last executing test programs: 5.797960835s ago: executing program 1 (id=3695): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x20009, 0x20000000093, 0x2000000000eb1, r0, 0x1000008000) (async) write$auto(0x3, 0x0, 0xfdef) (async) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x5609, r1) mmap$auto(0x0, 0x0, 0x0, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) (async, rerun: 32) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttynull\x00', 0x101000, 0x0) mmap$auto(0x0, 0x9, 0x4000000000df, 0xeb1, r0, 0x8000) r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r2, &(0x7f0000000300)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfa\v\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x7) (async, rerun: 32) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (rerun: 32) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r4) (async, rerun: 64) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async, rerun: 64) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r5 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f000000c380)={0x5f, 0x0, 0x9000000000000, 0x996b, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x30, 0x2c, 0x5, 0x2}) (async) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="1b0026bd7000fbdbdf250300000004000800100003800c00038008001c00", @ANYRES32, @ANYBLOB="12000000893c0d00009f17790485908286dd000004000280"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) (async, rerun: 64) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async, rerun: 64) r7 = eventfd$auto(0x7f) read$auto_vhci_fops_hci_vhci(r7, &(0x7f0000000200)=""/36, 0x24) 4.612408005s ago: executing program 1 (id=3700): r0 = socket(0xa, 0x2, 0x0) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) ioctl$auto(0xc8, 0x400454ce, 0x5c8d) close_range$auto(0x2, 0x8, 0x0) (fail_nth: 1) 4.407959282s ago: executing program 1 (id=3701): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x18b202, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='J'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0xb, 0x200, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000009c0), 0xffffffffffffffff) mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f00000007c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000780)={&(0x7f0000000680)={0xe8, r3, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_CNTDWN_OFFS_BEACON={0xd3, 0xba, "c9485a7772af4ec9fe496c7a5fcb4992f8a3f776d6cd0f097925b5d0de54e30c536b891aa959b1a7a5f9d9892d3be34e8a717af32635908981226b646942454c95ef6e3532deef369d1fe904f59b104bb9531ceb2e367bc01a39f2eade9d0e646bf92fbee1df3027c81ee87ee2815dbef44612908dd20732f6f6523be568c0d761dcf4cb7ab53fe2e9892e2843586b336e18e23e56066974068f42fe23cd6cca4ea16da00efd7dfffff7c96fc9376b41de7ea18d9c8663422a4e72416f8308ede1324c000a46b9425187c239a9783c"}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) getdents$auto(r2, 0x0, 0x400018) mknod$auto(0x0, 0x1081, 0x3) creat$auto(0x0, 0x8d00) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) 3.539214967s ago: executing program 0 (id=3704): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) ioctl$auto_XFS_IOC_FREESP64(0xffffffffffffffff, 0x40305825, &(0x7f00000003c0)={0xfffc, 0x5, 0xd274, 0x0, 0xa, 0xffffffffffffffff}) waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000240)={@_si_pad}, 0x9, &(0x7f0000000300)={{0x6, 0x4}, {0x5, 0x7}, 0x3, 0x8, 0x2166, 0x3, 0x5, 0x7d00000, 0x45, 0x6, 0xfffffffffffffffc, 0x5, 0x1, 0x5, 0x5, 0x1ff}) r2 = syz_open_procfs$namespace(r1, 0x0) fcntl$auto(r2, 0x0, 0xffffffffffffffff) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0) getpid() r3 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x8c80, 0x0) read$auto_vhci_fops_hci_vhci(r3, &(0x7f0000000100)=""/237, 0xed) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0x40df, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x408000, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sysfs$auto(0x2, 0xf, 0x0) 3.444586288s ago: executing program 1 (id=3705): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) (async) r0 = socket(0xa, 0x6, 0x3a) (async, rerun: 64) close_range$auto(0x2, 0xa, 0x0) (async, rerun: 64) socket(0xa, 0x2, 0x0) r1 = socket(0x2, 0x3, 0x2) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x81, 0x0) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) (rerun: 64) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) (async, rerun: 32) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) (async, rerun: 32) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r2) (async) ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x4, 0x0, [{0xe1, 0x9, 0x687}]}) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x6a) (async) socket(0xa, 0x2, 0x88) (async, rerun: 32) setsockopt$auto(r1, 0x1, 0x6, 0x0, 0xc089) (async, rerun: 32) setsockopt$auto(0x3, 0x8000, 0x3e, 0x0, 0x5) (async) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e22, @broadcast}, 0x55) getsockopt$auto(r0, 0x29, 0x1, 0x0, 0x0) 2.664761059s ago: executing program 3 (id=3709): openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x2, 0x0) (async) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) mmap$auto(0xcf, 0x2a, 0xdf, 0x9b72, 0x1000, 0x3) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYRESOCT=r3, @ANYRES16=r1, @ANYBLOB="010027bd7000fddbdf259900000008000300ec5e24c563d077d911c75dbcb8a33daf6f9e0e775973ac9aa6c946b7d8534d8ee72bc7e60990b20410c280d562d35c66fe7eb629cae2792cd1e5b90be33f656527a54e74a779a579", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x440c0) io_uring_setup$auto(0x401, 0x0) (async) read$auto(0x3, 0x0, 0xfdef) (async) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) (async) lseek$auto(0x3, 0xffffffffff800002, 0x10) prctl$auto(0x9, 0x3, 0x0, 0x6, 0x100000001) r4 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) (async) r5 = timerfd_create$auto(0x6, 0x2) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r4, 0x1, 0x820, 0x7fff) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4ea02, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000180)="fc5ea5f1401a03cd7d362456adda0cf384c0e2d7bd3d31e409957ab6bd240c4af9373f9691253b947acf08619bf87d27ebc9b1fff0ce71c342980e157ce4c431437e") (async) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) (async) bpf$auto(0x5, &(0x7f0000000200)=@info={0xffffffffffffffff, 0x9, 0x8}, 0x1) unshare$auto(0x40000080) (async) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 32) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x280, 0x0) (rerun: 32) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 2.485998148s ago: executing program 2 (id=3710): ioctl$auto_XFS_IOC_ERROR_INJECTION(0xffffffffffffffff, 0x40085874, &(0x7f0000000000)={0xffffffffffffffff, 0x7fff}) sendmsg$auto_NL80211_CMD_ADD_LINK_STA(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48044}, 0x20000040) ioctl$auto_MTDFILEMODE(r0, 0x4d13, 0x0) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000180), r0) sendmsg$auto_SMC_NETLINK_DISABLE_HS_LIMITATION(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x50, r1, 0x2, 0x70bd26, 0x25dfdbfb, {}, "a60aa25bb9e5ba605ee8622dc6b034247f37920b29efc70f515d464c863236b7a4d61b8cadcc4b21b2d2b5388293188363c8230f3c92a8d61a230116"}, 0x50}, 0x1, 0x0, 0x0, 0x11}, 0x4000) r2 = bpf$auto_BPF_MAP_CREATE(0x0, &(0x7f0000000300)=@token_create={0x7ff, r0}, 0x7f) syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000002c0), r2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/slab/kmalloc-64/red_zone\x00', 0x400440, 0x0) read$auto_proc_page_owner_operations_page_owner(r0, &(0x7f0000000400)=""/4096, 0x1000) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001440), r0) sendmsg$auto_NETDEV_CMD_DEV_GET(r3, &(0x7f0000001500)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000014c0)={&(0x7f0000001480)={0x14, r4, 0x0, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0xc814}, 0x4000000) sendmsg$auto_NETDEV_CMD_NAPI_SET(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000015c0)={&(0x7f0000001580)={0x14, 0x0, 0x300, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4880}, 0x40c1) read$auto_long_retry_limit_ops_(r2, &(0x7f0000001640)=""/128, 0x80) r5 = semctl$auto_GETPID(0x437, 0x6, 0xb, 0xffffffffffffff16) ptrace$auto_PTRACE_SETREGSET(0x4205, r5, 0xa, 0x9) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000001700), r0) sendmsg$auto_OVS_DP_CMD_SET(r6, &(0x7f00000017c0)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x28, r7, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x4}, @OVS_DP_ATTR_NAME={0x9, 0x1, 'l2tp\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x44000}, 0x20000800) ptrace$auto_PTRACE_SETREGSET(0x4205, r5, 0x8, 0x1000) setsockopt$auto_SO_ATTACH_FILTER(r3, 0x4, 0x1a, &(0x7f0000001800)='netdev\x00', 0x81) recvfrom$auto(r2, &(0x7f0000001840)="a685506e22a079d900681fe74a2dc82ea065d303caa7d437770da37833e869bf79a36416dc8c1846a5791ecc659b7f20a25121812d7867e4d4b1eb242932d000f4939a21bea2dc691f72fe2441b8a9464aadd2843887e36d774ea622cd6957b893648b254807bfbb71a3e2ea78d56b249c31a01e4d945cacfbeb1d9100e190a540c9ea4b73f0c97c5f816b3c59475ea3e9b977ff8f5e666e006720696aed58c4ab14292d7ddad8cb5ab1fa332646732dc7fe8415fe5a297eab8e64d1615268", 0xfffffffffffff2ae, 0x5, &(0x7f0000001900)=@qipcrtr={0x2a, 0xffffffff, 0x8000}, &(0x7f0000001940)=0x8) close_range$auto(r2, r2, 0x5) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_GET(r3, &(0x7f0000001a40)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001a00)={&(0x7f00000019c0)={0x14, 0x0, 0x330, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4040000) mmap$auto(0x2, 0x4, 0xffffffffffffffff, 0x3655, r3, 0x2) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000001a80), r8) ioctl$auto_RTC_RD_TIME(r0, 0x80247009, &(0x7f0000001ac0)={0x1, 0xeda, 0x4, 0x2, 0x4, 0xe, 0x4, 0x2, 0x2d6}) waitid$auto_P_PID(0x1, r5, &(0x7f0000001b00)={@_si_pad}, 0x0, &(0x7f0000001b80)={{0x142, 0x1}, {0x7f, 0x9}, 0x8, 0xe51, 0x6, 0x8000000000000000, 0x100, 0x3, 0x4, 0x4, 0x7, 0x4, 0x7f, 0x9a2, 0x8000, 0x8}) getsockopt$auto_SO_PEEK_OFF(r3, 0x81, 0x2a, &(0x7f0000001c40)='.:z},}{,%/\x00', &(0x7f0000001c80)=0x8) 2.415003496s ago: executing program 3 (id=3718): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) read$auto(r1, &(0x7f0000000100)='nl80211\x00', 0xbe62) r2 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) r4 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), 0xffffffffffffffff) r5 = waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000100)={@_si_pad}, 0xd63, &(0x7f0000000180)={{0x800, 0x85a}, {0xeb1}, 0x6, 0x4, 0x2, 0x2, 0x7, 0x40a00000, 0x0, 0x81, 0x0, 0x4, 0x5cc30e6, 0x4, 0x45, 0x10001}) r6 = waitid$auto(0x7, 0xffffffffffffffff, &(0x7f0000000240)={@siginfo_0_0={0x1, 0x2, 0xffff, @_sigpoll={0x10000, r3}}}, 0x1, &(0x7f00000002c0)={{0x1, 0x1}, {0xffffffffffffff7f}, 0x3, 0x5, 0xff, 0x6, 0x200000, 0x2, 0x9, 0x29, 0xfffffffffffffc3b, 0x1, 0x6, 0x3, 0x2, 0x5efe}) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000440)={0x28e4, r4, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@THERMAL_GENL_ATTR_TZ_TEMP={0x8, 0x3, 0x7fff}, @THERMAL_GENL_ATTR_TZ_TRIP={0x13d2, 0x4, 0x0, 0x1, [@generic="52eea10fd4bec4631ddb826735cfabe9c936a7eeaab0e41d29a64ef268ef5f496f311ab4621eb41a0bdfa0d81a25d4a3b549c3f0d3e6e6eff28dc78956e3cf52c16d2b7ddbff24984567878eb56927cdc0837ddf1ce3dccc104b267542c92e9345cf89cf03c2c91eea934f6d77e0321b8ba65f95b4badb5399b3b029dab3baac082cb33d75335a9606d9990b3ae45848920bfb4f2e5bc27dad599de2541a92b20b13be2ed784aa8b5976c3a5f2f0d5288e6432bde55e0258bc11d0baa05ac8e65cef5d648a", @nested={0x8, 0x95, 0x0, 0x1, [@nested={0x4, 0x155}]}, @typed={0xc, 0x73, 0x0, 0x0, @u64=0x39034268}, @generic="f256d928d698a52564da05a9f62f0a00b645b668383976274d67f56e78d485c30111cf93d876511fccab6ff101ba0366c5dea5af7dd915e8b6006bfe1fe1db9092a5badc7803d943266d91ad0139ad9fd58dd46f98626f5980152c59b5cc12bad709a17f31", @nested={0x1186, 0x12f, 0x0, 0x1, [@typed={0x8, 0xb, 0x0, 0x0, @ipv4=@local}, @typed={0x8, 0x4, 0x0, 0x0, @ipv4=@empty}, @generic="fd7706448d03605f0229f3628a6b5e8c0206ad29856fdd10e1bc35ab6fb63b2d739076d7b38c09b4007bf65a63353d8e4f6c8ffe48b024d70d29e4bf0be51fd7", @typed={0x14, 0x29, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @typed={0xfe, 0x1e, 0x0, 0x0, @binary="e11f3cfd3625a3232b9e8d8b1da742e7a0ae14d59271c13e991b01679c98d9513247a541e8988dbef86318ef07f499d70fbc7d6b2680981e91450c0b4748070d4af0471fa6a65fdf4f22b1bc0121ce48901aca7098abfc94a8d07d0ea381cb8eb325ec3e40b48517487b94e6b000b6f35c56fee2ca3b03caaff2c1a3929edef4138ea699419228b775075aac8c7c79372966c20d914a83d0e39843528e6abd5fec97f71c8504b831ac68fb132853fdf71963695c1db5d9f805288ece6834618d9602bdf3e0eda7178609099ca1dd2e10b2379288a7466580062047a2c95437f791b5316ea4f72efeecf5e0e52a0a0501b240b6835f9e441967d0"}, @generic="4ac893fc9c35810292f39f8fcae8fcc30d9bf6469eb6577330bccb1bd90146cb5975507607018e8bd9e9f5ccd311294813cc29d17e5bfff91cdd2471a6d0366f56e5f59f81f336e7466e672885662a01b102bfe6341469d69e1abbdb1fccdda190556115bc947be902ca9d8b18f0f248160a79345d87ccb514addc28ead355961d2ec9cf520f1a8e2bb20c566d2ab574a52c5bb4ece6fdf120a0fe7f2ba6b1d184eda5d027d0d8c29be62806ef459938c0d160e8fbaa5c5e9d05b4c90b3751519d3f1cd5a5480903d24ccbcf48d17515cebd4779dfa06f23761a5ac8a8baf6af6d463fd4dd48f541f71b37f72dd425f06ed6ba434680f34d6cff9f34689e4a0378b8844386bffe47425b32f1da8a441fe7f8f2186b7a4662bfc89f0e45051570548373a9d2a86b58ee26172f50178f9537e87399262cd89cb5bea801b2f3e8d86cf072eb9e94e88c391d772f8d4d6c602dc5aebb872116d005bf0bf66f7c610b21edfff50cd73794742ba6d88262b47d50a52af3867ed3150504323923f1422590bc4b61cceb46c5182c9de31c83aa65529b9aef50ea2eacd438be539f74370065ed4b025b4cc54d13d15cffa1f9ef42ec4f5d3e7b2365819218f5cb88bad44c5dac10a09d81c2a5da32ec64cac12bada79b22e711a912b9f593ef5e6d27c589a47456890b0758e52bd0c6e74522f120153054d01e6118d8da3a6ec562eb34118866f34047ffb2a0b56713c88866956466e215a2f960b8036fd1299a253c18db22a4ebd2051392cd6bc86440eb7416c8a7e60c1af03728717836c8e183880e204b69561890542bc49295a4d30bb8f49b182374d18ae2ad505ca08ba2e7ab2db728c0c14bf10824a9c4a44fd5de6c3f6ea618349eac634b6751404680d9c92d0df2a11b32f51509adfefbd1054b4d3a55f1b98ecabdcce463a23d9e44b353f3014a473a1ce386d1741a3b6044b9c976e80224d37f16c4226468cfac7ccc7e9a7f974e641ad3f70d674c30a40ebc7b03eb56d7e16e286a36d653b65bd6371f5848dc706b75f62b373e6c02ea5d88239c6ab50028436f09f978852950f28df7f4760dbb007ba1f723b3bf02415d0bfb23f4e3e84eeeeaa35e4fa669311effd9b732a382b7bbea03638b4f3ba0726b9b51e698691dca72753608e7c6910dfae223830fe6baea63e5791f8daf2df6b6a8797df706ac9d9984a297c431c90c7156bb6d539d67fa91882af0ab8f92652d2ccb14af1ad82dc5386be37163b295dbf4dc94f219c2064617bc398d686f9797695f65f6663a425fcdb1be6ba7fd83f93425a64664a52c5fa6581e80196d2c9120b420c6f903c23ef957d7342631d0c01ad597d6021ae0564e5897900ea72fdf80fcea25c242eb98a60c126c7e6ac8fffea093a7a239ae596e2f4f03f09a7759e284abe47660bb5f24d70c762a568ad2bf2401580002838f35560d49e229f1ec7c39e1c56bfa7c9e0679b6ccb5ceca18df4781a1f388ec70ac49398192cefce02a875fcec669c964fdbc591f3f990d993124f65aeff329d2cb5b62d9aeaed62fec0239b463b7d94b7cbe535afb758fe1eaba01e3ea46f39c4b2557ffd7f9527206ba214f693f605a4a8b9ac1d42ab7a24507edb99aedde405805d7acd6a49e09f2bc837afe34b23e6e8835705649f31fa58aaace4c7eca978a9143540f7b093cedcf3ec9ba352f0e0cf6b5be0bbc55d7bfd7dce18744f5cb63a31c7b83fb103d00897baf0aa1c643a1b6a9d7d78e81f80d8eef8b40f53700a2530b0e3d84b5153a54924d356cf77a3ed1d28da1344ecb4de3cff31f9343423198f247d76e105448a726252c7f1948b29abfdcf65ff57086fcd12f2985cd74ab6ec5e671c38a451cca9d598362b056a6839cf0dc68061b397363cf393b5ff59c3b285b0a9d2231359bd9f683326232cc43e08c29a03bcd23630ff4b5df58d06f307e569b59808b04de9ee932d93097fb9acbc130f6f92c2a395ea407242a64bed5dbd561469652f32b9f57d7655f537761ed9e3de39f802d76cc6a35e89797b88d16e59d4c009c992281b07aea174f392156751e1ced5ff75b23dc31b5c7b739fda1445171ea81a2d487f7bab5092e374614802e18d70419947b957110e7dd00db4312466f26ea57728456c5825504b261bfb20bc17de93be09af6f362cb9dd25c51ecfacdc66e7f6eaac8f6e2d13d9a09cc1879a72f2b29e07d293f0cd667a1492acd84263e756d71219471151e7380beda445039c389e5b0723f9331bc1f85f6868d8a54c2e8a0e457da30f49b84cda8b253b2946fe15537f4daf907c29889d98dc3b51a8cb80704287aee327e5f4a26fc3324667260d2868091721e49dde1341c5d902cd723b38907250dd189282018f41a6f6fe0c777e9868e4a00382baeda3a9c4c14128c82662a30210e3413560ce8115a2d2dea569a066cf76e87627491212d6f708ff31a18aa8c1c91101142d3be766f08132f88908d22e498f562340ef3ea24cd21c9c19d0f7aca244f5666354b9a5c398fcb750240d1d5901ae096f6b5cf2d14fd6bb87aaa552b2271d893881b5da950a585465c50320cecae34e0b68550148ae52fb4a59087ca0550781e4b20025c061e4c035cfd628aa916c1c78bcd17c9064efddd77fda8ac8aacfaf1578427c2d82010cc70d7776e7436cd1cbff089c2c2e8b7897c5c205a124f753248b68322aa8a13b5d8345200bca62acd0f0c6df6afac8e2a70df03f42374f0607d24f9c696481096175940606dc625644973feb791a0166350e00ac1ad33046e8f66633c87e236ef925bdf107adfa444d462846bdbb932c8f4833846280682fd40535123689cba2d79bcb2b146f5cee71ea81fbd055b075b28e8658844ec6dc321ad31cec44d4f3f8e08446361bc07e47c1ae9e65cd628eef6b3bbbcece05302ec6cd3ec1a74f4c7db56db0af3daaad535cc6ccf93d14859ce540ae7161be57bf536b368eb8efec4303a0298b2e35054615d677182f076be88b3c3e5dfadc822873ed8d846ef8ade786ef00a78277f5643447ff58847a07e7738ce5a40b1d0d6e9d76a31f1ed119807a59c2d317af1be5d163aa96120f885d76da5671e3026e9a8545da7b938923f9cb07234b042fae7e70aae4e887fe9f5eef28a35fcf193ce169c26932773f54d572bd9118445bcdefb521b7ec940e93b170d4a118ed929ca400787eadd3b8bb84886f6579005e7b61a9de37efa8c5043349eca833b6e16e6dc38188f9dccd2f1e2b63365c06f9b47fdbdf946e150d0b669be295298751213cc8e741713462cc2f563aa29434f54e42319db447b0e8f0d7268726d1b051d7d94ac3c75e2c35ad9e7f038a3dd794ff46fe05b808ab5509cd3ab0426e8084a85a0fbb9a1004e6679ff5a8854ffbf43bfd8566bedd5b2a80488cd9a137b50bb0772a1edcf9a0e8dfccea945bb087592875b39ebf41621a1b6288f70a27da9983cdf5f7240c8ad24548339f74f7de0f7b2b6bf1d63f6b7160a3c445dfde1aa34526b0ecd876e994b59cc6660fe6cc90e52be9f5ee87bdefd71aa7885ec61f97704947f75c509ddf5c26f6a0d06b7b8a739d7aefe37966c65fc984c7b19cc806664db136479c70b22679d75ff374a60d25f5adbf0aa2fb32f23d1ec78e198c5de2aad61fa8128173f631149cea4323cb9e77650f950d0450f21462ea9d22fc54d9437743d44e0353b09ca2419b963eaec3b26b46941d0ea1e82c14c787d904a3c71a2a1ae1fced9f4dea4180e66e2efecc79f8ae21577293d5c2dba16753453c1302bac428662ca79835b64d88ded2526f1d4de7080a1e2685c51d9915cd6eef088bd0fa2d78315e5d2f12a272286cdfefa9947d1f5313f6bac08471fd6fc46037ef08f98645380958e782d4fd52460017896ea0355ce0f17c3929bc0a0b03ca0f72a29d150d58d77041746a5b76752b8d51ace28d6e50163cc2f15d12c36dea24f8d3555b87029ab02ac0b802b5cc7684d6f8961edf8b000115927abfc28dd2fe9fb806e171d2501874eabfdfc2655a3d97dc8dfc4c1115357705b5a5d7e5b07faeffd3bd78b5cfe57a83c853ad8177c67321af338d0307970a894a8542879d0c8733e43060ea2db0139f5b239ed2b923a2f9be78f6f9f8f5e9dce6aa7dcf503b85514a1f55ca4ec32c0d7e459c58937e44a06f0be95f2d7ebecced1f3920aa3ba9d10545343fbbc4f4c897d6ed526e3606818902c8cd4b2b97df6500f2ad0529ef652e8d24497b86b06909b1f964005dbd55c7d6e16fb851d5b1241ca26e067731983ba9e645c0be66dd856c91542c3fc31151de77177449f9387e92260008e97348d0ff1830956e70626644f0c2e90580faa984b6f8633e847090862d69019d35c3c11d0864409cd77ba2517c63630ed885a68eaf61b96abffd4975ff59e593759f28ee8a2b7d3c3c17d6212162595dea9ed35d244f15897a4235651ba3f7b577a9694ba43f29817e6a7ccf2b5fbd92ba364e872ba3dc6adedb1d64bffcb56409b2a1d0fa7af02a1a76c729de496dc79094f64723b6bc633606aaa141f121e6f59874ad0f4d1fca210068735dd7f45c96e0651243d627d7d9cc5070db91297850117375f0681b356d18c5c33ff1697f228d86860fb81f4e6261d06d0725770308717e2e039907fe082349f2ef04dd13b5289045b81ccb85cc0fe342db806ca810bd3eda1fc574936c9bba96fef5ffb27df06824030efb65e2e25fd61960fac81e7a80eeccc0414ab1696df2dc2d708b0be6092dfdf9d079b68385bd554662e5b165aaa3e786d1faef2a48bffb1ad73740681c974e9058403d893aa99f0b8752214fea5a5fbeff405a2254fb219228cebe1dc848d6a4404f23e91a4f5d0e4e4d5ac127b0697bcc41558ebadfda0a2a5d3097aeedf20fb0772fd02caf1f9eb90cb774427f0ce3ac36e6fe5a4832b9c79508a4dbf1b016e41a437b95ab0afae47b907b10d5fc71963b6734ffff4394c4dc621e8a6a7fe96df50253c33382902cfed07cacec405e7b3b4be0a77cb59aa3cba3777d678d2117c6bae5428323993076f4ca6dd47563d1c05e63d6d0a539c6733999c007975ae10c72c1acad44042fdf17ac8d8c7d8e95bbdefca4493a19beb82dd641725e8512270bd5761050d294b213478fef63cea847473be01701818625f7134411cb5bd0cb236dbc6ecff4045a80115734d7d3fec8a293de2b6c7811085cdad4a142b2ed83b0eab87254233f6e927f2ac0ad174117bad64a86a2c01d26d2f15fc71212e68c4e9f04aa39cfadafec697639196f4bec8f05f14e0168eca3ab9ac166be127d16792c6375fc2a7f4f4e71f07030e9a85284c03ac10ab88daeb1df024c89d8dc650684a9afec08f8ce9f13ff84e57013787bd98d917ce067bd83d6b3c0a30cb1a131f681f96dd771a96428248ca49cfb38d71368906b17f5d76759dcb1baad4bbb8caee4b271dea22684ad1fb07fa2805e253884ecaebd73526cae328d448cccf81daf59bb7eb12cc7299c04550b66731a4a45d865252df659eab39d380c3f4474473a8ecba77e3996e335ed63e73fef3d66de04bb64cfa6824ae8456a43d349d1bb0279e78c67402f82edc9916193fd9eed2eed849fd4be3b549bad28ba8d91079b3083afcd05a5ce9c7da5374df41dd5a6875effc50106ee1808f0c4c961af7965c9af904988cb1de385e52115bd52c748ce17850824f92d5d06bac7247128cc3b9f0f97cf5905d87fd98f7bb8462a21f3c15483ba165629664df1e18495e7335898789d3035fd1f31d645b0b44f33a8af9c3", @generic="57c8a4e3019d49388b73ea46cce638b5f938642883fd92340d8a", @nested={0x4, 0xf}]}, @typed={0xea, 0x21, 0x0, 0x0, @binary="5a4eb14588802abedff92e82e0b33f56de16330a34d74ced84c51ff138b48bf849ece3ec874b2e8d98f18de5f5bb3f14b1f6e05d450281683baf974634f3e672496d182d48b00e762c4d8438b578531533bace1e09f60932ebf413362f62ee3c95b970f7f3dc8a8c83a521d33e51c085a9127e8b83737d3f33113b1f1306ba837838bac87c767de7588d3a28625a257ec8fe8d9cfa0a18eaec268c1087b8e4357b63282ec771b40d082764959d68a061cd998b9f33d03d33155acc503122aef2274cb0c3eb04abe4bdb3bfeef2dd91c18fe455554c4b9b20fb5ef279a2c7a3130054a283493f"}, @nested={0xc, 0x7f, 0x0, 0x1, [@typed={0x8, 0x71, 0x0, 0x0, @pid=r5}]}, @typed={0x8, 0xcc, 0x0, 0x0, @str='#\'.