last executing test programs: 4m28.472898575s ago: executing program 3 (id=514): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x11, r0, 0x0) mmap$auto(0x1fffffffe000, 0x400005, 0x0, 0x3132, 0x9, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) write$auto(0x3, 0x0, 0xfdef) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x5609, r2) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x2) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x6, 0x0, 0x800000001, 0x0, 0x7, 0xa505}, 0x4}, 0x2, 0x4048) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x5}, 0xa) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x110c230000, 0x8031ca, 0x9) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) bpf$auto(0x1, 0x0, 0xf) socket$nl_generic(0x10, 0x3, 0x10) 4m27.271886838s ago: executing program 3 (id=517): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/bus/hid/drivers/kensington/new_id\x00', 0x498020, 0x0) write$auto(r0, 0x0, 0x81) write$auto(r0, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) clock_nanosleep$auto(0x2, 0x6, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) syz_clone(0x80f400, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0xffffffffffffffff, 0x64cf, 0x1df) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), r1) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="f3ffffff", @ANYRES16=r2, @ANYBLOB="1b0026bd7000fddbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000080), 0xffffffffffffffff) getpid() setresuid$auto(0xffffffffffffffff, 0x0, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0xb, 0x6, 0x12, 0x3ff, 0x7ffd) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) socket(0x11, 0x80003, 0x200300) 4m25.985563657s ago: executing program 3 (id=519): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5) mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x1000, 0x400050, 0x9) r0 = prctl$auto_PR_SET_MM_START_BRK(0x9, 0x6, 0x0, 0x6, 0x4) fcntl$auto_F_SETSIG(r0, 0xa, 0x1) write$auto(0x1, 0x0, 0x80000000) munmap$auto(0x8000, 0xffffffff) ioctl$auto(0x4000000000000c8, 0x3, 0x3) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x2003f0, 0x18) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/tcp\x00', 0x400, 0x0) pread64$auto(r2, 0x0, 0x202, 0xfffff000) setfsuid$auto(0xee00) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x44, 0x7, 0xfffffffd, 0x0, 0x0, 0x0, 0x9, 0x10001, 0x7, 0x8001, 0x7ffffff8, 0x5, 0x7, 0x5, 0x10000000061, 0x2}) socket$nl_generic(0x10, 0x3, 0x10) 4m23.593793982s ago: executing program 3 (id=523): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(0x3, 0x80000541b, 0xffffffffffffffff) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x40000, 0x0) 4m23.345294711s ago: executing program 3 (id=524): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="3400db6f89250cb126960e67bb4e4f3a8e39000064a5fa1d1e8c37807319628b19b1215fc6e644e01ab116ee79", @ANYRES16=r2, @ANYBLOB="01002cbd7000fadbdf250f00000008000300", @ANYRES32=r1, @ANYBLOB="050029000100000005002a00010000000600220009000000"], 0x34}, 0x1, 0x0, 0x0, 0x4004014}, 0x140000e4) 4m23.15333182s ago: executing program 3 (id=525): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_BTRFS_IOC_SNAP_DESTROY(0xffffffffffffffff, 0x5000940f, 0x0) unshare$auto(0x20000080) socket(0xa, 0x1, 0x84) (async) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r1 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x60c) write$auto(r1, 0x0, 0xfffffdf1) (async) write$auto(r1, 0x0, 0xfffffdf1) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000000), 0x141442, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) (async) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) ioctl$auto_EVIOCGMASK(r3, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9}) write$auto(0x3, 0x0, 0x4fffffdf2) ioctl$auto_BTRFS_IOC_FORGET_DEV(r2, 0x50009405, 0x0) (async) ioctl$auto_BTRFS_IOC_FORGET_DEV(r2, 0x50009405, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) sysfs$auto(0x2, 0x42, 0x0) (async) sysfs$auto(0x2, 0x42, 0x0) capset$auto(0x0, 0x0) write$auto(0x3, 0x0, 0xfdf3) linkat$auto(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) r4 = getsid$auto(0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000000000)={@inferred=r4, 0x4, 0x7, 0x2, "8dc5bf954f424ccf2be7235202c18144bbf41f24d95d9f7c72539030d921d33fe38bbca77dac603ee219984b", @inferred=0xffffffffffffffff}) getpeername$auto(0x3, 0x0, 0x0) 4m8.064616511s ago: executing program 32 (id=525): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_BTRFS_IOC_SNAP_DESTROY(0xffffffffffffffff, 0x5000940f, 0x0) unshare$auto(0x20000080) socket(0xa, 0x1, 0x84) (async) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r1 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x60c) write$auto(r1, 0x0, 0xfffffdf1) (async) write$auto(r1, 0x0, 0xfffffdf1) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000000), 0x141442, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) (async) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) ioctl$auto_EVIOCGMASK(r3, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9}) write$auto(0x3, 0x0, 0x4fffffdf2) ioctl$auto_BTRFS_IOC_FORGET_DEV(r2, 0x50009405, 0x0) (async) ioctl$auto_BTRFS_IOC_FORGET_DEV(r2, 0x50009405, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) sysfs$auto(0x2, 0x42, 0x0) (async) sysfs$auto(0x2, 0x42, 0x0) capset$auto(0x0, 0x0) write$auto(0x3, 0x0, 0xfdf3) linkat$auto(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) r4 = getsid$auto(0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000000000)={@inferred=r4, 0x4, 0x7, 0x2, "8dc5bf954f424ccf2be7235202c18144bbf41f24d95d9f7c72539030d921d33fe38bbca77dac603ee219984b", @inferred=0xffffffffffffffff}) getpeername$auto(0x3, 0x0, 0x0) 2m22.034709905s ago: executing program 1 (id=753): r0 = prctl$auto(0x3, 0x1002, 0x0, 0x0, 0xfffffffffffffff7) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f00000006c0)={0x208200700, 0x0, 0x0, 0x0, {0x2c}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) r1 = socket(0x15, 0x5, 0x0) listen$auto(r1, 0x9) unshare$auto(0x40000080) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(r2, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000280)={0x14, r3, 0xf3e97f51700e57cf, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020) read$auto(0xffffffffffffffff, 0x0, 0x7e) mprotect$auto(0x8000, 0x8, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x121000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) read$auto(r2, 0x0, 0x3) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) fanotify_init$auto(0x2, 0x8a) process_vm_readv$auto(0x0, 0x0, 0x800000001, 0x0, 0x80006, 0x9) r8 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x1000000a, 0xfffffffd, 0x44b, 0x7, 0x5, 0x1007181, 0xff, 0x7, 0x7, 0x7ff, 0x800c, 0x80000001, 0x4, 0x80200000000001, 0x800000000fbf, 0xde3, 0x9809588, 0xfffffffd, 0x2, 0x0, 0x864, 0x6, 0x22000, 0x40200, 0xfffffffe, 0xc3f, 0x2000000, 0x0, 0x0, 0x0, 0x0, [0x1000000000000000, 0x0, 0x0, 0x7fdf, 0x47, 0x0, 0x100, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44cd98b, 0xfffffffffffffffd, 0x0, 0x0, 0x8000000000000, 0x0, 0x6, 0x6, 0x0, 0x0, 0x6, 0x10001, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000000, 0x0, 0x6, 0xfffffffffffffffe, 0x0, 0x0, 0x3, 0x0, 0x2000000000000]}, 0xa, 0xd) ioctl$auto__ctl_fops_dm_ioctl(r8, 0xfffffffffffffd02, &(0x7f00000001c0)) wait4$auto(r7, 0x0, 0x80000001, 0x0) msgctl$auto_IPC_STAT(0x1ff, 0x2, &(0x7f0000000340)={{0xd, 0xee01, 0xffffffffffffffff, 0xf, 0x1ff, 0x3, 0x2}, &(0x7f0000000140)=0x8, 0x0, 0x0, 0x5, 0x7, 0x5, 0x91d, 0x3, 0x1000, 0x39a, @raw=0x7, @raw=0x2}) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r6, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x408c0}, 0x24040080) 2m19.365833945s ago: executing program 1 (id=756): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyc9\x00', 0x501100, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x0, 0x0) pread64$auto(r0, 0x0, 0x8, 0x7fff) (async) pread64$auto(r0, 0x0, 0x8, 0x7fff) openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x40, 0x0) mmap$auto(0x0, 0x40006, 0xdf, 0x200009b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x40006, 0xdf, 0x200009b72, 0x7, 0x28000) r1 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) (async) socket(0x2, 0x2, 0x0) socket(0x2, 0x1, 0x0) (async) r2 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x26241, 0x20) (async) open(0x0, 0x26241, 0x20) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) (async) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000000)="b68161a86e8da4110338a92ca863a91beaa8558206154cc5") r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_VERSION_SET(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002cbd7000fddbdf25040000000c0001800800010005000000b73fb547aa050b0920b80aaafaca04f38e75cbefa652aaec6d49d928e012c54fac97bddf6361bea1d1ed12343047adca5edcf7c582e5c612c66b7af4b5b70db6e1103912f41c4bee58ab7f98081e54705f0200001002ab7b317d5cb7"], 0x20}, 0x1, 0x0, 0x0, 0x40084}, 0x804) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) (async) mmap$auto(0x0, 0x1, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x8a880, 0x0) pread64$auto(r5, 0x0, 0x7fff, 0x3) (async) pread64$auto(r5, 0x0, 0x7fff, 0x3) 2m18.908981057s ago: executing program 1 (id=758): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) io_uring_setup$auto(0x9, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async, rerun: 32) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (rerun: 32) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) (async, rerun: 32) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async, rerun: 32) close_range$auto(0x2, 0xa, 0x0) 2m17.892592819s ago: executing program 1 (id=760): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/025/001\x00', 0x8901, 0x0) ioctl$auto(r0, 0x5522, r0) ioctl$auto(r0, 0x5521, 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000884) lstat$auto(0x0, &(0x7f00000002c0)={0xe, 0xfffffffffffffffe, 0x100000001, 0xfff, 0x0, 0x0, 0x0, 0xfa98, 0x8, 0x7fffffffffffffff, 0x8000000004, 0x100000007fffffff, 0x8000800000005, 0x0, 0x7, 0x4, 0xb}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r2, 0x5646, r2) read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f0000000280)=""/40, 0x28) ioctl$auto(r2, 0x2400000, 0xffffffffffffffff) futex$auto(0x0, 0x4f549, 0xc, 0x0, 0x0, 0x404) unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0) socket(0x18, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa) write$auto(r3, 0x0, 0xfffffdf1) linkat$auto(r3, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r3, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) mprotect$auto(0x0, 0x8000000000000001, 0x8) io_uring_setup$auto(0x2, 0x0) prctl$auto(0x3e, 0x1000000000000001, 0x0, 0x7, 0xffffffffffffffff) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) getdents$auto(0xffffffffffffffff, 0x0, 0x400018) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/midiC2D2\x00', 0x480801, 0x0) prctl$auto(0x4, 0x1, 0x0, 0x9, 0x0) socket(0xa, 0x2, 0x0) 2m15.788395065s ago: executing program 1 (id=766): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x1d, 0x2, 0x6) setsockopt$auto(r1, 0x6a, 0x2, 0x0, 0x3) io_uring_setup$auto(0x59, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyxf\x00', 0x109401, 0x0) ioctl$auto(r2, 0x540a, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x37, 0xa, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x7, 0x3, 0x800, 0x80000023, 0x200000000000007, 0x6d42, 0xc, 0x2495dae0, 0x6]}, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/smbd_send_credit_target\x00', 0x28102, 0x0) pread64$auto(r3, 0x0, 0x9, 0xb) close_range$auto(0x2, 0x8, 0x0) 2m15.424948823s ago: executing program 1 (id=767): unshare$auto(0x20000) mmap$auto(0x4, 0x100000001, 0x4000000000df, 0x100040eb5, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x4000000000002, 0x4, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0x6, 0x40eb1, 0x401, 0xa) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/scsi/sg/def_reserved_size\x00', 0xc8000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) mmap$auto(0x0, 0x2020009, 0xb, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x801, 0x84) read$auto_stat_fops_per_vm_kvm_main(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/binderfs/binder0\x00', 0x0, 0x0) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) 2m0.285135409s ago: executing program 33 (id=767): unshare$auto(0x20000) mmap$auto(0x4, 0x100000001, 0x4000000000df, 0x100040eb5, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x4000000000002, 0x4, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x3, 0x6, 0x40eb1, 0x401, 0xa) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/scsi/sg/def_reserved_size\x00', 0xc8000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) mmap$auto(0x0, 0x2020009, 0xb, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x801, 0x84) read$auto_stat_fops_per_vm_kvm_main(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/binderfs/binder0\x00', 0x0, 0x0) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) 16.975558156s ago: executing program 4 (id=961): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) socket(0xb, 0x3, 0x80000001) (async) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) (async) mmap$auto(0x2000000000003, 0xfffffffffffffffd, 0x35, 0xeb1, 0xffffffffffffffff, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x10, 0x2, 0xc) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000080)) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000001c0), r2) sendmsg$auto_TIPC_NL_PUBL_GET(r2, &(0x7f0000003940)={0x0, 0x0, &(0x7f0000003900)={&(0x7f0000000000)={0x20, r3, 0xf01, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@typed={0x7, 0x2, 0x0, 0x0, @str='@+\x00'}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40800}, 0x840) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) (async) close_range$auto(0x2, 0x8, 0x0) 16.213043537s ago: executing program 4 (id=963): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000004}, 0x3, 0x3, 0x3, 0x1) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x60000, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xffff800000000000, 0xffff, 0x100000000040eb1, 0x602, 0x300000000000) rseq$auto(0x0, 0x80000002, 0x8, 0xfd) socket(0x15, 0x5, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0xca, 0x0, 0x2d9) mbind$auto(0x180000000000, 0x2091d2, 0x8, 0x0, 0x391, 0x2) mmap$auto(0x0, 0x1, 0x6, 0x40eb2, 0x401, 0x300000000000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0x2eb1, r0, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x112) rt_sigsuspend$auto(0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x1fff, 0x800004, 0x66d}) io_uring_setup$auto(0x0, 0x0) 11.944816229s ago: executing program 4 (id=974): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf5, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_int=0x81, 0x1}}}) r1 = socket(0x11, 0x3, 0x9) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace\x00', 0x254200, 0x0) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f00000004c0)="5959e7488ae601000000000088ca", 0xe7}, 0x8, &(0x7f0000000180), 0x5, 0x2}, 0x5}, 0x2, 0x100) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open_tree$auto(r2, &(0x7f0000000140)='./file0\x00', 0x75e0142b) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={0x0}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000480)={{&(0x7f00000001c0)="8d10a50b60e1380b545f89c54bab4fbfb3e0feda7edd7e46ae550aa997ff56be56fea27cb83751daf5f24ad06844d84862e0d8ddb179f76038831d67eaac8ab77003e5fc4eaf9d788521bd99b2729d94e367eabcdce535dd22dee07e455f0d28213b56b89d026239a1a68f51487800b3643829c256b36302e01c43618a797b05025b5feebfc59d59d2d916fd4248245863a0fd01593abab17301a9c36f0ec8bcbd4d8e6757f5b19d5092696e8e3e7ae1179791a4d12d4b6e", 0x3, &(0x7f00000003c0)={&(0x7f00000002c0)="a05773e17fc3f097c1dda9674cdda8495227c3f6143b1c9dae28868eb2521113ee53fe55139a6cafe81097998f467936029d7cc2a59bd8df4aac7fbffdb54dfbc4dabe4693db529a457b072d24a74a8cc4064a179611df8dbc3eb7d0d68f653f5c970fe5e8039b309bf88b2d95319ac03fe3fed98f97feb30230ed7bc44c009694c3a27e9526df2fdf2b2d30adf6f4e00f90211708f37043fdc4153b871250e305e2c21184eaa67cb94b2d8e79f89ec13959f9918ffa08e8a519c2ad073327cf5ae99cbd9397b8187ea2e9c37e5535d88c6ce6ca1e247930b3585aa92c14fee55aef257d02", 0x100}, 0x1, &(0x7f0000000400)="2491e2f933b13df8b9767a34918374d206e5f3c766ee0baae721e41d7b28fc255fc9387e8c68e335e84ca7720ac49cdfdff203042b32ffe2ddf3fee62aa25966f135af5acda0f5ee35af2663f7f69d40ea81d8bce8fc80c0add9b8", 0x5, 0x1}, 0x401}, 0x5, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r4, 0x4018620d, 0x9) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) socketpair$auto(0x5, 0x5, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmsg$auto_IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000580)={0x18, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000814}, 0x94) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) setrlimit$auto(0x2a2d, 0x0) getpid() mmap$auto(0x7, 0x40009, 0xdf, 0x9b72, 0x7, 0x0) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x7ffff000) sendmmsg$auto(r0, 0x0, 0x9a6, 0x7000000) 10.008927206s ago: executing program 2 (id=976): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8004) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/040/001\x00', 0x802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x1c, 0x2, 0x8, 0x7fa, &(0x7f0000001800)}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r0, 0x3) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mq_open$auto(&(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0xa, 0x0, &(0x7f0000000080)={0x9, 0xf, 0x200, 0x12b}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x7, 0x28000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da06, 0xc, 0x7, 0x64c1, 0x8000001f, 0x8, 0x9, 0x100c, 0x2]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x1) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) socket(0x15, 0x5, 0x0) bpf$auto(0x0, 0x0, 0xa3) mmap$auto(0x0, 0xe980, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x7, 0x0, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/pagemap\x00', 0x0, 0x0) readv$auto(r3, &(0x7f0000000400)={0x0, 0x40}, 0x6) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x40002, 0x0) write$auto(0x3, 0x0, 0x81) 9.648991616s ago: executing program 4 (id=977): write$auto(0xca, &(0x7f0000000100)='\x044\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\x02\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9\x03\x00F\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0xe) (async) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @rand_addr=0x64010101}, 0x6e) (async) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x8001, 0x0, 0x21, 0xfffffffd}, 0xffff}, 0x5, 0x20000043) (async) mmap$auto(0xcf, 0x40009, 0xdf, 0x9b72, r0, 0x28080) r1 = socket(0x28, 0x3, 0x0) setsockopt$auto(0x400000000000003, 0x28, 0x6, 0x0, 0x56d) (async) fdatasync$auto(0xffffffffffffffff) (async) r2 = syz_clone(0x0, 0x0, 0x47, 0x0, 0x0, 0x0) (async) io_uring_setup$auto(0x1d48, 0x0) (async) syslog$auto_SYSLOG_ACTION_READ(0x2, &(0x7f0000000280)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00', 0x3) ptrace$auto_PTRACE_GETREGS(0xc, r2, 0x80000000, 0x1) (async) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000000)={0x8, 0x0, 0x6, 0xc0000000000000, 0x5, 0x0}) (async) r4 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/usb/usbmon/4u\x00', 0x3a1c81, 0x0) connect$auto(r4, 0x0, 0xd) (async) pread64$auto(r4, 0x0, 0x101, 0x103) (async) read$auto_mon_fops_text_t_mon_text(r4, 0x0, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x8000000000000000, 0x15) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) listen$auto(r1, 0x80) (async) ioctl$auto_UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, &(0x7f0000000200)=0x7f) (async) kcmp$auto(r2, r3, 0x4, 0xffffffffffffffff, 0xffffffffffffffff) (async, rerun: 32) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async, rerun: 32) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) (async, rerun: 32) syz_open_procfs$namespace(r3, &(0x7f00000000c0)='ns/cgroup\x00') (rerun: 32) 8.160991289s ago: executing program 4 (id=980): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000540)={0xfff, &(0x7f0000000180)="f2e37aa851f172bd24308737938225756749a2cd058f981d81224e731c1514b4fd0290f2fb02e666a68c1d72ad5615b16c73b5c0cedf17801dfece4a243f6e3a47ecc1c5db92b3500cefe0e7c269c25cd32701679442d287388dedeedd83d20b9d079d0a971a993bfa4a4499f8631caa1722a7a93bf39c2535ea752a9b05e21efeebdeaa71269153bdd6ba4fac9b230a6653e8cbaf66e11ea7c105"}) rseq$auto(0x0, 0x80000002, 0x8, 0xfd) socket(0x15, 0x5, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dmmidi2\x00', 0x401, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0xca, 0x0, 0x2d8) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) semctl$auto_SETVAL(0x2, 0x5, 0x10, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x112) rt_sigsuspend$auto(0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) arch_prctl$auto_ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0xd6) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x4000004, 