last executing test programs: 9.616910641s ago: executing program 1 (id=1470): r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0xf9e, 0xb, 0x80a, 0xfffffffffffffffd, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5e, 0x80000001, 0x7, 0x2, 0x90, 0x2400000001, 0x2]}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mmap$auto(0x0, 0xc, 0xbc5, 0x13, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_normal\x00', 0x10b142, 0x0) write$auto(0x3, 0x0, 0x5c8) r4 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x300, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000980), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r5, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="0165fa3ffeac0f8bce0000000000bfda418ae0bdaf054f7fbae7fff785e8"], 0x14}}, 0x40000) read$auto_tracing_entries_fops_trace(r4, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) mq_timedreceive$auto(r2, 0x0, 0x10000000000000, 0x0, 0x0) unshare$auto(0x40000080) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) preadv$auto(r3, &(0x7f00000002c0)={0x0, 0x1}, 0x9, 0x8, 0x8100000001) sendmsg$auto_BATADV_CMD_TP_METER(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYRESDEC=r0], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\a'], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r7], 0x1ac}}, 0x40000) 5.08013165s ago: executing program 3 (id=1482): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14be02, 0x0) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x14, 0x7, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffd, 0x4000000000009, 0xffffffff7ffffffc, 0x9, 0xf, 0x200000100103}) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_IOAM6_CMD_DUMP_NAMESPACES(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x408}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {}, ["", ""]}, 0x14}}, 0x48051) madvise$auto(0x0, 0xffffffffffff0001, 0x15) keyctl$auto_KEYCTL_INSTANTIATE(0xc, 0x6, 0xff, 0x4263b0e8, 0xb4) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x5000000000, 0x810004, 0x0, 0x15, 0x3, 0xc42) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmdt$auto(&(0x7f0000000000)='(\x00') openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x149942, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x8a801, 0x0) write$auto(r2, &(0x7f0000000000)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0xfffffffffffffffe, 0x400008, 0xdf, 0x800009b71, 0x2, 0x9) sysinfo$auto(&(0x7f0000000100)={0xffffffff, [0x404, 0xa, 0x100], 0x200, 0xd5, 0x0, 0x6, 0x3, 0x1, 0x7f, 0x0, 0x100000000, 0x7, 0x10000006}) process_vm_readv$auto(0x0, &(0x7f00000000c0)={0x0, 0x9}, 0x40000000001, &(0x7f0000000180)={0x0, 0x40000000001243}, 0xa, 0x0) setsockopt$auto(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x6f7250c4) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r3, 0x5425, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r4, 0x5408, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) 4.561851448s ago: executing program 1 (id=1484): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f00000000c0)={0x8, @inferred=0xffffffffffffffff, @raw=0x1, 0x2, 0x2, '\x00', {0x1, 0x6, 0x5, 0x0, 0xee00, 0x400, 0x0, 0xffff, {0xfffffffffffffffb, 0x243}, {0x6, 0x9}, {0x5, 0xef8d}, 0xd58, 0x6, 0x0, 0x48f, 0x4, 0xa2ce, 0xd, 0x9, 0x4, 0xf, '\x00', 0x0, 0x5, 0x9, 0x40}}) r3 = setfsuid$auto(0xee00) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4$auto(r4, 0x0, 0x2, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) getpeername$auto(0x3, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r6 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r7 = landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x8}, 0x9, 0x0) getsockopt$auto_SO_RCVTIMEO_OLD(r0, 0x2, 0x14, &(0x7f0000000340)='\x00', &(0x7f0000000380)=0x5) landlock_restrict_self$auto(r6, 0x8) r8 = setfsuid$auto(0xee01) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xfffffffa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_SCSI_IOCTL_START_UNIT(r0, 0x5, &(0x7f00000003c0)="5b0f680382116da7d8498dc3699bc0c2040805534f98baf51377525b808ca938d8444a629271e3b05431f296b1f4c5472b852b90da3ae65f30f376c4e8377b7ba32be9c56c7d64997ff04a28ef72e4e600c2b85fd121047735f0964b2974424b343ff219b5d6421c15e51457ff449f9380c734bac950ec") futex$auto(&(0x7f0000000080)=0xfffffffa, 0xc, 0x1, 0x0, 0x0, 0xfffffffa) setresuid$auto(r3, r8, r3) fstat$auto(r5, &(0x7f0000000480)={0x1075, 0x80, 0x1ff, 0xa54, r8, r2, 0x0, 0x5, 0x3d, 0x6, 0x8, 0x485, 0x40, 0xffffffffffffffff, 0x3, 0x9}) shmctl$auto_SHM_STAT(0x9, 0xd, &(0x7f00000002c0)={{0x2, 0xee00, 0xee00, 0xeb, 0x8, 0x8, 0xfffd}, 0x2, 0x6, 0x0, 0x5e, @raw=0x7eab, @raw=0x8b29, 0x1, 0x0, &(0x7f0000000180)="0fa2c53b4bb6b68bc6825d9ea63ac8110f7ef8b2b849a02fc2aa7147c9693e634f899c733cc3b9a6e6afdeb6cb1d9d655bd52290f99939bf8765f7cdbe9021fb06a7c7ebbeb327b55b43387ccb739d23d936bd462cca0d66d441b32d79cf0c7334fb7184effdf781df0cf309b018a5ac8665f976d1bda7815a8899e3c43e2c16bbd0d0da5b", &(0x7f0000000240)="bfaf7b71ecae9b85f82d95825ea571badeeb5e9b1d229d9cc95f023da64e7cc7170fe3d103b932e7db7e990adcf5926ad4b7a5087de7cda302eda9f5d77ead9fb1a3f5d3eafdc51b634cdc63a5"}) keyctl$auto(0x82, r1, r3, r9, 0x7fffffff) ioctl$auto_TIOCGDEV(r7, 0x80045432, &(0x7f0000000440)=0x8) fanotify_init$auto(0x65, 0x2) openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2002, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x201, 0x6, 0x74, 0x6, 0x64, 0xa, 0x7, 0x8000000008, 0x80000000009, 0x8, 0x81000003, 0x3, 0x10004, 0x9, 0x1, 0xffffffffffffffff]}, 0x0) writev$auto(0x3, &(0x7f0000000000)={0x0, 0x5}, 0x7) 4.50664166s ago: executing program 2 (id=1485): sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20044011}, 0x80) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x40, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1d\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"P\x8a\xbbY8@Z5`\xa2\x9aSVd\x1d\xac\xe8\x90e\x9d\x03tm\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7.\xbe\x01\x98\xd7l\x00\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\xf0\xd9\xc0K\x8b\xa3c\x00'/160, 0xa9) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_DEL(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000140)=ANY=[@ANYRESDEC=r1, @ANYRES16=r1, @ANYBLOB="010027bd700100dbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x40091}, 0x20000000) getgroups$auto(0x1a1, 0xfffffffffffffffd) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x20000054) mmap$auto(0xfffffffffffffffe, 0x400010, 0xdf, 0x14, 0x2, 0x8000000007ff7) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4c2080, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20004000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r2, 0x8000) madvise$auto(0x0, 0x400053, 0x9) 4.424269933s ago: executing program 0 (id=1486): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ifb0/flags\x00', 0xb02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x7b, 0x0, 0x0) (async) getsockopt$auto(r2, 0x84, 0x7b, 0x0, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x4c40, 0x0) (async) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x4c40, 0x0) read$auto(r3, 0x0, 0x1ff) (async) read$auto(r3, 0x0, 0x1ff) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x44, r5, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x1c, 0x3, 0x0, 0x1, [@nested={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0x70, 0x0, 0x0, @ipv6=@empty}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @ipv4=@remote}]}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004040}, 0xc884) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r0) (async) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003b00), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000003bc0)={&(0x7f0000003b80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="0100fdc3af1ccc001a8b0700001008000300", @ANYRES32=r7], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x180c0) 4.205313414s ago: executing program 3 (id=1487): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0xffffffffffffffff, 0x2, 0x9) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x20, r3, 0x1, 0x70bd31, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x20}}, 0x24048004) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x18, 0x0, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0) ioctl$auto_BLKPG2(r5, 0x1269, 0x0) r6 = socket(0x29, 0x5, 0x0) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), r6) 3.617722957s ago: executing program 1 (id=1488): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = getpid() close_range$auto(0x2, 0xa, 0x0) process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0x91f5}, 0x800000001, &(0x7f0000000280)={&(0x7f0000001040)="837c43558323eadb4246897524000000000000000000000000000054ad", 0x1ffffffff}, 0x6, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x2e83c2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4040ae79, r1) 3.519166933s ago: executing program 2 (id=1489): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x80a040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) close_range$auto(0x2, r0, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) setreuid$auto(0x4, 0x8) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/free_buffer\x00', 0x4c000, 0xebff) socket(0x2, 0x1, 0x0) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x4e25, @multicast2}, 0x6d) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0) read$auto(r1, 0x0, 0x7) write$auto(0xffffffffffffffff, 0x0, 0x2008000000000a9f) mmap$auto(0x400000000000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) socket(0x11, 0x80003, 0x300) sendto$auto(0x3, 0x0, 0xfdef, 0x7, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x20) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x5, 0x0, 0x8004) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), 0xffffffffffffffff) 3.406505099s ago: executing program 1 (id=1490): r0 = socket(0xb, 0x3, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) setsockopt$auto(r0, 0x1, 0x12, &(0x7f0000000400)='\'\ak\xb6\xc8\vFx\xed\xd6\xf8\x00\x10\xa4#\x92`\xdb\xafL\x0f\xfbUV\xa6KH]Cv\xbf\xf2a\v', 0xeb66) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) unshare$auto(0x40000080) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000280)=0x5) unshare$auto(0x40000080) r1 = socket(0x18, 0x800, 0x2) getpeername$auto(r1, &(0x7f0000000040)=@llc={0x1a, 0x8, 0x7, 0xc, 0x9, 0x8, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, &(0x7f0000000080)=0xa95) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0xc8, 0x8924, 0x8) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9) getsockopt$auto_SO_RCVLOWAT(r3, 0x0, 0x12, &(0x7f0000000180)='\x00', &(0x7f00000001c0)=0x19a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) unshare$auto(0x40000080) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0) sendmmsg$auto(r4, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x1a, 0x0, 0xfffffffffffffffc, 0x5}, 0x6}, 0x1, 0x401) socket(0xb, 0x5, 0x84) mmap$auto(0xfff, 0x9, 0xfffffffffffffffb, 0x200000eb0, 0x401, 0x701cf82a) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/transparent_hugepage/hugepages-2048kB/enabled\x00', 0x22b42, 0x0) read$auto_ptdump_fops_(0xffffffffffffffff, &(0x7f00000000c0)=""/32, 0x20) sendfile$auto(r5, r5, 0x0, 0x6) 3.2485876s ago: executing program 0 (id=1491): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)={0x18, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_MLO_SUPPORT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) 3.237893693s ago: executing program 3 (id=1492): mmap$auto(0x0, 0x400008, 0xdf, 0x80000009b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7ff) wait4$auto(r0, 0x0, 0x0, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) waitid$auto_P_ALL(0x0, 0x3b000, 0x0, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000100)='./file0\x00', 0x201c2, 0x10e) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x8) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file1\x00') r2 = socket(0x2, 0x1, 0x106) setsockopt$auto(r2, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) bind$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) write$auto(0x3, 0x0, 0xfffffdef) 3.231528153s ago: executing program 2 (id=1493): r0 = socket(0x10, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0xf9e, 0xb, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5e, 0x80000001, 0x7, 0x2, 0x90, 0x2400000001, 0x2]}, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x22181, 0x0) sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100040}, 0xc, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x0) close_range$auto(0x2, 0xa, 0x0) statx$auto(0xffffffffffffffff, 0x0, 0x1000, 0xfffffffb, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x10004010) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = open(0x0, 0x4e8401, 0xe) syz_open_procfs$namespace(0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x14, r4, 0x1, 0x70bd26, 0x259fdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) madvise$auto(0x0, 0x8000000000000000, 0x15) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, r2, 0x400000008000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x300, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) getsockopt$auto_SO_TXREHASH(r1, 0x0, 0x4a, &(0x7f0000000140)='/dev/tty0\x00', 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x401) ioctl$auto_BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000300)=0x9b) 1.598587847s ago: executing program 0 (id=1494): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0xffffffffffffffff, 0x2, 0x9) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x20, r1, 0x1, 0x70bd31, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x20}}, 0x24048004) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x18, r3, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) 1.579527526s ago: executing program 1 (id=1495): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd11/sched/batching\x00', 0x101480, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) (async) sysfs$auto(0x2, 0x2, 0x0) (async) lsm_list_modules$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) (async) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000140), r0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) close_range$auto(0x2, 0x8, 0x0) (async) userfaultfd$auto(0x1) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) lremovexattr$auto(&(0x7f0000000240)='}[,&*}\x00', 0x0) (async) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0x4138ae84, &(0x7f0000000140)={0x7}) (async) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, 0x0, 0x24048084) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvme_core/parameters/iopolicy\x00', 0x2400, 0x0) r4 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cec7\x00', 0x10b101, 0x0) (async) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) (async) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) ioctl$auto_CEC_S_MODE(r4, 0x40046109, &(0x7f0000002c40)=0xd0) close_range$auto(0x2, 0x8, 