\x00'}, @typed={0x8, 0xc4, 0x0, 0x0, @u32=0x600f}]}, @THERMAL_GENL_ATTR_TZ={0xc4, 0x1, 0x0, 0x1, [@generic="3a1307cf049e83fe8ea1012c13acd2eaf1452b136089e7adc982a4fd85fd1c1c705e4bbd71816dafe76fd3221f16e1ee4c08cffec31b9b08c1de68087697b882a162892e6e0aeabe4dcca2ef4f3bb0670339e7cc33610964e3f61cf63520a210247c720d5aff0811fcbb893a77a7f8474da3d83888a9a08d00527c3cdcbd98517effd8abee1e86a069b7cf59286a614f6f43178f7ceba41d43750dcf1fe50effd8baf6ecbc7ada21848c6ca115892da1d22b8753fcecf4a1", @nested={0x8, 0xe9, 0x0, 0x1, [@nested={0x4, 0x12b}]}]}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_PERFORMANCE={0x8, 0x16, 0x6}, @THERMAL_GENL_ATTR_TZ_NAME={0xe, 0xa, '/dev/uhid\x00'}, @THERMAL_GENL_ATTR_THRESHOLD={0x281, 0x18, 0x0, 0x1, [@generic="b068181ddecf4d73805bc925a97d4aa47b0bf7bab6745e3aa9d0ce5ff9a1d54edb7ebe65eec09fae1554d895c49f8b742572c2504e27aa3f9237555e6f845f249ba9fab483061d353fc69992ed45a44babaacf0a0cee9b20acb3dcf865f2bc25502b22c1a613e46c9fc57ff356", @typed={0x8, 0x1a, 0x0, 0x0, @fd=r2}, @typed={0xfffffd17, 0xff, 0x0, 0x0, @str='/dev/uhid\x00'}, @nested={0xfa, 0x6e, 0x0, 0x1, [@nested={0x4, 0x39}, @nested={0x4, 0x30}, @generic="914efaad0c26e27f3ffa3417ec2b118ef3473cee9f1de25006e2e2898d2e6c413a5aa10aad01905cf5c5cbaf71d9d83e45fd2a01ebc00ac2aab18f3f15ade6b15dd5b52756e7edf39d47710c688c4ebb4bd47783cb7b3a05f6ab04adeebb08a11a158f9caac1a4359e64a4a7348cd25d9299ac3bbc65a73067aaec220029d5c416c901c698b0ce00a413d7655a170aa170af82c92aca6ee4796883b04d7fed5cf0eb2d9e8108c5a157b88a6e4bb7b361a0b0443c778ced0d2e358cc94de614a34be2bfba04b4522ba6cb9cb8415157ff93fb267330d9d12e29281a411c5bc5cd2862", @typed={0x8, 0x10a3, 0x0, 0x0, @pid=r6}, @nested={0x4, 0x18}]}, @nested={0xfa, 0xf, 0x0, 0x1, [@generic="4b4b760e830caded00064a", @typed={0x8, 0xe9, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @generic="20e37f2606fdeea781d80a1efbe8b78283a8c3a394c7721db4749cecb70e958273b719666b4bcd9629edc433879b99a39b227d51d359d353b1233dadc17968300862ffc349c4ad08f895423005d97c5bfdd4e2585ed149e3ddb4ae401f0cd81b54468b34a2197bd9c7f637b4acd33b587e0c1c7a51735f2e80ca5734d93b7002e4095730661bff8ebd53601edc2816f8b0021b96971e0f54afb40ea6f3ce2ecdcea3ae7aa37deb3d9090b3aae48eca285cc751df858dc58858cf053b50041252c0a0605e8e0851fe3ef53bfe1bb04da6e1d9ee8dbb779409a073a3b31bd8693272b139"]}]}, @THERMAL_GENL_ATTR_TZ_MODE={0x8, 0x9, 0xf}, @THERMAL_GENL_ATTR_TZ_GOV={0x1189, 0xc, 0x0, 0x1, [@typed={0x8, 0x10d, 0x0, 0x0, @ipv4=@broadcast}, @generic="928e5f5cf31fbf4824ce3b89c1051372b65ab74e5fb2eb53b0c694f048e2cb3d9eb24fbe638317cbf1ccc562d738999c46fdb2650888158a010120d8c0b0a10f6a4c43812ed2601b8932957b616a9946866d7c666a692c0a6f22abb75e872896", @generic="c02a46fa1127ede46ad3d95bf25d28ddac0d86a83436bb6ecf24fca92dab0160491e7e", @generic="9ea87b02e3a8b5eeef8e56dfcd1bc5cc32c81fca9efd17f52fe301b3b2ef605a57b7c5ed1ed5ab30139c85af57a8a93b63d82a589e20aa1aaba1ad941807c239773838908ffca2a3fa26656033fa58edcf12e2b52f8292da66c564b73d86d726906a3de6510ddf315eb9ec3e51e9565d19063e15fabbb4848b899d4839311099be861e26034a3162dea4e33f1ce1cb4ddfff9db7668e2d5f5f836855e74819cceacb403c21e716f66dbe9b0ada929ad79ebac56922562ffe797e627a7b1e5bbdb01a6cde0ab394c4049a2da21251872287213dfc3a74b7426f24ffea122dcf9e3694c96cd224", @nested={0x100c, 0x92, 0x0, 0x1, [@generic="94c09d8e79f8c280472f03fa08908fc181483957ee246a9152817e667eaa4cb1739725d9bac86cea53b4af74239d7babfc7e4c3d370207fe56f93e230374d2908de3558958034ef404bb7422fbafc307ab23f55584551ba4929e6f38295576c7f5e4ef1a7ecb101e16634f90f00cdf67916a3e2986a89593325aeb017ba47ba7ce7604b8c4bf29e14805a3c9dcebdf8f97e500f705889ddb5ee899909ea10f855d1c3e494c122b4bc4190a6e86c473093d2b09424837c8b6da07216c875bd1b79ee5d1a28a0623b8dbf397122a4cd8f682ba42ec482b283917859aba4ede1b3c5bfd6a452223608e4c625a76555d10e24210ac2b12fabd84b2d565dd953327dcab370fc2c79e3bf42a4bad512e41d593b22d5de48b2c5dca085cba04fc286950722257a3a332a69963b29d08981426ae1b0cdeab46372ed65380be1f96cf55da322415bb375ac33245510b6611e7dfa66ae8d6b3b135af5c7aadf0abde697ee7045450a157e49e3a2234d355d6d2d078aa9e99de0a0d21f0eb32281bc2b82caa058e81345869a9484522bb4558326969c6a32235cb6045d839f0afdf2cb516382db7901aa2a63632f366aad207d7da9f1459bee14373788b7fbe71f83e99a62838c0bde3a80e9b7ff361df47fdf198b808acc5020143f3610ac44af52b308beef13e6ec677d1c9707249963378d5fd423fa62ecd23c707a0aa2d2da85555fac848d13e0b8b9562136cfaee31c8617463fe934e062f853a45cebce685f0e8073eb5085c5b5d098ed84627b777b41695475b25b71ba83e5f48abb53abf8fb95123e890c4201a6b3719e880505c552b98c1ac57386337c801f714a5b287d9cc61736607764fac74b6f78b7ea7f83b6d2bff2f3dab3ec6c276f1bba19a520023834310cf7854a776f775a49ba64bb93e63282952ccb8365f68ff428346beba2bc3f74c1c2d7a391a554a94ad13aa8eefbcc15b230d146fbe4ac8d0629ed4277d9fcf8304743cad53918eeece4f61041d01389376e9438c3ea1ced9de635aeb7899662f0d6489c22a253b67ad8d26e00bbf22d3f135734f15ad28580cd935d5885a5a5e7eef7bdf4e13ccb9b59cb46cc85e38f352138643534b3d1a8d67758d9a181249cf35d80d533e153865ce10d2c8df8af9f8f5a5878543a65ee1e10656d053f045c66bd93f08ccabab062c8f1ca09b943495bbd71bd7f0e9ee4e5ee6907d0844f9bc19000273bc2b42c2f7e0c9ae5f14a1c4eb027c093ebe534682a320a4be9d2287e14f706c5bdaa458a9326627d19e50ee7abe8cd54c4bf562ba3d1b0e18964d3e0e0413f992ad514de957a599d12de022cfdfb0e977d0f88458f1140dd7c116abc565f90ef86cfca3b875a6f7f6496e1ce37e49ce447cc117ea111930c807c714ab42ad3587e6f09424bc8c55e1600a514230ea08025f2c178dbadbf643edda630bd81a8547a08f03dee10daf276eb41c6033ee58da928b2badda4e13f196f9b035bc94ded33f9ff9d46467265220be0ed2361c00b548d9835afa405db7d0c868bf6c7751f6b6eff41459dc5312929674938fa147a977d9d9ae82e41768e46572a0466d7deb5ce4dd80274704e106d847c349853cb88ae82848e7c9d1ed151cfd1f480b0ae285e60bbe37bab5eb19c3d9a3898dd0b50790de1739ebb84bb92e150f952ac3ef35cb45bf1069b3d0c4ed86a246cc14f1a75303d5c223070d383457727b5366e0034e9f7c945f3f0d07fec2ea8b276f00b30e96f5b898293b0619e6718af44143e8186863a4507d59f15994cde1a21635c96a3653dee7504c2e7c38cc7c4b3f52960c40c21baa98b89e11e8777b97644e17032ed8065fac7fab7328590d8780e7c961da8db1f84f4c840de3f4c1fb36adac1d0254c0dc018d812d23989460423c1df667aa3b0500808ac1fedc0e82247a4fc2c929eae236ae711185f073deb413632c758d1b4b42505b3679f9e49ab8ba05ea4b520dc15f162ad60d20d09cc451f1efb6391ab0a85be60d12a3a7ce4fb14066c71114070ea630e02eb3e391597b600dbc6e34da874c7f4eeaed2a6d1baddd842a2b508d71f8c9810786a4b98840346a4ae49f71821baefd1f59ef8592253349d0439d381ddd308ee0115af7824aa40cb8c95cdf6ac78cf594a4fd60418c394bd2a57eb36914a6306898e1db34c48617538ef978b97d2d514b177d65c2104b1b6531d6298259ce49d64d718a8fd14abbbba37efe55f5edc856a6a3dccbfca8e04ceca6e2c0561499b825a2f7821d9e4142bee015be6197d37054829c63a169348322853148ee5aedcdd6f694c9c50953a1ab379909a5628d71b9dfccb8479e8ed950dc2f3cd9490c6c368ec26df85affbfb0ba33137fd539a8443dd0510d2b744ab07a786778234ecd7f1af9c505a0357b21ed681aa13ca574bd552a3bd1553abb3e534c426cb2f2ef315aa8587891ba045172546e78d01044500ce07113285db232ae705e9838ab1c6864f967170b3e0707fe532437a00a32699e2bad8ada8324f1b5152a23f6a20529cfc04f77587f0be20e32832e022dd2ae64f6ccdb178aed16b10085f2b284c4c76ae345c55eea98f9901636895891336174e18a43dfe1b1743ca73a5c0ed339e09ae420b3151044f13c243bb2b0a8679ac7b82d4b87d49421a63162ecddcf9fec9fc2effaada9f69fcd1eeae7004265496e5ae2e1c9382ba80ae318b5188ae77e405fb382a9781b8b492b7bc1e72c012e31c4701a165c537f8cbbc195adf9d13ca57f0c6e03921e85b67bf8f23a222adc013f7314c86a5f650324168bb2c295e89b093d9efdcbc7d689959c9ea22cebd3cb13635e62dd0d1113d26b994ede3114ecd0316302df96cde356cb45a54a4fc437b4aaa87ed3501c0f0cf95517cfbd15fbf8a60e9796f158cb3d62aa72e08f3096ea6e2cfb82aa5b70802a4caf09b37767ed360045626f8c88341c33efd2ddb34cfd09790e2e2e3531aef3671838a28e59f72b2f4f97ab0e54a66fc652a2783640dc7059ffe7b6c2a4a538e1e219404876fc7cb463db638d9960ae903e29e71c5162d23a1513daccc94f78b930d690d7d4fd2b2d9d84dba9a660d8057d6e308a5b0b5c5b63f665c26d0a82905a9f52a326b3e10e5b581b34954b1d58681d4d54d9092075a387b5a4b7ff6953e008f82170cb057d676a1596ff0dc97818237b74b45451db2dd71ba405c66fe6aa0f627996390bbd5d218dc745275241d2f6236ee53ede5dd84c8f10464aceef9373ca69bdfdba4bddfaf53e8429ad35fa8c8d133f36c9fc4852d544a50ea9149c6211e9d8ee6200e7ffd41dafdff8fb5df359bf58d9005f5df8941dfde6cc55df0c3b42adb41515b816362c8956e594714aa241b9078205b3748960237fca656957cc47f79053c9d80acac5f528d33a0eb5c7a53f43d8943f50f1148e1f53611402f0520097273125ae0c6ae300d8d14a643805b85f410b0f4ef91851e1bce7d8b74fcb6f7bbf716ca7e7a1e7a8bc3338c23a195b53ff68e3f079c265f838fa280809ed17c903ce1e992782c3a1e66a964651677b53acceb592121f7918c3e103ffa2bbd367d6fb54496264d081885613ab3d943d0754211ab1a01a8207bcff3aa433c8eef2ade2f0f6d1468b3e3c0911be4fcba9311182b63c60f9629ab45ff88f74291d7cd5c7c710285fda42ad4c418736ddfc3c4cc5def411e7ef1b7847da8f0846908a3c033ef4c67774c82b72a02ed173f6585c93e90932453982abfd642f609d396016199ca4cd559e85293d46f888633266bc4e4b83653b451f748344c22d2f9375441ef6afdd7949ab524233f1b53d4f0a11365f54e33e18d767f10aedf392fde38e91a2bb5c4dbfc0a80e8a50ee90a7e0d4be5922698c47208a9f4d790ab016d8086344467e13221488762410255b4fe90419e1f966f0d13b5b1741261d2664a7814953913cb97f511d4050338afdc62fc339f1b90cd06e5311e2f6654f64481f15b07936e536669f60251d87f80dd10e675069a59b8845f5921d110adfc096aeae79edcbd25f072c13cc837303287d6e58029fe2b42e264a29575ba401cc1707f9aae66bbb570e425c4b3dfdfeed856ee71450ce040cc242b8bfe56a988e70b0a33a8edf48b66ee7b8a589f1429fd4035c5e6b72e97264479ac69f57e260529566a44e20a0151a3e1bd2769d82850894d5a2168accda601500314f6e3363f2641fca4d96806d94fe6bd83cac2eac9a7fe941052c1c80cc892611665698e620faa9acc923e75eb41b5b9954141f49f4ee6c47b4355b0c3275759c79156226f3771b2ac7ee6449f0aa0ca57b7a2cd585a6b291984ca98d9a3c39f6f8a0fff97886a030e0d85bf3792a874aa5307fabb84788f9a0f3f84b2e9e9a882e27750fd6d5dd86ea91285e2a2b5f286363715b13437c630cffeb4b77ca0e16cc252fd6905469ad4c024784afaea03c0399383fd46b29145b87863e5ecb4197ef71c5ecdf3350d70b2214904bff4cc97e343541bf82335a76eed9aa512246b034fe1b5f1ca9cb246f94d1c3b41194db4dd534de9d9f5a44985f0890319385f5617fe4120f45971496dd0240a38c88a16020e12abb4ff808d37fdcbaef3ffbd0079c49680db09885e6d281ba05f6c76c0aeebacb4cdd49f52f2f5f2d7e289e9f5c8243b3bf380c62f691afa4b785b8a98e2f53b13004ad7b7eab2c7c20589c16936f0c29b91437554cf59a684d424bc347e630a6da4c44f9524a65a21303cad4c4afe19683c0abcc401e071b5fb715bf985482c4f9dbeebe7f5081fa998542a14f8089d603958dcff548b96b9d950b5e4a5723f606548e5b6758d2b5d8c19196a253fe815eea1ba34a41bdecdebef05f1fe77f97fb4784ba7da7ab5a86dd1c5ed45ef4ccef6efb2026494de0d664efca24372799ce75ac6b0624c3f80ddd68ef804fa24be6974941b054b716d28ddec3f25f6d6981f759e8e29be9c4835b4c6d0bf8ae52da5f8986e81b364aa1a8e585c24a3c1e6b6a0f04f8cf44e501a0bc66c3ec4f0c60b2819715d044796b9afb153dde074b4795da23edc36c10bab8b70717c192451650cefa11ff18c17b8c30d8c2c11ca7a9a2553c82687567f27454b11ae0cc50a183f90e1d3aa919be6e9d1fe8e4f9d584f0085f029b2b3a91d4538ed4fb7a753b1405b6ace39a72a5a62bbe1b7b560e7cb626251c9fd554a7d68c04fe4a519b7ca6846f34c24b4be05f0b36c722feb6c9e7e3bc96438cec8b79471f8694f7566cd8ce6e4ba505d585e6067fc145ba080f6cd208201194c5abe47bbcef540eb7ed3723f86d4da972a6ae1a6c89b98e77b70faba5c8379316e21425cd34b84b4c9cd1ce650bf72b35c3d025cba2413a6ed40eb90074c1c6876de8591984dda959c8378e7e99ca93f9f7967c0a3cf8cbecabbbf61af71d61760df08f5c9421f01791dfa97000ef040f9d42591728f9ec4d950e58a27aedb90800775c38740c29295841283c0f04227b5db9e05ea0d4ab182eeb78293d7c6728425c0df9a12c97b90d9053fff0b240e3bf497de1bd28acab7ae98f8462d960baca41bcbe2d28a50f22b30b721bb6072397f39ad3ea2ff12be8c1a0d6b999655e4faa33d0e6a9b8827774b324da9e5eeba3a038e0730858f1315b964dbfcd9f9f5bc88755004b1bbd9d9c3bc751da7d325bb743c513134b140c7b938a50400381343845bdc0883aec61d2b2f6e6862371d4d37344b5b34f4694208c4b0db651b212e02ef929970d29dcd02fdf49c2a19deb5db27e51ab7678ce74a295a25cc2a1d75f86fc59", @typed={0x8, 0x140, 0x0, 0x0, @u32=0x101}]}, @typed={0x8, 0x110, 0x0, 0x0, @ipv4=@loopback}]}]}, 0x28e4}, 0x1, 0x0, 0x0, 0x881}, 0x50fca0fa70a4a79b) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200880}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x3d0, r4, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@THERMAL_GENL_ATTR_TZ_TRIP={0x3b9, 0x4, 0x0, 0x1, [@typed={0xc, 0x101, 0x0, 0x0, @u64=0xc99}, @generic="546ec67a6331aa7ca237f25c93d8fcb2b8253fd3c0fbf3bef06bed06c107fc57c3a7b692dce49541abbea89d2064a133f1b679a6815e0afd361a4a3c4dfbf815648f37c95a8bd90c5060c3a3d498596aaa0b30ad43db84e5b3a88ddc77781092da515abf0f6e0ffd4c27e17bf49cdf0c8dd1ad0dbcc3d3237557119f6372ee42c20360539df1c474c615b3ad721f6ac03ea10fea0652f0bc69eda8900102da1f712e0101b54fdda724e572e749f833f64ac0ef37bb512c0576f370ae13c53423539f0547f2d19cccf912969338fecff122d2b08cdc86e4c2cc7540a74b53ccd2f9f4b88da431", @nested={0x14, 0xed, 0x0, 0x1, [@nested={0x4, 0x141}, @nested={0x4, 0xe7}, @nested={0x4, 0xc4}, @nested={0x4, 0x13b}]}, @generic="19804027f69ad6ce6127554bf010eb08f767dbec0e0f11f874072ed81498acc5cbc4e4c4155d67ad80edf597e98ef24716f9f8bcf8350eae40a3925fa7ab9739c5df26dfc7380da21ca877ea94a3bd96011c0e186da5dc141408ad36fe22c204d92aee8333e113e226056fcf16b92717f276", @typed={0x8, 0x7a, 0x0, 0x0, @fd=r1}, @nested={0x147, 0x94, 0x0, 0x1, [@typed={0x4, 0x88}, @nested={0x4}, @generic="49c0ee7ff042139c22818b7c496f530710020300240ad7f79aaea80f65ec48e1e21d4cd60daac30c39674c394d660584d10d9b7b5bf76e90f8d07e85bfe1bb48ead6d36206af79b59fafeef09c56d0ad3f68ba6b678c2d3e0cfd703232c63ac797fa82a3995a5958cbf9a0668341181e128715f9afdb5ce2b1c9524a", @generic="0ab3f0bacbd200dc7def448468bdfbb2d674fa50274165302939738cd0b8aaee33ed13648e52669c0227cba02edc1ffbb559ae845c80d64f7b3e9f3c73b9a197928ebb8a0b40fc58dc4e1677e97c4946a319f060faa9230a87da964a486ac4690e726e14e290909f474b5849e26273b0d097e47816759ade573cb66515d2093e6ba6577a48c1d14cf71d8680f13bd7d764dc9c5edf446509284fcff4aae709adf416fb0856f0e073c4a02bb0abea845e77e2e3d29bb3b5cea87f20b1456c44"]}, @generic="a8606d6101a6e444bae2345b4e32c8a4fed2a98c4b33e7edbf8e79a35ecb4541502958a27fb348c3ff05c02e7f259eb3bb2fb95e95e7bdbb3cd347df183f5de9353c900dfd62663a53f5de42695139efbeea00e878327b8c8d17ea5c20df9cdde1e1dd7b25157a18e3c15ead0c1084c0e697d9b58268f396c9b2ed5dddaefa756c6bde46e31a8c4a82ca990b9abc939ea3ecc223a132da8d47e3f6c6910f8749899b6b2080d352427e7872aab205cdbc8e28ca64267238111a7016cc780fcf0dba3230e0734bced2baaf1e5374538d796a83d525210c0ab3d34eb9fe6a4b6c74996b7dfb9effe04e6aeb4c6dc6"]}]}, 0x3d0}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x800, 0xf) r7 = socket(0xa, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x0, @rand_addr=0x64010102}, 0x54) sysfs$auto(0x2, 0x810000000000003a, 0x0) getsockopt$auto(r7, 0x84, 0x1d, 0x0, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x10140, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r8 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_UBI_IOCATT(r8, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r8, 0x40046f41, 0x0) getsockopt$auto_SO_PASSCRED(r0, 0x5, 0x10, &(0x7f0000002d40)='\\-]@\x00', &(0x7f0000002d80)=0x5) 2.319572999s ago: executing program 1 (id=3711): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) writev$auto(r0, &(0x7f0000000180)={&(0x7f00000000c0), 0x101}, 0x1) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x2, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x41) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r3 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000180)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00', 0x0) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r4 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f0000000100), 0x400000, 0x0) bind$auto(r4, &(0x7f0000000340)=@l2tp={0x2, 0x0, @rand_addr=0x64010102, 0x4}, 0x7) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r3, 0x4004550d, &(0x7f0000000180)=0x795) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000440)={[0x10000000001ff, 0x4, 0xd, 0x1, 0x3, 0x10, 0x15f4da0a, 0x3, 0x5, 0x62, 0x80000023, 0x7, 0x6d3e, 0xd, 0xd, 0x40000000001]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0x8004008, 0x2000000329, 0x2000000010011, r5, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x12, 0x400, 0x18002) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) 2.201837505s ago: executing program 2 (id=3712): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'wlan1\x00', 0x0}) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/pagemap\x00', 0x0, 0x0) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000003bc0)={&(0x7f0000000040)=ANY=[@ANYRESDEC=0x0, @ANYRES16=r1, @ANYBLOB="0100fdc3af1ccc001a8b0700001008000300", @ANYRES32=r2, @ANYRESHEX=r0], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x180c0) 2.029044906s ago: executing program 2 (id=3713): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000)) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000000)) write$auto(0x3, 0x0, 0xfffffdef) write$auto_snd_pcm_oss_f_reg_pcm_oss(r1, &(0x7f0000000080)="c2", 0x1) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) io_setup$auto(0x1, 0x0) bpf$auto_BPF_LINK_GET_NEXT_ID(0x1f, &(0x7f00000001c0)=@iter_create={r0, 0xfffffffd}, 0x4) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fchown$auto(r2, 0x0, 0x0) bpf$auto_BPF_PROG_QUERY(0x10, &(0x7f0000000380)=@bpf_attr_7={@map_id=0x1, 0x1, 0xbc39, r3}, 0x7) 1.98811162s ago: executing program 0 (id=3714): mmap$auto(0x4, 0x8004, 0x4000000000df, 0x100040eb5, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(r0, 0x0, 0x10000, 0xfff, 0x0) madvise$auto(0x0, 0x6, 0x66) madvise$auto(0x4000000000002, 0x4, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0xb, 0xeb2, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400000003, 0x6, 0x12, 0x401, 0xa) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/scsi/sg/def_reserved_size\x00', 0xc8000, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) r1 = io_uring_setup$auto(0x8, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) close_range$auto(0x2, 0x8, 0x0) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @private=0xa010100}, 0x55) mmap$auto(0x0, 0x404008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) syz_clone3(&(0x7f00000004c0)={0x5a000200, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x0, 0x0, 0x0}, 0x58) pipe$auto(0x0) r2 = fcntl$auto_F_UNLCK(r1, 0x32, 0x2) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x0, 0x0) ioctl$auto(r3, 0x901064b2, 0x2) setsockopt$auto_SO_RXQ_OVFL(r2, 0x91a9f34, 0x28, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x0) 1.773396213s ago: executing program 3 (id=3715): r0 = socket(0xa, 0x2, 0x0) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) ioctl$auto(0xc8, 0x400454ce, 0x5c8d) close_range$auto(0x2, 0x8, 0x0) 1.720234351s ago: executing program 2 (id=3716): shmctl$auto_IPC_INFO(0x28, 0x3, 0x0) read$auto_proc_auxv_operations_base(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x28, 0x6, 0x0) getpeername$auto(0x3, 0x0, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) bpf$auto(0x1, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x81, 0xffffffffffffffff, 0x2, 0x8}, 0x100000cf) mmap$auto(0xfffffffffffffbfe, 0x400009, 0xdf, 0x1b, 0x2, 0x40000000008000) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) wait4$auto(0x0, 0x0, 0x80000001, 0x0) sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x45840}, 0x40) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f1, 0x24) 1.599047332s ago: executing program 3 (id=3717): mmap$auto(0xd93b, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x5) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async) close_range$auto(0x0, 0xffffeffe, 0x2) (async) openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x181441, 0x0) (async) socket(0xa, 0x1, 0x84) (async, rerun: 64) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x4000000) (async) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="0001ecd4574a647054feeabe7669730000", @ANYRESHEX=r1, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES16=r0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r2 = socket(0x2, 0x2, 0x0) (async, rerun: 32) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) (async, rerun: 32) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x14}}, 0x50) (async, rerun: 64) r3 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x4, 0x6, 0x5, 0x8, r0, [], {0xd74c, 0x6, 0x400002, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x7, 0x4, 0x2, 0x400005, 0x100000005}}) (rerun: 64) io_uring_enter$auto(r3, 0x9, 0x820e, 0x6, 0x0, 0x18) (async) ioctl$auto_EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0x0, r2, 0x2, 0x2, 0x1, 0x2}) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) (async, rerun: 32) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x40000000000000e8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x8000000015f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) (async, rerun: 32) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) (async, rerun: 32) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) bind$auto(r2, &(0x7f0000000240)=@sco, 0xfffffffb) 1.514299512s ago: executing program 2 (id=3719): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/rnbd-client/ctl/map_device\x00', 0x40442, 0x0) pwrite64$auto(r1, &(0x7f0000000100)='\x00\x00+\x94\xaf\x9f\x00\xb9X!h\\\xfd\xaf2\x11\xd2\x83L\x11\xbb:\x8c/\xd4\xb0\x8c\xf2\xef\xab\xe5s\xbbAO\f\x06\xfda7\xe2\xf2\x1fE\x9d\xab\xd0\xf4\xec!5\xfb\xd1\x97A+P\x10\xbb?\xbct\xd8$\\c\fB\xc0\x93Qp\x8bk\xa0:\xd4pB\xdd\xf5\xc5L>W\x00[%\b\x0e\xe2\x06@y\x81\xb2`\xdc\xb5\x0fNB\xbf\xee(\x87gQ\x93\xbbK\f\x83~A\x1dMY\xa0\x16\xdb\xf0\x8d\x04\x0fR\x8e]_t\xc1n\t_n\x1e\b\x00\x00\x00\"\x8cf}8\xa4\x9c\x80\x06\x00\x00\x00c&<~V\x05#\xe0%P\"j_\x10O\x04\x11\xe7\xd8Z\xb2\xbd}?