last executing test programs: 5.30921882s ago: executing program 1 (id=1009): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/transparent_hugepage/hugepages-256kB/stats/anon_fault_fallback_charge\x00', 0x7c801, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000480)='-', 0x1) r1 = socket(0x2, 0x5, 0x0) setsockopt$auto_SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)='}]\x00', 0x10) r2 = socket(0x2, 0x801, 0x106) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={0x0, 0x698}, 0x1, 0x0, 0x0, 0x8004}, 0x20004881) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_MSG_INFO(0xbbe, 0xc, &(0x7f00000001c0)={{0x1, 0xffffffffffffffff, 0x0, 0x9, 0x4, 0x7, 0x16da}, &(0x7f0000000140)=0x9, &(0x7f0000000180)=0x4, 0xfffffffffffffff6, 0x8, 0x200, 0x66, 0x9ad, 0x2, 0xf, 0x6, @raw=0x2}) sendmsg$auto_NL802154_CMD_DISASSOCIATE(r1, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000240)={0x234, r3, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_SCAN_CHANNELS={0x8}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x368d}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x18}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0xd3}, @NL802154_ATTR_SEC_DEVICE={0x64, 0x2e, 0x0, 0x1, [@typed={0x8, 0x27, 0x0, 0x0, @uid=r4}, @nested={0x58, 0x7, 0x0, 0x1, [@generic="49f5107ac42e9ecfd248537e9bdbbaeb124b46482787aa5803d5f54721e8fff0473ed646f9a0266b4d1d8fcb8de2dcc982c3766df7c211f386e3f69b745f5bfe3bc1e36713bc6a7cf03ac43f13115194", @nested={0x4, 0xbd}]}]}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x2}, @NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0xe}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x6}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xfa}, @NL802154_ATTR_COORDINATOR={0x179, 0x1e, 0x0, 0x1, [@generic="c28edeb299568c291c04e377b312c00ce07243d1a1b6d86f7cb9edf158d860e4fabfb3ed11348f129f7ead00489f49ef40e1d34bfe3d929bc7afdb4252596f3d514573030d07b2b5600aaa6c6b8826cfa7faa7b1eb4479d348332cbd1587c643daabd97d68313a7a4307d98146d9dddfa648644fc751d4cf78a216d7a5", @generic="ee74008ec23f57a03b0836596de9facb682a39ee76e621cd36eb202b3a387cfa154cdd9900a8f1ea787c52d254fe0b2cbc68feae17eaaa44cd3a57734007d05f012060c2f7a73490c5e262ea8181c875d981aafbddd8cfcd7caf457e308d4bd115f5eda43562b52b83932907ff8c26fa2587efcc8cd7adf6c2389ebc83c67791ab130ed151a7bd373de8bc760da45752dae12fb5475bb7d70a51dab65f3592792e52e956b3e0ff72fd0451398d1c73793744c66e396c0e0aa9bc9e01711b857362c982bd98afe76099ce64c05973e866cf1f2cf9911346300231ff11fada9d9b5a0376014028d838fe3d1c3a2b8fd01c", @typed={0x8, 0xe4, 0x0, 0x0, @uid=0xee00}]}]}, 0x234}, 0x1, 0x0, 0x0, 0x4000880}, 0x40000) 5.150302665s ago: executing program 1 (id=1012): mmap$auto(0x0, 0x400008, 0x1, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000100)={0x0, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0xe63c, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c2, 0x8000c, 0x100000000}}) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffbfffd}, 0xffff}, 0x4000, 0x20000043) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x1, 0x2, 0x40eb2, r0, 0x308000000000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) capset$auto(0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd13/queue/rotational\x00', 0x10b142, 0x0) sendfile$auto(r2, r2, 0x0, 0x2f2) write$auto(0xffffffffffffffff, 0x0, 0x8000007f) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram8\x00', 0x16fa02, 0x0) sendfile$auto(0x3, r3, 0x0, 0x400000000006) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/task_delayacct\x00', 0x80282, 0x0) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000500)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="6f020000", @ANYRES64=r1, @ANYBLOB="010125bd7000ffdbdf253900000008002201000000000800cb0008000000080069000200000048021780c6000400209fefadab277c45ce748fc903f173092f1afddf0032efccad8abf012771d81bfba75b782cbe6b0dd9ceeadfa051c3ad0c43406b45b97c814ebbb06ef2538309733c9054dad4d726da9db67ecebfedd2564fc30566e48ef5ca30aeca7a5e7d918a8cebbee5c598840ca10657b6886dff3c210552f62c380eb33364aa5098f8dc2c80b2d11ab7e112822eb2e87097323551600579d8797c8921d584479bda29efe4eb45afb3412a3404761fa7ae318e7b3c6b40936d2a8f0c686ed05b08084a50a8420000e7000500e087bf0e5a68c7978143293f6185558f93fc51712238675552762fe579f1f688e2c5c1c347dc39a2e5e01c095338b23401c4687bd3e51c1f2b1de79608e9238fb5ac6fcc3a9fbc10bd16e70b7be8ed878e46e48348081592311cfdcac043f0ab8d299147c8f626ae39236f619a6a85ad65597ea1e2d00bfe7f71c312d23b4e4ca63b4cfebde114d4f69da609b8be59ce7512a3666c6a9d637fb07a983ff4f1b2f57f421eec44473f62deaae80b225c005a3300a86b6f1073d919e394647e2b5c1e350f1d6c216a7756ed07c2790d9efb8ec74372272347709a954eb6247d64bb2172ca00920005006afad07a8121721e261dcba218ca28551a5a9df35096bdba7206d5f9e8a882a7deb4dd5988491a0cb0a87c29282479e8636383920c5dd61c2d2fcf1f778ee9a90f405a92d796622fbc09b8e74e3f0fa0eec2a19ca15045b75e197bda3784edc103493f32308f62bbede6ac43043455038253ccc4e7a9292dbb45dea1d5047ad843d495f3cccd6894cc6e1dd09a7a0000", @ANYRESDEC=r2, @ANYRESDEC=r1], 0x274}, 0x1, 0x0, 0x0, 0x24008881}, 0x1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_async\x00', 0x48040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000ec0)=""/4096, 0x1000) shutdown$auto(0x200000003, 0x2) mmap$auto(0xfffffffffffffffe, 0xffffffff, 0x20000006, 0x14, 0xfffffffffffffff7, 0x8000) listmount$auto(&(0x7f0000000080)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x8}, 0x0, 0xf4240, 0x1) socket$nl_generic(0x10, 0x3, 0x10) 4.418779012s ago: executing program 1 (id=1015): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6c000000bfbe4fe78535528375c691b5ad7df8448eb30331fef2f2a33ba39882be1807ccbface2a501940af821d0053a7a4ebbe58982d15dc58879e08070017d14a750e4c02b385beb591658f648069173f763937f4490cf9e82280eaacaaeeeee0f8c9e7ac526a22bc07bc30b439ed83fc50f68590404d858d3a086d2fc0b937eaddf19139a3e8875e45650a1dc61b2d8b5af0b0411085d0b3b11", @ANYRES16=0x0, @ANYRES8=0x0, @ANYRES32=0x0, @ANYRES8, @ANYRES32=0x0], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20000001}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x22, 0xa, 0x4) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x6) sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022bbd7000fcdbdf252d"], 0x14}, 0x1, 0x0, 0x0, 0x4000810}, 0x20008004) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x40000) socket(0x27, 0x80802, 0x0) r0 = mq_open$auto(0x0, 0x7, 0x0, 0x0) mq_notify$auto(r0, 0x0) poll$auto(&(0x7f0000000280)={0xffffffffffffffff, 0x8, 0x6}, 0x43, 0x5ff7) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mmap$auto(0x0, 0x400008, 0xa, 0x9b72, 0xc, 0x800008000) writev$auto(r0, 0x0, 0x401) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0) r2 = open(0x0, 0x460342, 0x100) copy_file_range$auto(r2, 0x0, r2, 0x0, 0x8000000000000002, 0x0) ioctl$auto_BLKPG2(r1, 0x1269, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x5) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) setitimer$auto_ITIMER_PROF(0x2, 0x0, 0x0) socket(0x10, 0x2, 0x0) setresgid$auto(0x81, 0x800000a0, 0x8) setgroups$auto(0xc00000000, 0xfffffffffffffffc) 4.046714926s ago: executing program 3 (id=1017): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = open(0x0, 0x761800, 0x415) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0x6, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) mmap$auto(0x7fffffffffffffff, 0x4000002020007, 0x8, 0x40000007fff, r2, 0x205) r3 = socket(0xa, 0x1, 0x84) r4 = openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0xc0501, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x1, 0x84) capset$auto(0x0, 0x0) r5 = open(0x0, 0x22240, 0x154) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048084) bpf$auto(0x0, &(0x7f0000000400)=@link_update={r5, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) sendmsg$auto_TCP_METRICS_CMD_DEL(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYRESHEX=r5, @ANYRES16, @ANYRESHEX, @ANYRES16=0x0, @ANYRESDEC=r4, @ANYRES32=0x0], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0xa040) sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9f825dbe", @ANYRES32=r3, @ANYRES8=0x0], 0x30}, 0x1, 0x0, 0x0, 0x1001}, 0x80) close_range$auto(0x2, 0x8, 0x5) unshare$auto(0x40000080) ioctl$auto_PPPIOCBRIDGECHAN(r1, 0x40047435, &(0x7f0000000180)=0xa786) setpriority$auto(0x2, 0x0, 0x80000) 3.071384911s ago: executing program 2 (id=1021): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_CREATE(r1, 0xc02054a5, &(0x7f0000000000)={0x3ff, r0, 0x5, "7a4d110194a277faa573a1ce29af92fe"}) pread64$auto(r2, &(0x7f0000000040)='/dev/kvm\x00', 0x1, 0x5) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) 2.894085821s ago: executing program 3 (id=1022): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, 0x0, 0xf) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) socket(0xa, 0x1, 0x84) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0xc0501, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) socket(0x10, 0x2, 0x0) capset$auto(0x0, 0x0) r0 = open(0x0, 0x22240, 0x154) bpf$auto(0x0, &(0x7f0000000400)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) 2.768080683s ago: executing program 0 (id=1023): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000300)={0x28, r2, 0x159198c6007aa95d, 0x70bd29, 0x25dfdbfc, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0x8, 0x4, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0xc0}, 0x40) sendmsg$auto_OVS_METER_CMD_DEL(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r2, 0x800, 0x70bd2d, 0x25dfdbfc, {}, [@OVS_METER_ATTR_STATS={0x14, 0x3, {0x6c63, 0x5}}, @OVS_METER_ATTR_CLEAR={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x800) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x4, 0xffffffffffff0009, 0x18) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r3 = prctl$auto(0xcd6, 0x4000000000000001, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mremap$auto(0x0, 0x100000000, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) brk$auto(0x7fffffffafff) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000040), r3) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/pcmC1D0c\x00', 0x545900, 0x0) 2.721616338s ago: executing program 1 (id=1024): socket(0x80000000000000a, 0x2, 0x0) socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS2\x00', 0x101000, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x900, 0x0) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/loginuid\x00', 0x1a9602, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = open(&(0x7f0000000180)='./file0\x00', 0x440, 0x57e) fcntl$auto_F_ADD_SEALS(r0, 0x410, 0x0) utimes$auto(&(0x7f0000000000)='./file0\x00', 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0x40a0ae49, 0xffffffffffffffff) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0) capset$auto(0x0, 0x0) capget$auto(0x0, &(0x7f00000000c0)={0x5, 0x3, 0x3}) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x8a002, 0x0) ioctl$auto(r2, 0x5319, r2) socket(0x10, 0x2, 0x4) 2.561827256s ago: executing program 2 (id=1025): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x6) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptyub\x00', 0x8000, 0x0) copy_file_range$auto(r0, &(0x7f0000000180)=0x7, r1, &(0x7f0000000200)=0x6151, 0x101, 0xfffffffa) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20008, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r4, 0x110, 0x2, 0x0, 0x40000) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r2) sendmsg$auto_NL80211_CMD_ADD_LINK(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x48000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, r5, 0x20, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xffff2618}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x400c800) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) connect$auto(0x3, &(0x7f00000000c0), 0x55) write$auto(0x3, 0x0, 0x800) 2.398401206s ago: executing program 3 (id=1026): syz_genetlink_get_family_id$auto_mac802154_hwsim(0x0, 0xffffffffffffffff) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x0, 0x5) ptrace$auto_PTRACE_LISTEN(0x4208, r0, 0x2, 0x1) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x80402, 0x0) pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdds\x1cJ\x99\x00:/\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\xadCl\x9e\xeb\xcd\vp\x99\x00\xc8eX\xdc3\x02l@\x18*\xc0\xc1\xf2\x14^\x89/\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0A\x94\xa3\xaef\x87\xd8\x95I\xfd\xa8\t\xac\x87\xb7\x1d\xd5\x83\xdcyu]\xde\xbe\xbf$<.}\x8b`\x04\xfc\xa2\xab\xb5]\x80\x00\xb9D\xc5\xbc\xf2a\xd66\xa5\xd3\xc1r\x96\x1e\x8db\x05=`\x01\x11\x04Tz\x87A$\x115\x95PUf\xa7\xfe\x19\x00\x82go}@W\xd5\xaej\x01\xbf>5n\x17S\xc0\x8a\xaf%O\xd1W\xa3ua+sUJ\xea\xf9\xb7p-\x128\x9d\xbaM_\xff\x1c\xc3sG\x04\xf2\xd3\xf3{;\xd4\xd7\x1c\x1dZ\xe9\xe9\xc9\x9cu5\xe9\xa2\xb3N\xd2\xc1\xc8\xa5\xadt\xd5BKD\x86\xeb%\a*\x06\xbb\x1e\xfb\x11U\f&\xcbP\xf1\xcf\xccb\xe8Wb\xc5ae\xe3\xf9l\xa9vK\xed\x8cL\xfb%g\x83;\xe1\xe2w\xd6\xaa6\x16\x8fx\x1a\xd7\xc8\xf4[\xbc\b\xe1Z\x92\x14Q\xde0xffffffffffffffff, &(0x7f0000000100)="4d22318a15de7ccf53948cfedabdee368ae329ff38da40019c538dd728a79901f25562df7049aa1277626ce765e502668e81ff8683a8d92395eb495ea367afccb6f7301e4a705a948444a294fed5e82ae570a9dbb393abd65ee98c7dc27d7bdd5f36c9c650c3be38", 0x8, &(0x7f0000000200)="b5c705f9acbda7a845391c7f278a18d6fa94759a7855f96ae450c216dbef02bcaccdce62a736ee303557c705d4a35ebaa87ee67a18281f39434cbc1edea48577bb6b80e9433a2920a41b7b20fa97ee66c069617f753801e2fb5d2fc8f5e3b3c7e6f483965bf60615b1d309177a6ec68334a60261f3e230b5144dfc62b703f6f5a969ce638c78e963a3516093fca2397a7e47996693c258e4de4a3b8077bb26a0545a635a52e68c81265a9b5f96ac6a94ad66c04b6b196b7f", 0xc, &(0x7f0000000480)="30d62a909ea6554a1bfdb4a0a00472d727351bb557087b59211c19f3520cc3921005d9573db48ec0b42db1c954bc95f9d4658cf761dcae7bc9b10d79cac26143ec5463f6c90018e726cc296eadd027b191c9ddf5f67810bb8daa5dfa11b0a8f1bf4b1ebee01e0ca4fd789d2f46123a058d569a387619c60695bfd87dc2686dcd597cb4cc919f0fe81ce3f11f6f17b859786aa5284b6dfb1be61c4155a125294c5e8093313b23b590fc05eb278f9b723ce98a4b167947189c0478c5419315055ece3093dbcda61646b3082ca7fb6ebd8de12e242304558ee26432c0580496646a29adfb0102f35f834722b28c", &(0x7f0000000040)=0x5}) setsockopt$auto_SO_ATTACH_REUSEPORT_EBPF(r0, 0x200000, 0x34, &(0x7f0000000600)='/sys/kernel/kexec_crash_size\x00', 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/kexec_crash_size\x00', 0x302, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) ioctl$auto(0x3, 0x541b, 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000003c00)={&(0x7f0000000380)=ANY=[@ANYBLOB="e0000000", @ANYRES16, @ANYBLOB="000127bd7000fcdbdf251200000005000c00ff0000000800010000000000a00019007dba6907273140a43172cc0f5945474437143f69a5777674364501bd4661e84d7eeab5f94717d98d0624f33f803fbd6a756bebd8e1f84dc9170d"], 0xe0}, 0x1, 0x0, 0x0, 0x2}, 0x8) ioctl$auto_RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, &(0x7f0000000440)=0x77b) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/tty/ttyv7/power/control\x00', 0x22902, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) io_uring_register$auto(r3, 0x15, 0x0, 0x9) r4 = socketcall$auto(0xa, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000002c0)={{0x0, 0x9, &(0x7f0000000080)={&(0x7f0000000180)="cb7978ababe605edf078e6f2726ae03e663c080c0d6c169eec931ca2ea579299bf44495b1fe078f2e9c5586aa59caa813549", 0x1}, 0xfffffffffffffff7, 0x0, 0x6, 0x24f}, 0x800}, 0x8, 0xff) fcntl$auto_F_SETSIG(r1, 0xa, 0x8) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r2, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) ioctl$auto_KVM_CREATE_VM(r2, 0xae80, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) write$auto(r6, 0x0, 0x0) 2.109333712s ago: executing program 1 (id=1029): mmap$auto(0x2000000000, 0x80002020009, 0x8, 0xeb1, 0xffffffffffffffff, 0x28974783) r0 = openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim1/psample/enable\x00', 0x169a02, 0x0) write$auto_nsim_psample_enable_fops_psample(r0, &(0x7f00000005c0)='Y', 0x1) (async, rerun: 32) r1 = ioctl$auto_TUNSETLINK(0xffffffffffffffff, 0x400454cd, &(0x7f0000000000)=0x8006) (rerun: 32) ioctl$auto_BLKRRPART(r1, 0x125f, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/set_event\x00', 0x1d7080, 0x0) (async) io_uring_setup$auto(0x59, 0x0) (async, rerun: 32) unshare$auto(0x40000080) (rerun: 32) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) listen$auto(0x3, 0x81) (async) mmap$auto(0x2, 0x2020009, 0x8000000000100003, 0xeb3, 0xffffffffffffffff, 0x8000) (async, rerun: 32) r2 = prctl$auto(0x4, 0x1, 0x4, 0x2007, 0x5) (async, rerun: 32) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x7ff, 0x15) (async) syz_genetlink_get_family_id$auto_ethtool(0x0, r2) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) socket(0xc, 0x6, 0x10) (async) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), 0xffffffffffffffff) (async) io_uring_setup$auto(0xa, 0x0) (async) madvise$auto(0x0, 0x200007, 0x0) (async) madvise$auto(0x66c, 0x10, 0x6) (async) syz_clone3(&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x9, 0xb0e, 0x8000000000000001, 0x8000017, 0xffffffffffffffff, 0x7ffc) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040044}, 0x404c810) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000005e00)={0xc, 0xf1, "82a0d48cb31f0af60467f04b"}, 0x80400001) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000}, 0x4) (async) sysfs$auto(0x2, 0x23, 0x0) 1.947491525s ago: executing program 0 (id=1030): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), r0) (async) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async) socket(0x6, 0x2, 0x4) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async) rseq$auto(&(0x7f0000000280)={0xe, 0x403, 0x7, 0x80b, 0x83, 0x2}, 0x1, 0xffffffff, 0x8000006) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001480)='/proc/sys/net/ipv6/conf/geneve0/disable_ipv6\x00', 0x40001, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x2, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x10, 0x29f, 0x100, 0x8, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000002}}) (async) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) r2 = eventfd$auto(0x4) syz_genetlink_get_family_id$auto_ovs_vport(0x0, r2) (async) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), r2) (async) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0xfff) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) (async) io_setup$auto(0x7ffe, 0x0) (async, rerun: 64) open(0x0, 0x0, 0x154) (async, rerun: 64) pipe$auto(0x0) (async) read$auto(0xffffffffffffffff, 0x0, 0x1f46) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x443001f86cb35905, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) mlockall$auto(0x7) (async, rerun: 64) ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, 0x0) (async, rerun: 64) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0) 1.710935693s ago: executing program 3 (id=1031): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = open(0x0, 0x761800, 0x415) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0x6, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) mmap$auto(0x7fffffffffffffff, 0x4000002020007, 0x8, 0x40000007fff, r2, 0x205) r3 = socket(0xa, 0x1, 0x84) r4 = openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0xc0501, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x1, 0x84) capset$auto(0x0, 0x0) r5 = open(0x0, 0x22240, 0x154) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048084) bpf$auto(0x0, &(0x7f0000000400)=@link_update={r5, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) sendmsg$auto_TCP_METRICS_CMD_DEL(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYRESHEX=r5, @ANYRES16, @ANYRESHEX, @ANYRES16=0x0, @ANYRESDEC=r4, @ANYRES32=0x0], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0xa040) sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9f825dbe", @ANYRES32=r3, @ANYRES8=0x0], 0x30}, 0x1, 0x0, 0x0, 0x1001}, 0x80) close_range$auto(0x2, 0x8, 0x5) unshare$auto(0x40000080) ioctl$auto_PPPIOCBRIDGECHAN(r1, 0x40047435, &(0x7f0000000180)=0xa786) setpriority$auto(0x2, 0x0, 0x80000) 1.51268569s ago: executing program 0 (id=1032): mmap$auto(0xfffffffffffffffc, 0xf7, 0xdf, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) r0 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x101040, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='#\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x5) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000b40), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SEG6_CMD_DUMPHMAC(r2, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x30, r1, 0xf00, 0x70bd2a, 0x25dfdbfc, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x8}, @SEG6_ATTR_DST={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @broadcast}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x20000894) syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000040), r2) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000240), 0xffffffffffffffff) r4 = getpgid(0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_SEC_KEY(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={0x0, 0x110}, 0x1, 0x0, 0x0, 0x8800}, 0x0) msgctl$auto_IPC_RMID(0x101, 0x0, &(0x7f00000001c0)={{0x6, 0xffffffffffffffff, 0xee00, 0xb, 