0x0) 1.576527655s ago: executing program 2 (id=1496): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="01002abd700007dbdf25040000f603001900"], 0x18}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) 1.574334651s ago: executing program 3 (id=1497): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_ACTIVATE_TARGET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x800, 0x70bd2c, 0xf, {}, [@NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_VENDOR_SUBCMD={0x8}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x39e1}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0x7ff}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x81}, 0x14008080) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000140), 0x6040c0, 0x0) (async) r3 = socket(0x2, 0x6, 0x6) fchdir$auto(r3) (async) r4 = signalfd4$auto(r0, &(0x7f0000000180), 0x4, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'pimreg0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(r4, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@NET_SHAPER_A_IFINDEX={0x8}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r5}, @NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8}]}, @NET_SHAPER_A_HANDLE={0x1c, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x40}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0xedef}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x9}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000090}, 0x840) (async) pwritev2$auto(r3, &(0x7f0000000380)={&(0x7f0000000340)="a61cb1ca970517d8094d48387992ef5d21ca6d8aae5c93f93542df19b6180d6dd81c3d487b5be84355eb5dff16c8b166dfd20ad427a8e138159cf8d151112a88", 0x3}, 0x100, 0x6, 0x5, 0x6) (async) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r4) sendmsg$auto_NL80211_CMD_MODIFY_LINK_STA(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, r6, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4008801) io_uring_register$auto_IORING_REGISTER_MEM_REGION(r2, 0x22, &(0x7f0000000500)="617b8c89a712af49dc0f484744a3006913c5", 0x2) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000580), r0) ioctl$auto_XFS_IOC_SWAPEXT(r4, 0xc0c0586d, &(0x7f00000005c0)={0x5, @inferred=r0, @raw=0xcbf, 0x7, 0x0, '\x00', {0x7fff, 0x6, 0x3, 0xee00, 0xffffffffffffffff, 0xb, 0x4ab, 0x0, {0x1000, 0xffff}, {0x0, 0x1}, {0x8000000000000000, 0x2}, 0x10000, 0x2, 0x7, 0x8, 0x7fffffff, 0x4, 0xff0c, 0x9, 0x3, 0xc, '\x00', 0x8, 0x9, 0x2, 0x7}}) sendmsg$auto_NL80211_CMD_NEW_KEY(r4, &(0x7f0000000900)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000680)={0x22c, r7, 0x10, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_BSS_SELECT={0x217, 0xe3, 0x0, 0x1, [@typed={0x4, 0x4a}, @typed={0x8, 0x149, 0x0, 0x0, @uid=r8}, @typed={0x14, 0x5b, 0x0, 0x0, @ipv6=@loopback}, @typed={0xb6, 0x1d, 0x0, 0x0, @binary="d15d843efc54cd7de363601d65b125ba3b3dcee53364d49803e983861f4a0313df1ad3fe18b38a99278b09e764704f8f2c9e1c2399efa163d8d2e5b5c213d6850c886d89941aaaf47579559ac57d18c8f0a370e014950311f4ad6c12ba07a96e93899c71fa9011d177493675529700dd3283075971ed7a8a9dbb51c774cee4908a2b6e41cc36c818a3a613441c74816d08d8f51e982a61ceed854e4852f249a792e3b6a28de053b6cbb63c1efaac9ede5f39"}, @generic="b09f416d8c62d847b8bc2086d4d7b293a3d761d4650af962c337447aab51597d18640674676274b9c943dbb5e04e811e1564b4b505f1da4478b783", @nested={0xfe, 0x3d, 0x0, 0x1, [@generic="e18d3c6f5ac2fb92c4134cb4c465359f19a173e1f25d662ff870ed073015fb01c98485128934cde85ddb7a97f7663effd72c3613ab8f2367664345e138b4c75eb0517ef199b8ee4b34069ece76d68b784ecbbe9e0893777634583680d142eb6f7eb562a630eb0643cd7b081ca13de1254640932b10974c00717dc310cbe022bead2a7e7bd082f687ba6874b2c6e6145e28afa3a80f029452e983fa728ba4be082c1e54840ad214c1f3c7c5c202626408d7792fe92164225a0d2752bb116a0605a76f2ff2a1285ef32f78fc47a0b60d31ab2461ae6cb466bcad16a3c42b4a62063852db1e42a59bd8abe36469f3f1", @nested={0x4, 0x2a}, @typed={0x8, 0x4, 0x0, 0x0, @fd=r2}]}]}]}, 0x22c}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000000) (async) munmap$auto(0x46b3efe0, 0x396) (async) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r9, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x74, 0x0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x56}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x2}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x7ff}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x3}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x44b}, @NETDEV_A_PAGE_POOL_ID={0xc}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x8}]}, 0x74}, 0x1, 0x0, 0x0, 0x50}, 0x20000000) (async) r10 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000ac0), r4) sendmsg$auto_IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x3c, r10, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x2}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x3}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0x2}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8, 0x24, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8080}, 0x4000) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000001ec0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x30000000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000c00)={0x1264, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0xf3}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x2}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x9}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0x6000000}, @NL802154_ATTR_SEC_KEY={0x1220, 0x30, 0x0, 0x1, [@nested={0x6, 0x8a, 0x0, 0x1, [@generic="0198"]}, @nested={0x11e5, 0x87, 0x0, 0x1, [@nested={0x4, 0x103}, @generic="eda53442cb3a302a6202bfef02dc14eb640e432f552051b184777d7bbdabd01739259efbc2c633a7186654698576cff564072a9923d6a26d64223306572be26e47ffc275307987b78d5d33e665f7b5e48833b17b465c65684f23bc2e19c145703b9a8378149532c3dde9e7d4e2d730bb47c62e8e79bbd6988ea3ce6d4bfc84734314e5261a7d52f97fc47462e61cdc5768aa48774a494d9ccf4f43cca6fbc90e3cb55ced84c3ba2319884ff3fc86904c29a0989f11de89af1bbbe61d9225032a33253a2ac6e2dd0685ccf721fb003b6e5df7a6d070ecded96f18306816707ce77a4fbfb938297f6394a6c44026611f749441bc649ad6a5664a7056f7c2fa4e39f85435540c2fdcb9ab4f3fdc7d95adea8df7612618dc950abfd89ef2e5ff03c23800a44d34d92a7f03869fe4210e6c103078d17e95f33abf227d8ed484f6c52cbfb31f950c08a5fc0d825af9a2c34cc9058137852e268352f5ab1d248bd2a66181869dcc892965d4c829a386daeabad7e327c5fdab4a2fd6077a8e3be62a10b96a11670eaa2cb78419cd14e5f19194e08da942c95ce787b6badb85ad0f9e86bb85d91e901abed2aa97fb059f093fbe34a89365cfc53b785050dc00201d0f5e278816f0f5827af43037e750d5705a43b761ed8a52c0124bfeb6bc69b1f71b160a98929b554561d8c9b248cdfca841f80fb2e2d49a946c9e8a8efc6dd27398ae50c7752636e7059357c0ed821503d6fae2343e6252e8c4537300f18ced800638ab3442f47a7f1ee660d25b7e5020ddc6aff597256e2521bc1027ec7f2d89c6375a865e620d81978bf2917e1b6a1cfe1765087b9befefc9237bf47c16674ab77e396e39c402bf5f51e654b59b1f009fbd0b70c4b6f2ecdbdbe94c45a46131ab01f3fc822287c3dff1483c5ce314b1b61f75c194ab8ae44d9a1ca74cd46c10d400dce0501e7242e39e1413eec1eaa4c5830eee365564ed802722ce532a1f614fafface2b0b7a64f7fe553a38b1e2f84ecaa6eeb7a469b0581382d406559bd2f4ce87cc4714a5cf130bcbc32a1e4fcdd3737eb4e009e59f92fea718f51573f8725034c50fd0595e4f8fb712deef695903e5d7f06015381571b5ae12a70a153a07002e086f692935c5cad93ff81388edbb7495a2da1364665df7557903c395c09cc540ffb5505e98a48551b7eb2da58ea93bcc9b43c2fde426fed662e876de646b380fba3dcfa81ecc82cfca345893fdf7a20c30d060dcde556910bef3a8811f0461f50b1412eacc175ade6fec29c5709dbb326bce00b87bfd9e13c6cb30670a76e3de28e02ab7938a49a89e014576305c9e055e17d64d99c63694c030124cbd4b2705958c03df8e5255ef4b72d904091b2693219428b6c594cd06d0c873970c090734b755c54f9668dd2c50e9eb462d67d45c300e10708c57c9c6a648d72eee538ef858d37024a4713d95a31e951fb2b6a6f8c72bdf9594d7a0df9413ff0d79b82a6eede15597b20aa2ec96627d7a6f7ebf621b93c12a3b80c38095a8a90aa303c60d273e3058c53f27aa9d47006cd6b8ac7823d34fe5ca362f144d25bea03e3df90341c179aa02777dbfc3e4fd7ab45e4e6c4e1d90b76c713f83c15721d99a35a3d64f254adffac4b53c6b3d43c85fe6b4568d3083370c882882caee19b38ca8f74290cedb824f07f03092e1354d6622dbeb59c3cf1a80b7053d24b468902eae950d3f221996aceaac8b4a5b5013ec7b5697ca4c7ef0bb693ba234f0d40baf0b0e2315431bec95b7dc0a62b3dd244d2c7ec8c963e0aa9c308484792455fb1b2d44b5ac4e8153542a6cdcb468337cf372627d2fae385da4cb930ce9cd3df66e62b07524d3a5438d932dda1745f5f75b445e1825924a06f0c58c76f2ebfe4f6e3d058ba93038913d474b86abb3f876dd16827bed3123cfebc4e73fa0b3bbf8de27ed7187f32dae3459ed42f33d8f18a32314ea6356f98f1bb8259066cdfa3782b48c56dbb746c57d374a7f7bd4df0f940fcb46b16289b13df1192f3f2fd203652427b30cde8e1bdc92d9df6df794a85cc774938553ccbfa84ddd531809bf9ab99e329628296beee60386cf727d486688d0bac6dda0fef7eb16fb6b7ef2dd6f184d7062abdc364a081648ab8e5eb645a86b3e7af116fb96ea34caa2d6931be79a300aa6a9f31a7434e5d82285bf9b8557ba33a2cc839c1a198abf2c0dc7b4f0c71a78f809328ec6b0fabadf7ec2d1471195f5d2094d896bd75b99fda28adc02016378166eeae1e16ecdf2dd5fdd322cb74399359abaa1c4e8070df2cf83e2e7ca6c0edb4e5e55c84128598a5d35d26eaf841fb59c6789c185d4398155f34a08d0ce9102cbb9eeac99bda4bcf3e34869b54117a8ea9ce1824641b7e02824df82135a1cf384e2bb4ff0649bb7773f9ba9bc119c4a865cc359510ba726052c97d2e556cab655fffecf37250da138158374f8070b81b3b9e1d75f268747279356e39c2ba70aec2780f9bca15267a8c2ba3c56cca4fe922f1343d230981299a71142eda0adcf48cd984b9dda645d840be1820a761c646a780e9b2b3923fdd7ee4fc934edc773c5e5194905c61609885ddba06b1eb1424487224930eb9cefcf53cd815220b80b1524391f22b366fcb17faf2a2e7f2b42794f947d12f3516b02b5d84d59fbf846841b0df5ef54e4c15a03ffd55a2ce93d8a86bcfa93d43442579b2c41d05ff9438842aa1654b2ae51c64beba54c2fe7b69416c0df72263496a7f133b6a7baccc0d9222e1fc992c86393209bbd9996d60a24a7b1a613d8a43c6b323879d0aa82243eb30af7b23f4e9a6394453bf6f9402e0d4e8e19875db5736f324d0529855ee638f97e5f0faaa5031c06a3ebf26771596c76d9beebd5d192967ac620607d80b0dc214af0d5ab10060a2e506e0a62333323148d41997b2d7d6643a59a213d0c448ed567f49fb109957a2055d79aefb4a414c3dd045f013195fb66cdf4eedc805d1e7bd12a5f78972a4e859876ed919aaa2111bb2354ed563c90cd67495b3926d43694c3c963eb15d72b9d3b30078d9dc4c921362780ae81f1890ff3c7efd225f26f184d6cf44eb3b30529e23ed7c632039112ad8171eeaf51dca34dec08c54655a176f82fac64039373d91debf941f0677a7ae71626d68497e675086529a77224687a6ff2cf6d6202713ea1e7feef601e8bc7758fcbecc0a38eae9c150987fc0ce8fbfb28d72b19a857b79b0346402e48831a7bc4a0c78acd28fb89b6450f5bf53b27c5ca23878d48d131238231fdc8070c9f7a9cfc7cd21532a20135c4d518883221e4c466a61c6593eab89ea22cbebffd6fadc61a26f93029d003f10341f9a0cc95bd99a6b168da57b6a224c192da138c32bea45af78b30d260c786169a60e378ba5d58feb94ada47714f72bf779e904d442fee0287e8edc67b676f1dcf0162aae36a3bed97b80a4f64b05fe5a114697a91617d58913e8206d3aa355e90d14728ca32cf35d7ea61d18bcd7b6c3408c0a435f30a22fed005494c2777e6f18775828870d66b0a98de9ae64b629212e4fcab247503c703afba9d9e7f7147f833e96036deca42793d87ee7953e945f03e9023a9db6d4e0bc2c09a8b6d43be1300076ab23a4556692a1eeec3b8224c1b197f9decced9a2c7c3f87b0aabf32db42106ba17962ddb4a1736aa77ddf72f050425d7c13b6b221c1a8b97e0efe1240013f7b97ccebd71bf2a1537ccbbf559749a6516a653a86f7744ff541dd602a14142b734d72294506bfd965f23ced1e84ace83f806fbf6d42c36b11eed0b71afccbb2c66b439cea00c1c620d1b52015ed273162687e7c93c1f2cb3701d599e3c65ff32e54bbbc0f6efbc8d089f4998c6f93bf359e3ee86bc8c147b2e39d428b492093e5468fe57f538d6fca3847c2f0584b65196b9b0f085ecfc21ee8eae3b35b7045415f8906a527ab7b4e37fdc573779fbc4fc0eb750b8f1ca192b3b655caf8b46df061cd888d2519f359ab8766784ae7a7b8252c8601bda011194f729e1c9be4081fa0ddf9d4604c934361cf1aae38dd3adce30a7621a9ceda5e4468de77f2b12ec21d2e912963bc5714333e336215349971235406f84fb8d5211c0830105b46ad68ddc70762ffcbf153178a008ff6a484f56af731e1123813038605893a700d201a4dccb629df091c99bd68cae9d6e8cb99c147b53f59a3c4633100c5642587240abe4218d7ba5f9836a12411a3017788c64a3f016b881208eedcf25603327ddb3adb73cec3f07665bec7eab949f52235783835701dedd259c770af49afe07e7603400f49d873df74c869eee93dd49207fe67676e8fb91fdbd878eb43ae708c1238f2edded27a3539ca4f8b7d191b74beb15fa26fb86a257e982c2305c590c24fd04f229336bb3b99bf7df59bbf4aebbeba66f10a6a1f5bf66d3b68d39a2177734e3acfae9db5724dc1f3830d3d7bebc3695fc40381e58fc5ffdb077a14a225ab4494c7a97d8ae197b15c9e2d01d1e3407c35cb5123ef3f43a1fdc6bcdbc21710367eddd4f6829592ba816588899ab25aac2df47ed7fb77c29aa8bb7b0aeb16545366ad1ec131faf7312ee0665cbddbd89e6ff8c9005bfa44ea14015e35b73cead6387384081b5177fb1bca10daa01aad5baa9ad101875b88449f8ef5b615b7f8a0bbc52f80dfb4033b7ca0b536c721d0ee71cca31bdb4f16769df3c2bf9dc7c06caa1376cd7b71e055cd1267b3422fb1b077db49a793c1e82d579216c649af6a05313521c335d9efa6dfef235e10f5ebab6b4e3ae2068d5a72aa61a8f72f903d0e437d9632158aaa2e6af0dc5b39ddc73429bfcb2dba6714f178495df5e1d9ec3526e841289be8e97187318fb50c49edd0612ad9671d9c0ad723eabac8f5ea02e15a2f9fc1707282b5611864f5b8fce3f330e4ff8eb56ce3e7236fdd8b4ac98467cacf2de284429bf5d8dc1d803f849777b76da55e8a171c03496f00c1a35b34b665676bc8cc4d5d6c64149144da4c3255dd7a5496303e550e00a50480d7d024fb2850c4b01aa3f535ad5a68dcaed151b9e871047924a417344c4204eabdfb2c9f208aa45d7b6375b7aabfa6c427268e1a9bbb8efeef7460bd5823159a211d6a9d2436af3a2e0980a00810ec1bf87f17923ab1530fa59f915046198f13cc86f93baab526bec18b45c45193af7d89378e9475a1fd4f41f1632319beaf4ce74c16ba1208824562e431648cf562697aa09b3bd79690bb5e1a7115948d0710874c2a2d02f46194a2b75b88dccfa9f5a4a4a469e26499af2d66efbe1e44a2966d2c4b2ec2ef72b501032ed77a209d49771e32d42bde4113725a42670d42f0bfb5eac92c4f60db204011d878a16660d2a4f3d76a71c69b4af81fff5b3320f0536bea72a133b260e73bd2e8e663993e9f43327c52ff9738b037dd4e9de1286553f2f334b867074246642be54624b2aeb2c696899c87f99af057c05d89c8f8f56e0111fcb68e2fb3aa50577f8c7778fdb5b4de79053805383695a64e103f0dd6f1d3e12fd3675a3232b3a8db1e010b504635ad757af84dc0f1fdd7f1e3c824433d45599428b7fc7f78c1225730457161e17ca8fc8e955ba026074b01890693bbbc18d4a5dc710959d6853db150f4b7eb180662f7857b3de67811fd3a05ea85c6c985d1b2e7d77896bf39d7954aaeeaafec74346064de9e0d2d2c15f4a720c8268f23534359cc7cf6ed0c6bcbc9a88d080d0993bb3a5718c7f8bc4af90c635c2f56cca7d5219a11881bcd8ad56073a826a9505fedb386333126541fca0c4631148968c79a4", @generic="9ccf2d3d3176a0eb894d88a7aec260c65cc5d803f2ea52574521e0b4cfef3e3c2674db52cb1ae5a4ddfaa3377da30e2c5f3d8b56570318c09c595d9c99165fcb542da8aebfb7a97ea75c335ab18547bd366d6caed176005f60e41624c9605acab4c65738fac936ef87a63c3643fd436fb5efd21efbf535b1b930ed74610c53495de3f87fb1999e2bfa43b3076e08dc408ff66269e077a83cbb7aeffae923a91fca7f357b18b998a035ff104762899d4c7e8b0acfaaf094e3787288aee726d60d370015d8a719c9331913fce8f2ae06d3844f77d715056af9", @typed={0x14, 0x15, 0x0, 0x0, @ipv6=@remote}, @generic="1d3fb6111c78633b0a582bd38e3a5263e83d59b7ea09308e8322972f7343cd38a9b979babc6157330fc17353ad06a6ace6e8fa1b6ba4d012cb5ee3608e09506082945e565ceb59f3eca873d005fe29eada9ca1ce4bb8c91c9f1c6b19bc919601b4cf8023cb9389eacfd202918dd23dffbed68f7fe021f96b24782cc1101da0eb8bc94dafec49f90ad030cb30d489598ccf99c6089e25f97d14bb66cbe67284110c06177dc7e25fd7b2b747da82a1760d493855b13de4abff6bca841449f12cada0155147aa6e00b93fa7fe53b79afecc748a9853d2", @nested={0x4, 0x66}, @typed={0xc, 0x40, 0x0, 0x0, @u64=0x8000000000000001}, @typed={0x4, 0x125}, @typed={0x8, 0xa6, 0x0, 0x0, @uid=r8}]}, @generic="836004d3ea02614581e2a280c5352adeedaf568430c503d57d30ee35d6277c7f24adc0dc30509e8f0d7326c3"]}, @NL802154_ATTR_SCAN_CHANNELS={0x8, 0x21, 0x31}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8}]}, 0x1264}, 0x1, 0x0, 0x0, 0x2400c000}, 0x4000040) (async) r11 = syz_clone3(&(0x7f0000002100)={0x140000000, &(0x7f0000001f00)=0xffffffffffffffff, &(0x7f0000001f40), &(0x7f0000001f80), {0x11}, &(0x7f0000001fc0)=""/176, 0xb0, &(0x7f0000002080)=""/38, &(0x7f00000020c0)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x8, {r4}}, 0x58) prctl$auto(0x989c, 0x9, r11, 0x0, 0xff) (async) getsockopt$auto_SO_NO_CHECK(r12, 0x5, 0xb, &(0x7f0000002180)='nl80211\x00', &(0x7f00000021c0)=0x1) (async) write$auto_ucma_fops_ucma(r4, &(0x7f0000002200)="07fc9f0c4bd0e799ea86825d2e29d3390e33db97e40429a269d1da978585373d6ffd19108c4fab574c9711fb0685ec217be62e50bd3aafdaa3af4762e9e21253b3b3155d0a29fcc3f67a6bc2db07f91f71c8f27b889574a409d328411cfc75c9f17527bacd5064", 0x67) (async) close_range$auto(r0, r12, 0x1) (async) mbind$auto(0x4, 0x6, 0x6, &(0x7f0000002280)=0x8, 0x6, 0x1) (async) ioctl$auto_TIOCSTI2(r4, 0x5412, &(0x7f00000022c0)="c339f60441ae043e1386881c59ebb00d8cae9d1eb38bfc303c3e54e8b1e37c2ff51d32d0942a32593ffb78c4d294a0bfc0b9110ab74b7f77c55ba0c40473a969b450cdb4a4853a51efa985a67f76e2a200938d400793f5b975a8ef401a4eef50fe72fd7a40e73189140665e167ecc22ba268b6055b1561e979cd95553a9c596f399eb47efbb20c14e1822a85c1528ab6b22451645f3ef211d65623d4f422c51363f142c18883cef5428f438c1c32d80bd4ce351ebc53c8160825e96ea5") (async) ioctl$auto_FIBMAP(r12, 0x1, 0x7) 1.260628356s ago: executing program 3 (id=1498): sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20044011}, 0x80) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x40, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1d\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"P\x8a\xbbY8@Z5`\xa2\x9aSVd\x1d\xac\xe8\x90e\x9d\x03tm\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7.