\xb8\r\xbb\x17\xb7\xaam\xc8\x04Kv\x02\xde\x8bV\xb5\xd9\xec\x88BE\x94M\x8f\a\xfa\xac\xf1\x0f', 0x6, 0x8000) utime$auto(&(0x7f0000000040)='./file0\x00', 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0)) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xa4e00, 0x0) socket(0xa, 0x801, 0x84) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) close_range$auto(0x2, 0x8000, 0x0) r4 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) ioctl$auto(r4, 0x3b8e, r3) write$auto(0x3, 0x0, 0x5c8) 1.267640818s ago: executing program 3 (id=3720): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0xffffffffffffffff, 0x0, 0xd, 0xc, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x40800) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x7fff}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008020}, 0xc010) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x200007, 0x19) prctl$auto(0x43, 0x0, 0x0, 0xfffffffffffffffe, 0x5) syz_open_procfs$namespace(0x0, 0x0) socket(0x2, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) 1.095074018s ago: executing program 3 (id=3721): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sigaltstack$auto(0x0, 0x0) getpid() r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x3) kexec_load$auto(0xff, 0xfff, 0x0, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/admmidi2\x00', 0x800, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r2 = clone$auto(0x7, 0x2, 0x0, 0x0, 0x0) tkill$auto(r2, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0xe) r3 = socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x2000040080000004, 0xe) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1ac}}, 0x40000) r4 = socket(0x29, 0x5, 0x0) sendmmsg$auto(r4, &(0x7f0000000180)={{0x0, 0x2, &(0x7f0000000100)={&(0x7f0000000080), 0x3}, 0x1, &(0x7f00000000c0), 0x3, 0xab}, 0x80670}, 0x3f7ffffe, 0xd9) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) ioctl$auto(0xffffffffffffffff, 0x90006441, r3) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000844) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010072e0fa60fddbdf2500000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x2) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0) write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\x00\x00\x00\x01\x00\xb6', 0x7f) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8002, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@tipc=@id={0x1e, 0x3, 0x0, {0x4e22, 0x3}}, 0x100) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 1.061512973s ago: executing program 0 (id=3722): openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x40002, 0x0) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 1.040622336s ago: executing program 2 (id=3723): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3c, 0x8000000000000001, 0x0, 0x1, 0xb75) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0xffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0x0, 0x80000002003f2, 0x15) r2 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRESHEX=r2, @ANYRES32=r2, @ANYBLOB="cf256837ad4af7123653bb1f70f3b929bd432b74b48e67375526d3a2c450265037a06974", @ANYRES16=r2], 0x14}, 0x1, 0x0, 0x0, 0x24068885}, 0x4040004) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r4, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8107cf2ddf901f8fc81365e252374483326ace7da356b7a10600000000000000b87ed3d22b4a27c3ecc90c70c861befe60a7c9a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a7859987000000080003008500000008000100020000"], 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) readv$auto(r5, &(0x7f0000000080)={0x0, 0x36a}, 0x6) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0004, 0x19) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/loop4/queue/max_hw_sectors_kb\x00', 0x82942, 0x0) sendfile$auto(r6, r6, 0x0, 0x200) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nbd5\x00', 0x4602, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) 535.372949ms ago: executing program 0 (id=3724): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r0 = open(&(0x7f0000000800)='./file0\x00', 0x22340, 0x154) execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r1 = socket(0x10, 0x2, 0x0) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cec24\x00', 0x400, 0x0) ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0x40) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MPATH(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000e20a02cb15f6cda867fa69351142576877f203", @ANYRES16=r4, @ANYBLOB="01032dbd7000fbdbdf2515000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x369f, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) r5 = socket(0x11, 0x3, 0x3a) ioctl$auto(r5, 0x8916, 0x1) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) select$auto(0x7, 0x0, &(0x7f0000000100)={[0x9, 0x5, 0x0, 0xfffffffffffffff6, 0x7, 0xfffffffffffdffff, 0xdffffffffffffff8, 0x2, 0x0, 0x10000005e58296f, 0x6, 0x7, 0x4, 0x200, 0x1, 0x9]}, 0x0, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(r7, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) close_range$auto(r7, r6, 0x4) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) pwritev2$auto(r8, &(0x7f0000000280)={&(0x7f0000000340), 0x2}, 0x7, 0xfde, 0x5, 0x5) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000080)='/dev/usbmon31\x00', 0x88003, 0x0) write$auto_ocfs2_control_fops_stack_user(r8, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x24004000}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc6}, 0x2, &(0x7f0000000440)="759dd531b82d46f3fe21dfe3e9f6d98e0f96004b5a2ab707576e5ddacc3f3e57dc9900a7b9ce10b1a2dd6a6a66fe4e5d5c5a32fb0b9b304af81427956c62418532326008b60b94f118a4bee6db72f6ad0fc4b307f711f4c2957f59af826b16c64311e0805097e41597af23ea49b20918508b", 0x9, 0xda57}, 0x800}, 0x7, 0x4008) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20040c04}, 0xc0804) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='i'], 0x1ac}}, 0x40000) 529.604488ms ago: executing program 1 (id=3725): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x18b202, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='J'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0xb, 0x200, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000009c0), 0xffffffffffffffff) mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f00000007c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000780)={&(0x7f0000000680)={0xe8, r3, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_CNTDWN_OFFS_BEACON={0xd3, 0xba, "c9485a7772af4ec9fe496c7a5fcb4992f8a3f776d6cd0f097925b5d0de54e30c536b891aa959b1a7a5f9d9892d3be34e8a717af32635908981226b646942454c95ef6e3532deef369d1fe904f59b104bb9531ceb2e367bc01a39f2eade9d0e646bf92fbee1df3027c81ee87ee2815dbef44612908dd20732f6f6523be568c0d761dcf4cb7ab53fe2e9892e2843586b336e18e23e56066974068f42fe23cd6cca4ea16da00efd7dfffff7c96fc9376b41de7ea18d9c8663422a4e72416f8308ede1324c000a46b9425187c239a9783c"}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) getdents$auto(r2, 0x0, 0x400018) mknod$auto(0x0, 0x1081, 0x3) creat$auto(0x0, 0x8d00) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) 55.067133ms ago: executing program 0 (id=3726): r0 = socket(0xa, 0x2, 0x0) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) ioctl$auto(0xc8, 0x400454ce, 0x5c8d) close_range$auto(0x2, 0x8, 0xf5) 0s ago: executing program 0 (id=3727): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async, rerun: 32) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x10, &(0x7f0000000000)={0x0, 0xd6c6}, 0x2, 0x0, 0xe, 0x4}, 0x3}, 0x200, 0xb07e) (async, rerun: 32) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) open(0x0, 0x22240, 0x155) (async, rerun: 32) r0 = socket(0x2, 0x80802, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r1, 0x0) (async, rerun: 32) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x364f9cefc8a0a83, 0x0) (rerun: 32) ioctl$auto_tracing_buffers_fops_trace(r2, 0x5220, 0x0) socket(0x18, 0xa, 0x1) (async) socket(0xa, 0x2, 0x0) openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, 0x0, 0x20100, 0x0) (async, rerun: 32) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) (rerun: 32) inotify_init1$auto(0x9) (async, rerun: 32) setsockopt$auto(r0, 0x11, 0x67, 0x0, 0x8) (rerun: 32) socket(0x10, 0x2, 0x0) (async, rerun: 64) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (rerun: 64) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) kernel console output (not intermixed with test programs): 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 792.181914][T19400] RSP: 002b:00007f83e12e1ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 792.181930][T19400] RAX: ffffffffffffffda RBX: 00007f83e12e26c0 RCX: 00007f83e035b78e [ 792.181941][T19400] RDX: 0000000000000000 RSI: 00007f83e12e1f90 RDI: ffffffffffffff9c [ 792.181951][T19400] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000000 [ 792.181961][T19400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 792.181970][T19400] R13: 00007f83e0616038 R14: 00007f83e0615fa0 R15: 00007ffd2d392c88 [ 792.181990][T19400] [ 793.450879][T19433] ubi0: attaching mtd0 [ 793.468596][T19433] ubi0: scanning is finished [ 793.633692][T19433] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 793.675526][T19433] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 793.717999][T19433] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 793.772998][T19433] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 793.807147][T19433] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 793.832644][T19433] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 793.896242][T19433] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 1470745655 [ 793.990030][T19433] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 794.081304][T19436] ubi0: background thread "ubi_bgt0d" started, PID 19436 [ 794.751606][ T30] audit: type=1800 audit(2147483680.402:38): pid=19467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2675" name="dbroot" dev="configfs" ino=78169 res=0 errno=0 [ 794.903970][T19470] tipc: Started in network mode [ 794.945158][T19470] tipc: Node identity ffffffff, cluster identity 4711 [ 794.968867][T19470] tipc: Node number set to 4294967295 [ 795.234292][T19481] random: crng reseeded on system resumption [ 795.735176][T19495] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2684'. [ 796.072321][T19501] usbip-vudc usbip-vudc.0: gadget not bound [ 796.197458][T19506] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2686'. [ 796.240407][T19502] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2686'. [ 796.441529][ T9] Process accounting resumed [ 797.174949][T19516] Process accounting resumed [ 797.380234][T19531] random: crng reseeded on system resumption [ 797.626817][T19543] netlink: 21 bytes leftover after parsing attributes in process `syz.3.2694'. [ 797.658727][T19543] capability: warning: `syz.3.2694' uses deprecated v2 capabilities in a way that may be insecure [ 798.698283][T19572] random: crng reseeded on system resumption [ 798.756301][T19575] ptrace attach of "./syz-executor exec"[19001] was attempted by "./syz-executor exec"[19575] [ 798.858301][T19578] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2703'. [ 799.755720][T19605] random: crng reseeded on system resumption [ 800.509483][T19623] random: crng reseeded on system resumption [ 803.695145][T19684] ubi: mtd0 is already attached to ubi0 [ 803.910624][T19688] usb usb4: usbfs: process 19688 (syz.2.2729) did not claim interface 0 before use [ 805.192792][T19696] Process accounting paused [ 805.820706][T19724] random: crng reseeded on system resumption [ 807.784510][T19760] random: crng reseeded on system resumption [ 808.041205][T19765] ptp ptp0: delete virtual clock ptp3 [ 808.066923][T19753] Process accounting resumed [ 808.159827][T19765] ptp ptp0: delete virtual clock ptp2 [ 808.304976][T19765] ptp ptp0: guarantee physical clock free running [ 808.363034][T19767] ptp ptp0: delete virtual clock ptp1 [ 808.493816][T19767] ptp ptp0: only physical clock in use now [ 808.534742][T19774] can: request_module (can-proto-3) failed. [ 809.098593][T19794] FAULT_INJECTION: forcing a failure. [ 809.098593][T19794] name failslab, interval 1, probability 0, space 0, times 0 [ 809.182948][T19794] CPU: 0 UID: 0 PID: 19794 Comm: syz.0.2750 Tainted: G L syzkaller #0 PREEMPT(full) [ 809.182977][T19794] Tainted: [L]=SOFTLOCKUP [ 809.182983][T19794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 809.182993][T19794] Call Trace: [ 809.182999][T19794] [ 809.183006][T19794] dump_stack_lvl+0x100/0x190 [ 809.183029][T19794] should_fail_ex.cold+0x5/0xa [ 809.183054][T19794] should_failslab+0xc2/0x120 [ 809.183076][T19794] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 809.183095][T19794] ? inode_set_ctime_current+0x283/0x7d0 [ 809.183116][T19794] ? __d_alloc+0x34/0xa80 [ 809.183136][T19794] ? __d_alloc+0x34/0xa80 [ 809.183153][T19794] __d_alloc+0x34/0xa80 [ 809.183170][T19794] ? __ns_ref_active_get+0x9f/0x1b0 [ 809.183191][T19794] path_from_stashed+0x427/0x750 [ 809.183213][T19794] ns_get_path+0x60/0x80 [ 809.183231][T19794] proc_ns_get_link+0x121/0x230 [ 809.183251][T19794] ? __pfx_proc_ns_get_link+0x10/0x10 [ 809.183272][T19794] ? atime_needs_update+0x8b/0x6b0 [ 809.183305][T19794] pick_link+0xd17/0x13c0 [ 809.183320][T19794] ? __pfx_proc_ns_get_link+0x10/0x10 [ 809.183343][T19794] step_into_slowpath+0x6c2/0xf50 [ 809.183361][T19794] ? __pfx_step_into_slowpath+0x10/0x10 [ 809.183377][T19794] ? find_held_lock+0x2b/0x80 [ 809.183401][T19794] path_openat+0xf95/0x3120 [ 809.183433][T19794] ? __pfx_path_openat+0x10/0x10 [ 809.183457][T19794] do_filp_open+0x1f7/0x420 [ 809.183476][T19794] ? __pfx_do_filp_open+0x10/0x10 [ 809.183509][T19794] ? _raw_spin_unlock+0x28/0x50 [ 809.183525][T19794] ? alloc_fd+0x476/0x790 [ 809.183546][T19794] do_sys_openat2+0x12e/0x220 [ 809.183568][T19794] ? __pfx_do_sys_openat2+0x10/0x10 [ 809.183592][T19794] ? __fget_files+0x21f/0x3d0 [ 809.183612][T19794] __x64_sys_openat+0x12d/0x210 [ 809.183634][T19794] ? __pfx___x64_sys_openat+0x10/0x10 [ 809.183655][T19794] ? xfd_validate_state+0x129/0x190 [ 809.183684][T19794] do_syscall_64+0xc9/0xf80 [ 809.183703][T19794] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.183719][T19794] RIP: 0033:0x7f8c5bb5b78e [ 809.183732][T19794] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 809.183747][T19794] RSP: 002b:00007f8c5c9ecec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 809.183763][T19794] RAX: ffffffffffffffda RBX: 00007f8c5c9ed6c0 RCX: 00007f8c5bb5b78e [ 809.183773][T19794] RDX: 0000000000000002 RSI: 00007f8c5c9ecf90 RDI: ffffffffffffff9c [ 809.183782][T19794] RBP: 00007f8c5bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 809.183792][T19794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 809.183800][T19794] R13: 00007f8c5be16038 R14: 00007f8c5be15fa0 R15: 00007ffc183fd438 [ 809.183820][T19794] [ 809.772724][T19796] zswap: compressor not available [ 809.785295][T19805] random: crng reseeded on system resumption [ 809.930919][T19808] Invalid ELF header magic: != ELF [ 810.659499][T19840] random: crng reseeded on system resumption [ 811.037835][T19843] NFSD: Failed to start, no listeners configured. [ 811.348435][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 811.355335][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 811.861677][T19870] FAULT_INJECTION: forcing a failure. [ 811.861677][T19870] name failslab, interval 1, probability 0, space 0, times 0 [ 811.940355][T19870] CPU: 0 UID: 0 PID: 19870 Comm: syz.2.2775 Tainted: G L syzkaller #0 PREEMPT(full) [ 811.940382][T19870] Tainted: [L]=SOFTLOCKUP [ 811.940388][T19870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 811.940398][T19870] Call Trace: [ 811.940404][T19870] [ 811.940410][T19870] dump_stack_lvl+0x100/0x190 [ 811.940435][T19870] should_fail_ex.cold+0x5/0xa [ 811.940461][T19870] should_failslab+0xc2/0x120 [ 811.940482][T19870] ? usb_hcd_submit_urb+0x601/0x2150 [ 811.940496][T19870] __kmalloc_noprof+0xf6/0x9c0 [ 811.940518][T19870] ? usb_hcd_submit_urb+0x601/0x2150 [ 811.940531][T19870] usb_hcd_submit_urb+0x601/0x2150 [ 811.940553][T19870] usb_submit_urb+0x8aa/0x1910 [ 811.940574][T19870] ? __init_swait_queue_head+0xca/0x150 [ 811.940599][T19870] usb_start_wait_urb+0x106/0x4c0 [ 811.940618][T19870] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 811.940641][T19870] ? __asan_memset+0x23/0x50 [ 811.940660][T19870] usb_control_msg+0x326/0x4a0 [ 811.940686][T19870] ? __pfx_usb_control_msg+0x10/0x10 [ 811.940710][T19870] hub_ext_port_status+0x152/0x600 [ 811.940733][T19870] hub_activate+0x6d8/0x1d50 [ 811.940751][T19870] ? trace_contention_end+0xd6/0x110 [ 811.940776][T19870] ? __pfx_hub_activate+0x10/0x10 [ 811.940791][T19870] ? find_held_lock+0x2b/0x80 [ 811.940805][T19870] ? usb_generic_driver_resume+0x70/0xa0 [ 811.940822][T19870] ? usb_generic_driver_resume+0x70/0xa0 [ 811.940844][T19870] hub_resume+0xb0/0x400 [ 811.940862][T19870] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 811.940882][T19870] ? __pfx_hub_resume+0x10/0x10 [ 811.940899][T19870] ? __pfx_hcd_bus_resume+0x10/0x10 [ 811.940918][T19870] usb_resume_interface.isra.0+0x2ce/0x3d0 [ 811.940941][T19870] usb_resume_both+0x237/0x9a0 [ 811.940964][T19870] ? __pfx_usb_resume_both+0x10/0x10 [ 811.940986][T19870] ? mark_held_locks+0x40/0x70 [ 811.941012][T19870] ? __pfx_usb_runtime_resume+0x10/0x10 [ 811.941036][T19870] __rpm_callback+0xc8/0x620 [ 811.941053][T19870] ? read_tsc+0x9/0x20 [ 811.941070][T19870] ? ktime_get_mono_fast_ns+0x1be/0x3c0 [ 811.941088][T19870] ? __pfx_usb_runtime_resume+0x10/0x10 [ 811.941112][T19870] rpm_callback+0x16a/0x1b0 [ 811.941128][T19870] ? __pfx_usb_runtime_resume+0x10/0x10 [ 811.941153][T19870] rpm_resume+0xcec/0x12f0 [ 811.941174][T19870] ? __pfx_rpm_resume+0x10/0x10 [ 811.941191][T19870] ? do_raw_spin_lock+0x128/0x260 [ 811.941213][T19870] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 811.941240][T19870] rpm_resume+0x721/0x12f0 [ 811.941261][T19870] ? __pfx_rpm_resume+0x10/0x10 [ 811.941276][T19870] ? do_raw_spin_lock+0x128/0x260 [ 811.941297][T19870] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 811.941326][T19870] __pm_runtime_resume+0xb6/0x170 [ 811.941345][T19870] usb_autopm_get_interface+0x20/0xe0 [ 811.941368][T19870] disable_store+0x1ca/0x450 [ 811.941389][T19870] ? __pfx_disable_store+0x10/0x10 [ 811.941408][T19870] ? find_held_lock+0x2b/0x80 [ 811.941421][T19870] ? sysfs_file_kobj+0xe4/0x290 [ 811.941438][T19870] ? sysfs_file_kobj+0xe4/0x290 [ 811.941457][T19870] ? __pfx_disable_store+0x10/0x10 [ 811.941475][T19870] dev_attr_store+0x58/0x80 [ 811.941495][T19870] ? __pfx_dev_attr_store+0x10/0x10 [ 811.941515][T19870] sysfs_kf_write+0xf2/0x150 [ 811.941535][T19870] kernfs_fop_write_iter+0x3e0/0x5f0 [ 811.941550][T19870] ? __pfx_sysfs_kf_write+0x10/0x10 [ 811.941570][T19870] vfs_write+0x6ac/0x1070 [ 811.941587][T19870] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 811.941605][T19870] ? __pfx_vfs_write+0x10/0x10 [ 811.941620][T19870] ? find_held_lock+0x2b/0x80 [ 811.941648][T19870] ksys_write+0x12a/0x250 [ 811.941665][T19870] ? __pfx_ksys_write+0x10/0x10 [ 811.941687][T19870] do_syscall_64+0xc9/0xf80 [ 811.941707][T19870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.941723][T19870] RIP: 0033:0x7f83e039aeb9 [ 811.941737][T19870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 811.941751][T19870] RSP: 002b:00007f83e12e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 811.941767][T19870] RAX: ffffffffffffffda RBX: 00007f83e0615fa0 RCX: 00007f83e039aeb9 [ 811.941778][T19870] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 811.941787][T19870] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000000 [ 811.941797][T19870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 811.941806][T19870] R13: 00007f83e0616038 R14: 00007f83e0615fa0 R15: 00007ffd2d392c88 [ 811.941827][T19870] [ 812.391015][T19870] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 812.687893][T19886] random: crng reseeded on system resumption [ 813.096854][T19894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2780'. [ 813.636954][T19903] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 814.683671][T19930] NFSD: Failed to start, no listeners configured. [ 815.066076][T19937] random: crng reseeded on system resumption [ 815.991975][T19957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2794'. [ 817.052845][T19984] sg_write: data in/out 220/90 bytes for SCSI command 0x0-- guessing data in; [ 817.052845][T19984] program syz.1.2800 not setting count and/or reply_len properly [ 818.099137][T20005] NFSD: Failed to start, no listeners configured. [ 818.354085][T20013] FAULT_INJECTION: forcing a failure. [ 818.354085][T20013] name failslab, interval 1, probability 0, space 0, times 0 [ 818.396374][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2807'. [ 818.437622][T20013] CPU: 0 UID: 0 PID: 20013 Comm: syz.1.2815 Tainted: G L syzkaller #0 PREEMPT(full) [ 818.437649][T20013] Tainted: [L]=SOFTLOCKUP [ 818.437655][T20013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 818.437665][T20013] Call Trace: [ 818.437671][T20013] [ 818.437677][T20013] dump_stack_lvl+0x100/0x190 [ 818.437700][T20013] should_fail_ex.cold+0x5/0xa [ 818.437726][T20013] should_failslab+0xc2/0x120 [ 818.437748][T20013] kmem_cache_alloc_noprof+0x83/0x780 [ 818.437767][T20013] ? security_file_alloc+0x34/0x2c0 [ 818.437794][T20013] ? security_file_alloc+0x34/0x2c0 [ 818.437815][T20013] security_file_alloc+0x34/0x2c0 [ 818.437837][T20013] init_file+0x93/0x4c0 [ 818.437868][T20013] alloc_empty_file+0x73/0x1c0 [ 818.437889][T20013] alloc_file_pseudo+0x13a/0x230 [ 818.437912][T20013] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 818.437935][T20013] ? alloc_fd+0x476/0x790 [ 818.437955][T20013] sock_alloc_file+0x50/0x210 [ 818.437978][T20013] __sys_socket+0x1c0/0x260 [ 818.437996][T20013] ? __pfx___sys_socket+0x10/0x10 [ 818.438012][T20013] ? xfd_validate_state+0x129/0x190 [ 818.438039][T20013] __x64_sys_socket+0x72/0xb0 [ 818.438056][T20013] ? lockdep_hardirqs_on+0x78/0x100 [ 818.438073][T20013] do_syscall_64+0xc9/0xf80 [ 818.438093][T20013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 818.438108][T20013] RIP: 0033:0x7f091d59aeb9 [ 818.438121][T20013] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 818.438136][T20013] RSP: 002b:00007f091e3de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 818.438151][T20013] RAX: ffffffffffffffda RBX: 00007f091d815fa0 RCX: 00007f091d59aeb9 [ 818.438161][T20013] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 818.438170][T20013] RBP: 00007f091d608c1f R08: 0000000000000000 R09: 0000000000000000 [ 818.438179][T20013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 818.438188][T20013] R13: 00007f091d816038 R14: 00007f091d815fa0 R15: 00007fff2b8a5498 [ 818.438207][T20013] [ 819.803873][T20048] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 819.878019][T20055] random: crng reseeded on system resumption [ 820.348454][T20067] Console: switching to colour frame buffer device 128x48 [ 820.558817][T20076] NFSD: Failed to start, no listeners configured. [ 820.921791][T20080] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2823'. [ 