0x2, 0x10001, 0xfffa}, &(0x7f0000000140)=0x3, &(0x7f0000000180)=0xd1, 0x4, 0x3ff, 0x4, 0x1, 0x101, 0x5, 0x0, 0x8, @raw=0x7, @raw=0x8}) sendmsg$auto_NL802154_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000600)={&(0x7f0000001400)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="00012dbd7000fcdbdf252800000024042b806e02838008001b00", @ANYRES32=r5, @ANYBLOB="14001700fe8000000000000000000000000000bbe99665da9e0f61b41a96cf58d83ac0f20a7379b7ff999a8d5254d0875101f9a1828d7e9de57578de0340d5afc14399fa36f14e6e5bbaef80787a39d312ddfc6f9d669c752e6e568e16c7428e6a05b80b06c3e9a6e48bed025161e3cccba245ebf7734bb7acaf8f56e668c9a3b75d36859c04d5c0748b10e6f728273f79ab97848cbb1adb58a6c774b4b87add58ad64e2db25afc9945b8c1acc8f102ca4bf323a0898b82379375bcd01ad926eaf31ad5716828901f18008007f00", @ANYRES32=r5, @ANYBLOB="d500ac8012aacd7c34def34184b816c34991799dc6e8ba26f73ac929741f159786f1da907cae97bdb32b09c961450b19b097bf9c7efea2697163c0bb15eb2b285d74474a965be708006700ffffffff2ec28c72a8d635e777d0597688ed2dba673962e570b8ecf3ef8684edf81baaa2df3c994536f009a091039ae9eccf5a824eae3c6d9ae28d372b15cfaefef5e932401f7aaa444f2e5eb852d72201bb2695ed7f8af6ceefb37fc81fb07312bf6109177085341df994c8604f7cf50c4ad2caf31963c4fd320800e800", @ANYRES32, @ANYBLOB='\b\x00:\x00', @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\b\x00V\x00', @ANYRES32=r5, @ANYBLOB="5c004a807e3e5c0f7620de5844cd455a1fbbe8977bb85f592579ada64ebd5e9f80ee09ca2edd2a4eaa9b1174fbef95f0ccb08784e7394fc2b54332aef564fcf8a9cb0c1691546c990514f43a0f0082002f6465762f6877726e670000fcadba752f1c5b226d85b779551a1e323c934d33c8c749347219d08be596a19699642ae9d3170c3b0d62e17406062810f52f97a59539a7419fd6ceb1a8013776c200000004005c800400398005004e00000000000000a001418004004b8004000080fda1c315f077334e65804f71355c99c5c32d2838b5e579b7dc504136cae711e20ed34b2a33787dd5fd11da434903deea047d13f1812e83c5c7426ce6c8bce45a252d65032f8733451c36c36265367ca752657c5d0bddae7f2021c64e760a734f42bd1b1f08ac93230f63f2c29636fe46e87022cb47a99210056cc22939954c510987e36208002a000a01010208002f00", @ANYRES32=r0, @ANYBLOB="1400cb00fe800000000000000000000000000013ee08aea69a3da0a253a493da74172555c26636c499c0507049ce8e27998a18294de8d69031eca6877f9c794b9cf78636d370dfda972d9dd48bb782118d414bd092fd3861ebaf84312fa8c6198e14794e7f466d9b7f924712b6e47c3f35f1ea05e996e651518376990a39d49b3483c27f366c746e4488ea5b0493487e9a16ef289de7d2c8bb27c89e6f105985dc61fea72e2e68054c5593e561313e4d0dc946d0ab9f9293dd3646afa698f6086090ffe647b2b9beb4a5076b249bd9ca1ac8f69743be0e5fb6540663b2081709a12571d50d13347f6c8965c0a9694e2a95b6732537e934c8", @ANYRES32=r4, @ANYBLOB="6dfd391f4b8da33f325dffffffffffffff80ad03ecda66d6c47be26da1a6088824bd64faf0eeb73871fb4e2044dcc8c1727de2c4af6f7ccc8be7e10f55055681892b3bc48796b9dada20bcd773b8ac98cdfbaa46b216ca54868a6a092aeb880304dbf60467dd5da0ceb707a5de75ff65051ffdfe68d773d1887d4a07d6db47a29ea2365b633cd06034272b896f9758e4f76cb76a1e078867555d97b713e1b465831ca8205255208082e8787a80476afb6f2fcb0569b3f58ebd0e5c93f8b1ed7ffbe55e7863fe7781454ce17688a33a830c9c83b3cacd28683fd84c77fdd2085164a8fffdca56548dcef23c250f62604ea269f7dbecbbdeb65d55cdef1d03cc1f822facbc0b4d0df4ad2cf7333e965ec40dffdf2215605158154601f7a23df235c5134b4d4a18fb73a6804533ab167213a9d54684d84fe9e1dd4f4fa70989b94c81d72925016b880a0c74dd7660b98b337deaaf605ea24c3059e23466cadec33f1ec36eff99a941bfd2f9929230af6547b635c992ae0b62aca4e448071ed222e4f262e2e6e9a0c31f4650a68a13a546b5546063c3e9ea5aebcdfcc849f9422ee674192b269526b9848738c939301d5db7ba5b69fc"], 0x438}, 0x1, 0x0, 0x0, 0x8008}, 0x20000000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0xe2, 0x7, 0xdf, 0x9b72, 0x2, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7) write$auto(0x1, 0x0, 0x80000000) 1.213389481s ago: executing program 2 (id=1033): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x2000000, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) pidfd_open$auto(0x1, 0x0) 981.266771ms ago: executing program 3 (id=1034): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r0, 0x9, &(0x7f0000000000), 0x1) fsconfig$auto_FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='[\x00', &(0x7f0000000040)="92d5450d1a4a27f4b1ddb9d2b770a97f3c371d57b686b4a849955a55257f6b554bd1713316c2d60dcaa42214794f7747e16c3f2b939b151a1980ca1b6d7dc0d9d2c1e8c6fcf6bda91fc01fc19c7e680f679b7227f5ea04621e593e3dbccb34b24cf3ca43a632283dd57fce37f6c965530989ebf25f07741c23e6424d5b27ee321c85bf1714f6d618c09ab27ee11b1a94b410fa69f5e77b2fc0da9986311c874aaa69c9ccce0ac88e0d606873b334c717003c875158537479ea354e0e5c06821c7d29412581d289eb6f35eab44543106d715935f2c0844a015610534cac274e41aef6798577558a9975d352a89cf88b19b89ee4", 0x40) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x800, 0x0) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) mmap$auto(0x0, 0x202000c, 0x1, 0xeb1, r1, 0x8000) listmount$auto(&(0x7f0000000080)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x8}, 0x0, 0xf4240, 0x1) lsm_set_self_attr$auto(0x9, 0x0, 0x80, 0x0) timer_settime$auto(0x0, 0x8, &(0x7f00000000c0)={{0x8}, {0x0, 0x87}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x2, 0x1, 0x0) r3 = getsockopt$auto(r2, 0x6, 0x23, 0x0, &(0x7f00000000c0)=0x28000) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) mprotect$auto(0x0, 0x806121, 0x8) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x1c, r5, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1010}, 0x800) syz_clone(0x60011, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.2/usb3/devpath\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000000040)=""/44, 0x2c) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r8, 0x0, 0x81) writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x3) 861.326658ms ago: executing program 2 (id=1035): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0x6, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x84) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0xc0501, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/mq/0/nr_tags\x00', 0x20000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) socket(0x10, 0x2, 0x0) capset$auto(0x0, 0x0) r0 = open(0x0, 0x22240, 0x154) bpf$auto(0x0, &(0x7f0000000400)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) 548.331351ms ago: executing program 1 (id=1036): r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) select$auto(0x5, 0x0, 0x0, 0x0, 0x0) pwrite64$auto(0xc8, 0x0, 0xfdf0, 0x39) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x48102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) getsockopt$auto(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) syz_clone(0x271824e46a7123ec, &(0x7f0000000040)="950146a8996bccbeae5a1896b04a1f4ed1ad785b1360f9b9bd0252aaec637e8305d7", 0x22, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f00000001c0)="c63b3e14f73191be7b659b9f62fbac20c59348b6d2475ead658d8018cdfa2fdbb496e5f3e3db0a93aa0494d5067af39ce7ffff25fb7e4b04c7b0596258ff9b4fc9c74cfe8d536fd86b459d6373a2ac9479e68f73ed61518d50062f09f5122d2035432ab5dd13d90538a89e855cf56efb46ba44cb7d7cb5653e684df9e66756a9884c36473982e01225d62861b3dae5546c7df0da8ab3d5c9a30baaaf76571c6950c40e67e80f3a5b80fb1924b067539c9d5b2e101bfdce8a4d26ca4be8fbfb81a15e290892b7bd04e88be3b8617abbf0b6dbe6ba663bd340f4f75124fd91d1db6dd61b80e0893f5f276238eb2dd32af5d5dec7f98cb4") madvise$auto(0x0, 0xffffffffffff0005, 0x19) statmount$auto(0x0, 0x0, 0x7ffffffff000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = socket(0xa, 0x1, 0x84) madvise$auto(0x8, 0x6, 0x8) getsockopt$auto(r3, 0x0, 0x53, 0x0, 0x0) read$auto_mon_fops_text_t_mon_text(r2, &(0x7f00000002c0)=""/220, 0xdc) fremovexattr$auto(r0, &(0x7f0000000000)='system.posix_acl_access\x00') 495.140723ms ago: executing program 0 (id=1037): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000540), 0x20000, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci1/power\x00', 0x40040, 0x0) ioctl$auto_XFS_IOC_FSBULKSTAT_SINGLE(r2, 0xc0205866, &(0x7f00000015c0)={&(0x7f00000000c0)=0xff, 0x100, &(0x7f0000001600)="0f1f3fd303d561a237f4f98c456044318075aebeb4c4c2f24750eff9e45e2fdc17941bbd1f8a6aedb57c9da94b618a998e562ccaf43535f015f1f86c910c75d7f3b5625806451a065c9c02ac61d25621526e6df8338f5433b4e3e8a55fde81996b4209b4321fbbdf046f9e68b4e426b99a86da2a6b7ce81d679657ff4dca835b77dd7fd1db63a37857619e39d93d3a15587f86b6b0b66a9a8eb42ceb149f226b5bef04d1030b60aea02b8d4560f22e6bdfabd5d39916e7b2af170aeb37e7262c2483858d42fb530a7ce9d217fff34480ff906572c10e17769b181f11e3765ae886e0ba7f2cefc79e0331a12a94b67d268f37d3799b134fafc8cbd07abde04b9e1faaf02bda912b5e18227aee00eb292294b69339a027a59051ed85ab566c4a1b109cc752d74077d1f908df4f72a2393474e70a7a70ed8988a6dfa066cf5008bdd3e257e54161d29c127a840eae07be15912fa416f3e8bee86b24b4ee83ceac9cc5ca8a17f4c8f3db3b2c679eab6830647bf9bb7b06ed065b293dcd29c377782f9d05782b0b7948d5333639f0b2f99b46ca70e85c6fe6ce7f5eb44a00a3c0e1dab62ffdb630b8647a4c3ff466ee187af3bfd466e1618310c3cec69ecf3fa21918abf97fb9e82241a1d3d5214369dc3ca736d3de94db6b8b2752858c39f36264aca4341c4a2cb5c8d660f8e5b3fa8e6e6630f84a3707448f1f640705f3397f5947439f61f7d6a279fc5e789b87a77b52ba3229cc89cf782273252b27d9433b0d69e26729d6645897c1171cab9e228992d318234a75186a5a1aa021c0b9c861a8647a7a96b759ce41a6926509bc4f3e213f4f0e622f82749f1df32edb2af1767ccd35d102a8ec548bf6dc65b0fa4ec7002d1273893edbb7ba3b2c2a254cfdda4547f997b7db0670dabbd8c7e6188a4e100786c9cf6c61416a5dc62ca2cbfd28d18efb2dc8eea189ed2a1c6060acd2f9e133482428314685eb195d34e454446fb2e635c88899001c6315326d2e53b4655cb49f8623eb35d140a9372bd56e0dec38b384b6a5b9f77ee4e288f0bf65772e78bd2b2aeacc019750578b8ce3f9521dfac95635ca4e4367f2304af24d66e667ea38f21873fa0ebe5428146963d36fcea8763db8b70f8423829f5cf74226cd88bb0dfa47d9ebe57bcf33da362e8f157c7219b4d3a37765e0095e4c414b556f4687379b4ef331caa97e097162e0c69c9adc40ea40393cc1aed2b7406d1cdb151b991183c80aa3cf92e4dde46210076799e310cad9c6617e5388b4440b7997ee360fb92f031127c890f8819b782eb669930be3e9ddaf11ce33dd7cd74b3a51d2bb3e62bea043bcd76072594fd14fe47a7f96a7fed33b1cf939612645c5d290bc75d42ddff1448f8607788d52ff97f2ca2d94f9b917b12f647da673df701b8768a93302236d1214a0c6fe4297d3f1622658082fed28e11b8465119c967ff2d212cd10b99ebc162cd1532ac1f6e9c28c09ff7f953272d15b1d505f28fe35acccb0ab75de4a1c4c927a104bd524e831368932346042169206a1ad522f2bc0ea291e83e2a311ff0aaabbf4ff6d65513585d4c98dcad7fd46c9d444a6dc820dea8742ee550f6ab7c909b4e321f7e36747601723857b78ad9f6efc6754fbfa8f003290f96cfb34144fdfcbd96d28d504c442f8969b8a33c5bb6bf509378be6a5347df48ad35af24b0d32856e51d1abb3752cc74f897333c048301063564fbeffcb9eab7aada81a871116d3b4758d516a11cf6a01bccdc496cc4bff61c2515439182240db341ac389841270ceda6da0813c18b039382f2fec5bb39e8ef11aa2f77fc45c088c5153155a27a06f7e6fd07bd43741c4b346822655174935695d2e253d76f165b41f1b555d062c5df99653d3a4bab9e85efa95efd643115ef2d4c6e34ea86401ef5f8b2de3939ef104debc0fb93c47184d39d8dc4d4d12ad244a60b2b81becbe027fe34af75487286dba46e5e15956ea6592c721c64d2c37827def268e14e9d2317fc3529884eacb9a2e32281f15ae031221ced78cb4bfd438ba69215a348880ce36d927f685147313a8edc76cd118d1cbbe9a2b88cee05826923ec78f8b4860600d3c3e6418c2f5403ab1cf0632378e8b7781e1e8906a5c69ba98cb02000679bbebd0d6bd95dbf8e25ec982ef81b54cbf1df8739a52454e4bb2b8dad20fd4ee9cf6cf73a8331411e740ebf2dcfa44f2af8a248f3254610296c334a30b90ac16f29237c7b6dc1ec2c2bb5dc61708a3865f6e36cc84c184d3d1d8076e5a0d64edeb8267a704760a10a089a7b74674016d31dc886d4868f9af8e9b5eafe1cc0a58d2ebf5ee081ea13d6f1b34233fc11a6c5434f1b4a615a4e7506beff2b29104ccc9afaf13b3415e770ca765215c17461d33739655593a323dfbc6ee1c523d9891a62420d88147a9bf429e0b9ea62efd164ba5341ff0cbc9ba5095b6d74faebf6de0357563343cb2014f09f98628a6afcddcd9badbad607f16f13acab101972ca48abf8cd1c0b46ad8843fbe5d0efb96a104efb18b41b39f1283c903fe00e40c89a6b26905a520c0971ff6662e079a5e5d61cfb717a3b9976a60a63fb7908775f19aca1136a50509d78fe72e4672769269e3b7290312b63de01316f575e858e4d8a122f7badff5905e40715a43870b469d1c1a6ec35ba205fb2a4381277ba27d8dbe84f2e294e9d7771e5e1632e62391bd9e54124b0552530a9a9e4071993026cf8b708a4fbbd3729e7da43e94ad6c7963c65e9f8557c59f504bd38ab4c9c119367dbfa079e9f72b371bb7d5a8599956e6ca7e016d2694f5ce09a351c3b992edff962ef02b7478f43675967b9730a5992400a8563cb16174357f3f2f879a1279e04c9f2c5360972c1a452363e9c7b09b3fc5589618857f89a292ee601991977c65d8dd16a8115627b2bb71906fcf19b5d74741ddf1d48678e6295ebef5ba4ffbbf6b9e0e1c3066aed7a5117646eac71600681cabfac61061729128b2314678ef4d55b48ee799eeae203edd99e5f79ea4a3f69996920d2443dc11f94c2d525bf9e294ec8e16f76fb3ec3b16355d22bf952c17e3132436f6eb6e3b530122c292398450d51bc828231416c6f76458793db7863dc13c0e113fa64376851299a1115964e52e06a3fc61d540daf38ad129ca2e4a13062ce9e1e2a6b9d37966b77563f128d1c06d098cc7d165e93dc69085d4ff413488e29641185f44a165892e28357163d4afbb0a7d0fd881dce5608c9fe12fac54e2f5858d93d527e03440b5275f414164e53118602e3ecc409e8c06488fadc70b0cfc0673db1177487148df1e8f87960dbca4122e8788c7f022e4e79c6a1cd7992579bb7caf7c9f1270c377de176ca0c0f5ed6caf31e8e6b15085c02cdd1af33c0640cf9a380132e942dc9ac903274b555f9f3bb2cebc62d3772853c7b1b95bb24b0432cf8eda14937acdc6e597b130f7291ab92a3fcd7b556999749855fb1d3b79d92e7e6604282cbb6c4cb05d1658a8357c1c04a19ee7b5d1c99aa4e8ae767f54f26146015c00845c1b0673a658edcf05e8c1d2b959c518eaab4ddb06218f7de30c735bdfd26b0329af60c1aca48ab2bed79e69b3b7dde9e0f9369aa29838c2733513cf1d60245467992a4db817ad6bf55cde7cb9caf0dfb6dd9a4e7e450cc0655257ad56fd486f92624699358f43f5fb38707f6712860ec3097984b8b3873e63f85673a2bc070720aa7ef9154b6977c579da53a8cac2c3765a8a28795631f9570e73eb38d37ad411691757a842f2d053ae5126c1eabda37ab1abb37fdb6f8c335174c22ab5e5c0916de2a3c37024f9c06734987e667f2609c1b88dfc981a4da324e0c98cb25fa4089ae0ed88a350d1ca61721c2d864305c6a163eb55010cf23ec78a40477eafe001fe1cf69eca42620d6ae9d1faed9716bab93dc609d26fd0e2291fb7be2795191a0c6edf148a716598ac349770f598636782299e7832e24cefcce8dd10f72e63fb799a48f4077d66c9163174a55d3a17df38c2f57b032ab398de3ec023729e69466d52fd40a617cd2d6edf1f7ebbe6863522e71b9877c3cbd8927989dfacb3eb97f132aef61b8737fa6d76664c2499ed67ac496029c29f4c6c4a066d28cfabf6032b81ea6ababa172a706ea22a0514186118b1a7056f4efecd5a212d3739332fec59cf3a3a16e82c314680fb4bf2a508a579094cc09b0a4a737ce4e4151d78efe9819fcff99c580f3b0fd312b17263af29c9c7bd077ce057119afbaa1d607085e1606b6712a0576b917a7a58fda951270854c6cdb0f97d8e67403a77ab0e8112e3809fd47839ca98eb9c535f853a7dffb28fa4c3db32c6eb3fc62b9a9c982254d0b43286b4d0db17c90bd1897bf8acff2c961d82f76a86d2592b5c32d1a5e29732e5ac694d69d22f9c59b1f71ae88b88149348591ecf23fbd9a0cabef1eabe103596e393bf222981a276fb2c40bd9594e5ce8cd4462edefa6c0d3d93c77078008692fa0277d72e95a84bc7c03818af61d49d7aff30777a206a811dc59f7274a67aa8b1e736486549363dd9893fbd47f63865de87eec2544b2588b923b853f9c5b224721e972912cfc44ecf8caed8e0ef4974aa18252b95af1daefa0ce52c47751941206f00fa4d330563c0bd95db04ea378d14ea42822d8bbd063da40de26ae394ebf88a3ed4f33df69bd8b9dd2b348bd39b0d9b6d92866dbdcc65e011e4de859a937d2d662c03904cb1e35821df9ee9f534a08888c0c21adf534b18082bd9adfe488cbb4d3acd943c42fc562069bb9c506facb53cbd3ab559bc10701fb001a59483735de39035bca70e373bb4894d26925f345bc5a16f184e8a530c246e20910d7f1680dcc495a7119e82e3f10287573949877605a28ac673e70cea33d782f5cf269bbaa64844a88e49a09b8085f9aac961c44a5efa143edbafc7b935f3a9dee86a13d4a376fa4eb99bee064752406172fc849ce137757f1acabcf75c59cee41acb5f14d2e042bf208c512511fa45a88ecae926df4ef81a8d2790f7f6c80af04406c84f002aae5ed13e028896b3ea0f5c9d38b825481f67b9da7feed6561a1e0c726b0737c6a2c27c90de17527594084e615185a94783152a485c01b89265804a609bb228e02c549459ac48c25952e202c5163cb5cac934d577baa765a17b9f1cf04424ef06562551ad1b96aa9cafb43439464f90aa7b7483d2a9d4d4d7dd1ddbc5e5e92ca0b938231f14cf04d06e4d272b020eea6396eed26ed05488d399ba3de5b2d4dfd8d1271f25df27d2be5f9788177fba8aca431d49590891853f962f41acf5836d887cb6b5d7dc0877ca878eac743f5a028171675cf72eb576bf53c6f36cfffb730fcc1ecbe18bf5100bbba28295cb8f8b4d00ac413d51f09885a1bf513fb2206f45982f5867b0d0b53dbf4255228db6125576d3e68b61bbdc90799d33cfbccfe13817e3b589672ec6b7456492b68a9133cd75c070779cc34499eaad4a6fd1517ff67a8979eb05f2dcbc7c9c0e5f4bdd35556bea5bd2fdba2b2c3ce7cdfa4f5511a908bfcfad3198d29a2d4f3b2a8bb2b6767313f1b78d2d7b89214947b166ad7b933bc726672bcab372c0d3527b4d6ea9efba988c6f371dfadd7e6c96b4e75048b7f8d330cec5f0bd446fe92ae99bee92198d2be33096fed7d464f41afc75634abf87eb2b8195bc1bd366288e7508ba25dca0ca4109e30077975b940ec3f51c1f97298205dfda1fb7fe178c107ae3059efed54006d7cbbecc93008ac91e4f72d7cff68ff6e2d8d27691306a21158a101a838474df", &(0x7f0000000180)=0x6}) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) ioctl$auto_FS_IOC_GETFLAGS(r1, 0x80086601, 0x8) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/regulatory.0/firmware/regulatory.db/power/autosuspend_delay_ms\x00', 0x0, 0x0) socket(0x2, 0x1, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/mountinfo\x00', 0x20200, 0x0) read$auto(r0, 0x0, 0x1f40) 422.635289ms ago: executing program 2 (id=1038): socket(0x80000000000000a, 0x2, 0x0) socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS2\x00', 0x101000, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x900, 0x0) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/loginuid\x00', 0x1a9602, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = open(&(0x7f0000000180)='./file0\x00', 0x440, 0x57e) fcntl$auto_F_ADD_SEALS(r0, 0x410, 0x0) utimes$auto(&(0x7f0000000000)='./file0\x00', 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0x40a0ae49, 0xffffffffffffffff) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0) capset$auto(0x0, 0x0) capget$auto(0x0, &(0x7f00000000c0)={0x5, 0x3, 0x3}) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x8a002, 0x0) ioctl$auto(r2, 0x5319, r2) socket(0x10, 0x2, 0x4) 78.494261ms ago: executing program 0 (id=1039): unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x6, 0xd, 0xfffffffe, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x10001, 0xb, 0x2de, 0x504, 0x1, 0x80, 0x6, 0x6}, {0xfff7ffff, 0x2, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x8000000000000000}}) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x2, 0x1, 0x106) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x80002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x8000000) semget$auto(0x0, 0x2e4a, 0x8000) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1f4, 0x0) mkdir$auto(&(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', 0x8cd) bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, &(0x7f00000002c0)=@test={0xffffffffffffffff, 0x0, 0x856, 0x189, 0x8, 0x7fff, 0x7fff, 0x10000, 0xc91a, 0x7, 0x5, 0x3, 0x3, 0x3, 0x6}, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) inotify_init1$auto(0x3000000000000) socket$nl_generic(0x11, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x1) unshare$auto(0x40000080) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/smaps_rollup\x00', 0x840, 0x0) 0s ago: executing program 3 (id=1040): unshare$auto(0x40000080) r0 = socket(0xa, 0x5, 0x0) r1 = getsockopt$auto(r0, 0x84, 0x7a, 0x0, 0x0) close_range$auto(r1, r1, 0x8) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) mbind$auto(0x7, 0x0, 0x4, &(0x7f0000000080)=0x4f, 0x80, 0x4) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/sequencer2\x00', 0x1, 0x0) ioctl$auto_SNDCTL_MIDI_PRETIME(r4, 0xc0046d00, 0x0) ioctl$auto_BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000000c0)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700000000000300", 0x3ff, 0x408, 0xfff, 0x400004, 0x200000000040000d, 0x0}) r6 = wait4$auto(r5, &(0x7f00000001c0)=0x102, 0xcda, &(0x7f0000000380)={{0x1, 0x1}, {0xfffffffffffffffc, 0x4}, 0xc63e, 0x3, 0x4189, 0x8, 0x7fffffffffffffff, 0x40000000, 0x7ff, 0x2, 0x1, 0x80ac, 0x2, 0x6, 0x2, 0x9}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000829bd7000fcdbdf250100000008000200", @ANYRES32=r6, @ANYBLOB="39573480f074dc6d287348e3adaeea0944d94cec82e3af2b626e99adbdba91c728baacf839bbfe45fc2568f4db33ca5442b67c6f144e7c7a6c6ecb5850998e3a4fbb5e9a406395317106a0af4e5051d062022f2dc05eed9b0d1ec44c2ae5f0bb2db801fd3ad4651a000000000000ee236483ed84b8daaaa0d21570582f678823b7390a3a0ae893c09ebbe2dec1e4e4c5580c16df69e486404c45d707429d457ffe68b8d432bb6af15676104e632d23c03d6ee7ef07b7f8a3c19857f2aeaf523b63f631e5e55a3c59c732fa51570d843d384e3cd96f070da15feeb7e7fc5a537b91200d9191f293c5a67e14965b1cf7"], 0x1c}}, 0x8040) capget$auto(&(0x7f0000000440)={0x9, r6}, &(0x7f0000000480)={0x6, 0xffffffc0, 0xfffffffd}) prctl$auto_PR_SCHED_CORE_SHARE_TO(0x0, 0x2, r6, 0xc, 0x6) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x89\xe8^\x98#\x86\x92\x86w\xa9>\x0e\x8f}yX\xc5\x9c\xb88\xc0\x1c\xd1\xd9\x9e\x91\b\xfc=\x18\xf9\x92\b\xa3Rgu\xf5L\x1d', 0x3ff) pwrite64$auto(0xc8, 0x0, 0xfdef, 0x2) unshare$auto(0x1) unshare$auto(0x40000080) (async) socket(0xa, 0x5, 0x0) (async) getsockopt$auto(r0, 0x84, 0x7a, 0x0, 0x0) (async) close_range$auto(r1, r1, 0x8) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) (async) mbind$auto(0x7, 0x0, 0x4, &(0x7f0000000080)=0x4f, 0x80, 0x4) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/sequencer2\x00', 0x1, 0x0) (async) ioctl$auto_SNDCTL_MIDI_PRETIME(r4, 0xc0046d00, 0x0) (async) ioctl$auto_BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000000c0)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700000000000300", 0x3ff, 0x408, 0xfff, 0x400004, 0x200000000040000d}) (async) wait4$auto(r5, &(0x7f00000001c0)=0x102, 0xcda, &(0x7f0000000380)={{0x1, 0x1}, {0xfffffffffffffffc, 0x4}, 0xc63e, 0x3, 0x4189, 0x8, 0x7fffffffffffffff, 0x40000000, 0x7ff, 0x2, 0x1, 0x80ac, 0x2, 0x6, 0x2, 