0x7) name_to_handle_at$auto(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/blkio.bfq.dequeue\x00', &(0x7f0000001100)={0x8, 0xd, "2e5710c910109d7e"}, 0x0, 0x2) 6.513661212s ago: executing program 2 (id=981): set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fdfffff, 0xf0ee, 0x40020009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00"}, 0x4, 0x966, 0x3, @inferred, @integer={0x100000000, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0x100000eb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0xa) r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/tdls_wider_bw\x00', 0x82, 0x0) write$auto_debugfs_full_proxy_file_operations_internal(r2, 0x0, 0x20) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) fanotify_init$auto(0x9, 0x3) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0x8, 0x7069, 0x0, 0x19, 0x401, 0x2) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(r3, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, r1, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x4b, 0x17f, 0x2}, {0x5, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) 6.080699203s ago: executing program 0 (id=982): socket(0x9, 0x3, 0xe) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x401, 0x0) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x80000000008000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8f3b7a51b80ebd01, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) lseek$auto(0x3, 0x0, 0x1) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x2020009, 0x800000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x22302, 0x0) pread64$auto(r3, 0x0, 0x84, 0xc) read$auto_mon_fops_text_t_mon_text(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/037/001\x00', 0x100, 0x0) ioctl$auto(r1, 0x1, r3) 5.568077669s ago: executing program 5 (id=983): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x6a1, 0x2000000000002) socket(0x2a, 0x80805, 0xfffffffe) socket(0x28, 0x1, 0x0) (async) socket(0x28, 0x1, 0x0) socket(0x1, 0x1, 0x1) open(&(0x7f0000000000)='./bus\x00', 0x22042, 0x45) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg1\x00', 0x180443, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x121d02, 0x0) (async) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x121d02, 0x0) openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000040), 0x242780, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x14) (async) socket(0x10, 0x2, 0x14) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x402240, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x402240, 0x0) openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x20040, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8006) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8006) close_range$auto(0x2, 0xffffffffffffffff, 0x0) (async) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) prctl$auto(0x10000000018, 0x5, 0x4, 0x20000000009, 0x0) (async) prctl$auto(0x10000000018, 0x5, 0x4, 0x20000000009, 0x0) sysfs$auto(0x2, 0x4, 0x0) (async) sysfs$auto(0x2, 0x4, 0x0) fsopen$auto(0x0, 0x1) mmap$auto(0x2, 0x4, 0x3, 0x1000000000020eb1, 0xfffffffffffffffa, 0x2800000) 4.930171719s ago: executing program 2 (id=984): mmap$auto(0x0, 0x420009, 0x2df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r0) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto_EROFS_MOUNT_DAX_NEVER(r1, 0x3, &(0x7f00000002c0)='\x00\x14\x86\x12/\xdd\x91\x9c\x00\x00\x00\x00\x00\x00$\x19\x13\xa1\x97\xaey\xf9\x1b_g\xb0\x8bN\xe1c[\x01\x10\x97\xcd\xdf\xc1^(\x9b\xd9EC\xb3R\xdfDC\xcdt\x17\xefS\xe1\x85\x8a\x87f\xa3]\xc0\xac\x86\xc8*;\nD\x92\x9f\xf3\x90\xb0\xd8Y\xbep\xb1\x14\x89\xb1\n!b\x10\xedS\xca\x8c&\xbf\xca\x1d\xccnw\xd9T\x044\xc6\x96\xfc\x02j!\x00\x00\xec`\xe6nP\x03\xd8Bi1\xf0\v\xf0b\xbe\x18\x00\x00\x00\x004v\xee\x92]t^\xd4D]x\x99!\x1b9\xea\xe6\x16\x00'/161, &(0x7f0000000100)="f9fac07fa30df21b81e6ba7b15dacfed9c8dedba0105f3d06ea3e733180a2528d491b3acf44409a9a38ad975938f00000000000041ad978e00692733c50000000000fb3e21", 0xffffff9c) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty41\x00', 0x2ca997c8f4757aad, 0x0) r3 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000c40)='/proc/self/syscall\x00', 0x80, 0x0) read$auto_proc_single_file_operations_base(r3, &(0x7f00000001c0)=""/164, 0xa4) ioctl$auto(r2, 0x540a, 0x0) socket(0x18, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) timer_create$auto(0x0, 0x0, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x8, 0x3, 0xa984, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x0, 0x7, 0x4], {0x6, 0x6, 0xf, 0xffffff7c, 0x100, 0x84, 0x101, 0x9, 0x9}, {0x100, 0x1, 0x52, 0x4, 0xfffffffe, 0x29a, 0x76c5, 0x8, 0x5}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) sendmsg$auto_NL80211_CMD_LEAVE_OCB(r4, 0x0, 0x24040800) madvise$auto(0x0, 0xffffffffffff0005, 0x17) read$auto_proc_sessionid_operations_base(0xffffffffffffffff, &(0x7f0000000400)=""/83, 0x53) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0) mbind$auto(0x400007f, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) set_mempolicy_home_node$auto(0x1, 0x2010004, 0x800000000000, 0x7) 4.90410368s ago: executing program 0 (id=985): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fb3d89cb809172a3320003008000400088"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000804}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100050000000000df25000000000800080005ad179abd3a98193d000000080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x14) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x800}, 0x2, 0x0, 0x7, 0xa505}, 0xa788}, 0x7, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fb3d89cb809172a3320003008000400088"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) (async) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) (async) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) (async) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68) (async) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000804}, 0x40000) (async) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100050000000000df25000000000800080005ad179abd3a98193d000000080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x14) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) (async) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x800}, 0x2, 0x0, 0x7, 0xa505}, 0xa788}, 0x7, 0x8) (async) 3.969113163s ago: executing program 5 (id=986): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x5810, 0xffa, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto_SO_RXQ_OVFL(r0, 0x8, 0x28, &(0x7f0000000000)='/dev/dsp\x00', &(0x7f0000000040)=0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim6/health/break_health\x00', 0x68081, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0) write$auto(r1, &(0x7f0000000080)=')@-!\x00', 0x1e1) mmap$auto(0x1, 0x4, 0xe6, 0xfb1, 0x405, 0x9) socket(0x2b, 0x1, 0x1) statmount$auto(0x0, &(0x7f00000004c0)={0x8, 0x3ff, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0xd, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x1d, 0x309, 0x8, 0x4000, 0x2, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, [0x10000000003, 0x10, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x1000, 0x2961, 0x0, 0xef9], "c660fc102dd5449fcf3efec1d3359e747844032d4db27e021ac662e788a3b826316bb20665bafc086c7db86ab3e370eefc3e8bbf05939d7e33073df90f7caab7c39a6b66e8934f42c0957bfb879ca85e3dc354fef533704bcf5cb1535c43e15aa5c1e22bc592481142d31352e8b5d73600e5e98842058d7a621933cb70b3b3cd3e1b4b2a2b5e2691c6bc893047dab79f2d59a5156a7e251a2a0ba38ceafded3768"}, 0x2001fb, 0x7f) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, 0x0, 0x7, 0x4008) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x48c81443, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @raw=0xfa7}) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r3, 0x0, 0x1ff) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x2b, 0x1, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty51\x00', 0x80, 0x0) read$auto(r4, 0x0, 0x6) ioctl$auto_TIOCVHANGUP2(r4, 0x5437, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x88042, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r5, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) 3.814096825s ago: executing program 0 (id=987): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x80000000, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) pipe2$auto(0x0, 0x80) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) utime$auto(0x0, 0x0) 3.522457536s ago: executing program 5 (id=988): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xf) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001380)='/dev/sequencer2\x00', 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0xa, 0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x28b40, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x2, 0x5, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) connect$auto(0x3, &(0x7f00000000c0), 0x55) write$auto(0x3, 0x0, 0x800) 3.301478215s ago: executing program 4 (id=989): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe, 0x9, 0x2, 0xfffffffffffffffd, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) write$auto_cachefiles_daemon_fops_internal(0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x40000080) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(0x0, r0) sendmsg$auto_NLBL_CIPSOV4_C_ADD(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c00c04d584b9f71a12137010f00000000000000c3c5227e1b6430eaf16db073bdbb802dcccb05d767989ed3f319f81a335c18542c319a5c804bf2b6c6711bcc5e5246361ae7119d9e4d0da279ecfe6e80fd7a7b47c69f551537cba9945a10ca277f362c8a9c9d58e13b948fe79f6f05ed7a2e579ef84847887577f63203e4921cca19ddaa5788eaeaf4e013560f65cb5301ebb29cc9189484c7444893b81477c4bfcc6e97dc4633569ad1d1e7e8ee9f1bf5d8eae82a64", @ANYRES16=r3, @ANYBLOB="000428bd7000ffdbdf250100000008000a007f000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1602c000}, 0x4000) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmstat\x00', 0x20000, 0x0) pread64$auto(r4, &(0x7f00000002c0)='\x04\xefr\tbgc/\xd0\xe1\xf7$/tg/,s\b\xf5\xf7\x0f\x03\xd5\xef\xbf\xf6j\xe2\xed\x7f0\b\xff^\xe3th\xd2\x1bA\xba&\xba\xd0\xbb\xca\xb0\xa1\t\x00\x00\r(\xccF\xeeg\n\x00\x00\xa9l\x9cd\xcf\xff\x97=\xf4\xa1\xca\x82j\xf2\x17\t\x00\x00\x00\x00\x00\x00\x000\xf76\xb96\xd1\xb9\xde\xe2\x167\xc5\x94\x00A[B\xd9\x82\xaa\xc5\xfcoB\xfe\'\xfbI\xc9\xcb\xc3\xc1\x1e6~\x81\xb9\x0ff\x8e\xd3\x06\xba;yX\x966\x97#\xfb\x8d!F\xfc\x99\x86\x1d\xbb\xaf(\x92\x887\x01Z\xa7\xe3Y\x17\xd2#\x8aO\xef\r\xfa\xe0\x18IiI\xaek\xa9R\x02N;+@\x12>\'\x1a\xa6i\x93\x8c\x16BO@ \xb5\xd9\xd0\xb6S\xfc\x17\x11\x04\x8b?$\xean\xa1|D\xbbV%\xde\x87\xd1@\x00\x8cM\xfdr\xc9\x86\xbaq', 0x100003ffd, 0x6) r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x8001, 0x0) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r5, 0xc018620c, 0x0) poll$auto(&(0x7f0000000140)={r5, 0x80, 0x40}, 0x63, 0x4) openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/ns/cgroup\x00', 0x200000, 0x0) write$auto(r1, 0x0, 0x100000a3d9) 2.966563419s ago: executing program 0 (id=990): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x89, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r1, 0x0, 0x20000000001, 0x7fff) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x842, 0x0) write$auto(r2, 0x0, 0x200000000009) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x2304, 0x1a00) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0xffffffffffffffff, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) futex$auto(0x0, 0x9, 0x3e, 0x0, 0x0, 0x0) 2.560088678s ago: executing program 5 (id=991): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x4003, @empty}, 0x54) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a7, 0x7020000) close_range$auto(0x2, 0xa, 0x0) socket(0x2, 0x5, 0x0) listen$auto(0x3, 0x81) r0 = socket(0xa, 0x2, 0x0) ioctl$auto_FIONREAD(r0, 0x541b, 0x7) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x31, 0x8000, 0x1ffde, 0x1, 0x2, 0x1, 0x9, 0x3, 0x5, 0x8, 0x3002, 0x9, 0xb, 0x80010002, 0x80, 0xd8f9, 0x6, 0x7, 0x2, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x800, 0x0, [0x0, 0x0, 0x0, 0x0, 0xd, 0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xeff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x4]}, 0x1fe, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) ioctl$auto_VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000000)=0xffffffffffffffff) ioctl$auto_EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f0000000380)={0x4, 0x0, 0x3, 0x40, "5f8600896f30675aa5a09108a579a41efd30fb7a838528d811711672f5cc28b6"}) ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000040)={{0x2, 0x163, 0xb3b, 0x7}, "a78d311470dd0e56f1446a3c82fc9c1226029acc2ab20d2bb6b344b52d51bd08b3840b55abd9eb711c241bdf5b6b4e33d5d7fd5198a9219bd6d463bed1d1c4943ed05a3ba72937e9832f3140bacd3b7b", 0x5}) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0xfc, &(0x7f0000000100)={0x0, 0xfc6}, 0x2, 0x0, 0x7, 0x3}, 0x800}, 0x7, 0x4008) 2.309705284s ago: executing program 0 (id=992): r0 = socket(0x15, 0x5, 0x3) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/sound/ctl-led/speaker/mode\x00', 0x2a001, 0x0) write$auto(r1, &(0x7f0000000040)='\xf3\xc1\xbf\xa0', 0x7) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) r2 = pidfd_open$auto(0x1, 0x0) setns(r2, 0x60020000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x800, 0x3, 0x4) syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0xa7) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) r3 = socket(0xa, 0x5, 0x0) getsockopt$auto(r3, 0x84, 0x24, 0x0, 0x0) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x80000, 0x0) r4 = socket(0xa, 0x1, 0x84) getsockopt$auto(r4, 0x84, 0xe, 0x0, &(0x7f0000000040)=0xb0) ioctl$auto_USB_RAW_IOCTL_RUN(0xffffffffffffffff, 0x5501, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) r5 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x620900, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'}) close_range$auto(0x2, 0x8, 0x0) epoll_ctl$auto(r0, 0x81, r5, &(0x7f0000000100)={0x2, 0x8001}) r6 = socket(0x1d, 0x2, 0x7) r7 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r6, &(0x7f0000000000)=@can={0x1d, r8}, 0x6a) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x40, 0x801ffdf, 0x1, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x3b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x5, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000]}, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x10, 0x2, 0x0) 1.666247137s ago: executing program 2 (id=993): r0 = socket(0xa, 0x2, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) (async) r2 = userfaultfd$auto(0x1) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) (async, rerun: 64) ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r2, 0x80184132, &(0x7f0000000240)={0x5, 0x7fff, 0x4, 0xde}) (async, rerun: 64) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000200), r1) (rerun: 32) sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000d907b2aa0cd13ae5c0aaef8f07ce109d2b74fae935575ffe4ec91484a0a492d0feed22e019b19d763d124d655babf0231029243549e1b21d31aff2fab550780128cf42c636b69367", @ANYRES16=r4, @ANYBLOB="00082cbd7000fcdbdf250f0000000a0005000000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x400c850}, 0x10) (async) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) read$auto_page_owner_stack_operations_page_owner(r2, &(0x7f0000000040)=""/224, 0xe0) ioctl$auto(0x3, 0xae41, r5) r6 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$auto_IMADDTIMER(r6, 0x80044940, &(0x7f0000000140)=0x200000) r7 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/usb/usbmon/37t\x00', 0x80800, 0x0) close_range$auto(r0, r7, 0x9c) ioctl$auto_KVM_GET_MSRS(r3, 0x8004ae98, &(0x7f0000000180)={0x7}) (async) r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/sctp/cookie_hmac_alg\x00', 0x202, 0x0) sendfile$auto(r8, r8, 0x0, 0x7fffe000) 1.452822556s ago: executing program 2 (id=994): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) fstatfs$auto(0xffffffffffffffff, &(0x7f0000000140)={0x8001, 0x100000000000, 0x1, 0x9, 0x5d, 0x2, 0x75, {[0x80000000]}, 0x0, 0x7ff, 0x68a6, [0x5, 0x8, 0x5, 0x4]}) statmount$auto(0x0, &(0x7f0000000380)={0x4, 0xfffffffd, 0x9, 0x3, 0x16, 0x4, 0x5, 0x3, 0x800000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x3, 0xb414, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffffffe, [0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff], "c4cbb7ab40a4d6220aa6d6ea4305f533c9e9bee6fcfc61722ccb678e0e2cba7194bc385b26d84c96723400de3b5aacff44f65a10b6c36a9a55945d88270da0f18327ed7c66498ace94f97e799732311e069e26edbb6db1b0ddede50878458b27f5e2fb6581"}, 0x200, 0x81) setfsuid$auto(0xee00) sysfs$auto(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) socket(0x18, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202, 0x0) close_range$auto(0x0, 0x5, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0), 0xca400, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x23, 0x0) openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, 0x0, 0xa0042, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) 1.17861285s ago: executing program 5 (id=995): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) getsockopt$auto_SO_SNDBUF(r0, 0x100002, 0x7, &(0x7f0000000000)='-:&\x00\xf2\xc4\xe9\xd4\x9b\xde\x01%\rg\x9b\xbc\x84\xe8\xe0\x94\xba\x8fs\xb4\xbaKx\x8b^\xe25Y\x99W\xebN)CeX.\xb1\xac\xe8\x1a\f\xef\x80\f\x0e4P\x0f\xbd\"', &(0x7f0000000080)=0x6) mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x463, 0x1000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_WG_CMD_GET_DEVICE(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x14, r2, 0x2, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8) 934.18249ms ago: executing program 5 (id=996): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffe, 0x103, 0x8, 0x1f, 0x7181, 0x1ffde, 0xb099, 0x3, 0x9, 0x6, 0x3, 0x884, 0x1, 0xb7, 0x9, 0x8, 0x10003, 0xb2, 0x4, 0x0, 0xb, 0x2004, 0x20000200, 0x1, 0x84, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0xc0, 0x0, 0x7, 0x0, 0xb, 0x8, 0x2, 0x0, 0x0, 0x0, 0xad3, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) getrlimit$auto(0x3, 0x0) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) ioctl$auto_BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) lseek$auto(0x3, 0xffffffffff800002, 0x10) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) r4 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0x1) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r4}}, 0x57) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84) 410.796862ms ago: executing program 2 (id=997): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) setresuid$auto(0x0, 0x8, 0x0) adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10002, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x7, 0xffffffff}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x942, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000700), r3) r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x20000, 0x0) ioctl$auto_SG_GET_SCSI_ID(r5, 0x2276, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000780)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010027bd7000fddbdf255c7c000008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x68, r4, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_EPCS={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x1}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x3}, @NL80211_ATTR_PREV_BSSID={0x7, 0x4f, "4a2b13"}, @NL80211_ATTR_PMKR0_NAME={0x35, 0x102, "fa8187b15d038e27ebbdee9403b42d163f0cf5825404a83da74b14a4b6c40b8ccb4e75f09e092da80167e32552b36e9c55"}]}, 0x68}, 0x1, 0x0, 0x0, 0x50040010}, 0x801) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0) r7 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f00000001c0), r2) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r7, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x2}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0xfff}, @IOAM6_ATTR_NS_ID={0x6}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0xc0}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c68aba9bfb7025e}, 0x8001) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0xbc3, 0x800, 0x3, 0x8, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x6, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 0 (id=998): close_range$auto(0x2, 0x8, 0x0) getsockopt$auto(0xffffffffffffffff, 0x4, 0xde2, &(0x7f0000000340)='}:#(:*\x00', &(0x7f0000000380)=0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x88000, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) sysfs$auto(0x2, 0x5, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x3810251}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x24, r2, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, "a60acb901ff0de06700019b2"}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040080}, 0x140) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) r3 = fsopen$auto(0x0, 