820.957032][T20083] FAULT_INJECTION: forcing a failure. [ 820.957032][T20083] name fail_futex, interval 1, probability 0, space 0, times 0 [ 821.022031][T20083] CPU: 0 UID: 0 PID: 20083 Comm: syz.1.2831 Tainted: G L syzkaller #0 PREEMPT(full) [ 821.022058][T20083] Tainted: [L]=SOFTLOCKUP [ 821.022064][T20083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 821.022074][T20083] Call Trace: [ 821.022080][T20083] [ 821.022086][T20083] dump_stack_lvl+0x100/0x190 [ 821.022109][T20083] should_fail_ex.cold+0x5/0xa [ 821.022135][T20083] get_futex_key+0x1d2/0x1620 [ 821.022158][T20083] ? __pfx_get_futex_key+0x10/0x10 [ 821.022183][T20083] futex_wake+0xea/0x530 [ 821.022213][T20083] ? rcu_is_watching+0x12/0xc0 [ 821.022229][T20083] ? lockdep_hardirqs_on+0x78/0x100 [ 821.022247][T20083] ? __pfx_futex_wake+0x10/0x10 [ 821.022271][T20083] ? alloc_fd+0x476/0x790 [ 821.022287][T20083] ? putname+0xf5/0x1a0 [ 821.022311][T20083] do_futex+0x32b/0x350 [ 821.022331][T20083] ? __pfx_do_futex+0x10/0x10 [ 821.022350][T20083] ? __pfx_do_sys_openat2+0x10/0x10 [ 821.022377][T20083] __x64_sys_futex+0x34f/0x4d0 [ 821.022398][T20083] ? __x64_sys_openat+0x12d/0x210 [ 821.022419][T20083] ? __pfx___x64_sys_futex+0x10/0x10 [ 821.022438][T20083] ? xfd_validate_state+0x129/0x190 [ 821.022467][T20083] do_syscall_64+0xc9/0xf80 [ 821.022486][T20083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 821.022501][T20083] RIP: 0033:0x7f091d59aeb9 [ 821.022514][T20083] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 821.022529][T20083] RSP: 002b:00007f091e3de0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 821.022544][T20083] RAX: ffffffffffffffda RBX: 00007f091d815fa8 RCX: 00007f091d59aeb9 [ 821.022555][T20083] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f091d815fac [ 821.022564][T20083] RBP: 00007f091d815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 821.022573][T20083] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 821.022583][T20083] R13: 00007f091d816038 R14: 00007fff2b8a53b0 R15: 00007fff2b8a5498 [ 821.022602][T20083] [ 821.235807][T20087] random: crng reseeded on system resumption [ 822.352315][T20117] Invalid ELF header magic: != ELF [ 822.979254][T20144] random: crng reseeded on system resumption [ 823.323130][ T30] audit: type=1800 audit(4294967300.849:39): pid=20153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2838" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 824.765427][T20186] FAULT_INJECTION: forcing a failure. [ 824.765427][T20186] name failslab, interval 1, probability 0, space 0, times 0 [ 824.832919][T20186] CPU: 0 UID: 0 PID: 20186 Comm: syz.2.2844 Tainted: G L syzkaller #0 PREEMPT(full) [ 824.832947][T20186] Tainted: [L]=SOFTLOCKUP [ 824.832954][T20186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 824.832964][T20186] Call Trace: [ 824.832970][T20186] [ 824.832977][T20186] dump_stack_lvl+0x100/0x190 [ 824.833000][T20186] should_fail_ex.cold+0x5/0xa [ 824.833026][T20186] should_failslab+0xc2/0x120 [ 824.833048][T20186] __kmalloc_cache_noprof+0x80/0x810 [ 824.833064][T20186] ? single_open+0x4d/0x1d0 [ 824.833086][T20186] ? find_held_lock+0x2b/0x80 [ 824.833102][T20186] ? __pfx_proc_setgroups_show+0x10/0x10 [ 824.833119][T20186] ? single_open+0x4d/0x1d0 [ 824.833140][T20186] single_open+0x4d/0x1d0 [ 824.833162][T20186] proc_setgroups_open+0x35a/0x7e0 [ 824.833182][T20186] do_dentry_open+0x73e/0x1570 [ 824.833201][T20186] ? __pfx_proc_setgroups_open+0x10/0x10 [ 824.833222][T20186] ? security_inode_permission+0xbf/0x250 [ 824.833247][T20186] vfs_open+0x82/0x3f0 [ 824.833270][T20186] path_openat+0x21dc/0x3120 [ 824.833294][T20186] ? __pfx_path_openat+0x10/0x10 [ 824.833318][T20186] do_filp_open+0x1f7/0x420 [ 824.833337][T20186] ? __pfx_do_filp_open+0x10/0x10 [ 824.833361][T20186] ? __pfx_kfree_link+0x10/0x10 [ 824.833388][T20186] ? _raw_spin_unlock+0x28/0x50 [ 824.833403][T20186] ? alloc_fd+0x476/0x790 [ 824.833425][T20186] do_sys_openat2+0x12e/0x220 [ 824.833447][T20186] ? __pfx_do_sys_openat2+0x10/0x10 [ 824.833470][T20186] ? ksys_semctl.constprop.0+0x14e/0x2e0 [ 824.833496][T20186] __x64_sys_openat+0x12d/0x210 [ 824.833519][T20186] ? __pfx___x64_sys_openat+0x10/0x10 [ 824.833540][T20186] ? xfd_validate_state+0x129/0x190 [ 824.833569][T20186] do_syscall_64+0xc9/0xf80 [ 824.833589][T20186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 824.833605][T20186] RIP: 0033:0x7f83e039aeb9 [ 824.833619][T20186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 824.833634][T20186] RSP: 002b:00007f83e12e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 824.833649][T20186] RAX: ffffffffffffffda RBX: 00007f83e0615fa0 RCX: 00007f83e039aeb9 [ 824.833660][T20186] RDX: 0000000000183200 RSI: 00002000000003c0 RDI: ffffffffffffff9c [ 824.833670][T20186] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000000 [ 824.833679][T20186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 824.833689][T20186] R13: 00007f83e0616038 R14: 00007f83e0615fa0 R15: 00007ffd2d392c88 [ 824.833709][T20186] [ 825.879603][T20198] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 828.059891][T20251] openvswitch: netlink: Duplicate or invalid key (type 0). [ 828.900926][T20275] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2860'. [ 829.376883][T20282] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 830.047560][T20281] ima: policy update failed [ 830.107566][ T30] audit: type=1802 audit(4294967307.675:40): pid=20281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2862" res=0 errno=0 [ 831.010378][T20329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2875'. [ 831.059305][T20329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2875'. [ 831.317926][T20337] openvswitch: netlink: IP tunnel dst address not specified [ 831.493929][T20342] random: crng reseeded on system resumption [ 831.730983][T20349] __vm_enough_memory: pid: 20349, comm: syz.0.2881, bytes: 4398046511104 not enough memory for the allocation [ 832.054723][T20356] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 833.258794][T20378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2888'. [ 833.316082][T20378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2888'. [ 833.882454][T20392] openvswitch: netlink: Duplicate or invalid key (type 0). [ 834.344541][T20387] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 834.375694][T20387] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 834.401172][T20387] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 834.453281][T20387] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 834.485463][T20387] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 834.515725][T20387] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 834.591921][T20387] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 834.625505][T20387] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 834.658596][T20387] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 834.714898][T20387] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 834.789189][T20403] FAULT_INJECTION: forcing a failure. [ 834.789189][T20403] name failslab, interval 1, probability 0, space 0, times 0 [ 835.041656][T20403] CPU: 0 UID: 0 PID: 20403 Comm: syz.0.2892 Tainted: G L syzkaller #0 PREEMPT(full) [ 835.041684][T20403] Tainted: [L]=SOFTLOCKUP [ 835.041690][T20403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 835.041700][T20403] Call Trace: [ 835.041705][T20403] [ 835.041712][T20403] dump_stack_lvl+0x100/0x190 [ 835.041736][T20403] should_fail_ex.cold+0x5/0xa [ 835.041761][T20403] should_failslab+0xc2/0x120 [ 835.041783][T20403] __kmalloc_cache_noprof+0x80/0x810 [ 835.041799][T20403] ? __debugfs_file_get+0x1fc/0x860 [ 835.041825][T20403] ? sc_common_open+0x46/0x200 [ 835.041850][T20403] ? __pfx_stats_fop_open+0x10/0x10 [ 835.041870][T20403] ? sc_common_open+0x46/0x200 [ 835.041889][T20403] sc_common_open+0x46/0x200 [ 835.041910][T20403] full_proxy_open_regular+0x1b6/0x370 [ 835.041928][T20403] do_dentry_open+0x73e/0x1570 [ 835.041945][T20403] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 835.041962][T20403] ? security_inode_permission+0xbf/0x250 [ 835.041986][T20403] vfs_open+0x82/0x3f0 [ 835.042010][T20403] path_openat+0x21dc/0x3120 [ 835.042040][T20403] ? __pfx_path_openat+0x10/0x10 [ 835.042066][T20403] do_filp_open+0x1f7/0x420 [ 835.042085][T20403] ? __pfx_do_filp_open+0x10/0x10 [ 835.042117][T20403] ? _raw_spin_unlock+0x28/0x50 [ 835.042132][T20403] ? alloc_fd+0x476/0x790 [ 835.042155][T20403] do_sys_openat2+0x12e/0x220 [ 835.042178][T20403] ? __pfx_do_sys_openat2+0x10/0x10 [ 835.042203][T20403] ? __fget_files+0x21f/0x3d0 [ 835.042223][T20403] __x64_sys_openat+0x12d/0x210 [ 835.042247][T20403] ? __pfx___x64_sys_openat+0x10/0x10 [ 835.042267][T20403] ? xfd_validate_state+0x129/0x190 [ 835.042297][T20403] do_syscall_64+0xc9/0xf80 [ 835.042316][T20403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 835.042331][T20403] RIP: 0033:0x7f8c5bb9aeb9 [ 835.042344][T20403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 835.042359][T20403] RSP: 002b:00007f8c5c9ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 835.042374][T20403] RAX: ffffffffffffffda RBX: 00007f8c5be16180 RCX: 00007f8c5bb9aeb9 [ 835.042384][T20403] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 835.042394][T20403] RBP: 00007f8c5bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 835.042404][T20403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 835.042413][T20403] R13: 00007f8c5be16218 R14: 00007f8c5be16180 R15: 00007ffc183fd438 [ 835.042434][T20403] [ 835.777046][ T6112] Bluetooth: hci4: command 0x0c1a tx timeout [ 836.046239][T20423] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2896'. [ 836.406899][ T6112] Bluetooth: hci0: command 0x0c1a tx timeout [ 836.485793][ T6112] Bluetooth: hci3: command 0x0c1a tx timeout [ 836.577979][T20402] Process accounting resumed [ 836.645343][ T6112] Bluetooth: hci2: command 0x0c1a tx timeout [ 838.213575][T20496] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2906'. [ 838.468467][ T6112] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5 [ 838.471274][ T6112] Bluetooth: hci0: command 0x0c1a tx timeout [ 838.550127][ T6112] Bluetooth: hci3: command 0x0c1a tx timeout [ 838.558651][T20496] team0: Port device team_slave_0 removed [ 838.660396][T20491] Process accounting paused [ 838.709485][ T6112] Bluetooth: hci2: command 0x0c1a tx timeout [ 840.226303][T20522] zswap: compressor not available [ 840.542967][ T7153] Bluetooth: hci0: command 0x0c1a tx timeout [ 840.623736][ T7153] Bluetooth: hci3: command 0x0c1a tx timeout [ 840.779122][ T7153] Bluetooth: hci2: command 0x0c1a tx timeout [ 841.023965][T20520] Process accounting resumed [ 841.184081][T20560] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 841.241283][T20560] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 841.772569][ T30] audit: type=1800 audit(4294967319.395:41): pid=20581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2925" name="members" dev="configfs" ino=84351 res=0 errno=0 [ 841.878909][ T30] audit: type=1800 audit(4294967319.466:42): pid=20581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2925" name="version" dev="configfs" ino=84368 res=0 errno=0 [ 842.882616][T20620] FAULT_INJECTION: forcing a failure. [ 842.882616][T20620] name failslab, interval 1, probability 0, space 0, times 0 [ 843.005595][T20620] CPU: 0 UID: 0 PID: 20620 Comm: syz.3.2929 Tainted: G L syzkaller #0 PREEMPT(full) [ 843.005623][T20620] Tainted: [L]=SOFTLOCKUP [ 843.005629][T20620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 843.005639][T20620] Call Trace: [ 843.005646][T20620] [ 843.005652][T20620] dump_stack_lvl+0x100/0x190 [ 843.005676][T20620] should_fail_ex.cold+0x5/0xa [ 843.005701][T20620] should_failslab+0xc2/0x120 [ 843.005722][T20620] ? ops_init+0x77/0x5f0 [ 843.005744][T20620] __kmalloc_noprof+0xf6/0x9c0 [ 843.005766][T20620] ? ops_init+0x77/0x5f0 [ 843.005786][T20620] ops_init+0x77/0x5f0 [ 843.005811][T20620] setup_net+0x118/0x3a0 [ 843.005825][T20620] ? __pfx_setup_net+0x10/0x10 [ 843.005837][T20620] ? lockdep_init_map_type+0x5c/0x250 [ 843.005858][T20620] ? mutex_init_lockep+0x110/0x150 [ 843.005881][T20620] copy_net_ns+0x46f/0x7c0 [ 843.005898][T20620] create_new_namespaces+0x3ea/0xab0 [ 843.005919][T20620] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 843.005938][T20620] ksys_unshare+0x455/0xab0 [ 843.005960][T20620] ? __pfx_ksys_unshare+0x10/0x10 [ 843.005980][T20620] ? xfd_validate_state+0x129/0x190 [ 843.006008][T20620] __x64_sys_unshare+0x31/0x40 [ 843.006028][T20620] do_syscall_64+0xc9/0xf80 [ 843.006048][T20620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 843.006063][T20620] RIP: 0033:0x7f38eab9aeb9 [ 843.006076][T20620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 843.006091][T20620] RSP: 002b:00007f38eb9b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 843.006106][T20620] RAX: ffffffffffffffda RBX: 00007f38eae15fa0 RCX: 00007f38eab9aeb9 [ 843.006117][T20620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 843.006126][T20620] RBP: 00007f38eac08c1f R08: 0000000000000000 R09: 0000000000000000 [ 843.006135][T20620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 843.006144][T20620] R13: 00007f38eae16038 R14: 00007f38eae15fa0 R15: 00007fff7e1e2dd8 [ 843.006164][T20620] [ 843.560525][T20632] FAULT_INJECTION: forcing a failure. [ 843.560525][T20632] name failslab, interval 1, probability 0, space 0, times 0 [ 843.703889][T20629] synth uevent: /devices/virtual/tty/tty12: unknown uevent action string [ 843.712746][T20629] tty tty12: uevent: failed to send synthetic uevent: -22 [ 843.782981][T20632] CPU: 0 UID: 0 PID: 20632 Comm: syz.2.2931 Tainted: G L syzkaller #0 PREEMPT(full) [ 843.783006][T20632] Tainted: [L]=SOFTLOCKUP [ 843.783011][T20632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 843.783021][T20632] Call Trace: [ 843.783026][T20632] [ 843.783033][T20632] dump_stack_lvl+0x100/0x190 [ 843.783055][T20632] should_fail_ex.cold+0x5/0xa [ 843.783078][T20632] should_failslab+0xc2/0x120 [ 843.783099][T20632] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 843.783117][T20632] ? find_held_lock+0x2b/0x80 [ 843.783131][T20632] ? alloc_vmap_area+0xaf2/0x2a00 [ 843.783150][T20632] ? alloc_vmap_area+0xb46/0x2a00 [ 843.783172][T20632] ? alloc_vmap_area+0xb46/0x2a00 [ 843.783190][T20632] alloc_vmap_area+0xb46/0x2a00 [ 843.783216][T20632] ? __pfx_alloc_vmap_area+0x10/0x10 [ 843.783240][T20632] __get_vm_area_node+0x1ca/0x330 [ 843.783263][T20632] __vmalloc_node_range_noprof+0x213/0x1530 [ 843.783278][T20632] ? kernel_clone+0xfc/0x930 [ 843.783301][T20632] ? kernel_clone+0xfc/0x930 [ 843.783318][T20632] ? rcu_read_unlock+0x17/0x60 [ 843.783338][T20632] ? rcu_read_unlock+0x17/0x60 [ 843.783360][T20632] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 843.783374][T20632] ? __memcg_slab_post_alloc_hook+0x473/0x880 [ 843.783398][T20632] ? rcu_is_watching+0x12/0xc0 [ 843.783412][T20632] ? trace_kmem_cache_alloc+0x80/0xb0 [ 843.783433][T20632] ? kernel_clone+0xfc/0x930 [ 843.783455][T20632] __vmalloc_node_noprof+0xad/0xf0 [ 843.783468][T20632] ? kernel_clone+0xfc/0x930 [ 843.783487][T20632] copy_process+0x5ec/0x7890 [ 843.783514][T20632] ? __pfx_copy_process+0x10/0x10 [ 843.783536][T20632] ? _copy_from_user+0x59/0xd0 [ 843.783559][T20632] kernel_clone+0xfc/0x930 [ 843.783578][T20632] ? __pfx_kernel_clone+0x10/0x10 [ 843.783599][T20632] ? __pfx_futex_wait+0x10/0x10 [ 843.783618][T20632] __do_sys_clone3+0x214/0x290 [ 843.783637][T20632] ? __pfx___do_sys_clone3+0x10/0x10 [ 843.783678][T20632] do_syscall_64+0xc9/0xf80 [ 843.783697][T20632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 843.783712][T20632] RIP: 0033:0x7f83e039aeb9 [ 843.783724][T20632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 843.783738][T20632] RSP: 002b:00007f83e129fef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 843.783752][T20632] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f83e039aeb9 [ 843.783762][T20632] RDX: 00007f83e129ff10 RSI: 0000000000000058 RDI: 00007f83e129ff10 [ 843.783771][T20632] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000058 [ 843.783779][T20632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 843.783788][T20632] R13: 00007f83e0616218 R14: 00007f83e0616180 R15: 00007ffd2d392c88 [ 843.783807][T20632] [ 843.784031][T20632] syz.2.2931: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 845.193618][T20658] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2936'. [ 845.820643][T20632] ,cpuset=/,mems_allowed=0-1 [ 845.854780][T20632] CPU: 0 UID: 0 PID: 20632 Comm: syz.2.2931 Tainted: G L syzkaller #0 PREEMPT(full) [ 845.854809][T20632] Tainted: [L]=SOFTLOCKUP [ 845.854814][T20632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 845.854824][T20632] Call Trace: [ 845.854829][T20632] [ 845.854835][T20632] dump_stack_lvl+0x100/0x190 [ 845.854858][T20632] warn_alloc.cold+0x95/0x1c1 [ 845.854880][T20632] ? __pfx_warn_alloc+0x10/0x10 [ 845.854903][T20632] ? __get_vm_area_node+0x2c5/0x330 [ 845.854923][T20632] ? __get_vm_area_node+0x208/0x330 [ 845.854947][T20632] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 845.854966][T20632] ? kernel_clone+0xfc/0x930 [ 845.854984][T20632] ? rcu_read_unlock+0x17/0x60 [ 845.855003][T20632] ? rcu_read_unlock+0x17/0x60 [ 845.855025][T20632] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 845.855039][T20632] ? __memcg_slab_post_alloc_hook+0x473/0x880 [ 845.855068][T20632] ? rcu_is_watching+0x12/0xc0 [ 845.855083][T20632] ? trace_kmem_cache_alloc+0x80/0xb0 [ 845.855104][T20632] ? kernel_clone+0xfc/0x930 [ 845.855121][T20632] __vmalloc_node_noprof+0xad/0xf0 [ 845.855134][T20632] ? kernel_clone+0xfc/0x930 [ 845.855153][T20632] copy_process+0x5ec/0x7890 [ 845.855179][T20632] ? __pfx_copy_process+0x10/0x10 [ 845.855201][T20632] ? _copy_from_user+0x59/0xd0 [ 845.855224][T20632] kernel_clone+0xfc/0x930 [ 845.855243][T20632] ? __pfx_kernel_clone+0x10/0x10 [ 845.855265][T20632] ? __pfx_futex_wait+0x10/0x10 [ 845.855283][T20632] __do_sys_clone3+0x214/0x290 [ 845.855302][T20632] ? __pfx___do_sys_clone3+0x10/0x10 [ 845.855343][T20632] do_syscall_64+0xc9/0xf80 [ 845.855362][T20632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 845.855377][T20632] RIP: 0033:0x7f83e039aeb9 [ 845.855389][T20632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 845.855404][T20632] RSP: 002b:00007f83e129fef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 845.855418][T20632] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f83e039aeb9 [ 845.855428][T20632] RDX: 00007f83e129ff10 RSI: 0000000000000058 RDI: 00007f83e129ff10 [ 845.855437][T20632] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000058 [ 845.855446][T20632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 845.855454][T20632] R13: 00007f83e0616218 R14: 00007f83e0616180 R15: 00007ffd2d392c88 [ 845.855473][T20632] [ 845.855494][T20632] Mem-Info: [ 846.196526][T20675] netlink: 146 bytes leftover after parsing attributes in process `syz.1.2939'. [ 846.540728][T20680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2941'. [ 846.608306][T20680] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2941'. [ 847.878471][T20632] active_anon:20296 inactive_anon:14495 isolated_anon:0 [ 847.878471][T20632] active_file:16490 inactive_file:41482 isolated_file:0 [ 847.878471][T20632] unevictable:2328 dirty:858 writeback:0 [ 847.878471][T20632] slab_reclaimable:12144 slab_unreclaimable:93484 [ 847.878471][T20632] mapped:38746 shmem:14616 pagetables:1334 [ 847.878471][T20632] sec_pagetables:0 bounce:0 [ 847.878471][T20632] kernel_misc_reclaimable:0 [ 847.878471][T20632] free:1274189 free_pcp:25416 free_cma:0 [ 848.302981][T20632] Node 0 active_anon:81188kB inactive_anon:92608kB active_file:65468kB inactive_file:166520kB unevictable:1644kB isolated(anon):0kB isolated(file):0kB mapped:154496kB dirty:3432kB writeback:0kB shmem:86712kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:63488kB kernel_stack:13088kB pagetables:4968kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 848.521826][T20632] Node 1 active_anon:0kB inactive_anon:0kB active_file:108kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:16452kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 848.597496][ T30] audit: type=1800 audit(4294967326.241:43): pid=20725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2951" name="members" dev="configfs" ino=85213 res=0 errno=0 [ 848.675957][ T30] audit: type=1800 audit(4294967326.291:44): pid=20725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2951" name="version" dev="configfs" ino=85290 res=0 errno=0 [ 848.776256][T20632] Node 0 DMA free:11136kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:128kB local_pcp:128kB free_cma:0kB [ 848.985503][T20632] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 849.022060][T20632] Node 0 DMA32 free:1239136kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:81136kB inactive_anon:103872kB active_file:71812kB inactive_file:157332kB unevictable:1540kB writepending:3432kB zspages:76kB present:3129332kB managed:2539572kB mlocked:4kB bounce:0kB free_pcp:32168kB local_pcp:32168kB free_cma:0kB [ 849.250982][T20632] lowmem_reserve[]: 0 0 1 1 1 [ 849.280953][T20632] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 849.534272][T20632] lowmem_reserve[]: 0 0 0 0 0 [ 849.539005][T20632] Node 1 Normal free:3808228kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:108kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:67428kB local_pcp:67428kB free_cma:0kB [ 849.864314][T20632] lowmem_reserve[]: 0 0 0 0 0 [ 849.869061][T20632] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 1*256kB (U) 1*512kB (U) 2*1024kB (U) 2*2048kB (UM) 1*4096kB (M) = 11136kB [ 850.013324][T20632] Node 0 DMA32: 2228*4kB (UME) 3394*8kB (UE) 2542*16kB (UME) 1791*32kB (UME) 2107*64kB (UME) 1346*128kB (UME) 881*256kB (UM) 502*512kB (UME) 292*1024kB (UME) 0*2048kB 0*4096kB = 1222752kB [ 850.148488][T20632] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 