0x9}) (async) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000829bd7000fcdbdf250100000008000200", @ANYRES32=r6, @ANYBLOB="39573480f074dc6d287348e3adaeea0944d94cec82e3af2b626e99adbdba91c728baacf839bbfe45fc2568f4db33ca5442b67c6f144e7c7a6c6ecb5850998e3a4fbb5e9a406395317106a0af4e5051d062022f2dc05eed9b0d1ec44c2ae5f0bb2db801fd3ad4651a000000000000ee236483ed84b8daaaa0d21570582f678823b7390a3a0ae893c09ebbe2dec1e4e4c5580c16df69e486404c45d707429d457ffe68b8d432bb6af15676104e632d23c03d6ee7ef07b7f8a3c19857f2aeaf523b63f631e5e55a3c59c732fa51570d843d384e3cd96f070da15feeb7e7fc5a537b91200d9191f293c5a67e14965b1cf7"], 0x1c}}, 0x8040) (async) capget$auto(&(0x7f0000000440)={0x9, r6}, &(0x7f0000000480)={0x6, 0xffffffc0, 0xfffffffd}) (async) prctl$auto_PR_SCHED_CORE_SHARE_TO(0x0, 0x2, r6, 0xc, 0x6) (async) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x89\xe8^\x98#\x86\x92\x86w\xa9>\x0e\x8f}yX\xc5\x9c\xb88\xc0\x1c\xd1\xd9\x9e\x91\b\xfc=\x18\xf9\x92\b\xa3Rgu\xf5L\x1d', 0x3ff) (async) pwrite64$auto(0xc8, 0x0, 0xfdef, 0x2) (async) unshare$auto(0x1) (async) kernel console output (not intermixed with test programs): rom eth0 [ 81.839841][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 81.849485][ T5631] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.860839][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 81.870873][ T5631] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.884621][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 81.898010][ T5631] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.908692][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 82.015495][ T5628] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 82.026247][ T5628] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 82.036070][ T5628] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 82.045780][ T5628] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 82.054599][ T5628] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 82.065132][ T5628] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 82.085541][ T5628] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 82.095800][ T5628] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 82.129169][ T5630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.208733][ T5629] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 82.218073][ T5629] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 82.231634][ T5630] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.239889][ T5629] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 82.249919][ T5629] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 82.258978][ T5629] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 82.270248][ T5629] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 82.279630][ T5629] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 82.290419][ T5629] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 82.313702][ T1129] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.321526][ T1129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.373827][ T32] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.380951][ T32] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.462300][ T5631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.503302][ T5646] Bluetooth: hci2: command tx timeout [ 82.503498][ T5637] Bluetooth: hci3: command tx timeout [ 82.509508][ T5632] Bluetooth: hci0: command tx timeout [ 82.515567][ T4946] Bluetooth: hci1: command tx timeout [ 82.555317][ T5631] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.606453][ T1129] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.613665][ T1129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.639826][ T5628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.650817][ T1129] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.658021][ T1129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.741543][ T5628] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.765870][ T5629] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.786124][ T1129] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.793284][ T1129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.829363][ T167] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.836591][ T167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.888435][ T5629] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.914599][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.921820][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.959174][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.966404][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.456385][ T5630] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.629451][ T5630] veth0_vlan: entered promiscuous mode [ 83.680203][ T5630] veth1_vlan: entered promiscuous mode [ 83.738928][ T5631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.800874][ T5630] veth0_macvtap: entered promiscuous mode [ 83.829092][ T5630] veth1_macvtap: entered promiscuous mode [ 83.900562][ T5630] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.911341][ T5631] veth0_vlan: entered promiscuous mode [ 83.928614][ T5630] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.971679][ T1129] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.993164][ T1129] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.006130][ T5631] veth1_vlan: entered promiscuous mode [ 84.020749][ T1129] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.066215][ T1129] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.112707][ T5628] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.228586][ T5631] veth0_macvtap: entered promiscuous mode [ 84.251440][ T5629] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.274086][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.283470][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.283646][ T5631] veth1_macvtap: entered promiscuous mode [ 84.385504][ T1129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.393514][ T1129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.395871][ T5628] veth0_vlan: entered promiscuous mode [ 84.427380][ T5631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.463898][ T5631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.472722][ T5628] veth1_vlan: entered promiscuous mode [ 84.497024][ T5630] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 84.527733][ T5629] veth0_vlan: entered promiscuous mode [ 84.536810][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.565481][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.583765][ T4946] Bluetooth: hci0: command tx timeout [ 84.587498][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.590041][ T5637] Bluetooth: hci2: command tx timeout [ 84.598832][ T5632] Bluetooth: hci1: command tx timeout [ 84.604939][ T4946] Bluetooth: hci3: command tx timeout [ 84.619027][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.646526][ T5629] veth1_vlan: entered promiscuous mode [ 84.708350][ T5628] veth0_macvtap: entered promiscuous mode [ 84.727489][ T5628] veth1_macvtap: entered promiscuous mode [ 84.772387][ T5784] random: crng reseeded on system resumption [ 84.848007][ T5628] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.910884][ T5784] can: request_module (can-proto-0) failed. [ 84.927783][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.933266][ T5628] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.950381][ T5629] veth0_macvtap: entered promiscuous mode [ 84.951876][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.991480][ T5629] veth1_macvtap: entered promiscuous mode [ 84.999630][ T82] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.009621][ T82] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.070510][ T82] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.093421][ T82] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.134215][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.154814][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.244822][ T5629] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.330471][ T5782] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 85.344013][ T5629] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.367771][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.388143][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.428463][ T82] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.457060][ T82] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.472457][ T82] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.548649][ T82] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.593924][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.643529][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.980678][ T5808] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.030909][ T5808] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.175026][ T5807] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.219742][ T5807] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.673060][ T5796] Bluetooth: hci3: command tx timeout [ 86.678596][ T5796] Bluetooth: hci2: command tx timeout [ 86.684689][ T5796] Bluetooth: hci1: command tx timeout [ 86.690332][ T5796] Bluetooth: hci0: command tx timeout [ 86.781025][ T5825] process 'syz.3.4' launched ':,' with NULL argv: empty string added [ 87.079067][ T5831] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 89.779495][ T5870] futex_wake_op: syz.0.13 tries to shift op by -2048; fix this program [ 89.922840][ T5870] 0x000000000001-0x000000020000 : "" [ 89.995980][ T5879] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 90.332663][ T5870] ftl_cs: FTL header corrupt! [ 91.708075][ T5824] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 91.956525][ T9] cfg80211: failed to load regulatory.db [ 92.150621][ T5909] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 92.251581][ T5909] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 92.348286][ T5909] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 92.389514][ T5909] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.444228][ T5909] page dumped because: unmovable page [ 92.486774][ T5909] page_owner info is not present (never set?) [ 92.574670][ T5925] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 92.618458][ T5925] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 92.628282][ T5925] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 92.641748][ T5925] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 92.687762][ T5925] page dumped because: unmovable page [ 92.729352][ T5925] page_owner info is not present (never set?) [ 93.477160][ T5940] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 94.198004][ T5964] futex_wake_op: syz.0.24 tries to shift op by -2048; fix this program [ 94.275896][ T5964] 0x000000000001-0x000000020000 : "" [ 94.404545][ T5964] ftl_cs: FTL header corrupt! [ 94.824054][ T5974] : Can't lookup blockdev [ 94.839264][ T5824] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 95.150248][ T5979] syz.0.24 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 95.275644][ T5982] futex_wake_op: syz.2.28 tries to shift op by -2048; fix this program [ 95.344265][ T5982] 0x000000000001-0x000000020000 : "" [ 95.393162][ T5982] ftl_cs: FTL header corrupt! [ 95.496914][ T5972] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 95.594234][ T5972] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 95.658272][ T5972] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 95.678631][ T5972] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 95.716089][ T5972] page dumped because: unmovable page [ 95.765596][ T5972] page_owner info is not present (never set?) [ 95.778733][ T5994] futex_wake_op: syz.1.29 tries to shift op by -2048; fix this program [ 95.830782][ T5976] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 95.849979][ T5994] 0x000000000001-0x000000020000 : "" [ 95.861071][ T5976] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 95.881399][ T5976] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 95.921670][ T5994] ftl_cs: FTL header corrupt! [ 95.930472][ T5976] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 95.985539][ T5976] page dumped because: unmovable page [ 96.008443][ T5976] page_owner info is not present (never set?) [ 96.664397][ T6018] futex_wake_op: syz.0.31 tries to shift op by -2048; fix this program [ 96.718219][ T6018] 0x000000000001-0x000000020000 : "" [ 96.817097][ T6018] ftl_cs: FTL header corrupt! [ 97.740206][ T6038] futex_wake_op: syz.3.33 tries to shift op by -2048; fix this program [ 97.799408][ T6038] 0x000000000001-0x000000020000 : "" [ 97.894252][ T6038] ftl_cs: FTL header corrupt! [ 99.402016][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 99.934589][ T6100] futex_wake_op: syz.1.38 tries to shift op by -2048; fix this program [ 100.305479][ T6110] futex_wake_op: syz.0.41 tries to shift op by -2048; fix this program [ 100.346352][ T6090] 0x000000000001-0x000000020000 : "" [ 100.383313][ T6090] ftl_cs: FTL header corrupt! [ 101.366900][ T5824] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 101.626294][ T6123] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 101.651455][ T6123] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 101.725679][ T6123] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 101.793802][ T6123] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 101.877484][ T6123] page dumped because: unmovable page [ 101.924967][ T6123] page_owner info is not present (never set?) [ 101.959077][ T6126] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 102.037613][ T6126] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 102.077923][ T6126] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 102.106322][ T6126] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 102.138909][ T6130] netlink: 28 bytes leftover after parsing attributes in process `syz.2.43'. [ 102.159653][ T6130] Zero length message leads to an empty skb [ 102.167980][ T6126] page dumped because: unmovable page [ 102.188326][ T6126] page_owner info is not present (never set?) [ 102.198219][ T6131] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 103.583506][ T5824] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 103.879894][ T6156] futex_wake_op: syz.0.49 tries to shift op by -2048; fix this program [ 103.910115][ T6156] 0x000000000001-0x000000020000 : "" [ 103.947185][ T6156] ftl_cs: FTL header corrupt! [ 104.075491][ T6159] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 104.177257][ T6159] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 104.211051][ T6159] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 104.272961][ T6159] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 104.374550][ T6145] hub 1-0:1.0: USB hub found [ 104.392247][ T6159] page dumped because: unmovable page [ 104.431566][ T6145] hub 1-0:1.0: 1 port detected [ 104.439804][ T6159] page_owner info is not present (never set?) [ 104.864867][ T6175] futex_wake_op: syz.2.50 tries to shift op by -2048; fix this program [ 104.907222][ T6175] 0x000000000001-0x000000020000 : "" [ 104.947753][ T6175] ftl_cs: FTL header corrupt! [ 107.538945][ T5824] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 107.660223][ T6217] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 107.714341][ T6217] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 107.770934][ T6217] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 107.833921][ T6217] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 107.862336][ T6217] page dumped because: unmovable page [ 107.907520][ T6217] page_owner info is not present (never set?) [ 108.394094][ T6230] futex_wake_op: syz.3.60 tries to shift op by -2048; fix this program [ 108.440571][ T5824] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 108.873668][ T6223] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 108.911592][ T6223] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 108.943682][ T6223] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 108.989321][ T6223] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 109.018671][ T6223] page dumped because: unmovable page [ 109.040850][ T6223] page_owner info is not present (never set?) [ 109.819956][ T6240] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 110.691365][ T5824] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 110.986035][ T6254] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 110.995995][ T6264] futex_wake_op: syz.2.67 tries to shift op by -2048; fix this program [ 111.044319][ T6254] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 111.104733][ T6254] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 111.147640][ T6264] 0x000000000001-0x000000020000 : "" [ 111.195299][ T6254] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 111.260067][ T6254] page dumped because: unmovable page [ 111.277951][ T6264] ftl_cs: FTL header corrupt! [ 111.425146][ T6254] page_owner info is not present (never set?) [ 113.524185][ T5824] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 113.531751][ T5824] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff [ 113.572407][ T6308] random: crng reseeded on system resumption [ 113.668135][ T6152] Process accounting resumed [ 115.541858][ T6337] futex_wake_op: syz.0.78 tries to shift op by -2048; fix this program [ 115.635283][ T6337] 0x000000000001-0x000000020000 : "" [ 115.769760][ T6337] ftl_cs: FTL header corrupt! [ 116.871304][ T5824] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 117.248419][ T6346] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 117.274105][ T6346] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 117.297708][ T6346] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 117.338694][ T6346] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 117.366065][ T6346] page dumped because: unmovable page [ 117.405206][ T6346] page_owner info is not present (never set?) [ 118.085163][ T5824] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 118.698264][ T6365] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 118.735716][ T6365] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 118.792080][ T6365] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 118.801523][ T6365] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 118.810861][ T6365] page dumped because: unmovable page [ 118.818226][ T6365] page_owner info is not present (never set?) [ 119.600934][ T6401] futex_wake_op: syz.1.90 tries to shift op by -2048; fix this program [ 120.109985][ T5824] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 120.159589][ T6401] 0x000000000001-0x000000020000 : "" [ 120.204832][ T6401] ftl_cs: FTL header corrupt! [ 120.564569][ T6406] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 120.585892][ T6406] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 120.611564][ T6406] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 120.653535][ T6406] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 120.708418][ T6406] page dumped because: unmovable page [ 120.742238][ T6406] page_owner info is not present (never set?) [ 121.471784][ T6437] random: crng reseeded on system resumption [ 122.461727][ T6434] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 123.948055][ T6481] netlink: 28 bytes leftover after parsing attributes in process `syz.0.107'. [ 123.978359][ T6481] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.008806][ T6481] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.060701][ T6481] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.086915][ T6481] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 126.037700][ T6509] ima: policy update failed [ 126.054741][ T29] audit: type=1802 audit(1781418002.656:2): pid=6509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.120" res=0 errno=0 [ 127.425270][ T6552] futex_wake_op: syz.3.117 tries to shift op by -2048; fix this program [ 127.999275][ T5824] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 128.053372][ T6538] 0x000000000001-0x000000020000 : "" [ 128.118815][ T6538] ftl_cs: FTL header corrupt! [ 128.383778][ T6558] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 128.404479][ T6558] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 128.434453][ T6558] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 128.452217][ T6558] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 128.492802][ T6558] page dumped because: unmovable page [ 128.507678][ T6556] ima: policy update failed [ 128.514095][ T29] audit: type=1802 audit(1781418005.116:3): pid=6556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.125" res=0 errno=0 [ 128.532713][ T6558] page_owner info is not present (never set?) [ 128.578744][ T6562] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 128.603450][ T6562] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 128.616190][ T6571] FAULT_INJECTION: forcing a failure. [ 128.616190][ T6571] name failslab, interval 1, probability 0, space 0, times 0 [ 128.632077][ T6562] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 128.648517][ T6571] CPU: 0 UID: 0 PID: 6571 Comm: syz.2.128 Not