0x1) sendmsg$auto_NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r2, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x4}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0xfffd}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x10}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x8040) fsconfig$auto(r3, 0x6, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) close_range$auto(0x2, 0x8000, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) fcntl$auto(0x3, 0x4, 0xa553) write$auto(0x3, 0x0, 0xfdef) kernel console output (not intermixed with test programs): open+0x10/0x10 [ 193.954785][ T7508] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 193.954804][ T7508] do_dentry_open+0x6d8/0x1660 [ 193.954818][ T7508] ? __pfx_chrdev_open+0x10/0x10 [ 193.954838][ T7508] vfs_open+0x82/0x3f0 [ 193.954858][ T7508] path_openat+0x208c/0x31a0 [ 193.954879][ T7508] ? __pfx_path_openat+0x10/0x10 [ 193.954900][ T7508] do_file_open+0x20e/0x430 [ 193.954916][ T7508] ? __pfx_do_file_open+0x10/0x10 [ 193.954945][ T7508] ? alloc_fd+0x476/0x790 [ 193.954960][ T7508] ? do_getname+0x191/0x390 [ 193.954979][ T7508] do_sys_openat2+0x10d/0x1e0 [ 193.954997][ T7508] ? __pfx_do_sys_openat2+0x10/0x10 [ 193.955017][ T7508] ? __fget_files+0x21f/0x3d0 [ 193.955040][ T7508] __x64_sys_openat+0x12d/0x210 [ 193.955059][ T7508] ? __pfx___x64_sys_openat+0x10/0x10 [ 193.955089][ T7508] do_syscall_64+0x106/0xf80 [ 193.955108][ T7508] ? clear_bhb_loop+0x40/0x90 [ 193.955125][ T7508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.955140][ T7508] RIP: 0033:0x7f20eb79c799 [ 193.955153][ T7508] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 193.955166][ T7508] RSP: 002b:00007f20ec5da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 193.955180][ T7508] RAX: ffffffffffffffda RBX: 00007f20eba15fa0 RCX: 00007f20eb79c799 [ 193.955190][ T7508] RDX: 0000000000008000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 193.955198][ T7508] RBP: 00007f20eb832c99 R08: 0000000000000000 R09: 0000000000000000 [ 193.955207][ T7508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.955215][ T7508] R13: 00007f20eba16038 R14: 00007f20eba15fa0 R15: 00007ffc40d56a08 [ 193.955234][ T7508] [ 194.506342][ T7503] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 194.523031][ T7503] pci 0000:00:01.3: PCI INT A: no GSI [ 194.594116][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.600417][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.616641][ T29] audit: type=1800 audit(1773547273.633:9): pid=7513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.319" name="trace_pipe" dev="tracefs" ino=3955 res=0 errno=0 [ 196.477323][ T7554] usb usb36: usbfs: process 7554 (syz.0.330) did not claim interface 0 before use [ 197.060841][ T7563] netlink: 24 bytes leftover after parsing attributes in process `syz.1.331'. [ 197.364490][ T7567] random: crng reseeded on system resumption [ 199.231663][ T7591] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 925 with max blocks 34 with error 117 [ 199.521211][ T7591] EXT4-fs (sda1): This should not happen!! Data will be lost [ 199.521211][ T7591] [ 200.043466][ T7586] program syz.3.336 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 201.274755][ T29] audit: type=1807 audit(1773547280.353:10): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 201.289013][ T29] audit: type=1802 audit(1773547280.363:11): pid=7611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.339" res=0 errno=0 [ 201.570178][ T7622] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 201.635431][ T7610] ima: policy update failed [ 201.636329][ T29] audit: type=1802 audit(1773547280.713:12): pid=7610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.339" res=0 errno=0 [ 204.226319][ T7654] [U] [ 204.229173][ T7654] [U] [ 204.231844][ T7654] [U] [ 204.234513][ T7654] [U] [ 204.477858][ T7654] [U] [ 204.480575][ T7654] [U] [ 204.483246][ T7654] [U] [ 204.485914][ T7654] [U] [ 204.593765][ T7654] [U] [ 204.596483][ T7654] [U] [ 204.599153][ T7654] [U] [ 204.601824][ T7654] [U] [ 204.893254][ T7654] [U] [ 204.895971][ T7654] [U] [ 204.898639][ T7654] [U] [ 204.901307][ T7654] [U] [ 205.063895][ T7654] [U] [ 205.066603][ T7654] [U] [ 205.069274][ T7654] [U] [ 205.071948][ T7654] [U] [ 205.228074][ T7654] [U] [ 207.313770][ T6774] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 207.313796][ T6774] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 207.329287][ T6774] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 207.329335][ T6774] Bluetooth: hci3: Unknown advertising packet type: 0x14 [ 207.337435][ T6774] Bluetooth: hci3: Unknown advertising packet type: 0x14 [ 207.345550][ T6774] Bluetooth: hci3: Unknown advertising packet type: 0x14 [ 207.352560][ T6774] Bluetooth: hci3: Unknown advertising packet type: 0x72 [ 207.361025][ T6774] Bluetooth: hci3: Unknown advertising packet type: 0x14 [ 207.368095][ T6774] Bluetooth: hci3: Malformed LE Event: 0x0d [ 210.834656][ T7747] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 211.944520][ T7755] zswap: compressor not available [ 212.703409][ T7777] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 911 with max blocks 71 with error 117 [ 213.133541][ T7777] EXT4-fs (sda1): This should not happen!! Data will be lost [ 213.133541][ T7777] [ 214.823828][ T7802] netlink: NAT attribute has 4 unknown bytes [ 215.364389][ T7808] vivid-001: ================= START STATUS ================= [ 215.372248][ T7808] vivid-001: Radio HW Seek Mode: Bounded [ 215.533064][ T7811] FAULT_INJECTION: forcing a failure. [ 215.533064][ T7811] name failslab, interval 1, probability 0, space 0, times 0 [ 215.662429][ T7808] vivid-001: Radio Programmable HW Seek: false [ 215.755269][ T7808] vivid-001: RDS Rx I/O Mode: Block I/O [ 215.760884][ T7808] vivid-001: Generate RBDS Instead of RDS: false [ 215.876662][ T7811] CPU: 0 UID: 0 PID: 7811 Comm: syz.1.377 Not tainted syzkaller #0 PREEMPT(full) [ 215.876682][ T7811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 215.876690][ T7811] Call Trace: [ 215.876695][ T7811] [ 215.876701][ T7811] dump_stack_lvl+0x100/0x190 [ 215.876725][ T7811] should_fail_ex.cold+0x5/0xa [ 215.876741][ T7811] should_failslab+0xc2/0x120 [ 215.876756][ T7811] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 215.876776][ T7811] ? do_getname+0x35/0x390 [ 215.876792][ T7811] ? find_held_lock+0x2b/0x80 [ 215.876808][ T7811] do_getname+0x35/0x390 [ 215.876825][ T7811] do_sys_openat2+0xc5/0x1e0 [ 215.876843][ T7811] ? __pfx_do_sys_openat2+0x10/0x10 [ 215.876861][ T7811] ? __x64_sys_close_range+0x3ce/0x5d0 [ 215.876880][ T7811] __x64_sys_openat+0x12d/0x210 [ 215.876898][ T7811] ? __pfx___x64_sys_openat+0x10/0x10 [ 215.876922][ T7811] do_syscall_64+0x106/0xf80 [ 215.876940][ T7811] ? clear_bhb_loop+0x40/0x90 [ 215.876957][ T7811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.876970][ T7811] RIP: 0033:0x7fc4f4f9c799 [ 215.876983][ T7811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.876996][ T7811] RSP: 002b:00007fc4f5e3f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 215.877010][ T7811] RAX: ffffffffffffffda RBX: 00007fc4f5216180 RCX: 00007fc4f4f9c799 [ 215.877019][ T7811] RDX: 0000000000008c00 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 215.877027][ T7811] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 215.877035][ T7811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.877043][ T7811] R13: 00007fc4f5216218 R14: 00007fc4f5216180 R15: 00007ffc9e40d708 [ 215.877061][ T7811] [ 216.302979][ T7808] vivid-001: RDS Reception: true [ 216.313118][ T7808] vivid-001: RDS Program Type: 0 inactive [ 216.430284][ T7808] vivid-001: RDS PS Name: inactive [ 216.493032][ T7808] vivid-001: RDS Radio Text: inactive [ 216.498545][ T7808] vivid-001: RDS Traffic Announcement: false inactive [ 216.563005][ T7808] vivid-001: RDS Traffic Program: false inactive [ 216.652972][ T7808] vivid-001: RDS Music: false inactive [ 216.687009][ T7808] vivid-001: ================== END STATUS ================== [ 220.262617][ T7850] sd 0:0:1:0: PR command failed: 1026 [ 220.357342][ T7850] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 220.475245][ T7850] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 221.476861][ T7878] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 221.938544][ T6774] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 224.023306][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 959 with max blocks 64 with error 117 [ 224.096952][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 224.096952][ T7315] [ 224.185107][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1463 with max blocks 2 with error 117 [ 224.312962][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 224.312962][ T7315] [ 224.374866][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 942 with max blocks 80 with error 117 [ 224.484010][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 224.484010][ T7315] [ 226.177854][ T7926] FAULT_INJECTION: forcing a failure. [ 226.177854][ T7926] name failslab, interval 1, probability 0, space 0, times 0 [ 226.322232][ T7926] CPU: 0 UID: 0 PID: 7926 Comm: syz.1.395 Not tainted syzkaller #0 PREEMPT(full) [ 226.322255][ T7926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 226.322264][ T7926] Call Trace: [ 226.322270][ T7926] [ 226.322276][ T7926] dump_stack_lvl+0x100/0x190 [ 226.322302][ T7926] should_fail_ex.cold+0x5/0xa [ 226.322320][ T7926] should_failslab+0xc2/0x120 [ 226.322336][ T7926] __kmalloc_cache_noprof+0x7a/0x6f0 [ 226.322355][ T7926] ? snd_rawmidi_open+0x3b3/0xba0 [ 226.322373][ T7926] ? _raw_spin_unlock+0x28/0x50 [ 226.322392][ T7926] ? snd_card_file_add+0x26e/0x340 [ 226.322410][ T7926] snd_rawmidi_open+0x3b3/0xba0 [ 226.322433][ T7926] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 226.322461][ T7926] ? soundcore_open+0x231/0x5a0 [ 226.322475][ T7926] ? soundcore_open+0x231/0x5a0 [ 226.322490][ T7926] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 226.322510][ T7926] soundcore_open+0x2e3/0x5a0 [ 226.322526][ T7926] ? __pfx_soundcore_open+0x10/0x10 [ 226.322540][ T7926] chrdev_open+0x234/0x6a0 [ 226.322555][ T7926] ? __pfx_apparmor_file_open+0x10/0x10 [ 226.322578][ T7926] ? __pfx_chrdev_open+0x10/0x10 [ 226.322593][ T7926] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 226.322613][ T7926] do_dentry_open+0x6d8/0x1660 [ 226.322627][ T7926] ? __pfx_chrdev_open+0x10/0x10 [ 226.322646][ T7926] vfs_open+0x82/0x3f0 [ 226.322666][ T7926] path_openat+0x208c/0x31a0 [ 226.322688][ T7926] ? __pfx_path_openat+0x10/0x10 [ 226.322709][ T7926] do_file_open+0x20e/0x430 [ 226.322725][ T7926] ? __pfx_do_file_open+0x10/0x10 [ 226.322753][ T7926] ? alloc_fd+0x476/0x790 [ 226.322769][ T7926] ? do_getname+0x191/0x390 [ 226.322788][ T7926] do_sys_openat2+0x10d/0x1e0 [ 226.322806][ T7926] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.322825][ T7926] ? __might_fault+0xc5/0x140 [ 226.322851][ T7926] __x64_sys_openat+0x12d/0x210 [ 226.322870][ T7926] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.322896][ T7926] do_syscall_64+0x106/0xf80 [ 226.322915][ T7926] ? clear_bhb_loop+0x40/0x90 [ 226.322932][ T7926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.322950][ T7926] RIP: 0033:0x7fc4f4f9c799 [ 226.322963][ T7926] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.322977][ T7926] RSP: 002b:00007fc4f5e60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.322991][ T7926] RAX: ffffffffffffffda RBX: 00007fc4f5216090 RCX: 00007fc4f4f9c799 [ 226.323000][ T7926] RDX: 0000000000060c01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 226.323009][ T7926] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 226.323018][ T7926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.323026][ T7926] R13: 00007fc4f5216128 R14: 00007fc4f5216090 R15: 00007ffc9e40d708 [ 226.323045][ T7926] [ 230.170828][ T7996] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 230.394838][ T8009] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.3.406: bg 5: bad block bitmap checksum [ 230.675622][ T8009] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 74 [ 231.073389][ T8009] EXT4-fs (sda1): This should not happen!! Data will be lost [ 231.073389][ T8009] [ 231.848041][ T8029] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 232.664747][ T8042] Invalid ELF header magic: != ELF [ 233.027058][ T8050] FAULT_INJECTION: forcing a failure. [ 233.027058][ T8050] name failslab, interval 1, probability 0, space 0, times 0 [ 233.583274][ T8050] CPU: 0 UID: 0 PID: 8050 Comm: syz.1.412 Not tainted syzkaller #0 PREEMPT(full) [ 233.583309][ T8050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 233.583325][ T8050] Call Trace: [ 233.583333][ T8050] [ 233.583343][ T8050] dump_stack_lvl+0x100/0x190 [ 233.583390][ T8050] should_fail_ex.cold+0x5/0xa [ 233.583423][ T8050] should_failslab+0xc2/0x120 [ 233.583452][ T8050] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 233.583484][ T8050] ? fib_notifier_ops_register+0x32/0x270 [ 233.583504][ T8050] ? __debug_object_init+0x2de/0x3d0 [ 233.583528][ T8050] kmemdup_noprof+0x29/0x60 [ 233.583549][ T8050] fib_notifier_ops_register+0x32/0x270 [ 233.583571][ T8050] fib4_notifier_init+0x4f/0xd0 [ 233.583590][ T8050] fib_net_init+0xbf/0x3f0 [ 233.583608][ T8050] ? is_module_address+0x69/0xf0 [ 233.583625][ T8050] ? __pfx_fib_net_init+0x10/0x10 [ 233.583644][ T8050] ? timer_init_key+0x150/0x340 [ 233.583661][ T8050] ? devinet_init_net+0x56c/0x8d0 [ 233.583684][ T8050] ? __pfx_fib_net_init+0x10/0x10 [ 233.583701][ T8050] ops_init+0x1e2/0x5f0 [ 233.583728][ T8050] setup_net+0x118/0x3a0 [ 233.583748][ T8050] ? __pfx_setup_net+0x10/0x10 [ 233.583765][ T8050] ? lockdep_init_map_type+0x5c/0x250 [ 233.583783][ T8050] ? mutex_init_lockep+0x110/0x150 [ 233.583805][ T8050] copy_net_ns+0x46f/0x7c0 [ 233.583827][ T8050] create_new_namespaces+0x3ea/0xac0 [ 233.583846][ T8050] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 233.583862][ T8050] ksys_unshare+0x473/0xad0 [ 233.583880][ T8050] ? __pfx_ksys_unshare+0x10/0x10 [ 233.583904][ T8050] __x64_sys_unshare+0x31/0x40 [ 233.583920][ T8050] do_syscall_64+0x106/0xf80 [ 233.583938][ T8050] ? clear_bhb_loop+0x40/0x90 [ 233.583954][ T8050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.583968][ T8050] RIP: 0033:0x7fc4f4f9c799 [ 233.583981][ T8050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 233.583994][ T8050] RSP: 002b:00007fc4f5e81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 233.584008][ T8050] RAX: ffffffffffffffda RBX: 00007fc4f5215fa0 RCX: 00007fc4f4f9c799 [ 233.584017][ T8050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 233.584025][ T8050] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 233.584033][ T8050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.584040][ T8050] R13: 00007fc4f5216038 R14: 00007fc4f5215fa0 R15: 00007ffc9e40d708 [ 233.584059][ T8050] [ 234.153113][ T8057] netlink: 4 bytes leftover after parsing attributes in process `syz.2.413'. [ 234.663456][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 851 with max blocks 1 with error 117 [ 234.724861][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 234.724861][ T7315] [ 242.211534][ T8087] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.0.418: Error -117 reading block bitmap for 5 [ 246.830576][ T8114] netlink: 72 bytes leftover after parsing attributes in process `syz.2.422'. [ 247.006973][ T8112] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 958 with max blocks 24 with error 117 [ 247.179041][ T8112] EXT4-fs (sda1): This should not happen!! Data will be lost [ 247.179041][ T8112] [ 247.674586][ T8126] netlink: 342 bytes leftover after parsing attributes in process `syz.1.426'. [ 248.223376][ T8130] Invalid ELF header magic: != ELF [ 248.830166][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 959 with max blocks 64 with error 117 [ 248.962912][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 248.962912][ T7314] [ 249.045107][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1463 with max blocks 2 with error 117 [ 249.162734][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 249.162734][ T7314] [ 249.219431][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 955 with max blocks 1 with error 117 [ 249.316188][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 249.316188][ T7314] [ 249.405487][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 1392 with max blocks 43 with error 117 [ 249.484821][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 249.484821][ T7314] [ 252.073362][ T8173] random: crng reseeded on system resumption [ 254.663368][ T7312] EXT4-fs: 12 callbacks suppressed [ 254.663384][ T7312] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 997 with max blocks 26 with error 117 [ 254.723616][ T8208] bridge0: port 4(team0) entered blocking state [ 254.729917][ T8208] bridge0: port 4(team0) entered disabled state [ 254.792384][ T7312] EXT4-fs (sda1): This should not happen!! Data will be lost [ 254.792384][ T7312] [ 254.837678][ T7312] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 962 with max blocks 20 with error 117 [ 254.925714][ T7312] EXT4-fs (sda1): This should not happen!! Data will be lost [ 254.925714][ T7312] [ 255.285884][ T8208] team0: entered allmulticast mode [ 255.632966][ T8208] team_slave_0: entered allmulticast mode [ 255.705687][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.712045][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.847389][ T8208] team_slave_1: entered allmulticast mode [ 256.030013][ T8208] team0: entered promiscuous mode [ 256.281752][ T8208] team_slave_0: entered promiscuous mode [ 256.539003][ T8208] team_slave_1: entered promiscuous mode [ 256.723583][ T8208] bridge0: port 4(team0) entered blocking state [ 256.729941][ T8208] bridge0: port 4(team0) entered forwarding state [ 257.367454][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 997 with max blocks 26 with error 117 [ 257.467236][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 257.467236][ T7315] [ 257.536425][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 2 with max blocks 7 with error 117 [ 257.625047][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 257.625047][ T7315] [ 257.725738][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1425 with max blocks 40 with error 117 [ 257.806303][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 257.806303][ T7315] [ 258.053546][ T8239] netlink: 342 bytes leftover after parsing attributes in process `syz.2.450'. [ 258.095724][ T8239] netlink: 342 bytes leftover after parsing attributes in process `syz.2.450'. [ 258.124543][ T8240] random: crng reseeded on system resumption [ 259.473088][ T8260] ima: policy update failed [ 259.477760][ T29] audit: type=1802 audit(1773547338.553:13): pid=8260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.454" res=0 errno=0 [ 259.817394][ T8266] netlink: 4 bytes leftover after parsing attributes in process `syz.1.455'. [ 259.874461][ T8268] netlink: 25 bytes leftover after parsing attributes in process `syz.1.455'. [ 260.324257][ T8267] zswap: compressor not available [ 260.396140][ T8274] QAT: Stopping all acceleration devices. [ 260.426548][ T8252] EXT4-fs: 2 callbacks suppressed [ 260.426563][ T8252] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 999 with max blocks 23 with error 117 [ 261.403085][ T8252] EXT4-fs (sda1): This should not happen!! Data will be lost [ 261.403085][ T8252] [ 262.150902][ T8282] bridge0: port 3(dummy0) entered blocking state [ 262.241171][ T8282] bridge0: port 3(dummy0) entered disabled state [ 262.299661][ T8294] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 262.459500][ T8282] dummy0: entered allmulticast mode [ 262.610693][ T8282] dummy0: entered promiscuous mode [ 262.733397][ T8282] bridge0: port 3(dummy0) entered blocking state [ 262.739834][ T8282] bridge0: port 3(dummy0) entered forwarding state [ 263.085992][ T8299] smpboot: CPU 1 is now offline [ 268.758427][ T8333] No such timeout policy "" [ 268.798941][ T8333] netlink: Failed to associated timeout policy '' [ 269.104010][ T8341] netlink: 8 bytes leftover after parsing attributes in process `syz.2.472'. [ 269.417810][ T8346] netlink: 28 bytes leftover after parsing attributes in process `syz.2.474'. [ 273.119791][ T8016] syz.0.404 (8016) used greatest stack depth: 19352 bytes left [ 275.131402][ T8430] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 275.252043][ T8424] vhci_hcd vhci_hcd.2: invalid port number 253 [ 275.331827][ T8424] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 279.238282][ T8476] FAULT_INJECTION: forcing a failure. [ 279.238282][ T8476] name failslab, interval 1, probability 0, space 0, times 0 [ 279.340335][ T8476] CPU: 0 UID: 0 PID: 8476 Comm: syz.1.498 Not tainted syzkaller #0 PREEMPT(full) [ 279.340358][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 279.340370][ T8476] Call Trace: [ 