850.256907][T20632] Node 1 Normal: 176*4kB (UM) 44*8kB (UME) 38*16kB (UME) 223*32kB (UME) 110*64kB (UME) 38*128kB (UME) 18*256kB (UME) 3*512kB (UE) 5*1024kB (UM) 2*2048kB (ME) 921*4096kB (UM) = 3808480kB [ 850.381195][T20632] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 850.447864][T20632] Node 0 hugepages_total=5 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 850.520065][T20632] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 850.597552][T20632] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 850.651974][T20632] 86873 total pagecache pages [ 850.656698][T20632] 7 pages in swap cache [ 850.719471][T20632] Free swap = 119504kB [ 850.740790][T20632] Total swap = 124996kB [ 850.776234][T20632] 2097051 pages RAM [ 850.826619][T20632] 0 pages HighMem/MovableOnly [ 850.858259][T20632] 430196 pages reserved [ 850.862429][T20632] 0 pages cma reserved [ 852.164705][T20776] sd 0:0:1:0: PR command failed: 1026 [ 852.191983][T20776] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 852.221781][T20776] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 852.495426][ T30] audit: type=1800 audit(4294967330.171:45): pid=20782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2962" name="members" dev="configfs" ino=85551 res=0 errno=0 [ 852.627630][ T30] audit: type=1800 audit(4294967330.241:46): pid=20782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2962" name="version" dev="configfs" ino=85555 res=0 errno=0 [ 853.468981][T20804] binder: 20803:20804 ioctl 5309 38 returned -22 [ 853.519244][T20805] netlink: 'syz.2.2967': attribute type 1 has an invalid length. [ 853.569961][T20804] binder: 20803:20804 ioctl ae41 ffffffffffffffff returned -22 [ 854.225061][T20814] random: crng reseeded on system resumption [ 854.560677][T20831] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2973'. [ 854.617211][T20833] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2973'. [ 855.951182][T20847] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 855.991798][T20847] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 856.021026][T20847] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 856.045423][T20847] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 856.939508][T20880] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2984'. [ 857.644741][T20903] FAULT_INJECTION: forcing a failure. [ 857.644741][T20903] name failslab, interval 1, probability 0, space 0, times 0 [ 857.659720][ T7153] Bluetooth: hci4: command 0x0c1a tx timeout [ 857.726977][T20903] CPU: 0 UID: 0 PID: 20903 Comm: syz.0.2988 Tainted: G L syzkaller #0 PREEMPT(full) [ 857.727005][T20903] Tainted: [L]=SOFTLOCKUP [ 857.727011][T20903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 857.727021][T20903] Call Trace: [ 857.727027][T20903] [ 857.727034][T20903] dump_stack_lvl+0x100/0x190 [ 857.727058][T20903] should_fail_ex.cold+0x5/0xa [ 857.727084][T20903] should_failslab+0xc2/0x120 [ 857.727104][T20903] __kmalloc_cache_noprof+0x80/0x810 [ 857.727121][T20903] ? kvm_dev_ioctl+0xa8d/0x1a80 [ 857.727146][T20903] ? kvm_dev_ioctl+0xa8d/0x1a80 [ 857.727169][T20903] kvm_dev_ioctl+0xa8d/0x1a80 [ 857.727192][T20903] ? find_held_lock+0x2b/0x80 [ 857.727207][T20903] ? hook_file_ioctl_common+0x146/0x410 [ 857.727230][T20903] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 857.727252][T20903] ? __fget_files+0x21f/0x3d0 [ 857.727271][T20903] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 857.727293][T20903] __x64_sys_ioctl+0x18e/0x210 [ 857.727318][T20903] do_syscall_64+0xc9/0xf80 [ 857.727338][T20903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 857.727355][T20903] RIP: 0033:0x7f8c5bb9aeb9 [ 857.727369][T20903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 857.727384][T20903] RSP: 002b:00007f8c5c9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 857.727400][T20903] RAX: ffffffffffffffda RBX: 00007f8c5be15fa0 RCX: 00007f8c5bb9aeb9 [ 857.727410][T20903] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 857.727419][T20903] RBP: 00007f8c5bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 857.727428][T20903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 857.727437][T20903] R13: 00007f8c5be16038 R14: 00007f8c5be15fa0 R15: 00007ffc183fd438 [ 857.727457][T20903] [ 858.225172][ T7153] Bluetooth: hci0: command 0x0c1a tx timeout [ 858.232197][ T7153] Bluetooth: hci2: command 0x0c1a tx timeout [ 858.238336][ T7153] Bluetooth: hci3: command 0x0c1a tx timeout [ 859.907189][T20941] futex_wake_op: syz.3.2996 tries to shift op by -2048; fix this program [ 859.979123][T20934] binder: 20930:20934 ioctl 4018620d ffffffffffffffff returned -22 [ 860.003036][T20941] futex_wake_op: syz.3.2996 tries to shift op by -2048; fix this program [ 860.134875][T20928] sp0: Synchronizing with TNC [ 860.162878][T20944] ubi1: attaching mtd1 [ 860.178269][T20944] ubi1 error: ubi_attach_mtd_dev: bad VID header (16777279) or data offsets (16777343) [ 861.382802][T20972] [U] [ 861.386001][T20972] [U] [ 861.388682][T20972] [U] [ 861.391355][T20972] [U] [ 861.415995][T20934] zero sized request [ 861.454357][T20972] [U] [ 861.457073][T20972] [U] [ 861.459749][T20972] [U] [ 861.462515][T20972] [U] [ 861.533562][T20972] [U] [ 861.536295][T20972] [U] [ 861.538971][T20972] [U] [ 861.541644][T20972] [U] [ 861.596953][T20972] [U] [ 861.599671][T20972] [U] [ 861.602433][T20972] [U] [ 861.605103][T20972] [U] [ 861.633875][T20972] [U] [ 861.636595][T20972] [U] [ 861.639274][T20972] [U] [ 861.641947][T20972] [U] [ 861.677548][T20972] [U] [ 861.680275][T20972] [U] [ 861.682956][T20972] [U] [ 861.685630][T20972] [U] [ 861.712141][T20972] [U] [ 861.714854][T20972] [U] [ 861.717528][T20972] [U] [ 861.720286][T20972] [U] [ 861.809969][T20972] [U] [ 861.812691][T20972] [U] [ 861.815477][T20972] [U] [ 861.818426][T20972] [U] [ 861.849172][T20972] [U] [ 861.851921][T20972] [U] [ 861.854612][T20972] [U] [ 861.857284][T20972] [U] [ 861.930609][T20972] [U] [ 861.933324][T20972] [U] [ 861.936047][T20972] [U] [ 861.938731][T20972] [U] [ 861.986393][T20972] [U] [ 861.989111][T20972] [U] [ 861.991783][T20972] [U] [ 861.994453][T20972] [U] [ 862.035415][T20986] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3007'. [ 862.067996][T20972] [U] [ 862.276402][T20997] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3008'. [ 862.752476][T21009] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 865.037040][T21070] __vm_enough_memory: pid: 21070, comm: syz.2.3021, bytes: 4398046511104 not enough memory for the allocation [ 865.227120][T21072] ubi1: attaching mtd1 [ 865.248178][T21072] ubi1 error: ubi_attach_mtd_dev: bad VID header (16777279) or data offsets (16777343) [ 867.224554][T21110] zswap: compressor not available [ 867.531092][T21119] ubi1: attaching mtd1 [ 867.535194][T21119] ubi1 error: ubi_attach_mtd_dev: bad VID header (16777279) or data offsets (16777343) [ 869.009158][T21135] Process accounting resumed [ 871.098324][T21217] __vm_enough_memory: pid: 21217, comm: syz.0.3056, bytes: 4398046511104 not enough memory for the allocation [ 871.592019][T21210] Process accounting paused [ 872.462179][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 872.475049][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 873.069724][T21271] FAULT_INJECTION: forcing a failure. [ 873.069724][T21271] name failslab, interval 1, probability 0, space 0, times 0 [ 873.135438][T21271] CPU: 0 UID: 0 PID: 21271 Comm: syz.0.3068 Tainted: G L syzkaller #0 PREEMPT(full) [ 873.135463][T21271] Tainted: [L]=SOFTLOCKUP [ 873.135469][T21271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 873.135478][T21271] Call Trace: [ 873.135484][T21271] [ 873.135490][T21271] dump_stack_lvl+0x100/0x190 [ 873.135514][T21271] should_fail_ex.cold+0x5/0xa [ 873.135537][T21271] should_failslab+0xc2/0x120 [ 873.135558][T21271] kmem_cache_alloc_noprof+0x83/0x780 [ 873.135577][T21271] ? dup_fd+0x4d/0xd10 [ 873.135595][T21271] ? dup_fd+0x4d/0xd10 [ 873.135616][T21271] dup_fd+0x4d/0xd10 [ 873.135631][T21271] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 873.135652][T21271] ? __fget_files+0x21f/0x3d0 [ 873.135669][T21271] ksys_unshare+0x78f/0xab0 [ 873.135690][T21271] ? __pfx_ksys_unshare+0x10/0x10 [ 873.135709][T21271] ? ksys_write+0x1ac/0x250 [ 873.135730][T21271] __x64_sys_unshare+0x31/0x40 [ 873.135749][T21271] do_syscall_64+0xc9/0xf80 [ 873.135768][T21271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 873.135783][T21271] RIP: 0033:0x7f8c5bb9aeb9 [ 873.135795][T21271] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 873.135808][T21271] RSP: 002b:00007f8c5c9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 873.135823][T21271] RAX: ffffffffffffffda RBX: 00007f8c5be15fa0 RCX: 00007f8c5bb9aeb9 [ 873.135833][T21271] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 873.135841][T21271] RBP: 00007f8c5c9ed090 R08: 0000000000000000 R09: 0000000000000000 [ 873.135850][T21271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 873.135858][T21271] R13: 00007f8c5be16038 R14: 00007f8c5be15fa0 R15: 00007ffc183fd438 [ 873.135877][T21271] [ 873.509472][T21280] kernel profiling enabled (shift: 15) [ 873.547253][T21276] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 874.475493][T21303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3075'. [ 874.591496][T21297] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3074'. [ 874.621772][T21303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3075'. [ 874.746094][T21297] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 874.992992][T21320] FAULT_INJECTION: forcing a failure. [ 874.992992][T21320] name failslab, interval 1, probability 0, space 0, times 0 [ 875.023599][T21322] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3081'. [ 875.044950][T21320] CPU: 0 UID: 0 PID: 21320 Comm: syz.3.3080 Tainted: G L syzkaller #0 PREEMPT(full) [ 875.044975][T21320] Tainted: [L]=SOFTLOCKUP [ 875.044981][T21320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 875.044990][T21320] Call Trace: [ 875.044996][T21320] [ 875.045002][T21320] dump_stack_lvl+0x100/0x190 [ 875.045025][T21320] should_fail_ex.cold+0x5/0xa [ 875.045048][T21320] should_failslab+0xc2/0x120 [ 875.045068][T21320] __kmalloc_cache_noprof+0x80/0x810 [ 875.045083][T21320] ? alloc_fdtable+0xbd/0x2d0 [ 875.045098][T21320] ? dup_fd+0x924/0xd10 [ 875.045115][T21320] ? alloc_fdtable+0xbd/0x2d0 [ 875.045128][T21320] alloc_fdtable+0xbd/0x2d0 [ 875.045144][T21320] dup_fd+0x995/0xd10 [ 875.045162][T21320] ? __fget_files+0x21f/0x3d0 [ 875.045178][T21320] ksys_unshare+0x78f/0xab0 [ 875.045199][T21320] ? __pfx_ksys_unshare+0x10/0x10 [ 875.045218][T21320] ? ksys_write+0x1ac/0x250 [ 875.045240][T21320] __x64_sys_unshare+0x31/0x40 [ 875.045259][T21320] do_syscall_64+0xc9/0xf80 [ 875.045278][T21320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 875.045293][T21320] RIP: 0033:0x7f38eab9aeb9 [ 875.045304][T21320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 875.045318][T21320] RSP: 002b:00007f38eb9b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 875.045332][T21320] RAX: ffffffffffffffda RBX: 00007f38eae15fa0 RCX: 00007f38eab9aeb9 [ 875.045342][T21320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 875.045351][T21320] RBP: 00007f38eb9b7090 R08: 0000000000000000 R09: 0000000000000000 [ 875.045359][T21320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 875.045368][T21320] R13: 00007f38eae16038 R14: 00007f38eae15fa0 R15: 00007fff7e1e2dd8 [ 875.045386][T21320] [ 875.401161][T21331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3084'. [ 875.679533][T21339] netlink: 'syz.3.3087': attribute type 1 has an invalid length. [ 876.148470][T21362] FAULT_INJECTION: forcing a failure. [ 876.148470][T21362] name failslab, interval 1, probability 0, space 0, times 0 [ 876.268583][T21362] CPU: 0 UID: 0 PID: 21362 Comm: syz.0.3092 Tainted: G L syzkaller #0 PREEMPT(full) [ 876.268610][T21362] Tainted: [L]=SOFTLOCKUP [ 876.268615][T21362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 876.268625][T21362] Call Trace: [ 876.268631][T21362] [ 876.268637][T21362] dump_stack_lvl+0x100/0x190 [ 876.268658][T21362] should_fail_ex.cold+0x5/0xa [ 876.268682][T21362] should_failslab+0xc2/0x120 [ 876.268702][T21362] kmem_cache_alloc_noprof+0x83/0x780 [ 876.268720][T21362] ? __anon_vma_prepare+0xae/0x5e0 [ 876.268740][T21362] ? __anon_vma_prepare+0xae/0x5e0 [ 876.268754][T21362] __anon_vma_prepare+0xae/0x5e0 [ 876.268772][T21362] __vmf_anon_prepare+0x11f/0x250 [ 876.268794][T21362] do_huge_pmd_anonymous_page+0x161/0x1c00 [ 876.268810][T21362] ? __pfx_pgd_none+0x10/0x10 [ 876.268829][T21362] __handle_mm_fault+0x1e96/0x2b50 [ 876.268847][T21362] ? mt_find+0x45e/0x8e0 [ 876.268866][T21362] ? __pfx___handle_mm_fault+0x10/0x10 [ 876.268880][T21362] ? __pfx_mt_find+0x10/0x10 [ 876.268916][T21362] handle_mm_fault+0x36d/0xa20 [ 876.268935][T21362] __get_user_pages+0xf9c/0x34d0 [ 876.268963][T21362] ? __pfx___get_user_pages+0x10/0x10 [ 876.268988][T21362] populate_vma_page_range+0x267/0x3f0 [ 876.269011][T21362] ? __pfx_populate_vma_page_range+0x10/0x10 [ 876.269031][T21362] ? __pfx_find_vma_intersection+0x10/0x10 [ 876.269052][T21362] ? do_mmap+0x93f/0x12f0 [ 876.269074][T21362] __mm_populate+0x107/0x3a0 [ 876.269088][T21362] ? __pfx___mm_populate+0x10/0x10 [ 876.269110][T21362] ? up_write+0x290/0x4f0 [ 876.269132][T21362] vm_mmap_pgoff+0x37f/0x470 [ 876.269155][T21362] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 876.269179][T21362] ? __x64_sys_futex+0x34f/0x4d0 [ 876.269197][T21362] ? __x64_sys_futex+0x358/0x4d0 [ 876.269218][T21362] ksys_mmap_pgoff+0x7d/0x5b0 [ 876.269240][T21362] __x64_sys_mmap+0x125/0x190 [ 876.269256][T21362] do_syscall_64+0xc9/0xf80 [ 876.269275][T21362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 876.269296][T21362] RIP: 0033:0x7f8c5bb9aeb9 [ 876.269308][T21362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 876.269322][T21362] RSP: 002b:00007f8c5c9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 876.269337][T21362] RAX: ffffffffffffffda RBX: 00007f8c5be15fa0 RCX: 00007f8c5bb9aeb9 [ 876.269346][T21362] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 876.269355][T21362] RBP: 00007f8c5bc08c1f R08: 0000000000000002 R09: 0000000000008000 [ 876.269363][T21362] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 876.269372][T21362] R13: 00007f8c5be16038 R14: 00007f8c5be15fa0 R15: 00007ffc183fd438 [ 876.269391][T21362] [ 876.967158][T21370] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3093'. [ 877.720252][T21391] FAULT_INJECTION: forcing a failure. [ 877.720252][T21391] name failslab, interval 1, probability 0, space 0, times 0 [ 877.901851][T21391] CPU: 0 UID: 0 PID: 21391 Comm: syz.2.3097 Tainted: G L syzkaller #0 PREEMPT(full) [ 877.901879][T21391] Tainted: [L]=SOFTLOCKUP [ 877.901885][T21391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 877.901895][T21391] Call Trace: [ 877.901901][T21391] [ 877.901907][T21391] dump_stack_lvl+0x100/0x190 [ 877.901930][T21391] should_fail_ex.cold+0x5/0xa [ 877.901956][T21391] should_failslab+0xc2/0x120 [ 877.901978][T21391] ? alloc_pipe_info+0x1ec/0x590 [ 877.901995][T21391] __kmalloc_noprof+0xf6/0x9c0 [ 877.902016][T21391] ? alloc_pipe_info+0x1ec/0x590 [ 877.902033][T21391] alloc_pipe_info+0x1ec/0x590 [ 877.902054][T21391] create_pipe_files+0x8c/0x970 [ 877.902074][T21391] do_pipe2+0xbd/0x1e0 [ 877.902092][T21391] ? __pfx_do_pipe2+0x10/0x10 [ 877.902109][T21391] ? xfd_validate_state+0x129/0x190 [ 877.902137][T21391] __x64_sys_pipe+0x33/0x50 [ 877.902163][T21391] do_syscall_64+0xc9/0xf80 [ 877.902184][T21391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 877.902200][T21391] RIP: 0033:0x7f83e039aeb9 [ 877.902213][T21391] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 877.902228][T21391] RSP: 002b:00007f83e12c1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 877.902244][T21391] RAX: ffffffffffffffda RBX: 00007f83e0616090 RCX: 00007f83e039aeb9 [ 877.902254][T21391] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 877.902262][T21391] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000000 [ 877.902271][T21391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 877.902280][T21391] R13: 00007f83e0616128 R14: 00007f83e0616090 R15: 00007ffd2d392c88 [ 877.902299][T21391] [ 880.693117][T21437] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3105'. [ 880.932820][T21443] binder: BINDER_SET_CONTEXT_MGR already set [ 881.087379][T21443] binder: 21428:21443 ioctl 40046207 0 returned -16 [ 881.312472][T21451] __vm_enough_memory: pid: 21451, comm: syz.0.3109, bytes: 4398046511104 not enough memory for the allocation [ 882.971579][T21482] random: crng reseeded on system resumption [ 884.331693][ T6112] Bluetooth: hci0: unexpected event 0x31 length: 19 > 6 [ 884.686321][ T30] audit: type=1107 audit(4294967362.518:47): pid=21517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 884.715409][ T30] audit: type=1107 audit(4294967362.559:48): pid=21517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 884.904495][T21521] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 884.981163][T21513] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 884.981274][T21513] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 884.981365][T21513] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 884.981456][T21513] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 887.018381][ T7153] Bluetooth: hci2: command 0x0c1a tx timeout [ 887.024541][ T6112] Bluetooth: hci3: command 0x0c1a tx timeout [ 887.031301][ T7153] Bluetooth: hci0: command 0x0c1a tx timeout [ 887.037418][ T6112] Bluetooth: hci4: command 0x0c1a tx timeout [ 887.094274][T21568] NFSD: Failed to start, no listeners configured. [ 890.083092][T21628] FAULT_INJECTION: forcing a failure. [ 890.083092][T21628] name failslab, interval 1, probability 0, space 0, times 0 [ 890.135359][T21628] CPU: 0 UID: 0 PID: 21628 Comm: syz.1.3143 Tainted: G L syzkaller #0 PREEMPT(full) [ 890.135384][T21628] Tainted: [L]=SOFTLOCKUP [ 890.135389][T21628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 890.135398][T21628] Call Trace: [ 890.135403][T21628] [ 890.135409][T21628] dump_stack_lvl+0x100/0x190 [ 890.135432][T21628] should_fail_ex.cold+0x5/0xa [ 890.135455][T21628] should_failslab+0xc2/0x120 [ 890.135476][T21628] __kvmalloc_node_noprof+0x101/0xac0 [ 890.135494][T21628] ? __pfx__mutex_trylock_nest_lock+0x10/0x10 [ 890.135513][T21628] ? file_tty_write.isra.0+0x64e/0x890 [ 890.135538][T21628] ? file_tty_write.isra.0+0x64e/0x890 [ 890.135557][T21628] file_tty_write.isra.0+0x64e/0x890 [ 890.135582][T21628] redirected_tty_write+0xd4/0x120 [ 890.135603][T21628] do_iter_readv_writev+0x6ee/0x920 [ 890.135620][T21628] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 890.135633][T21628] ? common_file_perm+0x1ab/0x4f0 [ 890.135656][T21628] ? bpf_lsm_file_permission+0x9/0x10 [ 890.135675][T21628] ? security_file_permission+0x76/0x210 [ 890.135697][T21628] ? rw_verify_area+0xce/0x6d0 [ 890.135713][T21628] vfs_writev+0x360/0xe10 [ 890.135726][T21628] ? get_pid_task+0x106/0x250 [ 890.135750][T21628] ? __pfx_vfs_writev+0x10/0x10 [ 890.135765][T21628] ? find_held_lock+0x2b/0x80 [ 890.135791][T21628] ? __fget_files+0x21f/0x3d0 [ 890.135812][T21628] ? do_writev+0x13e/0x340 [ 890.135825][T21628] do_writev+0x13e/0x340 [ 890.135839][T21628] ? __pfx_do_writev+0x10/0x10 [ 890.135859][T21628] do_syscall_64+0xc9/0xf80 [ 890.135878][T21628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 890.135893][T21628] RIP: 0033:0x7f091d59aeb9 [ 890.135905][T21628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 890.135919][T21628] RSP: 002b:00007f091e3de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 890.135933][T21628] RAX: ffffffffffffffda RBX: 00007f091d815fa0 RCX: 00007f091d59aeb9 [ 890.135943][T21628] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003 [ 890.135952][T21628] RBP: 00007f091e3de090 R08: 0000000000000000 R09: 0000000000000000 [ 890.135961][T21628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 890.135969][T21628] R13: 00007f091d816038 R14: 00007f091d815fa0 R15: 00007fff2b8a5498 [ 890.135988][T21628] [ 891.059415][T21642] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 891.059580][T21642] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 891.059716][T21642] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 891.060963][T21642] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 892.580871][T21687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 892.646644][T21687] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 892.713482][T21687] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 892.753406][T21687] page_type: f5(slab) [ 892.764978][T21687] raw: 00fff00000000040 ffff88801c6c38c0 dead000000000122 0000000000000000 [ 892.788976][T21687] raw: 0000000000000000 0000000000190019 00000000f5000000 0000000000000000 [ 892.839626][T21687] head: 00fff00000000040 ffff88801c6c38c0 dead000000000122 0000000000000000 [ 892.912616][T21687] head: 0000000000000000 0000000000190019 00000000f5000000 0000000000000000 [ 892.962963][T21687] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 893.006094][T21687] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 893.049105][T21687] page dumped because: unmovable page [ 893.070275][T21576] Bluetooth: hci2: command 0x0c1a tx timeout [ 893.076300][T21576] Bluetooth: hci3: command 0x0c1a tx timeout [ 893.085701][ T7022] Bluetooth: hci0: command 0x0c1a tx timeout [ 893.093684][ T6112] Bluetooth: hci4: command 0x0c1a tx timeout [ 893.103110][T21687] page_owner tracks the page as allocated [ 893.130008][T21687] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5211, tgid 5211 (udevadm), ts 36044695199, free_ts 29701452642 [ 893.275679][T21687] post_alloc_hook+0x1e1/0x250 [ 893.280484][T21687] get_page_from_freelist+0xe3d/0x2e10 [ 893.333413][T21687] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 893.371240][T21687] alloc_pages_mpol+0x1fb/0x550 [ 893.385338][T21687] new_slab+0x2c4/0x440 [ 