\xbe\x01\x98\xd7l\x00\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\xf0\xd9\xc0K\x8b\xa3c\x00'/160, 0xa9) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_DEL(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000140)=ANY=[@ANYRESDEC=r1, @ANYRES16=r1, @ANYBLOB="010027bd700100dbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x40091}, 0x20000000) getgroups$auto(0x1a1, 0xfffffffffffffffd) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x20000054) mmap$auto(0xfffffffffffffffe, 0x400010, 0xdf, 0x14, 0x2, 0x8000000007ff7) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4c2080, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20004000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r2, 0x8000) madvise$auto(0x0, 0x400053, 0x9) 1.147424627s ago: executing program 0 (id=1499): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) socket(0x6, 0x3, 0x37) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x26, 0x5, 0x8c68) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x101e41, 0x0) ioperm$auto(0x4, 0x100000001, 0x4000005) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyr0\x00', 0x74c40, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x803, 0x8000009, 0x1, 0x399, r1, 0x100000000000008) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/cpu/power/runtime_suspended_time\x00', 0x18000, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x7, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x40146f2c, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x40146f2b, 0x0) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x50ba82, 0x0) read$auto(r5, 0x0, 0xb4d3) unshare$auto(0x40000080) setsockopt$auto(r0, 0xd0, 0x800000e4, 0x0, 0x569) 1.125466277s ago: executing program 2 (id=1500): close_range$auto(0x2, 0xffffffffffffffff, 0x0) r0 = prctl$auto_PR_SET_VMA_ANON_NAME(0x2, 0x0, 0x0, 0x4000000000000004, 0x6774) fcntl$auto_F_GETFL(r0, 0x3, 0x3) r1 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/jbd2/sda1-8/info\x00', 0x2, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000000c0)=""/10, 0xa) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x4) getsockopt$auto_SO_PASSCRED(r1, 0x6, 0x10, &(0x7f0000000000)='%\x8e. &\xf3\x00', &(0x7f0000000040)=0x2) socketcall$auto(0x4, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) mremap$auto(0x1ff000, 0xff, 0x843, 0x3, 0xfffff000) pipe$auto(0x0) prctl$auto(0x3, 0x80000000, 0x0, 0x78, 0x8) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x169e82, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, 0x0, 0x40002, 0x0) mmap$auto(0x0, 0x1ffffffffffff, 0x2, 0x3b0, 0xffffffffffffffff, 0x8000) madvise$auto(0x20000, 0x5, 0x17) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) prctl$auto(0x23, 0x200000000000009, 0x7fffffffefff, 0x0, 0x0) r4 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/cmdline\x00', 0x6d0181, 0x0) read$auto_proc_pid_cmdline_ops_base(r4, &(0x7f0000000040)=""/159, 0x9f) 739.377865ms ago: executing program 2 (id=1501): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0xffffffffffffffff, 0x2, 0x9) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x20, r3, 0x1, 0x70bd31, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x20}}, 0x24048004) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x18, 0x0, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0) ioctl$auto_BLKPG2(r5, 0x1269, 0x0) r6 = socket(0x29, 0x5, 0x0) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), r6) 604.227953ms ago: executing program 1 (id=1502): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_USBDEVFS_FORBID_SUSPEND(0xffffffffffffffff, 0x5521, 0x0) socket(0x6, 0x801, 0x88) writev$auto(0xffffffffffffffff, 0x0, 0x61b3) write$auto(0xffffffffffffffff, 0x0, 0x2) io_uring_setup$auto(0x5, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) futex_waitv$auto(&(0x7f0000000300)={0x0, 0x4, 0x2}, 0x1, 0x0, &(0x7f0000000340)={0x225c17d03, 0x800006}, 0x0) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000000), 0x10202, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000040), 0x2100, 0x0) 428.77412ms ago: executing program 0 (id=1503): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) ioctl$auto(r0, 0xc02c5625, r0) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x35d180, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r1, 0x40046f41, 0x0) io_uring_register$auto_IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000080)="af31005b3657cb6912b7c9ce6fe8a71689b5721181e7a788b9ddbe76752e0d09558a647f063c73a15a378e4ce058", 0x5) ioctl$auto_UBI_IOCDET(r1, 0x40046f41, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x20) 3.420835ms ago: executing program 0 (id=1504): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/018/001\x00', 0xc23e03, 0x0) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000100)='./cgroup\x00', 0x26e000, 0x64) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0xe0180, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socket(0x13, 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0xa, 0x73) pipe2$auto(0x0, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x51b442, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x40000000001, 0x0, 0xa, 0x0) madvise$auto(0x3f9, 0xffffffffffff0004, 0x15) munmap$auto(0x4, 0x8000) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xff, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x189082, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x42a200, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyu3\x00', 0x62902, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, 0x0) 0s ago: executing program 3 (id=1505): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="24080000788324674dc64ec4c5220a1414ccd3b900e08626064cde1760fc5bf30784bbf99a70340c4443f4cda47c8cfd3962d14456befb565162dd45ceb7", @ANYRES16], 0x24}, 0x1, 0x0, 0x0, 0x20000091}, 0x4000000) ioctl$auto_BCH_IOCTL_DISK_ONLINE(0xffffffffffffffff, 0x4010bc06, &(0x7f00000001c0)={0x3, 0x0, 0x4}) (async) ioctl$auto_BCH_IOCTL_DISK_ONLINE(0xffffffffffffffff, 0x4010bc06, &(0x7f00000001c0)={0x3, 0x0, 0x4}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) (async) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) (async) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) write$auto(r0, 0x0, 0x2) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) prctl$auto(0x3a, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\teu\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc6\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>W\xb8&\x959-\a\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?\xcf;I\xe2\xae,\x95k', 0xfc5e) (async) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\teu\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc6\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>W\xb8&\x959-\a\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?\xcf;I\xe2\xae,\x95k', 0xfc5e) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) (async) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="5dab5051a7592c46e751d6e4f9c13d778d845b86369704966b8a4c64bcc1d833cfb98dd8d4ec6b1f050af19b790d8690440d8066079ae07e1d094cbb3254f5f24b57b39a9949d84388f9243c6693", @ANYRES16=r2, @ANYBLOB="01002dbd700002dcdf2503000000040008000800018004001080"], 0x20}, 0x1, 0x0, 0x0, 0x200400f0}, 0x4805) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) (async) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) (async) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r4 = socket(0xa, 0x2, 0x88) getsockopt$auto_SO_NETNS_COOKIE(r4, 0x1, 0x47, &(0x7f0000000340)='\x00', &(0x7f0000000380)=0x8) (async) getsockopt$auto_SO_NETNS_COOKIE(r4, 0x1, 0x47, &(0x7f0000000340)='\x00', &(0x7f0000000380)=0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x16) madvise$auto(0x0, 0x8000000000000000, 0x15) (async) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x3, 0x20000000a0002001, 0x100002) close_range$auto(r1, r1, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x400201, 0x0) (async) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x400201, 0x0) r5 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r5, 0xffffffffffdffe00, &(0x7f0000000140)=';') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kernel console output (not intermixed with test programs): 0000000000 R09: 0000000000000000 [ 338.000500][T10799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 338.000509][T10799] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 338.000528][T10799] [ 339.729844][T10839] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1127'. [ 339.815268][T10839] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 339.981598][T10839] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 342.723403][T10890] FAULT_INJECTION: forcing a failure. [ 342.723403][T10890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 342.807739][T10890] CPU: 0 UID: 0 PID: 10890 Comm: syz.1.1139 Tainted: G U L syzkaller #0 PREEMPT(full) [ 342.807766][T10890] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 342.807771][T10890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 342.807780][T10890] Call Trace: [ 342.807785][T10890] [ 342.807791][T10890] dump_stack_lvl+0x100/0x190 [ 342.807817][T10890] should_fail_ex.cold+0x5/0xa [ 342.807835][T10890] _copy_from_iter+0x1f4/0x1690 [ 342.807865][T10890] ? __pfx__copy_from_iter+0x10/0x10 [ 342.807891][T10890] ? __pfx___might_resched+0x10/0x10 [ 342.807916][T10890] file_tty_write.isra.0+0x45b/0x890 [ 342.807939][T10890] redirected_tty_write+0xd4/0x120 [ 342.807956][T10890] vfs_write+0x6ac/0x1070 [ 342.807979][T10890] ? __pfx_redirected_tty_write+0x10/0x10 [ 342.807997][T10890] ? __pfx_vfs_write+0x10/0x10 [ 342.808016][T10890] ? find_held_lock+0x2b/0x80 [ 342.808041][T10890] ksys_write+0x12a/0x250 [ 342.808062][T10890] ? __pfx_ksys_write+0x10/0x10 [ 342.808088][T10890] do_syscall_64+0x106/0xf80 [ 342.808104][T10890] ? clear_bhb_loop+0x40/0x90 [ 342.808125][T10890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.808140][T10890] RIP: 0033:0x7fdedf19c799 [ 342.808152][T10890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 342.808166][T10890] RSP: 002b:00007fdedffe3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 342.808180][T10890] RAX: ffffffffffffffda RBX: 00007fdedf415fa0 RCX: 00007fdedf19c799 [ 342.808189][T10890] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 342.808197][T10890] RBP: 00007fdedffe3090 R08: 0000000000000000 R09: 0000000000000000 [ 342.808206][T10890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.808214][T10890] R13: 00007fdedf416038 R14: 00007fdedf415fa0 R15: 00007ffc0fdb8928 [ 342.808235][T10890] [ 343.350777][T10901] FAULT_INJECTION: forcing a failure. [ 343.350777][T10901] name failslab, interval 1, probability 0, space 0, times 0 [ 343.379792][T10901] CPU: 0 UID: 0 PID: 10901 Comm: syz.0.1140 Tainted: G U L syzkaller #0 PREEMPT(full) [ 343.379821][T10901] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 343.379827][T10901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 343.379836][T10901] Call Trace: [ 343.379842][T10901] [ 343.379849][T10901] dump_stack_lvl+0x100/0x190 [ 343.379877][T10901] should_fail_ex.cold+0x5/0xa [ 343.379897][T10901] should_failslab+0xc2/0x120 [ 343.379912][T10901] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 343.379934][T10901] ? kasprintf+0xc7/0x100 [ 343.379952][T10901] kvasprintf+0xbc/0x150 [ 343.379965][T10901] ? __pfx_kvasprintf+0x10/0x10 [ 343.379980][T10901] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 343.379995][T10901] ? lockdep_hardirqs_on+0x78/0x100 [ 343.380011][T10901] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 343.380029][T10901] kasprintf+0xc7/0x100 [ 343.380042][T10901] ? __pfx_kasprintf+0x10/0x10 [ 343.380064][T10901] ieee80211_alloc_led_names+0x243/0x420 [ 343.380088][T10901] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 343.380111][T10901] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 343.380141][T10901] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.380166][T10901] ? __nla_validate_parse+0x1e7/0x28b0 [ 343.380184][T10901] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 343.380209][T10901] hwsim_new_radio_nl+0xc1f/0x1340 [ 343.380230][T10901] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 343.380264][T10901] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 343.380286][T10901] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 343.380311][T10901] genl_family_rcv_msg_doit+0x214/0x300 [ 343.380335][T10901] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 343.380356][T10901] ? genl_get_cmd+0x3ef/0x720 [ 343.380379][T10901] ? bpf_lsm_capable+0x9/0x10 [ 343.380393][T10901] ? security_capable+0x80/0x260 [ 343.380412][T10901] ? ns_capable+0xd2/0xf0 [ 343.380428][T10901] genl_rcv_msg+0x560/0x800 [ 343.380450][T10901] ? __pfx_genl_rcv_msg+0x10/0x10 [ 343.380471][T10901] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 343.380497][T10901] netlink_rcv_skb+0x159/0x420 [ 343.380515][T10901] ? __pfx_genl_rcv_msg+0x10/0x10 [ 343.380536][T10901] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 343.380562][T10901] ? netlink_deliver_tap+0x1ae/0xcc0 [ 343.380581][T10901] genl_rcv+0x28/0x40 [ 343.380599][T10901] netlink_unicast+0x5aa/0x870 [ 343.380620][T10901] ? __pfx_netlink_unicast+0x10/0x10 [ 343.380645][T10901] netlink_sendmsg+0x8b0/0xda0 [ 343.380666][T10901] ? __pfx_netlink_sendmsg+0x10/0x10 [ 343.380683][T10901] ? __import_iovec+0x1d2/0x640 [ 343.380708][T10901] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 343.380730][T10901] ____sys_sendmsg+0xa54/0xc30 [ 343.380753][T10901] ? __pfx_____sys_sendmsg+0x10/0x10 [ 343.380776][T10901] ? try_to_wake_up+0x644/0x1a80 [ 343.380795][T10901] ___sys_sendmsg+0x190/0x1e0 [ 343.380817][T10901] ? __pfx____sys_sendmsg+0x10/0x10 [ 343.380838][T10901] ? futex_private_hash_put+0x107/0x1c0 [ 343.380878][T10901] __sys_sendmsg+0x170/0x220 [ 343.380895][T10901] ? __pfx___sys_sendmsg+0x10/0x10 [ 343.380911][T10901] ? __x64_sys_futex+0x34f/0x4d0 [ 343.380941][T10901] do_syscall_64+0x106/0xf80 [ 343.380957][T10901] ? clear_bhb_loop+0x40/0x90 [ 343.380976][T10901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.380991][T10901] RIP: 0033:0x7f7ad9f9c799 [ 343.381005][T10901] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 343.381020][T10901] RSP: 002b:00007f7adae9c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 343.381035][T10901] RAX: ffffffffffffffda RBX: 00007f7ada215fa0 RCX: 00007f7ad9f9c799 [ 343.381045][T10901] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 343.381055][T10901] RBP: 00007f7ada032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 343.381064][T10901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 343.381072][T10901] R13: 00007f7ada216038 R14: 00007f7ada215fa0 R15: 00007ffdf7df6a58 [ 343.381093][T10901] [ 343.817251][T10904] kvm: kvm [10899]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc1) = 0x2 [ 344.826819][T10915] FAULT_INJECTION: forcing a failure. [ 344.826819][T10915] name failslab, interval 1, probability 0, space 0, times 0 [ 344.916657][T10917] futex_wake_op: syz.3.1148 tries to shift op by -2048; fix this program [ 344.943524][T10915] CPU: 0 UID: 0 PID: 10915 Comm: syz.3.1148 Tainted: G U L syzkaller #0 PREEMPT(full) [ 344.943562][T10915] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 344.943568][T10915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 344.943577][T10915] Call Trace: [ 344.943583][T10915] [ 344.943589][T10915] dump_stack_lvl+0x100/0x190 [ 344.943617][T10915] should_fail_ex.cold+0x5/0xa [ 344.943636][T10915] should_failslab+0xc2/0x120 [ 344.943650][T10915] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 344.943673][T10915] ? kstrdup_const+0x63/0x80 [ 344.943700][T10915] kstrdup+0x51/0xe0 [ 344.943722][T10915] kstrdup_const+0x63/0x80 [ 344.943743][T10915] __kernfs_new_node+0x9b/0x960 [ 344.943765][T10915] ? __pfx___kernfs_new_node+0x10/0x10 [ 344.943789][T10915] ? find_held_lock+0x2b/0x80 [ 344.943804][T10915] ? kernfs_root+0xee/0x2a0 [ 344.943822][T10915] ? kernfs_root+0xee/0x2a0 [ 344.943845][T10915] kernfs_new_node+0x11b/0x1a0 [ 344.943870][T10915] kernfs_create_link+0xcc/0x240 [ 344.943887][T10915] sysfs_do_create_link_sd+0x90/0x140 [ 344.943908][T10915] sysfs_create_link+0x61/0xc0 [ 344.943926][T10915] device_add+0x675/0x1950 [ 344.943950][T10915] ? kfree_const+0x5a/0x70 [ 344.943970][T10915] ? __pfx_device_add+0x10/0x10 [ 344.943991][T10915] ? kfree_const+0x5a/0x70 [ 344.944011][T10915] ? kfree+0x2ec/0x6b0 [ 344.944034][T10915] device_create_groups_vargs+0x1f8/0x270 [ 344.944060][T10915] device_create+0xed/0x130 [ 344.944083][T10915] ? __pfx_device_create+0x10/0x10 [ 344.944110][T10915] ? lockdep_init_map_type+0x5c/0x250 [ 344.944130][T10915] ? timer_init_key+0x150/0x340 [ 344.944150][T10915] ? ieee80211_roc_setup+0x136/0x270 [ 344.944166][T10915] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 344.944188][T10915] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 344.944217][T10915] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.944250][T10915] ? __nla_validate_parse+0x1e7/0x28b0 [ 344.944269][T10915] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 344.944295][T10915] hwsim_new_radio_nl+0xc1f/0x1340 [ 344.944316][T10915] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 344.944342][T10915] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 344.944363][T10915] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 344.944389][T10915] genl_family_rcv_msg_doit+0x214/0x300 [ 344.944411][T10915] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 344.944432][T10915] ? genl_get_cmd+0x3ef/0x720 [ 344.944457][T10915] ? bpf_lsm_capable+0x9/0x10 [ 344.944471][T10915] ? security_capable+0x80/0x260 [ 344.944491][T10915] ? ns_capable+0xd2/0xf0 [ 344.944506][T10915] genl_rcv_msg+0x560/0x800 [ 344.944532][T10915] ? __pfx_genl_rcv_msg+0x10/0x10 [ 344.944553][T10915] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 344.944579][T10915] netlink_rcv_skb+0x159/0x420 [ 344.944597][T10915] ? __pfx_genl_rcv_msg+0x10/0x10 [ 344.944618][T10915] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 344.944644][T10915] ? netlink_deliver_tap+0x1ae/0xcc0 [ 344.944665][T10915] genl_rcv+0x28/0x40 [ 344.944685][T10915] netlink_unicast+0x5aa/0x870 [ 344.944706][T10915] ? __pfx_netlink_unicast+0x10/0x10 [ 344.944731][T10915] netlink_sendmsg+0x8b0/0xda0 [ 344.944753][T10915] ? __pfx_netlink_sendmsg+0x10/0x10 [ 344.944770][T10915] ? __import_iovec+0x1d2/0x640 [ 344.944794][T10915] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 344.944816][T10915] ____sys_sendmsg+0xa54/0xc30 [ 344.944840][T10915] ? __pfx_____sys_sendmsg+0x10/0x10 [ 344.944863][T10915] ? try_to_wake_up+0x644/0x1a80 [ 344.944881][T10915] ___sys_sendmsg+0x190/0x1e0 [ 344.944903][T10915] ? __pfx____sys_sendmsg+0x10/0x10 [ 344.944925][T10915] ? futex_private_hash_put+0x107/0x1c0 [ 344.944965][T10915] __sys_sendmsg+0x170/0x220 [ 344.944982][T10915] ? __pfx___sys_sendmsg+0x10/0x10 [ 344.944998][T10915] ? __x64_sys_futex+0x34f/0x4d0 [ 344.945028][T10915] do_syscall_64+0x106/0xf80 [ 344.945044][T10915] ? clear_bhb_loop+0x40/0x90 [ 344.945062][T10915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.945077][T10915] RIP: 0033:0x7ff7a379c799 [ 344.945092][T10915] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 344.945112][T10915] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 344.945128][T10915] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 344.945139][T10915] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 344.945148][T10915] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 344.945157][T10915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 344.945166][T10915] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 344.945187][T10915] [ 345.422237][T10917] 0x3030363000000001-0x30303630000a3031 : "" [ 345.428304][T10917] mtd: partition "" is out of reach -- disabled [ 345.564089][T10917] ftl_cs: FTL header not found. [ 345.896934][T10923] futex_wake_op: syz.1.1150 tries to shift op by -2048; fix this program [ 345.996924][T10928] 0x000000000001-0x000000020000 : "" [ 346.084260][T10928] ftl_cs: FTL header corrupt! [ 348.381078][T10964] FAULT_INJECTION: forcing a failure. [ 348.381078][T10964] name failslab, interval 1, probability 0, space 0, times 0 [ 348.381107][T10964] CPU: 0 UID: 0 PID: 10964 Comm: syz.0.1159 Tainted: G U L syzkaller #0 PREEMPT(full) [ 348.381129][T10964] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 348.381134][T10964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 348.381144][T10964] Call Trace: [ 348.381149][T10964] [ 348.381154][T10964] dump_stack_lvl+0x100/0x190 [ 348.381181][T10964] should_fail_ex.cold+0x5/0xa [ 348.381200][T10964] should_failslab+0xc2/0x120 [ 348.381215][T10964] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 348.381238][T10964] ? kasprintf+0xc7/0x100 [ 348.381256][T10964] kvasprintf+0xbc/0x150 [ 348.381269][T10964] ? __pfx_kvasprintf+0x10/0x10 [ 348.381283][T10964] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 348.381299][T10964] ? lockdep_hardirqs_on+0x78/0x100 [ 348.381317][T10964] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 348.381335][T10964] kasprintf+0xc7/0x100 [ 348.381348][T10964] ? __pfx_kasprintf+0x10/0x10 [ 348.381371][T10964] ieee80211_alloc_led_names+0x1b0/0x420 [ 348.381393][T10964] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 348.381416][T10964] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 348.381444][T10964] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.381468][T10964] ? __nla_validate_parse+0x1e7/0x28b0 [ 348.381486][T10964] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 348.381512][T10964] hwsim_new_radio_nl+0xc1f/0x1340 [ 348.381533][T10964] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 348.381557][T10964] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 348.381580][T10964] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 348.381606][T10964] genl_family_rcv_msg_doit+0x214/0x300 [ 348.381628][T10964] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 348.381648][T10964] ? genl_get_cmd+0x3ef/0x720 [ 348.381673][T10964] ? bpf_lsm_capable+0x9/0x10 [ 348.381688][T10964] ? security_capable+0x80/0x260 [ 348.381708][T10964] ? ns_capable+0xd2/0xf0 [ 348.381724][T10964] genl_rcv_msg+0x560/0x800 [ 348.381747][T10964] ? __pfx_genl_rcv_msg+0x10/0x10 [ 348.381768][T10964] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 348.381794][T10964] netlink_rcv_skb+0x159/0x420 [ 348.381812][T10964] ? __pfx_genl_rcv_msg+0x10/0x10 [ 348.381846][T10964] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 348.381875][T10964] ? netlink_deliver_tap+0x1ae/0xcc0 [ 348.381896][T10964] genl_rcv+0x28/0x40 [ 348.381914][T10964] netlink_unicast+0x5aa/0x870 [ 348.381934][T10964] ? __pfx_netlink_unicast+0x10/0x10 [ 348.381960][T10964] netlink_sendmsg+0x8b0/0xda0 [ 348.381982][T10964] ? __pfx_netlink_sendmsg+0x10/0x10 [ 348.381999][T10964] ? __import_iovec+0x1d2/0x640 [ 348.382024][T10964] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 348.382046][T10964] ____sys_sendmsg+0xa54/0xc30 [ 348.382068][T10964] ? __pfx_____sys_sendmsg+0x10/0x10 [ 348.382092][T10964] ? __pfx_futex_wake_mark+0x10/0x10 [ 348.382117][T10964] ___sys_sendmsg+0x190/0x1e0 [ 348.382140][T10964] ? __pfx____sys_sendmsg+0x10/0x10 [ 348.382185][T10964] __sys_sendmsg+0x170/0x220 [ 348.382202][T10964] ? __pfx___sys_sendmsg+0x10/0x10 [ 348.382218][T10964] ? __x64_sys_futex+0x34f/0x4d0 [ 348.382248][T10964] do_syscall_64+0x106/0xf80 [ 348.382264][T10964] ? clear_bhb_loop+0x40/0x90 [ 348.382282][T10964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.382298][T10964] RIP: 0033:0x7f7ad9f9c799 [ 348.382312][T10964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 348.382326][T10964] RSP: 002b:00007f7adae9c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 348.382341][T10964] RAX: ffffffffffffffda RBX: 00007f7ada215fa0 RCX: 00007f7ad9f9c799 [ 348.382351][T10964] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 348.382361][T10964] RBP: 00007f7ada032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 348.382370][T10964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 348.382378][T10964] R13: 00007f7ada216038 R14: 00007f7ada215fa0 R15: 00007ffdf7df6a58 [ 348.382398][T10964] [ 348.768811][T10975] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1162'. [ 352.181674][T11032] FAULT_INJECTION: forcing a failure. [ 352.181674][T11032] name failslab, interval 1, probability 0, space 0, times 0 [ 352.235856][T11034] futex_wake_op: syz.3.1175 tries to shift op by -2048; fix this program [ 352.276577][T11032] CPU: 0 UID: 0 PID: 11032 Comm: syz.3.1175 Tainted: G U L syzkaller #0 PREEMPT(full) [ 352.276607][T11032] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 352.276613][T11032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 352.276623][T11032] Call Trace: [ 352.276628][T11032] [ 352.276634][T11032] dump_stack_lvl+0x100/0x190 [ 352.276663][T11032] should_fail_ex.cold+0x5/0xa [ 352.276682][T11032] should_failslab+0xc2/0x120 [ 352.276697][T11032] __kvmalloc_node_noprof+0xfa/0xa00 [ 352.276719][T11032] ? bucket_table_alloc.isra.0+0x88/0x460 [ 352.276744][T11032] bucket_table_alloc.isra.0+0x88/0x460 [ 352.276766][T11032] rhashtable_init_noprof+0x43b/0x7d0 [ 352.276785][T11032] ? __init_waitqueue_head+0xca/0x150 [ 352.276810][T11032] rhltable_init_noprof+0x20/0x60 [ 352.276831][T11032] sta_info_init+0x5f/0x160 [ 352.276847][T11032] ieee80211_alloc_hw_nm+0x836/0x22a0 [ 352.276866][T11032] ? __local_bh_enable_ip+0x9e/0x120 [ 352.276884][T11032] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 352.276913][T11032] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 352.276939][T11032] ? __nla_validate_parse+0x1e7/0x28b0 [ 352.276957][T11032] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 352.276982][T11032] hwsim_new_radio_nl+0xc1f/0x1340 [ 352.277003][T11032] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 352.277028][T11032] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 352.277050][T11032] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 352.277078][T11032] genl_family_rcv_msg_doit+0x214/0x300 [ 352.277100][T11032] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 352.277120][T11032] ? genl_get_cmd+0x3ef/0x720 [ 352.277144][T11032] ? bpf_lsm_capable+0x9/0x10 [ 352.277159][T11032] ? security_capable+0x80/0x260 [ 352.277179][T11032] ? ns_capable+0xd2/0xf0 [ 352.277194][T11032] genl_rcv_msg+0x560/0x800 [ 352.277217][T11032] ? __pfx_genl_rcv_msg+0x10/0x10 [ 352.277238][T11032] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 352.277263][T11032] netlink_rcv_skb+0x159/0x420 [ 352.277281][T11032] ? __pfx_genl_rcv_msg+0x10/0x10 [ 352.277302][T11032] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 352.277328][T11032] ? netlink_deliver_tap+0x1ae/0xcc0 [ 352.277348][T11032] genl_rcv+0x28/0x40 [ 352.277365][T11032] netlink_unicast+0x5aa/0x870 [ 352.277386][T11032] ? __pfx_netlink_unicast+0x10/0x10 [ 352.277411][T11032] netlink_sendmsg+0x8b0/0xda0 [ 352.277441][T11032] ? __pfx_netlink_sendmsg+0x10/0x10 [ 352.277459][T11032] ? __import_iovec+0x1d2/0x640 [ 352.277485][T11032] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 352.277510][T11032] ____sys_sendmsg+0xa54/0xc30 [ 352.277534][T11032] ? __pfx_____sys_sendmsg+0x10/0x10 [ 352.277557][T11032] ? try_to_wake_up+0x644/0x1a80 [ 352.277576][T11032] ___sys_sendmsg+0x190/0x1e0 [ 352.277598][T11032] ? __pfx____sys_sendmsg+0x10/0x10 [ 352.277619][T11032] ? futex_private_hash_put+0x107/0x1c0 [ 352.277658][T11032] __sys_sendmsg+0x170/0x220 [ 352.277675][T11032] ? __pfx___sys_sendmsg+0x10/0x10 [ 352.277691][T11032] ? __x64_sys_futex+0x34f/0x4d0 [ 352.277721][T11032] do_syscall_64+0x106/0xf80 [ 352.277737][T11032] ? clear_bhb_loop+0x40/0x90 [ 352.277755][T11032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.277772][T11032] RIP: 0033:0x7ff7a379c799 [ 352.277786][T11032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 352.277801][T11032] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 352.277816][T11032] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 