279.340375][ T8476] [ 279.340382][ T8476] dump_stack_lvl+0x100/0x190 [ 279.340409][ T8476] should_fail_ex.cold+0x5/0xa [ 279.340427][ T8476] ? __list_lru_init+0xd9/0x4b0 [ 279.340447][ T8476] should_failslab+0xc2/0x120 [ 279.340462][ T8476] __kmalloc_noprof+0xe0/0x850 [ 279.340483][ T8476] ? lockdep_init_map_type+0x5c/0x250 [ 279.340505][ T8476] __list_lru_init+0xd9/0x4b0 [ 279.340526][ T8476] alloc_super+0x8d8/0xd20 [ 279.340549][ T8476] ? __pfx_mqueue_fill_super+0x10/0x10 [ 279.340569][ T8476] sget_fc+0x117/0xc70 [ 279.340589][ T8476] ? __pfx_set_anon_super_fc+0x10/0x10 [ 279.340610][ T8476] ? __pfx_mqueue_fill_super+0x10/0x10 [ 279.340630][ T8476] get_tree_nodev+0x28/0x190 [ 279.340653][ T8476] mqueue_get_tree+0xf1/0x130 [ 279.340674][ T8476] vfs_get_tree+0x92/0x320 [ 279.340693][ T8476] fc_mount_longterm+0x1a/0x270 [ 279.340715][ T8476] mq_init_ns+0x482/0x820 [ 279.340730][ T8476] copy_ipcs+0x3dd/0x7e0 [ 279.340746][ T8476] create_new_namespaces+0x20a/0xac0 [ 279.340767][ T8476] ? security_capable+0x80/0x260 [ 279.340790][ T8476] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 279.340807][ T8476] ksys_unshare+0x473/0xad0 [ 279.340826][ T8476] ? __pfx_ksys_unshare+0x10/0x10 [ 279.340852][ T8476] __x64_sys_unshare+0x31/0x40 [ 279.340869][ T8476] do_syscall_64+0x106/0xf80 [ 279.340888][ T8476] ? clear_bhb_loop+0x40/0x90 [ 279.340906][ T8476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.340921][ T8476] RIP: 0033:0x7fc4f4f9c799 [ 279.340934][ T8476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 279.340947][ T8476] RSP: 002b:00007fc4f5e81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 279.340965][ T8476] RAX: ffffffffffffffda RBX: 00007fc4f5215fa0 RCX: 00007fc4f4f9c799 [ 279.340975][ T8476] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 279.340984][ T8476] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 279.340992][ T8476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 279.341000][ T8476] R13: 00007fc4f5216038 R14: 00007fc4f5215fa0 R15: 00007ffc9e40d708 [ 279.341019][ T8476] [ 283.254630][ T8523] bonding: no command found in bonding_masters - use +ifname or -ifname [ 283.661839][ T8534] vivid-007: ================= START STATUS ================= [ 283.855381][ T8534] vivid-007: Generate PTS: true [ 283.998635][ T8534] vivid-007: Generate SCR: true [ 284.112005][ T8534] tpg source WxH: 320x240 (Y'CbCr) [ 284.239627][ T8534] tpg field: 1 [ 284.342998][ T8534] tpg crop: (0,0)/320x240 [ 284.493197][ T8534] tpg compose: (0,0)/320x240 [ 284.533860][ T8534] tpg colorspace: 8 [ 284.576411][ T8534] tpg transfer function: 0/0 [ 284.581015][ T8534] tpg Y'CbCr encoding: 0/0 [ 284.632973][ T7894] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 284.772424][ T8534] tpg quantization: 0/0 [ 284.848919][ T8534] tpg RGB range: 0/2 [ 284.925718][ T8534] vivid-007: ================== END STATUS ================== [ 286.052070][ T8560] ima: policy update failed [ 286.142802][ T29] audit: type=1802 audit(1773547365.213:14): pid=8560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.512" res=0 errno=0 [ 288.103680][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 942 with max blocks 81 with error 117 [ 288.210744][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 288.210744][ T7321] [ 288.287753][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 2 with max blocks 10 with error 117 [ 288.465326][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 288.465326][ T7321] [ 288.534319][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 927 with max blocks 55 with error 117 [ 288.657646][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 288.657646][ T7321] [ 288.739215][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 913 with max blocks 109 with error 117 [ 288.872645][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 288.872645][ T7321] [ 289.644307][ T8614] GUP no longer grows the stack in syz.1.527 (8614): 14000-41000 (4000) [ 289.699462][ T8614] CPU: 0 UID: 0 PID: 8614 Comm: syz.1.527 Tainted: G L syzkaller #0 PREEMPT(full) [ 289.699490][ T8614] Tainted: [L]=SOFTLOCKUP [ 289.699495][ T8614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 289.699504][ T8614] Call Trace: [ 289.699509][ T8614] [ 289.699515][ T8614] dump_stack_lvl+0x100/0x190 [ 289.699542][ T8614] gup_vma_lookup.cold+0x83/0x96 [ 289.699564][ T8614] __get_user_pages+0x241/0x34d0 [ 289.699588][ T8614] ? down_read_killable+0x30e/0x4c0 [ 289.699610][ T8614] ? __lock_acquire+0x4a5/0x2630 [ 289.699628][ T8614] ? __pfx___get_user_pages+0x10/0x10 [ 289.699649][ T8614] __gup_longterm_locked+0x87d/0x16f0 [ 289.699671][ T8614] ? __pfx___gup_longterm_locked+0x10/0x10 [ 289.699689][ T8614] ? try_get_folio+0x262/0x750 [ 289.699703][ T8614] ? find_held_lock+0x2b/0x80 [ 289.699717][ T8614] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 289.699736][ T8614] gup_fast_fallback+0x18c6/0x2460 [ 289.699766][ T8614] ? __pfx_gup_fast_fallback+0x10/0x10 [ 289.699786][ T8614] ? __lock_acquire+0x4a5/0x2630 [ 289.699806][ T8614] ? is_bpf_text_address+0x94/0x1a0 [ 289.699831][ T8614] ? __kernel_text_address+0xd/0x30 [ 289.699856][ T8614] pin_user_pages_fast+0xa7/0xf0 [ 289.699873][ T8614] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 289.699892][ T8614] ? rcu_is_watching+0x12/0xc0 [ 289.699914][ T8614] iov_iter_extract_pages+0xa0d/0x1ef0 [ 289.699936][ T8614] ? __blkdev_direct_IO_simple+0x112/0x890 [ 289.699956][ T8614] ? kasan_save_stack+0x3f/0x50 [ 289.699976][ T8614] ? kasan_save_stack+0x30/0x50 [ 289.699996][ T8614] ? kasan_save_track+0x14/0x30 [ 289.700017][ T8614] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 289.700033][ T8614] ? blkdev_direct_IO+0xc76/0x1fb0 [ 289.700051][ T8614] ? blkdev_write_iter+0x703/0xd70 [ 289.700070][ T8614] ? vfs_write+0x6ac/0x1070 [ 289.700093][ T8614] ? __lock_acquire+0x4a5/0x2630 [ 289.700114][ T8614] iov_iter_extract_bvecs+0x10e/0xf40 [ 289.700135][ T8614] ? find_held_lock+0x2b/0x80 [ 289.700148][ T8614] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 289.700168][ T8614] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 289.700187][ T8614] ? bio_associate_blkg_from_css+0x550/0x13f0 [ 289.700210][ T8614] bio_iov_iter_get_pages+0x26a/0x970 [ 289.700232][ T8614] __blkdev_direct_IO_simple+0x3a7/0x890 [ 289.700256][ T8614] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 289.700292][ T8614] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 289.700309][ T8614] ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300 [ 289.700331][ T8614] blkdev_direct_IO+0xc76/0x1fb0 [ 289.700359][ T8614] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 289.700378][ T8614] ? rcu_is_watching+0x12/0xc0 [ 289.700398][ T8614] ? __mark_inode_dirty+0x55c/0x1790 [ 289.700419][ T8614] ? filemap_check_errors+0xa9/0x150 [ 289.700439][ T8614] blkdev_write_iter+0x703/0xd70 [ 289.700463][ T8614] vfs_write+0x6ac/0x1070 [ 289.700485][ T8614] ? __pfx_blkdev_write_iter+0x10/0x10 [ 289.700506][ T8614] ? __pfx_vfs_write+0x10/0x10 [ 289.700526][ T8614] ? find_held_lock+0x2b/0x80 [ 289.700551][ T8614] ksys_write+0x12a/0x250 [ 289.700564][ T8614] ? __pfx_ksys_write+0x10/0x10 [ 289.700583][ T8614] do_syscall_64+0x106/0xf80 [ 289.700602][ T8614] ? clear_bhb_loop+0x40/0x90 [ 289.700620][ T8614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.700635][ T8614] RIP: 0033:0x7fc4f4f9c799 [ 289.700649][ T8614] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.700663][ T8614] RSP: 002b:00007fc4f5e81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 289.700678][ T8614] RAX: ffffffffffffffda RBX: 00007fc4f5215fa0 RCX: 00007fc4f4f9c799 [ 289.700687][ T8614] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000004 [ 289.700696][ T8614] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 289.700704][ T8614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.700713][ T8614] R13: 00007fc4f5216038 R14: 00007fc4f5215fa0 R15: 00007ffc9e40d708 [ 289.700733][ T8614] [ 291.401234][ T8647] FAULT_INJECTION: forcing a failure. [ 291.401234][ T8647] name failslab, interval 1, probability 0, space 0, times 0 [ 291.489567][ T8647] CPU: 0 UID: 0 PID: 8647 Comm: syz.3.525 Tainted: G L syzkaller #0 PREEMPT(full) [ 291.489592][ T8647] Tainted: [L]=SOFTLOCKUP [ 291.489597][ T8647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 291.489605][ T8647] Call Trace: [ 291.489610][ T8647] [ 291.489616][ T8647] dump_stack_lvl+0x100/0x190 [ 291.489640][ T8647] should_fail_ex.cold+0x5/0xa [ 291.489658][ T8647] should_failslab+0xc2/0x120 [ 291.489673][ T8647] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 291.489695][ T8647] ? register_pidns_sysctls+0x48/0x1c0 [ 291.489713][ T8647] ? rcu_is_watching+0x12/0xc0 [ 291.489736][ T8647] kmemdup_noprof+0x29/0x60 [ 291.489758][ T8647] register_pidns_sysctls+0x48/0x1c0 [ 291.489775][ T8647] ? __ns_common_init+0x299/0x4b0 [ 291.489792][ T8647] copy_pid_ns+0x680/0x10a0 [ 291.489809][ T8647] ? __pfx_copy_pid_ns+0x10/0x10 [ 291.489825][ T8647] ? rcu_is_watching+0x12/0xc0 [ 291.489845][ T8647] ? copy_mnt_ns+0x106/0xc30 [ 291.489860][ T8647] ? create_new_namespaces+0x30/0xac0 [ 291.489877][ T8647] create_new_namespaces+0x2aa/0xac0 [ 291.489895][ T8647] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 291.489912][ T8647] ksys_unshare+0x473/0xad0 [ 291.489929][ T8647] ? __pfx_ksys_unshare+0x10/0x10 [ 291.489952][ T8647] __x64_sys_unshare+0x31/0x40 [ 291.489968][ T8647] do_syscall_64+0x106/0xf80 [ 291.489987][ T8647] ? clear_bhb_loop+0x40/0x90 [ 291.490003][ T8647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.490025][ T8647] RIP: 0033:0x7f3af459c799 [ 291.490037][ T8647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 291.490050][ T8647] RSP: 002b:00007f3af5444028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 291.490064][ T8647] RAX: ffffffffffffffda RBX: 00007f3af4815fa0 RCX: 00007f3af459c799 [ 291.490073][ T8647] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 291.490081][ T8647] RBP: 00007f3af4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 291.490089][ T8647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 291.490096][ T8647] R13: 00007f3af4816038 R14: 00007f3af4815fa0 R15: 00007fff9bfedc58 [ 291.490114][ T8647] [ 294.155847][ T8672] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 294.161862][ T8672] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 294.393138][ T8672] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 294.695970][ T8672] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 294.720961][ T8672] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 296.186540][ T7894] Bluetooth: hci1: command 0x0c1a tx timeout [ 296.192599][ T7894] Bluetooth: hci0: command 0x0c1a tx timeout [ 296.742975][ T7894] Bluetooth: hci2: command 0x0c1a tx timeout [ 296.743015][ T7894] Bluetooth: hci3: command 0x0c1a tx timeout [ 297.033741][ T8717] vivid-001: ================= START STATUS ================= [ 297.033771][ T8717] vivid-001: Radio HW Seek Mode: Bounded [ 297.033793][ T8717] vivid-001: Radio Programmable HW Seek: false [ 297.033809][ T8717] vivid-001: RDS Rx I/O Mode: Block I/O [ 297.033825][ T8717] vivid-001: Generate RBDS Instead of RDS: false [ 297.033841][ T8717] vivid-001: RDS Reception: true [ 297.033857][ T8717] vivid-001: RDS Program Type: 0 inactive [ 297.033876][ T8717] vivid-001: RDS PS Name: inactive [ 297.033895][ T8717] vivid-001: RDS Radio Text: inactive [ 297.033913][ T8717] vivid-001: RDS Traffic Announcement: false inactive [ 297.033933][ T8717] vivid-001: RDS Traffic Program: false inactive [ 297.033952][ T8717] vivid-001: RDS Music: false inactive [ 297.033970][ T8717] vivid-001: ================== END STATUS ================== [ 298.264852][ T6766] Bluetooth: hci1: command 0x0c1a tx timeout [ 298.462021][ T8727] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.536: iget: checksum invalid [ 298.739737][ T8727] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 298.809933][ T8742] FAULT_INJECTION: forcing a failure. [ 298.809933][ T8742] name failslab, interval 1, probability 0, space 0, times 0 [ 298.841733][ T6766] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 298.853977][ T6766] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 298.862902][ T6766] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0' [ 298.872321][ T6766] CPU: 0 UID: 0 PID: 6766 Comm: kworker/u11:0 Tainted: G L syzkaller #0 PREEMPT(full) [ 298.872347][ T6766] Tainted: [L]=SOFTLOCKUP [ 298.872352][ T6766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 298.872370][ T6766] Workqueue: hci2 hci_rx_work [ 298.872393][ T6766] Call Trace: [ 298.872399][ T6766] [ 298.872406][ T6766] dump_stack_lvl+0x100/0x190 [ 298.872432][ T6766] sysfs_warn_dup.cold+0x1c/0x28 [ 298.872453][ T6766] sysfs_create_dir_ns+0x24b/0x2b0 [ 298.872475][ T6766] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 298.872493][ T6766] ? find_held_lock+0x2b/0x80 [ 298.872507][ T6766] ? kobject_add_internal+0x25f/0x930 [ 298.872529][ T6766] ? kobject_add_internal+0x25f/0x930 [ 298.872553][ T6766] ? do_raw_spin_unlock+0x145/0x1e0 [ 298.872574][ T6766] kobject_add_internal+0x2c8/0x930 [ 298.872599][ T6766] kobject_add+0x16a/0x1e0 [ 298.872612][ T6766] ? __pfx_kobject_add+0x10/0x10 [ 298.872625][ T6766] ? class_to_subsys+0x10f/0x150 [ 298.872645][ T6766] ? kobject_put+0xb9/0x640 [ 298.872665][ T6766] ? _raw_spin_unlock+0x28/0x50 [ 298.872687][ T6766] device_add+0x294/0x1950 [ 298.872703][ T6766] ? __pfx_dev_set_name+0x10/0x10 [ 298.872724][ T6766] ? __pfx_device_add+0x10/0x10 [ 298.872740][ T6766] ? mgmt_send_event_skb+0x2fb/0x460 [ 298.872763][ T6766] hci_conn_add_sysfs+0x1a3/0x260 [ 298.872783][ T6766] le_conn_complete_evt+0x11cb/0x1f40 [ 298.872805][ T6766] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 298.872824][ T6766] ? __pfx_bt_warn+0x10/0x10 [ 298.872845][ T6766] hci_le_conn_complete_evt+0x23c/0x3a0 [ 298.872863][ T6766] ? skb_pull_data+0x15f/0x1e0 [ 298.872881][ T6766] hci_le_meta_evt+0x34a/0x5f0 [ 298.872899][ T6766] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 298.872919][ T6766] hci_event_packet+0x682/0x11c0 [ 298.872936][ T6766] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 298.872956][ T6766] ? __pfx_hci_event_packet+0x10/0x10 [ 298.872975][ T6766] ? kcov_remote_start+0x374/0x660 [ 298.872989][ T6766] ? lockdep_hardirqs_on+0x78/0x100 [ 298.873013][ T6766] hci_rx_work+0x451/0xfc0 [ 298.873033][ T6766] process_one_work+0xa23/0x19a0 [ 298.873061][ T6766] ? __pfx_process_one_work+0x10/0x10 [ 298.873086][ T6766] ? __pfx_hci_rx_work+0x10/0x10 [ 298.873105][ T6766] worker_thread+0x5ef/0xe50 [ 298.873131][ T6766] ? kthread+0x13a/0x450 [ 298.873148][ T6766] ? __pfx_worker_thread+0x10/0x10 [ 298.873166][ T6766] kthread+0x370/0x450 [ 298.873183][ T6766] ? __pfx_kthread+0x10/0x10 [ 298.873202][ T6766] ret_from_fork+0x754/0xd80 [ 298.873224][ T6766] ? __pfx_ret_from_fork+0x10/0x10 [ 298.873245][ T6766] ? __switch_to+0x7b4/0x1120 [ 298.873261][ T6766] ? __pfx_kthread+0x10/0x10 [ 298.873280][ T6766] ret_from_fork_asm+0x1a/0x30 [ 298.873305][ T6766] [ 299.228560][ T8727] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.536: iget: checksum invalid [ 299.239680][ T8727] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 299.250127][ T8727] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.536: iget: checksum invalid [ 299.261177][ T8727] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 299.271710][ T8727] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.536: iget: checksum invalid [ 299.282788][ T8727] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 299.292239][ T8727] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 299.302772][ T8727] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 299.477630][ T6766] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 299.491666][ T6766] Bluetooth: hci2: failed to register connection device [ 299.525595][ T8742] CPU: 0 UID: 0 PID: 8742 Comm: syz.1.538 Tainted: G L syzkaller #0 PREEMPT(full) [ 299.525623][ T8742] Tainted: [L]=SOFTLOCKUP [ 299.525628][ T8742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 299.525636][ T8742] Call Trace: [ 299.525642][ T8742] [ 299.525649][ T8742] dump_stack_lvl+0x100/0x190 [ 299.525676][ T8742] should_fail_ex.cold+0x5/0xa [ 299.525694][ T8742] should_failslab+0xc2/0x120 [ 299.525711][ T8742] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 299.525733][ T8742] ? __d_alloc+0x34/0xa80 [ 299.525753][ T8742] __d_alloc+0x34/0xa80 [ 299.525771][ T8742] d_alloc_pseudo+0x1c/0xc0 [ 299.525791][ T8742] alloc_file_pseudo+0xcf/0x230 [ 299.525809][ T8742] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 299.525832][ T8742] __shmem_file_setup+0x221/0x490 [ 299.525852][ T8742] ? __pfx___shmem_file_setup+0x10/0x10 [ 299.525874][ T8742] ? vm_area_alloc+0x1f/0x160 [ 299.525894][ T8742] shmem_zero_setup+0x96/0x1b0 [ 299.525917][ T8742] __mmap_region+0x2198/0x29e0 [ 299.525940][ T8742] ? __pfx___mmap_region+0x10/0x10 [ 299.525980][ T8742] ? sched_clock+0x38/0x60 [ 299.526007][ T8742] ? lockdep_hardirqs_on+0x78/0x100 [ 299.526027][ T8742] ? finish_task_switch.isra.0+0x205/0xb80 [ 299.526043][ T8742] ? rcu_is_watching+0x12/0xc0 [ 299.526087][ T8742] ? rcu_is_watching+0x12/0xc0 [ 299.526108][ T8742] ? cap_capable+0x107/0x460 [ 299.526133][ T8742] mmap_region+0x180/0x3e0 [ 299.526156][ T8742] do_mmap+0xc63/0x12f0 [ 299.526178][ T8742] ? __pfx_do_mmap+0x10/0x10 [ 299.526194][ T8742] ? __pfx_down_write_killable+0x10/0x10 [ 299.526219][ T8742] vm_mmap_pgoff+0x29e/0x470 [ 299.526253][ T8742] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 299.526271][ T8742] ? do_futex+0x192/0x350 [ 299.526291][ T8742] ? __pfx_do_futex+0x10/0x10 [ 299.526313][ T8742] ksys_mmap_pgoff+0xe1/0x650 [ 299.526329][ T8742] ? __x64_sys_futex+0x34f/0x4d0 [ 299.526345][ T8742] ? __x64_sys_futex+0x358/0x4d0 [ 299.526370][ T8742] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 299.526386][ T8742] ? xfd_validate_state+0x129/0x190 [ 299.526411][ T8742] __x64_sys_mmap+0x125/0x190 [ 299.526434][ T8742] do_syscall_64+0x106/0xf80 [ 299.526454][ T8742] ? clear_bhb_loop+0x40/0x90 [ 299.526472][ T8742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.526487][ T8742] RIP: 0033:0x7fc4f4f9c799 [ 299.526504][ T8742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 299.526518][ T8742] RSP: 002b:00007fc4f5e81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 299.526532][ T8742] RAX: ffffffffffffffda RBX: 00007fc4f5215fa0 RCX: 00007fc4f4f9c799 [ 299.526542][ T8742] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 299.526551][ T8742] RBP: 00007fc4f5032c99 R08: fffffffffffffffa R09: 0000000000008000 [ 299.526560][ T8742] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 299.526569][ T8742] R13: 00007fc4f5216038 R14: 00007fc4f5215fa0 R15: 00007ffc9e40d708 [ 299.526589][ T8742] [ 301.549633][ T8745] Bluetooth: hci2: command 0x0c1a tx timeout [ 303.623012][ T7894] Bluetooth: hci2: command 0x0c1a tx timeout [ 306.374919][ T8765] kexec: Could not allocate control_code_buffer [ 306.489520][ T8787] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 306.637020][ T8787] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 306.729691][ T8792] vivid-007: ================= START STATUS ================= [ 306.761972][ T8787] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 306.802049][ T8792] vivid-007: Generate PTS: true [ 306.851751][ T8792] vivid-007: Generate SCR: true [ 306.893989][ T8792] tpg source WxH: 320x240 (Y'CbCr) [ 306.899114][ T8792] tpg field: 1 [ 306.902463][ T8792] tpg crop: (0,0)/320x240 [ 307.093033][ T8792] tpg compose: (0,0)/320x240 [ 307.097645][ T8792] tpg colorspace: 8 [ 307.101431][ T8792] tpg transfer function: 0/0 [ 307.363088][ T8792] tpg Y'CbCr encoding: 0/0 [ 307.367607][ T8792] tpg quantization: 0/0 [ 307.371739][ T8792] tpg RGB range: 0/2 [ 307.544096][ T8745] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 307.557919][ T8745] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 307.566186][ T8745] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 307.573976][ T8745] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 307.581559][ T8745] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 307.814221][ T8792] vivid-007: ================== END STATUS ================== [ 307.960794][ T8804] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 935 with max blocks 47 with error 117 [ 308.207835][ T8804] EXT4-fs (sda1): This should not happen!! Data will be lost [ 308.207835][ T8804] [ 308.723711][ T8820] FAULT_INJECTION: forcing a failure. [ 308.723711][ T8820] name failslab, interval 1, probability 0, space 0, times 0 [ 308.839012][ T8820] CPU: 0 UID: 0 PID: 8820 Comm: syz.0.548 Tainted: G L syzkaller #0 PREEMPT(full) [ 308.839038][ T8820] Tainted: [L]=SOFTLOCKUP [ 308.839044][ T8820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 308.839053][ T8820] Call Trace: [ 308.839058][ T8820] [ 308.839064][ T8820] dump_stack_lvl+0x100/0x190 [ 308.839091][ T8820] should_fail_ex.cold+0x5/0xa [ 308.839109][ T8820] should_failslab+0xc2/0x120 [ 308.839125][ T8820] __kmalloc_cache_noprof+0x7a/0x6f0 [ 308.839143][ T8820] ? __debugfs_file_get+0x2ac/0x860 [ 308.839167][ T8820] __debugfs_file_get+0x2ac/0x860 [ 308.839186][ T8820] ? __pfx___debugfs_file_get+0x10/0x10 [ 308.839206][ T8820] ? __pfx_apparmor_file_open+0x10/0x10 [ 308.839228][ T8820] ? path_get+0x61/0x80 [ 308.839246][ T8820] full_proxy_open_regular+0x4f/0x370 [ 308.839269][ T8820] do_dentry_open+0x6d8/0x1660 [ 308.839282][ T8820] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 308.839308][ T8820] vfs_open+0x82/0x3f0 [ 308.839327][ T8820] path_openat+0x208c/0x31a0 [ 308.839348][ T8820] ? __pfx_path_openat+0x10/0x10 [ 308.839369][ T8820] do_file_open+0x20e/0x430 [ 308.839393][ T8820] ? __pfx_do_file_open+0x10/0x10 [ 308.839422][ T8820] ? alloc_fd+0x476/0x790 [ 308.839439][ T8820] ? do_getname+0x191/0x390 [ 308.839458][ T8820] do_sys_openat2+0x10d/0x1e0 [ 308.839478][ T8820] ? __pfx_do_sys_openat2+0x10/0x10 [ 308.839503][ T8820] __x64_sys_openat+0x12d/0x210 [ 308.839521][ T8820] ? __pfx___x64_sys_openat+0x10/0x10 [ 308.839547][ T8820] do_syscall_64+0x106/0xf80 [ 308.839565][ T8820] ? clear_bhb_loop+0x40/0x90 [ 308.839583][ T8820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.839597][ T8820] RIP: 0033:0x7f20eb79c799 [ 308.839611][ T8820] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 308.839624][ T8820] RSP: 002b:00007f20ec5da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 308.839638][ T8820] RAX: ffffffffffffffda RBX: 00007f20eba15fa0 RCX: 00007f20eb79c799 [ 308.839648][ T8820] RDX: 0000000000000040 RSI: 0000200000001100 RDI: ffffffffffffff9c [ 308.839656][ T8820] RBP: 00007f20eb832c99 R08: 0000000000000000 R09: 0000000000000000 [ 308.839665][ T8820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.839673][ T8820] R13: 00007f20eba16038 R14: 00007f20eba15fa0 R15: 00007ffc40d56a08 [ 308.839692][ T8820] [ 309.085427][ T8820] overlayfs: missing 'lowerdir' [ 309.799415][ T8745] Bluetooth: hci4: command tx timeout [ 310.579338][ T8807] chnl_net:caif_netlink_parms(): no params data found [ 310.890437][ T8852] FAULT_INJECTION: forcing a failure. [ 310.890437][ T8852] name failslab, interval 1, probability 0, space 0, times 0 [ 311.050505][ T8852] CPU: 0 UID: 0 PID: 8852 Comm: syz.0.551 Tainted: G L syzkaller #0 PREEMPT(full) [ 311.050532][ T8852] Tainted: [L]=SOFTLOCKUP [ 311.050537][ T8852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 311.050546][ T8852] Call Trace: [ 311.050551][ T8852] [ 311.050558][ T8852] dump_stack_lvl+0x100/0x190 [ 311.050583][ T8852] should_fail_ex.cold+0x5/0xa [ 311.050601][ T8852] should_failslab+0xc2/0x120 [ 311.050617][ T8852] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 311.050638][ T8852] ? __kernfs_new_node+0xd2/0x960 [ 311.050661][ T8852] __kernfs_new_node+0xd2/0x960 [ 311.050683][ T8852] ? __pfx___kernfs_new_node+0x10/0x10 [ 311.050714][ T8852] ? find_held_lock+0x2b/0x80 [ 311.050727][ T8852] ? kernfs_root+0xee/0x2a0 [ 311.050746][ T8852] ? kernfs_root+0xee/0x2a0 [ 311.050770][ T8852] kernfs_new_node+0x11b/0x1a0 [ 311.050796][ T8852] __kernfs_create_file+0x53/0x350 [ 311.050815][ T8852] sysfs_add_file_mode_ns+0x207/0x3c0 [ 311.050839][ T8852] internal_create_group+0x593/0xf40 [ 311.050864][ T8852] ? __pfx_internal_create_group+0x10/0x10 [ 311.050888][ T8852] ? kernfs_create_link+0x1bd/0x240 [ 311.050906][ T8852] internal_create_groups+0x9d/0x150 [ 311.050929][ T8852] device_add+0x77a/0x1950 [ 311.050947][ T8852] ? __pfx_device_add+0x10/0x10 [ 311.050970][ T8852] input_register_device+0x7d2/0xe20 [ 311.050995][ T8852] uinput_ioctl_handler.isra.0+0x8d8/0x1d10 [ 311.051012][ T8852] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 311.051033][ T8852] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 311.051055][ T8852] ? find_held_lock+0x2b/0x80 [ 311.051068][ T8852] ? __fget_files+0x215/0x3d0 [ 311.051090][ T8852] ? __pfx_uinput_ioctl+0x10/0x10 [ 311.051107][ T8852] __x64_sys_ioctl+0x18e/0x210 [ 311.051128][ T8852] do_syscall_64+0x106/0xf80 [ 311.051147][ T8852] ? clear_bhb_loop+0x40/0x90 [ 311.051165][ T8852] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.051180][ T8852] RIP: 0033:0x7f20eb79c799 [ 311.051192][ T8852] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 311.051206][ T8852] RSP: 002b:00007f20ec5da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 311.051220][ T8852] RAX: ffffffffffffffda RBX: 00007f20eba15fa0 RCX: 00007f20eb79c799 [ 311.051229][ T8852] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006 [ 311.051238][ T8852] RBP: 00007f20eb832c99 R08: 0000000000000000 R09: 0000000000000000 [ 311.051246][ T8852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 311.051254][ T8852] R13: 00007f20eba16038 R14: 00007f20eba15fa0 R15: 00007ffc40d56a08 [ 311.051274][ T8852] [ 311.906537][ T8807] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.934805][ T7894] Bluetooth: hci4: command tx timeout [ 311.962949][ T8807] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.970302][ T8807] bridge_slave_0: entered allmulticast mode [ 311.995165][ T8807] bridge_slave_0: entered promiscuous mode [ 312.027846][ T8807] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.065946][ T8807] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.106779][ T8807] bridge_slave_1: entered allmulticast mode [ 312.144214][ T8807] bridge_slave_1: entered promiscuous mode [ 312.315751][ T8807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 312.379537][ T8807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 312.517158][ T8807] team0: Port device team_slave_0 added [ 312.585478][ T8807] team0: Port device team_slave_1 added [ 312.705533][ T8807] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 312.744908][ T8807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 312.991613][ T8807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 313.088223][ T8807] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 313.164479][ T8807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 313.392307][ T8807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 313.944066][ T8745] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 313.951563][ T8745] Bluetooth: hci4: command tx timeout [ 314.427775][ T8807] hsr_slave_0: entered promiscuous mode [ 314.477354][ T8807] hsr_slave_1: entered promiscuous mode [ 314.535211][ T8807] debugfs: 'hsr0' already exists in 'hsr' [ 314.601722][ T8807] Cannot create hsr debugfs directory [ 316.023118][ T8745] Bluetooth: hci4: command tx timeout [ 316.153161][ T8897] netlink: 338 bytes leftover after parsing attributes in process `syz.1.559'. [ 316.500116][ T8899] sg_write: data in/out 1886744398/84 bytes for SCSI command 0x72-- guessing data in; [ 316.500116][ T8899] program syz.1.560 not setting count and/or reply_len properly [ 316.780349][ T8807] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 316.841751][ T8807] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 317.001930][ T8807] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 317.157773][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.164177][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.263033][ T8807] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 317.645524][ T8915] FAULT_INJECTION: forcing a failure. [ 317.645524][ T8915] name failslab, interval 1, probability 0, space 0, times 0 [ 317.737145][ T8915] CPU: 0 UID: 0 PID: 8915 Comm: syz.1.570 Tainted: G L syzkaller #0 PREEMPT(full) [ 317.737171][ T8915] Tainted: [L]=SOFTLOCKUP [ 317.737176][ T8915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 317.737185][ T8915] Call Trace: [ 317.737191][ T8915] [ 317.737198][ T8915] dump_stack_lvl+0x100/0x190 [ 317.737226][ T8915] should_fail_ex.cold+0x5/0xa [ 317.737244][ T8915] should_failslab+0xc2/0x120 [ 317.737260][ T8915] __kmalloc_cache_noprof+0x7a/0x6f0 [ 317.737280][ T8915] ? kvm_dev_ioctl+0x1320/0x1a50 [ 317.737300][ T8915] kvm_dev_ioctl+0x1320/0x1a50 [ 317.737322][ T8915] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 317.737340][ T8915] ? xfd_validate_state+0x129/0x190 [ 317.737361][ T8915] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 317.737378][ T8915] __x64_sys_ioctl+0x18e/0x210 [ 317.737400][ T8915] do_syscall_64+0x106/0xf80 [ 317.737420][ T8915] ? clear_bhb_loop+0x40/0x90 [ 317.737437][ T8915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.737452][ T8915] RIP: 0033:0x7fc4f4f9c799 [ 317.737465][ T8915] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 317.737479][ T8915] RSP: 002b:00007fc4f5e81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 317.737493][ T8915] RAX: ffffffffffffffda RBX: 00007fc4f5215fa0 RCX: 00007fc4f4f9c799 [ 317.737503][ T8915] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002 [ 317.737511][ T8915] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 317.737519][ T8915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.737527][ T8915] R13: 00007fc4f5216038 R14: 00007fc4f5215fa0 R15: 00007ffc9e40d708 [ 317.737546][ T8915] [ 319.703553][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 974 with max blocks 1 with error 117 [ 319.812940][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 319.812940][ T7323] [ 319.864755][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 941 with max blocks 41 with error 117 [ 319.962785][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 319.962785][ T7323] [ 320.044519][ T8807] 8021q: adding VLAN 0 to HW filter on device bond0 [ 320.077951][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 975 with max blocks 2 with error 117 [ 320.198577][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 320.198577][ T7323] [ 321.130159][ T8807] 8021q: adding VLAN 0 to HW filter on device team0 [ 321.365345][ T6817] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.372468][ T6817] bridge0: port 1(bridge_slave_0) entered forwarding state [ 321.426996][ T6817] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.434154][ T6817] bridge0: port 2(bridge_slave_1) entered forwarding state [ 322.149000][ T8807] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 322.975613][ T8807] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 324.044957][ T8977] sctp: [Deprecated]: syz.2.572 (pid 8977) Use of struct sctp_assoc_value in delayed_ack socket option. [ 324.044957][ T8977] Use struct sctp_sack_info instead [ 324.148820][ T8807] veth0_vlan: entered promiscuous mode [ 324.235885][ T8807] veth1_vlan: entered promiscuous mode [ 324.414756][ T8807] veth0_macvtap: entered promiscuous mode [ 324.608184][ T8807] veth1_macvtap: entered promiscuous mode [ 324.855605][ T8807] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 324.935549][ T8990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.575'. [ 325.165237][ T8807] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 325.288299][ T7321] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.362897][ T7321] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.821635][ T7321] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.892948][ T7321] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.705067][ T8994] bond0: no command found in slaves file - use +ifname or -ifname [ 327.361304][ T7311] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.435246][ T7311] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 328.256645][ T7314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 328.312931][ T7314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 328.858740][ T9005] netlink: 28 bytes leftover after parsing attributes in process `syz.4.544'. [ 329.002152][ T9004] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 1014 with max blocks 9 with error 117 [ 329.177199][ T9005] ipvlan0: entered promiscuous mode [ 329.257896][ T9004] EXT4-fs (sda1): This should not happen!! Data will be lost [ 329.257896][ T9004] [ 329.345045][ T9005] ipvlan0: entered allmulticast mode [ 329.372525][ T9005] veth0_vlan: entered allmulticast mode [ 329.432763][ T9019] netlink: 342 bytes leftover after parsing attributes in process `syz.0.577'. [ 330.193744][ T9027] FAULT_INJECTION: forcing a failure. [ 330.193744][ T9027] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 330.476653][ T9027] CPU: 0 UID: 0 PID: 9027 Comm: syz.1.581 Tainted: G L syzkaller #0 PREEMPT(full) [ 330.476678][ T9027] Tainted: [L]=SOFTLOCKUP [ 330.476682][ T9027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 330.476690][ T9027] Call Trace: [ 330.476695][ T9027] [ 330.476701][ T9027] dump_stack_lvl+0x100/0x190 [ 330.476726][ T9027] should_fail_ex.cold+0x5/0xa [ 330.476740][ T9027] ? prepare_alloc_pages+0x16d/0x5f0 [ 330.476758][ T9027] should_fail_alloc_page+0xeb/0x140 [ 330.476774][ T9027] prepare_alloc_pages+0x1f0/0x5f0 [ 330.476788][ T9027] ? rcu_is_watching+0x12/0xc0 [ 330.476811][ T9027] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 330.476831][ T9027] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 330.476851][ T9027] ? __pfx_css_rstat_updated+0x10/0x10 [ 330.476873][ T9027] ? find_held_lock+0x2b/0x80 [ 330.476886][ T9027] ? rcu_read_unlock+0x17/0x60 [ 330.476901][ T9027] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 330.476920][ T9027] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 330.476938][ T9027] ? page_counter_charge+0x1d2/0x240 [ 330.476966][ T9027] ? rcu_is_watching+0x12/0xc0 [ 330.476985][ T9027] ? trace_mm_page_alloc+0x17a/0x1d0 [ 330.477007][ T9027] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 330.477030][ T9027] ? policy_nodemask+0xed/0x4f0 [ 330.477046][ T9027] alloc_pages_mpol+0x1fb/0x550 [ 330.477061][ T9027] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 330.477075][ T9027] ? do_raw_spin_lock+0x128/0x260 [ 330.477094][ T9027] ? find_held_lock+0x2b/0x80 [ 330.477106][ T9027] ? __pud_alloc+0x529/0x6e0 [ 330.477123][ T9027] alloc_pages_noprof+0x131/0x390 [ 330.477138][ T9027] __pmd_alloc+0x3b/0x950 [ 330.477152][ T9027] ? __pud_alloc+0x52e/0x6e0 [ 330.477168][ T9027] walk_to_pmd+0x3a3/0x4c0 [ 330.477185][ T9027] get_locked_pte+0x25/0xc0 [ 330.477201][ T9027] map_ldt_struct+0x3c1/0xa70 [ 330.477219][ T9027] ? __pfx_map_ldt_struct+0x10/0x10 [ 330.477233][ T9027] ? alloc_pages_noprof+0x233/0x390 [ 330.477251][ T9027] write_ldt+0x6d3/0xd40 [ 330.477267][ T9027] ? __pfx_write_ldt+0x10/0x10 [ 330.477281][ T9027] ? xfd_validate_state+0x129/0x190 [ 330.477311][ T9027] __x64_sys_modify_ldt+0xb1/0x170 [ 330.477325][ T9027] do_syscall_64+0x106/0xf80 [ 330.477343][ T9027] ? clear_bhb_loop+0x40/0x90 [ 330.477360][ T9027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.477374][ T9027] RIP: 0033:0x7fc4f4f9c799 [ 330.477386][ T9027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 330.477399][ T9027] RSP: 002b:00007fc4f5e3f028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 330.477412][ T9027] RAX: ffffffffffffffda RBX: 00007fc4f5216180 RCX: 00007fc4f4f9c799 [ 330.477421][ T9027] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 330.477429][ T9027] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 330.477437][ T9027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.477445][ T9027] R13: 00007fc4f5216218 R14: 00007fc4f5216180 R15: 00007ffc9e40d708 [ 330.477463][ T9027] [ 332.424534][ T29] audit: type=1800 audit(1773547411.483:15): pid=9051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=176139 res=0 errno=0 [ 333.348946][ T9062] FAULT_INJECTION: forcing a failure. [ 333.348946][ T9062] name failslab, interval 1, probability 0, space 0, times 0 [ 333.522933][ T9062] CPU: 0 UID: 0 PID: 9062 Comm: syz.0.587 Tainted: G L syzkaller #0 PREEMPT(full) [ 333.522959][ T9062] Tainted: [L]=SOFTLOCKUP [ 333.522964][ T9062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 333.522991][ T9062] Call Trace: [ 333.522996][ T9062] [ 333.523002][ T9062] dump_stack_lvl+0x100/0x190 [ 333.523027][ T9062] should_fail_ex.cold+0x5/0xa [ 333.523044][ T9062] should_failslab+0xc2/0x120 [ 333.523059][ T9062] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 333.523080][ T9062] ? shmem_alloc_inode+0x25/0x50 [ 333.523097][ T9062] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 333.523114][ T9062] shmem_alloc_inode+0x25/0x50 [ 333.523128][ T9062] alloc_inode+0x68/0x250 [ 333.523145][ T9062] new_inode+0x22/0x1c0 [ 333.523164][ T9062] shmem_get_inode+0x212/0x1040 [ 333.523184][ T9062] ? __pfx_shmem_get_inode+0x10/0x10 [ 333.523207][ T9062] __shmem_file_setup+0x184/0x490 [ 333.523226][ T9062] ? __pfx___shmem_file_setup+0x10/0x10 [ 333.523244][ T9062] ? do_raw_spin_lock+0x128/0x260 [ 333.523264][ T9062] ? find_held_lock+0x2b/0x80 [ 333.523276][ T9062] ? alloc_fd+0x476/0x790 [ 333.523288][ T9062] ? alloc_fd+0x476/0x790 [ 333.523302][ T9062] memfd_alloc_file+0x247/0x620 [ 333.523321][ T9062] ? _raw_spin_unlock+0x28/0x50 [ 333.523338][ T9062] ? __pfx_memfd_alloc_file+0x10/0x10 [ 333.523361][ T9062] __do_sys_memfd_create+0x236/0x3d0 [ 333.523380][ T9062] do_syscall_64+0x106/0xf80 [ 333.523398][ T9062] ? clear_bhb_loop+0x40/0x90 [ 333.523415][ T9062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.523430][ T9062] RIP: 0033:0x7f20eb79c799 [ 333.523442][ T9062] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 333.523455][ T9062] RSP: 002b:00007f20ec5da028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 333.523469][ T9062] RAX: ffffffffffffffda RBX: 00007f20eba15fa0 RCX: 00007f20eb79c799 [ 333.523478][ T9062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 333.523487][ T9062] RBP: 00007f20eb832c99 R08: 0000000000000000 R09: 0000000000000000 [ 333.523495][ T9062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.523503][ T9062] R13: 00007f20eba16038 R14: 00007f20eba15fa0 R15: 00007ffc40d56a08 [ 333.523521][ T9062] [ 334.386330][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 974 with max blocks 49 with error 117 [ 334.492727][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 334.492727][ T7315] [ 334.548560][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 955 with max blocks 27 with error 117 [ 334.643778][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 334.643778][ T7315] [ 334.704203][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 975 with max blocks 47 with error 117 [ 334.763669][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 334.763669][ T7315] [ 334.882358][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 1405 with max blocks 30 with error 117 [ 334.959444][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 334.959444][ T7315] [ 335.017999][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1386 with max blocks 79 with error 117 [ 335.095789][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 335.095789][ T7315] [ 336.801943][ T9096] netlink: 330 bytes leftover after parsing attributes in process `syz.2.594'. [ 339.463696][ T7314] EXT4-fs: 2 callbacks suppressed [ 339.463712][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 954 with max blocks 20 with error 117 [ 339.628860][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 339.628860][ T7314] [ 339.695638][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 942 with max blocks 13 with error 117 [ 339.776862][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 339.776862][ T7314] [ 339.859515][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 970 with max blocks 52 with error 117 [ 339.940389][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 339.940389][ T7314] [ 340.064881][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 1395 with max blocks 40 with error 117 [ 340.168368][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 340.168368][ T7314] [ 340.259663][ T7314] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 965 with max blocks 12 with error 117 [ 340.348200][ T7314] EXT4-fs (sda1): This should not happen!! Data will be lost [ 340.348200][ T7314] [ 340.574902][ T9128] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 340.619565][ T9128] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 340.677625][ T9128] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 340.709198][ T9128] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 340.776833][ T9128] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 340.801211][ T9128] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 340.861826][ T9128] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 341.063526][ T8745] Bluetooth: hci0: command 0x0c1a tx timeout [ 341.569509][ T7314] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.834844][ T7314] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.314812][ T7314] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.585344][ T8745] Bluetooth: hci1: command 0x0c1a tx timeout [ 342.726342][ T7314] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.749142][ T8745] Bluetooth: hci2: command 0x0c1a tx timeout [ 342.825601][ T8745] Bluetooth: hci4: command 0x0c1a tx timeout [ 343.528691][ T9184] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 343.595563][ T9184] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 343.672904][ T9184] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 343.709564][ T9184] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 344.083520][ T7314] dummy0: left allmulticast mode [ 344.109674][ T7314] dummy0: left promiscuous mode [ 344.161724][ T7314] bridge0: port 3(dummy0) entered disabled state [ 344.275341][ T7314] bridge_slave_1: left allmulticast mode [ 344.345270][ T7314] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.436777][ T7314] bridge_slave_0: left allmulticast mode [ 344.491088][ T7314] bridge_slave_0: left promiscuous mode [ 344.521327][ T9202] netlink: 12 bytes leftover after parsing attributes in process `syz.2.613'. [ 344.545214][ T7314] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.527191][ T7314] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 345.543336][ T8745] Bluetooth: hci0: command 0x0c1a tx timeout [ 345.623088][ T8745] Bluetooth: hci1: command 0x0c1a tx timeout [ 345.673900][ T7314] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 345.707035][ T8745] Bluetooth: hci2: command 0x0c1a tx timeout [ 345.752140][ T7314] bond0 (unregistering): Released all slaves [ 345.786412][ T8745] Bluetooth: hci4: command 0x0c1a tx timeout [ 346.022887][ T7314] : left promiscuous mode [ 347.868249][ T8745] Bluetooth: hci4: command 0x0c1a tx timeout [ 348.726181][ T7314] hsr_slave_0: left promiscuous mode [ 348.785072][ T9267] netlink: 186 bytes leftover after parsing attributes in process `syz.0.622'. [ 348.952149][ T7314] hsr_slave_1: left promiscuous mode [ 349.036283][ T7314] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 349.104719][ T7314] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 349.274712][ T7314] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 349.351541][ T7314] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 349.665263][ T7314] veth1_macvtap: left promiscuous mode [ 349.706092][ T7314] veth0_macvtap: left promiscuous mode [ 349.746814][ T7314] veth1_vlan: left promiscuous mode [ 349.782417][ T7314] veth0_vlan: left promiscuous mode [ 350.892520][ T9290] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 351.020534][ T7314] team0 (unregistering): Port device team_slave_1 removed [ 351.100773][ T7314] team0 (unregistering): Port device team_slave_0 removed [ 352.512921][ T9307] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 352.633025][ T9307] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 352.639038][ T9307] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 352.880012][ T9307] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 353.825119][ T6774] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 354.583060][ T6774] Bluetooth: hci0: command 0x0c1a tx timeout [ 354.664140][ T6774] Bluetooth: hci2: command 0x0c1a tx timeout [ 354.670150][ T6774] Bluetooth: hci1: command 0x0c1a tx timeout [ 354.903691][ T6774] Bluetooth: hci4: command 0x0c1a tx timeout [ 355.643296][ T9348] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 2 with max blocks 6 with error 117 [ 356.065135][ T9348] EXT4-fs (sda1): This should not happen!! Data will be lost [ 356.065135][ T9348] [ 357.104931][ T9375] FAULT_INJECTION: forcing a failure. [ 357.104931][ T9375] name fail_futex, interval 1, probability 0, space 0, times 1 [ 357.284754][ T9375] CPU: 0 UID: 0 PID: 9375 Comm: Tainted: G L syzkaller #0 PREEMPT(full) [ 357.284779][ T9375] Tainted: [L]=SOFTLOCKUP [ 357.284784][ T9375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 357.284799][ T9375] Call Trace: [ 357.284835][ T9375] [ 357.284841][ T9375] dump_stack_lvl+0x100/0x190 [ 357.284910][ T9375] should_fail_ex.cold+0x5/0xa [ 357.284939][ T9375] get_futex_key+0x1d2/0x1620 [ 357.284974][ T9375] ? __pfx_get_futex_key+0x10/0x10 [ 357.284989][ T9375] ? lock_acquire+0x1cf/0x380 [ 357.285021][ T9375] futex_wake+0xea/0x530 [ 357.285042][ T9375] ? __pfx_futex_wake+0x10/0x10 [ 357.285062][ T9375] ? exit_mm_release+0x19/0x30 [ 357.285089][ T9375] do_futex+0x32b/0x350 [ 357.285106][ T9375] ? __pfx_do_futex+0x10/0x10 [ 357.285122][ T9375] ? __might_fault+0xc5/0x140 [ 357.285156][ T9375] mm_release+0x24a/0x2f0 [ 357.285170][ T9375] do_exit+0x704/0x2b60 [ 357.285187][ T9375] ? syslog_print+0x548/0x620 [ 357.285207][ T9375] ? kfree+0x1f6/0x6b0 [ 357.285225][ T9375] ? __pfx_do_exit+0x10/0x10 [ 357.285241][ T9375] ? do_raw_spin_lock+0x128/0x260 [ 357.285260][ T9375] ? find_held_lock+0x2b/0x80 [ 357.285272][ T9375] ? get_signal+0x7e0/0x21e0 [ 357.285292][ T9375] do_group_exit+0xd5/0x2a0 [ 357.285311][ T9375] get_signal+0x1ec7/0x21e0 [ 357.285332][ T9375] ? __pfx_get_signal+0x10/0x10 [ 357.285347][ T9375] ? bpf_lsm_capable+0x9/0x10 [ 357.285369][ T9375] ? security_capable+0x80/0x260 [ 357.285457][ T9375] arch_do_signal_or_restart+0x91/0x770 [ 357.285482][ T9375] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 357.285509][ T9375] exit_to_user_mode_loop+0x86/0x4a0 [ 357.285528][ T9375] do_syscall_64+0x668/0xf80 [ 357.285599][ T9375] ? clear_bhb_loop+0x40/0x90 [ 357.285624][ T9375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.285638][ T9375] RIP: 0033:0x7fc4f4f9c799 [ 357.285651][ T9375] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 357.285664][ T9375] RSP: 002b:00007fc4f5e1e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000067 [ 357.285707][ T9375] RAX: fffffffffffffe00 RBX: 00007fc4f5216270 RCX: 00007fc4f4f9c799 [ 357.285716][ T9375] RDX: 00000000000008f7 RSI: 0000200000000340 RDI: 0000000000000002 [ 357.285725][ T9375] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 357.285733][ T9375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 357.285741][ T9375] R13: 00007fc4f5216308 R14: 00007fc4f5216270 R15: 00007ffc9e40d708 [ 357.285760][ T9375] [ 358.714243][ T9409] FAULT_INJECTION: forcing a failure. [ 358.714243][ T9409] name failslab, interval 1, probability 0, space 0, times 0 [ 358.943517][ T9409] CPU: 0 UID: 0 PID: 9409 Comm: syz.0.645 Tainted: G L syzkaller #0 PREEMPT(full) [ 358.943543][ T9409] Tainted: [L]=SOFTLOCKUP [ 358.943548][ T9409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 358.943556][ T9409] Call Trace: [ 358.943561][ T9409] [ 358.943567][ T9409] dump_stack_lvl+0x100/0x190 [ 358.943592][ T9409] should_fail_ex.cold+0x5/0xa [ 358.943608][ T9409] should_failslab+0xc2/0x120 [ 358.943655][ T9409] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 358.943682][ T9409] ? sock_alloc_inode+0x25/0x1c0 [ 358.943798][ T9409] ? __pfx_sock_alloc_inode+0x10/0x10 [ 358.943819][ T9409] sock_alloc_inode+0x25/0x1c0 [ 358.943839][ T9409] alloc_inode+0x68/0x250 [ 358.943864][ T9409] sock_alloc+0x44/0x280 [ 358.943882][ T9409] ? security_socket_create+0x7f/0x250 [ 358.943930][ T9409] __sock_create+0xc2/0x860 [ 358.943948][ T9409] __sys_socket+0x14d/0x260 [ 358.943963][ T9409] ? __pfx___sys_socket+0x10/0x10 [ 358.943983][ T9409] __x64_sys_socket+0x72/0xb0 [ 358.943997][ T9409] ? lockdep_hardirqs_on+0x78/0x100 [ 358.944044][ T9409] do_syscall_64+0x106/0xf80 [ 358.944062][ T9409] ? clear_bhb_loop+0x40/0x90 [ 358.944079][ T9409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.944093][ T9409] RIP: 0033:0x7f20eb79c799 [ 358.944106][ T9409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 358.944119][ T9409] RSP: 002b:00007f20ec5da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 358.944133][ T9409] RAX: ffffffffffffffda RBX: 00007f20eba15fa0 RCX: 00007f20eb79c799 [ 358.944142][ T9409] RDX: 000000000000000f RSI: 0000000000000006 RDI: 0000000000000010 [ 358.944150][ T9409] RBP: 00007f20eb832c99 R08: 0000000000000000 R09: 0000000000000000 [ 358.944159][ T9409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.944167][ T9409] R13: 00007f20eba16038 R14: 00007f20eba15fa0 R15: 00007ffc40d56a08 [ 358.944185][ T9409] [ 358.944197][ T9409] socket: no more sockets [ 360.039979][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 1410 with max blocks 25 with error 117 [ 360.172895][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 360.172895][ T6817] [ 360.229382][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1399 with max blocks 66 with error 117 [ 360.276966][ T9425] syz.4.646(9425): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 360.372925][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 360.372925][ T6817] [ 360.439508][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 965 with max blocks 57 with error 117 [ 360.573051][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 360.573051][ T6817] [ 360.851581][ T9431] FAULT_INJECTION: forcing a failure. [ 360.851581][ T9431] name failslab, interval 1, probability 0, space 0, times 0 [ 360.945330][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 952 with max blocks 71 with error 117 [ 361.072972][ T9431] CPU: 0 UID: 0 PID: 9431 Comm: syz.1.647 Tainted: G L syzkaller #0 PREEMPT(full) [ 361.073001][ T9431] Tainted: [L]=SOFTLOCKUP [ 361.073006][ T9431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 361.073015][ T9431] Call Trace: [ 361.073021][ T9431] [ 361.073027][ T9431] dump_stack_lvl+0x100/0x190 [ 361.073054][ T9431] should_fail_ex.cold+0x5/0xa [ 361.073073][ T9431] should_failslab+0xc2/0x120 [ 361.073089][ T9431] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 361.073109][ T9431] ? __proc_create+0x2cb/0x8c0 [ 361.073175][ T9431] __proc_create+0x2cb/0x8c0 [ 361.073198][ T9431] ? __pfx___proc_create+0x10/0x10 [ 361.073221][ T9431] ? _raw_write_unlock+0x28/0x50 [ 361.073317][ T9431] proc_create_reg+0x75/0x170 [ 361.073333][ T9431] ? __pfx_kcm_stats_seq_show+0x10/0x10 [ 361.073419][ T9431] proc_create_net_single+0x86/0x180 [ 361.073435][ T9431] ? __pfx_proc_create_net_single+0x10/0x10 [ 361.073455][ T9431] ? __pfx_kcm_proc_init_net+0x10/0x10 [ 361.073474][ T9431] kcm_proc_init_net+0x52/0x120 [ 361.073492][ T9431] ops_init+0x1e2/0x5f0 [ 361.073565][ T9431] setup_net+0x118/0x3a0 [ 361.073587][ T9431] ? __pfx_setup_net+0x10/0x10 [ 361.073607][ T9431] ? lockdep_init_map_type+0x5c/0x250 [ 361.073626][ T9431] ? mutex_init_lockep+0x110/0x150 [ 361.073648][ T9431] copy_net_ns+0x46f/0x7c0 [ 361.073672][ T9431] create_new_namespaces+0x3ea/0xac0 [ 361.073697][ T9431] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 361.073714][ T9431] ksys_unshare+0x473/0xad0 [ 361.073733][ T9431] ? __pfx_ksys_unshare+0x10/0x10 [ 361.073758][ T9431] __x64_sys_unshare+0x31/0x40 [ 361.073775][ T9431] do_syscall_64+0x106/0xf80 [ 361.073794][ T9431] ? clear_bhb_loop+0x40/0x90 [ 361.073812][ T9431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.073827][ T9431] RIP: 0033:0x7fc4f4f9c799 [ 361.073841][ T9431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 361.073855][ T9431] RSP: 002b:00007fc4f5e60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 361.073870][ T9431] RAX: ffffffffffffffda RBX: 00007fc4f5216090 RCX: 00007fc4f4f9c799 [ 361.073880][ T9431] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 361.073889][ T9431] RBP: 00007fc4f5032c99 R08: 0000000000000000 R09: 0000000000000000 [ 361.073898][ T9431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 361.073907][ T9431] R13: 00007fc4f5216128 R14: 00007fc4f5216090 R15: 00007ffc9e40d708 [ 361.073927][ T9431] [ 361.079514][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 361.079514][ T6817] [ 362.910545][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1408 with max blocks 41 with error 117 [ 363.009420][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 363.009420][ T6817] [ 363.118950][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1018 with max blocks 4 with error 117 [ 363.215896][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 363.215896][ T6817] [ 372.224951][ T9553] netlink: 'syz.0.668': attribute type 2 has an invalid length. [ 374.743292][ T9579] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 940 with max blocks 82 with error 117 [ 375.000423][ T9579] EXT4-fs (sda1): This should not happen!! Data will be lost [ 375.000423][ T9579] [ 375.063074][ T5826] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 375.069713][ T6774] Bluetooth: hci2: command 0x0c1a tx timeout [ 377.497747][ T9650] FAULT_INJECTION: forcing a failure. [ 377.497747][ T9650] name failslab, interval 1, probability 0, space 0, times 0 [ 377.497798][ T9650] CPU: 0 UID: 0 PID: 9650 Comm: syz.4.683 Tainted: G L syzkaller #0 PREEMPT(full) [ 377.497822][ T9650] Tainted: [L]=SOFTLOCKUP [ 377.497827][ T9650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 377.497836][ T9650] Call Trace: [ 377.497848][ T9650] [ 377.497854][ T9650] dump_stack_lvl+0x100/0x190 [ 377.497882][ T9650] should_fail_ex.cold+0x5/0xa [ 377.497901][ T9650] should_failslab+0xc2/0x120 [ 377.497916][ T9650] __kmalloc_cache_noprof+0x7a/0x6f0 [ 377.497936][ T9650] ? vidtv_channel_si_init+0xa42/0x18d0 [ 377.498007][ T9650] vidtv_channel_si_init+0xa42/0x18d0 [ 377.498035][ T9650] vidtv_mux_init+0x526/0xbf0 [ 377.498058][ T9650] vidtv_start_feed+0x33e/0x4c0 [ 377.498075][ T9650] ? __pfx_vidtv_start_feed+0x10/0x10 [ 377.498092][ T9650] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 377.498112][ T9650] ? mark_held_locks+0x40/0x70 [ 377.498133][ T9650] ? __pfx_vidtv_start_feed+0x10/0x10 [ 377.498148][ T9650] dmx_ts_feed_start_filtering+0xf6/0x220 [ 377.498208][ T9650] dvb_dmxdev_start_feed+0x273/0x3f0 [ 377.498254][ T9650] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 377.498271][ T9650] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 377.498289][ T9650] dvb_demux_do_ioctl+0xe64/0x1200 [ 377.498311][ T9650] dvb_usercopy+0x167/0x340 [ 377.498332][ T9650] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 377.498350][ T9650] ? __pfx_dvb_usercopy+0x10/0x10 [ 377.498379][ T9650] ? __fget_files+0x21f/0x3d0 [ 377.498397][ T9650] dvb_demux_ioctl+0x29/0x40 [ 377.498410][ T9650] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 377.498423][ T9650] __x64_sys_ioctl+0x18e/0x210 [ 377.498450][ T9650] do_syscall_64+0x106/0xf80 [ 377.498470][ T9650] ? clear_bhb_loop+0x40/0x90 [ 377.498488][ T9650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.498503][ T9650] RIP: 0033:0x7f697519c799 [ 377.498518][ T9650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 377.498532][ T9650] RSP: 002b:00007f6976030028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 377.498546][ T9650] RAX: ffffffffffffffda RBX: 00007f6975415fa0 RCX: 00007f697519c799 [ 377.498556][ T9650] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 377.498565][ T9650] RBP: 00007f6975232c99 R08: 0000000000000000 R09: 0000000000000000 [ 377.498574][ T9650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 377.498583][ T9650] R13: 00007f6975416038 R14: 00007f6975415fa0 R15: 00007fff66b8b428 [ 377.498604][ T9650] [ 378.596009][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.596072][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.015169][ T9686] pim6reg: entered allmulticast mode [ 381.957645][ T6774] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 382.046122][ T9697] Invalid ELF header magic: != ELF [ 383.927274][ T9723] zswap: compressor not available [ 384.022906][ T8745] Bluetooth: hci4: command 0x0c1a tx timeout [ 386.103865][ T8745] Bluetooth: hci4: command 0x0c1a tx timeout [ 390.315870][ T6817] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 390.395928][ T5915] Process accounting resumed [ 392.051598][ T6774] Bluetooth: hci0: unexpected event 0x3e length: 720 > 260 [ 393.296470][ T9815] netlink: 4 bytes leftover after parsing attributes in process `syz.1.715'. [ 393.533778][ T9818] netlink: 354 bytes leftover after parsing attributes in process `syz.1.715'. [ 393.609568][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 952 with max blocks 71 with error 117 [ 393.721896][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 393.721896][ T7315] [ 393.827784][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 2 with max blocks 3 with error 117 [ 393.935906][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 393.935906][ T7315] [ 393.995029][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1408 with max blocks 57 with error 117 [ 394.098958][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 394.098958][ T7315] [ 394.174726][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1018 with max blocks 4 with error 117 [ 394.284895][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 394.284895][ T7315] [ 398.478486][ T9872] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 937 with max blocks 45 with error 117 [ 398.662355][ T9872] EXT4-fs (sda1): This should not happen!! Data will be lost [ 398.662355][ T9872] [ 401.329712][ T9885] sp0: Synchronizing with TNC [ 402.405230][ T9898] netlink: 28 bytes leftover after parsing attributes in process `syz.0.732'. [ 403.388382][ T9910] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 406.421020][ T9938] zswap: compressor not available [ 406.807646][ T9941] zswap: compressor not available [ 407.413490][ T9956] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 953 with max blocks 69 with error 117 [ 407.643417][ T9956] EXT4-fs (sda1): This should not happen!! Data will be lost [ 407.643417][ T9956] [ 408.498674][ T9962] netlink: 8 bytes leftover after parsing attributes in process `syz.2.744'. [ 409.323928][ T9968] FAULT_INJECTION: forcing a failure. [ 409.323928][ T9968] name failslab, interval 1, probability 0, space 0, times 0 [ 409.454991][ T9968] CPU: 0 UID: 0 PID: 9968 Comm: syz.1.745 Tainted: G L syzkaller #0 PREEMPT(full) [ 409.455016][ T9968] Tainted: [L]=SOFTLOCKUP [ 409.455021][ T9968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 409.455030][ T9968] Call Trace: [ 409.455035][ T9968] [ 409.455040][ T9968] dump_stack_lvl+0x100/0x190 [ 409.455066][ T9968] should_fail_ex.cold+0x5/0xa [ 409.455083][ T9968] ? tomoyo_realpath_from_path+0xb6/0x690 [ 409.455186][ T9968] should_failslab+0xc2/0x120 [ 409.455202][ T9968] __kmalloc_noprof+0xe0/0x850 [ 409.455226][ T9968] tomoyo_realpath_from_path+0xb6/0x690 [ 409.455249][ T9968] tomoyo_path_number_perm+0x23c/0x580 [ 409.455263][ T9968] ? tomoyo_path_number_perm+0x22e/0x580 [ 409.455279][ T9968] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 409.455312][ T9968] ? find_held_lock+0x2b/0x80 [ 409.455325][ T9968] ? __fget_files+0x215/0x3d0 [ 409.455338][ T9968] ? hook_file_ioctl_common+0x146/0x410 [ 409.455383][ T9968] ? __fget_files+0x21f/0x3d0 [ 409.455399][ T9968] security_file_ioctl+0xd3/0x230 [ 409.455431][ T9968] __x64_sys_ioctl+0xb7/0x210 [ 409.455452][ T9968] do_syscall_64+0x106/0xf80 [ 409.455471][ T9968] ? clear_bhb_loop+0x40/0x90 [ 409.455489][ T9968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.455503][ T9968] RIP: 0033:0x7fc4f4f9c799 [ 409.455516][ T9968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 409.455529][ T9968] RSP: 002b:00007fc4f5e81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 409.455544][ T9968] RAX: ffffffffffffffda RBX: 00007fc4f5215fa0 RCX: 00007fc4f4f9c799 [ 409.455553][ T9968] RDX: 0000000000000003 RSI: 00000000c038563b RDI: 0000000000000004 [ 409.455562][ T9968] RBP: 00007fc4f5e81090 R08: 0000000000000000 R09: 0000000000000000 [ 409.455570][ T9968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 409.455578][ T9968] R13: 00007fc4f5216038 R14: 00007fc4f5215fa0 R15: 00007ffc9e40d708 [ 409.455597][ T9968] [ 409.455642][ T9968] ERROR: Out of memory at tomoyo_realpath_from_path. [ 410.080923][ T9976] netlink: 146 bytes leftover after parsing attributes in process `syz.4.747'. [ 411.719294][ T9989] sg_write: data in/out 169427477/34141 bytes for SCSI command 0x1-- guessing data in; [ 411.719294][ T9989] program syz.1.750 not setting count and/or reply_len properly [ 413.363087][T10006] block2mtd: illegal erase size [ 415.545717][T10018] input: jJǸ-9%vJ86 as /devices/virtual/input/input12 [ 416.640550][T10029] netlink: 146 bytes leftover after parsing attributes in process `syz.0.759'. [ 416.663412][T10030] vivid-007: ================= START STATUS ================= [ 416.671187][T10030] vivid-007: Generate PTS: true [ 416.759278][T10030] vivid-007: Generate SCR: true [ 416.798038][T10030] tpg source WxH: 320x240 (Y'CbCr) [ 416.840904][T10030] tpg field: 1 [ 416.907398][T10030] tpg crop: (0,0)/320x240 [ 416.911792][T10030] tpg compose: (0,0)/320x240 [ 417.019885][T10030] tpg colorspace: 8 [ 417.142861][T10030] tpg transfer function: 0/0 [ 417.237110][T10030] tpg Y'CbCr encoding: 0/0 [ 417.241553][T10030] tpg quantization: 0/0 [ 417.380330][T10030] tpg RGB range: 0/2 [ 417.449724][T10030] vivid-007: ================== END STATUS ================== [ 418.002007][T10048] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 418.020968][T10048] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 418.069399][T10048] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 419.622925][ T6774] Bluetooth: hci0: command 0x0c1a tx timeout [ 419.796987][T10078] binder: 10073:10078 ioctl c018620c 0 returned -1 [ 