tainted syzkaller #0 PREEMPT(full) [ 128.648539][ T6571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 128.648554][ T6571] Call Trace: [ 128.648562][ T6571] [ 128.648572][ T6571] dump_stack_lvl+0x100/0x190 [ 128.648604][ T6571] should_fail_ex.cold+0x5/0xa [ 128.648623][ T6571] should_failslab+0xc2/0x120 [ 128.648640][ T6571] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 128.648661][ T6571] ? dst_alloc+0x99/0x1a0 [ 128.648689][ T6571] dst_alloc+0x99/0x1a0 [ 128.648714][ T6571] rt_dst_alloc+0x35/0x3a0 [ 128.648740][ T6571] ip_route_output_key_hash_rcu+0x87a/0x2870 [ 128.648761][ T6571] ip_route_output_key_hash+0x118/0x2b0 [ 128.648785][ T6571] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 128.648816][ T6571] ? __call_rcu_common.constprop.0+0x3f0/0x9b0 [ 128.648846][ T6571] ? lockdep_hardirqs_on+0x78/0x100 [ 128.648877][ T6571] ip_route_output_flow+0x27/0x150 [ 128.648894][ T6571] __ip4_datagram_connect+0x8bf/0x1470 [ 128.648921][ T6571] ip4_datagram_connect+0x2e/0x50 [ 128.648946][ T6571] inet_dgram_connect+0x143/0x200 [ 128.648971][ T6571] ? __pfx_inet_dgram_connect+0x10/0x10 [ 128.648989][ T6571] __sys_connect_file+0x141/0x1a0 [ 128.649011][ T6571] __sys_connect+0x141/0x170 [ 128.649031][ T6571] ? __pfx___sys_connect+0x10/0x10 [ 128.649049][ T6571] ? __fget_files+0x21f/0x3d0 [ 128.649072][ T6571] ? __pfx_ksys_write+0x10/0x10 [ 128.649091][ T6571] __x64_sys_connect+0x72/0xb0 [ 128.649110][ T6571] ? lockdep_hardirqs_on+0x78/0x100 [ 128.649128][ T6571] do_syscall_64+0x115/0x840 [ 128.649146][ T6571] ? clear_bhb_loop+0x40/0x90 [ 128.649163][ T6571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.649177][ T6571] RIP: 0033:0x7f0029b9ce59 [ 128.649190][ T6571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.649203][ T6571] RSP: 002b:00007f002a994028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 128.649217][ T6571] RAX: ffffffffffffffda RBX: 00007f0029e15fa0 RCX: 00007f0029b9ce59 [ 128.649226][ T6571] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 128.649234][ T6571] RBP: 00007f002a994090 R08: 0000000000000000 R09: 0000000000000000 [ 128.649242][ T6571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.649250][ T6571] R13: 00007f0029e16038 R14: 00007f0029e15fa0 R15: 00007ffc6fc94238 [ 128.649268][ T6571] [ 128.891378][ T6562] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 128.915922][ T6562] page dumped because: unmovable page [ 129.044073][ T6562] page_owner info is not present (never set?) [ 130.728793][ T6599] futex_wake_op: syz.0.133 tries to shift op by -2048; fix this program [ 130.766394][ T6599] 0x000000000001-0x000000020000 : "" [ 130.844694][ T6599] ftl_cs: FTL header corrupt! [ 132.905486][ T1316] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.912785][ T1316] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.095224][ T6636] futex_wake_op: syz.0.138 tries to shift op by -2048; fix this program [ 133.147703][ T6636] 0x000000000001-0x000000020000 : "" [ 133.199696][ T6636] ftl_cs: FTL header corrupt! [ 135.114489][ T5824] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 135.210918][ T5824] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 135.692009][ T6667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 135.729902][ T6667] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 135.786566][ T6667] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 135.831551][ T6667] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 135.869931][ T6667] page dumped because: unmovable page [ 135.898785][ T6667] page_owner info is not present (never set?) [ 136.045048][ T6656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 136.105795][ T6656] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 136.167642][ T6656] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 136.229025][ T6656] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 136.293973][ T6656] page dumped because: unmovable page [ 136.359513][ T6656] page_owner info is not present (never set?) [ 137.069906][ T6702] futex_wake_op: syz.1.152 tries to shift op by -2048; fix this program [ 137.133015][ T6702] 0x000000000001-0x000000020000 : "" [ 137.197563][ T6702] ftl_cs: FTL header corrupt! [ 139.345218][ T5824] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 139.682741][ T6739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 139.764876][ T6739] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 139.825055][ T6739] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 139.946472][ T6739] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 139.999401][ T6739] page dumped because: unmovable page [ 139.999445][ T6739] page_owner info is not present (never set?) [ 140.056038][ T6754] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^rfkill' [ 140.812604][ T6762] futex_wake_op: syz.2.165 tries to shift op by -2048; fix this program [ 140.837433][ T6762] 0x000000000001-0x000000020000 : "" [ 140.868974][ T6762] ftl_cs: FTL header corrupt! [ 144.518206][ T6820] Process accounting paused [ 145.017231][ T6832] ima: policy update failed [ 145.042209][ T29] audit: type=1802 audit(2147483656.620:4): pid=6832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.178" res=0 errno=0 [ 145.757663][ T6846] futex_wake_op: syz.2.182 tries to shift op by -2048; fix this program [ 145.796902][ T6846] 0x000000000001-0x000000020000 : "" [ 145.817595][ T6846] ftl_cs: FTL header corrupt! [ 148.368240][ T6882] ima: policy update failed [ 148.379434][ T29] audit: type=1802 audit(2147483659.950:5): pid=6882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.191" res=0 errno=0 [ 148.768864][ T6903] futex_wake_op: syz.2.198 tries to shift op by -2048; fix this program [ 148.796266][ T6903] 0x000000000001-0x000000020000 : "" [ 148.832977][ T6903] ftl_cs: FTL header corrupt! [ 151.545169][ T6948] ima: policy update failed [ 151.552995][ T29] audit: type=1802 audit(2147483663.130:6): pid=6948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.207" res=0 errno=0 [ 152.528915][ T6968] syz.2.210 (6968) used greatest stack depth: 19720 bytes left [ 154.611671][ T6974] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 155.357802][ T6998] netlink: 342 bytes leftover after parsing attributes in process `syz.2.217'. [ 155.811453][ T7010] netlink: 'syz.2.220': attribute type 2 has an invalid length. [ 155.960493][ T7003] ima: policy update failed [ 155.965955][ T29] audit: type=1802 audit(2147483667.540:7): pid=7003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.218" res=0 errno=0 [ 157.034030][ T7026] netlink: 'syz.2.224': attribute type 1 has an invalid length. [ 157.056723][ T7026] netlink: 9 bytes leftover after parsing attributes in process `syz.2.224'. [ 157.092144][ T7026] FAULT_INJECTION: forcing a failure. [ 157.092144][ T7026] name failslab, interval 1, probability 0, space 0, times 0 [ 157.122172][ T7026] CPU: 0 UID: 0 PID: 7026 Comm: syz.2.224 Not tainted syzkaller #0 PREEMPT(full) [ 157.122205][ T7026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 157.122220][ T7026] Call Trace: [ 157.122227][ T7026] [ 157.122236][ T7026] dump_stack_lvl+0x100/0x190 [ 157.122279][ T7026] should_fail_ex.cold+0x5/0xa [ 157.122309][ T7026] should_failslab+0xc2/0x120 [ 157.122336][ T7026] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 157.122374][ T7026] ? __alloc_skb+0x140/0x710 [ 157.122394][ T7026] ? __alloc_skb+0x5b7/0x710 [ 157.122421][ T7026] __alloc_skb+0x140/0x710 [ 157.122441][ T7026] ? __alloc_skb+0x5b7/0x710 [ 157.122462][ T7026] ? __pfx___alloc_skb+0x10/0x10 [ 157.122495][ T7026] netlink_ack+0x117/0xb80 [ 157.122539][ T7026] netlink_rcv_skb+0x333/0x420 [ 157.122583][ T7026] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 157.122613][ T7026] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 157.122662][ T7026] ? ns_capable+0xd2/0xf0 [ 157.122695][ T7026] nfnetlink_rcv+0x1b3/0x440 [ 157.122721][ T7026] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 157.122746][ T7026] ? netlink_deliver_tap+0x1ae/0xcc0 [ 157.122784][ T7026] netlink_unicast+0x585/0x850 [ 157.122823][ T7026] ? __pfx_netlink_unicast+0x10/0x10 [ 157.122854][ T7026] ? __build_skb_around+0x278/0x390 [ 157.122891][ T7026] ? is_vmalloc_addr+0x86/0xa0 [ 157.122933][ T7026] netlink_sendmsg+0x8b0/0xda0 [ 157.122973][ T7026] ? __pfx_netlink_sendmsg+0x10/0x10 [ 157.123011][ T7026] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 157.123044][ T7026] sock_write_iter+0x524/0x5a0 [ 157.123076][ T7026] ? __pfx_netlink_sendmsg+0x10/0x10 [ 157.123109][ T7026] ? __pfx_sock_write_iter+0x10/0x10 [ 157.123154][ T7026] ? bpf_lsm_file_permission+0x9/0x10 [ 157.123177][ T7026] ? security_file_permission+0x76/0x210 [ 157.123215][ T7026] ? rw_verify_area+0xce/0x6d0 [ 157.123244][ T7026] vfs_write+0x6ac/0x1070 [ 157.123274][ T7026] ? __pfx_sock_write_iter+0x10/0x10 [ 157.123309][ T7026] ? __pfx_vfs_write+0x10/0x10 [ 157.123336][ T7026] ? find_held_lock+0x2b/0x80 [ 157.123390][ T7026] ksys_write+0x1f8/0x250 [ 157.123419][ T7026] ? __pfx_ksys_write+0x10/0x10 [ 157.123451][ T7026] ? rcu_is_watching+0x12/0xc0 [ 157.123485][ T7026] do_syscall_64+0x115/0x840 [ 157.123519][ T7026] ? clear_bhb_loop+0x40/0x90 [ 157.123550][ T7026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.123583][ T7026] RIP: 0033:0x7f0029b9ce59 [ 157.123603][ T7026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 157.123625][ T7026] RSP: 002b:00007f002a994028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 157.123649][ T7026] RAX: ffffffffffffffda RBX: 00007f0029e15fa0 RCX: 00007f0029b9ce59 [ 157.123666][ T7026] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000002 [ 157.123682][ T7026] RBP: 00007f002a994090 R08: 0000000000000000 R09: 0000000000000000 [ 157.123696][ T7026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.123711][ T7026] R13: 00007f0029e16038 R14: 00007f0029e15fa0 R15: 00007ffc6fc94238 [ 157.123746][ T7026] [ 158.138146][ T7038] openvswitch: netlink: Tunnel attr 345 out of range max 16 [ 158.153979][ T7037] ima: policy update failed [ 158.168016][ T29] audit: type=1802 audit(2147483669.740:8): pid=7037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.228" res=0 errno=0 [ 159.045598][ T5824] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 159.556062][ T7049] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 159.586876][ T7049] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 159.626677][ T7049] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 159.700539][ T7049] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 159.749421][ T7049] page dumped because: unmovable page [ 159.763852][ T7049] page_owner info is not present (never set?) [ 159.879898][ T5824] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 160.327128][ T7074] random: crng reseeded on system resumption [ 160.787598][ T7091] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 161.138336][ T7100] futex_wake_op: syz.2.240 tries to shift op by -2048; fix this program [ 161.635201][ T7100] 0x000000000001-0x000000020000 : "" [ 161.708694][ T7100] ftl_cs: FTL header corrupt! [ 162.747443][ T7149] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.248'. [ 167.197833][ T7197] Console: switching to colour VGA+ 80x25 [ 167.779740][ T7219] FAULT_INJECTION: forcing a failure. [ 167.779740][ T7219] name fail_futex, interval 1, probability 0, space 0, times 1 [ 167.832572][ T7219] CPU: 1 UID: 0 PID: 7219 Comm: syz.3.260 Not tainted syzkaller #0 PREEMPT(full) [ 167.832611][ T7219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 167.832626][ T7219] Call Trace: [ 167.832634][ T7219] [ 167.832644][ T7219] dump_stack_lvl+0x100/0x190 [ 167.832693][ T7219] should_fail_ex.cold+0x5/0xa [ 167.832723][ T7219] get_futex_key+0x1d2/0x1510 [ 167.832758][ T7219] ? __pfx_get_futex_key+0x10/0x10 [ 167.832788][ T7219] ? pick_eevdf+0x198/0x860 [ 167.832816][ T7219] ? update_se+0x94/0x770 [ 167.832852][ T7219] futex_wait_setup+0x83/0x510 [ 167.832885][ T7219] __futex_wait+0x19f/0x300 [ 167.832913][ T7219] ? __pfx___futex_wait+0x10/0x10 [ 167.832937][ T7219] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 167.832972][ T7219] ? __pfx_futex_wake_mark+0x10/0x10 [ 167.833002][ T7219] ? find_held_lock+0x2b/0x80 [ 167.833028][ T7219] ? futex_wake+0x456/0x530 [ 167.833059][ T7219] futex_wait+0xe6/0x370 [ 167.833096][ T7219] ? __pfx_futex_wait+0x10/0x10 [ 167.833132][ T7219] ? ksys_read+0x190/0x250 [ 167.833164][ T7219] do_futex+0x1ef/0x350 [ 167.833188][ T7219] ? __pfx_do_futex+0x10/0x10 [ 167.833210][ T7219] ? find_held_lock+0x2b/0x80 [ 167.833239][ T7219] ? rcu_read_unlock+0x17/0x60 [ 167.833268][ T7219] ? rcu_read_unlock+0x17/0x60 [ 167.833298][ T7219] __x64_sys_futex+0x34f/0x4d0 [ 167.833324][ T7219] ? __pfx___x64_sys_futex+0x10/0x10 [ 167.833346][ T7219] ? trace_kmalloc+0xe3/0x110 [ 167.833375][ T7219] ? __bitmap_clear+0x11d/0x160 [ 167.833418][ T7219] ? rcu_is_watching+0x12/0xc0 [ 167.833448][ T7219] do_syscall_64+0x115/0x840 [ 167.833491][ T7219] ? clear_bhb_loop+0x40/0x90 [ 167.833527][ T7219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.833554][ T7219] RIP: 0033:0x7f4e0019ce59 [ 167.833582][ T7219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 167.833605][ T7219] RSP: 002b:00007f4e00fe80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 167.833627][ T7219] RAX: ffffffffffffffda RBX: 00007f4e00415fa8 RCX: 00007f4e0019ce59 [ 167.833646][ T7219] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4e00415fa8 [ 167.833663][ T7219] RBP: 00007f4e00415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 167.833678][ T7219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.833692][ T7219] R13: 00007f4e00416038 R14: 00007ffe26aa10d0 R15: 00007ffe26aa11b8 [ 167.833725][ T7219] [ 169.097870][ T7232] futex_wake_op: syz.2.264 tries to shift op by -2048; fix this program [ 169.141814][ T7232] 0x000000000001-0x000000020000 : "" [ 169.227199][ T7232] ftl_cs: FTL header corrupt! [ 169.918085][ T7259] futex_wake_op: syz.3.266 tries to shift op by -2048; fix this program [ 169.943525][ T7259] 0x000000000001-0x000000020000 : "" [ 170.010484][ T7259] ftl_cs: FTL header corrupt! [ 170.086072][ T7251] futex_wake_op: syz.0.265 tries to shift op by -2048; fix this program [ 171.181049][ T7270] netlink: 186 bytes leftover after parsing attributes in process `syz.0.269'. [ 171.560068][ T7291] FAULT_INJECTION: forcing a failure. [ 171.560068][ T7291] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 171.614583][ T7291] CPU: 1 UID: 0 PID: 7291 Comm: syz.0.272 Not tainted syzkaller #0 PREEMPT(full) [ 171.614623][ T7291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 171.614639][ T7291] Call Trace: [ 171.614648][ T7291] [ 171.614659][ T7291] dump_stack_lvl+0x100/0x190 [ 171.614721][ T7291] should_fail_ex.cold+0x5/0xa [ 171.614751][ T7291] ? prepare_alloc_pages+0x16d/0x5f0 [ 171.614788][ T7291] should_fail_alloc_page+0xeb/0x140 [ 171.614821][ T7291] prepare_alloc_pages+0x1f0/0x5f0 [ 171.614863][ T7291] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 171.614914][ T7291] ? mark_held_locks+0x40/0x70 [ 171.614957][ T7291] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 171.614994][ T7291] ? lockdep_hardirqs_on+0x78/0x100 [ 171.615034][ T7291] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 171.615071][ T7291] ? stack_depot_save_flags+0x479/0x9d0 [ 171.615121][ T7291] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 171.615165][ T7291] ? kasan_save_stack+0x3f/0x50 [ 171.615193][ T7291] ? kasan_save_track+0x14/0x30 [ 171.615226][ T7291] ? __lock_acquire+0x4a5/0x2630 [ 171.615281][ T7291] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 171.615322][ T7291] ? policy_nodemask+0xed/0x4f0 [ 171.615358][ T7291] alloc_pages_mpol+0x1fb/0x540 [ 171.615394][ T7291] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 171.615425][ T7291] ? __split_page_owner+0x1fe/0x350 [ 171.615461][ T7291] ? split_page_memcg+0x1e/0x1b0 [ 171.615505][ T7291] alloc_pages_noprof+0x1a/0x160 [ 171.615542][ T7291] alloc_pages_exact_noprof+0x32/0xf0 [ 171.615582][ T7291] snd_pcm_attach_substream+0x4b0/0xd20 [ 171.615622][ T7291] snd_pcm_open_substream+0x90/0x1850 [ 171.615676][ T7291] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 171.615724][ T7291] ? rcu_is_watching+0x12/0xc0 [ 171.615765][ T7291] snd_pcm_open+0x2a3/0x710 [ 171.615814][ T7291] ? __pfx_snd_pcm_open+0x10/0x10 [ 171.615864][ T7291] ? __pfx_default_wake_function+0x10/0x10 [ 171.615911][ T7291] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 171.615939][ T7291] snd_pcm_playback_open+0x86/0xe0 [ 171.615967][ T7291] snd_open+0x201/0x450 [ 171.616003][ T7291] ? __pfx_snd_open+0x10/0x10 [ 171.616037][ T7291] chrdev_open+0x234/0x6a0 [ 171.616074][ T7291] ? __pfx_chrdev_open+0x10/0x10 [ 171.616111][ T7291] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 171.616157][ T7291] do_dentry_open+0x6ab/0x14d0 [ 171.616190][ T7291] ? __pfx_chrdev_open+0x10/0x10 [ 171.616233][ T7291] vfs_open+0x82/0x3f0 [ 171.616278][ T7291] path_openat+0x208c/0x31a0 [ 171.616327][ T7291] ? __pfx_path_openat+0x10/0x10 [ 171.616377][ T7291] do_file_open+0x20e/0x430 [ 171.616423][ T7291] ? __pfx_do_file_open+0x10/0x10 [ 171.616485][ T7291] ? alloc_fd+0x476/0x790 [ 171.616520][ T7291] ? do_getname+0x191/0x390 [ 171.616558][ T7291] do_sys_openat2+0x10d/0x1e0 [ 171.616599][ T7291] ? __pfx_do_sys_openat2+0x10/0x10 [ 171.616651][ T7291] __x64_sys_openat+0x12d/0x210 [ 171.616701][ T7291] ? __pfx___x64_sys_openat+0x10/0x10 [ 171.616740][ T7291] ? ksys_write+0x1ac/0x250 [ 171.616771][ T7291] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 171.616813][ T7291] ? syscall_user_dispatch+0x76/0x130 [ 171.616847][ T7291] do_syscall_64+0x115/0x840 [ 171.616884][ T7291] ? clear_bhb_loop+0x40/0x90 [ 171.616918][ T7291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.616946][ T7291] RIP: 0033:0x7fa68b39ce59 [ 171.616969][ T7291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 171.616996][ T7291] RSP: 002b:00007fa68c268028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 171.617021][ T7291] RAX: ffffffffffffffda RBX: 00007fa68b616090 RCX: 00007fa68b39ce59 [ 171.617041][ T7291] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 171.617059][ T7291] RBP: 00007fa68b432d6f R08: 0000000000000000 R09: 0000000000000000 [ 171.617075][ T7291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.617091][ T7291] R13: 00007fa68b616128 R14: 00007fa68b616090 R15: 00007ffdfdc94e38 [ 171.617126][ T7291] [ 172.386561][ T29] audit: type=1800 audit(2147483683.960:9): pid=7296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.273" name="dbroot" dev="configfs" ino=16033 res=0 errno=0 [ 172.808141][ T7298] netlink: 'syz.2.274': attribute type 3 has an invalid length. [ 172.825288][ T7298] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 4000000200000 [ 173.283077][ T7307] FAULT_INJECTION: forcing a failure. [ 173.283077][ T7307] name fail_futex, interval 1, probability 0, space 0, times 0 [ 173.326371][ T7307] CPU: 1 UID: 0 PID: 7307 Comm: syz.2.276 Not tainted syzkaller #0 PREEMPT(full) [ 173.326407][ T7307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 173.326421][ T7307] Call Trace: [ 173.326430][ T7307] [ 173.326439][ T7307] dump_stack_lvl+0x100/0x190 [ 173.326484][ T7307] should_fail_ex.cold+0x5/0xa [ 173.326517][ T7307] get_futex_key+0x1d2/0x1510 [ 173.326557][ T7307] ? __pfx_get_futex_key+0x10/0x10 [ 173.326595][ T7307] ? _parse_integer_limit+0x17f/0x1d0 [ 173.326633][ T7307] futex_wait_requeue_pi+0x1f5/0x890 [ 173.326670][ T7307] ? __pfx_futex_wait_requeue_pi+0x10/0x10 [ 173.326743][ T7307] ? __pfx_futex_wake_mark+0x10/0x10 [ 173.326781][ T7307] ? find_held_lock+0x2b/0x80 [ 173.326812][ T7307] ? ksys_write+0x190/0x250 [ 173.326839][ T7307] ? ksys_write+0x190/0x250 [ 173.326875][ T7307] do_futex+0x24f/0x350 [ 173.326902][ T7307] ? __pfx_do_futex+0x10/0x10 [ 173.326937][ T7307] __x64_sys_futex+0x34f/0x4d0 [ 173.326966][ T7307] ? fput+0x79/0x100 [ 173.326998][ T7307] ? __pfx___x64_sys_futex+0x10/0x10 [ 173.327023][ T7307] ? ksys_write+0x1ac/0x250 [ 173.327081][ T7307] ? __pfx_ksys_write+0x10/0x10 [ 173.327117][ T7307] ? rcu_is_watching+0x12/0xc0 [ 173.327150][ T7307] do_syscall_64+0x115/0x840 [ 173.327185][ T7307] ? clear_bhb_loop+0x40/0x90 [ 173.327214][ T7307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.327239][ T7307] RIP: 0033:0x7f0029b9ce59 [ 173.327260][ T7307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 173.327283][ T7307] RSP: 002b:00007f002a994028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 173.327306][ T7307] RAX: ffffffffffffffda RBX: 00007f0029e15fa0 RCX: 00007f0029b9ce59 [ 173.327323][ T7307] RDX: 0000000000000001 RSI: 000000000000000b RDI: 0000200000000080 [ 173.327338][ T7307] RBP: 00007f002a994090 R08: 0000000000000000 R09: 00000000fffffffa [ 173.327354][ T7307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.327368][ T7307] R13: 00007f0029e16038 R14: 00007f0029e15fa0 R15: 00007ffc6fc94238 [ 173.327403][ T7307] [ 174.585158][ T7326] futex_wake_op: syz.1.280 tries to shift op by -2048; fix this program [ 174.628653][ T7326] 0x000000000001-0x000000020000 : "" [ 