db2274f14aea7bf8425f6d82b6d661f77e3af2cdf0f939ff573dee71c94143263fcd49a75b3a91de14133b4a79ee29d29602985373be7d47e314b7b8d87a988b8187b3d85a4330ce9167a912a172eadf4b651cc4a91083f959779d206806263a06f6a7cd334e7a8a9c9079ce5b43ab2ba3ef47b57487aa64fe6daed5db537061cca13a083686cda38bbc0158226ec6a30b8c7e7d41889077d6e679b12dcec3bccbe0e994892255d15daa73b9603e6f674ba1d592c30ae6c99834435518e0b4b9c70791dfeab2d96c1597e476699285aa226e4d8e8ee55020c362a687529ecb003d1ecd3ab1a6efd4a66d63609e0c242017da05d8308c232ab1f4b31568d5c972b331a737df2640e5c7024697f287d4f46fbc88af8956c3c748266ebd44a3fca9c0b1fb0365f3c63bacb1df96b070dac0e03f14d17bd90354c0becf747c3e25dcc05b85a4b0c15ae50c8132a1e699e4374073fde2467c4b9761c4a62bc036261dac9d7658cc4b90aeb4025258162134af34f6d7818ba02c13537d9d1863ad87637cf124d83d8754611a42b0d0a1741e66b52c9c8da6ad98e3e5de24d23a6d6c8666f7ba1d03b467cd2380f8ecb44609a1a541ed7d7edceebdcaa6c56f73b8eabe360b9082579f927f396174ed98fc26b97d45f302e357728d46c0db4625bd0caaf6a14e020364690e28d539ce91c1b2bb4ce6de32115c9320874132d001fcb6a6af13bd7415b47c5254a2b074c65d3b4d808c96def063dfe24c11c9d890ef2160260baf7bea1131d1451992289fb6506814187a43f7c9116a7e34cc3f79edf8c9ed2b0ebb4e7a7d8d25fa8d5af37e2d2d2ffb96a8e68b6e31382e834e6f426fbf69c56538ccb2748de6cf475d02222da4589f5b6751f63ae7ec92841b995957646c8e9e32cc2d8e40269eb807069d701d760544a896aacf4785d20b994b39ffaffe6904f6c0d76c2a4b8ef0c645153ca7eb73cc532d87bdb144b0b150f2da7000984d0f10bbe9578b5e447510a31ed49ead8db10509f20480dce8375031195de35ab74e3999b10afe494828fda4ec501827752e8f9a93dc3ff4a296678d658e7eac368b6764673df0db0b0a930e6163f24884a6708efc7e14969807d9658b170255225c7181c9cfe57a2088337b168943de739a3e614a320533fba0e4c75ab68d86d1433beae7adc7c7d1a55a4b9e1e0093f3034f3761952f71e91fe630ccf0d05ed73375cf376125337eb675c63446cf7be274fe9f9079ccb4457c8c00fedbee6643a2b16b1821e7a9cc39348c742a37a381601a0bcf724efee60334452c6a4068fbba0579f19fcbc8b883f2232f614023ec4b4b631c6ecdeee1bab0fc7b32d94551dc88aebe3661c39718c7822779b5077fde8ac0e80cbb08eb5cd8be3a82518fc265fe8c6e631ed39db8d8c45f70031ff734e4d722a4e0dc6e2a635b1162c71fd182224402510fc0ed9f4aad971723b099a3fa344324f897906a7e4bf92faa0dd9070e10216bb7760b85a0c58c34944848253fd9044716b64576bde087c17ff51c859d92ca586ada7dba42b67a160364551354887e082518faa1a756f234cd24517718f3b3c3e9d2325dd6436c0a716ce5a623d99f19ad470d575764e7a47cdb2b6e5f1fc171cee6467e1c425166eff6d087aa8a7c82901c75fbb322853e0752a24cae94794ca8497c3106b272599a3c0f94a080d822c7fa5bf6e33492eecb05992507fde7aa558d264ecce32a2f8b7890c92e7ed", @inferred=r0, 0x0, @_sigev_thread={&(0x7f0000001040)=&(0x7f0000001000)=0xfe, &(0x7f0000001080)="9c0f263663e47f856d47b0ca95ba5e8f0ef270402c3ff6e6c24ee05bc334ce06fcd347f7897c95e3adc34bfb9f1b395c0723e921"}}, &(0x7f0000001100)=0x1f30) (async) setgid$auto(r1) 5.861869885s ago: executing program 2 (id=375): r0 = openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000300), 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/ocfs2/active_cluster_plugin\x00', 0x22100, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) r6 = openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0xc000, 0x0) signalfd4$auto(r4, &(0x7f0000000100), 0x8, 0x10) read$auto_objects_fops_(r6, &(0x7f00000003c0)=""/211, 0xd3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x34, r2, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_NAME={0x5, 0x2, '\x00'}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x240}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x3}, @CTRL_ATTR_FAMILY_NAME={0x8, 0x2, 'HSR\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) socket(0x10, 0xa, 0xfffffffd) syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000034c0), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40) 5.354872993s ago: executing program 3 (id=376): openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) timer_create$auto_CLOCK_TAI(0xb, 0x0, &(0x7f0000000fc0)=0xa) mmap$auto(0x0, 0x4020005, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\x00\x00\x00\x00\x01_\x9e\x99:R\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc', 0x7f) ioctl$auto(0xffffffffffffffff, 0x5646, 0xffffffffffffffff) read$auto_v4l2_fops_v4l2_dev(0xffffffffffffffff, &(0x7f0000000280)=""/40, 0x28) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x1, 0x10d3, 0x3ff) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) ustat$auto(0x801, 0x0) open(&(0x7f0000000300)='./bus\x00', 0x12d441, 0x41) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0x5, 0x0) mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u50xffffffffffffffff, 0x166, 0x7fb, 0x6, 0xa, 0x4, 0xffffffffffffffff, 0xffffffffffffffff}, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000e3, 0xeb2, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x9, 0x21e9, 0x1, 0x2, 0x2, 0xb, 0x2e, 0x8000, 0x3}, 0x6f4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf) getsockopt$auto_SO_SELECT_ERR_QUEUE(r3, 0x7ff, 0x2d, &(0x7f0000000340)='bond0\x00', &(0x7f0000000380)=0x5) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) socket(0x28, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0x9) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, 0xffffffffffffffff, 0x8, 0x7f, 0xffffffffffffffff, @relative_fd, 0x4}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4) writev$auto(0xc8, &(0x7f00000028c0)={&(0x7f0000000000), 0x200}, 0x9) fanotify_mark$auto(r1, 0x205, 0xa, 0x4, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_CQM(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000400)={0x41, r6, 0x300, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4c805}, 0x0) syz_genetlink_get_family_id$auto_thermal(&(0x7f00000000c0), r2) read$auto(0x3, 0x0, 0x87f) 3.760922527s ago: executing program 1 (id=385): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/sub5/sw_params\x00', 0x600000, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) open(0x0, 0x163340, 0x16e) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @multicast2}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x6, 0x0) r2 = socket(0x11, 0x80003, 0x300) bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x20, 0x5}, 0x7) setsockopt$auto(r2, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r2, &(0x7f0000000400)={{&(0x7f0000000000), 0x225aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1060}, 0x5}, 0x2, 0x100) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/ext4/sda1/trigger_fs_error\x00', 0xa801, 0x0) write$auto(r3, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\b\x86\xc6\xd7L\xc6\xd1\xf4h\xf2\xc4\x9aZ\x14\x83\f\x17\xf6\xb1u!\xbc\xbc8H\x94,3\xba\x8a\'\xef\b\x942W\xb5:\xb4\xe3[\x9d\xc1s\x13\xf9\xd5X\xe0\xfd\x7f\x95\xf8\xc9\x85\xe7\xd9u3\xc3\xcd\x1dJX\xcd\xab\xf5\xdf\xf1\xad\xa4\xf1\x9b\xc4\xf9\xac\xa2\x8f@W\x9d\xf4 \xd3di\x84\xff\xe2`\x9c7\xbc\xe7\xe1\x94\xcb\bt\xa0\x93]\xba\t\x92\xca\x1f\xc3\x00\x00\x00\x00\xf8\xeb\xc65\xd3\xd1\xc5\xbb\x96{\xa3\xe7\\y\xa9Em\xd5\x19\xef\xf8\xac!\xff@K\x1d\xeaE\xce=\x90\xe6O\x82X\xc1\xbfI:5\xac\xb0\x98\xbf\xf1\xba\xa4\x10s\xfb\xc1j;!\xa4+{\xe6\x02\xb8\x88\xea66$!v\xef\xce\x19eM\xae\xe3\xd9jc\x10\xa7\xf1\xce&\xd7\xb6\x06\xf3\xeb\xe8\x87[f\xe7\xdf\x8c\x0f\x80\xed\x04Z!\x89R\x8b-\xbcI\t:\xcf\x9b\xd5a\v\xf0^d$\xb6\x06\xbb\xdf\xa5\x88\x96\xd2V{\xb7n\x1b5N\xb9\xdc\x97\x16\x9e\aag\x1b\xf0K\xebtw\xe3\xf0\x03\xf8\xf2\xe3\xb7\x85\x8c\xe2\xca\xfdB\xa5\x82nlV\xac\xe6bK\xec\xa3.\xe7qeOd\x19\xeaX\x94N\x84\xa51\xec7:\xef\xd1\x8f\xd4JP\x81\xc3\xa3/Mz\x91f\xcf\xdaO\xe1l\xcc\x8b\xb0\xe5\xc9n\x95\x9a\xa6\xf3Tk\xdf\xf5m\x7fbC\x8a\x97\xdcM\x06\x8a\xd3g\xe5\'\xf2\x8c\x1a\xd00Z\x06\xf2\xacL\xe0\xab\x1d\x1e\x94?', 0x84) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev3\x00', 0x16ba00, 0x0) ioctl$auto(r4, 0x80885659, r4) socketpair$auto(0xb, 0x9, 0x800, 0x0) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x2) ioctl$auto_XFS_IOC_READLINK_BY_HANDLE(0xffffffffffffffff, 0xc038586c, &(0x7f0000000300)={r0, &(0x7f0000000040)="a43ed43395ed7b1e5d7c50a29b372a6a36ead57520a698bdbc356cc6fcc5c83c8124f2886de557d300e90b83f99925ac94dfb27d52877ba70fe13ef88c739bf08bcc6d50b5b0530d6b1252a6fe1e0b6f4007344be205c4eb83cf61ef9e9327051c36ca409f4d2611e4386844a29eaaa185c9b9d54dbece4e424d1d1475ad1b062f9d78035b95c99fb7949c5de35dea4da0edddef1c62f6370f9be13a576ea432de083ae97b7b034f87a29d450c848b0effcdcd30dd730e4496c69d1371", 0x6, &(0x7f0000000100), 0x37a5, &(0x7f0000000200)="8f2b618f10a04f21cc6c12be322ae5c3944ebde5fc86c7e6ea594fce9658ae0914b7c183d81a27a9d1f734062cdaa4d3a00b6aa81861567e537aee103cbcffdad5f9fce27d037f95256ab78135ad83b4697f976631aadf742e5a36ca055c048290ee3257948fd734b449fabe5a3647d713617c18d84910b9f9ff718619776bc2aaed2d1e3f69046f39", &(0x7f00000002c0)=0x1}) ioctl$auto_BTRFS_IOC_SEND(r5, 0x40489426, &(0x7f0000000380)={@inferred=r0, 0xfffffffffffffe00, &(0x7f0000000340)=0xd128, 0x2, 0x80000001, 0xfffffc00, "e4c4c7e654a9ddff71b4fee8bf5304b480894c564e2d1e89f999cfff"}) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2800, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) pread64$auto(r0, 0x0, 0x3, 0x5ef6) 3.727083501s ago: executing program 2 (id=386): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) (async) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x102, 0x4000011, 0x0, 0x6, 0x5, 0x1ff, 0xffffffffffffffff, [0x0, 0x6], {0x3f000, 0x10001, 0x3, 0x2de, 0x6d, 0x0, 0x101, 0x6, 0x2000009}, {0xfff7fffd, 0x3, 0x52, 0x1a7, 0x10001, 0x4040, 0x76c5, 0x8, 0x8000000000040800}}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) r1 = getpid() process_vm_readv$auto(r1, 0x0, 0x9, &(0x7f0000000280)={&(0x7f00000002c0), 0x1000090}, 0xa, 0x800000404) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x1001}, 0x800000001, &(0x7f0000000500)={&(0x7f0000000080), 0x800001ffffffff}, 0x6, 0x0) (async) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x1001}, 0x800000001, &(0x7f0000000500)={&(0x7f0000000080), 0x800001ffffffff}, 0x6, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, 0x0) 3.656784072s ago: executing program 0 (id=387): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) sysfs$auto(0x2, 0x100000000000030, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram3\x00', 0x44000, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='7\x00\\\xa0\xe1J\x04|\x03\x7f\x81\xe4\x05\x1c\xc7k', 0x1) write$auto(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_BLKBSZSET(r1, 0x40081271, &(0x7f00000000c0)=0x1000) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)="bdcda609d0dd307ad1695e8740fefb7f2c", 0xfffffffffffffcfb) fsconfig$auto_HIDEPID_INVISIBLE(r0, 0xf, &(0x7f0000000140)='\x00'/12, &(0x7f0000000400)="6b877ea5f009ddef190ed200c4b5ee4a5d5e0dce71c32bb70f6e8dd880af5785cfcd415934632f4ef762f63c19b7c669b710fc46be6657c9a259842192b5bf452f2e4f0f252b8f71cf5e0e40150ca9e288f97485606c035e12ca62a4f0b594470cdedce670bca66fabfaf7757a8531baa3f7185da87d2de5032f61000000000000000000000080f01fab66567effa2f5ac945cdcd4d30043cd19d7783a23fbcf390f617f1226dbab84d83691a784ac31db3c", 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r2 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram2/partscan\x00', 0x80200, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) io_uring_setup$auto(0x5b, &(0x7f0000000080)={0x7fffffff, 0x8, 0x2, 0x6, 0x78ad11c7, 0x8, r2, [0x5, 0x769b], {0xd74c, 0x10000, 0x1, 0x29f, 0x100, 0xfff, 0x101, 0x6, 0x2}, {0x6, 0x79, 0x6, 0x7, 0x1, 0x40, 0x176c7, 0x1, 0x100000005}}) r3 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x0, 0x0) read$auto_ftrace_event_filter_fops_trace_events(r3, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000280)={0x4, 0xfc, 0x6, 0x3, 0x7f, 0x80, &(0x7f0000000180)="2bb5abdb977cf4ebec604e719e3bc8d34ed9b8b0b8032cc19c0c8bf6a4e969e38390edbf66cd1cb6501458ef76fc5bb39e5c945d2153ea364bd19f6a4ab35e5031b541e5fb3fbafb67432a1a9ef0a8bbecca0a"}) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0xe8, 0x9, 0xffffffffffffff7f, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 3.071598883s ago: executing program 1 (id=388): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/quirks\x00', 0x9c0302, 0x0) write$auto(r1, &(0x7f00000002c0)='\f,\xcd\x87\x1cU\x1c\xfd\xf0\xacfLu\xff\x7f{\xe7@\xe8\xe2\x01\x8a\xa6\x82a\x88y\xd5N.\x03\xbb\x95\xd2\x90{Uz\x19\xe7F\xac\xd0\xf3?\x86(:7M\xcf\xf3\xa78*\x1c\xc3w\xb4\xce\xfc\xd4?\xc6\x00\x00\x88\x884\xc7\xebR\xd9\xc0\xcf\x04\x17\xbd\xd0\n\xe6\xd7\xc5z\"\xf3\xe4V\x04\xc5@\xa9\xa1\x1eb\x8f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\x00\x00\x00\x00\x00\x00\xcb\xc0\xf2\xdd\t)\xb4\x06\xaex\x92\'\x82~\xcb-\xeb\xc6\x9b\x047]\xf0\xecN\xd1\x88\x05\x8b\xa5\x06{\xfe\x89K\x8a\xd7\x9cZ)\xcbv%\x0eB\x19\xf7\xb0\xad=\x18\xcc-\xe3V9\x9dC~{\xd0\x1c\xa1t8\xe6\xa2\xf7\xeb\x02g\x9b\x1f&\\)qJ\xde\x00\xf4\xed\'I\xdc\x87F\x17\a\xf5Y\xfb\r\xdd5\x9e\x85\xc9\x83\xbe?\x84r\xd6\xc1\x18\xba;\x9fh\x94\xefD\xc6Xl\xe0G\xf4\x9e\'\x1e\x1c\xa8\xd9\xcay}\xde\xd3~I\x174;\xd5y8\x93}\xaf\x8eEA\x8ax\x84\x85n\x9b0\x19\xfb\t\xfd<\xc1H~o&\x0fc+|\xbdK\x8f\x98\x14\xc7\xe9\x19\x19\xfdWt2\x9e9\xff\xc9\xaf\x9dI\xf6Nf\x1c\xdc`\x80\b\x84\v\xb0\x9a\x19\xfb\xbc\x90\xe1,\x8e\x00\x00\xf3\xdd9\xc7\x1f\x04T\x91\x9c\xef\xad\x87R?\xa9\x81U\xec\xe6\xab\"n\xd5\xd1\xf4\xee\x8a\xa3\x8cK\x97\xcaG\xeb\xaeU\fK\x00'/370, 0x5) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x6, 0x0, 0x1e, 0x101}, 0x6}, 0x7, 0x2001fffc) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) bpf$auto_BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000180)=@bpf_attr_1={r0, 0x4, @value=0x7fffffff, 0xdf09}, 0x0) write$auto(0x3, 0x0, 0x7fffffff) sendmsg$auto_IEEE802154_LLSEC_LIST_SECLEVEL(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x40081) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_LEAVE_OCB(r2, 0x0, 0x4000) wait4$auto(0xffffffffffffffff, &(0x7f0000000080)=0x7, 0x80000001, 0x0) sendmsg$auto_NL80211_CMD_SET_CQM(r0, 0x0, 0x20040871) write$auto(0x3, 0x0, 0x100000000) mmap$auto(0x0, 0x8, 0xdf, 0xebe, 0x401, 0x8000) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r3, 0x5646, r3) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) write$auto(r4, &(0x7f0000000100)='%U{\fb\x00aU\xca\xc9:\xcfZ', 0xffffffff) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) read$auto(0x3, 0x0, 0x80) mmap$auto(0x1, 0x22, 0x4000000000df, 0xeb1, r4, 0x7f) gettid() socket(0x10, 0x3, 0x0) brk$auto(0x1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) migrate_pages$auto(0x0, 0x74, &(0x7f0000000780)=0x8000000000000001, &(0x7f00000007c0)=0x1) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x301341, 0x0) 3.004005564s ago: executing program 0 (id=389): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0) r0 = socket(0x29, 0x2, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001200)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x68202, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) ioctl$auto(r0, 0x89f1, 0x24) 2.853887813s ago: executing program 2 (id=390): r0 = openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000300), 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/ocfs2/active_cluster_plugin\x00', 0x22100, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) r6 = openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0xc000, 0x0) signalfd4$auto(r4, &(0x7f0000000100), 0x8, 0x10) read$auto_objects_fops_(r6, &(0x7f00000003c0)=""/211, 0xd3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x34, r2, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_NAME={0x5, 0x2, '\x00'}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x240}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x3}, @CTRL_ATTR_FAMILY_NAME={0x8, 0x2, 'HSR\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) socket(0x10, 