893.417845][T21687] ___slab_alloc+0xda3/0x1ca0 [ 893.422564][T21687] __slab_alloc.isra.0+0x63/0x110 [ 893.478258][T21687] kmem_cache_alloc_lru_noprof+0x507/0x7d0 [ 893.502922][T21687] alloc_inode+0x183/0x250 [ 893.531534][T21687] iget_locked+0x1d9/0x6d0 [ 893.547328][T21687] kernfs_get_inode+0x46/0x470 [ 893.570678][T21687] kernfs_iop_lookup+0x1a7/0x2d0 [ 893.600763][T21687] __lookup_slow+0x251/0x460 [ 893.634314][T21687] lookup_slow+0x50/0x70 [ 893.638645][T21687] path_lookupat+0x5e8/0xc40 [ 893.656621][T21687] filename_lookup+0x202/0x590 [ 893.661424][T21687] page last free pid 1 tgid 1 stack trace: [ 893.677591][T21687] __free_frozen_pages+0x822/0x1130 [ 893.682824][T21687] free_contig_range+0x1a3/0x520 [ 893.698139][T21687] destroy_args+0xa8/0x7a0 [ 893.708237][T21687] debug_vm_pgtable+0x1b66/0x34b0 [ 893.718329][T21687] do_one_initcall+0x11d/0x690 [ 893.743094][T21687] kernel_init_freeable+0x6e5/0x790 [ 893.748330][T21687] kernel_init+0x1f/0x1e0 [ 893.763987][T21687] ret_from_fork+0x754/0xaf0 [ 893.768606][T21687] ret_from_fork_asm+0x1a/0x30 [ 895.403306][T21766] NFSD: Failed to start, no listeners configured. [ 896.430016][T21804] FAULT_INJECTION: forcing a failure. [ 896.430016][T21804] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 896.505441][T21804] CPU: 0 UID: 0 PID: 21804 Comm: syz.0.3175 Tainted: G L syzkaller #0 PREEMPT(full) [ 896.505469][T21804] Tainted: [L]=SOFTLOCKUP [ 896.505475][T21804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 896.505485][T21804] Call Trace: [ 896.505490][T21804] [ 896.505498][T21804] dump_stack_lvl+0x100/0x190 [ 896.505520][T21804] should_fail_ex.cold+0x5/0xa [ 896.505548][T21804] ? prepare_alloc_pages+0x16d/0x5f0 [ 896.505574][T21804] should_fail_alloc_page+0xeb/0x140 [ 896.505596][T21804] prepare_alloc_pages+0x1f0/0x5f0 [ 896.505622][T21804] __alloc_frozen_pages_noprof+0x193/0x2410 [ 896.505642][T21804] ? lock_acquire+0x17c/0x330 [ 896.505662][T21804] ? find_held_lock+0x2b/0x80 [ 896.505677][T21804] ? page_table_check_set+0x49a/0xa10 [ 896.505694][T21804] ? page_table_check_set+0x49a/0xa10 [ 896.505715][T21804] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 896.505736][T21804] ? __asan_memcpy+0x3c/0x60 [ 896.505755][T21804] ? __pfx_interleave_nid+0x10/0x10 [ 896.505774][T21804] ? find_held_lock+0x2b/0x80 [ 896.505792][T21804] ? policy_nodemask+0xed/0x4f0 [ 896.505813][T21804] alloc_pages_mpol+0x1fb/0x550 [ 896.505835][T21804] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 896.505860][T21804] folio_alloc_mpol_noprof+0x36/0x340 [ 896.505884][T21804] vma_alloc_folio_noprof+0xed/0x1d0 [ 896.505907][T21804] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 896.505935][T21804] do_anonymous_page+0xb10/0x1f40 [ 896.505959][T21804] __handle_mm_fault+0x1d3a/0x2b50 [ 896.505978][T21804] ? reacquire_held_locks+0xce/0x1e0 [ 896.505998][T21804] ? __pfx___handle_mm_fault+0x10/0x10 [ 896.506018][T21804] ? lock_vma_under_rcu+0x17c/0x5a0 [ 896.506045][T21804] handle_mm_fault+0x36d/0xa20 [ 896.506064][T21804] do_user_addr_fault+0x5a3/0x12f0 [ 896.506087][T21804] exc_page_fault+0x6f/0xd0 [ 896.506105][T21804] asm_exc_page_fault+0x26/0x30 [ 896.506120][T21804] RIP: 0033:0x7f8c5ba5c86b [ 896.506135][T21804] Code: 00 00 00 48 8d 3d bd b0 1a 00 48 89 c1 31 c0 e8 fb 36 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 b0 1a 00 48 89 34 24 48 8b 14 24 48 8b [ 896.506150][T21804] RSP: 002b:00007f8c5c9ebfa0 EFLAGS: 00010206 [ 896.506163][T21804] RAX: 0000000000000000 RBX: 00007f8c5be15fa0 RCX: 0000000000000000 [ 896.506173][T21804] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000140 [ 896.506184][T21804] RBP: 00007f8c5bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 896.506193][T21804] R10: 0000200000000140 R11: 0000000000000000 R12: 0000000000000000 [ 896.506202][T21804] R13: 00007f8c5be16038 R14: 00007f8c5be15fa0 R15: 00007ffc183fd438 [ 896.506223][T21804] [ 896.506419][T21804] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 897.121797][T21811] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3176'. [ 898.054373][T21829] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3179'. [ 898.138666][T21838] random: crng reseeded on system resumption [ 899.026395][ T30] audit: type=1800 audit(4294967386.950:49): pid=21855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3183" name="dbroot" dev="configfs" ino=93012 res=0 errno=0 [ 899.073806][T21855] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3183'. [ 899.206518][T21850] Process accounting paused [ 899.348228][T21855] team0: Port device team_slave_1 removed [ 899.838988][T21879] NFSD: Failed to start, no listeners configured. [ 902.400917][T21933] FAULT_INJECTION: forcing a failure. [ 902.400917][T21933] name failslab, interval 1, probability 0, space 0, times 0 [ 902.537922][T21933] CPU: 0 UID: 0 PID: 21933 Comm: syz.3.3195 Tainted: G L syzkaller #0 PREEMPT(full) [ 902.537961][T21933] Tainted: [L]=SOFTLOCKUP [ 902.537967][T21933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 902.537976][T21933] Call Trace: [ 902.537981][T21933] [ 902.537988][T21933] dump_stack_lvl+0x100/0x190 [ 902.538010][T21933] should_fail_ex.cold+0x5/0xa [ 902.538034][T21933] should_failslab+0xc2/0x120 [ 902.538054][T21933] __kmalloc_cache_noprof+0x80/0x810 [ 902.538069][T21933] ? shrinker_alloc+0xf5/0xbc0 [ 902.538091][T21933] ? shrinker_alloc+0xf5/0xbc0 [ 902.538107][T21933] shrinker_alloc+0xf5/0xbc0 [ 902.538124][T21933] ? find_held_lock+0x2b/0x80 [ 902.538140][T21933] ? mark_held_locks+0x40/0x70 [ 902.538158][T21933] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 902.538175][T21933] ? rcu_is_watching+0x12/0xc0 [ 902.538190][T21933] ? __pfx_shrinker_alloc+0x10/0x10 [ 902.538210][T21933] ? lockdep_init_map_type+0x5c/0x250 [ 902.538229][T21933] ? lockdep_init_map_type+0x5c/0x250 [ 902.538248][T21933] ? __raw_spin_lock_init+0x3a/0x110 [ 902.538267][T21933] ? __init_rwsem+0x12d/0x1b0 [ 902.538289][T21933] alloc_super+0x7bf/0xd20 [ 902.538307][T21933] ? __pfx_mqueue_fill_super+0x10/0x10 [ 902.538324][T21933] sget_fc+0x117/0xc70 [ 902.538341][T21933] ? __pfx_set_anon_super_fc+0x10/0x10 [ 902.538356][T21933] ? __pfx_mqueue_fill_super+0x10/0x10 [ 902.538372][T21933] get_tree_nodev+0x28/0x190 [ 902.538388][T21933] mqueue_get_tree+0xf1/0x130 [ 902.538405][T21933] vfs_get_tree+0x92/0x320 [ 902.538418][T21933] fc_mount_longterm+0x1a/0x270 [ 902.538433][T21933] mq_init_ns+0x482/0x820 [ 902.538453][T21933] copy_ipcs+0x3dd/0x7e0 [ 902.538473][T21933] create_new_namespaces+0x20a/0xab0 [ 902.538489][T21933] ? security_capable+0x80/0x260 [ 902.538509][T21933] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 902.538527][T21933] ksys_unshare+0x455/0xab0 [ 902.538548][T21933] ? __pfx_ksys_unshare+0x10/0x10 [ 902.538567][T21933] ? ksys_write+0x1ac/0x250 [ 902.538589][T21933] __x64_sys_unshare+0x31/0x40 [ 902.538608][T21933] do_syscall_64+0xc9/0xf80 [ 902.538626][T21933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 902.538641][T21933] RIP: 0033:0x7f38eab9aeb9 [ 902.538654][T21933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 902.538668][T21933] RSP: 002b:00007f38eb9b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 902.538683][T21933] RAX: ffffffffffffffda RBX: 00007f38eae15fa0 RCX: 00007f38eab9aeb9 [ 902.538692][T21933] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 902.538701][T21933] RBP: 00007f38eb9b7090 R08: 0000000000000000 R09: 0000000000000000 [ 902.538710][T21933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 902.538718][T21933] R13: 00007f38eae16038 R14: 00007f38eae15fa0 R15: 00007fff7e1e2dd8 [ 902.538737][T21933] [ 903.685405][T21891] Process accounting resumed [ 906.274547][T21993] HfR: entered promiscuous mode [ 906.312723][T21994] openvswitch: HfR: Dropping previously announced user features [ 908.130814][T22033] kvm_intel: kvm [22032]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xfffffffffffffffe [ 908.351851][T22037] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3219'. [ 910.338206][T22079] FAULT_INJECTION: forcing a failure. [ 910.338206][T22079] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 910.526708][T22079] CPU: 0 UID: 0 PID: 22079 Comm: syz.2.3226 Tainted: G L syzkaller #0 PREEMPT(full) [ 910.526735][T22079] Tainted: [L]=SOFTLOCKUP [ 910.526740][T22079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 910.526749][T22079] Call Trace: [ 910.526754][T22079] [ 910.526760][T22079] dump_stack_lvl+0x100/0x190 [ 910.526782][T22079] should_fail_ex.cold+0x5/0xa [ 910.526805][T22079] strncpy_from_user+0x3b/0x2d0 [ 910.526827][T22079] getname_flags.part.0+0x8f/0x540 [ 910.526851][T22079] getname_flags+0x93/0xf0 [ 910.526865][T22079] do_sys_openat2+0xc5/0x220 [ 910.526887][T22079] ? __pfx_do_sys_openat2+0x10/0x10 [ 910.526906][T22079] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 910.526933][T22079] __x64_sys_openat+0x12d/0x210 [ 910.526954][T22079] ? __pfx___x64_sys_openat+0x10/0x10 [ 910.526976][T22079] ? xfd_validate_state+0x129/0x190 [ 910.527003][T22079] do_syscall_64+0xc9/0xf80 [ 910.527022][T22079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 910.527037][T22079] RIP: 0033:0x7f83e039aeb9 [ 910.527049][T22079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 910.527062][T22079] RSP: 002b:00007f83e127f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 910.527077][T22079] RAX: ffffffffffffffda RBX: 00007f83e0616270 RCX: 00007f83e039aeb9 [ 910.527087][T22079] RDX: 0000000000222680 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 910.527096][T22079] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000000 [ 910.527105][T22079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 910.527113][T22079] R13: 00007f83e0616308 R14: 00007f83e0616270 R15: 00007ffd2d392c88 [ 910.527132][T22079] [ 910.955541][T22090] FAULT_INJECTION: forcing a failure. [ 910.955541][T22090] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 911.008044][T22090] CPU: 0 UID: 0 PID: 22090 Comm: syz.1.3228 Tainted: G L syzkaller #0 PREEMPT(full) [ 911.008072][T22090] Tainted: [L]=SOFTLOCKUP [ 911.008078][T22090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 911.008088][T22090] Call Trace: [ 911.008094][T22090] [ 911.008101][T22090] dump_stack_lvl+0x100/0x190 [ 911.008125][T22090] should_fail_ex.cold+0x5/0xa [ 911.008169][T22090] ? prepare_alloc_pages+0x16d/0x5f0 [ 911.008200][T22090] should_fail_alloc_page+0xeb/0x140 [ 911.008223][T22090] prepare_alloc_pages+0x1f0/0x5f0 [ 911.008249][T22090] __alloc_frozen_pages_noprof+0x193/0x2410 [ 911.008269][T22090] ? lock_acquire+0x17c/0x330 [ 911.008289][T22090] ? find_held_lock+0x2b/0x80 [ 911.008303][T22090] ? page_table_check_set+0x49a/0xa10 [ 911.008320][T22090] ? page_table_check_set+0x49a/0xa10 [ 911.008341][T22090] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 911.008362][T22090] ? __asan_memcpy+0x3c/0x60 [ 911.008381][T22090] ? __pfx_interleave_nid+0x10/0x10 [ 911.008401][T22090] ? find_held_lock+0x2b/0x80 [ 911.008418][T22090] ? policy_nodemask+0xed/0x4f0 [ 911.008440][T22090] alloc_pages_mpol+0x1fb/0x550 [ 911.008461][T22090] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 911.008486][T22090] folio_alloc_mpol_noprof+0x36/0x340 [ 911.008510][T22090] vma_alloc_folio_noprof+0xed/0x1d0 [ 911.008533][T22090] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 911.008562][T22090] do_anonymous_page+0xb10/0x1f40 [ 911.008585][T22090] __handle_mm_fault+0x1d3a/0x2b50 [ 911.008605][T22090] ? reacquire_held_locks+0xce/0x1e0 [ 911.008625][T22090] ? __pfx___handle_mm_fault+0x10/0x10 [ 911.008644][T22090] ? lock_vma_under_rcu+0x17c/0x5a0 [ 911.008671][T22090] handle_mm_fault+0x36d/0xa20 [ 911.008691][T22090] do_user_addr_fault+0x5a3/0x12f0 [ 911.008713][T22090] exc_page_fault+0x6f/0xd0 [ 911.008732][T22090] asm_exc_page_fault+0x26/0x30 [ 911.008747][T22090] RIP: 0033:0x7f091d45c86b [ 911.008761][T22090] Code: 00 00 00 48 8d 3d bd b0 1a 00 48 89 c1 31 c0 e8 fb 36 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 b0 1a 00 48 89 34 24 48 8b 14 24 48 8b [ 911.008777][T22090] RSP: 002b:00007f091e3dcfa0 EFLAGS: 00010206 [ 911.008791][T22090] RAX: 0000000000000000 RBX: 00007f091d815fa0 RCX: 0000000000000000 [ 911.008800][T22090] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000140 [ 911.008810][T22090] RBP: 00007f091d608c1f R08: 0000000000000000 R09: 0000000000000000 [ 911.008819][T22090] R10: 0000200000000140 R11: 0000000000000000 R12: 0000000000000000 [ 911.008828][T22090] R13: 00007f091d816038 R14: 00007f091d815fa0 R15: 00007fff2b8a5498 [ 911.008848][T22090] [ 911.008861][T22090] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 915.304107][T22169] writes to the poll attribute are ignored. [ 915.331335][T22169] please use driver specific parameters instead. [ 915.704385][T22163] zswap: compressor not available [ 915.975341][T21699] Bluetooth: hci4: unexpected event 0x0b length: 435 > 11 [ 916.510013][T22206] vivid-009: ================= START STATUS ================= [ 916.554049][T22206] vivid-009: Radio HW Seek Mode: Bounded [ 916.593334][T22206] vivid-009: Radio Programmable HW Seek: false [ 916.619044][T22206] vivid-009: RDS Rx I/O Mode: Block I/O [ 916.654586][T22206] vivid-009: Generate RBDS Instead of RDS: false [ 916.687410][T22206] vivid-009: RDS Reception: true [ 916.701474][T22206] vivid-009: RDS Program Type: 0 inactive [ 916.729992][T22206] vivid-009: RDS PS Name: inactive [ 916.757500][T22206] vivid-009: RDS Radio Text: inactive [ 916.792918][T22206] vivid-009: RDS Traffic Announcement: false inactive [ 916.859132][T22206] vivid-009: RDS Traffic Program: false inactive [ 916.898002][T22206] vivid-009: RDS Music: false inactive [ 916.921525][T22206] vivid-009: ================== END STATUS ================== [ 917.153781][T22214] NFSD: Failed to start, no listeners configured. [ 917.179401][T22220] &#$@\]\-: entered promiscuous mode [ 917.667733][T22234] FAULT_INJECTION: forcing a failure. [ 917.667733][T22234] name failslab, interval 1, probability 0, space 0, times 0 [ 917.745595][T22234] CPU: 0 UID: 0 PID: 22234 Comm: syz.1.3257 Tainted: G L syzkaller #0 PREEMPT(full) [ 917.745623][T22234] Tainted: [L]=SOFTLOCKUP [ 917.745629][T22234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 917.745642][T22234] Call Trace: [ 917.745649][T22234] [ 917.745656][T22234] dump_stack_lvl+0x100/0x190 [ 917.745679][T22234] should_fail_ex.cold+0x5/0xa [ 917.745705][T22234] should_failslab+0xc2/0x120 [ 917.745726][T22234] kmem_cache_alloc_noprof+0x83/0x780 [ 917.745746][T22234] ? getname_flags.part.0+0x4c/0x540 [ 917.745772][T22234] ? getname_flags.part.0+0x4c/0x540 [ 917.745792][T22234] getname_flags.part.0+0x4c/0x540 [ 917.745815][T22234] getname_flags+0x93/0xf0 [ 917.745830][T22234] do_sys_openat2+0xc5/0x220 [ 917.745852][T22234] ? __pfx_do_sys_openat2+0x10/0x10 [ 917.745875][T22234] ? __pfx___up_read+0x10/0x10 [ 917.745903][T22234] __x64_sys_open+0xfe/0x1d0 [ 917.745926][T22234] ? __pfx___x64_sys_open+0x10/0x10 [ 917.745948][T22234] ? xfd_validate_state+0x129/0x190 [ 917.745977][T22234] do_syscall_64+0xc9/0xf80 [ 917.745997][T22234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 917.746013][T22234] RIP: 0033:0x7f091d59aeb9 [ 917.746027][T22234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 917.746041][T22234] RSP: 002b:00007f091e3de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 917.746056][T22234] RAX: ffffffffffffffda RBX: 00007f091d815fa0 RCX: 00007f091d59aeb9 [ 917.746066][T22234] RDX: 0000000000000408 RSI: 0000000000591083 RDI: 0000200000000100 [ 917.746076][T22234] RBP: 00007f091d608c1f R08: 0000000000000000 R09: 0000000000000000 [ 917.746085][T22234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 917.746094][T22234] R13: 00007f091d816038 R14: 00007f091d815fa0 R15: 00007fff2b8a5498 [ 917.746114][T22234] [ 920.945644][T22318] bridge0: port 3(team0) entered blocking state [ 921.006097][T22318] bridge0: port 3(team0) entered disabled state [ 921.053508][T22318] team0: entered allmulticast mode [ 921.143136][T22318] team_slave_0: entered allmulticast mode [ 921.188213][T22318] team_slave_1: entered allmulticast mode [ 921.277097][T22318] team0: entered promiscuous mode [ 921.342739][T22318] team_slave_0: entered promiscuous mode [ 921.410478][T22318] team_slave_1: entered promiscuous mode [ 921.452505][T22318] bridge0: port 3(team0) entered blocking state [ 921.458932][T22318] bridge0: port 3(team0) entered forwarding state [ 923.022952][T22361] &#$@\]\-: entered promiscuous mode [ 923.326125][T22368] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1380398707.1482413847.668080931), cmd(5) [ 923.417191][T22373] syz.1.3288 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 924.262558][T22399] bonding: no command found in bonding_masters - use +ifname or -ifname [ 924.934856][T22432] FAULT_INJECTION: forcing a failure. [ 924.934856][T22432] name failslab, interval 1, probability 0, space 0, times 0 [ 924.979907][T22432] CPU: 0 UID: 0 PID: 22432 Comm: syz.1.3301 Tainted: G L syzkaller #0 PREEMPT(full) [ 924.979935][T22432] Tainted: [L]=SOFTLOCKUP [ 924.979941][T22432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 924.979952][T22432] Call Trace: [ 924.979958][T22432] [ 924.979964][T22432] dump_stack_lvl+0x100/0x190 [ 924.979988][T22432] should_fail_ex.cold+0x5/0xa [ 924.980014][T22432] should_failslab+0xc2/0x120 [ 924.980035][T22432] kmem_cache_alloc_noprof+0x83/0x780 [ 924.980055][T22432] ? getname_flags.part.0+0x4c/0x540 [ 924.980080][T22432] ? getname_flags.part.0+0x4c/0x540 [ 924.980101][T22432] getname_flags.part.0+0x4c/0x540 [ 924.980124][T22432] getname_flags+0x93/0xf0 [ 924.980140][T22432] do_sys_openat2+0xc5/0x220 [ 924.980161][T22432] ? __pfx_do_sys_openat2+0x10/0x10 [ 924.980189][T22432] __x64_sys_open+0xfe/0x1d0 [ 924.980211][T22432] ? __pfx___x64_sys_open+0x10/0x10 [ 924.980231][T22432] ? xfd_validate_state+0x129/0x190 [ 924.980260][T22432] do_syscall_64+0xc9/0xf80 [ 924.980279][T22432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 924.980295][T22432] RIP: 0033:0x7f091d59aeb9 [ 924.980308][T22432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 924.980323][T22432] RSP: 002b:00007f091e3de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 924.980338][T22432] RAX: ffffffffffffffda RBX: 00007f091d815fa0 RCX: 00007f091d59aeb9 [ 924.980349][T22432] RDX: 0000000000000000 RSI: 0000000000149443 RDI: 0000200000000040 [ 924.980358][T22432] RBP: 00007f091d608c1f R08: 0000000000000000 R09: 0000000000000000 [ 924.980367][T22432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 924.980377][T22432] R13: 00007f091d816038 R14: 00007f091d815fa0 R15: 00007fff2b8a5498 [ 924.980396][T22432] [ 925.753946][T22450] mkiss: ax0: crc mode is auto. [ 927.318645][T22507] netlink: 'syz.3.3313': attribute type 19 has an invalid length. [ 927.336961][T22507] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3313'. [ 927.904254][T22508] NFSD: Failed to start, no listeners configured. [ 929.407152][T22530] Process accounting resumed [ 931.887603][T22617] vhci_hcd vhci_hcd.3: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 932.810640][T22647] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 932.816679][T22647] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 932.941355][T22647] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 932.987343][T22647] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 933.580764][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 933.587600][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 933.716704][T22664] Process accounting paused [ 934.291625][T22679] blktrace: Concurrent blktraces are not allowed on loop2 [ 934.850199][ T7153] Bluetooth: hci0: command 0x0c1a tx timeout [ 934.856342][T21699] Bluetooth: hci4: command 0x0c1a tx timeout [ 935.008446][ T7153] Bluetooth: hci2: command 0x0c1a tx timeout [ 935.015019][T21699] Bluetooth: hci3: command 0x0c1a tx timeout [ 935.685157][T22717] FAULT_INJECTION: forcing a failure. [ 935.685157][T22717] name failslab, interval 1, probability 0, space 0, times 0 [ 935.778060][T22717] CPU: 0 UID: 0 PID: 22717 Comm: syz.1.3357 Tainted: G L syzkaller #0 PREEMPT(full) [ 935.778086][T22717] Tainted: [L]=SOFTLOCKUP [ 935.778093][T22717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 935.778102][T22717] Call Trace: [ 935.778108][T22717] [ 935.778114][T22717] dump_stack_lvl+0x100/0x190 [ 935.778139][T22717] should_fail_ex.cold+0x5/0xa [ 935.778164][T22717] should_failslab+0xc2/0x120 [ 935.778185][T22717] __kmalloc_node_track_caller_noprof+0xf9/0x9d0 [ 935.778207][T22717] ? create_filter_start.constprop.0+0x15b/0x310 [ 935.778239][T22717] ? kstrdup+0x51/0xe0 [ 935.778259][T22717] kstrdup+0x51/0xe0 [ 935.778279][T22717] create_filter_start.constprop.0+0x15b/0x310 [ 935.778306][T22717] apply_subsystem_event_filter+0x188/0x17a0 [ 935.778327][T22717] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 935.778346][T22717] ? _copy_from_user+0x59/0xd0 [ 935.778371][T22717] subsystem_filter_write+0x95/0x120 [ 935.778388][T22717] vfs_write+0x2aa/0x1070 [ 935.778406][T22717] ? __pfx_subsystem_filter_write+0x10/0x10 [ 935.778423][T22717] ? __pfx_vfs_write+0x10/0x10 [ 935.778438][T22717] ? find_held_lock+0x2b/0x80 [ 935.778454][T22717] ? __fget_files+0x215/0x3d0 [ 935.778473][T22717] ? __fget_files+0x21f/0x3d0 [ 935.778495][T22717] ksys_write+0x12a/0x250 [ 935.778511][T22717] ? __pfx_ksys_write+0x10/0x10 [ 935.778534][T22717] do_syscall_64+0xc9/0xf80 [ 935.778554][T22717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.778569][T22717] RIP: 0033:0x7f091d59aeb9 [ 935.778582][T22717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 935.778597][T22717] RSP: 002b:00007f091e3de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 935.778611][T22717] RAX: ffffffffffffffda RBX: 00007f091d815fa0 RCX: 00007f091d59aeb9 [ 935.778621][T22717] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000006 [ 935.778630][T22717] RBP: 00007f091d608c1f R08: 0000000000000000 R09: 0000000000000000 [ 