174.655754][ T7326] ftl_cs: FTL header corrupt! [ 175.513706][ T7354] openvswitch: netlink: IP tunnel attribute has 24 unknown bytes. [ 177.386561][ T7372] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.962077][ T7391] futex_wake_op: syz.3.291 tries to shift op by -2048; fix this program [ 177.996203][ T7391] 0x000000000001-0x000000020000 : "" [ 178.037289][ T7391] ftl_cs: FTL header corrupt! [ 179.606016][ T5824] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 179.801169][ T7426] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 179.839365][ T7426] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 179.895575][ T7426] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 179.940141][ T7426] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 179.983603][ T7426] page dumped because: unmovable page [ 180.013623][ T7426] page_owner info is not present (never set?) [ 180.044482][ T7430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 180.081367][ T7430] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 180.167826][ T7430] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 180.210702][ T7430] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 180.239850][ T7430] page dumped because: unmovable page [ 180.272726][ T7430] page_owner info is not present (never set?) [ 182.821693][ T5824] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 183.160436][ T7494] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 183.228483][ T7494] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 183.240469][ T7494] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 183.249492][ T7494] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 183.285493][ T7494] page dumped because: unmovable page [ 183.334634][ T7494] page_owner info is not present (never set?) [ 184.218983][ T7533] FAULT_INJECTION: forcing a failure. [ 184.218983][ T7533] name failslab, interval 1, probability 0, space 0, times 0 [ 184.260014][ T7533] CPU: 0 UID: 0 PID: 7533 Comm: syz.0.320 Not tainted syzkaller #0 PREEMPT(full) [ 184.260056][ T7533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 184.260082][ T7533] Call Trace: [ 184.260092][ T7533] [ 184.260104][ T7533] dump_stack_lvl+0x100/0x190 [ 184.260172][ T7533] should_fail_ex.cold+0x5/0xa [ 184.260208][ T7533] ? sk_prot_alloc+0x10b/0x2a0 [ 184.260242][ T7533] should_failslab+0xc2/0x120 [ 184.260277][ T7533] __kmalloc_noprof+0xe0/0x850 [ 184.260322][ T7533] ? lockdep_init_map_type+0x5c/0x250 [ 184.260371][ T7533] sk_prot_alloc+0x10b/0x2a0 [ 184.260409][ T7533] sk_alloc+0x36/0xe80 [ 184.260462][ T7533] pppol2tp_create+0x32/0x250 [ 184.260501][ T7533] pppox_create+0x15c/0x2c0 [ 184.260545][ T7533] __sock_create+0x339/0x860 [ 184.260589][ T7533] __sys_socket+0x14d/0x260 [ 184.260629][ T7533] ? __pfx___sys_socket+0x10/0x10 [ 184.260667][ T7533] ? ksys_write+0x1ac/0x250 [ 184.260699][ T7533] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 184.260746][ T7533] __x64_sys_socket+0x72/0xb0 [ 184.260783][ T7533] ? lockdep_hardirqs_on+0x78/0x100 [ 184.260823][ T7533] do_syscall_64+0x115/0x840 [ 184.260861][ T7533] ? clear_bhb_loop+0x40/0x90 [ 184.260896][ T7533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.260924][ T7533] RIP: 0033:0x7fa68b39ce59 [ 184.260952][ T7533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.260979][ T7533] RSP: 002b:00007fa68c289028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 184.261011][ T7533] RAX: ffffffffffffffda RBX: 00007fa68b615fa0 RCX: 00007fa68b39ce59 [ 184.261031][ T7533] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 184.261047][ T7533] RBP: 00007fa68b432d6f R08: 0000000000000000 R09: 0000000000000000 [ 184.261064][ T7533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.261081][ T7533] R13: 00007fa68b616038 R14: 00007fa68b615fa0 R15: 00007ffdfdc94e38 [ 184.261119][ T7533] [ 185.057024][ T7536] futex_wake_op: syz.3.321 tries to shift op by -2048; fix this program [ 185.086516][ T7536] 0x000000000001-0x000000020000 : "" [ 185.129524][ T7536] ftl_cs: FTL header corrupt! [ 186.124141][ T7549] futex_wake_op: syz.1.323 tries to shift op by -2048; fix this program [ 186.193506][ T7549] 0x000000000001-0x000000020000 : "" [ 186.207471][ T7560] netlink: 12 bytes leftover after parsing attributes in process `syz.2.325'. [ 186.262997][ T7549] ftl_cs: FTL header corrupt! [ 187.136422][ T7576] netlink: 'syz.0.329': attribute type 2 has an invalid length. [ 187.612032][ T7571] ima: policy update failed [ 187.635362][ T29] audit: type=1802 audit(2147483699.210:10): pid=7571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.328" res=0 errno=0 [ 188.243455][ T7597] futex_wake_op: syz.3.332 tries to shift op by -2048; fix this program [ 188.256658][ T7606] FAULT_INJECTION: forcing a failure. [ 188.256658][ T7606] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 188.272888][ T7597] 0x000000000001-0x000000020000 : "" [ 188.293308][ T7606] CPU: 0 UID: 0 PID: 7606 Comm: syz.1.334 Not tainted syzkaller #0 PREEMPT(full) [ 188.293330][ T7606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 188.293341][ T7606] Call Trace: [ 188.293349][ T7606] [ 188.293358][ T7606] dump_stack_lvl+0x100/0x190 [ 188.293407][ T7606] should_fail_ex.cold+0x5/0xa [ 188.293430][ T7606] ? prepare_alloc_pages+0x16d/0x5f0 [ 188.293450][ T7606] should_fail_alloc_page+0xeb/0x140 [ 188.293468][ T7606] prepare_alloc_pages+0x1f0/0x5f0 [ 188.293484][ T7606] ? __lock_acquire+0x4a5/0x2630 [ 188.293507][ T7606] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 188.293530][ T7606] ? __lock_acquire+0x4a5/0x2630 [ 188.293566][ T7606] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 188.293587][ T7606] ? find_held_lock+0x2b/0x80 [ 188.293605][ T7606] ? bpf_ksym_find+0x124/0x1c0 [ 188.293621][ T7606] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 188.293643][ T7606] ? __kernel_text_address+0xd/0x30 [ 188.293657][ T7606] ? unwind_get_return_address+0x59/0xa0 [ 188.293677][ T7606] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 188.293697][ T7606] ? policy_nodemask+0xed/0x4f0 [ 188.293715][ T7606] alloc_pages_mpol+0x1fb/0x540 [ 188.293732][ T7606] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 188.293750][ T7606] ? __lock_acquire+0x4a5/0x2630 [ 188.293772][ T7606] folio_alloc_mpol_noprof+0x36/0x260 [ 188.293792][ T7606] vma_alloc_folio_noprof+0xed/0x1d0 [ 188.293810][ T7606] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 188.293834][ T7606] do_anonymous_page+0xb46/0x2050 [ 188.293855][ T7606] ? rcu_read_unlock+0x2d/0xb0 [ 188.293880][ T7606] __handle_mm_fault+0x1d2c/0x2a00 [ 188.293903][ T7606] ? mt_find+0x45e/0x8e0 [ 188.293923][ T7606] ? __pfx___handle_mm_fault+0x10/0x10 [ 188.293942][ T7606] ? __pfx_mt_find+0x10/0x10 [ 188.293971][ T7606] ? find_vma+0xbf/0x140 [ 188.293986][ T7606] ? __pfx_find_vma+0x10/0x10 [ 188.294002][ T7606] handle_mm_fault+0x37b/0xa30 [ 188.294026][ T7606] do_user_addr_fault+0x74c/0x12f0 [ 188.294044][ T7606] ? trace_page_fault_kernel+0x7a/0x200 [ 188.294064][ T7606] exc_page_fault+0x6f/0xd0 [ 188.294084][ T7606] asm_exc_page_fault+0x26/0x30 [ 188.294098][ T7606] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 188.294114][ T7606] Code: 9c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 188.294126][ T7606] RSP: 0018:ffffc900057679b8 EFLAGS: 00050206 [ 188.294138][ T7606] RAX: 0000000000000001 RBX: 00000000000000f4 RCX: 00000000000000f4 [ 188.294147][ T7606] RDX: 0000000000000001 RSI: ffff88802da7c000 RDI: 0000200000001080 [ 188.294155][ T7606] RBP: ffffc90005767bc8 R08: 0000000000000000 R09: ffffed1005b4f81e [ 188.294163][ T7606] R10: ffff88802da7c0f3 R11: 0000000000000000 R12: ffff88802da7c000 [ 188.294171][ T7606] R13: 0000000000000000 R14: 0000200000001080 R15: 00000000000000f4 [ 188.294192][ T7606] _copy_to_iter+0x4c5/0x1720 [ 188.294216][ T7606] ? __pfx__copy_to_iter+0x10/0x10 [ 188.294234][ T7606] ? ping_get_first.isra.0+0x1ab/0x250 [ 188.294254][ T7606] ? find_held_lock+0x2b/0x80 [ 188.294270][ T7606] ? seq_read_iter+0xd33/0x1270 [ 188.294285][ T7606] ? seq_read_iter+0xd33/0x1270 [ 188.294304][ T7606] seq_read_iter+0xdab/0x1270 [ 188.294327][ T7606] seq_read+0x33b/0x4c0 [ 188.294342][ T7606] ? __pfx_seq_read+0x10/0x10 [ 188.294360][ T7606] ? lock_acquire+0x1b1/0x370 [ 188.294386][ T7606] ? __pfx_seq_read+0x10/0x10 [ 188.294401][ T7606] proc_reg_read+0x240/0x330 [ 188.294417][ T7606] ? __pfx_proc_reg_read+0x10/0x10 [ 188.294434][ T7606] vfs_read+0x1e4/0xb30 [ 188.294452][ T7606] ? __pfx_vfs_read+0x10/0x10 [ 188.294466][ T7606] ? __fget_files+0x215/0x3d0 [ 188.294486][ T7606] ? __fget_files+0x21f/0x3d0 [ 188.294507][ T7606] ksys_read+0x12a/0x250 [ 188.294522][ T7606] ? __pfx_ksys_read+0x10/0x10 [ 188.294538][ T7606] ? rcu_is_watching+0x12/0xc0 [ 188.294561][ T7606] do_syscall_64+0x115/0x840 [ 188.294579][ T7606] ? clear_bhb_loop+0x40/0x90 [ 188.294596][ T7606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.294610][ T7606] RIP: 0033:0x7f80f9d9ce59 [ 188.294622][ T7606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 188.294634][ T7606] RSP: 002b:00007f80facb3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 188.294646][ T7606] RAX: ffffffffffffffda RBX: 00007f80fa015fa0 RCX: 00007f80f9d9ce59 [ 188.294659][ T7606] RDX: 00000000000000f4 RSI: 0000200000001080 RDI: 0000000000000003 [ 188.294674][ T7606] RBP: 00007f80facb3090 R08: 0000000000000000 R09: 0000000000000000 [ 188.294689][ T7606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 188.294704][ T7606] R13: 00007f80fa016038 R14: 00007f80fa015fa0 R15: 00007ffd3c6ef888 [ 188.294736][ T7606] [ 189.055126][ T7597] ftl_cs: FTL header corrupt! [ 191.005754][ T7636] ima: policy update failed [ 191.018018][ T29] audit: type=1802 audit(2147483702.590:11): pid=7636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.340" res=0 errno=0 [ 192.361551][ T7680] futex_wake_op: syz.2.350 tries to shift op by -2048; fix this program [ 192.395168][ T7680] 0x000000000001-0x000000020000 : "" [ 192.436475][ T7680] ftl_cs: FTL header corrupt! [ 192.788564][ T7695] futex_wake_op: syz.0.353 tries to shift op by -2048; fix this program [ 192.835139][ T7695] 0x000000000001-0x000000020000 : "" [ 192.866573][ T7695] ftl_cs: FTL header corrupt! [ 193.907478][ T7724] FAULT_INJECTION: forcing a failure. [ 193.907478][ T7724] name failslab, interval 1, probability 0, space 0, times 0 [ 193.921474][ T7724] CPU: 1 UID: 0 PID: 7724 Comm: syz.2.357 Not tainted syzkaller #0 PREEMPT(full) [ 193.921511][ T7724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 193.921526][ T7724] Call Trace: [ 193.921536][ T7724] [ 193.921546][ T7724] dump_stack_lvl+0x100/0x190 [ 193.921609][ T7724] should_fail_ex.cold+0x5/0xa [ 193.921647][ T7724] should_failslab+0xc2/0x120 [ 193.921681][ T7724] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 193.921724][ T7724] ? alloc_empty_file+0x5b/0x1c0 [ 193.921772][ T7724] alloc_empty_file+0x5b/0x1c0 [ 193.921814][ T7724] alloc_file_pseudo+0x13a/0x230 [ 193.921858][ T7724] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 193.921903][ T7724] ? _raw_spin_unlock+0x28/0x50 [ 193.921934][ T7724] ? alloc_fd+0x476/0x790 [ 193.921969][ T7724] __anon_inode_getfile+0xe8/0x280 [ 193.922022][ T7724] __anon_inode_getfd+0x5c/0xe0 [ 193.922068][ T7724] do_inotify_init+0x483/0x5e0 [ 193.922098][ T7724] __x64_sys_inotify_init1+0x30/0x40 [ 193.922125][ T7724] do_syscall_64+0x115/0x840 [ 193.922163][ T7724] ? clear_bhb_loop+0x40/0x90 [ 193.922197][ T7724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.922225][ T7724] RIP: 0033:0x7f0029b9ce59 [ 193.922249][ T7724] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 193.922275][ T7724] RSP: 002b:00007f002a973028 EFLAGS: 00000246 ORIG_RAX: 0000000000000126 [ 193.922302][ T7724] RAX: ffffffffffffffda RBX: 00007f0029e16090 RCX: 00007f0029b9ce59 [ 193.922320][ T7724] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0003000000000000 [ 193.922337][ T7724] RBP: 00007f0029c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 193.922354][ T7724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.922370][ T7724] R13: 00007f0029e16128 R14: 00007f0029e16090 R15: 00007ffc6fc94238 [ 193.922408][ T7724] [ 194.347029][ T1316] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.362523][ T1316] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.104336][ T7752] futex_wake_op: syz.2.364 tries to shift op by -2048; fix this program [ 196.159420][ T7752] 0x000000000001-0x000000020000 : "" [ 196.219756][ T7752] ftl_cs: FTL header corrupt! [ 196.394868][ T7759] nvme_fabrics: missing parameter 'transport=%s' [ 196.420450][ T7759] nvme_fabrics: missing parameter 'nqn=%s' [ 198.615368][ T7792] netlink: 12 bytes leftover after parsing attributes in process `syz.3.370'. [ 198.798183][ T7803] kAFS: Invalid Command on /proc/fs/afs/cells file [ 198.880875][ T7799] netlink: 12 bytes leftover after parsing attributes in process `syz.1.372'. [ 199.638104][ T7816] futex_wake_op: syz.0.376 tries to shift op by -2048; fix this program [ 199.675006][ T7816] 0x000000000001-0x000000020000 : "" [ 199.694565][ T7816] ftl_cs: FTL header corrupt! [ 201.512470][ T7849] hub 1-0:1.0: USB hub found [ 201.557865][ T7820] Bluetooth: hci2: command 0x0406 tx timeout [ 201.566043][ T7819] Bluetooth: hci0: command 0x0406 tx timeout [ 201.577482][ T7819] Bluetooth: hci3: command 0x0406 tx timeout [ 201.583946][ T7819] Bluetooth: hci1: command 0x0406 tx timeout [ 201.665382][ T7849] hub 1-0:1.0: 1 port detected [ 202.478623][ T7886] ima: policy update failed [ 202.484136][ T29] audit: type=1802 audit(2147483714.060:12): pid=7886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.388" res=0 errno=0 [ 203.473037][ T7907] futex_wake_op: syz.3.390 tries to shift op by -2048; fix this program [ 203.533889][ T7907] 0x000000000001-0x000000020000 : "" [ 203.685618][ T7907] ftl_cs: FTL header corrupt! [ 208.128322][ T7975] futex_wake_op: syz.1.406 tries to shift op by -2048; fix this program [ 208.163467][ T7975] 0x000000000001-0x000000020000 : "" [ 208.207282][ T7975] ftl_cs: FTL header corrupt! [ 210.031026][ T7995] kexec: Could not allocate control_code_buffer [ 210.702719][ T7818] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 211.007322][ T8013] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 211.024149][ T7818] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 211.057150][ T8013] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 211.110928][ T8013] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 211.158105][ T8013] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 211.207100][ T8013] page dumped because: unmovable page [ 211.245421][ T8013] page_owner info is not present (never set?) [ 211.567303][ T8020] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 211.626658][ T8020] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 211.663223][ T8020] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 211.721474][ T8020] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 211.743347][ T8020] page dumped because: unmovable page [ 211.767864][ T8020] page_owner info is not present (never set?) [ 211.819700][ T8025] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 211.819737][ T8025] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 211.819778][ T8025] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 211.819806][ T8025] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 211.819824][ T8025] page dumped because: unmovable page [ 211.819838][ T8025] page_owner info is not present (never set?) [ 212.826207][ T8052] RDS: rds_bind could not find a transport for ::ffff:172.30.1.3, load rds_tcp or rds_rdma? [ 214.125599][ T8079] futex_wake_op: syz.3.427 tries to shift op by -2048; fix this program [ 214.152002][ T8079] 0x000000000001-0x000000020000 : "" [ 214.179867][ T8079] ftl_cs: FTL header corrupt! [ 215.083048][ T8113] netlink: 'syz.0.435': attribute type 1 has an invalid length. [ 215.090855][ T8113] netlink: 9 bytes leftover after parsing attributes in process `syz.0.435'. [ 215.106330][ T8113] FAULT_INJECTION: forcing a failure. [ 215.106330][ T8113] name failslab, interval 1, probability 0, space 0, times 0 [ 215.126672][ T8113] CPU: 0 UID: 0 PID: 8113 Comm: syz.0.435 Not tainted syzkaller #0 PREEMPT(full) [ 215.126706][ T8113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 215.126721][ T8113] Call Trace: [ 215.126729][ T8113] [ 215.126738][ T8113] dump_stack_lvl+0x100/0x190 [ 215.126785][ T8113] should_fail_ex.cold+0x5/0xa [ 215.126814][ T8113] should_failslab+0xc2/0x120 [ 215.126841][ T8113] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 215.126878][ T8113] ? skb_clone+0x190/0x400 [ 215.126913][ T8113] skb_clone+0x190/0x400 [ 215.126940][ T8113] netlink_deliver_tap+0xaed/0xcc0 [ 215.126989][ T8113] netlink_unicast+0x6a5/0x850 [ 215.127028][ T8113] ? __pfx_netlink_unicast+0x10/0x10 [ 215.127070][ T8113] netlink_ack+0x655/0xb80 [ 215.127119][ T8113] netlink_rcv_skb+0x333/0x420 [ 215.127151][ T8113] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 215.127180][ T8113] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 215.127229][ T8113] ? ns_capable+0xd2/0xf0 [ 215.127261][ T8113] nfnetlink_rcv+0x1b3/0x440 [ 215.127288][ T8113] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 215.127313][ T8113] ? netlink_deliver_tap+0x1ae/0xcc0 [ 215.127351][ T8113] netlink_unicast+0x585/0x850 [ 215.127389][ T8113] ? __pfx_netlink_unicast+0x10/0x10 [ 215.127420][ T8113] ? __build_skb_around+0x278/0x390 [ 215.127456][ T8113] ? is_vmalloc_addr+0x86/0xa0 [ 215.127499][ T8113] netlink_sendmsg+0x8b0/0xda0 [ 215.127538][ T8113] ? __pfx_netlink_sendmsg+0x10/0x10 [ 215.127575][ T8113] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 215.127608][ T8113] sock_write_iter+0x524/0x5a0 [ 215.127641][ T8113] ? __pfx_netlink_sendmsg+0x10/0x10 [ 215.127674][ T8113] ? __pfx_sock_write_iter+0x10/0x10 [ 215.127719][ T8113] ? bpf_lsm_file_permission+0x9/0x10 [ 215.127743][ T8113] ? security_file_permission+0x76/0x210 [ 215.127776][ T8113] ? rw_verify_area+0xce/0x6d0 [ 215.127806][ T8113] vfs_write+0x6ac/0x1070 [ 215.127835][ T8113] ? __pfx_sock_write_iter+0x10/0x10 [ 215.127871][ T8113] ? __pfx_vfs_write+0x10/0x10 [ 215.127898][ T8113] ? find_held_lock+0x2b/0x80 [ 215.127959][ T8113] ksys_write+0x1f8/0x250 [ 215.127988][ T8113] ? __pfx_ksys_write+0x10/0x10 [ 215.128019][ T8113] ? rcu_is_watching+0x12/0xc0 [ 215.128053][ T8113] do_syscall_64+0x115/0x840 [ 215.128088][ T8113] ? clear_bhb_loop+0x40/0x90 [ 215.128120][ T8113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.128146][ T8113] RIP: 0033:0x7fa68b39ce59 [ 215.128168][ T8113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.128192][ T8113] RSP: 002b:00007fa68c289028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 215.128217][ T8113] RAX: ffffffffffffffda RBX: 00007fa68b615fa0 RCX: 00007fa68b39ce59 [ 215.128234][ T8113] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000002 [ 215.128249][ T8113] RBP: 00007fa68c289090 R08: 0000000000000000 R09: 0000000000000000 [ 215.128263][ T8113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 215.128281][ T8113] R13: 00007fa68b616038 R14: 00007fa68b615fa0 R15: 00007ffdfdc94e38 [ 215.128315][ T8113] [ 216.665824][ T8137] futex_wake_op: syz.1.441 tries to shift op by -2048; fix this program [ 216.686441][ T8137] 0x000000000001-0x000000020000 : "" [ 216.728026][ T8137] ftl_cs: FTL header corrupt! [ 216.821105][ T8123] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 217.255489][ T8161] syz.1.445 uses obsolete (PF_INET,SOCK_PACKET) [ 217.898661][ T8178] hub 1-0:1.0: USB hub found [ 217.907150][ T8178] hub 1-0:1.0: 1 port detected [ 219.044276][ T8208] futex_wake_op: syz.2.454 tries to shift op by -2048; fix this program [ 219.103694][ T8208] 0x000000000001-0x000000020000 : "" [ 219.190724][ T8208] ftl_cs: FTL header corrupt! [ 220.524910][ T8206] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 220.857029][ T8225] ima: policy update failed [ 220.880314][ T29] audit: type=1802 audit(2147483732.450:13): pid=8225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.455" res=0 errno=0 [ 221.308358][ T8236] futex_wake_op: syz.1.457 tries to shift op by -2048; fix this program [ 221.346459][ T8236] 0x000000000001-0x000000020000 : "" [ 221.388612][ T8236] ftl_cs: FTL header corrupt! [ 223.664971][ T8288] ima: policy update failed [ 223.676168][ T29] audit: type=1802 audit(2147483735.250:14): pid=8288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.466" res=0 errno=0 [ 226.321720][ T8337] ima: policy update failed [ 226.348301][ T29] audit: type=1802 audit(2147483737.920:15): pid=8337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.478" res=0 errno=0 [ 228.350178][ T8350] kexec: Could not allocate control_code_buffer [ 228.793922][ T8396] netlink: 8 bytes leftover after parsing attributes in process `syz.2.489'. [ 231.178695][ T8452] futex_wake_op: syz.2.506 tries to shift op by -2048; fix this program [ 231.213434][ T8452] 0x000000000001-0x000000020000 : "" [ 231.231492][ T8452] ftl_cs: FTL header corrupt! [ 231.433806][ T8457] futex_wake_op: syz.1.507 tries to