0xa, 0xfffffffd) syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000034c0), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40) 2.490405334s ago: executing program 0 (id=391): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/fs/quota/writes\x00', 0x0, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/block/mtdblock0/rqos/wbt/inflight\x00', 0x200, 0x0) lseek$auto(0x3, 0x40, 0x1) r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r2, &(0x7f0000000440)="110000000300"/17, 0x11) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) writev$auto(0xffffffffffffffff, 0x0, 0x4000000000007) r3 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000880)='/proc/thread-self/numa_maps\x00', 0x28100, 0x0) pread64$auto(r3, 0x0, 0x10001, 0x3) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r4, 0x4, 0x100000000) ptrace$auto_PTRACE_SETREGSET(0x4205, r4, 0xffffffff00000202, 0x6) mmap$auto(0x0, 0x20009, 0xfff, 0xeb1, 0x401, 0x8000) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0x40047452, 0x0) close_range$auto(0x0, 0x5, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x60580, 0x0) r6 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) clone$auto(0x20003b11, 0x8, 0x0, 0x0, 0x7) write$auto(r6, 0x0, 0xe) ioctl$auto(0x3, 0x80000541b, 0x38) ioctl$auto(r1, 0x8001, r5) 2.013318978s ago: executing program 1 (id=392): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x44eb2, 0xd, 0x300000000000) semctl$auto_SEM_INFO(0x0, 0xfffffffd, 0x13, 0x1) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0xfffffffffffffffd, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x1, 0x106) r1 = socket(0xa, 0x1, 0x84) fsmount$auto(r1, 0x3, 0x6) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x2, 0x1, 0x106) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x8000, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram10\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x810004, 0x3, 0x14, r2, 0x7fff) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) ppoll$auto(&(0x7f00000000c0)={0xffffffffffffffff, 0x7980, 0x6}, 0x2, 0x0, 0x0, 0x8) getrandom$auto(0x0, 0x6000000, 0x3) r3 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r3, 0x65, 0x3, 0x0, 0x0) r4 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, 0x0) connect$auto(0x3, &(0x7f00000016c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x56) syz_genetlink_get_family_id$auto_nbd(&(0x7f00000000c0), r0) waitid$auto(0xff, 0xffffffffffffffff, &(0x7f0000000200)={@siginfo_0_0={0xffff, 0xa, 0xa7, @_sigsys={&(0x7f0000000140)="4d39c8cde3be6e5b056ebebae089b528b7b8f9559de39877c133ed7e1698485be41f6048163e2de81538b6632c23497b7ce9f913ab335e1608a042d81e8f149261136fb2fbfa4fbe67f665052a8a6879a98ba14182bd536e5699f911c4f6c6571251fe117781fdb1ee6c383ccf6d0c41a87335a9b6f1e7a41807a9ed8fc761663211bc08cc72238c0dd441bfe02b12d5373fa742627f169387204c4b6f44a312db77", 0x7, 0x2}}}, 0x3ff, &(0x7f00000002c0)={{0x2, 0x1}, {0x8, 0x9}, 0x5, 0x81, 0x1, 0x4, 0x80000000, 0xfffffffffffffcd4, 0x7ff, 0xfffffffffffffff9, 0x15, 0x1, 0xd, 0xfffffffffffffffd, 0x5, 0x74}) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001800)={&(0x7f0000000040), 0xc, &(0x7f00000017c0)={&(0x7f0000001840)=ANY=[], 0x13c0}, 0x1, 0x0, 0x0, 0x4000000}, 0x22000010) uname$auto(0x0) fsmount$auto(r0, 0x4, 0x7) 1.987574138s ago: executing program 3 (id=393): unshare$auto(0x40000080) (async) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) getsockopt$auto_SO_BSDCOMPAT(r0, 0x3, 0xe, &(0x7f00000000c0)='*\\\x00', 0x0) (async, rerun: 64) mmap$auto(0x0, 0x810000, 0xffb, 0x8000000008011, 0x3, 0x8000) (rerun: 64) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000003}, 0x7, 0xffffffffffffffff, 0x8000000000000, 0x2f) bind$auto(0x3, &(0x7f0000000040)=@tipc=@name={0x1e, 0x2, 0x3, {{0x41, 0x3}, 0x4}}, 0x6a) (async) r1 = getpid() mmap$auto(0x0, 0x128008, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) shmget$auto(0x0, 0x7b, 0x100) (async) process_vm_readv$auto(r1, 0x0, 0x1, &(0x7f0000000280)={&(0x7f0000000040), 0xffffffff}, 0x6, 0x0) (async) r3 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) r4 = syz_clone3(&(0x7f0000000480)={0x22000000, 0x0, &(0x7f00000001c0), &(0x7f0000000200)=0x0, {0xa}, &(0x7f00000002c0)=""/150, 0x96, &(0x7f0000000380)=""/162, &(0x7f0000000440)=[r1], 0x1}, 0x58) (async, rerun: 32) r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x4dd8, 0x5) r7 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_BIND_RX(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010026bd7000fcdbdf250d00000008000300", @ANYRES32, @ANYBLOB="0400028008000100"], 0x28}, 0x1, 0x0, 0x0, 0x4800}, 0x4) (async) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) r8 = prctl$auto(0x3e, 0x1ff, r4, 0xffffffffffffffff, 0x4000006) (rerun: 64) listen$auto(r0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) (async) dup$auto(r8) (async, rerun: 64) r9 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/irq/14/node\x00', 0x20000, 0x0) (rerun: 64) read$auto_proc_iter_file_ops_compat_inode(r9, &(0x7f00000001c0)=""/215, 0xd7) (async) r10 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/ipv6_route\x00', 0x80000, 0x0) pread64$auto(r10, 0x0, 0x6000000000, 0x100000004) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000640)={0x6, "732a0fa9ee2379d1d8e2b58937752d090a41f5a96f5475aea9ef61c12be5038e", @inferred=r2}) ioctl$auto_BLKTRACESETUP32(0xffffffffffffffff, 0xc0401273, &(0x7f00000005c0)={"43fd8f803e76064773d9c42c0454964206d90afa55f2084509f1671dc8c2bdbb", 0x98f0, 0x400, 0xffffff98, 0x45, 0x5, r5}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 1.742468611s ago: executing program 0 (id=394): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) (async) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000380)="7a47301037954c081c9a0bb84bb7b04ef84993eab91abe1686f43e43d786e964e8f04455bd620de9f3fb6d65e6c078c1a672c549dbc7876cb528ba081a81d884bfc00dd4eef57cedc0cc4156ff6a5b0aa8ba9511fe2b07c6e7f4732fe36ba218aa5b0ff402f2e6adb8ea60886c1e52c60d7d87e4c0551386501763ad098eb2b9602f83b2a643399f10dfdb0f4018b401be4db675d0acf8d348c26acf338cbe20fcb76439ca602a3c022f4463a8820f1c6f865d24e058af98f0c48bf552c3f6cc28c09d9054347db3c28701c67fa1e57d81b8") (async, rerun: 32) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x42080, 0x0) (async) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240)="a30d", 0xc694, 0x3, 0x80005, @stream_id=0x7, 0x2004b, 0xc, 0x0}) (async) read$auto_proc_mountinfo_operations_mnt_namespace(r1, &(0x7f0000000040)=""/66, 0x42) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio1\x00', 0x123002, 0x0) write$auto(r3, 0x0, 0x80000000) (async) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) (async) recvmsg$auto(r3, &(0x7f00000002c0)={&(0x7f00000000c0)="084a3e8056c0e6ff0a63f6a187b19ce33daf76fc3f709a6826d9ef38b207580873182a9b0b0a5d49e19894d9602e27dd8015389c2d4b6039342d9742e9e2b4a1770a5e", 0x6, &(0x7f0000000240)={&(0x7f00000001c0)="d78ed60589f1cb6c330a14cfbc4d19f1dd6145b05077adf9d098fd2a55843cb1a47f40e586584142a08e17198297b0c2e5e412755f59e7427fd3bc17c747dd80904871b41a9455fb66a434f0aac26a9ea89bdca78abde6edd88f9e0e1ca8e089928b2776c7f6047b2753ba5114ef05cd77105030425feb45", 0x200}, 0x4, &(0x7f0000000280)="f7c2a8ee51c1800a7b855198e5648080808654d9f9dcbb9c2461b7262b636b09634b30e0cb94dff7c83f52d5ba3001fd613d681cb73fb7a9900804", 0xfffffffffffffffd, 0x2}, 0x81) (async) ioctl$auto_SNDCTL_DSP_GETODELAY(r3, 0x80045017, &(0x7f0000000180)) 1.631793791s ago: executing program 2 (id=395): socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x55) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 949.992148ms ago: executing program 3 (id=396): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x20342, 0x0) r0 = socket(0x1f, 0x800, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f000000a300), 0x2000, 0x0) ioctl$auto_UI_END_FF_UPLOAD(r1, 0x406855c9, &(0x7f000000a380)={0x2, 0x4, {0x8, 0x102, 0x2, {0x4, 0x3}, {0x4, 0x3}, @condition=[{0x401, 0x312, 0xff, 0xf507, 0x0, 0x7f}, {0x4, 0x3, 0x9, 0x4, 0x0, 0x61b}]}, {0xff80, 0x40, 0x6, {0x8, 0xb}, {0x0, 0xfc8f}, @periodic={0x7ac6, 0x8, 0x7, 0x7, 0x7, {0x2, 0x7, 0x0, 0x8000}, 0x0, 0x0}}}) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x3}, 0x7, 0x0, 0x5, 0x3cbb}, 0xfff}, 0x8, 0x311) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/mice\x00', 0x22002, 0x0) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x8, 0x0, 0x0, 0x2, 0x100000000) socket(0x2, 0x80002, 0x73) read$auto_stat_fops_per_vm_kvm_main(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x9, 0xc, 0xdb, 0x9b72, r2, 0x8001) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000080), 0x82, 0x0) r3 = socket(0x2a, 0x2, 0x800009) sendto$auto(r3, 0x0, 0x402, 0x0, &(0x7f0000000700)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x1c) r4 = socket(0xa, 0x3, 0x5) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r4) sendmsg$auto_NL802154_CMD_ASSOCIATE(r4, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="4d8091513426303b43cc380000fcd08ce713877c96f31c088a9e33569826bc9c433bb0668452c7cbeca0a26fe507151a80295d1664b51edaad45d337256b366500788bcef5217be40970bb3f6c9f2db7f1a86e3d7055691414080000003c6d8100929048c35fcaaaa0", @ANYRES16=r5, @ANYBLOB="04002abd7000ffdbdf25280000001400040076657468315f746f5f62617461647600050029000100000008002a0002"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x4040004) r6 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="3000000085505982c98ab42e8a09172b14723e882204912d4488e6639d5fefafd8092bd6217c50da07e3221e47ff86d070fc3a4a33fb629be0ebffe73677405b19e7150b1dfe3a612c4ef77f1f92defc1d29bdcf47f33faeaee451232dc2e935799c1c5ff150fcb3d5786c276fe0e3ad7eec7c355dc73939e5a692e10652adfd0f96efc07ebc955885621b0485ebe72c698a77b5", @ANYRES16=r5, @ANYBLOB="080028bd7000fbdbdf251500000008000500008000000c0002005b562b25285d2d0008001d00", @ANYRES32=r6, @ANYRES32=0x0], 0x30}, 0x1, 0x0, 0x0, 0x6000808c}, 0x8000) r7 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto_BTRFS_IOC_SUBVOL_CREATE(r7, 0x5000940e, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0) write$auto(r8, &(0x7f0000000240)='002.15.4 MAC\"', 0x3) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cec6\x00', 0x80001, 0x0) openat$auto_binder_features_fops_(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/features/freeze_notification\x00', 0x40000, 0x0) 884.615526ms ago: executing program 0 (id=397): prctl$auto_PR_GET_UNALIGN(0x5, 0x29, 0x8000, 0x3, 0x7fff) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x1f, 0x0) (async) sysfs$auto(0x2, 0x1f, 0x0) fanotify_init$auto(0x6a1, 0x2000000000002) lsm_list_modules$auto(0x0, 0x0, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async) openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x0, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc0c02, 0x0) ioctl$auto(r1, 0xc0045543, r2) (async) ioctl$auto(r1, 0xc0045543, r2) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') (async) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) (async) open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) lseek$auto(0x3, 0x2, 0x4) mmap$auto(0x0, 0x20009, 0xfff, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xfff, 0xeb1, 0x401, 0x8000) mmap$auto(0x4, 0x2020009, 0x3, 0x15, 0xfffffffffffffffa, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x40400, 0x0) (async) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x40400, 0x0) socket(0x10, 0x2, 0xc) openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci4/force_wakeup\x00', 0x97253d5c24a95d78, 0x0) (async) openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci4/force_wakeup\x00', 0x97253d5c24a95d78, 0x0) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) (async) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) clone$auto(0x20003b11, 0x8, 0x0, 0x0, 0x7) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000200)="726f76d77e961dc25a24984a2d4e2f63aa4bb642c45569977ef673c7c1d9dcf186e6c35de68f90c9ccecb31d3c3e6ede3e52b96bbee7ad10f6178a2bddd97710ce638fb4a7ec8ef015d867d489a1d87a8ad48aee71d3f19349e118f7d006fbd2f232e5fea8c137b9e694cf150ae7a789222b4e35c405400df907ae968289c3fb999cf60dfa6c9847e0088137b4737f7e799058a5f0a64644a95496839c12f2a46aca235de2d02bcff6a3311f5514ba4b09bd7dca0a919087bd7dd2b8f598d527cdbbb3a540957e389df9d47173456a45059511d01709ec67760bdb8b124df1f347658d91", 0xe4) r3 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) pread64$auto(r3, &(0x7f00000001c0)='\x00', 0xca31, 0x4) 599.392667ms ago: executing program 3 (id=398): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x5c, r1, 0x1, 0x70bd29, 0x25dfdc00, {0x1, 0x0, 0x3f00}, [@L2TP_ATTR_MTU={0x6, 0x1c, 0x10}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x9}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x9}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @loopback}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3f}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44000}, 0x90) 447.546239ms ago: executing program 3 (id=399): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r2, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000002580)={0x24, r3, 0x9ec6579d452c1f15, 0x70bd2e, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x25, 0x0, 0x0, @uid}]}]}]}, 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x20000080) unshare$auto(0x40000080) sendmsg$auto_NL802154_CMD_SET_CCA_ED_LEVEL(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="08002dbd7000fddbdf250e0000000500120040000000"], 0x1c}, 0x1, 0x0, 0x0, 0xfcb3c617dd1c550b}, 0x40000) io_setup$auto(0x7ffe, 0x0) fcntl$auto_F_SETOWN(0xffffffffffffffff, 0x8, 0x0) r4 = socketpair$auto(0x1e, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r5 = epoll_create$auto(0x70c) epoll_ctl$auto(r5, 0x1, r0, 0x0) sendmmsg$auto(0x4, 0x0, 0x2009a6, 0x40006) r6 = openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim5/take_snapshot\x00', 0x140, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r6, 0x8000) close_range$auto(r4, r1, 0x0) keyctl$auto(0x4, 0xfffffffffffffffc, 0x0, 0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r7 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r7, 0xffffffffffffffff, 0x0) r8 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0) ioctl$auto(r8, 0xc058560f, r8) 29.825996ms ago: executing program 0 (id=400): r0 = openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000300), 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/ocfs2/active_cluster_plugin\x00', 0x22100, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x11, 0x0, 0x8) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) r6 = openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0xc000, 0x0) signalfd4$auto(r4, &(0x7f0000000100), 0x8, 0x10) read$auto_objects_fops_(r6, &(0x7f00000003c0)=""/211, 0xd3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x34, r2, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_NAME={0x5, 0x2, '\x00'}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x240}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x3}, @CTRL_ATTR_FAMILY_NAME={0x8, 0x2, 'HSR\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000034c0), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40) 0s ago: executing program 1 (id=401): unshare$auto(0x40000080) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000300)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fda24d0f81d1b16c3cca5b2611827c2f1ca88bb01e672131ac62d346b5601f538ccf285e7a197166480ef899794cabea2d3acdc6854e36342b72e38cdb37fd4b61107cdae019c6139ce8761b5edfafa9297286e61bc1f4f76db1db63a0c3f09b4694c73a62d141e67963f89258e7b20e3e754047f97b296fe83e473ec5db31107d77a89afc1679c231ce06bc0d5b888a0b8735f40e8260af4ebf3bb6ae388905f43be462a5b4fcdc80839bba124c35e3759c849277310af080cfd6beed21", 