935.778639][T22717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 935.778648][T22717] R13: 00007f091d816038 R14: 00007f091d815fa0 R15: 00007fff2b8a5498 [ 935.778668][T22717] [ 936.008617][T22719] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3357'. [ 937.783163][T22758] FAULT_INJECTION: forcing a failure. [ 937.783163][T22758] name failslab, interval 1, probability 0, space 0, times 0 [ 937.883892][T22758] CPU: 0 UID: 0 PID: 22758 Comm: syz.3.3367 Tainted: G L syzkaller #0 PREEMPT(full) [ 937.883920][T22758] Tainted: [L]=SOFTLOCKUP [ 937.883926][T22758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 937.883936][T22758] Call Trace: [ 937.883942][T22758] [ 937.883949][T22758] dump_stack_lvl+0x100/0x190 [ 937.883972][T22758] should_fail_ex.cold+0x5/0xa [ 937.883998][T22758] should_failslab+0xc2/0x120 [ 937.884019][T22758] __kmalloc_cache_noprof+0x80/0x810 [ 937.884044][T22758] ? mark_held_locks+0x40/0x70 [ 937.884063][T22758] ? __request_module+0x2b7/0x650 [ 937.884087][T22758] ? lockdep_hardirqs_on+0x78/0x100 [ 937.884107][T22758] ? __request_module+0x2b7/0x650 [ 937.884128][T22758] __request_module+0x2b7/0x650 [ 937.884150][T22758] ? __pfx___request_module+0x10/0x10 [ 937.884174][T22758] ? __mutex_unlock_slowpath+0x15c/0x790 [ 937.884204][T22758] snd_timer_open+0xd78/0x1020 [ 937.884226][T22758] ? __pfx_snd_timer_open+0x10/0x10 [ 937.884246][T22758] ? kstrdup+0xb3/0xe0 [ 937.884269][T22758] __snd_timer_user_ioctl.isra.0+0xd6d/0x27c0 [ 937.884292][T22758] ? __pfx___snd_timer_user_ioctl.isra.0+0x10/0x10 [ 937.884312][T22758] ? lock_acquire+0x17c/0x330 [ 937.884332][T22758] ? __pfx___might_resched+0x10/0x10 [ 937.884359][T22758] ? __mutex_lock+0x26a/0x1b90 [ 937.884377][T22758] ? do_vfs_ioctl+0x226/0x13e0 [ 937.884398][T22758] ? snd_timer_user_ioctl+0x4a/0xd0 [ 937.884418][T22758] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 937.884442][T22758] ? __pfx___mutex_lock+0x10/0x10 [ 937.884463][T22758] ? hook_file_ioctl_common+0x146/0x410 [ 937.884493][T22758] snd_timer_user_ioctl+0x76/0xd0 [ 937.884512][T22758] ? __pfx_snd_timer_user_ioctl+0x10/0x10 [ 937.884532][T22758] __x64_sys_ioctl+0x18e/0x210 [ 937.884557][T22758] do_syscall_64+0xc9/0xf80 [ 937.884577][T22758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 937.884593][T22758] RIP: 0033:0x7f38eab9aeb9 [ 937.884606][T22758] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 937.884621][T22758] RSP: 002b:00007f38eb9b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 937.884637][T22758] RAX: ffffffffffffffda RBX: 00007f38eae15fa0 RCX: 00007f38eab9aeb9 [ 937.884647][T22758] RDX: 0000200000000080 RSI: 0000000040345410 RDI: 0000000000000006 [ 937.884656][T22758] RBP: 00007f38eac08c1f R08: 0000000000000000 R09: 0000000000000000 [ 937.884665][T22758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 937.884675][T22758] R13: 00007f38eae16038 R14: 00007f38eae15fa0 R15: 00007fff7e1e2dd8 [ 937.884695][T22758] [ 940.009018][T22786] FAULT_INJECTION: forcing a failure. [ 940.009018][T22786] name fail_futex, interval 1, probability 0, space 0, times 0 [ 940.176116][T22789] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3370'. [ 940.279865][T22786] CPU: 0 UID: 0 PID: 22786 Comm: syz.3.3370 Tainted: G L syzkaller #0 PREEMPT(full) [ 940.279894][T22786] Tainted: [L]=SOFTLOCKUP [ 940.279899][T22786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 940.279909][T22786] Call Trace: [ 940.279915][T22786] [ 940.279922][T22786] dump_stack_lvl+0x100/0x190 [ 940.279946][T22786] should_fail_ex.cold+0x5/0xa [ 940.279968][T22786] ? __lock_acquire+0x4a5/0x2630 [ 940.279989][T22786] get_futex_key+0x1d2/0x1620 [ 940.280010][T22786] ? __pfx_get_futex_key+0x10/0x10 [ 940.280031][T22786] ? update_se+0x93/0x700 [ 940.280054][T22786] futex_wait_setup+0x81/0x500 [ 940.280073][T22786] __futex_wait+0x19f/0x300 [ 940.280089][T22786] ? __pfx___futex_wait+0x10/0x10 [ 940.280101][T22786] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 940.280118][T22786] ? lockdep_hardirqs_on+0x78/0x100 [ 940.280138][T22786] ? __pfx_futex_wake_mark+0x10/0x10 [ 940.280163][T22786] ? find_held_lock+0x2b/0x80 [ 940.280177][T22786] ? futex_wake+0x456/0x530 [ 940.280204][T22786] futex_wait+0xed/0x380 [ 940.280219][T22786] ? __pfx_futex_wait+0x10/0x10 [ 940.280237][T22786] ? errseq_sample+0x51/0x70 [ 940.280259][T22786] ? file_init_path+0x48e/0x670 [ 940.280282][T22786] do_futex+0x1ef/0x350 [ 940.280303][T22786] ? __pfx_do_futex+0x10/0x10 [ 940.280322][T22786] ? fd_install+0x223/0x580 [ 940.280343][T22786] __x64_sys_futex+0x34f/0x4d0 [ 940.280364][T22786] ? __sys_socket+0xac/0x260 [ 940.280382][T22786] ? __pfx___x64_sys_futex+0x10/0x10 [ 940.280401][T22786] ? xfd_validate_state+0x129/0x190 [ 940.280430][T22786] do_syscall_64+0xc9/0xf80 [ 940.280450][T22786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 940.280466][T22786] RIP: 0033:0x7f38eab9aeb9 [ 940.280479][T22786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 940.280493][T22786] RSP: 002b:00007f38eb9750e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 940.280509][T22786] RAX: ffffffffffffffda RBX: 00007f38eae16188 RCX: 00007f38eab9aeb9 [ 940.280520][T22786] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f38eae16188 [ 940.280530][T22786] RBP: 00007f38eae16180 R08: 0000000000000000 R09: 0000000000000000 [ 940.280539][T22786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 940.280558][T22786] R13: 00007f38eae16218 R14: 00007fff7e1e2cf0 R15: 00007fff7e1e2dd8 [ 940.280578][T22786] [ 941.795436][T22819] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 942.120982][T22807] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 942.161365][T22807] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 942.183252][T22807] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 942.220589][T22807] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 943.057658][T22842] vhci_hcd vhci_hcd.2: invalid port number 16 [ 943.084581][T22842] vhci_hcd vhci_hcd.2: invalid port number 16 [ 943.527627][ T7153] Bluetooth: hci4: command 0x0c1a tx timeout [ 943.681933][T22855] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3384'. [ 943.835882][T22855] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 943.906374][T22855] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 944.131974][T22855] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 944.160901][ T7153] Bluetooth: hci0: command 0x0c1a tx timeout [ 944.195744][T22855] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 944.241820][ T7153] Bluetooth: hci2: command 0x0c1a tx timeout [ 944.249018][T21699] Bluetooth: hci3: command 0x0c1a tx timeout [ 945.443798][T22891] rnbd_client L213: map_device: Parameters missing [ 945.726244][T22894] vhci_hcd vhci_hcd.3: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 946.549692][T22916] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3402'. [ 946.891021][T22919] vhci_hcd vhci_hcd.3: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 948.313138][T22957] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3412'. [ 948.620988][T22964] futex_wake_op: syz.0.3414 tries to shift op by -2048; fix this program [ 948.673329][T22964] futex_wake_op: syz.0.3414 tries to shift op by -2048; fix this program [ 948.732407][T22969] 0x000000000001-0x000000020000 : "" [ 948.795082][T22969] ftl_cs: FTL header corrupt! [ 950.738854][ T7153] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 952.541425][T23069] FAULT_INJECTION: forcing a failure. [ 952.541425][T23069] name failslab, interval 1, probability 0, space 0, times 0 [ 952.615212][T23069] CPU: 0 UID: 0 PID: 23069 Comm: syz.1.3435 Tainted: G L syzkaller #0 PREEMPT(full) [ 952.615240][T23069] Tainted: [L]=SOFTLOCKUP [ 952.615245][T23069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 952.615255][T23069] Call Trace: [ 952.615261][T23069] [ 952.615268][T23069] dump_stack_lvl+0x100/0x190 [ 952.615293][T23069] should_fail_ex.cold+0x5/0xa [ 952.615319][T23069] should_failslab+0xc2/0x120 [ 952.615340][T23069] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 952.615359][T23069] ? __d_lookup+0x25c/0x4a0 [ 952.615374][T23069] ? __d_alloc+0x34/0xa80 [ 952.615395][T23069] ? __d_alloc+0x34/0xa80 [ 952.615412][T23069] __d_alloc+0x34/0xa80 [ 952.615432][T23069] d_alloc+0x4a/0x1e0 [ 952.615451][T23069] lookup_one_qstr_excl+0x175/0x250 [ 952.615475][T23069] start_dirop+0x59/0xb0 [ 952.615491][T23069] simple_start_creating+0xf9/0x110 [ 952.615553][T23069] ? __pfx_simple_start_creating+0x10/0x10 [ 952.615571][T23069] ? mntput+0x70/0xa0 [ 952.615587][T23069] ? simple_pin_fs+0xa3/0x190 [ 952.615603][T23069] debugfs_start_creating.part.0+0x82/0x170 [ 952.615623][T23069] __debugfs_create_file+0xb3/0x4f0 [ 952.615643][T23069] debugfs_create_file_full+0x41/0x60 [ 952.615663][T23069] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 952.615689][T23069] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 952.615728][T23069] ? lockdep_init_map_type+0x5c/0x250 [ 952.615751][T23069] preinit_net.part.0+0x24e/0x8f0 [ 952.615775][T23069] copy_net_ns+0x339/0x7c0 [ 952.615792][T23069] create_new_namespaces+0x3ea/0xab0 [ 952.615815][T23069] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 952.615834][T23069] ksys_unshare+0x455/0xab0 [ 952.615856][T23069] ? __pfx_ksys_unshare+0x10/0x10 [ 952.615877][T23069] ? xfd_validate_state+0x129/0x190 [ 952.615906][T23069] __x64_sys_unshare+0x31/0x40 [ 952.615926][T23069] do_syscall_64+0xc9/0xf80 [ 952.615945][T23069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 952.615961][T23069] RIP: 0033:0x7f091d59aeb9 [ 952.615975][T23069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 952.615990][T23069] RSP: 002b:00007f091e3de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 952.616006][T23069] RAX: ffffffffffffffda RBX: 00007f091d815fa0 RCX: 00007f091d59aeb9 [ 952.616016][T23069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 952.616025][T23069] RBP: 00007f091d608c1f R08: 0000000000000000 R09: 0000000000000000 [ 952.616035][T23069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 952.616043][T23069] R13: 00007f091d816038 R14: 00007f091d815fa0 R15: 00007fff2b8a5498 [ 952.616064][T23069] [ 953.488232][T23091] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0 [ 953.535562][T23092] bond0: option arp_validate: invalid value () [ 954.324539][T23110] futex_wake_op: syz.3.3445 tries to shift op by -2048; fix this program [ 954.371550][T23110] futex_wake_op: syz.3.3445 tries to shift op by -2048; fix this program [ 954.426054][T23110] 0x000000000001-0x000000020000 : "" [ 954.469206][T23110] ftl_cs: FTL header corrupt! [ 954.891270][T23134] FAULT_INJECTION: forcing a failure. [ 954.891270][T23134] name failslab, interval 1, probability 0, space 0, times 0 [ 954.936414][T23134] CPU: 0 UID: 0 PID: 23134 Comm: syz.2.3453 Tainted: G L syzkaller #0 PREEMPT(full) [ 954.936440][T23134] Tainted: [L]=SOFTLOCKUP [ 954.936447][T23134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 954.936457][T23134] Call Trace: [ 954.936463][T23134] [ 954.936469][T23134] dump_stack_lvl+0x100/0x190 [ 954.936493][T23134] should_fail_ex.cold+0x5/0xa [ 954.936518][T23134] should_failslab+0xc2/0x120 [ 954.936539][T23134] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 954.936559][T23134] ? __d_lookup+0x25c/0x4a0 [ 954.936574][T23134] ? __d_alloc+0x34/0xa80 [ 954.936594][T23134] ? __d_alloc+0x34/0xa80 [ 954.936611][T23134] __d_alloc+0x34/0xa80 [ 954.936631][T23134] d_alloc+0x4a/0x1e0 [ 954.936650][T23134] lookup_one_qstr_excl+0x175/0x250 [ 954.936674][T23134] start_dirop+0x59/0xb0 [ 954.936690][T23134] simple_start_creating+0xf9/0x110 [ 954.936706][T23134] ? __pfx_simple_start_creating+0x10/0x10 [ 954.936723][T23134] ? mntput+0x70/0xa0 [ 954.936737][T23134] ? simple_pin_fs+0xa3/0x190 [ 954.936752][T23134] debugfs_start_creating.part.0+0x82/0x170 [ 954.936771][T23134] __debugfs_create_file+0xb3/0x4f0 [ 954.936792][T23134] debugfs_create_file_full+0x41/0x60 [ 954.936812][T23134] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 954.936837][T23134] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 954.936876][T23134] ? lockdep_init_map_type+0x5c/0x250 [ 954.936900][T23134] preinit_net.part.0+0x24e/0x8f0 [ 954.936923][T23134] copy_net_ns+0x339/0x7c0 [ 954.936940][T23134] create_new_namespaces+0x3ea/0xab0 [ 954.936962][T23134] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 954.936981][T23134] ksys_unshare+0x455/0xab0 [ 954.937003][T23134] ? __pfx_ksys_unshare+0x10/0x10 [ 954.937023][T23134] ? xfd_validate_state+0x129/0x190 [ 954.937051][T23134] __x64_sys_unshare+0x31/0x40 [ 954.937071][T23134] do_syscall_64+0xc9/0xf80 [ 954.937090][T23134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 954.937106][T23134] RIP: 0033:0x7f83e039aeb9 [ 954.937120][T23134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 954.937134][T23134] RSP: 002b:00007f83e12e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 954.937156][T23134] RAX: ffffffffffffffda RBX: 00007f83e0615fa0 RCX: 00007f83e039aeb9 [ 954.937167][T23134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 954.937177][T23134] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000000 [ 954.937187][T23134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 954.937196][T23134] R13: 00007f83e0616038 R14: 00007f83e0615fa0 R15: 00007ffd2d392c88 [ 954.937217][T23134] [ 957.192087][T23169] sysfs_service_op_show: Client not running :-5: [ 957.750728][T23186] futex_wake_op: syz.2.3461 tries to shift op by -2048; fix this program [ 957.782626][T23186] futex_wake_op: syz.2.3461 tries to shift op by -2048; fix this program [ 957.834516][T23186] 0x000000000001-0x000000020000 : "" [ 957.867069][T23186] ftl_cs: FTL header corrupt! [ 958.773503][T23216] FAULT_INJECTION: forcing a failure. [ 958.773503][T23216] name failslab, interval 1, probability 0, space 0, times 0 [ 958.797092][T23219] rnbd_client L213: map_device: Parameters missing [ 958.811798][T23216] CPU: 0 UID: 0 PID: 23216 Comm: syz.0.3468 Tainted: G L syzkaller #0 PREEMPT(full) [ 958.811825][T23216] Tainted: [L]=SOFTLOCKUP [ 958.811830][T23216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 958.811840][T23216] Call Trace: [ 958.811846][T23216] [ 958.811853][T23216] dump_stack_lvl+0x100/0x190 [ 958.811877][T23216] should_fail_ex.cold+0x5/0xa [ 958.811902][T23216] should_failslab+0xc2/0x120 [ 958.811923][T23216] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 958.811943][T23216] ? __d_lookup+0x25c/0x4a0 [ 958.811957][T23216] ? __d_alloc+0x34/0xa80 [ 958.811978][T23216] ? __d_alloc+0x34/0xa80 [ 958.811995][T23216] __d_alloc+0x34/0xa80 [ 958.812015][T23216] d_alloc+0x4a/0x1e0 [ 958.812034][T23216] lookup_one_qstr_excl+0x175/0x250 [ 958.812058][T23216] start_dirop+0x59/0xb0 [ 958.812074][T23216] simple_start_creating+0xf9/0x110 [ 958.812090][T23216] ? __pfx_simple_start_creating+0x10/0x10 [ 958.812107][T23216] ? mntput+0x70/0xa0 [ 958.812121][T23216] ? simple_pin_fs+0xa3/0x190 [ 958.812136][T23216] debugfs_start_creating.part.0+0x82/0x170 [ 958.812156][T23216] __debugfs_create_file+0xb3/0x4f0 [ 958.812177][T23216] debugfs_create_file_full+0x41/0x60 [ 958.812198][T23216] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 958.812232][T23216] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 958.812272][T23216] ? lockdep_init_map_type+0x5c/0x250 [ 958.812297][T23216] preinit_net.part.0+0x24e/0x8f0 [ 958.812320][T23216] copy_net_ns+0x339/0x7c0 [ 958.812337][T23216] create_new_namespaces+0x3ea/0xab0 [ 958.812359][T23216] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 958.812377][T23216] ksys_unshare+0x455/0xab0 [ 958.812399][T23216] ? __pfx_ksys_unshare+0x10/0x10 [ 958.812419][T23216] ? xfd_validate_state+0x129/0x190 [ 958.812448][T23216] __x64_sys_unshare+0x31/0x40 [ 958.812468][T23216] do_syscall_64+0xc9/0xf80 [ 958.812488][T23216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 958.812504][T23216] RIP: 0033:0x7f8c5bb9aeb9 [ 958.812518][T23216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 958.812533][T23216] RSP: 002b:00007f8c5c9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 958.812550][T23216] RAX: ffffffffffffffda RBX: 00007f8c5be15fa0 RCX: 00007f8c5bb9aeb9 [ 958.812560][T23216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 958.812569][T23216] RBP: 00007f8c5bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 958.812580][T23216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 958.812588][T23216] R13: 00007f8c5be16038 R14: 00007f8c5be15fa0 R15: 00007ffc183fd438 [ 958.812610][T23216] [ 959.208096][ T30] audit: type=1800 audit(4294967457.399:50): pid=23223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3470" name="dbroot" dev="configfs" ino=101117 res=0 errno=0 [ 959.457150][T23206] Process accounting paused [ 959.936066][T23241] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3474'. [ 960.011443][T23241] bridge0: entered promiscuous mode [ 960.042338][T23241] bridge0: entered allmulticast mode [ 960.055324][T23245] sg_write: data in/out 65500/90 bytes for SCSI command 0x0-- guessing data in; [ 960.055324][T23245] program syz.0.3473 not setting count and/or reply_len properly [ 960.505676][T23258] bridge_slave_1: left allmulticast mode [ 960.517624][T23258] bridge_slave_1: left promiscuous mode [ 960.540358][T23258] bridge0: port 2(bridge_slave_1) entered disabled state [ 961.794298][T23291] netlink: 354 bytes leftover after parsing attributes in process `syz.0.3485'. [ 962.190647][T23296] zswap: compressor not available [ 963.358320][T23330] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3497'. [ 963.525298][ T30] audit: type=1800 audit(4294967461.781:51): pid=23335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3499" name="dbroot" dev="configfs" ino=101843 res=0 errno=0 [ 963.578375][T23335] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3499'. [ 963.926869][T23323] Process accounting resumed [ 966.755079][T23424] sysfs_service_op_show: Client not running :-5: [ 966.803944][T23429] sysfs_service_op_show: Client not running :-5: [ 967.874960][ T7153] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6 [ 968.009114][T23479] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 968.016315][T23479] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 968.079370][T23481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3534'. [ 968.492679][T23501] : Can't lookup blockdev [ 968.955125][T23505] program syz.2.3540 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 969.750745][T23507] kexec: Could not allocate control_code_buffer [ 969.809173][T23514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3541'. [ 970.267285][T23532] random: crng reseeded on system resumption [ 970.958979][T23556] random: crng reseeded on system resumption [ 971.014159][T23559] rnbd_client L213: map_device: Parameters missing [ 971.183701][T23563] rnbd_client L213: map_device: Parameters missing [ 971.351956][T23566] GUP no longer grows the stack in syz.2.3554 (23566): 14000-18000 (4000) [ 971.384310][T23566] CPU: 0 UID: 0 PID: 23566 Comm: syz.2.3554 Tainted: G L syzkaller #0 PREEMPT(full) [ 971.384336][T23566] Tainted: [L]=SOFTLOCKUP [ 971.384342][T23566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 971.384352][T23566] Call Trace: [ 971.384358][T23566] [ 971.384365][T23566] dump_stack_lvl+0x100/0x190 [ 971.384389][T23566] gup_vma_lookup.cold+0x83/0x96 [ 971.384411][T23566] __get_user_pages+0x241/0x34d0 [ 971.384442][T23566] ? find_held_lock+0x2b/0x80 [ 971.384458][T23566] ? mtree_load+0x311/0xa40 [ 971.384476][T23566] ? __pfx___get_user_pages+0x10/0x10 [ 971.384504][T23566] get_user_pages_remote+0x3d2/0xb10 [ 971.384530][T23566] ? __pfx_get_user_pages_remote+0x10/0x10 [ 971.384555][T23566] ? noop_dirty_folio+0x98/0x160 [ 971.384581][T23566] __access_remote_vm+0x3ba/0xa70 [ 971.384606][T23566] ? __pfx___access_remote_vm+0x10/0x10 [ 971.384631][T23566] mem_rw+0x20a/0x640 [ 971.384650][T23566] vfs_write+0x2aa/0x1070 [ 971.384668][T23566] ? __pfx_mem_write+0x10/0x10 [ 971.384684][T23566] ? __pfx_vfs_write+0x10/0x10 [ 971.384699][T23566] ? find_held_lock+0x2b/0x80 [ 971.384715][T23566] ? __fget_files+0x215/0x3d0 [ 971.384738][T23566] ? __fget_files+0x21f/0x3d0 [ 971.384761][T23566] ksys_write+0x12a/0x250 [ 971.384778][T23566] ? __pfx_ksys_write+0x10/0x10 [ 971.384801][T23566] do_syscall_64+0xc9/0xf80 [ 971.384821][T23566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.384837][T23566] RIP: 0033:0x7f83e039aeb9 [ 971.384850][T23566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 971.384865][T23566] RSP: 002b:00007f83e12e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 971.384880][T23566] RAX: ffffffffffffffda RBX: 00007f83e0615fa0 RCX: 00007f83e039aeb9 [ 971.384891][T23566] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 971.384900][T23566] RBP: 00007f83e0408c1f R08: 0000000000000000 R09: 0000000000000000 [ 971.384909][T23566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 971.384918][T23566] R13: 00007f83e0616038 R14: 00007f83e0615fa0 R15: 00007ffd2d392c88 [ 971.384939][T23566] [ 973.936921][T23627] rnbd_client L213: map_device: Parameters missing [ 974.229329][T23639] netlink: 'syz.1.3570': attribute type 3 has an invalid length. [ 974.289158][T23639] netlink: 306 bytes leftover after parsing attributes in process `syz.1.3570'. [ 974.365971][ T30] audit: type=1800 audit(4294967472.678:52): pid=23635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3569" name="features" dev="configfs" ino=103614 res=0 errno=0 [ 976.812466][T23693] rnbd_client L213: map_device: Parameters missing [ 978.001437][T23712] rnbd_client L213: map_device: Parameters missing [ 978.368740][T23715] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3585'. [ 978.483558][T23718] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3585'. [ 979.976546][T23746] bridge0: port 3(team0) entered blocking state [ 979.982962][T23746] bridge0: port 3(team0) entered disabled state [ 980.149465][T23746] team0: entered allmulticast mode [ 980.160304][T23756] FAULT_INJECTION: forcing a