shift op by -2048; fix this program [ 231.466883][ T8457] 0x000000000001-0x000000020000 : "" [ 231.504607][ T8457] ftl_cs: FTL header corrupt! [ 233.447843][ T8498] futex_wake_op: syz.3.513 tries to shift op by -2048; fix this program [ 233.466781][ T8498] 0x000000000001-0x000000020000 : "" [ 233.528692][ T8498] ftl_cs: FTL header corrupt! [ 235.922298][ T8543] FAULT_INJECTION: forcing a failure. [ 235.922298][ T8543] name failslab, interval 1, probability 0, space 0, times 0 [ 235.957480][ T8543] CPU: 1 UID: 0 PID: 8543 Comm: syz.0.524 Not tainted syzkaller #0 PREEMPT(full) [ 235.957519][ T8543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 235.957536][ T8543] Call Trace: [ 235.957544][ T8543] [ 235.957555][ T8543] dump_stack_lvl+0x100/0x190 [ 235.957610][ T8543] should_fail_ex.cold+0x5/0xa [ 235.957647][ T8543] should_failslab+0xc2/0x120 [ 235.957683][ T8543] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 235.957727][ T8543] ? __d_alloc+0x34/0xa40 [ 235.957772][ T8543] __d_alloc+0x34/0xa40 [ 235.957814][ T8543] d_alloc_parallel+0x111/0x14e0 [ 235.957845][ T8543] ? kasan_save_stack+0x30/0x50 [ 235.957872][ T8543] ? kasan_save_track+0x14/0x30 [ 235.957898][ T8543] ? __kasan_slab_alloc+0x89/0x90 [ 235.957926][ T8543] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 235.957978][ T8543] ? init_file+0x95/0x480 [ 235.958011][ T8543] ? do_file_open+0x20e/0x430 [ 235.958046][ T8543] ? __pfx_d_alloc_parallel+0x10/0x10 [ 235.958078][ T8543] ? lockdep_init_map_type+0x5c/0x250 [ 235.958124][ T8543] ? lockdep_init_map_type+0x5c/0x250 [ 235.958175][ T8543] __lookup_slow+0x193/0x460 [ 235.958218][ T8543] ? __pfx___lookup_slow+0x10/0x10 [ 235.958292][ T8543] lookup_slow+0x50/0x70 [ 235.958334][ T8543] path_lookupat+0x5e8/0xc40 [ 235.958370][ T8543] path_openat+0x1b08/0x31a0 [ 235.958403][ T8543] ? kasan_save_stack+0x3f/0x50 [ 235.958442][ T8543] ? __pfx_path_openat+0x10/0x10 [ 235.958490][ T8543] do_file_open+0x20e/0x430 [ 235.958528][ T8543] ? __pfx_do_file_open+0x10/0x10 [ 235.958589][ T8543] ? alloc_fd+0x476/0x790 [ 235.958624][ T8543] ? do_getname+0x191/0x390 [ 235.958667][ T8543] do_sys_openat2+0x10d/0x1e0 [ 235.958710][ T8543] ? __pfx_do_sys_openat2+0x10/0x10 [ 235.958766][ T8543] __x64_sys_openat+0x12d/0x210 [ 235.958810][ T8543] ? __pfx___x64_sys_openat+0x10/0x10 [ 235.958856][ T8543] ? ksys_write+0x1ac/0x250 [ 235.958894][ T8543] ? rcu_is_watching+0x12/0xc0 [ 235.958931][ T8543] do_syscall_64+0x115/0x840 [ 235.958978][ T8543] ? clear_bhb_loop+0x40/0x90 [ 235.959012][ T8543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.959041][ T8543] RIP: 0033:0x7fa68b39ce59 [ 235.959065][ T8543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 235.959091][ T8543] RSP: 002b:00007fa68c289028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 235.959116][ T8543] RAX: ffffffffffffffda RBX: 00007fa68b615fa0 RCX: 00007fa68b39ce59 [ 235.959149][ T8543] RDX: 0000000000240882 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 235.959168][ T8543] RBP: 00007fa68b432d6f R08: 0000000000000000 R09: 0000000000000000 [ 235.959184][ T8543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.959200][ T8543] R13: 00007fa68b616038 R14: 00007fa68b615fa0 R15: 00007ffdfdc94e38 [ 235.959240][ T8543] [ 236.641168][ T8555] netlink: 330 bytes leftover after parsing attributes in process `syz.0.527'. [ 236.681370][ T8555] mac80211_hwsim hwsim2 : renamed from wlan0 (while UP) [ 236.885987][ T8557] futex_wake_op: syz.1.528 tries to shift op by -2048; fix this program [ 236.923155][ T8557] 0x000000000001-0x000000020000 : "" [ 236.971202][ T8557] ftl_cs: FTL header corrupt! [ 238.210095][ T8586] futex_wake_op: syz.0.534 tries to shift op by -2048; fix this program [ 238.316849][ T8586] 0x000000000001-0x000000020000 : "" [ 238.402224][ T8586] ftl_cs: FTL header corrupt! [ 242.167331][ T8661] futex_wake_op: syz.1.550 tries to shift op by -2048; fix this program [ 242.201174][ T8661] 0x000000000001-0x000000020000 : "" [ 242.241581][ T8661] ftl_cs: FTL header corrupt! [ 242.897455][ T8679] netlink: 4 bytes leftover after parsing attributes in process `syz.0.553'. [ 242.910696][ T8679] netlink: 17 bytes leftover after parsing attributes in process `syz.0.553'. [ 245.257264][ T8702] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 245.319023][ T8733] futex_wake_op: syz.0.561 tries to shift op by -2048; fix this program [ 245.339302][ T8733] 0x000000000001-0x000000020000 : "" [ 245.393860][ T8733] ftl_cs: FTL header corrupt! [ 245.603468][ T8741] futex_wake_op: syz.2.565 tries to shift op by -2048; fix this program [ 245.806761][ T8741] 0x000000000001-0x000000020000 : "" [ 245.831067][ T8741] ftl_cs: FTL header corrupt! [ 246.681071][ T8746] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 246.699031][ T8746] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 246.792938][ T8746] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 246.817193][ T8746] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 246.823524][ T8746] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 246.840826][ T8746] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 246.853137][ T8746] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 246.884581][ T8742] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 246.904964][ T8746] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 246.927018][ T8746] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 247.943870][ T7818] Bluetooth: hci2: command 0x0406 tx timeout [ 248.078208][ T8784] netlink: 16 bytes leftover after parsing attributes in process `syz.3.573'. [ 248.822578][ T7818] Bluetooth: hci3: command 0x0406 tx timeout [ 248.903472][ T7818] Bluetooth: hci1: command 0x0406 tx timeout [ 248.985010][ T7818] Bluetooth: hci0: command 0x0406 tx timeout [ 249.591609][ T8802] futex_wake_op: syz.3.578 tries to shift op by -2048; fix this program [ 249.605632][ T8802] 0x000000000001-0x000000020000 : "" [ 249.660648][ T8802] ftl_cs: FTL header corrupt! [ 250.022467][ T7818] Bluetooth: hci2: command 0x0406 tx timeout [ 250.902085][ T7818] Bluetooth: hci3: command 0x0406 tx timeout [ 250.982689][ T7818] Bluetooth: hci1: command 0x0406 tx timeout [ 251.063623][ T7818] Bluetooth: hci0: command 0x0406 tx timeout [ 251.957127][ T8860] futex_wake_op: syz.2.589 tries to shift op by -2048; fix this program [ 251.987492][ T8860] 0x000000000001-0x000000020000 : "" [ 252.047781][ T8860] ftl_cs: FTL header corrupt! [ 252.102948][ T7818] Bluetooth: hci2: command 0x0406 tx timeout [ 252.948829][ T8885] FAULT_INJECTION: forcing a failure. [ 252.948829][ T8885] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 253.006514][ T8885] CPU: 0 UID: 0 PID: 8885 Comm: syz.1.593 Not tainted syzkaller #0 PREEMPT(full) [ 253.006535][ T8885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 253.006555][ T8885] Call Trace: [ 253.006560][ T8885] [ 253.006566][ T8885] dump_stack_lvl+0x100/0x190 [ 253.006594][ T8885] should_fail_ex.cold+0x5/0xa [ 253.006613][ T8885] copy_folio_from_iter_atomic+0x5c8/0x2000 [ 253.006640][ T8885] ? timestamp_truncate+0x22e/0x2f0 [ 253.006660][ T8885] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 253.006683][ T8885] ? shmem_write_begin+0x1ba/0x420 [ 253.006709][ T8885] ? __pfx_shmem_write_begin+0x10/0x10 [ 253.006732][ T8885] ? rcu_is_watching+0x12/0xc0 [ 253.006770][ T8885] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 253.006795][ T8885] generic_perform_write+0x4cb/0xa40 [ 253.006821][ T8885] ? __pfx_generic_perform_write+0x10/0x10 [ 253.006839][ T8885] ? __mark_inode_dirty+0x55c/0x1720 [ 253.006855][ T8885] ? mnt_put_write_access_file+0x4e/0x100 [ 253.006872][ T8885] ? file_update_time_flags+0x373/0x500 [ 253.006894][ T8885] shmem_file_write_iter+0x10e/0x140 [ 253.006912][ T8885] vfs_write+0x6ac/0x1070 [ 253.006929][ T8885] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 253.006947][ T8885] ? __pfx_vfs_write+0x10/0x10 [ 253.006975][ T8885] ksys_write+0x12a/0x250 [ 253.006990][ T8885] ? __pfx_ksys_write+0x10/0x10 [ 253.007007][ T8885] ? rcu_is_watching+0x12/0xc0 [ 253.007024][ T8885] do_syscall_64+0x115/0x840 [ 253.007043][ T8885] ? clear_bhb_loop+0x40/0x90 [ 253.007060][ T8885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.007074][ T8885] RIP: 0033:0x7f80f9d9ce59 [ 253.007087][ T8885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 253.007100][ T8885] RSP: 002b:00007f80facb3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 253.007116][ T8885] RAX: ffffffffffffffda RBX: 00007f80fa015fa0 RCX: 00007f80f9d9ce59 [ 253.007126][ T8885] RDX: 00000000fffffdf1 RSI: 0000000000000000 RDI: 0000000000000003 [ 253.007133][ T8885] RBP: 00007f80facb3090 R08: 0000000000000000 R09: 0000000000000000 [ 253.007141][ T8885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 253.007149][ T8885] R13: 00007f80fa016038 R14: 00007f80fa015fa0 R15: 00007ffd3c6ef888 [ 253.007182][ T8885] [ 253.719190][ T8881] futex_wake_op: syz.3.592 tries to shift op by -2048; fix this program [ 253.740801][ T8881] 0x000000000001-0x000000020000 : "" [ 253.787744][ T8881] ftl_cs: FTL header corrupt! [ 255.693202][ T7818] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 255.786675][ T1316] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.793201][ T1316] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.858165][ T8904] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 255.984506][ T8906] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 255.993931][ T8906] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 256.006937][ T8906] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 256.036854][ T8906] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 256.900516][ T8940] futex_wake_op: syz.1.605 tries to shift op by -2048; fix this program [ 256.902700][ T7818] Bluetooth: hci2: command 0x0406 tx timeout [ 256.987801][ T8952] 0x000000000001-0x000000020000 : "" [ 257.008267][ T8952] ftl_cs: FTL header corrupt! [ 258.024721][ T7818] Bluetooth: hci1: command 0x0406 tx timeout [ 258.030778][ T5796] Bluetooth: hci3: command 0x0406 tx timeout [ 258.103128][ T7818] Bluetooth: hci0: command 0x0406 tx timeout [ 258.117114][ T8941] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 258.185593][ T8967] futex_wake_op: syz.3.608 tries to shift op by -2048; fix this program [ 258.245582][ T8967] 0x000000000001-0x000000020000 : "" [ 258.284858][ T8967] ftl_cs: FTL header corrupt! [ 259.070987][ T7818] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 259.654926][ T8984] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 259.695749][ T8984] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 259.769766][ T8984] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 259.797774][ T8984] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 259.807859][ T8984] page dumped because: unmovable page [ 259.827218][ T8984] page_owner info is not present (never set?) [ 259.964654][ T7818] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 261.118083][ T9036] futex_wake_op: syz.2.619 tries to shift op by -2048; fix this program [ 261.156748][ T9036] 0x000000000001-0x000000020000 : "" [ 261.220707][ T9036] ftl_cs: FTL header corrupt! [ 263.155172][ T9094] HfR: entered promiscuous mode [ 265.009505][ T9143] futex_wake_op: syz.0.635 tries to shift op by -2048; fix this program [ 265.055271][ T9143] 0x000000000001-0x000000020000 : "" [ 265.104946][ T9143] ftl_cs: FTL header corrupt! [ 265.520988][ T9159] netlink: 28 bytes leftover after parsing attributes in process `syz.3.636'. [ 266.908616][ T9192] netlink: 338 bytes leftover after parsing attributes in process `syz.0.642'. [ 271.193934][ T7818] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 274.855312][ T9353] futex_wake_op: syz.0.674 tries to shift op by -2048; fix this program [ 275.143131][ T7818] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 275.216430][ T9346] 0x000000000001-0x000000020000 : "" [ 275.296819][ T9346] ftl_cs: FTL header corrupt! [ 275.388316][ T9352] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 275.434728][ T9352] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 275.501433][ T9352] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 275.599131][ T9352] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 275.607996][ T9352] page dumped because: unmovable page [ 275.613557][ T9352] page_owner info is not present (never set?) [ 276.266766][ T9379] netlink: 338 bytes leftover after parsing attributes in process `syz.1.682'. [ 276.422444][ T9375] netlink: 'syz.0.680': attribute type 1 has an invalid length. [ 277.086823][ T9401] FAULT_INJECTION: forcing a failure. [ 277.086823][ T9401] name failslab, interval 1, probability 0, space 0, times 0 [ 277.109991][ T9401] CPU: 1 UID: 0 PID: 9401 Comm: syz.0.686 Not tainted syzkaller #0 PREEMPT(full) [ 277.110030][ T9401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 277.110046][ T9401] Call Trace: [ 277.110055][ T9401] [ 277.110065][ T9401] dump_stack_lvl+0x100/0x190 [ 277.110128][ T9401] should_fail_ex.cold+0x5/0xa [ 277.110163][ T9401] should_failslab+0xc2/0x120 [ 277.110197][ T9401] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 277.110227][ T9401] ? kstrdup_const+0x63/0x80 [ 277.110255][ T9401] ? find_held_lock+0x2b/0x80 [ 277.110293][ T9401] kstrdup+0x51/0xe0 [ 277.110325][ T9401] kstrdup_const+0x63/0x80 [ 277.110353][ T9401] __kernfs_new_node+0x9b/0x9f0 [ 277.110388][ T9401] ? __pfx___kernfs_new_node+0x10/0x10 [ 277.110427][ T9401] ? find_held_lock+0x2b/0x80 [ 277.110459][ T9401] ? kernfs_root+0xee/0x2a0 [ 277.110487][ T9401] ? kernfs_root+0xee/0x2a0 [ 277.110525][ T9401] kernfs_new_node+0x11b/0x1a0 [ 277.110566][ T9401] kernfs_create_link+0xcc/0x240 [ 277.110610][ T9401] sysfs_do_create_link_sd+0x90/0x140 [ 277.110642][ T9401] sysfs_create_link+0x61/0xc0 [ 277.110670][ T9401] device_add+0xb5d/0x1950 [ 277.110704][ T9401] ? __pfx_device_add+0x10/0x10 [ 277.110732][ T9401] ? __pfx___might_resched+0x10/0x10 [ 277.110760][ T9401] ? lockdep_hardirqs_on+0x78/0x100 [ 277.110811][ T9401] __add_disk+0x518/0xe40 [ 277.110851][ T9401] add_disk_fwnode+0x118/0x5c0 [ 277.110887][ T9401] loop_add+0x90b/0xb60 [ 277.110925][ T9401] ? __pfx_loop_add+0x10/0x10 [ 277.110987][ T9401] ? find_held_lock+0x2b/0x80 [ 277.111038][ T9401] ? __fget_files+0x215/0x3d0 [ 277.111076][ T9401] loop_control_ioctl+0xae/0x620 [ 277.111240][ T9401] ? __pfx_loop_control_ioctl+0x10/0x10 [ 277.111302][ T9401] ? __pfx_loop_control_ioctl+0x10/0x10 [ 277.111356][ T9401] __x64_sys_ioctl+0x18e/0x210 [ 277.111388][ T9401] do_syscall_64+0x115/0x840 [ 277.111429][ T9401] ? clear_bhb_loop+0x40/0x90 [ 277.111464][ T9401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.111491][ T9401] RIP: 0033:0x7fa68b39ce59 [ 277.111514][ T9401] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.111542][ T9401] RSP: 002b:00007fa68c268028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 277.111571][ T9401] RAX: ffffffffffffffda RBX: 00007fa68b616090 RCX: 00007fa68b39ce59 [ 277.111590][ T9401] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 277.111609][ T9401] RBP: 00007fa68b432d6f R08: 0000000000000000 R09: 0000000000000000 [ 277.111626][ T9401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.111641][ T9401] R13: 00007fa68b616128 R14: 00007fa68b616090 R15: 00007ffdfdc94e38 [ 277.111679][ T9401] [ 277.386902][ T9382] ima: policy update failed [ 277.417014][ T29] audit: type=1802 audit(2147483788.960:16): pid=9382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.683" res=0 errno=0 [ 277.831739][ T9415] ima: policy update failed [ 277.854861][ T29] audit: type=1802 audit(2147483789.430:17): pid=9415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.690" res=0 errno=0 [ 280.393448][ T9456] ima: policy update failed [ 280.401913][ T29] audit: type=1802 audit(2147483791.970:18): pid=9456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.699" res=0 errno=0 [ 281.799032][ T9486] futex_wake_op: syz.1.706 tries to shift op by -2048; fix this program [ 281.834528][ T9486] 0x000000000001-0x000000020000 : "" [ 281.896716][ T9486] ftl_cs: FTL header corrupt! [ 282.190575][ T7818] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 282.811867][ T7818] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 283.231852][ T9508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 283.292241][ T9508] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 283.355275][ T9508] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 283.373691][ T9508] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 283.442275][ T9508] page dumped because: unmovable page [ 283.472373][ T9508] page_owner info is not present (never set?) [ 284.025595][ T9520] netlink: 12 bytes leftover after parsing attributes in process `syz.3.712'. [ 284.954968][ T9537] futex_wake_op: syz.2.717 tries to shift op by -2048; fix this program [ 284.984244][ T9537] 0x000000000001-0x000000020000 : "" [ 285.015325][ T9537] ftl_cs: FTL header corrupt! [ 285.521777][ T9556] futex_wake_op: syz.0.721 tries to shift op by -2048; fix this program [ 285.588533][ T9556] 0x000000000001-0x000000020000 : "" [ 285.650190][ T9556] ftl_cs: FTL header corrupt! [ 286.344648][ T9582] futex_wake_op: syz.3.725 tries to shift op by -2048; fix this program [ 286.390115][ T9582] 0x000000000001-0x000000020000 : "" [ 286.423140][ T9582] ftl_cs: FTL header corrupt! [ 286.589727][ T9574] netlink: 12 bytes leftover after parsing attributes in process `syz.1.722'. [ 289.617092][ T9652] futex_wake_op: syz.3.737 tries to shift op by -2048; fix this program [ 289.652377][ T9652] 0x000000000001-0x000000020000 : "" [ 289.671881][ T9652] ftl_cs: FTL header corrupt! [ 289.695876][ T9638] ima: policy update failed [ 289.716506][ T29] audit: type=1802 audit(2147483801.290:19): pid=9638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.735" res=0 errno=0 [ 289.820390][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.2.744'. [ 290.486950][ T9676] futex_wake_op: syz.2.741 tries to shift op by -2048; fix this program [ 290.506342][ T9676] 0x000000000001-0x000000020000 : "" [ 290.548082][ T9676] ftl_cs: FTL header corrupt! [ 290.980759][ T9691] syz.1.745(9691): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 291.777964][ T9700] netlink: 'syz.2.748': attribute type 1 has an invalid length. [ 291.792245][ T9700] netlink: 9 bytes leftover after parsing attributes in process `syz.2.748'. [ 292.237177][ T9711] futex_wake_op: syz.2.751 tries to shift op by -2048; fix this program [ 292.416816][ T9711] 0x000000000001-0x000000020000 : "" [ 292.451323][ T9711] ftl_cs: FTL header corrupt! [ 292.761177][ T9727] vivid-007: ================= START STATUS ================= [ 292.794183][ T9727] vivid-007: Enable Output Cropping: true [ 292.832340][ T9727] vivid-007: Enable Output Composing: true [ 292.860326][ T9727] vivid-007: Enable Output Scaler: true [ 292.883541][ T9727] vivid-007: Tx RGB Quantization Range: Automatic [ 292.952240][ T9727] vivid-007: Transmit Mode: HDMI [ 292.994765][ T9727] vivid-007: Hotplug Present: 0x00000000 [ 293.068166][ T9727] vivid-007: RxSense Present: 0x00000000 [ 293.150769][ T9727] vivid-007: EDID Present: 0x00000000 [ 293.230050][ T9727] vivid-007: ================== END STATUS ================== [ 293.785109][ T7818] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 294.105816][ T9746] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 294.110049][ T9764] ima: policy update failed [ 294.139629][ T9746] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 294.168096][ T29] audit: type=1802 audit(2147483805.710:20): pid=9764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.760" res=0 errno=0 [ 294.221700][ T9746] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 294.235670][ T9746] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 294.270903][ T9746] page dumped because: unmovable page [ 294.276569][ T9746] page_owner info is not present (never set?) [ 295.450537][ T9781] futex_wake_op: syz.0.765 tries to shift op by -2048; fix this program [ 295.496202][ T9781] 0x000000000001-0x000000020000 : "" [ 295.526927][ T9781] ftl_cs: FTL header corrupt! [ 295.541072][ T7818] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 295.912370][ T9792] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 295.964306][ T9792] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 295.999873][ T9792] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 296.018881][ T9792] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 296.056937][ T9792] page dumped because: unmovable page [ 296.090747][ T9792] page_owner info is not present (never set?) [ 297.893496][ T9809] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 299.519317][ T9831] ima: policy update failed [ 299.539879][ T29] audit: type=1802 audit(2147483811.110:21): pid=9831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.773" res=0 errno=0 [ 306.072151][ T9955] futex_wake_op: syz.0.798 tries to shift op by -2048; fix this program [ 306.101902][ T9955] 0x000000000001-0x000000020000 : "" [ 306.167530][ T9955] ftl_cs: FTL header corrupt! [ 307.555325][T10001] FAULT_INJECTION: forcing a failure. [ 307.555325][T10001] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 307.608854][T10001] CPU: 0 UID: 0 PID: 10001 Comm: syz.2.810 Not tainted syzkaller #0 PREEMPT(full) [ 307.608889][T10001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 307.608908][T10001] Call Trace: [ 307.608917][T10001] [ 307.608926][T10001] dump_stack_lvl+0x100/0x190 [ 307.608974][T10001] should_fail_ex.cold+0x5/0xa [ 307.609014][T10001] _copy_from_iter+0x1f4/0x1690 [ 307.609053][T10001] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 307.609093][T10001] ? __pfx__copy_from_iter+0x10/0x10 [ 307.609131][T10001] ? alloc_pages_mpol+0x25a/0x540 [ 307.609165][T10001] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 307.609201][T10001] copy_page_from_iter+0x238/0x300 [ 307.609242][T10001] anon_pipe_write+0xaf0/0x18c0 [ 307.609301][T10001] ? __pfx_anon_pipe_write+0x10/0x10 [ 307.609338][T10001] ? apparmor_file_permission+0x13f/0x1c0 [ 307.609372][T10001] ? bpf_lsm_file_permission+0x9/0x10 [ 307.609396][T10001] ? security_file_permission+0x76/0x210 [ 307.609431][T10001] ? rw_verify_area+0xce/0x6d0 [ 307.609460][T10001] vfs_write+0x6ac/0x1070 [ 307.609491][T10001] ? __pfx_anon_pipe_write+0x10/0x10 [ 307.609525][T10001] ? __pfx_vfs_write+0x10/0x10 [ 307.609551][T10001] ? find_held_lock+0x2b/0x80 [ 307.609609][T10001] ksys_write+0x1f8/0x250 [ 307.609638][T10001] ? __pfx_ksys_write+0x10/0x10 [ 307.609670][T10001] ? rcu_is_watching+0x12/0xc0 [ 307.609704][T10001] do_syscall_64+0x115/0x840 [ 307.609738][T10001] ? clear_bhb_loop+0x40/0x90 [ 307.609771][T10001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.609820][T10001] RIP: 0033:0x7f0029b9ce59 [ 307.609846][T10001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 307.609870][T10001] RSP: 002b:00007f002a994028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 307.609898][T10001] RAX: ffffffffffffffda RBX: 00007f0029e15fa0 RCX: 00007f0029b9ce59 [ 307.609915][T10001] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 307.609931][T10001] RBP: 00007f002a994090 R08: 0000000000000000 R09: 0000000000000000 [ 307.609946][T10001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 307.609960][T10001] R13: 00007f0029e16038 R14: 00007f0029e15fa0 R15: 00007ffc6fc94238 [ 307.610003][T10001] [ 308.521606][T10019] futex_wake_op: syz.2.815 tries to shift op by -2048; fix this program [ 308.533385][ T7818] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 308.578760][T10014] 0x000000000001-0x000000020000 : "" [ 308.654996][T10014] ftl_cs: FTL header corrupt! [ 309.050042][T10021] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 309.161346][T10021] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 309.229852][T10021] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 309.259418][T10042] FAULT_INJECTION: forcing a failure. [ 309.259418][T10042] name failslab, interval 1, probability 0, space 0, times 0 [ 309.260212][T10021] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 309.290264][T10021] page dumped because: unmovable page [ 309.291540][T10042] CPU: 1 UID: 0 PID: 10042 Comm: syz.2.818 Not tainted syzkaller #0 PREEMPT(full) [ 309.291572][T10042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 309.291587][T10042] Call Trace: [ 309.291594][T10042] [ 309.291604][T10042] dump_stack_lvl+0x100/0x190 [ 309.291651][T10042] should_fail_ex.cold+0x5/0xa [ 309.291682][T10042] should_failslab+0xc2/0x120 [ 309.291712][T10042] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 309.291750][T10042] ? do_getname+0x35/0x390 [ 309.291795][T10042] do_getname+0x35/0x390 [ 309.291834][T10042] do_mq_open+0x173/0x9c0 [ 309.291859][T10042] ? __fget_files+0x215/0x3d0 [ 309.291889][T10042] ? __pfx_do_mq_open+0x10/0x10 [ 309.291916][T10042] ? __fget_files+0x21f/0x3d0 [ 309.291947][T10042] __x64_sys_mq_open+0x152/0x1e0 [ 309.291972][T10042] ? __pfx___x64_sys_mq_open+0x10/0x10 [ 309.291995][T10042] ? fput+0x79/0x100 [ 309.292051][T10042] ? rcu_is_watching+0x12/0xc0 [ 309.292083][T10042] do_syscall_64+0x115/0x840 [ 309.292117][T10042] ? clear_bhb_loop+0x40/0x90 [ 309.292147][T10042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.292172][T10042] RIP: 0033:0x7f0029b9ce59 [ 309.292192][T10042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 309.292215][T10042] RSP: 002b:00007f002a994028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0 [ 309.292238][T10042] RAX: ffffffffffffffda RBX: 00007f0029e15fa0 RCX: 00007f0029b9ce59 [ 309.292254][T10042] RDX: 0000000000000007 RSI: 0000000000000063 RDI: 0000200000000300 [ 309.292269][T10042] RBP: 00007f002a994090 R08: 0000000000000000 R09: 0000000000000000 [ 309.292283][T10042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 309.292297][T10042] R13: 00007f0029e16038 R14: 00007f0029e15fa0 R15: 00007ffc6fc94238 [ 309.292330][T10042] [ 309.510904][T10021] page_owner info is not present (never set?) [ 311.565937][T10080] futex_wake_op: syz.1.827 tries to shift op by -2048; fix this program [ 311.603584][T10080] 0x000000000001-0x000000020000 : "" [ 311.684554][T10080] ftl_cs: FTL header corrupt! [ 313.354290][T10120] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 314.137547][T10104] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 314.144158][T10104] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 314.157945][T10104] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 314.164725][T10104] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 314.262287][ T7818] Bluetooth: hci2: command 0x0406 tx timeout [ 314.981204][T10163] futex_wake_op: syz.3.844 tries to shift op by -2048; fix this program [ 315.032292][T10163] 0x000000000001-0x000000020000 : "" [ 315.113962][T10163] ftl_cs: FTL header corrupt! [ 316.185623][ T5796] Bluetooth: hci1: command 0x0406 tx timeout [ 316.191820][ T5822] Bluetooth: hci3: command 0x0406 tx timeout [ 316.198800][ T7818] Bluetooth: hci0: command 0x0406 tx timeout [ 316.425118][T10175] capability: warning: `syz.3.847' uses 32-bit capabilities (legacy support in use) [ 316.981382][T10188] smpboot: CPU 1 is now offline [ 317.038304][ T1316] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.044693][ T1316] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.039016][T10223] futex_wake_op: syz.3.855 tries to shift op by -2048; fix this program [ 319.566091][T10218] 0x000000000001-0x000000020000 : "" [ 319.598056][T10218] ftl_cs: FTL header corrupt! [ 320.917437][ T29] audit: type=1800 audit(2147483832.490:22): pid=10255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.862" name="dbroot" dev="configfs" ino=32733 res=0 errno=0 [ 324.525223][T10329] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 325.596525][ T29] audit: type=1804 audit(2147483837.160:23): pid=10355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.886" name="/newroot/210/file0" dev="tmpfs" ino=1146 res=1 errno=0 [ 326.119613][T10370] netlink: 'syz.3.888': attribute type 3 has an invalid length. [ 326.352365][T10353] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 326.378728][T10353] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 326.398755][T10353] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 326.418709][T10353] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 326.684416][T10372] futex_wake_op: syz.0.889 tries to shift op by -2048; fix this program [ 326.733020][T10372] 0x000000000001-0x000000020000 : "" [ 326.769075][T10372] ftl_cs: FTL header corrupt! [ 326.895763][ T7818] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 327.228337][T10377] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 327.309926][T10377] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 327.376734][T10377] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 327.458847][T10377] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 327.622237][ T7818] Bluetooth: hci2: command 0x0406 tx timeout [ 327.665899][T10377] page dumped because: unmovable page [ 327.727313][T10377] page_owner info is not present (never set?) [ 328.189199][T10416] FAULT_INJECTION: forcing a failure. [ 328.189199][T10416] name failslab, interval 1, probability 0, space 0, times 0 [ 328.242412][T10416] CPU: 0 UID: 0 PID: 10416 Comm: syz.1.899 Not tainted syzkaller #0 PREEMPT(full) [ 328.242434][T10416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 328.242443][T10416] Call Trace: [ 328.242448][T10416] [ 328.242454][T10416] dump_stack_lvl+0x100/0x190 [ 328.242491][T10416] should_fail_ex.cold+0x5/0xa [ 328.242511][T10416] ? realloc_user_queue+0xe9/0x310 [ 328.242531][T10416] should_failslab+0xc2/0x120 [ 328.242550][T10416] __kmalloc_noprof+0xe0/0x850 [ 328.242577][T10416] realloc_user_queue+0xe9/0x310 [ 328.242599][T10416] ? __pfx_snd_timer_user_open+0x10/0x10 [ 328.242619][T10416] snd_timer_user_open+0xfc/0x180 [ 328.242639][T10416] snd_open+0x201/0x450 [ 328.242659][T10416] ? __pfx_snd_open+0x10/0x10 [ 328.242676][T10416] chrdev_open+0x234/0x6a0 [ 328.242693][T10416] ? __pfx_apparmor_file_open+0x10/0x10 [ 328.242710][T10416] ? __pfx_chrdev_open+0x10/0x10 [ 328.242728][T10416] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 328.242751][T10416] do_dentry_open+0x6ab/0x14d0 [ 328.242769][T10416] ? __pfx_chrdev_open+0x10/0x10 [ 328.242792][T10416] vfs_open+0x82/0x3f0 [ 328.242815][T10416] path_openat+0x208c/0x31a0 [ 328.242838][T10416] ? __pfx_path_openat+0x10/0x10 [ 328.242862][T10416] do_file_open+0x20e/0x430 [ 328.242881][T10416] ? __pfx_do_file_open+0x10/0x10 [ 328.242912][T10416] ? alloc_fd+0x476/0x790 [ 328.242931][T10416] ? do_getname+0x191/0x390 [ 328.242952][T10416] do_sys_openat2+0x10d/0x1e0 [ 328.242974][T10416] ? __pfx_do_sys_openat2+0x10/0x10 [ 328.242997][T10416] ? __fget_files+0x21f/0x3d0 [ 328.243017][T10416] __x64_sys_openat+0x12d/0x210 [ 328.243038][T10416] ? __pfx___x64_sys_openat+0x10/0x10 [ 328.243064][T10416] ? rcu_is_watching+0x12/0xc0 [ 328.243082][T10416] do_syscall_64+0x115/0x840 [ 328.243102][T10416] ? clear_bhb_loop+0x40/0x90 [ 328.243119][T10416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.243134][T10416] RIP: 0033:0x7f80f9d9ce59 [ 328.243148][T10416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 328.243162][T10416] RSP: 002b:00007f80fac92028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 328.243177][T10416] RAX: ffffffffffffffda RBX: 00007f80fa016090 RCX: 00007f80f9d9ce59 [ 328.243187][T10416] RDX: 0000000000101000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 328.243198][T10416] RBP: 00007f80f9e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 328.243206][T10416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 328.243215][T10416] R13: 00007f80fa016128 R14: 00007f80fa016090 R15: 00007ffd3c6ef888 [ 328.243235][T10416] [ 328.664566][ T7818] Bluetooth: hci0: command 0x0406 tx timeout [ 328.670621][ T7818] Bluetooth: hci1: command 0x0406 tx timeout [ 328.679102][ T7818] Bluetooth: hci3: command 0x0406 tx timeout [ 329.642151][T10443] futex_wake_op: syz.2.907 tries to shift op by -2048; fix this program [ 329.962681][T10437] 0x000000000001-0x000000020000 : "" [ 329.975492][T10445] blktrace: Concurrent blktraces are not allowed on nbd5 [ 330.046442][T10437] ftl_cs: FTL header corrupt! [ 332.645580][T10483] ima: policy update failed [ 332.681271][ T29] audit: type=1802 audit(2147483844.250:24): pid=10483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.915" res=0 errno=0 [ 334.410458][T10524] futex_wake_op: syz.1.924 tries to shift op by -2048; fix this program [ 334.441427][T10518] futex_wake_op: syz.0.925 tries to shift op by -2048; fix this program [ 334.597500][ T7818] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 334.661411][T10514] 0x000000000001-0x000000020000 : "" [ 334.746251][T10514] ftl_cs: FTL header corrupt! [ 334.955132][T10515] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 335.043046][T10515] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 335.107048][T10515] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 335.157396][T10518] 0x000000000001-0x000000020000 : "" [ 335.221467][T10518] ftl_cs: FTL header corrupt! [ 335.294932][T10515] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 335.391180][T10515] page dumped because: unmovable page [ 335.411321][T10515] page_owner info is not present (never set?) [ 336.329957][T10568] futex_wake_op: syz.0.933 tries to shift op by -2048; fix this program [ 336.613005][T10565] 0x000000000001-0x000000020000 : "" [ 336.633660][T10565] ftl_cs: FTL header corrupt! [ 337.783741][T10592] netlink: 338 bytes leftover after parsing attributes in process `syz.2.937'. [ 337.939664][T10590] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 338.390906][T10605] can: request_module (can-proto-0) failed. [ 338.535730][T10602] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 340.314449][T10653] FAULT_INJECTION: forcing a failure. [ 340.314449][T10653] name failslab, interval 1, probability 0, space 0, times 0 [ 340.372264][T10653] CPU: 0 UID: 0 PID: 10653 Comm: syz.3.951 Not tainted syzkaller #0 PREEMPT(full) [ 340.372288][T10653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 340.372298][T10653] Call Trace: [ 340.372303][T10653] [ 340.372309][T10653] dump_stack_lvl+0x100/0x190 [ 340.372340][T10653] should_fail_ex.cold+0x5/0xa [ 340.372367][T10653] should_failslab+0xc2/0x120 [ 340.372386][T10653] __kmalloc_cache_noprof+0x7a/0x6f0 [ 340.372407][T10653] ? trace_pid_list_alloc+0x9d/0x480 [ 340.372432][T10653] trace_pid_list_alloc+0x9d/0x480 [ 340.372454][T10653] trace_pid_write+0x110/0x460 [ 340.372474][T10653] ? __pfx_trace_pid_write+0x10/0x10 [ 340.372505][T10653] event_pid_write.isra.0+0x1e4/0x7d0 [ 340.372527][T10653] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 340.372553][T10653] vfs_write+0x2aa/0x1070 [ 340.372571][T10653] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 340.372593][T10653] ? __pfx_vfs_write+0x10/0x10 [ 340.372609][T10653] ? __fget_files+0x215/0x3d0 [ 340.372630][T10653] ? __fget_files+0x21f/0x3d0 [ 340.372651][T10653] ksys_write+0x12a/0x250 [ 340.372667][T10653] ? __pfx_ksys_write+0x10/0x10 [ 340.372685][T10653] ? rcu_is_watching+0x12/0xc0 [ 340.372704][T10653] do_syscall_64+0x115/0x840 [ 340.372724][T10653] ? clear_bhb_loop+0x40/0x90 [ 340.372743][T10653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.372759][T10653] RIP: 0033:0x7f4e0019ce59 [ 340.372772][T10653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 340.372785][T10653] RSP: 002b:00007f4e00fe8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 340.372801][T10653] RAX: ffffffffffffffda RBX: 00007f4e00415fa0 RCX: 00007f4e0019ce59 [ 340.372811][T10653] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 340.372819][T10653] RBP: 00007f4e00232d6f R08: 0000000000000000 R09: 0000000000000000 [ 340.372827][T10653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 340.372835][T10653] R13: 00007f4e00416038 R14: 00007f4e00415fa0 R15: 00007ffe26aa11b8 [ 340.372859][T10653] [ 340.591308][T10635] ima: policy update failed [ 340.693652][T10642] FAULT_INJECTION: forcing a failure. [ 340.693652][T10642] name failslab, interval 1, probability 0, space 0, times 0 [ 340.706508][T10642] CPU: 0 UID: 0 PID: 10642 Comm: syz.2.949 Not tainted syzkaller #0 PREEMPT(full) [ 340.706530][T10642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 340.706539][T10642] Call Trace: [ 340.706547][T10642] [ 340.706554][T10642] dump_stack_lvl+0x100/0x190 [ 340.706583][T10642] should_fail_ex.cold+0x5/0xa [ 340.706604][T10642] should_failslab+0xc2/0x120 [ 340.706621][T10642] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 340.706643][T10642] ? alloc_empty_file+0x5b/0x1c0 [ 340.706665][T10642] ? __pfx_stack_trace_save+0x10/0x10 [ 340.706686][T10642] alloc_empty_file+0x5b/0x1c0 [ 340.706707][T10642] path_openat+0xe8/0x31a0 [ 340.706724][T10642] ? kasan_save_stack+0x3f/0x50 [ 340.706737][T10642] ? kasan_save_stack+0x30/0x50 [ 340.706751][T10642] ? kasan_save_track+0x14/0x30 [ 340.706764][T10642] ? __kasan_slab_alloc+0x89/0x90 [ 340.706778][T10642] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 340.706800][T10642] ? do_getname+0x35/0x390 [ 340.706818][T10642] ? do_sys_openat2+0xc5/0x1e0 [ 340.706839][T10642] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.706857][T10642] ? __pfx_path_openat+0x10/0x10 [ 340.706881][T10642] do_file_open+0x20e/0x430 [ 340.706900][T10642] ? __pfx_do_file_open+0x10/0x10 [ 340.706931][T10642] ? alloc_fd+0x476/0x790 [ 340.706950][T10642] ? do_getname+0x191/0x390 [ 340.706971][T10642] do_sys_openat2+0x10d/0x1e0 [ 340.706993][T10642] ? __pfx_do_sys_openat2+0x10/0x10 [ 340.707021][T10642] __x64_sys_openat+0x12d/0x210 [ 340.707043][T10642] ? __pfx___x64_sys_openat+0x10/0x10 [ 340.707063][T10642] ? ksys_write+0x1ac/0x250 [ 340.707081][T10642] ? rcu_is_watching+0x12/0xc0 [ 340.707100][T10642] do_syscall_64+0x115/0x840 [ 340.707130][T10642] ? clear_bhb_loop+0x40/0x90 [ 340.707149][T10642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.707165][T10642] RIP: 0033:0x7f0029b9ce59 [ 340.707178][T10642] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 340.707192][T10642] RSP: 002b:00007f002a994028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 340.707206][T10642] RAX: ffffffffffffffda RBX: 00007f0029e15fa0 RCX: 00007f0029b9ce59 [ 340.707216][T10642] RDX: 0000000000000b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 340.707224][T10642] RBP: 00007f0029c32d6f R08: 0000000000000000 R09: 0000000000000000 [ 340.707233][T10642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 340.707242][T10642] R13: 00007f0029e16038 R14: 00007f0029e15fa0 R15: 00007ffc6fc94238 [ 340.707271][T10642] [ 341.101324][ T29] audit: type=1802 audit(2147483852.170:25): pid=10635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.946" res=0 errno=0 [ 341.222348][T10669] FAULT_INJECTION: forcing a failure. [ 341.222348][T10669] name failslab, interval 1, probability 0, space 0, times 0 [ 341.235144][T10669] CPU: 0 UID: 0 PID: 10669 Comm: syz.0.955 Not tainted syzkaller #0 PREEMPT(full) [ 341.235164][T10669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 341.235172][T10669] Call Trace: [ 341.235179][T10669] [ 341.235185][T10669] dump_stack_lvl+0x100/0x190 [ 341.235220][T10669] should_fail_ex.cold+0x5/0xa [ 341.235238][T10669] ? tomoyo_realpath_from_path+0xb6/0x690 [ 341.235257][T10669] should_failslab+0xc2/0x120 [ 341.235274][T10669] __kmalloc_noprof+0xe0/0x850 [ 341.235294][T10669] ? kfree+0x1dd/0x6c0 [ 341.235315][T10669] tomoyo_realpath_from_path+0xb6/0x690 [ 341.235339][T10669] tomoyo_path_number_perm+0x23c/0x580 [ 341.235354][T10669] ? tomoyo_path_number_perm+0x22e/0x580 [ 341.235372][T10669] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 341.235409][T10669] ? find_held_lock+0x2b/0x80 [ 341.235426][T10669] ? __fget_files+0x215/0x3d0 [ 341.235441][T10669] ? hook_file_ioctl_common+0x149/0x410 [ 341.235457][T10669] ? __fget_files+0x215/0x3d0 [ 341.235475][T10669] ? __fget_files+0x21f/0x3d0 [ 341.235494][T10669] security_file_ioctl+0xd3/0x230 [ 341.235511][T10669] __x64_sys_ioctl+0xb7/0x210 [ 341.235527][T10669] do_syscall_64+0x115/0x840 [ 341.235547][T10669] ? clear_bhb_loop+0x40/0x90 [ 341.235564][T10669] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.235578][T10669] RIP: 0033:0x7fa68b39ce59 [ 341.235591][T10669] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 341.235603][T10669] RSP: 002b:00007fa68c289028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 341.235617][T10669] RAX: ffffffffffffffda RBX: 00007fa68b615fa0 RCX: 00007fa68b39ce59 [ 341.235626][T10669] RDX: 0000000000000000 RSI: 0000000000001261 RDI: 0000000000000003 [ 341.235634][T10669] RBP: 00007fa68c289090 R08: 0000000000000000 R09: 0000000000000000 [ 341.235642][T10669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 341.235649][T10669] R13: 00007fa68b616038 R14: 00007fa68b615fa0 R15: 00007ffdfdc94e38 [ 341.235667][T10669] [ 341.235674][T10669] ERROR: Out of memory at tomoyo_realpath_from_path. [ 342.099152][T10677] serio: Serial port pty173 [ 345.324213][ T7818] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 345.846410][T10754] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 345.988877][T10754] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 346.063949][T10754] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 346.124225][T10754] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 346.176186][T10754] page dumped because: unmovable page [ 346.209519][T10754] page_owner info is not present (never set?) [ 346.727703][T10784] random: crng reseeded on system resumption [ 347.625447][T10782] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 348.555526][T10830] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 349.548596][T10849] netlink: 28 bytes leftover after parsing attributes in process `syz.2.991'. [ 349.683061][T10849] veth1_macvtap: left promiscuous mode [ 349.740962][T10849] macsec0: entered promiscuous mode [ 349.799391][T10849] macsec0: entered allmulticast mode [ 349.912701][T10838] ima: policy update failed [ 349.932397][ T29] audit: type=1802 audit(2147483861.510:26): pid=10838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.989" res=0 