0xe0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/location\x00', 0x800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000140)=""/35, 0x23) r3 = getpid() accept4$auto(0xffffffffffffffff, &(0x7f0000000080)=@ethernet={0x307, @local}, &(0x7f00000000c0)=0xcfd, 0xfffffffb) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = fcntl$auto(r5, 0xa, 0x1) linkat$auto(r6, &(0x7f00000002c0)='./file0\x00', r4, &(0x7f0000000400)='./file0\x00', 0x4040) landlock_restrict_self$auto(r4, 0x4) r7 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000080), 0x100401, 0x0) write$auto_evm_xattr_ops_evm_secfs(r7, &(0x7f0000000240)="003bf0dea2d07ba00c00000071a2320fa813300400b7123265ec37779047b1f4d198c06b7a0c5cfb16e8a9d1769e30852aae5ab574e19dc18eb97ea463f60b326fb3e41233f88421656b4cfc2d7c938701a0b54d44e015c77d8e1a065d5a83228c30bb386589bbc49fdd0be4538d9c32fb5af2e184b9a3568a62254d73", 0x7d) r8 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x88800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000000c0)={'team_slave_0\x00'}) bpf$auto(0x9, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, r4, 0x9, 0x0, 0xffffffffffffffff, @relative_fd, 0x1}, 0x17) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r8, 0xc0405519, &(0x7f0000000040)={@inferred=r3, 0x555c, 0xffff, 0x1, "8f9638544ae4bbdf48e497dbb5a3760f9b6b2c854e493a712fcbb4034dde3ba72adae5bfa41dba811bf5488f", @inferred=r3}) r10 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000b00), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r11 = socket(0x0, 0x80003, 0x300) setsockopt$auto(r11, 0x107, 0x12, 0x0, 0x4) access$auto(&(0x7f0000000240)='./file1\x00', 0x1) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000440)='/proc/thread-self/oom_adj\x00', 0x400, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x38, r10, 0xc1b, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x7a5}, [@GTPA_VERSION={0x8}, @GTPA_FLOW={0x6, 0x6, 0x7}, @GTPA_LINK={0x8, 0x1, 0xfffffff8}, @GTPA_TID={0xc, 0x3, 0x8000000000000000}]}, 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x800) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.110' (ED25519) to the list of known hosts. [ 84.606808][ T5619] cgroup: Unknown subsys name 'net' [ 84.697407][ T5619] cgroup: Unknown subsys name 'cpuset' [ 84.706705][ T5619] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.510624][ T5619] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 88.810944][ T5631] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.819870][ T5631] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.827585][ T5631] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.840039][ T5631] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.848234][ T5631] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.861372][ T4948] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.870736][ T4948] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.883086][ T5638] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.892770][ T5638] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.900466][ T5638] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.908201][ T5631] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.914254][ T5638] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.921407][ T5631] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.925822][ T5638] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.935397][ T5631] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.987852][ T5635] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.996876][ T5635] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 89.005297][ T5635] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 89.014869][ T5635] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 89.024844][ T5635] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.646956][ T5630] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.655026][ T5630] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.662247][ T5630] bridge_slave_0: entered allmulticast mode [ 90.670024][ T5630] bridge_slave_0: entered promiscuous mode [ 90.709269][ T5630] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.716585][ T5630] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.723836][ T5630] bridge_slave_1: entered allmulticast mode [ 90.731229][ T5630] bridge_slave_1: entered promiscuous mode [ 90.749565][ T5634] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.756820][ T5634] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.764075][ T5634] bridge_slave_0: entered allmulticast mode [ 90.771282][ T5634] bridge_slave_0: entered promiscuous mode [ 90.814495][ T5634] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.821671][ T5634] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.828908][ T5634] bridge_slave_1: entered allmulticast mode [ 90.836375][ T5634] bridge_slave_1: entered promiscuous mode [ 90.894014][ T5630] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.935954][ T5630] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.954011][ T50] Bluetooth: hci0: command tx timeout [ 90.957810][ T5634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.968981][ T5640] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.977094][ T5640] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.984517][ T5640] bridge_slave_0: entered allmulticast mode [ 90.991921][ T5640] bridge_slave_0: entered promiscuous mode [ 91.024787][ T5634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.034109][ T50] Bluetooth: hci1: command tx timeout [ 91.034232][ T5635] Bluetooth: hci2: command tx timeout [ 91.044270][ T5640] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.052653][ T5640] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.059859][ T5640] bridge_slave_1: entered allmulticast mode [ 91.067277][ T5640] bridge_slave_1: entered promiscuous mode [ 91.113347][ T5635] Bluetooth: hci3: command tx timeout [ 91.125091][ T5630] team0: Port device team_slave_0 added [ 91.130888][ T5637] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.138421][ T5637] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.145730][ T5637] bridge_slave_0: entered allmulticast mode [ 91.153076][ T5637] bridge_slave_0: entered promiscuous mode [ 91.183730][ T5630] team0: Port device team_slave_1 added [ 91.189586][ T5637] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.196993][ T5637] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.204516][ T5637] bridge_slave_1: entered allmulticast mode [ 91.211836][ T5637] bridge_slave_1: entered promiscuous mode [ 91.220844][ T5634] team0: Port device team_slave_0 added [ 91.229242][ T5640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.267243][ T5634] team0: Port device team_slave_1 added [ 91.275225][ T5640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.328402][ T5630] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.335666][ T5630] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.361679][ T5630] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.377109][ T5637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.409217][ T5630] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.416513][ T5630] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.443132][ T5630] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.456836][ T5637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.466679][ T5634] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.473949][ T5634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.500019][ T5634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.513702][ T5640] team0: Port device team_slave_0 added [ 91.531484][ T5640] team0: Port device team_slave_1 added [ 91.549767][ T5634] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.556870][ T5634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.582859][ T5634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.640116][ T5637] team0: Port device team_slave_0 added [ 91.649277][ T5637] team0: Port device team_slave_1 added [ 91.656467][ T5640] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.663494][ T5640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.689541][ T5640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.702430][ T5640] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.709821][ T5640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.735983][ T5640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.823492][ T5637] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.830507][ T5637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.856571][ T5637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.874997][ T1232] cfg80211: failed to load regulatory.db [ 91.885801][ T5630] hsr_slave_0: entered promiscuous mode [ 91.892538][ T5630] hsr_slave_1: entered promiscuous mode [ 91.917420][ T5634] hsr_slave_0: entered promiscuous mode [ 91.924289][ T5634] hsr_slave_1: entered promiscuous mode [ 91.930459][ T5634] debugfs: 'hsr0' already exists in 'hsr' [ 91.936345][ T5634] Cannot create hsr debugfs directory [ 91.944017][ T5637] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.951043][ T5637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.977406][ T5637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.063498][ T5640] hsr_slave_0: entered promiscuous mode [ 92.069904][ T5640] hsr_slave_1: entered promiscuous mode [ 92.076480][ T5640] debugfs: 'hsr0' already exists in 'hsr' [ 92.082229][ T5640] Cannot create hsr debugfs directory [ 92.169495][ T5637] hsr_slave_0: entered promiscuous mode [ 92.175952][ T5637] hsr_slave_1: entered promiscuous mode [ 92.182027][ T5637] debugfs: 'hsr0' already exists in 'hsr' [ 92.188207][ T5637] Cannot create hsr debugfs directory [ 92.603614][ T5634] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 92.621465][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 92.629644][ T5634] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 92.642989][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 92.651133][ T5634] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 92.661756][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 92.670094][ T5634] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 92.680944][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 92.784819][ T5630] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.797529][ T5630] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 92.805610][ T5630] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 92.816112][ T5630] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 92.829348][ T5630] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 92.840223][ T5630] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 92.849943][ T5630] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 92.861251][ T5630] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 92.972212][ T5640] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 92.985412][ T5640] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 93.001215][ T5640] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 93.012077][ T5640] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 93.033140][ T5635] Bluetooth: hci0: command tx timeout [ 93.035831][ T5640] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 93.048997][ T5640] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 93.057952][ T5640] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 93.068158][ T5640] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 93.101204][ T5634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.113580][ T5635] Bluetooth: hci1: command tx timeout [ 93.114133][ T50] Bluetooth: hci2: command tx timeout [ 93.179613][ T5634] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.194778][ T50] Bluetooth: hci3: command tx timeout [ 93.208616][ T5637] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.224369][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 93.236672][ T5637] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.246880][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 93.261122][ T5637] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 93.271152][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 93.282643][ T1110] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.290129][ T1110] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.305487][ T5637] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 93.316156][ T5637] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 93.340058][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.347205][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.419078][ T5630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.465086][ T5630] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.505584][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.512744][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.525709][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.532862][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.685469][ T5640] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.770996][ T5640] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.813836][ T1110] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.821052][ T1110] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.855693][ T5637] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.879187][ T1110] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.886434][ T1110] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.945083][ T5637] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.988524][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.995862][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.036575][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.043834][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.742775][ T5634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.902575][ T5630] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.946552][ T5634] veth0_vlan: entered promiscuous mode [ 95.005624][ T5634] veth1_vlan: entered promiscuous mode [ 95.113362][ T50] Bluetooth: hci0: command tx timeout [ 95.176349][ T5630] veth0_vlan: entered promiscuous mode [ 95.192228][ T5634] veth0_macvtap: entered promiscuous mode [ 95.203809][ T50] Bluetooth: hci2: command tx timeout [ 95.203946][ T5635] Bluetooth: hci1: command tx timeout [ 95.235305][ T5634] veth1_macvtap: entered promiscuous mode [ 95.248998][ T5630] veth1_vlan: entered promiscuous mode [ 95.270333][ T5640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.277921][ T5635] Bluetooth: hci3: command tx timeout [ 95.319501][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.358189][ T5637] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.368685][ T5630] veth0_macvtap: entered promiscuous mode [ 95.377876][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.406985][ T5630] veth1_macvtap: entered promiscuous mode [ 95.422318][ T1110] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.432264][ T1110] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.451386][ T1110] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.460755][ T1110] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.493839][ T5630] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.534131][ T5630] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.558312][ T5640] veth0_vlan: entered promiscuous mode [ 95.598531][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.609869][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.640345][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.650148][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.680135][ T5637] veth0_vlan: entered promiscuous mode [ 95.700499][ T5640] veth1_vlan: entered promiscuous mode [ 95.724969][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.736131][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.800699][ T5637] veth1_vlan: entered promiscuous mode [ 95.837879][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.849563][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.912226][ T5640] veth0_macvtap: entered promiscuous mode [ 95.929704][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.942725][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.954973][ T5640] veth1_macvtap: entered promiscuous mode [ 95.985766][ T5634] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 96.008336][ T5637] veth0_macvtap: entered promiscuous mode [ 96.055943][ T5637] veth1_macvtap: entered promiscuous mode [ 96.071131][ T5640] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.090807][ T1169] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.109639][ T1169] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.120721][ T5640] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.158722][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.174314][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.196892][ T5637] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.212528][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.223557][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.255018][ T5637] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.296796][ T1169] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.350326][ T1169] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.365874][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.407377][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.509763][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.547186][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.651609][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.690685][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.745573][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.769945][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.860000][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.888555][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.079635][ T5789] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 97.193781][ T5635] Bluetooth: hci0: command tx timeout [ 97.277698][ T5635] Bluetooth: hci2: command tx timeout [ 97.277714][ T50] Bluetooth: hci1: command tx timeout [ 97.315365][ T5794] futex_wake_op: syz.1.2 tries to shift op by -2048; fix this program [ 97.365183][ T50] Bluetooth: hci3: command tx timeout [ 97.897104][ T5809] netlink: 'syz.1.9': attribute type 1 has an invalid length. [ 98.042419][ T5812] Zero length message leads to an empty skb [ 98.156516][ T5813] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9'. [ 99.518413][ T5833] FAULT_INJECTION: forcing a failure. [ 99.518413][ T5833] name failslab, interval 1, probability 0, space 0, times 1 [ 99.542396][ T5833] CPU: 0 UID: 0 PID: 5833 Comm: syz.2.13 Not tainted syzkaller #0 PREEMPT(full) [ 99.542435][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 99.542461][ T5833] Call Trace: [ 99.542471][ T5833] [ 99.542482][ T5833] dump_stack_lvl+0x100/0x190 [ 99.542546][ T5833] should_fail_ex.cold+0x5/0xa [ 99.542584][ T5833] ? tomoyo_realpath_from_path+0xb6/0x690 [ 99.542630][ T5833] should_failslab+0xc2/0x120 [ 99.542668][ T5833] __kmalloc_noprof+0xe0/0x850 [ 99.542717][ T5833] ? kfree+0x1dd/0x6c0 [ 99.542767][ T5833] tomoyo_realpath_from_path+0xb6/0x690 [ 99.542820][ T5833] tomoyo_mount_acl+0x1b6/0x8b0 [ 99.542859][ T5833] ? is_bpf_text_address+0x8a/0x1a0 [ 99.542904][ T5833] ? bpf_ksym_find+0x124/0x1c0 [ 99.542936][ T5833] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 99.542981][ T5833] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 99.543018][ T5833] ? kernel_text_address+0x8d/0x100 [ 99.543051][ T5833] ? unwind_get_return_address+0x59/0xa0 [ 99.543129][ T5833] ? tomoyo_domain+0xb2/0x150 [ 99.543155][ T5833] ? tomoyo_profile+0x47/0x60 [ 99.543215][ T5833] tomoyo_mount_permission+0x214/0x460 [ 99.543256][ T5833] ? tomoyo_mount_permission+0x1f6/0x460 [ 99.543301][ T5833] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 99.543387][ T5833] security_sb_mount+0xdd/0x270 [ 99.543425][ T5833] path_mount+0x158/0x23d0 [ 99.543479][ T5833] ? __pfx_path_mount+0x10/0x10 [ 99.543519][ T5833] ? lockdep_hardirqs_on+0x78/0x100 [ 99.543570][ T5833] ? putname+0xb1/0x110 [ 99.543610][ T5833] ? kmem_cache_free+0x127/0x6c0 [ 99.543672][ T5833] ? __x64_sys_mount+0x293/0x310 [ 99.543727][ T5833] __x64_sys_mount+0x293/0x310 [ 99.543773][ T5833] ? __pfx___x64_sys_mount+0x10/0x10 [ 99.543821][ T5833] ? rcu_is_watching+0x12/0xc0 [ 99.543861][ T5833] do_syscall_64+0x115/0x840 [ 99.543904][ T5833] ? clear_bhb_loop+0x40/0x90 [ 99.543942][ T5833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.543974][ T5833] RIP: 0033:0x7f9dbb99ce59 [ 99.543999][ T5833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 99.544028][ T5833] RSP: 002b:00007f9dbc868028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 99.544057][ T5833] RAX: ffffffffffffffda RBX: 00007f9dbbc15fa0 RCX: 00007f9dbb99ce59 [ 99.544076][ T5833] RDX: 00002000000001c0 RSI: 0000200000000180 RDI: 0000000000000000 [ 99.544095][ T5833] RBP: 00007f9dbc868090 R08: 0000000000000000 R09: 0000000000000000 [ 99.544132][ T5833] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 99.544163][ T5833] R13: 00007f9dbbc16038 R14: 00007f9dbbc15fa0 R15: 00007ffff652ee28 [ 99.544210][ T5833] [ 99.923617][ T5833] ERROR: Out of memory at tomoyo_realpath_from_path. [ 100.711129][ T5848] FAULT_INJECTION: forcing a failure. [ 100.711129][ T5848] name failslab, interval 1, probability 0, space 0, times 0 [ 100.744301][ T5848] CPU: 1 UID: 0 PID: 5848 Comm: syz.1.16 Not tainted syzkaller #0 PREEMPT(full) [ 100.744346][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 100.744367][ T5848] Call Trace: [ 100.744377][ T5848] [ 100.744406][ T5848] dump_stack_lvl+0x100/0x190 [ 100.744473][ T5848] should_fail_ex.cold+0x5/0xa [ 100.744516][ T5848] should_failslab+0xc2/0x120 [ 100.744567][ T5848] __kmalloc_cache_noprof+0x7a/0x6f0 [ 100.744618][ T5848] ? copy_mount_options+0x55/0x190 [ 100.744682][ T5848] copy_mount_options+0x55/0x190 [ 100.744753][ T5848] __x64_sys_mount+0x1ab/0x310 [ 100.744801][ T5848] ? __pfx___x64_sys_mount+0x10/0x10 [ 100.744852][ T5848] ? rcu_is_watching+0x12/0xc0 [ 100.744895][ T5848] do_syscall_64+0x115/0x840 [ 100.744976][ T5848] ? clear_bhb_loop+0x40/0x90 [ 100.745019][ T5848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.745054][ T5848] RIP: 0033:0x7f48ad39ce59 [ 100.745083][ T5848] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 100.745117][ T5848] RSP: 002b:00007f48ae2e7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 100.745150][ T5848] RAX: ffffffffffffffda RBX: 00007f48ad616090 RCX: 00007f48ad39ce59 [ 100.745171][ T5848] RDX: 0000200000000140 RSI: 0000000000000000 RDI: 0000200000000080 [ 100.745193][ T5848] RBP: 00007f48ad432d6f R08: 00002000000002c0 R09: 0000000000000000 [ 100.745215][ T5848] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 100.745235][ T5848] R13: 00007f48ad616128 R14: 00007f48ad616090 R15: 00007fff93d5d878 [ 100.745282][ T5848] [ 101.221687][ T5859] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 101.481215][ T5862] bridge0: port 3(ipvlan0) entered blocking state [ 101.513818][ T5862] bridge0: port 3(ipvlan0) entered disabled state [ 101.546768][ T5862] ipvlan0: entered allmulticast mode [ 101.566709][ T5862] veth0_vlan: entered allmulticast mode [ 101.650801][ T5862] ipvlan0: left allmulticast mode [ 101.664349][ T5862] veth0_vlan: left allmulticast mode [ 103.872558][ T5905] syz.2.23 (5905) used greatest stack depth: 18344 bytes left [ 105.475993][ T5956] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 105.502519][ T5957] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 106.826566][ T5991] random: crng reseeded on system resumption [ 107.011336][ T5983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.37'. [ 107.588133][ T6009] process 'syz.3.42' launched './file0' with NULL argv: empty string added [ 108.818389][ T6036] netlink: 28 bytes leftover after parsing attributes in process `syz.0.48'. [ 108.880337][ T6036] macsec0: entered promiscuous mode [ 108.886756][ T6038] FAULT_INJECTION: forcing a failure. [ 108.886756][ T6038] name failslab, interval 1, probability 0, space 0, times 0 [ 108.906904][ T6036] macsec0: entered allmulticast mode [ 108.912431][ T6038] CPU: 0 UID: 0 PID: 6038 Comm: syz.2.49 Tainted: G L syzkaller #0 PREEMPT(full) [ 108.912480][ T6038] Tainted: [L]=SOFTLOCKUP [ 108.912492][ T6038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 108.912511][ T6038] Call Trace: [ 108.912521][ T6038] [ 108.912533][ T6038] dump_stack_lvl+0x100/0x190 [ 108.912597][ T6038] should_fail_ex.cold+0x5/0xa [ 108.912639][ T6038] should_failslab+0xc2/0x120 [ 108.912679][ T6038] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 108.912732][ T6038] ? alloc_inode+0x183/0x250 [ 108.912783][ T6038] ? do_raw_spin_lock+0x128/0x260 [ 108.912825][ T6038] alloc_inode+0x183/0x250 [ 108.912879][ T6038] alloc_anon_inode+0x2a/0x3e0 [ 108.912927][ T6038] anon_inode_make_secure_inode+0x2f/0x140 [ 108.912981][ T6038] __anon_inode_getfile+0x1cf/0x280 [ 108.913035][ T6038] new_userfaultfd+0x255/0x400 [ 108.913074][ T6038] __x64_sys_userfaultfd+0x4b/0xb0 [ 108.913116][ T6038] do_syscall_64+0x115/0x840 [ 108.913161][ T6038] ? clear_bhb_loop+0x40/0x90 [ 108.913201][ T6038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.913233][ T6038] RIP: 0033:0x7f9dbb99ce59 [ 108.913258][ T6038] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 108.913290][ T6038] RSP: 002b:00007f9dbc868028 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 108.913327][ T6038] RAX: ffffffffffffffda RBX: 00007f9dbbc15fa0 RCX: 00007f9dbb99ce59 [ 108.913346][ T6038] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 108.913363][ T6038] RBP: 00007f9dbba32d6f R08: 0000000000000000 R09: 0000000000000000 [ 108.913380][ T6038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 108.913396][ T6038] R13: 00007f9dbbc16038 R14: 00007f9dbbc15fa0 R15: 00007ffff652ee28 [ 108.913434][ T6038] [ 108.943460][ T6036] veth1_macvtap: entered allmulticast mode [ 110.684509][ T29] audit: type=1804 audit(1780964254.166:2): pid=6061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.53" name="/newroot/14/file0" dev="tmpfs" ino=91 res=1 errno=0 [ 110.847407][ T6068] syz.1.55 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 110.955095][ T6073] capability: warning: `syz.1.55' uses deprecated v2 capabilities in a way that may be insecure [ 111.105669][ T6073] netlink: 'syz.1.55': attribute type 1 has an invalid length. [ 111.323283][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 111.843279][ T6082] FAULT_INJECTION: forcing a failure. [ 111.843279][ T6082] name failslab, interval 1, probability 0, space 0, times 0 [ 111.896648][ T6082] CPU: 1 UID: 0 PID: 6082 Comm: syz.1.58 Tainted: G L syzkaller #0 PREEMPT(full) [ 111.896703][ T6082] Tainted: [L]=SOFTLOCKUP [ 111.896714][ T6082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 111.896732][ T6082] Call Trace: [ 111.896742][ T6082] [ 111.896753][ T6082] dump_stack_lvl+0x100/0x190 [ 111.896812][ T6082] should_fail_ex.cold+0x5/0xa [ 111.896855][ T6082] should_failslab+0xc2/0x120 [ 111.896894][ T6082] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 111.896945][ T6082] ? security_inode_alloc+0x3b/0x2c0 [ 111.896981][ T6082] ? lockdep_init_map_type+0x5c/0x250 [ 111.897039][ T6082] security_inode_alloc+0x3b/0x2c0 [ 111.897076][ T6082] inode_init_always_gfp+0xc77/0xfb0 [ 111.897121][ T6082] alloc_inode+0x8e/0x250 [ 111.897171][ T6082] sock_alloc+0x44/0x280 [ 111.897205][ T6082] ? security_socket_create+0x7f/0x250 [ 111.897240][ T6082] __sock_create+0xc2/0x860 [ 111.897292][ T6082] __sys_socket+0x14d/0x260 [ 111.897333][ T6082] ? exc_page_fault+0x6f/0xd0 [ 111.897378][ T6082] ? __pfx___sys_socket+0x10/0x10 [ 111.897434][ T6082] __x64_sys_socket+0x72/0xb0 [ 111.897477][ T6082] ? lockdep_hardirqs_on+0x78/0x100 [ 111.897531][ T6082] do_syscall_64+0x115/0x840 [ 111.897576][ T6082] ? clear_bhb_loop+0x40/0x90 [ 111.897616][ T6082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.897649][ T6082] RIP: 0033:0x7f48ad39e6c7 [ 111.897674][ T6082] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.897704][ T6082] RSP: 002b:00007f48ae306f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 111.897735][ T6082] RAX: ffffffffffffffda RBX: 00007f48ad615fa0 RCX: 00007f48ad39e6c7 [ 111.897756][ T6082] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 111.897774][ T6082] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 111.897793][ T6082] R10: 0000200000000000 R11: 0000000000000286 R12: 0000000000000000 [ 111.897811][ T6082] R13: 00007f48ad616038 R14: 00007f48ad615fa0 R15: 00007fff93d5d878 [ 111.897864][ T6082] [ 111.898102][ T6082] socket: no more sockets [ 112.433632][ T29] audit: type=1806 audit(1780964255.916:3): xattr="" res=-22 [ 113.211985][ T6103] Invalid ELF header magic: != ELF [ 115.846012][ T29] audit: type=1806 audit(1780964259.336:4): xattr="" res=-22 [ 117.309103][ T29] audit: type=1800 audit(1780964260.796:5): pid=6165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.75" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 120.078247][ T6244] zram: Added device: zram1 [ 120.783731][ T6236] netlink: 12 bytes leftover after parsing attributes in process `syz.1.89'. [ 121.249370][ T6262] netlink: 'syz.1.94': attribute type 11 has an invalid length. [ 121.977863][ T6278] openvswitch: netlink: Message has 4 unknown bytes. [ 122.780872][ T6290] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 122.811397][ T6290] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 122.903431][ T6290] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 122.931925][ T6290] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 122.944137][ T6290] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 123.003112][ T6290] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 123.069208][ T6290] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 123.089221][ T6290] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 123.140268][ T6290] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 123.167676][ T6307] [U] 0 [ 123.191462][ T6290] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 123.211939][ T6301] [U] ‘QUIÚ [ 123.227550][ T6290] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 123.355184][ T6290] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.393309][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 124.444572][ T29] audit: type=1806 audit(1780964267.936:6): xattr="" res=-22 [ 124.858679][ T6344] FAULT_INJECTION: forcing a failure. [ 124.858679][ T6344] name failslab, interval 1, probability 0, space 0, times 0 [ 124.894156][ T6344] CPU: 1 UID: 0 PID: 6344 Comm: syz.2.114 Tainted: G L syzkaller #0 PREEMPT(full) [ 124.894209][ T6344] Tainted: [L]=SOFTLOCKUP [ 124.894222][ T6344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 124.894241][ T6344] Call Trace: [ 124.894261][ T6344] [ 124.894274][ T6344] dump_stack_lvl+0x100/0x190 [ 124.894352][ T6344] should_fail_ex.cold+0x5/0xa [ 124.894394][ T6344] should_failslab+0xc2/0x120 [ 124.894440][ T6344] __kmalloc_node_noprof+0xe6/0x850 [ 124.894496][ T6344] ? alloc_slab_obj_exts+0xae/0x270 [ 124.894553][ T6344] alloc_slab_obj_exts+0xae/0x270 [ 124.894606][ T6344] __memcg_slab_post_alloc_hook+0x3c2/0xff0 [ 124.894664][ T6344] ? kasan_save_track+0x14/0x30 [ 124.894702][ T6344] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 124.894775][ T6344] ? alloc_inode+0x183/0x250 [ 124.894830][ T6344] ? do_raw_spin_lock+0x128/0x260 [ 124.894874][ T6344] alloc_inode+0x183/0x250 [ 124.894928][ T6344] alloc_anon_inode+0x2a/0x3e0 [ 124.894978][ T6344] anon_inode_make_secure_inode+0x2f/0x140 [ 124.895036][ T6344] __anon_inode_getfile+0x1cf/0x280 [ 124.895092][ T6344] new_userfaultfd+0x255/0x400 [ 124.895134][ T6344] __x64_sys_userfaultfd+0x4b/0xb0 [ 124.895179][ T6344] do_syscall_64+0x115/0x840 [ 124.895227][ T6344] ? clear_bhb_loop+0x40/0x90 [ 124.895280][ T6344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.895316][ T6344] RIP: 0033:0x7f9dbb99ce59 [ 124.895352][ T6344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 124.895385][ T6344] RSP: 002b:00007f9dbc868028 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 124.895423][ T6344] RAX: ffffffffffffffda RBX: 00007f9dbbc15fa0 RCX: 00007f9dbb99ce59 [ 124.895446][ T6344] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 124.895466][ T6344] RBP: 00007f9dbba32d6f R08: 0000000000000000 R09: 0000000000000000 [ 124.895485][ T6344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.895505][ T6344] R13: 00007f9dbbc16038 R14: 00007f9dbbc15fa0 R15: 00007ffff652ee28 [ 124.895547][ T6344] [ 125.341608][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 125.350850][ T5635] Bluetooth: hci2: command 0x0c1a tx timeout [ 125.351006][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 125.976977][ T6358] kAFS: No cell specified [ 126.212366][ T6362] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 126.526554][ T6354] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 126.533351][ T6354] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 126.542801][ T6354] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 126.550851][ T6354] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 126.820622][ T29] audit: type=1806 audit(1780964270.306:7): xattr="" res=-22 [ 127.706717][ T6403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.126'. [ 127.782418][ T6397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.125'. [ 127.913492][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 128.405566][ T6411] hub 1-0:1.0: USB hub found [ 128.414923][ T6411] hub 1-0:1.0: 1 port detected [ 128.553633][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 128.553640][ T5631] Bluetooth: hci2: command 0x0c1a tx timeout [ 128.553682][ T5631] Bluetooth: hci1: command 0x0c1a tx timeout [ 129.000265][ T5631] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 129.521333][ T29] audit: type=1806 audit(1780964273.006:8): xattr="" res=-22 [ 129.827646][ T6439] syz.2.134 uses obsolete (PF_INET,SOCK_PACKET) [ 129.995803][ T5631] Bluetooth: hci0: command 0x0c1a tx timeout [ 130.633101][ T5631] Bluetooth: hci3: command 0x0c1a tx timeout [ 130.639262][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 130.646033][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 132.120096][ T6486] binder: 6479:6486 ioctl 4606 0 returned -22 [ 132.723267][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 132.804267][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.813997][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.191954][ T6502] netlink: 28 bytes leftover after parsing attributes in process `syz.0.144'. [ 133.290706][ T6502] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 133.317036][ T6502] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 133.385259][ T6502] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 133.409599][ T6502] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 134.793235][ T5638] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.520557][ T6537] kafs: addr_prefs: Invalid Command [ 135.804186][ T6515] kexec: Could not allocate control_code_buffer [ 135.991438][ T6544] FAULT_INJECTION: forcing a failure. [ 135.991438][ T6544] name failslab, interval 1, probability 0, space 0, times 0 [ 136.005107][ T6544] CPU: 0 UID: 0 PID: 6544 Comm: syz.1.154 Tainted: G L syzkaller #0 PREEMPT(full) [ 136.005155][ T6544] Tainted: [L]=SOFTLOCKUP [ 136.005167][ T6544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 136.005186][ T6544] Call Trace: [ 136.005196][ T6544] [ 136.005208][ T6544] dump_stack_lvl+0x100/0x190 [ 136.005272][ T6544] should_fail_ex.cold+0x5/0xa [ 136.005314][ T6544] should_failslab+0xc2/0x120 [ 136.005354][ T6544] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 136.005409][ T6544] ? security_file_alloc+0x34/0x2c0 [ 136.005452][ T6544] ? trace_kmem_cache_alloc+0xd5/0x100 [ 136.005500][ T6544] security_file_alloc+0x34/0x2c0 [ 136.005546][ T6544] init_file+0x95/0x480 [ 136.005604][ T6544] alloc_empty_file+0x79/0x1c0 [ 136.005658][ T6544] alloc_file_pseudo+0x13a/0x230 [ 136.005710][ T6544] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 136.005760][ T6544] ? security_inode_init_security_anon+0x7b/0x230 [ 136.005824][ T6544] __anon_inode_getfile+0xe8/0x280 [ 136.005879][ T6544] new_userfaultfd+0x255/0x400 [ 136.005916][ T6544] __x64_sys_userfaultfd+0x4b/0xb0 [ 136.005957][ T6544] do_syscall_64+0x115/0x840 [ 136.006000][ T6544] ? clear_bhb_loop+0x40/0x90 [ 136.006034][ T6544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.006062][ T6544] RIP: 0033:0x7f48ad39ce59 [ 136.006084][ T6544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 136.006110][ T6544] RSP: 002b:00007f48ae308028 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 136.006137][ T6544] RAX: ffffffffffffffda RBX: 00007f48ad615fa0 RCX: 00007f48ad39ce59 [ 136.006157][ T6544] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 136.006173][ T6544] RBP: 00007f48ad432d6f R08: 0000000000000000 R09: 0000000000000000 [ 136.006189][ T6544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.006204][ T6544] R13: 00007f48ad616038 R14: 00007f48ad615fa0 R15: 00007fff93d5d878 [ 136.006238][ T6544] [ 136.534930][ T6554] netlink: 354 bytes leftover after parsing attributes in process `syz.1.156'. [ 136.617349][ T6526] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 137.443878][ T6575] FAULT_INJECTION: forcing a failure. [ 137.443878][ T6575] name failslab, interval 1, probability 0, space 0, times 0 [ 137.476749][ T6575] CPU: 1 UID: 0 PID: 6575 Comm: syz.0.159 Tainted: G L syzkaller #0 PREEMPT(full) [ 137.476798][ T6575] Tainted: [L]=SOFTLOCKUP [ 137.476808][ T6575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 137.476826][ T6575] Call Trace: [ 137.476837][ T6575] [ 137.476848][ T6575] dump_stack_lvl+0x100/0x190 [ 137.476909][ T6575] should_fail_ex.cold+0x5/0xa [ 137.476953][ T6575] ? tomoyo_encode2+0xfb/0x3c0 [ 137.476998][ T6575] should_failslab+0xc2/0x120 [ 137.477036][ T6575] __kmalloc_noprof+0xe0/0x850 [ 137.477086][ T6575] ? d_absolute_path+0x136/0x1b0 [ 137.477124][ T6575] tomoyo_encode2+0xfb/0x3c0 [ 137.477184][ T6575] tomoyo_encode+0x29/0x50 [ 137.477228][ T6575] tomoyo_realpath_from_path+0x18c/0x690 [ 137.477278][ T6575] tomoyo_path_number_perm+0x23c/0x580 [ 137.477310][ T6575] ? tomoyo_path_number_perm+0x22e/0x580 [ 137.477345][ T6575] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 137.477378][ T6575] ? futex_wait+0x11e/0x370 [ 137.477442][ T6575] ? find_held_lock+0x2b/0x80 [ 137.477475][ T6575] ? __fget_files+0x215/0x3d0 [ 137.477506][ T6575] ? hook_file_ioctl_common+0x149/0x410 [ 137.477540][ T6575] ? __fget_files+0x215/0x3d0 [ 137.477576][ T6575] ? __fget_files+0x21f/0x3d0 [ 137.477613][ T6575] security_file_ioctl+0xd3/0x230 [ 137.477648][ T6575] __x64_sys_ioctl+0xb7/0x210 [ 137.477678][ T6575] do_syscall_64+0x115/0x840 [ 137.477715][ T6575] ? clear_bhb_loop+0x40/0x90 [ 137.477748][ T6575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.477775][ T6575] RIP: 0033:0x7fc82159ce59 [ 137.477796][ T6575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 137.477821][ T6575] RSP: 002b:00007fc8223db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 137.477846][ T6575] RAX: ffffffffffffffda RBX: 00007fc821816090 RCX: 00007fc82159ce59 [ 137.477863][ T6575] RDX: 0000200000001040 RSI: 00000000c0185500 RDI: 0000000000000009 [ 137.477880][ T6575] RBP: 00007fc821632d6f R08: 0000000000000000 R09: 0000000000000000 [ 137.477895][ T6575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.477911][ T6575] R13: 00007fc821816128 R14: 00007fc821816090 R15: 00007ffd7960f528 [ 137.477956][ T6575] [ 137.477995][ T6575] ERROR: Out of memory at tomoyo_realpath_from_path. [ 138.011140][ T6583] kAFS: No cell specified [ 138.339066][ T6590] netlink: 342 bytes leftover after parsing attributes in process `syz.2.163'. [ 138.515267][ T6586] netlink: 12 bytes leftover after parsing attributes in process `syz.0.162'. [ 138.554836][ T6594] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 138.619228][ T6594] kAFS: No cell specified [ 139.207127][ T6608] zswap: compressor not available [ 139.521262][ T6617] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[6618] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[6617] [ 139.549625][ T6617] netlink: 12 bytes leftover after parsing attributes in process `syz.2.169'. [ 139.606702][ T29] audit: type=1806 audit(1780964283.096:9): xattr="" res=-22 [ 143.227512][ T6694] Process accounting resumed [ 143.601342][ T6720] random: crng reseeded on system resumption [ 144.487558][ T6739] netlink: 12 bytes leftover after parsing attributes in process `syz.3.194'. [ 144.927325][ T6733] netlink: 12 bytes leftover after parsing attributes in process `syz.1.193'. [ 145.025660][ T6747] netlink: 342 bytes leftover after parsing attributes in process `syz.2.195'. [ 145.485640][ T6751] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.311841][ T29] audit: type=1806 audit(1780964289.796:10): xattr="" res=-22 [ 146.948939][ T6761] FAULT_INJECTION: forcing a failure. [ 146.948939][ T6761] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 146.979499][ T6761] CPU: 0 UID: 0 PID: 6761 Comm: syz.3.199 Tainted: G L syzkaller #0 PREEMPT(full) [ 146.979548][ T6761] Tainted: [L]=SOFTLOCKUP [ 146.979559][ T6761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 146.979578][ T6761] Call Trace: [ 146.979588][ T6761] [ 146.979600][ T6761] dump_stack_lvl+0x100/0x190 [ 146.979661][ T6761] should_fail_ex.cold+0x5/0xa [ 146.979695][ T6761] ? prepare_alloc_pages+0x16d/0x5f0 [ 146.979742][ T6761] should_fail_alloc_page+0xeb/0x140 [ 146.979784][ T6761] prepare_alloc_pages+0x1f0/0x5f0 [ 146.979832][ T6761] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 146.979889][ T6761] ? __pfx_stack_trace_save+0x10/0x10 [ 146.979934][ T6761] ? stack_depot_save_flags+0x27/0x9d0 [ 146.979986][ T6761] ? kasan_save_stack+0x3f/0x50 [ 146.980018][ T6761] ? kasan_save_stack+0x30/0x50 [ 146.980048][ T6761] ? kasan_save_track+0x14/0x30 [ 146.980084][ T6761] ? kasan_save_stack+0x3f/0x50 [ 146.980120][ T6761] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 146.980176][ T6761] ? __lock_acquire+0x4a5/0x2630 [ 146.980227][ T6761] ? __x64_sys_mmap+0x125/0x190 [ 146.980258][ T6761] ? do_syscall_64+0x115/0x840 [ 146.980313][ T6761] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.980353][ T6761] ? __lock_acquire+0x4a5/0x2630 [ 146.980398][ T6761] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 146.980437][ T6761] ? policy_nodemask+0xed/0x4f0 [ 146.980469][ T6761] alloc_pages_mpol+0x1fb/0x540 [ 146.980502][ T6761] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 146.980538][ T6761] ? __anon_vma_prepare+0x2db/0x5e0 [ 146.980580][ T6761] ? __anon_vma_prepare+0x2db/0x5e0 [ 146.980626][ T6761] folio_alloc_mpol_noprof+0x36/0x260 [ 146.980668][ T6761] vma_alloc_folio_noprof+0xed/0x1d0 [ 146.980705][ T6761] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 146.980741][ T6761] ? __anon_vma_prepare+0x2e2/0x5e0 [ 146.980828][ T6761] do_anonymous_page+0xb46/0x2050 [ 146.980876][ T6761] ? __pfx_pgd_none+0x10/0x10 [ 146.980929][ T6761] __handle_mm_fault+0x1d2c/0x2a00 [ 146.980984][ T6761] ? mt_find+0x45e/0x8e0 [ 146.981032][ T6761] ? __pfx___handle_mm_fault+0x10/0x10 [ 146.981073][ T6761] ? __pfx_mt_find+0x10/0x10 [ 146.981144][ T6761] handle_mm_fault+0x37b/0xa30 [ 146.981198][ T6761] __get_user_pages+0x1178/0x32a0 [ 146.981255][ T6761] ? __pfx___get_user_pages+0x10/0x10 [ 146.981319][ T6761] populate_vma_page_range+0x267/0x3f0 [ 146.981367][ T6761] ? __pfx_populate_vma_page_range+0x10/0x10 [ 146.981409][ T6761] ? __pfx_find_vma_intersection+0x10/0x10 [ 146.981450][ T6761] ? do_mmap+0x93f/0x12f0 [ 146.981495][ T6761] __mm_populate+0x107/0x3a0 [ 146.981543][ T6761] ? __pfx___mm_populate+0x10/0x10 [ 146.981592][ T6761] ? up_write+0x28c/0x4f0 [ 146.981632][ T6761] vm_mmap_pgoff+0x37f/0x470 [ 146.981682][ T6761] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 146.981729][ T6761] ? do_futex+0x192/0x350 [ 146.981766][ T6761] ? __pfx_do_futex+0x10/0x10 [ 146.981809][ T6761] ksys_mmap_pgoff+0xe4/0x610 [ 146.981852][ T6761] ? __x64_sys_futex+0x358/0x4d0 [ 146.981888][ T6761] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 146.981930][ T6761] ? xfd_validate_state+0x129/0x190 [ 146.981961][ T6761] ? ksys_write+0x1ac/0x250 [ 146.982009][ T6761] __x64_sys_mmap+0x125/0x190 [ 146.982062][ T6761] do_syscall_64+0x115/0x840 [ 146.982107][ T6761] ? clear_bhb_loop+0x40/0x90 [ 146.982148][ T6761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.982182][ T6761] RIP: 0033:0x7fa72239ce59 [ 146.982207][ T6761] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 146.982239][ T6761] RSP: 002b:00007fa7232ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 146.982296][ T6761] RAX: ffffffffffffffda RBX: 00007fa722615fa0 RCX: 00007fa72239ce59 [ 146.982319][ T6761] RDX: 00000000000000df RSI: 000000000000007f RDI: 0000000000000000 [ 146.982339][ T6761] RBP: 00007fa722432d6f R08: 0000000000000002 R09: 0000000000008000 [ 146.982360][ T6761] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 146.982380][ T6761] R13: 00007fa722616038 R14: 00007fa722615fa0 R15: 00007ffcb6279a48 [ 146.982425][ T6761] [ 147.495917][ T6781] FAULT_INJECTION: forcing a failure. [ 147.495917][ T6781] name failslab, interval 1, probability 0, space 0, times 0 [ 147.528986][ T6781] CPU: 0 UID: 0 PID: 6781 Comm: syz.0.201 Tainted: G L syzkaller #0 PREEMPT(full) [ 147.529033][ T6781] Tainted: [L]=SOFTLOCKUP [ 147.529044][ T6781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 147.529062][ T6781] Call Trace: [ 147.529072][ T6781] [ 147.529083][ T6781] dump_stack_lvl+0x100/0x190 [ 147.529134][ T6781] should_fail_ex.cold+0x5/0xa [ 147.529168][ T6781] should_failslab+0xc2/0x120 [ 147.529201][ T6781] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 147.529268][ T6781] ? __proc_create+0x2cb/0x8c0 [ 147.529310][ T6781] __proc_create+0x2cb/0x8c0 [ 147.529346][ T6781] ? __pfx___proc_create+0x10/0x10 [ 147.529386][ T6781] ? _raw_write_unlock+0x28/0x50 [ 147.529422][ T6781] ? proc_register+0x559/0x8a0 [ 147.529472][ T6781] proc_create_reg+0x75/0x170 [ 147.529520][ T6781] proc_create_seq_private+0x8e/0x180 [ 147.529565][ T6781] ? __pfx_proc_create_seq_private+0x10/0x10 [ 147.529612][ T6781] ? __pfx_proc_create_net_data+0x10/0x10 [ 147.529653][ T6781] ? __pfx_uevent_net_rcv+0x10/0x10 [ 147.529691][ T6781] ? __pfx_dev_proc_net_init+0x10/0x10 [ 147.529725][ T6781] dev_proc_net_init+0xac/0x230 [ 147.529758][ T6781] ops_init+0x1e2/0x5f0 [ 147.529797][ T6781] setup_net+0x118/0x3a0 [ 147.529832][ T6781] ? __pfx_setup_net+0x10/0x10 [ 147.529866][ T6781] ? mutex_init_lockdep+0xf1/0x120 [ 147.529906][ T6781] copy_net_ns+0x46f/0x7c0 [ 147.529947][ T6781] create_new_namespaces+0x3ea/0xac0 [ 147.529998][ T6781] unshare_nsproxy_namespaces+0xf2/0x220 [ 147.530044][ T6781] ksys_unshare+0x438/0xab0 [ 147.530094][ T6781] ? __pfx_ksys_unshare+0x10/0x10 [ 147.530137][ T6781] ? xfd_validate_state+0x129/0x190 [ 147.530184][ T6781] __x64_sys_unshare+0x31/0x40 [ 147.530229][ T6781] do_syscall_64+0x115/0x840 [ 147.530273][ T6781] ? clear_bhb_loop+0x40/0x90 [ 147.530312][ T6781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.530344][ T6781] RIP: 0033:0x7fc82159ce59 [ 147.530370][ T6781] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 147.530400][ T6781] RSP: 002b:00007fc8223db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 147.530431][ T6781] RAX: ffffffffffffffda RBX: 00007fc821816090 RCX: 00007fc82159ce59 [ 147.530452][ T6781] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 147.530481][ T6781] RBP: 00007fc821632d6f R08: 0000000000000000 R09: 0000000000000000 [ 147.530500][ T6781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.530518][ T6781] R13: 00007fc821816128 R14: 00007fc821816090 R15: 00007ffd7960f528 [ 147.530559][ T6781] [ 148.978896][ T6796] netlink: 338 bytes leftover after parsing attributes in process `syz.2.204'. [ 149.201529][ T6798] netlink: 8 bytes leftover after parsing attributes in process `syz.3.205'. [ 149.640439][ T6812] netlink: 12 bytes leftover after parsing attributes in process `syz.1.208'. [ 151.451741][ T6848] futex_wake_op: syz.0.215 tries to shift op by -2048; fix this program [ 151.791269][ T6856] netlink: 'syz.2.216': attribute type 2 has an invalid length. [ 152.275109][ T6862] openvswitch: netlink: Duplicate key (type 15). [ 152.326762][ T6864] FAULT_INJECTION: forcing a failure. [ 152.326762][ T6864] name failslab, interval 1, probability 0, space 0, times 0 [ 152.356230][ T6864] CPU: 0 UID: 0 PID: 6864 Comm: syz.3.219 Tainted: G L syzkaller #0 PREEMPT(full) [ 152.356274][ T6864] Tainted: [L]=SOFTLOCKUP [ 152.356284][ T6864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 152.356301][ T6864] Call Trace: [ 152.356310][ T6864] [ 152.356320][ T6864] dump_stack_lvl+0x100/0x190 [ 152.356376][ T6864] should_fail_ex.cold+0x5/0xa [ 152.356413][ T6864] should_failslab+0xc2/0x120 [ 152.356466][ T6864] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 152.356516][ T6864] ? security_file_alloc+0x34/0x2c0 [ 152.356559][ T6864] ? trace_kmem_cache_alloc+0xd5/0x100 [ 152.356604][ T6864] security_file_alloc+0x34/0x2c0 [ 152.356647][ T6864] init_file+0x95/0x480 [ 152.356699][ T6864] alloc_empty_file+0x79/0x1c0 [ 152.356748][ T6864] alloc_file_pseudo+0x13a/0x230 [ 152.356819][ T6864] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 152.356869][ T6864] ? alloc_fd+0x476/0x790 [ 152.356916][ T6864] sock_alloc_file+0x50/0x210 [ 152.356955][ T6864] __sys_socket+0x1c0/0x260 [ 152.357007][ T6864] ? __pfx___sys_socket+0x10/0x10 [ 152.357067][ T6864] __x64_sys_socket+0x72/0xb0 [ 152.357111][ T6864] ? lockdep_hardirqs_on+0x78/0x100 [ 152.357156][ T6864] do_syscall_64+0x115/0x840 [ 152.357200][ T6864] ? clear_bhb_loop+0x40/0x90 [ 152.357239][ T6864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.357272][ T6864] RIP: 0033:0x7fa72239ce59 [ 152.357299][ T6864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 152.357330][ T6864] RSP: 002b:00007fa72328b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 152.357360][ T6864] RAX: ffffffffffffffda RBX: 00007fa722616090 RCX: 00007fa72239ce59 [ 152.357381][ T6864] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 152.357400][ T6864] RBP: 00007fa722432d6f R08: 0000000000000000 R09: 0000000000000000 [ 152.357419][ T6864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.357438][ T6864] R13: 00007fa722616128 R14: 00007fa722616090 R15: 00007ffcb6279a48 [ 152.357479][ T6864] [ 152.932414][ T6872] netlink: 16 bytes leftover after parsing attributes in process `syz.3.220'. [ 153.048254][ T6876] cifs: Unknown parameter '‰ƒ´ÕéŒ)¬ Up†µÌ¢{´¼V ]7ž62']ßΨÉú!²gÉÊ®Ë7ú9½ófM¸<*y¢sEéhîé”' [ 153.909784][ T6883] kAFS: No cell specified [ 156.045486][ T6900] HfR: entered promiscuous mode [ 156.142594][ T29] audit: type=1804 audit(1780964299.626:11): pid=6903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.227" name="/newroot/48/file0" dev="tmpfs" ino=277 res=1 errno=0 [ 159.216344][ T6951] ======================================================= [ 159.216344][ T6951] WARNING: The mand mount option has been deprecated and [ 159.216344][ T6951] and is ignored by this kernel. Remove the mand [ 159.216344][ T6951] option from the mount to silence this warning. [ 159.216344][ T6951] ======================================================= [ 161.971325][ T7005] FAULT_INJECTION: forcing a failure. [ 161.971325][ T7005] name failslab, interval 1, probability 0, space 0, times 0 [ 162.034829][ T7005] CPU: 1 UID: 0 PID: 7005 Comm: syz.2.243 Tainted: G L syzkaller #0 PREEMPT(full) [ 162.034887][ T7005] Tainted: [L]=SOFTLOCKUP [ 162.034898][ T7005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 162.034918][ T7005] Call Trace: [ 162.034929][ T7005] [ 162.034941][ T7005] dump_stack_lvl+0x100/0x190 [ 162.035013][ T7005] should_fail_ex.cold+0x5/0xa [ 162.035057][ T7005] should_failslab+0xc2/0x120 [ 162.035098][ T7005] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 162.035153][ T7005] ? alloc_empty_file+0x5b/0x1c0 [ 162.035212][ T7005] alloc_empty_file+0x5b/0x1c0 [ 162.035262][ T7005] alloc_file_pseudo+0x13a/0x230 [ 162.035316][ T7005] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 162.035369][ T7005] ? security_inode_init_security_anon+0x7b/0x230 [ 162.035420][ T7005] __anon_inode_getfile+0xe8/0x280 [ 162.035476][ T7005] new_userfaultfd+0x255/0x400 [ 162.035517][ T7005] __x64_sys_userfaultfd+0x4b/0xb0 [ 162.035561][ T7005] do_syscall_64+0x115/0x840 [ 162.035608][ T7005] ? clear_bhb_loop+0x40/0x90 [ 162.035650][ T7005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.035684][ T7005] RIP: 0033:0x7f9dbb99ce59 [ 162.035712][ T7005] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 162.035744][ T7005] RSP: 002b:00007f9dbc868028 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 162.035776][ T7005] RAX: ffffffffffffffda RBX: 00007f9dbbc15fa0 RCX: 00007f9dbb99ce59 [ 162.035797][ T7005] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 162.035817][ T7005] RBP: 00007f9dbba32d6f R08: 0000000000000000 R09: 0000000000000000 [ 162.035837][ T7005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 162.035856][ T7005] R13: 00007f9dbbc16038 R14: 00007f9dbbc15fa0 R15: 00007ffff652ee28 [ 162.035900][ T7005] [ 162.770914][ T7020] kAFS: No cell specified [ 163.263631][ T7024] FAULT_INJECTION: forcing a failure. [ 163.263631][ T7024] name failslab, interval 1, probability 0, space 0, times 0 [ 163.288453][ T7024] CPU: 1 UID: 0 PID: 7024 Comm: syz.2.248 Tainted: G L syzkaller #0 PREEMPT(full) [ 163.288504][ T7024] Tainted: [L]=SOFTLOCKUP [ 163.288519][ T7024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 163.288538][ T7024] Call Trace: [ 163.288549][ T7024] [ 163.288561][ T7024] dump_stack_lvl+0x100/0x190 [ 163.288626][ T7024] should_fail_ex.cold+0x5/0xa [ 163.288670][ T7024] should_failslab+0xc2/0x120 [ 163.288711][ T7024] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 163.288765][ T7024] ? __proc_create+0x2cb/0x8c0 [ 163.288819][ T7024] __proc_create+0x2cb/0x8c0 [ 163.288864][ T7024] ? __pfx___proc_create+0x10/0x10 [ 163.288914][ T7024] ? __lock_acquire+0x4a5/0x2630 [ 163.288972][ T7024] ? _raw_write_unlock+0x28/0x50 [ 163.289018][ T7024] ? proc_register+0x559/0x8a0 [ 163.289069][ T7024] proc_create_reg+0x75/0x170 [ 163.289120][ T7024] proc_create_data+0x86/0x110 [ 163.289168][ T7024] ? __pfx_proc_create_data+0x10/0x10 [ 163.289214][ T7024] ? net_generic+0xea/0x2a0 [ 163.289269][ T7024] gss_svc_init_net+0x2e7/0x640 [ 163.289316][ T7024] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 163.289372][ T7024] ? __pfx_rpcsec_gss_init_net+0x10/0x10 [ 163.289424][ T7024] ops_init+0x1e2/0x5f0 [ 163.289465][ T7024] setup_net+0x118/0x3a0 [ 163.289502][ T7024] ? __pfx_setup_net+0x10/0x10 [ 163.289539][ T7024] ? mutex_init_lockdep+0xf1/0x120 [ 163.289581][ T7024] copy_net_ns+0x46f/0x7c0 [ 163.289625][ T7024] create_new_namespaces+0x3ea/0xac0 [ 163.289678][ T7024] unshare_nsproxy_namespaces+0xf2/0x220 [ 163.289726][ T7024] ksys_unshare+0x438/0xab0 [ 163.289778][ T7024] ? __pfx_ksys_unshare+0x10/0x10 [ 163.289824][ T7024] ? xfd_validate_state+0x129/0x190 [ 163.289878][ T7024] __x64_sys_unshare+0x31/0x40 [ 163.289927][ T7024] do_syscall_64+0x115/0x840 [ 163.289975][ T7024] ? clear_bhb_loop+0x40/0x90 [ 163.290018][ T7024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.290053][ T7024] RIP: 0033:0x7f9dbb99ce59 [ 163.290079][ T7024] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 163.290112][ T7024] RSP: 002b:00007f9dbc868028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 163.290143][ T7024] RAX: ffffffffffffffda RBX: 00007f9dbbc15fa0 RCX: 00007f9dbb99ce59 [ 163.290165][ T7024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 163.290185][ T7024] RBP: 00007f9dbba32d6f R08: 0000000000000000 R09: 0000000000000000 [ 163.290205][ T7024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.290224][ T7024] R13: 00007f9dbbc16038 R14: 00007f9dbbc15fa0 R15: 00007ffff652ee28 [ 163.290269][ T7024] [ 163.688326][ T7032] random: crng reseeded on system resumption [ 165.146604][ T7048] netlink: 28 bytes leftover after parsing attributes in process `syz.1.253'. [ 165.717487][ T7069] kAFS: No cell specified [ 165.911324][ T7064] queue_state_write: unsupported operation '' [ 165.929901][ T7064] queue_state_write: use 'run', 'start' or 'kick' [ 166.847801][ T7071] netlink: 12 bytes leftover after parsing attributes in process `syz.2.257'. [ 167.586717][ T7080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.259'. [ 168.012745][ T7117] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5640] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[7117] [ 168.097432][ T7117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.263'. [ 168.136332][ T7117] veth0_macvtap: left promiscuous mode [ 168.156144][ T7117] macvtap0: entered promiscuous mode [ 168.174481][ T7117] macvtap0: entered allmulticast mode [ 168.614978][ T7134] FAULT_INJECTION: forcing a failure. [ 168.614978][ T7134] name fail_futex, interval 1, probability 0, space 0, times 1 [ 168.677869][ T7134] CPU: 1 UID: 0 PID: 7134 Comm: syz.0.267 Tainted: G L syzkaller #0 PREEMPT(full) [ 168.677925][ T7134] Tainted: [L]=SOFTLOCKUP [ 168.677938][ T7134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 168.677957][ T7134] Call Trace: [ 168.677968][ T7134] [ 168.677981][ T7134] dump_stack_lvl+0x100/0x190 [ 168.678047][ T7134] should_fail_ex.cold+0x5/0xa [ 168.678091][ T7134] get_futex_key+0x1d2/0x1510 [ 168.678152][ T7134] ? __pfx_get_futex_key+0x10/0x10 [ 168.678222][ T7134] futex_wait_setup+0x83/0x510 [ 168.678277][ T7134] __futex_wait+0x19f/0x300 [ 168.678323][ T7134] ? __pfx___futex_wait+0x10/0x10 [ 168.678372][ T7134] ? __pfx_futex_wake_mark+0x10/0x10 [ 168.678421][ T7134] ? futex_hash+0x2ad/0x370 [ 168.678484][ T7134] ? futex_hash+0x141/0x370 [ 168.678544][ T7134] futex_wait+0xe6/0x370 [ 168.678587][ T7134] ? __pfx_futex_wait+0x10/0x10 [ 168.678638][ T7134] ? __fget_files+0x215/0x3d0 [ 168.678688][ T7134] do_futex+0x1ef/0x350 [ 168.678723][ T7134] ? __pfx_do_futex+0x10/0x10 [ 168.678758][ T7134] ? fdget+0x18b/0x210 [ 168.678801][ T7134] ? __sys_sendmsg+0x18f/0x220 [ 168.678854][ T7134] __x64_sys_futex+0x34f/0x4d0 [ 168.678897][ T7134] ? __pfx___x64_sys_futex+0x10/0x10 [ 168.678942][ T7134] ? rcu_is_watching+0x12/0xc0 [ 168.678988][ T7134] do_syscall_64+0x115/0x840 [ 168.679036][ T7134] ? clear_bhb_loop+0x40/0x90 [ 168.679078][ T7134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.679113][ T7134] RIP: 0033:0x7fc82159ce59 [ 168.679140][ T7134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 168.679174][ T7134] RSP: 002b:00007fc8223fc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 168.679206][ T7134] RAX: ffffffffffffffda RBX: 00007fc821815fa8 RCX: 00007fc82159ce59 [ 168.679228][ T7134] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc821815fa8 [ 168.679249][ T7134] RBP: 00007fc821815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 168.679269][ T7134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.679289][ T7134] R13: 00007fc821816038 R14: 00007ffd7960f440 R15: 00007ffd7960f528 [ 168.679333][ T7134] [ 169.469723][ T7140] FAULT_INJECTION: forcing a failure. [ 169.469723][ T7140] name failslab, interval 1, probability 0, space 0, times 0 [ 169.492235][ T7140] CPU: 1 UID: 0 PID: 7140 Comm: syz.0.269 Tainted: G L syzkaller #0 PREEMPT(full) [ 169.492285][ T7140] Tainted: [L]=SOFTLOCKUP [ 169.492307][ T7140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 169.492326][ T7140] Call Trace: [ 169.492335][ T7140] [ 169.492346][ T7140] dump_stack_lvl+0x100/0x190 [ 169.492405][ T7140] should_fail_ex.cold+0x5/0xa [ 169.492444][ T7140] should_failslab+0xc2/0x120 [ 169.492481][ T7140] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 169.492532][ T7140] ? alloc_empty_file+0x5b/0x1c0 [ 169.492586][ T7140] alloc_empty_file+0x5b/0x1c0 [ 169.492633][ T7140] alloc_file_pseudo+0x13a/0x230 [ 169.492682][ T7140] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 169.492730][ T7140] ? security_inode_init_security_anon+0x7b/0x230 [ 169.492776][ T7140] __anon_inode_getfile+0xe8/0x280 [ 169.492839][ T7140] new_userfaultfd+0x255/0x400 [ 169.492876][ T7140] __x64_sys_userfaultfd+0x4b/0xb0 [ 169.492915][ T7140] do_syscall_64+0x115/0x840 [ 169.492958][ T7140] ? clear_bhb_loop+0x40/0x90 [ 169.492996][ T7140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.493027][ T7140] RIP: 0033:0x7fc82159ce59 [ 169.493051][ T7140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 169.493081][ T7140] RSP: 002b:00007fc8223fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 169.493109][ T7140] RAX: ffffffffffffffda RBX: 00007fc821815fa0 RCX: 00007fc82159ce59 [ 169.493148][ T7140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 169.493165][ T7140] RBP: 00007fc821632d6f R08: 0000000000000000 R09: 0000000000000000 [ 169.493183][ T7140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.493201][ T7140] R13: 00007fc821816038 R14: 00007fc821815fa0 R15: 00007ffd7960f528 [ 169.493253][ T7140] [ 171.609467][ T7177] FAULT_INJECTION: forcing a failure. [ 171.609467][ T7177] name failslab, interval 1, probability 0, space 0, times 0 [ 171.633159][ T7180] netlink: 330 bytes leftover after parsing attributes in process `syz.1.278'. [ 171.642370][ T7177] CPU: 1 UID: 0 PID: 7177 Comm: syz.0.277 Tainted: G L syzkaller #0 PREEMPT(full) [ 171.642422][ T7177] Tainted: [L]=SOFTLOCKUP [ 171.642434][ T7177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 171.642453][ T7177] Call Trace: [ 171.642463][ T7177] [ 171.642476][ T7177] dump_stack_lvl+0x100/0x190 [ 171.642538][ T7177] should_fail_ex.cold+0x5/0xa [ 171.642581][ T7177] ? blk_rq_map_user_iov+0x2a5/0x14c0 [ 171.642630][ T7177] should_failslab+0xc2/0x120 [ 171.642671][ T7177] __kmalloc_noprof+0xe0/0x850 [ 171.642733][ T7177] blk_rq_map_user_iov+0x2a5/0x14c0 [ 171.642796][ T7177] ? __pfx_blk_rq_map_user_iov+0x10/0x10 [ 171.642854][ T7177] ? policy_nodemask+0xed/0x4f0 [ 171.642895][ T7177] ? find_held_lock+0x2b/0x80 [ 171.642933][ T7177] ? sg_common_write.isra.0+0xe26/0x1b90 [ 171.643001][ T7177] ? sg_common_write.isra.0+0xe26/0x1b90 [ 171.643050][ T7177] ? import_ubuf+0x1b6/0x220 [ 171.643110][ T7177] blk_rq_map_user_io+0x1ff/0x230 [ 171.643165][ T7177] ? __pfx_blk_rq_map_user_io+0x10/0x10 [ 171.643211][ T7177] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 171.643270][ T7177] sg_common_write.isra.0+0xf74/0x1b90 [ 171.643329][ T7177] ? __might_fault+0xc5/0x140 [ 171.643377][ T7177] ? __pfx_sg_common_write.isra.0+0x10/0x10 [ 171.643439][ T7177] sg_write+0x7eb/0xdb0 [ 171.643489][ T7177] ? __pfx_sg_write+0x10/0x10 [ 171.643572][ T7177] ? apparmor_file_permission+0x13f/0x1c0 [ 171.643616][ T7177] ? bpf_lsm_file_permission+0x9/0x10 [ 171.643647][ T7177] ? security_file_permission+0x76/0x210 [ 171.643696][ T7177] ? rw_verify_area+0xce/0x6d0 [ 171.643743][ T7177] vfs_write+0x2aa/0x1070 [ 171.643777][ T7177] ? __pfx_sg_write+0x10/0x10 [ 171.643824][ T7177] ? __pfx_vfs_write+0x10/0x10 [ 171.643857][ T7177] ? find_held_lock+0x2b/0x80 [ 171.643914][ T7177] ? __fget_files+0x215/0x3d0 [ 171.643952][ T7177] ? __fget_files+0x215/0x3d0 [ 171.644010][ T7177] ? __fget_files+0x21f/0x3d0 [ 171.644058][ T7177] ksys_write+0x12a/0x250 [ 171.644104][ T7177] ? __pfx_ksys_write+0x10/0x10 [ 171.644144][ T7177] ? rcu_is_watching+0x12/0xc0 [ 171.644184][ T7177] do_syscall_64+0x115/0x840 [ 171.644231][ T7177] ? clear_bhb_loop+0x40/0x90 [ 171.644273][ T7177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.644306][ T7177] RIP: 0033:0x7fc82159ce59 [ 171.644333][ T7177] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 171.644365][ T7177] RSP: 002b:00007fc8223fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 171.644396][ T7177] RAX: ffffffffffffffda RBX: 00007fc821815fa0 RCX: 00007fc82159ce59 [ 171.644416][ T7177] RDX: 000000000000b6bd RSI: 0000000000000000 RDI: 0000000000000003 [ 171.644436][ T7177] RBP: 00007fc821632d6f R08: 0000000000000000 R09: 0000000000000000 [ 171.644456][ T7177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.644474][ T7177] R13: 00007fc821816038 R14: 00007fc821815fa0 R15: 00007ffd7960f528 [ 171.644516][ T7177] [ 172.040811][ T7182] FAULT_INJECTION: forcing a failure. [ 172.040811][ T7182] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 172.124694][ T7182] CPU: 0 UID: 0 PID: 7182 Comm: syz.3.279 Tainted: G L syzkaller #0 PREEMPT(full) [ 172.124745][ T7182] Tainted: [L]=SOFTLOCKUP [ 172.124756][ T7182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 172.124773][ T7182] Call Trace: [ 172.124783][ T7182] [ 172.124794][ T7182] dump_stack_lvl+0x100/0x190 [ 172.124851][ T7182] should_fail_ex.cold+0x5/0xa [ 172.124890][ T7182] _copy_from_user+0x2e/0xd0 [ 172.124936][ T7182] copy_from_sockptr_offset.constprop.0+0x12c/0x150 [ 172.124983][ T7182] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 172.125039][ T7182] do_sock_getsockopt+0x530/0x6e0 [ 172.125077][ T7182] ? __lock_acquire+0x4a5/0x2630 [ 172.125127][ T7182] ? 0xffffffffff600000 [ 172.125152][ T7182] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 172.125191][ T7182] ? find_held_lock+0x2b/0x80 [ 172.125226][ T7182] ? ksys_write+0x190/0x250 [ 172.125265][ T7182] ? 0xffffffffff600000 [ 172.125291][ T7182] ? find_held_lock+0x2b/0x80 [ 172.125340][ T7182] ? __fget_files+0x21f/0x3d0 [ 172.125386][ T7182] __sys_getsockopt+0x133/0x1d0 [ 172.125417][ T7182] ? 0xffffffffff600000 [ 172.125442][ T7182] ? __pfx_ksys_write+0x10/0x10 [ 172.125483][ T7182] ? __x64_sys_getsockopt+0xbd/0x160 [ 172.125512][ T7182] __x64_sys_getsockopt+0xbd/0x160 [ 172.125547][ T7182] ? do_syscall_64+0x90/0x840 [ 172.125591][ T7182] ? lockdep_hardirqs_on+0x78/0x100 [ 172.125634][ T7182] do_syscall_64+0x115/0x840 [ 172.125676][ T7182] ? clear_bhb_loop+0x40/0x90 [ 172.125714][ T7182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.125744][ T7182] RIP: 0033:0x7fa72239ce59 [ 172.125768][ T7182] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 172.125797][ T7182] RSP: 002b:00007fa7232ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 172.125825][ T7182] RAX: ffffffffffffffda RBX: 00007fa722615fa0 RCX: 00007fa72239ce59 [ 172.125844][ T7182] RDX: 000000000000271b RSI: 0000000000000114 RDI: 0000000000000003 [ 172.125863][ T7182] RBP: 00007fa7232ac090 R08: 0000000000000000 R09: 0000000000000000 [ 172.125881][ T7182] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 172.125900][ T7182] R13: 00007fa722616038 R14: 00007fa722615fa0 R15: 00007ffcb6279a48 [ 172.125925][ T7182] ? 0xffffffffff600000 [ 172.125961][ T7182] [ 172.711972][ T7192] FAULT_INJECTION: forcing a failure. [ 172.711972][ T7192] name fail_futex, interval 1, probability 0, space 0, times 0 [ 172.748056][ T7192] CPU: 0 UID: 0 PID: 7192 Comm: syz.3.283 Tainted: G L syzkaller #0 PREEMPT(full) [ 172.748093][ T7192] Tainted: [L]=SOFTLOCKUP [ 172.748101][ T7192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 172.748116][ T7192] Call Trace: [ 172.748123][ T7192] [ 172.748132][ T7192] dump_stack_lvl+0x100/0x190 [ 172.748178][ T7192] should_fail_ex.cold+0x5/0xa [ 172.748209][ T7192] get_futex_key+0x1d2/0x1510 [ 172.748251][ T7192] ? __pfx_get_futex_key+0x10/0x10 [ 172.748324][ T7192] ? nf_sockopt_find.isra.0+0x222/0x290 [ 172.748374][ T7192] futex_wake+0xea/0x530 [ 172.748404][ T7192] ? ip_setsockopt+0x74/0xf0 [ 172.748426][ T7192] ? __pfx_futex_wake+0x10/0x10 [ 172.748456][ T7192] ? ipv6_setsockopt+0xe3/0x170 [ 172.748499][ T7192] ? sctp_setsockopt+0x168/0xb370 [ 172.748536][ T7192] do_futex+0x32b/0x350 [ 172.748560][ T7192] ? __pfx_do_futex+0x10/0x10 [ 172.748584][ T7192] ? rcu_is_watching+0x12/0xc0 [ 172.748611][ T7192] ? do_sock_setsockopt+0x101/0x1d0 [ 172.748639][ T7192] ? kfree+0x1dd/0x6c0 [ 172.748676][ T7192] __x64_sys_futex+0x34f/0x4d0 [ 172.748704][ T7192] ? __pfx___x64_sys_futex+0x10/0x10 [ 172.748734][ T7192] ? rcu_is_watching+0x12/0xc0 [ 172.748765][ T7192] do_syscall_64+0x115/0x840 [ 172.748798][ T7192] ? clear_bhb_loop+0x40/0x90 [ 172.748827][ T7192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.748851][ T7192] RIP: 0033:0x7fa72239ce59 [ 172.748869][ T7192] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 172.748892][ T7192] RSP: 002b:00007fa7232ac0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 172.748914][ T7192] RAX: ffffffffffffffda RBX: 00007fa722615fa8 RCX: 00007fa72239ce59 [ 172.748930][ T7192] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa722615fac [ 172.748944][ T7192] RBP: 00007fa722615fa0 R08: 0000000000000001 R09: 0000000000000000 [ 172.748958][ T7192] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 172.748973][ T7192] R13: 00007fa722616038 R14: 00007ffcb6279960 R15: 00007ffcb6279a48 [ 172.749004][ T7192] [ 173.462341][ T7207] kAFS: No cell specified [ 173.746731][ T7190] Process accounting paused [ 174.172929][ T7221] netlink: 28 bytes leftover after parsing attributes in process `syz.1.292'. [ 174.203064][ T7228] kAFS: No cell specified [ 174.721764][ T29] audit: type=1806 audit(1780964318.219:12): xattr="" res=-22 [ 176.421621][ T7260] netlink: 12 bytes leftover after parsing attributes in process `syz.2.301'. [ 177.074280][ T7296] kAFS: No cell specified [ 177.285440][ T7299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.306'. [ 177.514722][ T7304] kAFS: No cell specified [ 178.003955][ T29] audit: type=1806 audit(1780964321.501:13): xattr="" res=-22 [ 178.394067][ T7324] FAULT_INJECTION: forcing a failure. [ 178.394067][ T7324] name failslab, interval 1, probability 0, space 0, times 0 [ 178.450481][ T7324] CPU: 0 UID: 0 PID: 7324 Comm: syz.2.311 Tainted: G L syzkaller #0 PREEMPT(full) [ 178.450533][ T7324] Tainted: [L]=SOFTLOCKUP [ 178.450544][ T7324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 178.450564][ T7324] Call Trace: [ 178.450575][ T7324] [ 178.450587][ T7324] dump_stack_lvl+0x100/0x190 [ 178.450652][ T7324] should_fail_ex.cold+0x5/0xa [ 178.450697][ T7324] should_failslab+0xc2/0x120 [ 178.450750][ T7324] __kmalloc_cache_noprof+0x7a/0x6f0 [ 178.450797][ T7324] ? tty_open+0x139/0xfa0 [ 178.450846][ T7324] ? __pfx_tty_open+0x10/0x10 [ 178.450891][ T7324] tty_open+0x139/0xfa0 [ 178.450942][ T7324] ? __pfx_tty_open+0x10/0x10 [ 178.450985][ T7324] ? chrdev_open+0x589/0x6a0 [ 178.451025][ T7324] ? chrdev_open+0x589/0x6a0 [ 178.451071][ T7324] ? __pfx_tty_open+0x10/0x10 [ 178.451115][ T7324] chrdev_open+0x234/0x6a0 [ 178.451158][ T7324] ? __pfx_chrdev_open+0x10/0x10 [ 178.451215][ T7324] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 178.451268][ T7324] do_dentry_open+0x6ab/0x14d0 [ 178.451308][ T7324] ? __pfx_chrdev_open+0x10/0x10 [ 178.451358][ T7324] vfs_open+0x82/0x3f0 [ 178.451412][ T7324] path_openat+0x208c/0x31a0 [ 178.451468][ T7324] ? __pfx_path_openat+0x10/0x10 [ 178.451526][ T7324] do_file_open+0x20e/0x430 [ 178.451572][ T7324] ? __pfx_do_file_open+0x10/0x10 [ 178.451643][ T7324] ? alloc_fd+0x476/0x790 [ 178.451689][ T7324] ? do_getname+0x191/0x390 [ 178.451743][ T7324] do_sys_openat2+0x10d/0x1e0 [ 178.451793][ T7324] ? __pfx_do_sys_openat2+0x10/0x10 [ 178.451862][ T7324] __x64_sys_openat+0x12d/0x210 [ 178.451915][ T7324] ? __pfx___x64_sys_openat+0x10/0x10 [ 178.451966][ T7324] ? exit_to_user_mode_loop+0xf3/0x670 [ 178.452027][ T7324] ? rcu_is_watching+0x12/0xc0 [ 178.452069][ T7324] do_syscall_64+0x115/0x840 [ 178.452115][ T7324] ? clear_bhb_loop+0x40/0x90 [ 178.452154][ T7324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.452197][ T7324] RIP: 0033:0x7f9dbb99ce59 [ 178.452224][ T7324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 178.452256][ T7324] RSP: 002b:00007f9dbc805028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 178.452288][ T7324] RAX: ffffffffffffffda RBX: 00007f9dbbc16270 RCX: 00007f9dbb99ce59 [ 178.452309][ T7324] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 178.452330][ T7324] RBP: 00007f9dbba32d6f R08: 0000000000000000 R09: 0000000000000000 [ 178.452350][ T7324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 178.452370][ T7324] R13: 00007f9dbbc16308 R14: 00007f9dbbc16270 R15: 00007ffff652ee28 [ 178.452431][ T7324] [ 179.318676][ T7319] netlink: 12 bytes leftover after parsing attributes in process `syz.3.307'. [ 179.400580][ T7338] kAFS: No cell specified [ 179.643352][ T7328] netlink: 12 bytes leftover after parsing attributes in process `syz.0.313'. [ 180.507569][ T7351] kAFS: No cell specified [ 181.538813][ T29] audit: type=1806 audit(1780964325.043:14): xattr="" res=-22 [ 181.653891][ T7370] bond0: invalid ARP target specified [ 184.158281][ T7399] netlink: 12 bytes leftover after parsing attributes in process `syz.1.327'. [ 185.069560][ T7416] FAULT_INJECTION: forcing a failure. [ 185.069560][ T7416] name failslab, interval 1, probability 0, space 0, times 0 [ 185.105756][ T7416] CPU: 1 UID: 0 PID: 7416 Comm: syz.3.333 Tainted: G L syzkaller #0 PREEMPT(full) [ 185.105805][ T7416] Tainted: [L]=SOFTLOCKUP [ 185.105815][ T7416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 185.105833][ T7416] Call Trace: [ 185.105843][ T7416] [ 185.105854][ T7416] dump_stack_lvl+0x100/0x190 [ 185.105911][ T7416] should_fail_ex.cold+0x5/0xa [ 185.105949][ T7416] should_failslab+0xc2/0x120 [ 185.105994][ T7416] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 185.106044][ T7416] ? alloc_empty_file+0x5b/0x1c0 [ 185.106117][ T7416] alloc_empty_file+0x5b/0x1c0 [ 185.106166][ T7416] alloc_file_pseudo+0x13a/0x230 [ 185.106217][ T7416] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 185.106268][ T7416] ? alloc_fd+0x476/0x790 [ 185.106315][ T7416] sock_alloc_file+0x50/0x210 [ 185.106353][ T7416] __sys_socket+0x1c0/0x260 [ 185.106399][ T7416] ? __pfx___sys_socket+0x10/0x10 [ 185.106443][ T7416] ? ksys_write+0x1ac/0x250 [ 185.106490][ T7416] __x64_sys_socket+0x72/0xb0 [ 185.106536][ T7416] ? lockdep_hardirqs_on+0x78/0x100 [ 185.106585][ T7416] do_syscall_64+0x115/0x840 [ 185.106627][ T7416] ? clear_bhb_loop+0x40/0x90 [ 185.106667][ T7416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.106699][ T7416] RIP: 0033:0x7fa72239ce59 [ 185.106731][ T7416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 185.106783][ T7416] RSP: 002b:00007fa7232ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 185.106814][ T7416] RAX: ffffffffffffffda RBX: 00007fa722615fa0 RCX: 00007fa72239ce59 [ 185.106837][ T7416] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 185.106857][ T7416] RBP: 00007fa722432d6f R08: 0000000000000000 R09: 0000000000000000 [ 185.106877][ T7416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.106896][ T7416] R13: 00007fa722616038 R14: 00007fa722615fa0 R15: 00007ffcb6279a48 [ 185.106940][ T7416] [ 185.511808][ T29] audit: type=1806 audit(1780964328.975:15): xattr="" res=-22 [ 186.258393][ T7432] FAULT_INJECTION: forcing a failure. [ 186.258393][ T7432] name failslab, interval 1, probability 0, space 0, times 0 [ 186.372201][ T7441] netlink: 40 bytes leftover after parsing attributes in process `syz.1.336'. [ 186.381430][ T7432] CPU: 0 UID: 0 PID: 7432 Comm: syz.3.335 Tainted: G L syzkaller #0 PREEMPT(full) [ 186.381480][ T7432] Tainted: [L]=SOFTLOCKUP [ 186.381492][ T7432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 186.381511][ T7432] Call Trace: [ 186.381521][ T7432] [ 186.381533][ T7432] dump_stack_lvl+0x100/0x190 [ 186.381597][ T7432] should_fail_ex.cold+0x5/0xa [ 186.381640][ T7432] should_failslab+0xc2/0x120 [ 186.381681][ T7432] __kmalloc_cache_noprof+0x7a/0x6f0 [ 186.381730][ T7432] ? kobject_uevent_env+0x263/0x18b0 [ 186.381765][ T7432] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 186.381824][ T7432] kobject_uevent_env+0x263/0x18b0 [ 186.381873][ T7432] ? bus_to_subsys+0x114/0x150 [ 186.381921][ T7432] device_add+0x116e/0x1950 [ 186.381961][ T7432] ? __pfx_device_add+0x10/0x10 [ 186.381996][ T7432] ? lockdep_init_map_type+0x5c/0x250 [ 186.382050][ T7432] ? __init_waitqueue_head+0xca/0x150 [ 186.382096][ T7432] rfkill_register+0x1ad/0xb30 [ 186.382139][ T7432] nfc_register_device+0x11f/0x3e0 [ 186.382188][ T7432] nci_register_device+0x7f1/0xb80 [ 186.382231][ T7432] ? __pfx_nci_register_device+0x10/0x10 [ 186.382275][ T7432] ? lockdep_init_map_type+0x5c/0x250 [ 186.382337][ T7432] virtual_ncidev_open+0x141/0x220 [ 186.382381][ T7432] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 186.382415][ T7432] misc_open+0x26d/0x450 [ 186.382449][ T7432] ? __pfx_misc_open+0x10/0x10 [ 186.382481][ T7432] chrdev_open+0x234/0x6a0 [ 186.382522][ T7432] ? __pfx_apparmor_file_open+0x10/0x10 [ 186.382558][ T7432] ? __pfx_chrdev_open+0x10/0x10 [ 186.382601][ T7432] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 186.382655][ T7432] do_dentry_open+0x6ab/0x14d0 [ 186.382695][ T7432] ? __pfx_chrdev_open+0x10/0x10 [ 186.382747][ T7432] vfs_open+0x82/0x3f0 [ 186.382802][ T7432] path_openat+0x208c/0x31a0 [ 186.382857][ T7432] ? __pfx_path_openat+0x10/0x10 [ 186.382914][ T7432] do_file_open+0x20e/0x430 [ 186.382959][ T7432] ? __pfx_do_file_open+0x10/0x10 [ 186.383032][ T7432] ? alloc_fd+0x476/0x790 [ 186.383078][ T7432] ? do_getname+0x191/0x390 [ 186.383132][ T7432] do_sys_openat2+0x10d/0x1e0 [ 186.383185][ T7432] ? __pfx_do_sys_openat2+0x10/0x10 [ 186.383240][ T7432] ? __fget_files+0x21f/0x3d0 [ 186.383287][ T7432] __x64_sys_openat+0x12d/0x210 [ 186.383342][ T7432] ? __pfx___x64_sys_openat+0x10/0x10 [ 186.383412][ T7432] ? rcu_is_watching+0x12/0xc0 [ 186.383457][ T7432] do_syscall_64+0x115/0x840 [ 186.383502][ T7432] ? clear_bhb_loop+0x40/0x90 [ 186.383543][ T7432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.383576][ T7432] RIP: 0033:0x7fa72239ce59 [ 186.383603][ T7432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.383635][ T7432] RSP: 002b:00007fa72328b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 186.383667][ T7432] RAX: ffffffffffffffda RBX: 00007fa722616090 RCX: 00007fa72239ce59 [ 186.383688][ T7432] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 186.383708][ T7432] RBP: 00007fa722432d6f R08: 0000000000000000 R09: 0000000000000000 [ 186.383726][ T7432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.383744][ T7432] R13: 00007fa722616128 R14: 00007fa722616090 R15: 00007ffcb6279a48 [ 186.383787][ T7432] [ 186.978921][ T7450] netlink: 28 bytes leftover after parsing attributes in process `syz.1.336'. [ 186.991165][ T7450] ipvlan1: entered promiscuous mode [ 186.996575][ T7450] ipvlan1: entered allmulticast mode [ 187.001927][ T7450] veth0_vlan: entered allmulticast mode syzkaller syzkaller login: [ 188.524561][ T7472] RGB/YUV Input: ================= START STATUS ================= [ 188.568931][ T7472] RGB/YUV Input: Test Pattern: 75% Colorbar [ 188.640645][ T7472] RGB/YUV Input: Show Information: All [ 188.679208][ T7472] RGB/YUV Input: Vertical Flip: false [ 188.741216][ T7472] RGB/YUV Input: Horizontal Flip: false [ 188.844123][ T7472] RGB/YUV Input: Brightness: 128 [ 188.890323][ T7472] RGB/YUV Input: Contrast: 128 [ 188.940732][ T7472] RGB/YUV Input: Hue: 0 [ 188.977796][ T7472] RGB/YUV Input: Saturation: 128 [ 189.007634][ T7472] RGB/YUV Input: Pixel Rate: 160000000 [ 189.058484][ T7472] RGB/YUV Input: Horizontal Blanking: 800 [ 189.077430][ T7472] RGB/YUV Input: Vertical Blanking: 3223 [ 189.096903][ T7472] RGB/YUV Input: ================== END STATUS ================== [ 190.755420][ T7508] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 190.920806][ T7507] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 191.406286][ T7519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.351'. [ 192.971151][ T7561] netlink: 28 bytes leftover after parsing attributes in process `syz.1.360'. [ 193.532974][ T7566] netlink: 12 bytes leftover after parsing attributes in process `syz.3.362'. [ 193.998043][ T29] audit: type=1806 audit(1780964337.499:16): xattr="" res=-22 [ 194.222387][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.229900][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.265181][ T7600] cifs: Unknown parameter '‰ƒ´ÕéŒ)¬ Up†µÌ¢{´¼V ]7ž62']ßΨÉú!²gÉÊ®Ë7ú9½ófM¸<*y¢sEéhîé”' [ 194.328159][ T7594] FAULT_INJECTION: forcing a failure. [ 194.328159][ T7594] name failslab, interval 1, probability 0, space 0, times 0 [ 194.365528][ T29] audit: type=1806 audit(1780964337.869:17): xattr="" res=-22 [ 194.405553][ T7594] CPU: 1 UID: 0 PID: 7594 Comm: syz.2.364 Tainted: G L syzkaller #0 PREEMPT(full) [ 194.405602][ T7594] Tainted: [L]=SOFTLOCKUP [ 194.405614][ T7594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 194.405634][ T7594] Call Trace: [ 194.405645][ T7594] [ 194.405656][ T7594] dump_stack_lvl+0x100/0x190 [ 194.405720][ T7594] should_fail_ex.cold+0x5/0xa [ 194.405764][ T7594] should_failslab+0xc2/0x120 [ 194.405806][ T7594] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 194.405863][ T7594] ? proc_alloc_inode+0x25/0x200 [ 194.405900][ T7594] ? find_held_lock+0x2b/0x80 [ 194.405944][ T7594] ? __pfx_proc_alloc_inode+0x10/0x10 [ 194.405985][ T7594] proc_alloc_inode+0x25/0x200 [ 194.406021][ T7594] alloc_inode+0x68/0x250 [ 194.406071][ T7594] new_inode+0x22/0x1c0 [ 194.406117][ T7594] ? proc_sys_lookup+0x266/0x430 [ 194.406160][ T7594] proc_sys_make_inode+0x47/0x5c0 [ 194.406203][ T7594] proc_sys_lookup+0x307/0x430 [ 194.406255][ T7594] ? __pfx_proc_sys_lookup+0x10/0x10 [ 194.406302][ T7594] ? __d_lookup+0x266/0x4a0 [ 194.406341][ T7594] lookup_open.isra.0+0x631/0x11b0 [ 194.406383][ T7594] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 194.406438][ T7594] ? mnt_get_write_access+0x1e9/0x2f0 [ 194.406493][ T7594] path_openat+0xa98/0x31a0 [ 194.406543][ T7594] ? __pfx_path_openat+0x10/0x10 [ 194.406600][ T7594] do_file_open+0x20e/0x430 [ 194.406646][ T7594] ? __pfx_do_file_open+0x10/0x10 [ 194.406721][ T7594] ? alloc_fd+0x476/0x790 [ 194.406784][ T7594] ? do_getname+0x191/0x390 [ 194.406839][ T7594] do_sys_openat2+0x10d/0x1e0 [ 194.406895][ T7594] ? __pfx_do_sys_openat2+0x10/0x10 [ 194.406950][ T7594] ? find_held_lock+0x2b/0x80 [ 194.407004][ T7594] __x64_sys_openat+0x12d/0x210 [ 194.407059][ T7594] ? __pfx___x64_sys_openat+0x10/0x10 [ 194.407122][ T7594] ? rcu_is_watching+0x12/0xc0 [ 194.407167][ T7594] do_syscall_64+0x115/0x840 [ 194.407214][ T7594] ? clear_bhb_loop+0x40/0x90 [ 194.407265][ T7594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.407301][ T7594] RIP: 0033:0x7f9dbb99ce59 [ 194.407329][ T7594] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 194.407363][ T7594] RSP: 002b:00007f9dbc868028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 194.407396][ T7594] RAX: ffffffffffffffda RBX: 00007f9dbbc15fa0 RCX: 00007f9dbb99ce59 [ 194.407418][ T7594] RDX: 0000000000080202 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 194.407440][ T7594] RBP: 00007f9dbba32d6f R08: 0000000000000000 R09: 0000000000000000 [ 194.407459][ T7594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.407479][ T7594] R13: 00007f9dbbc16038 R14: 00007f9dbbc15fa0 R15: 00007ffff652ee28 [ 194.407524][ T7594] [ 196.566699][ T5638] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 197.197285][ T7641] netlink: 12 bytes leftover after parsing attributes in process `syz.2.375'. [ 198.269319][ T7686] EXT4-fs error (device sda1): trigger_test_error:130: comm syz.1.385: 7 [ 198.618764][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 199.862712][ T7699] netlink: 12 bytes leftover after parsing attributes in process `syz.2.390'. [ 200.057234][ T7730] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 200.698646][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 201.914688][ T29] audit: type=1806 audit(1780964345.423:18): xattr="" res=-22 [ 202.069704][ T7715] ------------[ cut here ]------------ [ 202.075259][ T7715] ODEBUG: free active (active state 0) object: ffff888037ee9438 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 202.088808][ T7715] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#1: syz.0.391/7715 [ 202.099076][ T7715] Modules linked in: [ 202.103417][ T7715] CPU: 1 UID: 0 PID: 7715 Comm: syz.0.391 Tainted: G L syzkaller #0 PREEMPT(full) [ 202.114302][ T7715] Tainted: [L]=SOFTLOCKUP [ 202.119931][ T7715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 202.130091][ T7715] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 202.136604][ T7715] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 02 03 e2 0b 41 56 48 8b 14 dd 40 58 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 4c 7e d7 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 202.156587][ T7715] RSP: 0018:ffffc90005ac7738 EFLAGS: 00010246 [ 202.163731][ T7715] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 202.171813][ T7715] RDX: ffffffff8c1c5780 RSI: ffffffff8c1c53a0 RDI: ffffffff90e1ff70 [ 202.179856][ T7715] RBP: 0000000000000001 R08: ffff888037ee9438 R09: ffffffff8bb2c6a0 [ 202.188035][ T7715] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c53a0 [ 202.196113][ T7715] R13: ffffffff8bb2c6e0 R14: ffffffff8a916ee0 R15: ffffc90005ac7838 [ 202.204129][ T7715] FS: 0000000000000000(0000) GS:ffff88812448e000(0000) knlGS:0000000000000000 [ 202.213181][ T7715] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.220459][ T7715] CR2: 00007fbdafcbd000 CR3: 0000000035fa2000 CR4: 00000000003526f0 [ 202.229501][ T7715] Call Trace: [ 202.232848][ T7715] [ 202.236421][ T7715] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 202.241954][ T7715] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 202.248031][ T7715] debug_check_no_obj_freed+0x4da/0x630 [ 202.253660][ T7715] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 202.259822][ T7715] ? __page_table_check_zero+0x333/0x410 [ 202.265519][ T7715] ? __page_table_check_zero+0x338/0x410 [ 202.274354][ T7715] __free_frozen_pages+0x3fc/0x10a0 [ 202.279780][ T7715] hci_release_dev+0x4ef/0x630 [ 202.286877][ T7715] ? __pfx_hci_release_dev+0x10/0x10 [ 202.292253][ T7715] ? device_release+0x97/0x270 [ 202.297321][ T7715] ? rcu_is_watching+0x12/0xc0 [ 202.303059][ T7715] ? device_release+0x97/0x270 [ 202.308015][ T7715] bt_host_release+0x6b/0xb0 [ 202.312767][ T7715] ? __pfx_bt_host_release+0x10/0x10 [ 202.318160][ T7715] device_release+0xd2/0x270 [ 202.322816][ T7715] kobject_put+0x1f7/0x640 [ 202.327386][ T7715] put_device+0x1f/0x30 [ 202.331626][ T7715] vhci_release+0x185/0x230 [ 202.336230][ T7715] ? __pfx_vhci_release+0x10/0x10 [ 202.341847][ T7715] __fput+0x3ff/0xb50 [ 202.346125][ T7715] task_work_run+0x150/0x240 [ 202.350794][ T7715] ? __pfx_task_work_run+0x10/0x10 [ 202.356033][ T7715] do_exit+0x951/0x2af0 [ 202.360268][ T7715] ? __pfx_do_exit+0x10/0x10 [ 202.364923][ T7715] ? __pfx_proc_coredump_connector+0x10/0x10 [ 202.371057][ T7715] do_group_exit+0xd5/0x2a0 [ 202.375630][ T7715] get_signal+0x20ff/0x2210 [ 202.380243][ T7715] ? __pfx_get_signal+0x10/0x10 [ 202.385162][ T7715] ? find_held_lock+0x2b/0x80 [ 202.389972][ T7715] ? bad_area_access_error+0xab/0x1d0 [ 202.395398][ T7715] ? fixup_vdso_exception+0x2d1/0x370 [ 202.400914][ T7715] arch_do_signal_or_restart+0x91/0x7a0 [ 202.407200][ T7715] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 202.413445][ T7715] ? rcu_is_watching+0x12/0xc0 [ 202.418386][ T7715] irqentry_exit+0x39e/0x970 [ 202.423054][ T7715] asm_exc_page_fault+0x26/0x30 [ 202.427996][ T7715] RIP: 0033:0x21000 [ 202.431850][ T7715] Code: Unable to access opcode bytes at 0x20fd6. [ 202.438340][ T7715] RSP: 002b:0000000000000010 EFLAGS: 00010282 [ 202.445042][ T7715] RAX: 0000000000000002 RBX: 00007fc821816090 RCX: 00007fc82159ce59 [ 202.453274][ T7715] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000020003b11 [ 202.461371][ T7715] RBP: 00007fc821632d6f R08: 0000000000000007 R09: 0000000000000000 [ 202.469420][ T7715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.477523][ T7715] R13: 00007fc821816128 R14: 00007fc821816090 R15: 00007ffd7960f528 [ 202.485566][ T7715] [ 202.488718][ T7715] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 202.496039][ T7715] CPU: 1 UID: 0 PID: 7715 Comm: syz.0.391 Tainted: G L syzkaller #0 PREEMPT(full) [ 202.506849][ T7715] Tainted: [L]=SOFTLOCKUP [ 202.511198][ T7715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 202.521280][ T7715] Call Trace: [ 202.524580][ T7715] [ 202.527533][ T7715] dump_stack_lvl+0x100/0x190 [ 202.532350][ T7715] vpanic+0x552/0x970 [ 202.536360][ T7715] ? __pfx_vpanic+0x10/0x10 [ 202.540902][ T7715] panic+0xd1/0xe0 [ 202.544653][ T7715] ? __pfx_panic+0x10/0x10 [ 202.549109][ T7715] ? check_panic_on_warn+0x1f/0x90 [ 202.554272][ T7715] check_panic_on_warn.cold+0x19/0x34 [ 202.559683][ T7715] ? debug_print_object+0x18e/0x2a0 [ 202.564937][ T7715] __warn.cold+0x191/0x328 [ 202.569403][ T7715] __report_bug+0x296/0x3d0 [ 202.573968][ T7715] ? debug_print_object+0x18e/0x2a0 [ 202.579204][ T7715] ? __pfx___report_bug+0x10/0x10 [ 202.584304][ T7715] ? __lock_acquire+0x4a5/0x2630 [ 202.589317][ T7715] report_bug_entry+0xe1/0x290 [ 202.594130][ T7715] ? debug_print_object+0x19b/0x2a0 [ 202.599366][ T7715] handle_bug+0x1cd/0x2a0 [ 202.603749][ T7715] exc_invalid_op+0x17/0x50 [ 202.608281][ T7715] asm_exc_invalid_op+0x1a/0x20 [ 202.613160][ T7715] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 202.619014][ T7715] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 02 03 e2 0b 41 56 48 8b 14 dd 40 58 1c 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 4c 7e d7 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 202.638649][ T7715] RSP: 0018:ffffc90005ac7738 EFLAGS: 00010246 [ 202.644749][ T7715] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 202.652745][ T7715] RDX: ffffffff8c1c5780 RSI: ffffffff8c1c53a0 RDI: ffffffff90e1ff70 [ 202.660737][ T7715] RBP: 0000000000000001 R08: ffff888037ee9438 R09: ffffffff8bb2c6a0 [ 202.668747][ T7715] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1c53a0 [ 202.676747][ T7715] R13: ffffffff8bb2c6e0 R14: ffffffff8a916ee0 R15: ffffc90005ac7838 [ 202.684745][ T7715] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 202.690260][ T7715] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 202.695752][ T7715] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 202.701619][ T7715] debug_check_no_obj_freed+0x4da/0x630 [ 202.707225][ T7715] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 202.713341][ T7715] ? __page_table_check_zero+0x333/0x410 [ 202.719011][ T7715] ? __page_table_check_zero+0x338/0x410 [ 202.724678][ T7715] __free_frozen_pages+0x3fc/0x10a0 [ 202.729926][ T7715] hci_release_dev+0x4ef/0x630 [ 202.734747][ T7715] ? __pfx_hci_release_dev+0x10/0x10 [ 202.740065][ T7715] ? device_release+0x97/0x270 [ 202.744862][ T7715] ? rcu_is_watching+0x12/0xc0 [ 202.749659][ T7715] ? device_release+0x97/0x270 [ 202.754463][ T7715] bt_host_release+0x6b/0xb0 [ 202.759095][ T7715] ? __pfx_bt_host_release+0x10/0x10 [ 202.764416][ T7715] device_release+0xd2/0x270 [ 202.769043][ T7715] kobject_put+0x1f7/0x640 [ 202.773509][ T7715] put_device+0x1f/0x30 [ 202.777700][ T7715] vhci_release+0x185/0x230 [ 202.782243][ T7715] ? __pfx_vhci_release+0x10/0x10 [ 202.787297][ T7715] __fput+0x3ff/0xb50 [ 202.791331][ T7715] task_work_run+0x150/0x240 [ 202.795955][ T7715] ? __pfx_task_work_run+0x10/0x10 [ 202.801110][ T7715] do_exit+0x951/0x2af0 [ 202.805305][ T7715] ? __pfx_do_exit+0x10/0x10 [ 202.809936][ T7715] ? __pfx_proc_coredump_connector+0x10/0x10 [ 202.815962][ T7715] do_group_exit+0xd5/0x2a0 [ 202.820522][ T7715] get_signal+0x20ff/0x2210 [ 202.825068][ T7715] ? __pfx_get_signal+0x10/0x10 [ 202.829948][ T7715] ? find_held_lock+0x2b/0x80 [ 202.834661][ T7715] ? bad_area_access_error+0xab/0x1d0 [ 202.840065][ T7715] ? fixup_vdso_exception+0x2d1/0x370 [ 202.845486][ T7715] arch_do_signal_or_restart+0x91/0x7a0 [ 202.851076][ T7715] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 202.857284][ T7715] ? rcu_is_watching+0x12/0xc0 [ 202.862097][ T7715] irqentry_exit+0x39e/0x970 [ 202.866736][ T7715] asm_exc_page_fault+0x26/0x30 [ 202.871654][ T7715] RIP: 0033:0x21000 [ 202.875488][ T7715] Code: Unable to access opcode bytes at 0x20fd6. [ 202.881922][ T7715] RSP: 002b:0000000000000010 EFLAGS: 00010282 [ 202.888020][ T7715] RAX: 0000000000000002 RBX: 00007fc821816090 RCX: 00007fc82159ce59 [ 202.896024][ T7715] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000020003b11 [ 202.904019][ T7715] RBP: 00007fc821632d6f R08: 0000000000000007 R09: 0000000000000000 [ 202.912010][ T7715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.920006][ T7715] R13: 00007fc821816128 R14: 00007fc821816090 R15: 00007ffd7960f528 [ 202.928013][ T7715] [ 202.931634][ T7715] Kernel Offset: disabled [ 202.935974][ T7715] Rebooting in 86400 seconds..