420.026723][ T6774] Bluetooth: hci1: command 0x0c1a tx timeout [ 420.103229][ T6774] Bluetooth: hci4: command 0x0c1a tx timeout [ 422.075717][T10096] FAULT_INJECTION: forcing a failure. [ 422.075717][T10096] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 422.165568][T10096] CPU: 0 UID: 0 PID: 10096 Comm: syz.4.772 Tainted: G L syzkaller #0 PREEMPT(full) [ 422.165596][T10096] Tainted: [L]=SOFTLOCKUP [ 422.165601][T10096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 422.165610][T10096] Call Trace: [ 422.165616][T10096] [ 422.165623][T10096] dump_stack_lvl+0x100/0x190 [ 422.165651][T10096] should_fail_ex.cold+0x5/0xa [ 422.165667][T10096] ? prepare_alloc_pages+0x16d/0x5f0 [ 422.165685][T10096] should_fail_alloc_page+0xeb/0x140 [ 422.165703][T10096] prepare_alloc_pages+0x1f0/0x5f0 [ 422.165719][T10096] ? rcu_is_watching+0x12/0xc0 [ 422.165743][T10096] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 422.165764][T10096] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 422.165786][T10096] ? __pfx_css_rstat_updated+0x10/0x10 [ 422.165838][T10096] ? find_held_lock+0x2b/0x80 [ 422.165852][T10096] ? rcu_read_unlock+0x17/0x60 [ 422.165869][T10096] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 422.165890][T10096] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 422.165912][T10096] ? page_counter_charge+0x1d2/0x240 [ 422.165931][T10096] ? rcu_is_watching+0x12/0xc0 [ 422.165951][T10096] ? trace_mm_page_alloc+0x17a/0x1d0 [ 422.165975][T10096] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 422.165999][T10096] ? policy_nodemask+0xed/0x4f0 [ 422.166016][T10096] alloc_pages_mpol+0x1fb/0x550 [ 422.166032][T10096] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 422.166047][T10096] ? do_raw_spin_lock+0x128/0x260 [ 422.166071][T10096] ? find_held_lock+0x2b/0x80 [ 422.166084][T10096] ? __pud_alloc+0x529/0x6e0 [ 422.166103][T10096] alloc_pages_noprof+0x131/0x390 [ 422.166120][T10096] __pmd_alloc+0x3b/0x950 [ 422.166136][T10096] ? __pud_alloc+0x52e/0x6e0 [ 422.166154][T10096] walk_to_pmd+0x3a3/0x4c0 [ 422.166173][T10096] get_locked_pte+0x25/0xc0 [ 422.166191][T10096] map_ldt_struct+0x3c1/0xa70 [ 422.166210][T10096] ? __pfx_map_ldt_struct+0x10/0x10 [ 422.166224][T10096] ? alloc_pages_noprof+0x233/0x390 [ 422.166243][T10096] write_ldt+0x6d3/0xd40 [ 422.166260][T10096] ? __pfx_write_ldt+0x10/0x10 [ 422.166276][T10096] ? xfd_validate_state+0x129/0x190 [ 422.166301][T10096] __x64_sys_modify_ldt+0xb1/0x170 [ 422.166316][T10096] do_syscall_64+0x106/0xf80 [ 422.166336][T10096] ? clear_bhb_loop+0x40/0x90 [ 422.166353][T10096] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.166369][T10096] RIP: 0033:0x7f697519c799 [ 422.166382][T10096] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 422.166396][T10096] RSP: 002b:00007f6976030028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 422.166411][T10096] RAX: ffffffffffffffda RBX: 00007f6975415fa0 RCX: 00007f697519c799 [ 422.166422][T10096] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 422.166431][T10096] RBP: 00007f6975232c99 R08: 0000000000000000 R09: 0000000000000000 [ 422.166440][T10096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 422.166449][T10096] R13: 00007f6975416038 R14: 00007f6975415fa0 R15: 00007fff66b8b428 [ 422.166469][T10096] [ 422.920440][ T29] audit: type=1800 audit(1773547501.873:16): pid=10097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.772" name="trace_marker" dev="tracefs" ino=3959 res=0 errno=0 [ 424.616162][T10106] FAULT_INJECTION: forcing a failure. [ 424.616162][T10106] name failslab, interval 1, probability 0, space 0, times 0 [ 424.695429][T10106] CPU: 0 UID: 0 PID: 10106 Comm: syz.0.782 Tainted: G L syzkaller #0 PREEMPT(full) [ 424.695457][T10106] Tainted: [L]=SOFTLOCKUP [ 424.695463][T10106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 424.695472][T10106] Call Trace: [ 424.695477][T10106] [ 424.695483][T10106] dump_stack_lvl+0x100/0x190 [ 424.695511][T10106] should_fail_ex.cold+0x5/0xa [ 424.695530][T10106] ? vkms_crtc_atomic_check+0x38a/0x7c0 [ 424.695649][T10106] should_failslab+0xc2/0x120 [ 424.695666][T10106] __kmalloc_noprof+0xe0/0x850 [ 424.695687][T10106] ? drm_atomic_add_affected_planes+0x32b/0x3f0 [ 424.695750][T10106] vkms_crtc_atomic_check+0x38a/0x7c0 [ 424.695772][T10106] ? __pfx_vkms_crtc_atomic_check+0x10/0x10 [ 424.695789][T10106] drm_atomic_helper_check_planes+0x4dc/0x900 [ 424.695839][T10106] drm_atomic_helper_check+0xae/0x190 [ 424.695860][T10106] vkms_atomic_check+0x1d9/0x250 [ 424.695920][T10106] ? __pfx_vkms_atomic_check+0x10/0x10 [ 424.695944][T10106] drm_atomic_check_only+0x19ea/0x31b0 [ 424.695971][T10106] drm_atomic_commit+0x132/0x300 [ 424.695988][T10106] ? __pfx_drm_atomic_commit+0x10/0x10 [ 424.696005][T10106] ? __pfx___drm_printfn_info+0x10/0x10 [ 424.696038][T10106] ? drm_client_rotation+0x451/0x6a0 [ 424.696080][T10106] drm_client_modeset_commit_atomic+0x6a6/0x7e0 [ 424.696106][T10106] ? __mutex_lock+0x26a/0x1b90 [ 424.696127][T10106] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 424.696148][T10106] ? drm_master_internal_acquire+0x21/0x80 [ 424.696185][T10106] drm_client_modeset_commit_locked+0x14d/0x580 [ 424.696208][T10106] drm_client_modeset_commit+0x4f/0x80 [ 424.696229][T10106] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 424.696295][T10106] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 424.696319][T10106] drm_fbdev_client_restore+0x1b/0x30 [ 424.696394][T10106] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 424.696410][T10106] drm_client_dev_restore+0x205/0x2a0 [ 424.696435][T10106] drm_release+0x2c6/0x360 [ 424.696474][T10106] ? __pfx_drm_release+0x10/0x10 [ 424.696493][T10106] __fput+0x3ff/0xb40 [ 424.696515][T10106] task_work_run+0x150/0x240 [ 424.696536][T10106] ? __pfx_task_work_run+0x10/0x10 [ 424.696562][T10106] exit_to_user_mode_loop+0x100/0x4a0 [ 424.696584][T10106] do_syscall_64+0x668/0xf80 [ 424.696603][T10106] ? clear_bhb_loop+0x40/0x90 [ 424.696621][T10106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.696636][T10106] RIP: 0033:0x7f20eb79c799 [ 424.696651][T10106] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 424.696665][T10106] RSP: 002b:00007f20ec5da028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 424.696680][T10106] RAX: 0000000000000000 RBX: 00007f20eba15fa0 RCX: 00007f20eb79c799 [ 424.696690][T10106] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 424.696698][T10106] RBP: 00007f20eb832c99 R08: 0000000000000000 R09: 0000000000000000 [ 424.696707][T10106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 424.696717][T10106] R13: 00007f20eba16038 R14: 00007f20eba15fa0 R15: 00007ffc40d56a08 [ 424.696738][T10106] [ 425.387864][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 952 with max blocks 71 with error 117 [ 425.456087][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 425.456087][ T6817] [ 425.494863][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1408 with max blocks 57 with error 117 [ 425.578863][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 425.578863][ T6817] [ 425.713514][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1018 with max blocks 4 with error 117 [ 425.786000][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 425.786000][ T6817] [ 426.199066][T10110] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 950 with max blocks 32 with error 117 [ 426.254849][T10110] EXT4-fs (sda1): This should not happen!! Data will be lost [ 426.254849][T10110] [ 427.093470][T10127] vivid-007: ================= START STATUS ================= [ 427.101138][T10127] vivid-007: Enable Output Cropping: true grabbed [ 427.263124][T10127] vivid-007: Enable Output Composing: true grabbed [ 427.344290][T10127] vivid-007: Enable Output Scaler: true grabbed [ 427.350561][T10127] vivid-007: Tx RGB Quantization Range: Automatic grabbed [ 427.535352][T10127] vivid-007: Transmit Mode: HDMI grabbed [ 427.541052][T10127] vivid-007: Hotplug Present: 0x00000000 [ 427.729316][T10127] vivid-007: RxSense Present: 0x00000000 [ 427.880715][T10127] vivid-007: EDID Present: 0x00000000 [ 427.962917][T10127] vivid-007: ================== END STATUS ================== [ 434.646650][T10194] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.764535][ T8745] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 434.775613][ T8745] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 434.783549][ T8745] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 434.791368][ T8745] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 434.799040][ T8745] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 436.452722][T10202] chnl_net:caif_netlink_parms(): no params data found [ 436.905524][ T8745] Bluetooth: hci3: command tx timeout [ 436.951655][T10202] bridge0: port 1(bridge_slave_0) entered blocking state [ 437.032945][T10202] bridge0: port 1(bridge_slave_0) entered disabled state [ 437.040139][T10202] bridge_slave_0: entered allmulticast mode [ 437.124330][T10202] bridge_slave_0: entered promiscuous mode [ 437.198459][T10202] bridge0: port 2(bridge_slave_1) entered blocking state [ 437.293615][T10202] bridge0: port 2(bridge_slave_1) entered disabled state [ 437.300782][T10202] bridge_slave_1: entered allmulticast mode [ 437.388280][T10202] bridge_slave_1: entered promiscuous mode [ 437.569223][T10202] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 437.742509][T10202] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 438.848771][T10202] team0: Port device team_slave_0 added [ 438.985750][ T8745] Bluetooth: hci3: command tx timeout [ 439.075003][T10202] team0: Port device team_slave_1 added [ 439.354683][T10202] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 439.394217][T10202] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 439.534000][T10202] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 439.594250][T10202] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 439.632010][T10202] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 439.769220][T10202] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 440.029551][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.045801][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.573762][T10202] hsr_slave_0: entered promiscuous mode [ 440.613550][T10202] hsr_slave_1: entered promiscuous mode [ 440.652091][T10202] debugfs: 'hsr0' already exists in 'hsr' [ 440.702917][T10202] Cannot create hsr debugfs directory [ 441.063925][ T8745] Bluetooth: hci3: command tx timeout [ 441.990694][T10202] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 442.065715][T10202] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 442.158799][T10202] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 442.222522][T10202] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 443.145783][ T8745] Bluetooth: hci3: command tx timeout [ 443.538683][T10202] 8021q: adding VLAN 0 to HW filter on device bond0 [ 443.659770][T10202] 8021q: adding VLAN 0 to HW filter on device team0 [ 443.766420][ T7321] bridge0: port 1(bridge_slave_0) entered blocking state [ 443.773563][ T7321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 443.864745][ T7321] bridge0: port 2(bridge_slave_1) entered blocking state [ 443.871851][ T7321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 444.680114][T10287] Invalid ELF header magic: != ELF [ 444.853271][T10281] program syz.0.807 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 444.990104][T10202] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 445.007788][T10278] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 977 with max blocks 45 with error 117 [ 445.252947][T10278] EXT4-fs (sda1): This should not happen!! Data will be lost [ 445.252947][T10278] [ 447.458137][T10202] veth0_vlan: entered promiscuous mode [ 447.562502][T10202] veth1_vlan: entered promiscuous mode [ 447.836585][T10202] veth0_macvtap: entered promiscuous mode [ 447.892628][T10202] veth1_macvtap: entered promiscuous mode [ 448.020293][T10202] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 448.090998][T10202] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 448.252481][ T7323] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.294235][ T7323] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.362924][ T7323] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.414806][ T7323] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 448.912878][ T7323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 448.963143][ T7323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.143800][ T7323] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 449.188457][ T7323] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.407305][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 933 with max blocks 19 with error 117 [ 449.534581][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 449.534581][ T6817] [ 449.635806][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 972 with max blocks 10 with error 117 [ 449.674442][T10327] tipc: Started in network mode [ 449.679432][T10327] tipc: Node identity ffffffff, cluster identity 4711 [ 449.768070][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 449.768070][ T6817] [ 449.794007][T10327] tipc: Node number set to 4294967295 [ 449.867088][ T6817] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1359 with max blocks 34 with error 117 [ 449.991209][ T6817] EXT4-fs (sda1): This should not happen!! Data will be lost [ 449.991209][ T6817] [ 450.133310][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 977 with max blocks 46 with error 117 [ 450.219478][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 450.219478][ T7321] [ 450.316019][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1368 with max blocks 97 with error 117 [ 450.440394][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 450.440394][ T7321] [ 450.538432][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1357 with max blocks 2 with error 117 [ 450.652869][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 450.652869][ T7321] [ 452.337915][T10333] futex_wake_op: syz.5.815 tries to shift op by -2048; fix this program [ 452.453996][T10342] netlink: 28 bytes leftover after parsing attributes in process `syz.0.816'. [ 458.611293][T10408] netlink: 266 bytes leftover after parsing attributes in process `syz.4.828'. [ 458.772993][T10408] IPv6: NLM_F_CREATE should be specified when creating new route [ 458.912663][T10406] FAULT_INJECTION: forcing a failure. [ 458.912663][T10406] name failslab, interval 1, probability 0, space 0, times 0 [ 459.029789][T10406] CPU: 0 UID: 0 PID: 10406 Comm: syz.5.829 Tainted: G L syzkaller #0 PREEMPT(full) [ 459.029816][T10406] Tainted: [L]=SOFTLOCKUP [ 459.029821][T10406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 459.029830][T10406] Call Trace: [ 459.029836][T10406] [ 459.029842][T10406] dump_stack_lvl+0x100/0x190 [ 459.029872][T10406] should_fail_ex.cold+0x5/0xa [ 459.029890][T10406] ? lsm_blob_alloc+0x68/0x90 [ 459.029911][T10406] should_failslab+0xc2/0x120 [ 459.029928][T10406] __kmalloc_noprof+0xe0/0x850 [ 459.029949][T10406] ? trace_kmem_cache_alloc+0xf3/0x120 [ 459.029967][T10406] lsm_blob_alloc+0x68/0x90 [ 459.029987][T10406] security_prepare_creds+0x2d/0x290 [ 459.030007][T10406] prepare_creds+0x5d6/0x950 [ 459.030030][T10406] __sys_setfsgid+0xe3/0x3b0 [ 459.030047][T10406] do_syscall_64+0x106/0xf80 [ 459.030079][T10406] ? clear_bhb_loop+0x40/0x90 [ 459.030098][T10406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.030114][T10406] RIP: 0033:0x7f106899c799 [ 459.030126][T10406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 459.030141][T10406] RSP: 002b:00007f106977f028 EFLAGS: 00000246 ORIG_RAX: 000000000000007b [ 459.030156][T10406] RAX: ffffffffffffffda RBX: 00007f1068c15fa0 RCX: 00007f106899c799 [ 459.030166][T10406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01 [ 459.030175][T10406] RBP: 00007f1068a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 459.030183][T10406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 459.030192][T10406] R13: 00007f1068c16038 R14: 00007f1068c15fa0 R15: 00007ffdc9f7d178 [ 459.030211][T10406] [ 460.269689][T10424] zswap: compressor not available [ 460.870999][T10427] zswap: compressor not available [ 464.824639][T10457] ======================================================= [ 464.824639][T10457] WARNING: The mand mount option has been deprecated and [ 464.824639][T10457] and is ignored by this kernel. Remove the mand [ 464.824639][T10457] option from the mount to silence this warning. [ 464.824639][T10457] ======================================================= [ 467.776745][T10503] ima: policy update failed [ 467.781367][ T29] audit: type=1802 audit(1773547546.853:17): pid=10503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.847" res=0 errno=0 [ 468.333860][T10496] netlink: 12 bytes leftover after parsing attributes in process `syz.0.845'. [ 470.992967][T10542] netlink: 12 bytes leftover after parsing attributes in process `syz.2.852'. [ 473.431987][T10565] netlink: 4 bytes leftover after parsing attributes in process `syz.2.856'. [ 475.379736][T10580] QAT: Stopping all acceleration devices. [ 481.241291][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 977 with max blocks 46 with error 117 [ 481.381603][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 481.381603][ T7323] [ 481.466677][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1368 with max blocks 97 with error 117 [ 481.568926][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 481.568926][ T7323] [ 481.638270][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1357 with max blocks 1 with error 117 [ 481.753139][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 481.753139][ T7323] [ 482.383342][T10629] random: crng reseeded on system resumption [ 483.372945][T10628] program syz.4.868 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 483.559263][T10628] program syz.4.868 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 484.668297][T10637] netlink: 4 bytes leftover after parsing attributes in process `syz.4.869'. [ 485.039970][T10640] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 973 with max blocks 9 with error 117 [ 485.147763][T10640] EXT4-fs (sda1): This should not happen!! Data will be lost [ 485.147763][T10640] [ 486.874045][ T10] usb usb40-port2: attempt power cycle [ 487.445840][ T10] usb usb40-port2: unable to enumerate USB device [ 495.212807][ T29] audit: type=1326 audit(1773547574.283:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10703 comm="syz.0.880" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f20eb79c799 code=0x0 [ 499.006218][T10726] netlink: 12 bytes leftover after parsing attributes in process `syz.4.883'. [ 501.193319][T10720] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(7.0.0), cmd(2) [ 501.466073][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.472672][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.964300][T10753] ubi9: attaching mtd0 [ 501.968524][T10753] ubi9 error: ubi_attach_mtd_dev: bad VID header (5559) or data offsets (5623) [ 504.009043][ T29] audit: type=1800 audit(1773547583.083:19): pid=10786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.894" name="lu_gp_id" dev="configfs" ino=277981 res=0 errno=0 [ 504.537056][ T8745] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 505.796451][ T29] audit: type=1800 audit(1773547584.873:20): pid=10804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.899" name="#150" dev="tmpfs" ino=150 res=0 errno=0 [ 506.588084][ T8745] Bluetooth: hci1: command 0x0c1a tx timeout [ 506.946436][T10817] random: crng reseeded on system resumption [ 508.663378][ T6774] Bluetooth: hci1: command 0x0c1a tx timeout [ 509.022542][T10813] FAULT_INJECTION: forcing a failure. [ 509.022542][T10813] name failslab, interval 1, probability 0, space 0, times 0 [ 509.370068][T10813] CPU: 0 UID: 0 PID: 10813 Comm: syz.2.900 Tainted: G L syzkaller #0 PREEMPT(full) [ 509.370096][T10813] Tainted: [L]=SOFTLOCKUP [ 509.370101][T10813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 509.370111][T10813] Call Trace: [ 509.370116][T10813] [ 509.370123][T10813] dump_stack_lvl+0x100/0x190 [ 509.370150][T10813] should_fail_ex.cold+0x5/0xa [ 509.370175][T10813] ? lsm_blob_alloc+0x68/0x90 [ 509.370196][T10813] should_failslab+0xc2/0x120 [ 509.370212][T10813] __kmalloc_noprof+0xe0/0x850 [ 509.370234][T10813] ? trace_kmem_cache_alloc+0xf3/0x120 [ 509.370253][T10813] lsm_blob_alloc+0x68/0x90 [ 509.370272][T10813] security_prepare_creds+0x2d/0x290 [ 509.370291][T10813] prepare_creds+0x5d6/0x950 [ 509.370314][T10813] join_session_keyring+0x17/0x350 [ 509.370332][T10813] lookup_user_key+0xbf9/0x1300 [ 509.370349][T10813] ? __pfx_lookup_user_key+0x10/0x10 [ 509.370365][T10813] ? __pfx_do_futex+0x10/0x10 [ 509.370387][T10813] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 509.370408][T10813] ? xfd_validate_state+0x129/0x190 [ 509.370432][T10813] keyctl_keyring_link+0x57/0xe0 [ 509.370524][T10813] __do_sys_keyctl+0x1bf/0x5a0 [ 509.370540][T10813] do_syscall_64+0x106/0xf80 [ 509.370560][T10813] ? clear_bhb_loop+0x40/0x90 [ 509.370578][T10813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.370593][T10813] RIP: 0033:0x7fd79099c799 [ 509.370607][T10813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 509.370621][T10813] RSP: 002b:00007fd791818028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 509.370636][T10813] RAX: ffffffffffffffda RBX: 00007fd790c15fa0 RCX: 00007fd79099c799 [ 509.370646][T10813] RDX: ffffffffffffffff RSI: fffffffffffffffd RDI: 0000000000000008 [ 509.370656][T10813] RBP: 00007fd790a32c99 R08: 0000000000000002 R09: 0000000000000000 [ 509.370664][T10813] R10: 0000000000005092 R11: 0000000000000246 R12: 0000000000000000 [ 509.370673][T10813] R13: 00007fd790c16038 R14: 00007fd790c15fa0 R15: 00007fff3a5ebc78 [ 509.370692][T10813] [ 510.476525][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 986 with max blocks 37 with error 117 [ 510.552824][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 510.552824][ T7323] [ 510.614186][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1410 with max blocks 55 with error 117 [ 510.702933][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 510.702933][ T7323] [ 510.763616][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1372 with max blocks 21 with error 117 [ 510.839461][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 510.839461][ T7323] [ 510.933748][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 1372 with max blocks 63 with error 117 [ 511.012910][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 511.012910][ T7323] [ 511.088664][ T7323] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1416 with max blocks 13 with error 117 [ 511.183295][ T7323] EXT4-fs (sda1): This should not happen!! Data will be lost [ 511.183295][ T7323] [ 513.183521][T10872] netlink: 'syz.4.910': attribute type 1 has an invalid length. [ 513.332611][T10872] FAULT_INJECTION: forcing a failure. [ 513.332611][T10872] name failslab, interval 1, probability 0, space 0, times 0 [ 513.428565][T10872] CPU: 0 UID: 0 PID: 10872 Comm: syz.4.910 Tainted: G L syzkaller #0 PREEMPT(full) [ 513.428593][T10872] Tainted: [L]=SOFTLOCKUP [ 513.428599][T10872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 513.428608][T10872] Call Trace: [ 513.428613][T10872] [ 513.428620][T10872] dump_stack_lvl+0x100/0x190 [ 513.428648][T10872] should_fail_ex.cold+0x5/0xa [ 513.428666][T10872] should_failslab+0xc2/0x120 [ 513.428681][T10872] __kmalloc_cache_noprof+0x7a/0x6f0 [ 513.428701][T10872] ? snd_card_file_add+0x52/0x340 [ 513.428807][T10872] ? __pfx_snd_pcm_capture_open+0x10/0x10 [ 513.428855][T10872] snd_card_file_add+0x52/0x340 [ 513.428872][T10872] ? __pfx_snd_pcm_capture_open+0x10/0x10 [ 513.428893][T10872] snd_pcm_open+0xf1/0x710 [ 513.428911][T10872] ? __mutex_unlock_slowpath+0x15c/0x790 [ 513.428935][T10872] ? __pfx_snd_pcm_open+0x10/0x10 [ 513.428962][T10872] ? __pfx_snd_pcm_capture_open+0x10/0x10 [ 513.428981][T10872] snd_pcm_capture_open+0x89/0xe0 [ 513.429000][T10872] snd_open+0x22d/0x4c0 [ 513.429016][T10872] ? __pfx_snd_open+0x10/0x10 [ 513.429030][T10872] chrdev_open+0x234/0x6a0 [ 513.429045][T10872] ? __pfx_apparmor_file_open+0x10/0x10 [ 513.429150][T10872] ? __pfx_chrdev_open+0x10/0x10 [ 513.429165][T10872] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 513.429192][T10872] do_dentry_open+0x6d8/0x1660 [ 513.429210][T10872] ? __pfx_chrdev_open+0x10/0x10 [ 513.429230][T10872] vfs_open+0x82/0x3f0 [ 513.429250][T10872] path_openat+0x208c/0x31a0 [ 513.429271][T10872] ? __pfx_path_openat+0x10/0x10 [ 513.429292][T10872] do_file_open+0x20e/0x430 [ 513.429308][T10872] ? __pfx_do_file_open+0x10/0x10 [ 513.429336][T10872] ? alloc_fd+0x476/0x790 [ 513.429355][T10872] ? do_getname+0x191/0x390 [ 513.429374][T10872] do_sys_openat2+0x10d/0x1e0 [ 513.429392][T10872] ? __pfx_do_sys_openat2+0x10/0x10 [ 513.429412][T10872] ? __fget_files+0x21f/0x3d0 [ 513.429429][T10872] __x64_sys_openat+0x12d/0x210 [ 513.429448][T10872] ? __pfx___x64_sys_openat+0x10/0x10 [ 513.429474][T10872] do_syscall_64+0x106/0xf80 [ 513.429494][T10872] ? clear_bhb_loop+0x40/0x90 [ 513.429511][T10872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.429526][T10872] RIP: 0033:0x7f697519c799 [ 513.429541][T10872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 513.429556][T10872] RSP: 002b:00007f6976030028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 513.429571][T10872] RAX: ffffffffffffffda RBX: 00007f6975415fa0 RCX: 00007f697519c799 [ 513.429581][T10872] RDX: 0000000000080042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 513.429591][T10872] RBP: 00007f6975232c99 R08: 0000000000000000 R09: 0000000000000000 [ 513.429600][T10872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 513.429609][T10872] R13: 00007f6975416038 R14: 00007f6975415fa0 R15: 00007fff66b8b428 [ 513.429629][T10872] [ 514.368398][ T29] audit: type=1804 audit(1773547593.373:21): pid=10879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.914" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 516.610436][T10927] futex_wake_op: syz.5.922 tries to shift op by -2048; fix this program [ 516.728094][T10927] futex_wake_op: syz.5.922 tries to shift op by -2048; fix this program [ 518.915029][T10944] FAULT_INJECTION: forcing a failure. [ 518.915029][T10944] name failslab, interval 1, probability 0, space 0, times 0 [ 519.393021][T10944] CPU: 0 UID: 0 PID: 10944 Comm: syz.5.923 Tainted: G L syzkaller #0 PREEMPT(full) [ 519.393049][T10944] Tainted: [L]=SOFTLOCKUP [ 519.393055][T10944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 519.393064][T10944] Call Trace: [ 519.393070][T10944] [ 519.393077][T10944] dump_stack_lvl+0x100/0x190 [ 519.393104][T10944] should_fail_ex.cold+0x5/0xa [ 519.393123][T10944] should_failslab+0xc2/0x120 [ 519.393138][T10944] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 519.393159][T10944] ? security_inode_alloc+0x3b/0x2c0 [ 519.393174][T10944] ? lockdep_init_map_type+0x5c/0x250 [ 519.393195][T10944] security_inode_alloc+0x3b/0x2c0 [ 519.393211][T10944] inode_init_always_gfp+0xced/0x1040 [ 519.393229][T10944] alloc_inode+0x8e/0x250 [ 519.393259][T10944] alloc_anon_inode+0x2a/0x3e0 [ 519.393276][T10944] ioctx_alloc+0x4dc/0x21d0 [ 519.393299][T10944] ? find_held_lock+0x2b/0x80 [ 519.393313][T10944] ? __pfx_ioctx_alloc+0x10/0x10 [ 519.393334][T10944] __x64_sys_io_setup+0xc9/0x220 [ 519.393351][T10944] do_syscall_64+0x106/0xf80 [ 519.393371][T10944] ? clear_bhb_loop+0x40/0x90 [ 519.393388][T10944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.393403][T10944] RIP: 0033:0x7f106899c799 [ 519.393417][T10944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 519.393431][T10944] RSP: 002b:00007f10667b2028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 519.393446][T10944] RAX: ffffffffffffffda RBX: 00007f1068c16270 RCX: 00007f106899c799 [ 519.393455][T10944] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 000000000000000e [ 519.393468][T10944] RBP: 00007f1068a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 519.393477][T10944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 519.393486][T10944] R13: 00007f1068c16308 R14: 00007f1068c16270 R15: 00007ffdc9f7d178 [ 519.393507][T10944] [ 520.528156][T10962] zswap: compressor not available [ 520.623134][T10964] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 525.576783][T11000] EXT4-fs: 8 callbacks suppressed [ 525.576799][T11000] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 978 with max blocks 45 with error 117 [ 525.809165][T11000] EXT4-fs (sda1): This should not happen!! Data will be lost [ 525.809165][T11000] [ 526.025179][T10999] hugetlbfs: syz.2.934 (10999): Using mlock ulimits for SHM_HUGETLB is obsolete [ 529.009853][T11026] netlink: 'syz.0.940': attribute type 33 has an invalid length. [ 529.115787][T11028] netlink: 'syz.0.940': attribute type 33 has an invalid length. [ 529.835094][T11034] netlink: 28 bytes leftover after parsing attributes in process `syz.0.941'. [ 530.173126][T11034] bond0: (slave bond_slave_0): Releasing backup interface [ 532.058567][T11056] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 534.288541][T11086] netlink: 342 bytes leftover after parsing attributes in process `syz.2.954'. [ 537.517160][T11115] syz.5.960 (11115): /proc/11115/oom_adj is deprecated, please use /proc/11115/oom_score_adj instead. [ 537.752262][T11120] netlink: 'syz.4.961': attribute type 2 has an invalid length. [ 538.100642][T11127] netlink: 16 bytes leftover after parsing attributes in process `syz.2.962'. [ 540.542941][T11162] netlink: 12 bytes leftover after parsing attributes in process `syz.2.970'. [ 541.104799][T11160] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(2) [ 541.623361][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 941 with max blocks 41 with error 117 [ 541.722600][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 541.722600][ T7321] [ 541.819003][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 979 with max blocks 1 with error 117 [ 541.934340][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 541.934340][ T7321] [ 542.029531][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 994 with max blocks 29 with error 117 [ 542.141004][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 542.141004][ T7321] [ 542.240907][ T7321] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 2 with max blocks 8 with error 117 [ 542.363668][ T7321] EXT4-fs (sda1): This should not happen!! Data will be lost [ 542.363668][ T7321] [ 544.906888][ T8745] Bluetooth: hci4: unexpected event 0x34 length: 11 > 6 [ 545.057057][ T9] usb usb40-port2: attempt power cycle [ 545.753509][ T9] usb usb40-port2: unable to enumerate USB device [ 547.623758][ T8745] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 549.818713][T11270] netlink: 198 bytes leftover after parsing attributes in process `syz.0.985'. [ 549.893559][T11271] netlink: 198 bytes leftover after parsing attributes in process `syz.0.985'. [ 551.985715][T11301] binder: 11289:11301 ioctl c018620c 0 returned -22 [ 552.176927][T11308] netlink: 28 bytes leftover after parsing attributes in process `syz.5.991'. [ 552.380895][ T7311] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 552.820823][ T7311] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 553.158061][ T7311] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 553.541707][T11322] netlink: 338 bytes leftover after parsing attributes in process `syz.5.996'. [ 553.560910][ T7311] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 553.669179][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 941 with max blocks 1 with error 117 [ 553.703659][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 553.703659][ T7315] [ 553.736189][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 914 with max blocks 108 with error 117 [ 553.784732][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 553.784732][ T7315] [ 553.813019][T11325] Console: switching to colour VGA+ 80x25 [ 553.838325][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 920 with max blocks 103 with error 117 [ 553.838411][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 553.838411][ T7315] [ 553.893677][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1373 with max blocks 92 with error 117 [ 553.893705][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 553.893705][ T7315] [ 553.895770][ T7315] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1386 with max blocks 7 with error 117 [ 553.895790][ T7315] EXT4-fs (sda1): This should not happen!! Data will be lost [ 553.895790][ T7315] [ 554.384409][T11322] ================================================================== [ 554.384457][T11322] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 554.384518][T11322] Read of size 26 at addr ffff8880370536ea by task syz.5.996/11322 [ 554.384531][T11322] [ 554.384541][T11322] CPU: 0 UID: 0 PID: 11322 Comm: syz.5.996 Tainted: G L syzkaller #0 PREEMPT(full) [ 554.384562][T11322] Tainted: [L]=SOFTLOCKUP [ 554.384567][T11322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 554.384577][T11322] Call Trace: [ 554.384582][T11322] [ 554.384588][T11322] dump_stack_lvl+0x100/0x190 [ 554.384609][T11322] print_report+0x156/0x4c9 [ 554.384635][T11322] ? __virt_addr_valid+0x81/0x620 [ 554.384654][T11322] ? __phys_addr+0xe8/0x180 [ 554.384672][T11322] ? fbcon_prepare_logo+0x94e/0xc60 [ 554.384686][T11322] kasan_report+0xdf/0x1e0 [ 554.384701][T11322] ? fbcon_prepare_logo+0x94e/0xc60 [ 554.384717][T11322] kasan_check_range+0x10f/0x1e0 [ 554.384734][T11322] __asan_memcpy+0x23/0x60 [ 554.384752][T11322] fbcon_prepare_logo+0x94e/0xc60 [ 554.384770][T11322] fbcon_init+0x10a0/0x1820 [ 554.384786][T11322] visual_init+0x320/0x620 [ 554.384837][T11322] do_bind_con_driver.isra.0+0x636/0x9c0 [ 554.384866][T11322] store_bind+0x609/0x730 [ 554.384886][T11322] ? __pfx_store_bind+0x10/0x10 [ 554.384904][T11322] dev_attr_store+0x58/0x80 [ 554.384950][T11322] ? __pfx_dev_attr_store+0x10/0x10 [ 554.384966][T11322] sysfs_kf_write+0xf2/0x150 [ 554.384985][T11322] kernfs_fop_write_iter+0x3e0/0x5f0 [ 554.384999][T11322] ? __pfx_sysfs_kf_write+0x10/0x10 [ 554.385016][T11322] vfs_write+0x6ac/0x1070 [ 554.385037][T11322] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 554.385053][T11322] ? __pfx_vfs_write+0x10/0x10 [ 554.385079][T11322] ksys_write+0x12a/0x250 [ 554.385091][T11322] ? __pfx_ksys_write+0x10/0x10 [ 554.385106][T11322] do_syscall_64+0x106/0xf80 [ 554.385125][T11322] ? clear_bhb_loop+0x40/0x90 [ 554.385141][T11322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.385156][T11322] RIP: 0033:0x7f106899c799 [ 554.385169][T11322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 554.385183][T11322] RSP: 002b:00007f106977f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 554.385198][T11322] RAX: ffffffffffffffda RBX: 00007f1068c15fa0 RCX: 00007f106899c799 [ 554.385208][T11322] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 554.385218][T11322] RBP: 00007f1068a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 554.385227][T11322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 554.385236][T11322] R13: 00007f1068c16038 R14: 00007f1068c15fa0 R15: 00007ffdc9f7d178 [ 554.385251][T11322] [ 554.385256][T11322] [ 554.385259][T11322] Allocated by task 5919: [ 554.385314][T11322] kasan_save_stack+0x30/0x50 [ 554.385338][T11322] kasan_save_track+0x14/0x30 [ 554.385358][T11322] __kasan_kmalloc+0xaa/0xb0 [ 554.385377][T11322] __kmalloc_noprof+0x301/0x850 [ 554.385396][T11322] ima_alloc_init_template+0x19d/0x6d0 [ 554.385410][T11322] ima_store_measurement+0x1e3/0x5b0 [ 554.385423][T11322] process_measurement+0x19cc/0x2350 [ 554.385442][T11322] ima_file_check+0xcc/0x120 [ 554.385461][T11322] security_file_post_open+0xc4/0x210 [ 554.385475][T11322] path_openat+0x1418/0x31a0 [ 554.385487][T11322] do_file_open+0x20e/0x430 [ 554.385500][T11322] do_sys_openat2+0x10d/0x1e0 [ 554.385516][T11322] __x64_sys_openat+0x12d/0x210 [ 554.385532][T11322] do_syscall_64+0x106/0xf80 [ 554.385549][T11322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.385563][T11322] [ 554.385567][T11322] The buggy address belongs to the object at ffff888037053600 [ 554.385567][T11322] which belongs to the cache kmalloc-192 of size 192 [ 554.385578][T11322] The buggy address is located 102 bytes to the right of [ 554.385578][T11322] allocated 132-byte region [ffff888037053600, ffff888037053684) [ 554.385593][T11322] [ 554.385597][T11322] The buggy address belongs to the physical page: [ 554.385603][T11322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x37053 [ 554.385622][T11322] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 554.385635][T11322] page_type: f5(slab) [ 554.385647][T11322] raw: 00fff00000000000 ffff88813fe3c3c0 dead000000000100 dead000000000122 [ 554.385664][T11322] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 554.385673][T11322] page dumped because: kasan: bad access detected [ 554.385709][T11322] page_owner tracks the page as allocated [ 554.385716][T11322] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 20888993715, free_ts 20876845829 [ 554.385742][T11322] post_alloc_hook+0x153/0x170 [ 554.385760][T11322] get_page_from_freelist+0x111d/0x3140 [ 554.385781][T11322] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 554.385800][T11322] new_slab+0xa6/0x6b0 [ 554.385815][T11322] refill_objects+0x26b/0x400 [ 554.385832][T11322] __pcs_replace_empty_main+0x1ab/0x660 [ 554.385851][T11322] __kmalloc_node_track_caller_noprof+0x694/0x850 [ 554.385880][T11322] krealloc_node_align_noprof+0xfb/0x3e0 [ 554.385902][T11322] add_sysfs_param+0xdb/0x970 [ 554.385916][T11322] param_sysfs_builtin_init+0x313/0x3f0 [ 554.385992][T11322] do_one_initcall+0x11d/0x760 [ 554.386006][T11322] kernel_init_freeable+0x6e5/0x7a0 [ 554.386040][T11322] kernel_init+0x1f/0x1e0 [ 554.386053][T11322] ret_from_fork+0x754/0xd80 [ 554.386072][T11322] ret_from_fork_asm+0x1a/0x30 [ 554.386086][T11322] page last free pid 91 tgid 91 stack trace: [ 554.386095][T11322] __free_frozen_pages+0x7e1/0x10d0 [ 554.386111][T11322] vfree.part.0+0x12b/0x9d0 [ 554.386124][T11322] delayed_vfree_work+0x8e/0xd0 [ 554.386139][T11322] process_one_work+0xa23/0x19a0 [ 554.386157][T11322] worker_thread+0x5ef/0xe50 [ 554.386174][T11322] kthread+0x370/0x450 [ 554.386190][T11322] ret_from_fork+0x754/0xd80 [ 554.386207][T11322] ret_from_fork_asm+0x1a/0x30 [ 554.386221][T11322] [ 554.386224][T11322] Memory state around the buggy address: [ 554.386231][T11322] ffff888037053580: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 554.386241][T11322] ffff888037053600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 554.386251][T11322] >ffff888037053680: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 554.386259][T11322] ^ [ 554.386267][T11322] ffff888037053700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 554.386277][T11322] ffff888037053780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 554.386284][T11322] ================================================================== [ 554.386300][T11322] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 554.386313][T11322] CPU: 0 UID: 0 PID: 11322 Comm: syz.5.996 Tainted: G L syzkaller #0 PREEMPT(full) [ 554.386334][T11322] Tainted: [L]=SOFTLOCKUP [ 554.386340][T11322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 554.386349][T11322] Call Trace: [ 554.386355][T11322] [ 554.386361][T11322] dump_stack_lvl+0x100/0x190 [ 554.386381][T11322] vpanic+0x552/0x970 [ 554.386395][T11322] ? __pfx_vpanic+0x10/0x10 [ 554.386409][T11322] ? __pfx_vprintk_emit+0x10/0x10 [ 554.386425][T11322] ? fbcon_prepare_logo+0x94e/0xc60 [ 554.386440][T11322] panic+0xd1/0xe0 [ 554.386453][T11322] ? __pfx_panic+0x10/0x10 [ 554.386468][T11322] ? fbcon_prepare_logo+0x94e/0xc60 [ 554.386484][T11322] check_panic_on_warn.cold+0x19/0x34 [ 554.386500][T11322] end_report.part.0+0x3a/0x90 [ 554.386520][T11322] kasan_report.cold+0xe/0x18 [ 554.386540][T11322] ? fbcon_prepare_logo+0x94e/0xc60 [ 554.386556][T11322] kasan_check_range+0x10f/0x1e0 [ 554.386574][T11322] __asan_memcpy+0x23/0x60 [ 554.386593][T11322] fbcon_prepare_logo+0x94e/0xc60 [ 554.386611][T11322] fbcon_init+0x10a0/0x1820 [ 554.386627][T11322] visual_init+0x320/0x620 [ 554.386644][T11322] do_bind_con_driver.isra.0+0x636/0x9c0 [ 554.386665][T11322] store_bind+0x609/0x730 [ 554.386684][T11322] ? __pfx_store_bind+0x10/0x10 [ 554.386702][T11322] dev_attr_store+0x58/0x80 [ 554.386718][T11322] ? __pfx_dev_attr_store+0x10/0x10 [ 554.386733][T11322] sysfs_kf_write+0xf2/0x150 [ 554.386750][T11322] kernfs_fop_write_iter+0x3e0/0x5f0 [ 554.386765][T11322] ? __pfx_sysfs_kf_write+0x10/0x10 [ 554.386783][T11322] vfs_write+0x6ac/0x1070 [ 554.386804][T11322] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 554.386820][T11322] ? __pfx_vfs_write+0x10/0x10 [ 554.386847][T11322] ksys_write+0x12a/0x250 [ 554.386866][T11322] ? __pfx_ksys_write+0x10/0x10 [ 554.386882][T11322] do_syscall_64+0x106/0xf80 [ 554.386902][T11322] ? clear_bhb_loop+0x40/0x90 [ 554.386918][T11322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.386933][T11322] RIP: 0033:0x7f106899c799 [ 554.386944][T11322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 554.386958][T11322] RSP: 002b:00007f106977f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 554.386973][T11322] RAX: ffffffffffffffda RBX: 00007f1068c15fa0 RCX: 00007f106899c799 [ 554.386984][T11322] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 554.386993][T11322] RBP: 00007f1068a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 554.387003][T11322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 554.387012][T11322] R13: 00007f1068c16038 R14: 00007f1068c15fa0 R15: 00007ffdc9f7d178 [ 554.387027][T11322] [ 554.387086][T11322] Kernel Offset: disabled