failure. [ 980.160304][T23756] name fail_futex, interval 1, probability 0, space 0, times 0 [ 980.233584][T23746] team_slave_0: entered allmulticast mode [ 980.290517][T23756] CPU: 0 UID: 0 PID: 23756 Comm: syz.3.3594 Tainted: G L syzkaller #0 PREEMPT(full) [ 980.290547][T23756] Tainted: [L]=SOFTLOCKUP [ 980.290553][T23756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 980.290562][T23756] Call Trace: [ 980.290569][T23756] [ 980.290575][T23756] dump_stack_lvl+0x100/0x190 [ 980.290599][T23756] should_fail_ex.cold+0x5/0xa [ 980.290625][T23756] get_futex_key+0x1d2/0x1620 [ 980.290647][T23756] ? __pfx_get_futex_key+0x10/0x10 [ 980.290668][T23756] ? find_held_lock+0x2b/0x80 [ 980.290684][T23756] ? futex_wake+0x456/0x530 [ 980.290715][T23756] futex_wake+0xea/0x530 [ 980.290740][T23756] ? __pfx_futex_wake+0x10/0x10 [ 980.290762][T23756] ? __might_fault+0xc5/0x140 [ 980.290786][T23756] do_futex+0x32b/0x350 [ 980.290806][T23756] ? __pfx_do_futex+0x10/0x10 [ 980.290826][T23756] ? cap_task_prctl+0x104/0xa50 [ 980.290845][T23756] ? __pfx_sched_core_share_pid+0x10/0x10 [ 980.290864][T23756] __x64_sys_futex+0x34f/0x4d0 [ 980.290886][T23756] ? __pfx___x64_sys_futex+0x10/0x10 [ 980.290906][T23756] ? xfd_validate_state+0x129/0x190 [ 980.290935][T23756] do_syscall_64+0xc9/0xf80 [ 980.290963][T23756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 980.290979][T23756] RIP: 0033:0x7f38eab9aeb9 [ 980.290999][T23756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 980.291013][T23756] RSP: 002b:00007f38eb9960e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 980.291029][T23756] RAX: ffffffffffffffda RBX: 00007f38eae16098 RCX: 00007f38eab9aeb9 [ 980.291039][T23756] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f38eae1609c [ 980.291049][T23756] RBP: 00007f38eae16090 R08: 0000000000000000 R09: 0000000000000000 [ 980.291059][T23756] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 980.291069][T23756] R13: 00007f38eae16128 R14: 00007fff7e1e2cf0 R15: 00007fff7e1e2dd8 [ 980.291089][T23756] [ 980.507468][T23746] team_slave_1: entered allmulticast mode [ 980.515371][T23746] team0: entered promiscuous mode [ 980.520414][T23746] team_slave_0: entered promiscuous mode [ 980.526322][T23746] team_slave_1: entered promiscuous mode [ 980.532873][T23746] bridge0: port 3(team0) entered blocking state [ 980.539198][T23746] bridge0: port 3(team0) entered forwarding state [ 980.792509][T23759] rnbd_client L213: map_device: Parameters missing [ 981.835940][T23772] : Can't lookup blockdev [ 982.356713][T23779] program syz.0.3598 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 982.589783][T23782] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 983.925308][T23777] kexec: Could not allocate control_code_buffer [ 984.021625][T23810] rnbd_client L213: map_device: Parameters missing [ 985.888669][T23833] FAULT_INJECTION: forcing a failure. [ 985.888669][T23833] name failslab, interval 1, probability 0, space 0, times 0 [ 986.018748][T23833] CPU: 0 UID: 0 PID: 23833 Comm: syz.1.3610 Tainted: G L syzkaller #0 PREEMPT(full) [ 986.018776][T23833] Tainted: [L]=SOFTLOCKUP [ 986.018783][T23833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 986.018793][T23833] Call Trace: [ 986.018799][T23833] [ 986.018806][T23833] dump_stack_lvl+0x100/0x190 [ 986.018829][T23833] should_fail_ex.cold+0x5/0xa [ 986.018854][T23833] should_failslab+0xc2/0x120 [ 986.018875][T23833] ? tomoyo_encode2+0xfb/0x3c0 [ 986.018889][T23833] __kmalloc_noprof+0xf6/0x9c0 [ 986.018911][T23833] ? tomoyo_encode2+0xfb/0x3c0 [ 986.018924][T23833] tomoyo_encode2+0xfb/0x3c0 [ 986.018942][T23833] tomoyo_encode+0x29/0x50 [ 986.018955][T23833] tomoyo_realpath_from_path+0x18c/0x690 [ 986.018975][T23833] tomoyo_get_exe+0x63/0xa0 [ 986.018994][T23833] tomoyo_write_control+0x69e/0x13a0 [ 986.019020][T23833] ? __pfx_tomoyo_write_control+0x10/0x10 [ 986.019044][T23833] vfs_write+0x2aa/0x1070 [ 986.019061][T23833] ? __pfx_tomoyo_write+0x10/0x10 [ 986.019079][T23833] ? __pfx_vfs_write+0x10/0x10 [ 986.019094][T23833] ? find_held_lock+0x2b/0x80 [ 986.019110][T23833] ? __fget_files+0x215/0x3d0 [ 986.019129][T23833] ? __fget_files+0x21f/0x3d0 [ 986.019151][T23833] ksys_write+0x12a/0x250 [ 986.019167][T23833] ? __pfx_ksys_write+0x10/0x10 [ 986.019190][T23833] do_syscall_64+0xc9/0xf80 [ 986.019210][T23833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.019225][T23833] RIP: 0033:0x7f091d59aeb9 [ 986.019238][T23833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 986.019253][T23833] RSP: 002b:00007f091e3de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 986.019268][T23833] RAX: ffffffffffffffda RBX: 00007f091d815fa0 RCX: 00007f091d59aeb9 [ 986.019278][T23833] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 986.019287][T23833] RBP: 00007f091d608c1f R08: 0000000000000000 R09: 0000000000000000 [ 986.019296][T23833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 986.019306][T23833] R13: 00007f091d816038 R14: 00007f091d815fa0 R15: 00007fff2b8a5498 [ 986.019327][T23833] [ 986.019345][T23833] ERROR: Out of memory at tomoyo_realpath_from_path. [ 986.510827][T23842] netlink: 'syz.3.3612': attribute type 1 has an invalid length. [ 987.966054][T23850] : Can't lookup blockdev [ 987.972011][T23851] rnbd_client L213: map_device: Parameters missing [ 988.584771][T23867] program syz.1.3614 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 989.402318][T23883] Process accounting resumed [ 989.858177][T23896] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3624'. [ 990.347993][T23910] rnbd_client L213: map_device: Parameters missing [ 990.606868][T23913] netlink: 346 bytes leftover after parsing attributes in process `syz.3.3626'. [ 990.969190][T23853] kexec: Could not allocate control_code_buffer [ 991.776255][T23939] Setting dangerous option i915.mitigations - tainting kernel [ 993.050856][T23963] rnbd_client L213: map_device: Parameters missing [ 993.289463][T23969] netlink: 266 bytes leftover after parsing attributes in process `syz.2.3640'. [ 993.325986][T23969] IPv6: NLM_F_CREATE should be specified when creating new route [ 993.741857][T23983] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3642'. [ 993.812377][T23982] Process accounting paused [ 994.712389][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 994.724409][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 995.202803][T24012] ubi0: detaching mtd0 [ 995.257638][T24012] ubi0: mtd0 is detached [ 995.560525][T24018] rnbd_client L213: map_device: Parameters missing [ 996.485010][ T30] audit: type=1800 audit(4294967494.913:53): pid=24043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3657" name="features" dev="configfs" ino=105745 res=0 errno=0 [ 996.529064][T24046] sd 0:0:1:0: PR command failed: 1026 [ 996.560482][T24046] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 996.588328][T24046] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 997.518256][T24071] rnbd_client L213: map_device: Parameters missing [ 997.995203][T24056] Process accounting resumed [ 998.566695][T24085] zswap: compressor not available [ 999.709947][T24121] rnbd_client L213: map_device: Parameters missing [ 1000.399181][T24139] netlink: 'syz.2.3679': attribute type 5 has an invalid length. [ 1000.868515][ T7153] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 1001.177974][T24151] FAULT_INJECTION: forcing a failure. [ 1001.177974][T24151] name failslab, interval 1, probability 0, space 0, times 0 [ 1001.277521][T24158] zswap: compressor û not available [ 1001.482118][T24151] CPU: 0 UID: 0 PID: 24151 Comm: syz.1.3680 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1001.482148][T24151] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1001.482154][T24151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1001.482165][T24151] Call Trace: [ 1001.482170][T24151] [ 1001.482177][T24151] dump_stack_lvl+0x100/0x190 [ 1001.482201][T24151] should_fail_ex.cold+0x5/0xa [ 1001.482227][T24151] should_failslab+0xc2/0x120 [ 1001.482248][T24151] kmem_cache_alloc_noprof+0x83/0x780 [ 1001.482268][T24151] ? __kernfs_new_node+0xd2/0x960 [ 1001.482292][T24151] ? __kernfs_new_node+0xd2/0x960 [ 1001.482310][T24151] __kernfs_new_node+0xd2/0x960 [ 1001.482332][T24151] ? __pfx___kernfs_new_node+0x10/0x10 [ 1001.482357][T24151] ? find_held_lock+0x2b/0x80 [ 1001.482373][T24151] ? kernfs_root+0xee/0x2a0 [ 1001.482394][T24151] ? kernfs_root+0xee/0x2a0 [ 1001.482418][T24151] kernfs_new_node+0x11b/0x1a0 [ 1001.482442][T24151] __kernfs_create_file+0x53/0x350 [ 1001.482461][T24151] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1001.482484][T24151] internal_create_group+0x593/0xf40 [ 1001.482510][T24151] ? __pfx_internal_create_group+0x10/0x10 [ 1001.482534][T24151] ? kernfs_create_link+0x1bd/0x240 [ 1001.482553][T24151] internal_create_groups+0x9d/0x150 [ 1001.482575][T24151] device_add+0xf5b/0x1950 [ 1001.482597][T24151] ? __pfx_device_add+0x10/0x10 [ 1001.482617][T24151] ? lockdep_init_map_type+0x5c/0x250 [ 1001.482638][T24151] ? __init_waitqueue_head+0xca/0x150 [ 1001.482666][T24151] netdev_register_kobject+0x1a9/0x3d0 [ 1001.482686][T24151] register_netdevice+0x12b3/0x21d0 [ 1001.482704][T24151] ? __pfx_register_netdevice+0x10/0x10 [ 1001.482720][T24151] ? alloc_netdev_mqs+0x1163/0x14f0 [ 1001.482743][T24151] ? __pfx_loopback_net_init+0x10/0x10 [ 1001.482758][T24151] register_netdev+0x34/0x50 [ 1001.482772][T24151] loopback_net_init+0x7a/0x170 [ 1001.482786][T24151] ? __pfx_loopback_net_init+0x10/0x10 [ 1001.482800][T24151] ops_init+0x1e2/0x5f0 [ 1001.482824][T24151] setup_net+0x118/0x3a0 [ 1001.482838][T24151] ? __pfx_setup_net+0x10/0x10 [ 1001.482850][T24151] ? lockdep_init_map_type+0x5c/0x250 [ 1001.482870][T24151] ? mutex_init_lockep+0x110/0x150 [ 1001.482894][T24151] copy_net_ns+0x46f/0x7c0 [ 1001.482911][T24151] create_new_namespaces+0x3ea/0xab0 [ 1001.482932][T24151] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1001.482950][T24151] ksys_unshare+0x455/0xab0 [ 1001.482972][T24151] ? __pfx_ksys_unshare+0x10/0x10 [ 1001.482993][T24151] ? xfd_validate_state+0x129/0x190 [ 1001.483021][T24151] __x64_sys_unshare+0x31/0x40 [ 1001.483041][T24151] do_syscall_64+0xc9/0xf80 [ 1001.483061][T24151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.483077][T24151] RIP: 0033:0x7f091d59aeb9 [ 1001.483090][T24151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1001.483105][T24151] RSP: 002b:00007f091e3bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1001.483127][T24151] RAX: ffffffffffffffda RBX: 00007f091d816090 RCX: 00007f091d59aeb9 [ 1001.483137][T24151] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1001.483147][T24151] RBP: 00007f091d608c1f R08: 0000000000000000 R09: 0000000000000000 [ 1001.483156][T24151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1001.483166][T24151] R13: 00007f091d816128 R14: 00007f091d816090 R15: 00007fff2b8a5498 [ 1001.483186][T24151] [ 1002.688310][T24179] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3688'. [ 1003.663231][T24208] rnbd_client L213: map_device: Parameters missing [ 1004.519487][T24212] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1004.563780][T24212] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1004.599026][T24212] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1004.638804][T24212] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1004.704435][T24212] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1005.550811][T24247] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 1005.849915][T24251] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 1006.085824][ T7153] Bluetooth: hci4: command 0x0c1a tx timeout [ 1006.551979][T24283] rnbd_client L213: map_device: Parameters missing [ 1006.560419][ T7153] Bluetooth: hci0: command 0x0c1a tx timeout [ 1006.636268][ T7153] Bluetooth: hci3: command 0x0c1a tx timeout [ 1006.717904][ T7153] Bluetooth: hci2: command 0x0c1a tx timeout [ 1007.189823][T24301] ubi0: attaching mtd0 [ 1007.212677][T24301] ubi0: scanning is finished [ 1007.238358][T24301] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1007.477890][T24301] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1008.064185][T24331] rnbd_client L213: map_device: Parameters missing [ 1008.453218][T24337] FAULT_INJECTION: forcing a failure. [ 1008.453218][T24337] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.522157][T24337] CPU: 0 UID: 0 PID: 24337 Comm: syz.3.3721 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1008.522187][T24337] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1008.522193][T24337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1008.522204][T24337] Call Trace: [ 1008.522210][T24337] [ 1008.522217][T24337] dump_stack_lvl+0x100/0x190 [ 1008.522241][T24337] should_fail_ex.cold+0x5/0xa [ 1008.522267][T24337] should_failslab+0xc2/0x120 [ 1008.522288][T24337] __kmalloc_cache_noprof+0x80/0x810 [ 1008.522304][T24337] ? rcu_is_watching+0x12/0xc0 [ 1008.522318][T24337] ? snd_virmidi_input_open+0xc8/0x4d0 [ 1008.522339][T24337] ? snd_virmidi_input_open+0xc8/0x4d0 [ 1008.522355][T24337] snd_virmidi_input_open+0xc8/0x4d0 [ 1008.522375][T24337] open_substream+0x480/0x9e0 [ 1008.522397][T24337] rawmidi_open_priv+0x524/0x6f0 [ 1008.522420][T24337] snd_rawmidi_open+0x4c9/0xba0 [ 1008.522443][T24337] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1008.522465][T24337] ? __pfx_default_wake_function+0x10/0x10 [ 1008.522491][T24337] ? soundcore_open+0x231/0x5a0 [ 1008.522507][T24337] ? soundcore_open+0x231/0x5a0 [ 1008.522525][T24337] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1008.522547][T24337] soundcore_open+0x2e3/0x5a0 [ 1008.522566][T24337] ? __pfx_soundcore_open+0x10/0x10 [ 1008.522581][T24337] chrdev_open+0x234/0x6a0 [ 1008.522600][T24337] ? __pfx_apparmor_file_open+0x10/0x10 [ 1008.522619][T24337] ? __pfx_chrdev_open+0x10/0x10 [ 1008.522638][T24337] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1008.522661][T24337] do_dentry_open+0x73e/0x1570 [ 1008.522679][T24337] ? __pfx_chrdev_open+0x10/0x10 [ 1008.522697][T24337] ? security_inode_permission+0xbf/0x250 [ 1008.522722][T24337] vfs_open+0x82/0x3f0 [ 1008.522745][T24337] path_openat+0x21dc/0x3120 [ 1008.522769][T24337] ? __pfx_path_openat+0x10/0x10 [ 1008.522793][T24337] do_filp_open+0x1f7/0x420 [ 1008.522812][T24337] ? __pfx_do_filp_open+0x10/0x10 [ 1008.522842][T24337] ? _raw_spin_unlock+0x28/0x50 [ 1008.522858][T24337] ? alloc_fd+0x476/0x790 [ 1008.522880][T24337] do_sys_openat2+0x12e/0x220 [ 1008.522902][T24337] ? __pfx_do_sys_openat2+0x10/0x10 [ 1008.522932][T24337] __x64_sys_openat+0x12d/0x210 [ 1008.522955][T24337] ? __pfx___x64_sys_openat+0x10/0x10 [ 1008.522976][T24337] ? xfd_validate_state+0x129/0x190 [ 1008.523005][T24337] do_syscall_64+0xc9/0xf80 [ 1008.523024][T24337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1008.523041][T24337] RIP: 0033:0x7f38eab9aeb9 [ 1008.523054][T24337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1008.523069][T24337] RSP: 002b:00007f38eb9b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1008.523085][T24337] RAX: ffffffffffffffda RBX: 00007f38eae15fa0 RCX: 00007f38eab9aeb9 [ 1008.523096][T24337] RDX: 0000000000000800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1008.523105][T24337] RBP: 00007f38eac08c1f R08: 0000000000000000 R09: 0000000000000000 [ 1008.523115][T24337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1008.523125][T24337] R13: 00007f38eae16038 R14: 00007f38eae15fa0 R15: 00007fff7e1e2dd8 [ 1008.523145][T24337] [ 1008.987610][ T7153] Bluetooth: hci3: command 0x0c1a tx timeout [ 1008.997035][T24350] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3723'. [ 1009.301328][T24351] zswap: compressor not available [ 1009.480324][T24361] ------------[ cut here ]------------ [ 1009.486295][T24361] !reader [ 1009.486306][T24361] WARNING: kernel/trace/ring_buffer.c:7363 at ring_buffer_map_get_reader+0x659/0x880, CPU#0: syz.0.3727/24361 [ 1009.500932][T24361] Modules linked in: [ 1009.505251][T24361] CPU: 0 UID: 0 PID: 24361 Comm: syz.0.3727 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1009.516561][T24361] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1009.521863][T24361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1009.532000][T24361] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 1009.538528][T24361] Code: ff e8 4b e1 fb ff 48 8d 3d f4 db b0 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 28 e1 fb ff 90 <0f> 0b 90 e8 1f e1 fb ff 48 89 df 31 db e8 85 13 fe ff 48 8b 74 24 [ 1009.558139][T24361] RSP: 0018:ffffc9001956fd98 EFLAGS: 00010093 [ 1009.564216][T24361] RAX: 0000000000000000 RBX: ffff88813fe28800 RCX: ffffffff8209a447 [ 1009.572196][T24361] RDX: ffff888035ef8000 RSI: ffffffff820a6d38 RDI: ffff888035ef8000 [ 1009.580788][T24361] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 1009.588887][T24361] R10: 0000000000000000 R11: ffff88813fe288b0 R12: ffff88813fe288b0 [ 1009.596875][T24361] R13: dffffc0000000000 R14: ffff88813fe28990 R15: ffff88813fe28818 [ 1009.604896][T24361] FS: 00007f8c5c9ed6c0(0000) GS:ffff8881245e2000(0000) knlGS:0000000000000000 [ 1009.613913][T24361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1009.620502][T24361] CR2: 00007f8c5c989ff8 CR3: 000000002a4a2000 CR4: 00000000003526f0 [ 1009.628658][T24361] Call Trace: [ 1009.631941][T24361] [ 1009.635048][T24361] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 1009.641382][T24361] ? __fget_files+0x21f/0x3d0 [ 1009.646086][T24361] tracing_buffers_ioctl+0x30d/0x400 [ 1009.651366][T24361] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 1009.657171][T24361] __x64_sys_ioctl+0x18e/0x210 [ 1009.661932][T24361] do_syscall_64+0xc9/0xf80 [ 1009.666444][T24361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1009.672324][T24361] RIP: 0033:0x7f8c5bb9aeb9 [ 1009.676721][T24361] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1009.696328][T24361] RSP: 002b:00007f8c5c9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1009.704838][T24361] RAX: ffffffffffffffda RBX: 00007f8c5be15fa0 RCX: 00007f8c5bb9aeb9 [ 1009.712823][T24361] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 0000000000000003 [ 1009.720790][T24361] RBP: 00007f8c5bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 1009.728764][T24361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1009.736731][T24361] R13: 00007f8c5be16038 R14: 00007f8c5be15fa0 R15: 00007ffc183fd438 [ 1009.744789][T24361] [ 1009.747813][T24361] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1009.755078][T24361] CPU: 0 UID: 0 PID: 24361 Comm: syz.0.3727 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1009.766176][T24361] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1009.771356][T24361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1009.781405][T24361] Call Trace: [ 1009.784680][T24361] [ 1009.787596][T24361] dump_stack_lvl+0x100/0x190 [ 1009.792265][T24361] vpanic+0x20d/0x630 [ 1009.796232][T24361] panic+0xd1/0xd1 [ 1009.799938][T24361] ? __pfx_panic+0x10/0x10 [ 1009.804450][T24361] ? check_panic_on_warn+0x1f/0x90 [ 1009.809558][T24361] check_panic_on_warn.cold+0x19/0x34 [ 1009.814915][T24361] ? ring_buffer_map_get_reader+0x659/0x880 [ 1009.820806][T24361] __warn.cold+0x191/0x2f8 [ 1009.825209][T24361] __report_bug+0x296/0x3d0 [ 1009.829704][T24361] ? ring_buffer_map_get_reader+0x659/0x880 [ 1009.835584][T24361] ? __pfx___report_bug+0x10/0x10 [ 1009.840592][T24361] ? rcu_is_watching+0x12/0xc0 [ 1009.845359][T24361] ? trace_contention_end+0xd6/0x110 [ 1009.850821][T24361] ? rb_set_head_page+0x1e6/0x2f0 [ 1009.856462][T24361] ? ring_buffer_map_get_reader+0x659/0x880 [ 1009.862375][T24361] report_bug+0xb2/0x220 [ 1009.866620][T24361] ? ring_buffer_map_get_reader+0x659/0x880 [ 1009.872508][T24361] handle_bug+0x166/0x2a0 [ 1009.876918][T24361] exc_invalid_op+0x17/0x50 [ 1009.881417][T24361] asm_exc_invalid_op+0x1a/0x20 [ 1009.886255][T24361] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 1009.892754][T24361] Code: ff e8 4b e1 fb ff 48 8d 3d f4 db b0 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 28 e1 fb ff 90 <0f> 0b 90 e8 1f e1 fb ff 48 89 df 31 db e8 85 13 fe ff 48 8b 74 24 [ 1009.912446][T24361] RSP: 0018:ffffc9001956fd98 EFLAGS: 00010093 [ 1009.918510][T24361] RAX: 0000000000000000 RBX: ffff88813fe28800 RCX: ffffffff8209a447 [ 1009.926483][T24361] RDX: ffff888035ef8000 RSI: ffffffff820a6d38 RDI: ffff888035ef8000 [ 1009.934474][T24361] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 1009.942441][T24361] R10: 0000000000000000 R11: ffff88813fe288b0 R12: ffff88813fe288b0 [ 1009.950407][T24361] R13: dffffc0000000000 R14: ffff88813fe28990 R15: ffff88813fe28818 [ 1009.958372][T24361] ? rb_get_reader_page+0x667/0x11f0 [ 1009.963657][T24361] ? ring_buffer_map_get_reader+0x658/0x880 [ 1009.969535][T24361] ? ring_buffer_map_get_reader+0x658/0x880 [ 1009.975419][T24361] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 1009.981647][T24361] ? __fget_files+0x21f/0x3d0 [ 1009.986337][T24361] tracing_buffers_ioctl+0x30d/0x400 [ 1009.991611][T24361] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 1009.997404][T24361] __x64_sys_ioctl+0x18e/0x210 [ 1010.002166][T24361] do_syscall_64+0xc9/0xf80 [ 1010.006662][T24361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.012542][T24361] RIP: 0033:0x7f8c5bb9aeb9 [ 1010.016944][T24361] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1010.036552][T24361] RSP: 002b:00007f8c5c9ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1010.045064][T24361] RAX: ffffffffffffffda RBX: 00007f8c5be15fa0 RCX: 00007f8c5bb9aeb9 [ 1010.053031][T24361] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 0000000000000003 [ 1010.061006][T24361] RBP: 00007f8c5bc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 1010.068973][T24361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1010.076935][T24361] R13: 00007f8c5be16038 R14: 00007f8c5be15fa0 R15: 00007ffc183fd438 [ 1010.084902][T24361] [ 1010.087963][T24361] Kernel Offset: disabled [ 1010.092275][T24361] Rebooting in 86400 seconds..