errno=0 [ 350.055807][T10845] NFSD: Failed to start, no listeners configured. [ 351.060917][T10869] futex_wake_op: syz.3.997 tries to shift op by -2048; fix this program [ 351.310659][T10879] netlink: 12 bytes leftover after parsing attributes in process `syz.0.998'. [ 351.483558][T10883] FAULT_INJECTION: forcing a failure. [ 351.483558][T10883] name failslab, interval 1, probability 0, space 0, times 0 [ 351.526648][T10883] CPU: 0 UID: 0 PID: 10883 Comm: syz.1.1000 Not tainted syzkaller #0 PREEMPT(full) [ 351.526671][T10883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 351.526680][T10883] Call Trace: [ 351.526686][T10883] [ 351.526692][T10883] dump_stack_lvl+0x100/0x190 [ 351.526724][T10883] should_fail_ex.cold+0x5/0xa [ 351.526744][T10883] ? lsm_blob_alloc+0x68/0x90 [ 351.526764][T10883] should_failslab+0xc2/0x120 [ 351.526783][T10883] __kmalloc_noprof+0xe0/0x850 [ 351.526809][T10883] ? trace_kmalloc+0xe3/0x110 [ 351.526829][T10883] lsm_blob_alloc+0x68/0x90 [ 351.526849][T10883] security_sk_alloc+0x2d/0x290 [ 351.526866][T10883] sk_prot_alloc+0x12a/0x2a0 [ 351.526885][T10883] sk_alloc+0x36/0xe80 [ 351.526908][T10883] pppol2tp_create+0x32/0x250 [ 351.526927][T10883] pppox_create+0x15c/0x2c0 [ 351.526950][T10883] __sock_create+0x339/0x860 [ 351.526973][T10883] __sys_socket+0x14d/0x260 [ 351.526993][T10883] ? __pfx___sys_socket+0x10/0x10 [ 351.527011][T10883] ? ksys_write+0x1ac/0x250 [ 351.527028][T10883] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 351.527052][T10883] __x64_sys_socket+0x72/0xb0 [ 351.527071][T10883] ? lockdep_hardirqs_on+0x78/0x100 [ 351.527091][T10883] do_syscall_64+0x115/0x840 [ 351.527114][T10883] ? clear_bhb_loop+0x40/0x90 [ 351.527133][T10883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.527148][T10883] RIP: 0033:0x7f80f9d9ce59 [ 351.527162][T10883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 351.527175][T10883] RSP: 002b:00007f80fac92028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 351.527190][T10883] RAX: ffffffffffffffda RBX: 00007f80fa016090 RCX: 00007f80f9d9ce59 [ 351.527199][T10883] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 351.527207][T10883] RBP: 00007f80f9e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 351.527215][T10883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 351.527223][T10883] R13: 00007f80fa016128 R14: 00007f80fa016090 R15: 00007ffd3c6ef888 [ 351.527242][T10883] [ 351.529817][T10869] 0x000000000001-0x000000020000 : "" [ 352.007796][T10869] ftl_cs: FTL header corrupt! [ 352.506890][T10893] FAULT_INJECTION: forcing a failure. [ 352.506890][T10893] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 352.574646][T10893] CPU: 0 UID: 0 PID: 10893 Comm: syz.2.1003 Not tainted syzkaller #0 PREEMPT(full) [ 352.574669][T10893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 352.574679][T10893] Call Trace: [ 352.574684][T10893] [ 352.574690][T10893] dump_stack_lvl+0x100/0x190 [ 352.574724][T10893] should_fail_ex.cold+0x5/0xa [ 352.574740][T10893] ? prepare_alloc_pages+0x16d/0x5f0 [ 352.574760][T10893] should_fail_alloc_page+0xeb/0x140 [ 352.574779][T10893] prepare_alloc_pages+0x1f0/0x5f0 [ 352.574802][T10893] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 352.574825][T10893] ? stack_trace_save+0x8e/0xc0 [ 352.574844][T10893] ? __pfx_stack_trace_save+0x10/0x10 [ 352.574862][T10893] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 352.574885][T10893] ? stack_depot_save_flags+0x27/0x9d0 [ 352.574908][T10893] ? find_held_lock+0x2b/0x80 [ 352.574925][T10893] ? is_bpf_text_address+0x8a/0x1a0 [ 352.574946][T10893] ? kasan_save_stack+0x3f/0x50 [ 352.574960][T10893] ? kasan_save_stack+0x30/0x50 [ 352.574973][T10893] ? kasan_save_track+0x14/0x30 [ 352.574986][T10893] ? __kasan_slab_alloc+0x89/0x90 [ 352.575001][T10893] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 352.575022][T10893] ? __pmd_alloc+0xbf/0x950 [ 352.575039][T10893] ? walk_to_pmd+0x3a3/0x4c0 [ 352.575056][T10893] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 352.575079][T10893] ? kcov_mmap+0xca/0x130 [ 352.575096][T10893] ? __mmap_region+0x13e1/0x2dd0 [ 352.575116][T10893] ? mmap_region+0x527/0x620 [ 352.575136][T10893] ? vm_mmap_pgoff+0x29e/0x470 [ 352.575155][T10893] ? __x64_sys_mmap+0x125/0x190 [ 352.575170][T10893] ? do_syscall_64+0x115/0x840 [ 352.575190][T10893] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.575211][T10893] ? __lock_acquire+0x4a5/0x2630 [ 352.575235][T10893] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 352.575257][T10893] ? policy_nodemask+0xed/0x4f0 [ 352.575277][T10893] alloc_pages_mpol+0x1fb/0x540 [ 352.575296][T10893] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 352.575313][T10893] ? do_raw_spin_lock+0x128/0x260 [ 352.575328][T10893] ? find_held_lock+0x2b/0x80 [ 352.575348][T10893] alloc_pages_noprof+0x1a/0x160 [ 352.575368][T10893] pte_alloc_one+0x1c/0x3d0 [ 352.575387][T10893] __pte_alloc+0x6d/0x380 [ 352.575403][T10893] ? __pfx___pte_alloc+0x10/0x10 [ 352.575420][T10893] ? walk_to_pmd+0x302/0x4c0 [ 352.575440][T10893] get_locked_pte+0xa1/0xc0 [ 352.575460][T10893] insert_page+0xcc/0x220 [ 352.575479][T10893] ? __pfx_insert_page+0x10/0x10 [ 352.575496][T10893] ? __pfx_down_read_trylock+0x10/0x10 [ 352.575516][T10893] vm_insert_page+0x2c0/0x400 [ 352.575536][T10893] kcov_mmap+0xca/0x130 [ 352.575556][T10893] __mmap_region+0x13e1/0x2dd0 [ 352.575581][T10893] ? __pfx___mmap_region+0x10/0x10 [ 352.575620][T10893] ? find_held_lock+0x2b/0x80 [ 352.575637][T10893] ? ima_match_policy+0x8c4/0x2350 [ 352.575654][T10893] ? ima_match_policy+0x8c4/0x2350 [ 352.575690][T10893] ? process_measurement+0x4c8/0x2350 [ 352.575736][T10893] mmap_region+0x527/0x620 [ 352.575751][T10893] ? __pfx_mmap_region+0x10/0x10 [ 352.575767][T10893] ? cap_mmap_addr+0x4b/0x120 [ 352.575781][T10893] ? bpf_lsm_mmap_addr+0x9/0x30 [ 352.575794][T10893] ? security_mmap_addr+0x71/0x1e0 [ 352.575813][T10893] ? __get_unmapped_area+0x255/0x3e0 [ 352.575833][T10893] do_mmap+0xc63/0x12f0 [ 352.575854][T10893] ? __pfx_do_mmap+0x10/0x10 [ 352.575882][T10893] ? __pfx_down_write_killable+0x10/0x10 [ 352.575910][T10893] vm_mmap_pgoff+0x29e/0x470 [ 352.575933][T10893] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 352.575950][T10893] ? __fget_files+0x215/0x3d0 [ 352.575970][T10893] ? __fget_files+0x21f/0x3d0 [ 352.575990][T10893] ksys_mmap_pgoff+0x3cb/0x610 [ 352.576008][T10893] ? __x64_sys_futex+0x358/0x4d0 [ 352.576023][T10893] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 352.576040][T10893] ? xfd_validate_state+0x129/0x190 [ 352.576054][T10893] ? ksys_write+0x1ac/0x250 [ 352.576074][T10893] __x64_sys_mmap+0x125/0x190 [ 352.576092][T10893] do_syscall_64+0x115/0x840 [ 352.576111][T10893] ? clear_bhb_loop+0x40/0x90 [ 352.576137][T10893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.576153][T10893] RIP: 0033:0x7f0029b9ce59 [ 352.576168][T10893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 352.576182][T10893] RSP: 002b:00007f002a994028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 352.576198][T10893] RAX: ffffffffffffffda RBX: 00007f0029e15fa0 RCX: 00007f0029b9ce59 [ 352.576208][T10893] RDX: 0000000000000007 RSI: 00000000003fffff RDI: 0000000000000000 [ 352.576216][T10893] RBP: 00007f0029c32d6f R08: 00000000000000dd R09: 0000000000000000 [ 352.576225][T10893] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 352.576234][T10893] R13: 00007f0029e16038 R14: 00007f0029e15fa0 R15: 00007ffc6fc94238 [ 352.576254][T10893] [ 353.045037][T10893] kcov: kcov: vm_insert_page() failed [ 353.705401][T10905] FAULT_INJECTION: forcing a failure. [ 353.705401][T10905] name failslab, interval 1, probability 0, space 0, times 0 [ 353.718837][T10905] CPU: 0 UID: 0 PID: 10905 Comm: syz.3.1004 Not tainted syzkaller #0 PREEMPT(full) [ 353.718860][T10905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 353.718869][T10905] Call Trace: [ 353.718877][T10905] [ 353.718884][T10905] dump_stack_lvl+0x100/0x190 [ 353.718914][T10905] should_fail_ex.cold+0x5/0xa [ 353.718934][T10905] should_failslab+0xc2/0x120 [ 353.718952][T10905] __kmalloc_cache_noprof+0x7a/0x6f0 [ 353.718973][T10905] ? madvise_collapse+0x1a6/0x760 [ 353.718993][T10905] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 353.719015][T10905] madvise_collapse+0x1a6/0x760 [ 353.719034][T10905] ? lockdep_hardirqs_on+0x78/0x100 [ 353.719056][T10905] ? __pfx_madvise_collapse+0x10/0x10 [ 353.719078][T10905] ? mtree_range_walk+0x72b/0xb70 [ 353.719100][T10905] madvise_vma_behavior+0x107c/0x2240 [ 353.719123][T10905] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 353.719154][T10905] ? find_vma_prev+0xd8/0x150 [ 353.719175][T10905] ? futex_unqueue+0x133/0x2c0 [ 353.719189][T10905] ? __pfx_find_vma_prev+0x10/0x10 [ 353.719211][T10905] ? __futex_wait+0x256/0x300 [ 353.719233][T10905] madvise_walk_vmas+0x2fe/0xa90 [ 353.719256][T10905] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 353.719282][T10905] madvise_do_behavior+0x1ea/0x510 [ 353.719303][T10905] ? __pfx_madvise_do_behavior+0x10/0x10 [ 353.719323][T10905] ? down_read+0x13b/0x450 [ 353.719346][T10905] do_madvise+0x195/0x240 [ 353.719364][T10905] ? __pfx_do_madvise+0x10/0x10 [ 353.719383][T10905] ? do_futex+0x192/0x350 [ 353.719411][T10905] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 353.719435][T10905] __x64_sys_madvise+0xa9/0x110 [ 353.719453][T10905] ? lockdep_hardirqs_on+0x78/0x100 [ 353.719473][T10905] do_syscall_64+0x115/0x840 [ 353.719492][T10905] ? clear_bhb_loop+0x40/0x90 [ 353.719510][T10905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.719525][T10905] RIP: 0033:0x7f4e0019ce59 [ 353.719540][T10905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 353.719554][T10905] RSP: 002b:00007f4e00fa6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 353.719569][T10905] RAX: ffffffffffffffda RBX: 00007f4e00416180 RCX: 00007f4e0019ce59 [ 353.719579][T10905] RDX: 0000000000000019 RSI: 0000000000200007 RDI: 0000000000000000 [ 353.719588][T10905] RBP: 00007f4e00232d6f R08: 0000000000000000 R09: 0000000000000000 [ 353.719598][T10905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 353.719607][T10905] R13: 00007f4e00416218 R14: 00007f4e00416180 R15: 00007ffe26aa11b8 [ 353.719627][T10905] [ 355.742970][T10933] futex_wake_op: syz.0.1014 tries to shift op by -2048; fix this program [ 355.794468][T10933] 0x000000000001-0x000000020000 : "" [ 355.859663][T10933] ftl_cs: FTL header corrupt! [ 356.114964][T10944] futex_wake_op: syz.1.1015 tries to shift op by -2048; fix this program [ 356.533137][T10944] 0x000000000001-0x000000020000 : "" [ 356.599989][T10944] ftl_cs: FTL header corrupt! [ 357.898434][T10984] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1025'. [ 357.979173][T10986] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 360.221199][T11050] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 360.494092][T11058] FAULT_INJECTION: forcing a failure. [ 360.494092][T11058] name failslab, interval 1, probability 0, space 0, times 0 [ 360.511234][T11058] CPU: 0 UID: 0 PID: 11058 Comm: syz.3.1040 Not tainted syzkaller #0 PREEMPT(full) [ 360.511255][T11058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 360.511264][T11058] Call Trace: [ 360.511269][T11058] [ 360.511275][T11058] dump_stack_lvl+0x100/0x190 [ 360.511304][T11058] should_fail_ex.cold+0x5/0xa [ 360.511322][T11058] ? tracepoint_add_func+0x3a8/0x1150 [ 360.511348][T11058] should_failslab+0xc2/0x120 [ 360.511365][T11058] __kmalloc_noprof+0xe0/0x850 [ 360.511389][T11058] ? __pfx_blk_add_trace_bio_backmerge+0x10/0x10 [ 360.511408][T11058] tracepoint_add_func+0x3a8/0x1150 [ 360.511427][T11058] ? __pfx_blk_add_trace_bio_backmerge+0x10/0x10 [ 360.511448][T11058] ? __pfx_blk_add_trace_bio_backmerge+0x10/0x10 [ 360.511466][T11058] tracepoint_probe_register+0xc4/0x110 [ 360.511486][T11058] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 360.511505][T11058] ? __pfx_blk_add_trace_bio_backmerge+0x10/0x10 [ 360.511524][T11058] ? relay_open+0x793/0xa00 [ 360.511543][T11058] blk_register_tracepoints+0x129/0x440 [ 360.511557][T11058] blk_trace_setup_finalize+0x320/0x3a0 [ 360.511573][T11058] blk_trace_setup+0x254/0x440 [ 360.511592][T11058] ? __pfx_blk_trace_setup+0x10/0x10 [ 360.511607][T11058] ? lockdep_hardirqs_on+0x36/0x100 [ 360.511632][T11058] ? __pfx_vsnprintf+0x10/0x10 [ 360.511660][T11058] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 360.511680][T11058] ? do_vfs_ioctl+0x226/0x13e0 [ 360.511696][T11058] blk_trace_ioctl+0x245/0x320 [ 360.511713][T11058] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 360.511732][T11058] ? find_held_lock+0x2b/0x80 [ 360.511749][T11058] ? __fget_files+0x215/0x3d0 [ 360.511764][T11058] ? hook_file_ioctl_common+0x149/0x410 [ 360.511784][T11058] blkdev_ioctl+0x17c/0x6f0 [ 360.511805][T11058] ? __pfx_blkdev_ioctl+0x10/0x10 [ 360.511828][T11058] ? __pfx_blkdev_ioctl+0x10/0x10 [ 360.511849][T11058] __x64_sys_ioctl+0x18e/0x210 [ 360.511864][T11058] do_syscall_64+0x115/0x840 [ 360.511882][T11058] ? clear_bhb_loop+0x40/0x90 [ 360.511899][T11058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.511913][T11058] RIP: 0033:0x7f4e0019ce59 [ 360.511926][T11058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 360.511939][T11058] RSP: 002b:00007f4e00fc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.511953][T11058] RAX: ffffffffffffffda RBX: 00007f4e00416090 RCX: 00007f4e0019ce59 [ 360.511962][T11058] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000005 [ 360.511970][T11058] RBP: 00007f4e00232d6f R08: 0000000000000000 R09: 0000000000000000 [ 360.511979][T11058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 360.511987][T11058] R13: 00007f4e00416128 R14: 00007f4e00416090 R15: 00007ffe26aa11b8 [ 360.512006][T11058] [ 360.517138][T11058] ------------[ cut here ]------------ [ 360.517178][T11058] ret [ 360.517187][T11058] WARNING: kernel/trace/blktrace.c:1344 at blk_register_tracepoints+0x390/0x440, CPU#0: syz.3.1040/11058 [ 360.517219][T11058] Modules linked in: [ 360.517258][T11058] CPU: 0 UID: 0 PID: 11058 Comm: syz.3.1040 Not tainted syzkaller #0 PREEMPT(full) [ 360.517275][T11058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 360.517284][T11058] RIP: 0010:blk_register_tracepoints+0x390/0x440 [ 360.517301][T11058] Code: 0f 0b 90 e9 47 fd ff ff e8 5d 99 f7 ff 90 0f 0b 90 e9 66 fd ff ff e8 4f 99 f7 ff 90 0f 0b 90 e9 85 fd ff ff e8 41 99 f7 ff 90 <0f> 0b 90 e9 a4 fd ff ff e8 33 99 f7 ff 90 0f 0b 90 e9 c3 fd ff ff [ 360.517316][T11058] RSP: 0018:ffffc9000324faf8 EFLAGS: 00010293 [ 360.517328][T11058] RAX: 0000000000000000 RBX: 00000000fffffff4 RCX: ffffffff821061c4 [ 360.517345][T11058] RDX: ffff88802a2d3e00 RSI: ffffffff8210641f RDI: ffff88802a2d3e00 [ 360.517355][T11058] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 360.517364][T11058] R10: 00000000fffffff4 R11: 0000000000000001 R12: 200000000040000d [ 360.517374][T11058] R13: ffff8880278f2540 R14: ffffc9000324fd98 R15: 0000000000000001 [ 360.517384][T11058] FS: 00007f4e00fc76c0(0000) GS:ffff88812438e000(0000) knlGS:0000000000000000 [ 360.517399][T11058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 360.517409][T11058] CR2: 00002000000b3000 CR3: 000000005988e000 CR4: 00000000003526f0 [ 360.517419][T11058] Call Trace: [ 360.517424][T11058] [ 360.517430][T11058] blk_trace_setup_finalize+0x320/0x3a0 [ 360.517448][T11058] blk_trace_setup+0x254/0x440 [ 360.517468][T11058] ? __pfx_blk_trace_setup+0x10/0x10 [ 360.517484][T11058] ? lockdep_hardirqs_on+0x36/0x100 [ 360.517509][T11058] ? __pfx_vsnprintf+0x10/0x10 [ 360.517538][T11058] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 360.517560][T11058] ? do_vfs_ioctl+0x226/0x13e0 [ 360.517577][T11058] blk_trace_ioctl+0x245/0x320 [ 360.517595][T11058] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 360.517615][T11058] ? find_held_lock+0x2b/0x80 [ 360.517633][T11058] ? __fget_files+0x215/0x3d0 [ 360.517649][T11058] ? hook_file_ioctl_common+0x149/0x410 [ 360.517670][T11058] blkdev_ioctl+0x17c/0x6f0 [ 360.517692][T11058] ? __pfx_blkdev_ioctl+0x10/0x10 [ 360.517716][T11058] ? __pfx_blkdev_ioctl+0x10/0x10 [ 360.517738][T11058] __x64_sys_ioctl+0x18e/0x210 [ 360.517754][T11058] do_syscall_64+0x115/0x840 [ 360.517774][T11058] ? clear_bhb_loop+0x40/0x90 [ 360.517792][T11058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.517806][T11058] RIP: 0033:0x7f4e0019ce59 [ 360.517820][T11058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 360.517834][T11058] RSP: 002b:00007f4e00fc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.517848][T11058] RAX: ffffffffffffffda RBX: 00007f4e00416090 RCX: 00007f4e0019ce59 [ 360.517858][T11058] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000005 [ 360.517868][T11058] RBP: 00007f4e00232d6f R08: 0000000000000000 R09: 0000000000000000 [ 360.517877][T11058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 360.517886][T11058] R13: 00007f4e00416128 R14: 00007f4e00416090 R15: 00007ffe26aa11b8 [ 360.517905][T11058] [ 360.517917][T11058] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 360.517926][T11058] CPU: 0 UID: 0 PID: 11058 Comm: syz.3.1040 Not tainted syzkaller #0 PREEMPT(full) [ 360.517942][T11058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 360.517950][T11058] Call Trace: [ 360.517955][T11058] [ 360.517960][T11058] dump_stack_lvl+0x100/0x190 [ 360.517985][T11058] vpanic+0x552/0x970 [ 360.517999][T11058] ? __pfx_vpanic+0x10/0x10 [ 360.518018][T11058] panic+0xd1/0xe0 [ 360.518031][T11058] ? __pfx_panic+0x10/0x10 [ 360.518050][T11058] ? check_panic_on_warn+0x1f/0x90 [ 360.518073][T11058] check_panic_on_warn.cold+0x19/0x34 [ 360.518089][T11058] ? blk_register_tracepoints+0x390/0x440 [ 360.518103][T11058] __warn.cold+0x191/0x328 [ 360.518119][T11058] __report_bug+0x296/0x3d0 [ 360.518136][T11058] ? blk_register_tracepoints+0x390/0x440 [ 360.518152][T11058] ? __pfx___report_bug+0x10/0x10 [ 360.518172][T11058] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 360.518194][T11058] ? __kmalloc_noprof+0x320/0x850 [ 360.518216][T11058] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 360.518238][T11058] ? blk_register_tracepoints+0x390/0x440 [ 360.518253][T11058] report_bug+0xb2/0x220 [ 360.518271][T11058] ? blk_register_tracepoints+0x390/0x440 [ 360.518285][T11058] handle_bug+0x16a/0x2a0 [ 360.518298][T11058] exc_invalid_op+0x17/0x50 [ 360.518312][T11058] asm_exc_invalid_op+0x1a/0x20 [ 360.518325][T11058] RIP: 0010:blk_register_tracepoints+0x390/0x440 [ 360.518345][T11058] Code: 0f 0b 90 e9 47 fd ff ff e8 5d 99 f7 ff 90 0f 0b 90 e9 66 fd ff ff e8 4f 99 f7 ff 90 0f 0b 90 e9 85 fd ff ff e8 41 99 f7 ff 90 <0f> 0b 90 e9 a4 fd ff ff e8 33 99 f7 ff 90 0f 0b 90 e9 c3 fd ff ff [ 360.518358][T11058] RSP: 0018:ffffc9000324faf8 EFLAGS: 00010293 [ 360.518369][T11058] RAX: 0000000000000000 RBX: 00000000fffffff4 RCX: ffffffff821061c4 [ 360.518378][T11058] RDX: ffff88802a2d3e00 RSI: ffffffff8210641f RDI: ffff88802a2d3e00 [ 360.518388][T11058] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 360.518396][T11058] R10: 00000000fffffff4 R11: 0000000000000001 R12: 200000000040000d [ 360.518407][T11058] R13: ffff8880278f2540 R14: ffffc9000324fd98 R15: 0000000000000001 [ 360.518421][T11058] ? blk_register_tracepoints+0x134/0x440 [ 360.518435][T11058] ? blk_register_tracepoints+0x38f/0x440 [ 360.518452][T11058] ? blk_register_tracepoints+0x38f/0x440 [ 360.518466][T11058] blk_trace_setup_finalize+0x320/0x3a0 [ 360.518482][T11058] blk_trace_setup+0x254/0x440 [ 360.518501][T11058] ? __pfx_blk_trace_setup+0x10/0x10 [ 360.518516][T11058] ? lockdep_hardirqs_on+0x36/0x100 [ 360.518540][T11058] ? __pfx_vsnprintf+0x10/0x10 [ 360.518572][T11058] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 360.518592][T11058] ? do_vfs_ioctl+0x226/0x13e0 [ 360.518608][T11058] blk_trace_ioctl+0x245/0x320 [ 360.518626][T11058] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 360.518645][T11058] ? find_held_lock+0x2b/0x80 [ 360.518661][T11058] ? __fget_files+0x215/0x3d0 [ 360.518676][T11058] ? hook_file_ioctl_common+0x149/0x410 [ 360.518695][T11058] blkdev_ioctl+0x17c/0x6f0 [ 360.518716][T11058] ? __pfx_blkdev_ioctl+0x10/0x10 [ 360.518739][T11058] ? __pfx_blkdev_ioctl+0x10/0x10 [ 360.518760][T11058] __x64_sys_ioctl+0x18e/0x210 [ 360.518776][T11058] do_syscall_64+0x115/0x840 [ 360.518794][T11058] ? clear_bhb_loop+0x40/0x90 [ 360.518811][T11058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.518826][T11058] RIP: 0033:0x7f4e0019ce59 [ 360.518837][T11058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 360.518850][T11058] RSP: 002b:00007f4e00fc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.518863][T11058] RAX: ffffffffffffffda RBX: 00007f4e00416090 RCX: 00007f4e0019ce59 [ 360.518872][T11058] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000005 [ 360.518881][T11058] RBP: 00007f4e00232d6f R08: 0000000000000000 R09: 0000000000000000 [ 360.518890][T11058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 360.518898][T11058] R13: 00007f4e00416128 R14: 00007f4e00416090 R15: 00007ffe26aa11b8 [ 360.518917][T11058] [ 360.518976][T11058] Kernel Offset: disabled