352.277826][T11032] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 352.277836][T11032] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 352.277845][T11032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 352.277854][T11032] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 352.277875][T11032] [ 352.695032][T11032] 0x3030363000000001-0x30303630000a3031 : "" [ 352.701090][T11032] mtd: partition "" is out of reach -- disabled [ 352.716851][T11037] FAULT_INJECTION: forcing a failure. [ 352.716851][T11037] name failslab, interval 1, probability 0, space 0, times 0 [ 352.729616][T11037] CPU: 0 UID: 0 PID: 11037 Comm: syz.0.1176 Tainted: G U L syzkaller #0 PREEMPT(full) [ 352.729645][T11037] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 352.729651][T11037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 352.729661][T11037] Call Trace: [ 352.729667][T11037] [ 352.729680][T11037] dump_stack_lvl+0x100/0x190 [ 352.729708][T11037] should_fail_ex.cold+0x5/0xa [ 352.729727][T11037] should_failslab+0xc2/0x120 [ 352.729741][T11037] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 352.729764][T11037] ? kasprintf+0xc7/0x100 [ 352.729783][T11037] kvasprintf+0xbc/0x150 [ 352.729797][T11037] ? __pfx_kvasprintf+0x10/0x10 [ 352.729812][T11037] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 352.729828][T11037] ? lockdep_hardirqs_on+0x78/0x100 [ 352.729844][T11037] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 352.729862][T11037] kasprintf+0xc7/0x100 [ 352.729874][T11037] ? __pfx_kasprintf+0x10/0x10 [ 352.729897][T11037] ieee80211_alloc_led_names+0x86/0x420 [ 352.729920][T11037] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 352.729943][T11037] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 352.729971][T11037] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 352.729996][T11037] ? __nla_validate_parse+0x1e7/0x28b0 [ 352.730015][T11037] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 352.730041][T11037] hwsim_new_radio_nl+0xc1f/0x1340 [ 352.730062][T11037] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 352.730087][T11037] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 352.730110][T11037] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 352.730134][T11037] genl_family_rcv_msg_doit+0x214/0x300 [ 352.730157][T11037] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 352.730178][T11037] ? genl_get_cmd+0x3ef/0x720 [ 352.730202][T11037] ? bpf_lsm_capable+0x9/0x10 [ 352.730216][T11037] ? security_capable+0x80/0x260 [ 352.730236][T11037] ? ns_capable+0xd2/0xf0 [ 352.730251][T11037] genl_rcv_msg+0x560/0x800 [ 352.730274][T11037] ? __pfx_genl_rcv_msg+0x10/0x10 [ 352.730294][T11037] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 352.730320][T11037] netlink_rcv_skb+0x159/0x420 [ 352.730338][T11037] ? __pfx_genl_rcv_msg+0x10/0x10 [ 352.730368][T11037] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 352.730395][T11037] ? netlink_deliver_tap+0x1ae/0xcc0 [ 352.730415][T11037] genl_rcv+0x28/0x40 [ 352.730434][T11037] netlink_unicast+0x5aa/0x870 [ 352.730455][T11037] ? __pfx_netlink_unicast+0x10/0x10 [ 352.730482][T11037] netlink_sendmsg+0x8b0/0xda0 [ 352.730505][T11037] ? __pfx_netlink_sendmsg+0x10/0x10 [ 352.730522][T11037] ? __import_iovec+0x1d2/0x640 [ 352.730547][T11037] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 352.730569][T11037] ____sys_sendmsg+0xa54/0xc30 [ 352.730592][T11037] ? __pfx_____sys_sendmsg+0x10/0x10 [ 352.730616][T11037] ? __pfx_futex_wake_mark+0x10/0x10 [ 352.730641][T11037] ___sys_sendmsg+0x190/0x1e0 [ 352.730664][T11037] ? __pfx____sys_sendmsg+0x10/0x10 [ 352.730709][T11037] __sys_sendmsg+0x170/0x220 [ 352.730726][T11037] ? __pfx___sys_sendmsg+0x10/0x10 [ 352.730742][T11037] ? __x64_sys_futex+0x34f/0x4d0 [ 352.730772][T11037] do_syscall_64+0x106/0xf80 [ 352.730788][T11037] ? clear_bhb_loop+0x40/0x90 [ 352.730806][T11037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.730821][T11037] RIP: 0033:0x7f7ad9f9c799 [ 352.730836][T11037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 352.730851][T11037] RSP: 002b:00007f7adae9c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 352.730865][T11037] RAX: ffffffffffffffda RBX: 00007f7ada215fa0 RCX: 00007f7ad9f9c799 [ 352.730876][T11037] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 352.730886][T11037] RBP: 00007f7ada032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 352.730895][T11037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 352.730904][T11037] R13: 00007f7ada216038 R14: 00007f7ada215fa0 R15: 00007ffdf7df6a58 [ 352.730924][T11037] [ 353.209028][T11032] ftl_cs: FTL header not found. [ 353.589401][T11045] vivid-007: ================= START STATUS ================= [ 353.635782][T11045] vivid-007: Generate PTS: true [ 353.656998][T11045] vivid-007: Generate SCR: true [ 353.672683][T11045] tpg source WxH: 320x240 (Y'CbCr) [ 353.702100][T11045] tpg field: 1 [ 353.705516][T11045] tpg crop: (0,0)/320x240 [ 353.764538][T11045] tpg compose: (0,0)/320x240 [ 353.788206][T11045] tpg colorspace: 8 [ 353.792148][T11045] tpg transfer function: 0/0 [ 353.815699][T11045] tpg Y'CbCr encoding: 0/0 [ 353.820294][T11045] tpg quantization: 0/0 [ 353.824438][T11045] tpg RGB range: 0/2 [ 353.858946][T11045] vivid-007: ================== END STATUS ================== [ 355.134800][T11067] futex_wake_op: syz.1.1182 tries to shift op by -2048; fix this program [ 359.638806][T11148] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1203'. [ 360.108294][T11158] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 360.108792][T11158] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 360.108889][T11158] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 360.108979][T11158] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 361.168480][T11188] FAULT_INJECTION: forcing a failure. [ 361.168480][T11188] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 361.238597][T11188] CPU: 0 UID: 0 PID: 11188 Comm: syz.1.1213 Tainted: G U L syzkaller #0 PREEMPT(full) [ 361.238627][T11188] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 361.238634][T11188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 361.238643][T11188] Call Trace: [ 361.238649][T11188] [ 361.238655][T11188] dump_stack_lvl+0x100/0x190 [ 361.238682][T11188] should_fail_ex.cold+0x5/0xa [ 361.238698][T11188] ? prepare_alloc_pages+0x16d/0x5f0 [ 361.238716][T11188] should_fail_alloc_page+0xeb/0x140 [ 361.238731][T11188] prepare_alloc_pages+0x1f0/0x5f0 [ 361.238750][T11188] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 361.238773][T11188] ? __pfx_stack_trace_save+0x10/0x10 [ 361.238790][T11188] ? stack_depot_save_flags+0x27/0x9d0 [ 361.238813][T11188] ? kasan_save_stack+0x3f/0x50 [ 361.238833][T11188] ? kasan_save_stack+0x30/0x50 [ 361.238852][T11188] ? kasan_save_track+0x14/0x30 [ 361.238871][T11188] ? __kasan_slab_alloc+0x89/0x90 [ 361.238894][T11188] ? kasan_save_stack+0x3f/0x50 [ 361.238916][T11188] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 361.238940][T11188] ? __lock_acquire+0x4a5/0x2630 [ 361.238957][T11188] ? look_up_lock_class+0x55/0x120 [ 361.238978][T11188] ? lock_acquire+0x1cf/0x380 [ 361.238996][T11188] ? find_held_lock+0x2b/0x80 [ 361.239009][T11188] ? page_table_check_set+0x49a/0xa10 [ 361.239031][T11188] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 361.239057][T11188] ? policy_nodemask+0xed/0x4f0 [ 361.239074][T11188] alloc_pages_mpol+0x1fb/0x550 [ 361.239089][T11188] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 361.239109][T11188] folio_alloc_mpol_noprof+0x36/0x340 [ 361.239127][T11188] vma_alloc_folio_noprof+0xed/0x1d0 [ 361.239144][T11188] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 361.239166][T11188] do_anonymous_page+0xb3a/0x1fb0 [ 361.239192][T11188] __handle_mm_fault+0x1d42/0x2b60 [ 361.239215][T11188] ? __pfx___handle_mm_fault+0x10/0x10 [ 361.239234][T11188] ? pte_offset_map_lock+0x174/0x320 [ 361.239257][T11188] ? find_held_lock+0x2b/0x80 [ 361.239277][T11188] ? follow_page_pte+0x5b3/0x1400 [ 361.239296][T11188] handle_mm_fault+0x36d/0xa20 [ 361.239318][T11188] __get_user_pages+0xf9c/0x34d0 [ 361.239341][T11188] ? __pfx___get_user_pages+0x10/0x10 [ 361.239361][T11188] populate_vma_page_range+0x267/0x3f0 [ 361.239379][T11188] ? __pfx_populate_vma_page_range+0x10/0x10 [ 361.239395][T11188] ? __pfx_find_vma_intersection+0x10/0x10 [ 361.239419][T11188] ? do_mmap+0x93f/0x12f0 [ 361.239436][T11188] __mm_populate+0x107/0x3a0 [ 361.239452][T11188] ? __pfx___mm_populate+0x10/0x10 [ 361.239470][T11188] ? up_write+0x290/0x4f0 [ 361.239492][T11188] vm_mmap_pgoff+0x37f/0x470 [ 361.239517][T11188] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 361.239535][T11188] ? do_futex+0x192/0x350 [ 361.239555][T11188] ? __pfx_do_futex+0x10/0x10 [ 361.239573][T11188] ? __pfx_do_sys_openat2+0x10/0x10 [ 361.239595][T11188] ksys_mmap_pgoff+0xe1/0x650 [ 361.239610][T11188] ? __x64_sys_futex+0x34f/0x4d0 [ 361.239628][T11188] ? __x64_sys_futex+0x358/0x4d0 [ 361.239646][T11188] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 361.239661][T11188] ? xfd_validate_state+0x129/0x190 [ 361.239685][T11188] __x64_sys_mmap+0x125/0x190 [ 361.239708][T11188] do_syscall_64+0x106/0xf80 [ 361.239725][T11188] ? clear_bhb_loop+0x40/0x90 [ 361.239742][T11188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.239757][T11188] RIP: 0033:0x7fdedf19c799 [ 361.239771][T11188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 361.239786][T11188] RSP: 002b:00007fdedffe3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 361.239801][T11188] RAX: ffffffffffffffda RBX: 00007fdedf415fa0 RCX: 00007fdedf19c799 [ 361.239811][T11188] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 361.239820][T11188] RBP: 00007fdedf232bd9 R08: ffffffffffffffff R09: 0000000000000000 [ 361.239830][T11188] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 361.239839][T11188] R13: 00007fdedf416038 R14: 00007fdedf415fa0 R15: 00007ffc0fdb8928 [ 361.239860][T11188] [ 361.670382][T11191] FAULT_INJECTION: forcing a failure. [ 361.670382][T11191] name failslab, interval 1, probability 0, space 0, times 0 [ 361.683123][T11191] CPU: 0 UID: 0 PID: 11191 Comm: syz.3.1214 Tainted: G U L syzkaller #0 PREEMPT(full) [ 361.683152][T11191] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 361.683159][T11191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 361.683168][T11191] Call Trace: [ 361.683176][T11191] [ 361.683183][T11191] dump_stack_lvl+0x100/0x190 [ 361.683210][T11191] should_fail_ex.cold+0x5/0xa [ 361.683229][T11191] should_failslab+0xc2/0x120 [ 361.683244][T11191] __kvmalloc_node_noprof+0xfa/0xa00 [ 361.683267][T11191] ? bucket_table_alloc.isra.0+0x88/0x460 [ 361.683292][T11191] bucket_table_alloc.isra.0+0x88/0x460 [ 361.683315][T11191] rhashtable_init_noprof+0x43b/0x7d0 [ 361.683335][T11191] ? __init_waitqueue_head+0xca/0x150 [ 361.683360][T11191] rhltable_init_noprof+0x20/0x60 [ 361.683381][T11191] sta_info_init+0x5f/0x160 [ 361.683398][T11191] ieee80211_alloc_hw_nm+0x836/0x22a0 [ 361.683417][T11191] ? __local_bh_enable_ip+0x9e/0x120 [ 361.683439][T11191] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 361.683467][T11191] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 361.683492][T11191] ? __nla_validate_parse+0x1e7/0x28b0 [ 361.683510][T11191] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 361.683542][T11191] hwsim_new_radio_nl+0xc1f/0x1340 [ 361.683564][T11191] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 361.683589][T11191] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 361.683612][T11191] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 361.683637][T11191] genl_family_rcv_msg_doit+0x214/0x300 [ 361.683660][T11191] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 361.683681][T11191] ? genl_get_cmd+0x3ef/0x720 [ 361.683705][T11191] ? bpf_lsm_capable+0x9/0x10 [ 361.683719][T11191] ? security_capable+0x80/0x260 [ 361.683738][T11191] ? ns_capable+0xd2/0xf0 [ 361.683753][T11191] genl_rcv_msg+0x560/0x800 [ 361.683776][T11191] ? __pfx_genl_rcv_msg+0x10/0x10 [ 361.683796][T11191] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 361.683822][T11191] netlink_rcv_skb+0x159/0x420 [ 361.683840][T11191] ? __pfx_genl_rcv_msg+0x10/0x10 [ 361.683861][T11191] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 361.683887][T11191] ? netlink_deliver_tap+0x1ae/0xcc0 [ 361.683907][T11191] genl_rcv+0x28/0x40 [ 361.683925][T11191] netlink_unicast+0x5aa/0x870 [ 361.683946][T11191] ? __pfx_netlink_unicast+0x10/0x10 [ 361.683971][T11191] netlink_sendmsg+0x8b0/0xda0 [ 361.683993][T11191] ? __pfx_netlink_sendmsg+0x10/0x10 [ 361.684010][T11191] ? __import_iovec+0x1d2/0x640 [ 361.684033][T11191] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 361.684056][T11191] ____sys_sendmsg+0xa54/0xc30 [ 361.684079][T11191] ? __pfx_____sys_sendmsg+0x10/0x10 [ 361.684103][T11191] ? __pfx_futex_wake_mark+0x10/0x10 [ 361.684128][T11191] ___sys_sendmsg+0x190/0x1e0 [ 361.684151][T11191] ? __pfx____sys_sendmsg+0x10/0x10 [ 361.684196][T11191] __sys_sendmsg+0x170/0x220 [ 361.684213][T11191] ? __pfx___sys_sendmsg+0x10/0x10 [ 361.684229][T11191] ? __x64_sys_futex+0x34f/0x4d0 [ 361.684260][T11191] do_syscall_64+0x106/0xf80 [ 361.684276][T11191] ? clear_bhb_loop+0x40/0x90 [ 361.684295][T11191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.684310][T11191] RIP: 0033:0x7ff7a379c799 [ 361.684326][T11191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 361.684340][T11191] RSP: 002b:00007ff7a45fe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 361.684356][T11191] RAX: ffffffffffffffda RBX: 00007ff7a3a16090 RCX: 00007ff7a379c799 [ 361.684367][T11191] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 361.684377][T11191] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 361.684386][T11191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 361.684395][T11191] R13: 00007ff7a3a16128 R14: 00007ff7a3a16090 R15: 00007ffe22e4fa98 [ 361.684415][T11191] [ 362.062445][T11190] futex_wake_op: syz.3.1214 tries to shift op by -2048; fix this program [ 362.073041][T11190] 0x3030363000000001-0x30303630000a3031 : "" [ 362.079098][T11190] mtd: partition "" is out of reach -- disabled [ 362.149972][T11190] ftl_cs: FTL header not found. [ 362.271954][T11193] FAULT_INJECTION: forcing a failure. [ 362.271954][T11193] name failslab, interval 1, probability 0, space 0, times 0 [ 362.285966][T11193] CPU: 0 UID: 0 PID: 11193 Comm: syz.0.1215 Tainted: G U L syzkaller #0 PREEMPT(full) [ 362.285994][T11193] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 362.286000][T11193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 362.286010][T11193] Call Trace: [ 362.286016][T11193] [ 362.286022][T11193] dump_stack_lvl+0x100/0x190 [ 362.286049][T11193] should_fail_ex.cold+0x5/0xa [ 362.286068][T11193] should_failslab+0xc2/0x120 [ 362.286082][T11193] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 362.286104][T11193] ? __kernfs_new_node+0xd2/0x960 [ 362.286123][T11193] ? kstrdup+0xb3/0xe0 [ 362.286146][T11193] __kernfs_new_node+0xd2/0x960 [ 362.286164][T11193] ? __kernel_text_address+0xd/0x30 [ 362.286187][T11193] ? arch_stack_walk+0xa6/0xf0 [ 362.286201][T11193] ? __pfx___kernfs_new_node+0x10/0x10 [ 362.286225][T11193] ? find_held_lock+0x2b/0x80 [ 362.286238][T11193] ? kernfs_root+0xee/0x2a0 [ 362.286255][T11193] ? kernfs_root+0xee/0x2a0 [ 362.286278][T11193] kernfs_new_node+0x11b/0x1a0 [ 362.286302][T11193] kernfs_create_dir_ns+0x4c/0x1a0 [ 362.286326][T11193] sysfs_create_dir_ns+0x13a/0x2b0 [ 362.286345][T11193] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 362.286362][T11193] ? find_held_lock+0x2b/0x80 [ 362.286375][T11193] ? kobject_add_internal+0x25f/0x930 [ 362.286412][T11193] ? kobject_add_internal+0x25f/0x930 [ 362.286434][T11193] ? class_dir_child_ns_type+0xd/0x60 [ 362.286465][T11193] kobject_add_internal+0x2c8/0x930 [ 362.286488][T11193] kobject_add+0x16a/0x1e0 [ 362.286508][T11193] ? __pfx_kobject_add+0x10/0x10 [ 362.286532][T11193] ? kobject_put+0xb9/0x640 [ 362.286556][T11193] device_add+0x294/0x1950 [ 362.286579][T11193] ? kfree_const+0x5a/0x70 [ 362.286599][T11193] ? __pfx_device_add+0x10/0x10 [ 362.286619][T11193] ? kfree_const+0x5a/0x70 [ 362.286638][T11193] ? kfree+0x2ec/0x6b0 [ 362.286661][T11193] device_create_groups_vargs+0x1f8/0x270 [ 362.286687][T11193] device_create+0xed/0x130 [ 362.286710][T11193] ? __pfx_device_create+0x10/0x10 [ 362.286731][T11193] ? lockdep_init_map_type+0x5c/0x250 [ 362.286749][T11193] ? timer_init_key+0x150/0x340 [ 362.286768][T11193] ? ieee80211_roc_setup+0x136/0x270 [ 362.286783][T11193] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 362.286805][T11193] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 362.286832][T11193] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 362.286857][T11193] ? __nla_validate_parse+0x1e7/0x28b0 [ 362.286901][T11193] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 362.286928][T11193] hwsim_new_radio_nl+0xc1f/0x1340 [ 362.286949][T11193] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 362.286984][T11193] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 362.287007][T11193] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 362.287033][T11193] genl_family_rcv_msg_doit+0x214/0x300 [ 362.287057][T11193] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 362.287078][T11193] ? genl_get_cmd+0x3ef/0x720 [ 362.287101][T11193] ? bpf_lsm_capable+0x9/0x10 [ 362.287116][T11193] ? security_capable+0x80/0x260 [ 362.287135][T11193] ? ns_capable+0xd2/0xf0 [ 362.287151][T11193] genl_rcv_msg+0x560/0x800 [ 362.287174][T11193] ? __pfx_genl_rcv_msg+0x10/0x10 [ 362.287195][T11193] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 362.287220][T11193] netlink_rcv_skb+0x159/0x420 [ 362.287238][T11193] ? __pfx_genl_rcv_msg+0x10/0x10 [ 362.287259][T11193] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 362.287285][T11193] ? netlink_deliver_tap+0x1ae/0xcc0 [ 362.287305][T11193] genl_rcv+0x28/0x40 [ 362.287322][T11193] netlink_unicast+0x5aa/0x870 [ 362.287344][T11193] ? __pfx_netlink_unicast+0x10/0x10 [ 362.287369][T11193] netlink_sendmsg+0x8b0/0xda0 [ 362.287390][T11193] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.287407][T11193] ? __import_iovec+0x1d2/0x640 [ 362.287431][T11193] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 362.287459][T11193] ____sys_sendmsg+0xa54/0xc30 [ 362.287483][T11193] ? __pfx_____sys_sendmsg+0x10/0x10 [ 362.287509][T11193] ? __pfx_futex_wake_mark+0x10/0x10 [ 362.287536][T11193] ___sys_sendmsg+0x190/0x1e0 [ 362.287559][T11193] ? __pfx____sys_sendmsg+0x10/0x10 [ 362.287604][T11193] __sys_sendmsg+0x170/0x220 [ 362.287621][T11193] ? __pfx___sys_sendmsg+0x10/0x10 [ 362.287637][T11193] ? __x64_sys_futex+0x34f/0x4d0 [ 362.287667][T11193] do_syscall_64+0x106/0xf80 [ 362.287683][T11193] ? clear_bhb_loop+0x40/0x90 [ 362.287701][T11193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.287717][T11193] RIP: 0033:0x7f7ad9f9c799 [ 362.287732][T11193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 362.287747][T11193] RSP: 002b:00007f7adae9c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 362.287762][T11193] RAX: ffffffffffffffda RBX: 00007f7ada215fa0 RCX: 00007f7ad9f9c799 [ 362.287773][T11193] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 362.287782][T11193] RBP: 00007f7ada032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 362.287791][T11193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 362.287800][T11193] R13: 00007f7ada216038 R14: 00007f7ada215fa0 R15: 00007ffdf7df6a58 [ 362.287820][T11193] [ 362.287848][T11193] kobject: kobject_add_internal failed for hwsim36 (error: -12 parent: mac80211_hwsim) [ 362.827053][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 362.833137][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 362.839220][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 362.845191][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 363.052549][T11198] binder: BINDER_SET_CONTEXT_MGR already set [ 363.081766][T11198] binder: 11194:11198 ioctl 4018620d 9 returned -16 [ 363.268509][T11206] futex_wake_op: syz.0.1215 tries to shift op by -2048; fix this program [ 363.304031][T11206] 0x3030363000000001-0x30303630000a3031 : "" [ 363.324581][T11206] mtd: partition "" is out of reach -- disabled [ 363.454585][T11206] ftl_cs: FTL header not found. [ 363.474763][T11205] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 363.544691][T11205] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 363.648590][T11205] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 363.766354][T11205] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 364.191774][T11228] futex_wake_op: syz.1.1222 tries to shift op by -2048; fix this program [ 365.296912][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 365.327603][T11260] aoe: copy from user failed [ 365.373698][T11260] aoe: could not set interface list: too many interfaces [ 365.616605][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 365.697561][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 365.778185][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout [ 366.545898][T11277] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 366.557510][T11277] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 366.594596][T11277] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 366.647430][T11277] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 367.904331][ T5824] Bluetooth: hci3: unexpected event 0x3c length: 254 > 7 [ 367.904537][ T5824] Bluetooth: hci3: unexpected event 0x3c length: 254 > 7 [ 368.495668][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 368.539015][T11333] FAULT_INJECTION: forcing a failure. [ 368.539015][T11333] name failslab, interval 1, probability 0, space 0, times 0 [ 368.575698][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 368.581895][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 368.614303][T11333] CPU: 0 UID: 0 PID: 11333 Comm: syz.3.1246 Tainted: G U L syzkaller #0 PREEMPT(full) [ 368.614331][T11333] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 368.614337][T11333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 368.614346][T11333] Call Trace: [ 368.614351][T11333] [ 368.614358][T11333] dump_stack_lvl+0x100/0x190 [ 368.614384][T11333] should_fail_ex.cold+0x5/0xa [ 368.614403][T11333] should_failslab+0xc2/0x120 [ 368.614418][T11333] __kvmalloc_node_noprof+0xfa/0xa00 [ 368.614439][T11333] ? bucket_table_alloc.isra.0+0x88/0x460 [ 368.614466][T11333] bucket_table_alloc.isra.0+0x88/0x460 [ 368.614488][T11333] rhashtable_init_noprof+0x43b/0x7d0 [ 368.614507][T11333] ? __init_waitqueue_head+0xca/0x150 [ 368.614531][T11333] rhltable_init_noprof+0x20/0x60 [ 368.614551][T11333] sta_info_init+0x5f/0x160 [ 368.614568][T11333] ieee80211_alloc_hw_nm+0x836/0x22a0 [ 368.614588][T11333] ? __local_bh_enable_ip+0x9e/0x120 [ 368.614606][T11333] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 368.614634][T11333] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 368.614658][T11333] ? __nla_validate_parse+0x1e7/0x28b0 [ 368.614676][T11333] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 368.614701][T11333] hwsim_new_radio_nl+0xc1f/0x1340 [ 368.614722][T11333] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 368.614750][T11333] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 368.614772][T11333] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 368.614798][T11333] genl_family_rcv_msg_doit+0x214/0x300 [ 368.614829][T11333] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 368.614849][T11333] ? genl_get_cmd+0x3ef/0x720 [ 368.614874][T11333] ? bpf_lsm_capable+0x9/0x10 [ 368.614889][T11333] ? security_capable+0x80/0x260 [ 368.614908][T11333] ? ns_capable+0xd2/0xf0 [ 368.614923][T11333] genl_rcv_msg+0x560/0x800 [ 368.614946][T11333] ? __pfx_genl_rcv_msg+0x10/0x10 [ 368.614966][T11333] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 368.614992][T11333] netlink_rcv_skb+0x159/0x420 [ 368.615010][T11333] ? __pfx_genl_rcv_msg+0x10/0x10 [ 368.615031][T11333] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 368.615057][T11333] ? netlink_deliver_tap+0x1ae/0xcc0 [ 368.615077][T11333] genl_rcv+0x28/0x40 [ 368.615094][T11333] netlink_unicast+0x5aa/0x870 [ 368.615115][T11333] ? __pfx_netlink_unicast+0x10/0x10 [ 368.615141][T11333] netlink_sendmsg+0x8b0/0xda0 [ 368.615162][T11333] ? __pfx_netlink_sendmsg+0x10/0x10 [ 368.615179][T11333] ? __import_iovec+0x1d2/0x640 [ 368.615203][T11333] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 368.615225][T11333] ____sys_sendmsg+0xa54/0xc30 [ 368.615248][T11333] ? __pfx_____sys_sendmsg+0x10/0x10 [ 368.615272][T11333] ? __pfx_futex_wake_mark+0x10/0x10 [ 368.615297][T11333] ___sys_sendmsg+0x190/0x1e0 [ 368.615320][T11333] ? __pfx____sys_sendmsg+0x10/0x10 [ 368.615364][T11333] __sys_sendmsg+0x170/0x220 [ 368.615382][T11333] ? __pfx___sys_sendmsg+0x10/0x10 [ 368.615398][T11333] ? __x64_sys_futex+0x34f/0x4d0 [ 368.615428][T11333] do_syscall_64+0x106/0xf80 [ 368.615444][T11333] ? clear_bhb_loop+0x40/0x90 [ 368.615462][T11333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.615478][T11333] RIP: 0033:0x7ff7a379c799 [ 368.615492][T11333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 368.615507][T11333] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 368.615521][T11333] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 368.615531][T11333] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 368.615541][T11333] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 368.615549][T11333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 368.615558][T11333] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 368.615579][T11333] [ 369.509738][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout [ 369.636161][T11337] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 369.655862][T11337] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 369.665215][T11337] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 369.681544][T11337] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 370.259614][T11334] futex_wake_op: syz.3.1246 tries to shift op by -2048; fix this program [ 370.316477][T11359] 0x3030363000000001-0x30303630000a3031 : "" [ 370.357138][T11359] mtd: partition "" is out of reach -- disabled [ 370.482238][T11359] ftl_cs: FTL header not found. [ 371.776635][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout [ 371.776665][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 371.776684][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 371.776701][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 371.926125][T11386] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 371.926328][T11386] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 371.926458][T11386] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 371.926591][T11386] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 373.855716][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 373.936827][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 373.942941][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 373.949903][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 374.348411][T11461] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1278'. [ 374.891269][T11464] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1279'. [ 375.301906][T11483] FAULT_INJECTION: forcing a failure. [ 375.301906][T11483] name failslab, interval 1, probability 0, space 0, times 0 [ 375.368023][T11483] CPU: 0 UID: 0 PID: 11483 Comm: syz.3.1285 Tainted: G U L syzkaller #0 PREEMPT(full) [ 375.368052][T11483] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 375.368057][T11483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 375.368067][T11483] Call Trace: [ 375.368073][T11483] [ 375.368079][T11483] dump_stack_lvl+0x100/0x190 [ 375.368108][T11483] should_fail_ex.cold+0x5/0xa [ 375.368136][T11483] should_failslab+0xc2/0x120 [ 375.368153][T11483] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 375.368175][T11483] ? __d_alloc+0x34/0xa80 [ 375.368190][T11483] ? lockdep_init_map_type+0x5c/0x250 [ 375.368214][T11483] __d_alloc+0x34/0xa80 [ 375.368231][T11483] d_alloc_pseudo+0x1c/0xc0 [ 375.368250][T11483] alloc_file_pseudo+0xcf/0x230 [ 375.368268][T11483] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 375.368285][T11483] ? alloc_fd+0x476/0x790 [ 375.368310][T11483] sock_alloc_file+0x50/0x210 [ 375.368329][T11483] __sys_socket+0x1c0/0x260 [ 375.368350][T11483] ? __pfx___sys_socket+0x10/0x10 [ 375.368377][T11483] __x64_sys_socket+0x72/0xb0 [ 375.368397][T11483] ? lockdep_hardirqs_on+0x78/0x100 [ 375.368414][T11483] do_syscall_64+0x106/0xf80 [ 375.368430][T11483] ? clear_bhb_loop+0x40/0x90 [ 375.368448][T11483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 375.368463][T11483] RIP: 0033:0x7ff7a379c799 [ 375.368478][T11483] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 375.368492][T11483] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 375.368507][T11483] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 375.368517][T11483] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 375.368526][T11483] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 375.368535][T11483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 375.368543][T11483] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 375.368562][T11483] [ 378.367346][T11522] FAULT_INJECTION: forcing a failure. [ 378.367346][T11522] name failslab, interval 1, probability 0, space 0, times 0 [ 378.412414][T11522] CPU: 0 UID: 0 PID: 11522 Comm: syz.3.1295 Tainted: G U L syzkaller #0 PREEMPT(full) [ 378.412443][T11522] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 378.412449][T11522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 378.412459][T11522] Call Trace: [ 378.412465][T11522] [ 378.412471][T11522] dump_stack_lvl+0x100/0x190 [ 378.412498][T11522] should_fail_ex.cold+0x5/0xa [ 378.412517][T11522] should_failslab+0xc2/0x120 [ 378.412532][T11522] __kmalloc_cache_noprof+0x7a/0x6f0 [ 378.412551][T11522] ? snd_seq_timer_new+0x44/0x1b0 [ 378.412573][T11522] snd_seq_timer_new+0x44/0x1b0 [ 378.412591][T11522] snd_seq_queue_alloc+0x177/0x590 [ 378.412618][T11522] snd_seq_ioctl_create_queue+0xa9/0x370 [ 378.412639][T11522] call_seq_client_ctl+0xa3/0x130 [ 378.412660][T11522] snd_seq_kernel_client_ctl+0x77/0xd0 [ 378.412685][T11522] alloc_seq_queue+0xdb/0x180 [ 378.412705][T11522] ? __pfx_alloc_seq_queue+0x10/0x10 [ 378.412735][T11522] ? mark_held_locks+0x40/0x70 [ 378.412753][T11522] ? _raw_spin_unlock_irq+0x23/0x50 [ 378.412768][T11522] ? lockdep_hardirqs_on+0x78/0x100 [ 378.412786][T11522] snd_seq_oss_open+0x2b2/0xa10 [ 378.412810][T11522] odev_open+0x79/0xc0 [ 378.412827][T11522] ? __pfx_odev_open+0x10/0x10 [ 378.412845][T11522] soundcore_open+0x2e3/0x5a0 [ 378.412868][T11522] ? __pfx_soundcore_open+0x10/0x10 [ 378.412887][T11522] chrdev_open+0x234/0x6a0 [ 378.412901][T11522] ? __pfx_apparmor_file_open+0x10/0x10 [ 378.412921][T11522] ? __pfx_chrdev_open+0x10/0x10 [ 378.412936][T11522] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 378.412963][T11522] do_dentry_open+0x6d8/0x1660 [ 378.412986][T11522] ? __pfx_chrdev_open+0x10/0x10 [ 378.413004][T11522] vfs_open+0x82/0x3f0 [ 378.413024][T11522] path_openat+0x208c/0x31a0 [ 378.413045][T11522] ? __pfx_path_openat+0x10/0x10 [ 378.413066][T11522] do_file_open+0x20e/0x430 [ 378.413088][T11522] ? __pfx_do_file_open+0x10/0x10 [ 378.413121][T11522] ? alloc_fd+0x476/0x790 [ 378.413153][T11522] ? do_getname+0x191/0x390 [ 378.413177][T11522] do_sys_openat2+0x10d/0x1e0 [ 378.413200][T11522] ? __pfx_do_sys_openat2+0x10/0x10 [ 378.413220][T11522] ? __fget_files+0x21f/0x3d0 [ 378.413251][T11522] __x64_sys_openat+0x12d/0x210 [ 378.413269][T11522] ? __pfx___x64_sys_openat+0x10/0x10 [ 378.413294][T11522] do_syscall_64+0x106/0xf80 [ 378.413310][T11522] ? clear_bhb_loop+0x40/0x90 [ 378.413328][T11522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.413344][T11522] RIP: 0033:0x7ff7a379c799 [ 378.413358][T11522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 378.413372][T11522] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 378.413387][T11522] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 378.413400][T11522] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 378.413410][T11522] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 378.413419][T11522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 378.413428][T11522] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 378.413449][T11522] [ 379.156006][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.163079][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.353099][T11525] FAULT_INJECTION: forcing a failure. [ 379.353099][T11525] name failslab, interval 1, probability 0, space 0, times 0 [ 379.368596][T11525] CPU: 0 UID: 0 PID: 11525 Comm: syz.3.1296 Tainted: G U L syzkaller #0 PREEMPT(full) [ 379.368626][T11525] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 379.368632][T11525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 379.368641][T11525] Call Trace: [ 379.368647][T11525] [ 379.368654][T11525] dump_stack_lvl+0x100/0x190 [ 379.368681][T11525] should_fail_ex.cold+0x5/0xa [ 379.368700][T11525] should_failslab+0xc2/0x120 [ 379.368715][T11525] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 379.368735][T11525] ? __kernfs_new_node+0xd2/0x960 [ 379.368766][T11525] __kernfs_new_node+0xd2/0x960 [ 379.368789][T11525] ? __pfx___kernfs_new_node+0x10/0x10 [ 379.368814][T11525] ? find_held_lock+0x2b/0x80 [ 379.368828][T11525] ? kernfs_root+0xee/0x2a0 [ 379.368846][T11525] ? kernfs_root+0xee/0x2a0 [ 379.368869][T11525] kernfs_new_node+0x11b/0x1a0 [ 379.368893][T11525] kernfs_create_dir_ns+0x4c/0x1a0 [ 379.368917][T11525] internal_create_group+0x36f/0xf40 [ 379.368940][T11525] ? kernfs_add_one+0x214/0x850 [ 379.368961][T11525] ? __pfx_internal_create_group+0x10/0x10 [ 379.368983][T11525] ? __pfx_dev_add_physical_location+0x10/0x10 [ 379.369004][T11525] ? bus_to_subsys+0x114/0x150 [ 379.369022][T11525] dpm_sysfs_add+0x80/0x280 [ 379.369052][T11525] device_add+0x9ef/0x1950 [ 379.369077][T11525] ? __pfx_device_add+0x10/0x10 [ 379.369098][T11525] ? kfree_const+0x5a/0x70 [ 379.369118][T11525] ? kfree+0x2ec/0x6b0 [ 379.369141][T11525] device_create_groups_vargs+0x1f8/0x270 [ 379.369168][T11525] device_create+0xed/0x130 [ 379.369190][T11525] ? __pfx_device_create+0x10/0x10 [ 379.369211][T11525] ? lockdep_init_map_type+0x5c/0x250 [ 379.369230][T11525] ? timer_init_key+0x150/0x340 [ 379.369248][T11525] ? ieee80211_roc_setup+0x136/0x270 [ 379.369264][T11525] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 379.369285][T11525] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 379.369314][T11525] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 379.369339][T11525] ? __nla_validate_parse+0x1e7/0x28b0 [ 379.369357][T11525] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 379.369382][T11525] hwsim_new_radio_nl+0xc1f/0x1340 [ 379.369403][T11525] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 379.369428][T11525] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 379.369449][T11525] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 379.369474][T11525] genl_family_rcv_msg_doit+0x214/0x300 [ 379.369497][T11525] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 379.369521][T11525] ? genl_get_cmd+0x3ef/0x720 [ 379.369544][T11525] ? bpf_lsm_capable+0x9/0x10 [ 379.369558][T11525] ? security_capable+0x80/0x260 [ 379.369578][T11525] ? ns_capable+0xd2/0xf0 [ 379.369593][T11525] genl_rcv_msg+0x560/0x800 [ 379.369616][T11525] ? __pfx_genl_rcv_msg+0x10/0x10 [ 379.369636][T11525] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 379.369661][T11525] netlink_rcv_skb+0x159/0x420 [ 379.369682][T11525] ? __pfx_genl_rcv_msg+0x10/0x10 [ 379.369703][T11525] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 379.369729][T11525] ? netlink_deliver_tap+0x1ae/0xcc0 [ 379.369749][T11525] genl_rcv+0x28/0x40 [ 379.369767][T11525] netlink_unicast+0x5aa/0x870 [ 379.369788][T11525] ? __pfx_netlink_unicast+0x10/0x10 [ 379.369813][T11525] netlink_sendmsg+0x8b0/0xda0 [ 379.369834][T11525] ? __pfx_netlink_sendmsg+0x10/0x10 [ 379.369851][T11525] ? __import_iovec+0x1d2/0x640 [ 379.369880][T11525] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 379.369903][T11525] ____sys_sendmsg+0xa54/0xc30 [ 379.369926][T11525] ? __pfx_____sys_sendmsg+0x10/0x10 [ 379.369950][T11525] ? try_to_wake_up+0x644/0x1a80 [ 379.369969][T11525] ___sys_sendmsg+0x190/0x1e0 [ 379.369991][T11525] ? __pfx____sys_sendmsg+0x10/0x10 [ 379.370013][T11525] ? futex_private_hash_put+0x107/0x1c0 [ 379.370140][T11525] __sys_sendmsg+0x170/0x220 [ 379.370170][T11525] ? __pfx___sys_sendmsg+0x10/0x10 [ 379.370188][T11525] ? __x64_sys_futex+0x34f/0x4d0 [ 379.370220][T11525] do_syscall_64+0x106/0xf80 [ 379.370237][T11525] ? clear_bhb_loop+0x40/0x90 [ 379.370255][T11525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.370271][T11525] RIP: 0033:0x7ff7a379c799 [ 379.370286][T11525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 379.370299][T11525] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 379.370314][T11525] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 379.370325][T11525] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 379.370334][T11525] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 379.370343][T11525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 379.370352][T11525] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 379.370373][T11525] [ 379.983860][T11527] futex_wake_op: syz.3.1296 tries to shift op by -2048; fix this program [ 380.207303][T11535] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1298'. [ 380.475294][T11540] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1300'. [ 380.532466][T11540] bridge_slave_1: left allmulticast mode [ 380.560870][T11540] bridge_slave_1: left promiscuous mode [ 380.627204][T11540] bridge0: port 2(bridge_slave_1) entered disabled state [ 380.674975][T11540] bridge_slave_0: left allmulticast mode [ 380.697237][T11540] bridge_slave_0: left promiscuous mode [ 380.733684][T11540] bridge0: port 1(bridge_slave_0) entered disabled state [ 381.940646][T11576] futex_wake_op: syz.3.1309 tries to shift op by -2048; fix this program [ 382.334331][T11581] futex_wake_op: syz.0.1310 tries to shift op by -2048; fix this program [ 382.421815][T11579] 0x3030363000000001-0x30303630000a3031 : "" [ 382.450821][T11579] mtd: partition "" is out of reach -- disabled [ 382.489076][T11584] futex_wake_op: syz.2.1311 tries to shift op by -2048; fix this program [ 382.500123][T11579] ftl_cs: FTL header not found. [ 383.715899][T11612] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 383.734043][T11612] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 383.759497][T11612] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 383.789728][T11612] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 384.195903][T11619] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 384.224072][T11619] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 384.240800][T11619] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 384.267490][T11619] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 384.709125][T11627] FAULT_INJECTION: forcing a failure. [ 384.709125][T11627] name failslab, interval 1, probability 0, space 0, times 0 [ 384.766065][T11629] futex_wake_op: syz.3.1322 tries to shift op by -2048; fix this program [ 384.815743][T11627] CPU: 0 UID: 0 PID: 11627 Comm: syz.3.1322 Tainted: G U L syzkaller #0 PREEMPT(full) [ 384.815772][T11627] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 384.815778][T11627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 384.815787][T11627] Call Trace: [ 384.815793][T11627] [ 384.815800][T11627] dump_stack_lvl+0x100/0x190 [ 384.815827][T11627] should_fail_ex.cold+0x5/0xa [ 384.815846][T11627] should_failslab+0xc2/0x120 [ 384.815861][T11627] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 384.815884][T11627] ? kvasprintf_const+0x66/0x1a0 [ 384.815903][T11627] kvasprintf+0xbc/0x150 [ 384.815916][T11627] ? __pfx_kvasprintf+0x10/0x10 [ 384.815931][T11627] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 384.815954][T11627] ? lockdep_init_map_type+0x5c/0x250 [ 384.815977][T11627] kvasprintf_const+0x66/0x1a0 [ 384.815992][T11627] kobject_set_name_vargs+0x5a/0x140 [ 384.816014][T11627] device_create_groups_vargs+0x1b1/0x270 [ 384.816041][T11627] device_create+0xed/0x130 [ 384.816065][T11627] ? __pfx_device_create+0x10/0x10 [ 384.816087][T11627] ? lockdep_init_map_type+0x5c/0x250 [ 384.816110][T11627] ? timer_init_key+0x150/0x340 [ 384.816128][T11627] ? ieee80211_roc_setup+0x136/0x270 [ 384.816143][T11627] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 384.816166][T11627] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 384.816194][T11627] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 384.816226][T11627] ? __nla_validate_parse+0x1e7/0x28b0 [ 384.816245][T11627] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 384.816274][T11627] hwsim_new_radio_nl+0xc1f/0x1340 [ 384.816295][T11627] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 384.816319][T11627] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 384.816341][T11627] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 384.816366][T11627] genl_family_rcv_msg_doit+0x214/0x300 [ 384.816389][T11627] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 384.816409][T11627] ? genl_get_cmd+0x3ef/0x720 [ 384.816432][T11627] ? bpf_lsm_capable+0x9/0x10 [ 384.816446][T11627] ? security_capable+0x80/0x260 [ 384.816466][T11627] ? ns_capable+0xd2/0xf0 [ 384.816481][T11627] genl_rcv_msg+0x560/0x800 [ 384.816504][T11627] ? __pfx_genl_rcv_msg+0x10/0x10 [ 384.816524][T11627] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 384.816549][T11627] netlink_rcv_skb+0x159/0x420 [ 384.816568][T11627] ? __pfx_genl_rcv_msg+0x10/0x10 [ 384.816588][T11627] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 384.816614][T11627] ? netlink_deliver_tap+0x1ae/0xcc0 [ 384.816634][T11627] genl_rcv+0x28/0x40 [ 384.816652][T11627] netlink_unicast+0x5aa/0x870 [ 384.816673][T11627] ? __pfx_netlink_unicast+0x10/0x10 [ 384.816698][T11627] netlink_sendmsg+0x8b0/0xda0 [ 384.816719][T11627] ? __pfx_netlink_sendmsg+0x10/0x10 [ 384.816736][T11627] ? __import_iovec+0x1d2/0x640 [ 384.816760][T11627] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 384.816782][T11627] ____sys_sendmsg+0xa54/0xc30 [ 384.816805][T11627] ? __pfx_____sys_sendmsg+0x10/0x10 [ 384.816829][T11627] ? try_to_wake_up+0x644/0x1a80 [ 384.816847][T11627] ___sys_sendmsg+0x190/0x1e0 [ 384.816869][T11627] ? __pfx____sys_sendmsg+0x10/0x10 [ 384.816891][T11627] ? futex_private_hash_put+0x107/0x1c0 [ 384.816931][T11627] __sys_sendmsg+0x170/0x220 [ 384.816948][T11627] ? __pfx___sys_sendmsg+0x10/0x10 [ 384.816964][T11627] ? __x64_sys_futex+0x34f/0x4d0 [ 384.816994][T11627] do_syscall_64+0x106/0xf80 [ 384.817010][T11627] ? clear_bhb_loop+0x40/0x90 [ 384.817028][T11627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.817043][T11627] RIP: 0033:0x7ff7a379c799 [ 384.817057][T11627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 384.817072][T11627] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 384.817088][T11627] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 384.817098][T11627] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 384.817107][T11627] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 384.817117][T11627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 384.817125][T11627] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 384.817146][T11627] [ 385.877334][T11636] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1323'. [ 385.980097][T11644] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1323'. [ 386.272733][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 386.279032][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 386.285056][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 386.339544][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 386.384226][T11629] 0x3030363000000001-0x30303630000a3031 : "" [ 386.403552][T11629] mtd: partition "" is out of reach -- disabled [ 386.455203][T11629] ftl_cs: FTL header not found. [ 387.106492][T11669] mkiss: ax0: crc mode is auto. [ 388.022155][T11694] FAULT_INJECTION: forcing a failure. [ 388.022155][T11694] name failslab, interval 1, probability 0, space 0, times 0 [ 388.068783][T11694] CPU: 0 UID: 0 PID: 11694 Comm: syz.2.1337 Tainted: G U L syzkaller #0 PREEMPT(full) [ 388.068813][T11694] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 388.068818][T11694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 388.068829][T11694] Call Trace: [ 388.068834][T11694] [ 388.068841][T11694] dump_stack_lvl+0x100/0x190 [ 388.068869][T11694] should_fail_ex.cold+0x5/0xa [ 388.068887][T11694] should_failslab+0xc2/0x120 [ 388.068909][T11694] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 388.068932][T11694] ? kasprintf+0xc7/0x100 [ 388.068951][T11694] kvasprintf+0xbc/0x150 [ 388.068965][T11694] ? __pfx_kvasprintf+0x10/0x10 [ 388.068979][T11694] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 388.068996][T11694] ? lockdep_hardirqs_on+0x78/0x100 [ 388.069012][T11694] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 388.069030][T11694] kasprintf+0xc7/0x100 [ 388.069043][T11694] ? __pfx_kasprintf+0x10/0x10 [ 388.069065][T11694] ieee80211_alloc_led_names+0x243/0x420 [ 388.069088][T11694] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 388.069111][T11694] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 388.069140][T11694] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 388.069166][T11694] ? __nla_validate_parse+0x1e7/0x28b0 [ 388.069185][T11694] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 388.069211][T11694] hwsim_new_radio_nl+0xc1f/0x1340 [ 388.069233][T11694] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 388.069257][T11694] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 388.069279][T11694] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 388.069304][T11694] genl_family_rcv_msg_doit+0x214/0x300 [ 388.069327][T11694] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 388.069348][T11694] ? genl_get_cmd+0x3ef/0x720 [ 388.069371][T11694] ? bpf_lsm_capable+0x9/0x10 [ 388.069385][T11694] ? security_capable+0x80/0x260 [ 388.069405][T11694] ? ns_capable+0xd2/0xf0 [ 388.069421][T11694] genl_rcv_msg+0x560/0x800 [ 388.069443][T11694] ? __pfx_genl_rcv_msg+0x10/0x10 [ 388.069463][T11694] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 388.069489][T11694] netlink_rcv_skb+0x159/0x420 [ 388.069507][T11694] ? __pfx_genl_rcv_msg+0x10/0x10 [ 388.069528][T11694] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 388.069554][T11694] ? netlink_deliver_tap+0x1ae/0xcc0 [ 388.069573][T11694] genl_rcv+0x28/0x40 [ 388.069591][T11694] netlink_unicast+0x5aa/0x870 [ 388.069612][T11694] ? __pfx_netlink_unicast+0x10/0x10 [ 388.069638][T11694] netlink_sendmsg+0x8b0/0xda0 [ 388.069659][T11694] ? __pfx_netlink_sendmsg+0x10/0x10 [ 388.069675][T11694] ? __import_iovec+0x1d2/0x640 [ 388.069700][T11694] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 388.069722][T11694] ____sys_sendmsg+0xa54/0xc30 [ 388.069746][T11694] ? __pfx_____sys_sendmsg+0x10/0x10 [ 388.069769][T11694] ? try_to_wake_up+0x644/0x1a80 [ 388.069791][T11694] ___sys_sendmsg+0x190/0x1e0 [ 388.069814][T11694] ? __pfx____sys_sendmsg+0x10/0x10 [ 388.069835][T11694] ? futex_private_hash_put+0x107/0x1c0 [ 388.069877][T11694] __sys_sendmsg+0x170/0x220 [ 388.069895][T11694] ? __pfx___sys_sendmsg+0x10/0x10 [ 388.069917][T11694] ? __x64_sys_futex+0x34f/0x4d0 [ 388.069948][T11694] do_syscall_64+0x106/0xf80 [ 388.069965][T11694] ? clear_bhb_loop+0x40/0x90 [ 388.069984][T11694] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.069999][T11694] RIP: 0033:0x7fba1a79c799 [ 388.070013][T11694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 388.070028][T11694] RSP: 002b:00007fba1b611028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 388.070042][T11694] RAX: ffffffffffffffda RBX: 00007fba1aa15fa0 RCX: 00007fba1a79c799 [ 388.070053][T11694] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 388.070062][T11694] RBP: 00007fba1a832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 388.070071][T11694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 388.070080][T11694] R13: 00007fba1aa16038 R14: 00007fba1aa15fa0 R15: 00007ffc127a9ff8 [ 388.070101][T11694] [ 388.463416][T11696] futex_wake_op: syz.2.1337 tries to shift op by -2048; fix this program [ 388.472525][T11696] 0x3030363000000001-0x30303630000a3031 : "" [ 388.478581][T11696] mtd: partition "" is out of reach -- disabled [ 389.045245][T11696] ftl_cs: FTL header not found. [ 389.279653][T11694] ieee80211 phy45: Failed to add default virtual iface [ 390.713442][T11695] zswap: compressor û not available [ 390.742223][T11714] futex_wake_op: syz.0.1338 tries to shift op by -2048; fix this program [ 390.882824][T11699] Setting dangerous option i915.mitigations - tainting kernel [ 391.402003][T11720] bond0: invalid ARP target specified [ 391.429580][T11720] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1349'. [ 391.537984][T11720] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 391.565718][T11720] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 391.600910][T11720] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 391.632666][T11720] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 393.123658][T11755] tc_dump_action: action bad kind [ 393.758207][T11770] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input13 [ 394.348769][T11785] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 394.371982][T11785] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 394.392213][T11785] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 394.425151][T11785] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 394.882450][T11807] openvswitch: netlink: IP tunnel dst address not specified [ 395.224836][T11826] FAULT_INJECTION: forcing a failure. [ 395.224836][T11826] name failslab, interval 1, probability 0, space 0, times 0 [ 395.276761][T11826] CPU: 0 UID: 0 PID: 11826 Comm: syz.0.1366 Tainted: G U L syzkaller #0 PREEMPT(full) [ 395.276789][T11826] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 395.276795][T11826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 395.276805][T11826] Call Trace: [ 395.276811][T11826] [ 395.276817][T11826] dump_stack_lvl+0x100/0x190 [ 395.276844][T11826] should_fail_ex.cold+0x5/0xa [ 395.276862][T11826] ? lsm_blob_alloc+0x68/0x90 [ 395.276878][T11826] should_failslab+0xc2/0x120 [ 395.276892][T11826] __kmalloc_noprof+0xe0/0x850 [ 395.276913][T11826] ? trace_kmem_cache_alloc+0xf3/0x120 [ 395.276931][T11826] lsm_blob_alloc+0x68/0x90 [ 395.276947][T11826] security_sk_alloc+0x2d/0x290 [ 395.276972][T11826] sk_prot_alloc+0x1d1/0x2a0 [ 395.276993][T11826] sk_alloc+0x36/0xe80 [ 395.277010][T11826] inet_create+0x3a0/0x1060 [ 395.277032][T11826] ? inet_create+0x94/0x1060 [ 395.277056][T11826] __sock_create+0x339/0x860 [ 395.277080][T11826] udp_sock_create4+0xa6/0x450 [ 395.277098][T11826] ? __pfx_udp_sock_create4+0x10/0x10 [ 395.277116][T11826] ? lockdep_hardirqs_on+0x78/0x100 [ 395.277134][T11826] ? crng_make_state+0x2b0/0x6c0 [ 395.277156][T11826] rxrpc_open_socket+0x4ef/0x6b0 [ 395.277178][T11826] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 395.277217][T11826] ? rcu_is_watching+0x12/0xc0 [ 395.277243][T11826] rxrpc_lookup_local+0xac7/0x1220 [ 395.277268][T11826] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 395.277291][T11826] ? __local_bh_enable_ip+0x9e/0x120 [ 395.277309][T11826] rxrpc_sendmsg+0x34a/0x680 [ 395.277335][T11826] sock_write_iter+0x566/0x610 [ 395.277355][T11826] ? __pfx_sock_write_iter+0x10/0x10 [ 395.277382][T11826] ? bpf_lsm_file_permission+0x9/0x10 [ 395.277403][T11826] ? security_file_permission+0x76/0x210 [ 395.277427][T11826] ? rw_verify_area+0xce/0x6d0 [ 395.277448][T11826] vfs_write+0x6ac/0x1070 [ 395.277470][T11826] ? __pfx_sock_write_iter+0x10/0x10 [ 395.277492][T11826] ? __pfx_vfs_write+0x10/0x10 [ 395.277512][T11826] ? find_held_lock+0x2b/0x80 [ 395.277538][T11826] ksys_write+0x1f8/0x250 [ 395.277559][T11826] ? __pfx_ksys_write+0x10/0x10 [ 395.277586][T11826] do_syscall_64+0x106/0xf80 [ 395.277602][T11826] ? clear_bhb_loop+0x40/0x90 [ 395.277620][T11826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.277635][T11826] RIP: 0033:0x7f7ad9f9c799 [ 395.277649][T11826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 395.277663][T11826] RSP: 002b:00007f7adae9c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 395.277678][T11826] RAX: ffffffffffffffda RBX: 00007f7ada215fa0 RCX: 00007f7ad9f9c799 [ 395.277688][T11826] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 395.277697][T11826] RBP: 00007f7ada032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 395.277706][T11826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 395.277716][T11826] R13: 00007f7ada216038 R14: 00007f7ada215fa0 R15: 00007ffdf7df6a58 [ 395.277736][T11826] [ 395.643990][T11829] FAULT_INJECTION: forcing a failure. [ 395.643990][T11829] name failslab, interval 1, probability 0, space 0, times 0 [ 395.658007][T11829] CPU: 0 UID: 0 PID: 11829 Comm: syz.2.1367 Tainted: G U L syzkaller #0 PREEMPT(full) [ 395.658037][T11829] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 395.658043][T11829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 395.658053][T11829] Call Trace: [ 395.658058][T11829] [ 395.658064][T11829] dump_stack_lvl+0x100/0x190 [ 395.658092][T11829] should_fail_ex.cold+0x5/0xa [ 395.658111][T11829] should_failslab+0xc2/0x120 [ 395.658126][T11829] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 395.658149][T11829] ? kstrdup_const+0x63/0x80 [ 395.658169][T11829] ? find_held_lock+0x2b/0x80 [ 395.658183][T11829] ? is_bpf_text_address+0x8a/0x1a0 [ 395.658216][T11829] kstrdup+0x51/0xe0 [ 395.658239][T11829] kstrdup_const+0x63/0x80 [ 395.658260][T11829] __kernfs_new_node+0x9b/0x960 [ 395.658280][T11829] ? __kernel_text_address+0xd/0x30 [ 395.658302][T11829] ? arch_stack_walk+0xa6/0xf0 [ 395.658316][T11829] ? __pfx___kernfs_new_node+0x10/0x10 [ 395.658340][T11829] ? find_held_lock+0x2b/0x80 [ 395.658353][T11829] ? kernfs_root+0xee/0x2a0 [ 395.658370][T11829] ? kernfs_root+0xee/0x2a0 [ 395.658394][T11829] kernfs_new_node+0x11b/0x1a0 [ 395.658418][T11829] kernfs_create_dir_ns+0x4c/0x1a0 [ 395.658441][T11829] sysfs_create_dir_ns+0x13a/0x2b0 [ 395.658460][T11829] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 395.658477][T11829] ? find_held_lock+0x2b/0x80 [ 395.658490][T11829] ? kobject_add_internal+0x25f/0x930 [ 395.658510][T11829] ? kobject_add_internal+0x25f/0x930 [ 395.658531][T11829] ? class_dir_child_ns_type+0xd/0x60 [ 395.658555][T11829] kobject_add_internal+0x2c8/0x930 [ 395.658578][T11829] kobject_add+0x16a/0x1e0 [ 395.658597][T11829] ? __pfx_kobject_add+0x10/0x10 [ 395.658620][T11829] ? kobject_put+0xb9/0x640 [ 395.658643][T11829] device_add+0x294/0x1950 [ 395.658667][T11829] ? kfree_const+0x5a/0x70 [ 395.658687][T11829] ? __pfx_device_add+0x10/0x10 [ 395.658707][T11829] ? kfree_const+0x5a/0x70 [ 395.658727][T11829] ? kfree+0x2ec/0x6b0 [ 395.658749][T11829] device_create_groups_vargs+0x1f8/0x270 [ 395.658775][T11829] device_create+0xed/0x130 [ 395.658798][T11829] ? __pfx_device_create+0x10/0x10 [ 395.658819][T11829] ? lockdep_init_map_type+0x5c/0x250 [ 395.658838][T11829] ? timer_init_key+0x150/0x340 [ 395.658863][T11829] ? ieee80211_roc_setup+0x136/0x270 [ 395.658879][T11829] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 395.658901][T11829] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 395.658931][T11829] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 395.658956][T11829] ? __nla_validate_parse+0x1e7/0x28b0 [ 395.658974][T11829] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 395.658999][T11829] hwsim_new_radio_nl+0xc1f/0x1340 [ 395.659020][T11829] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 395.659045][T11829] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 395.659066][T11829] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 395.659091][T11829] genl_family_rcv_msg_doit+0x214/0x300 [ 395.659114][T11829] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 395.659134][T11829] ? genl_get_cmd+0x3ef/0x720 [ 395.659163][T11829] ? bpf_lsm_capable+0x9/0x10 [ 395.659177][T11829] ? security_capable+0x80/0x260 [ 395.659196][T11829] ? ns_capable+0xd2/0xf0 [ 395.659220][T11829] genl_rcv_msg+0x560/0x800 [ 395.659244][T11829] ? __pfx_genl_rcv_msg+0x10/0x10 [ 395.659265][T11829] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 395.659292][T11829] netlink_rcv_skb+0x159/0x420 [ 395.659311][T11829] ? __pfx_genl_rcv_msg+0x10/0x10 [ 395.659332][T11829] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 395.659359][T11829] ? netlink_deliver_tap+0x1ae/0xcc0 [ 395.659379][T11829] genl_rcv+0x28/0x40 [ 395.659397][T11829] netlink_unicast+0x5aa/0x870 [ 395.659418][T11829] ? __pfx_netlink_unicast+0x10/0x10 [ 395.659443][T11829] netlink_sendmsg+0x8b0/0xda0 [ 395.659464][T11829] ? __pfx_netlink_sendmsg+0x10/0x10 [ 395.659481][T11829] ? __import_iovec+0x1d2/0x640 [ 395.659506][T11829] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 395.659528][T11829] ____sys_sendmsg+0xa54/0xc30 [ 395.659552][T11829] ? __pfx_____sys_sendmsg+0x10/0x10 [ 395.659576][T11829] ? __pfx_futex_wake_mark+0x10/0x10 [ 395.659601][T11829] ___sys_sendmsg+0x190/0x1e0 [ 395.659623][T11829] ? __pfx____sys_sendmsg+0x10/0x10 [ 395.659668][T11829] __sys_sendmsg+0x170/0x220 [ 395.659689][T11829] ? __pfx___sys_sendmsg+0x10/0x10 [ 395.659705][T11829] ? __x64_sys_futex+0x34f/0x4d0 [ 395.659735][T11829] do_syscall_64+0x106/0xf80 [ 395.659751][T11829] ? clear_bhb_loop+0x40/0x90 [ 395.659770][T11829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.659785][T11829] RIP: 0033:0x7fba1a79c799 [ 395.659801][T11829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 395.659815][T11829] RSP: 002b:00007fba1b611028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 395.659830][T11829] RAX: ffffffffffffffda RBX: 00007fba1aa15fa0 RCX: 00007fba1a79c799 [ 395.659840][T11829] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 395.659850][T11829] RBP: 00007fba1a832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 395.659859][T11829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 395.659869][T11829] R13: 00007fba1aa16038 R14: 00007fba1aa15fa0 R15: 00007ffc127a9ff8 [ 395.659890][T11829] [ 395.659902][T11829] kobject: kobject_add_internal failed for hwsim47 (error: -12 parent: mac80211_hwsim) [ 396.495783][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 396.502507][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 396.508919][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 396.514908][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 396.922263][T11837] futex_wake_op: syz.2.1367 tries to shift op by -2048; fix this program [ 397.427677][T11853] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 397.433927][T11853] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 397.464619][T11853] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 397.496475][T11853] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 398.295014][T11886] FAULT_INJECTION: forcing a failure. [ 398.295014][T11886] name failslab, interval 1, probability 0, space 0, times 0 [ 398.385732][T11886] CPU: 0 UID: 0 PID: 11886 Comm: syz.3.1378 Tainted: G U L syzkaller #0 PREEMPT(full) [ 398.385761][T11886] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 398.385767][T11886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 398.385777][T11886] Call Trace: [ 398.385782][T11886] [ 398.385788][T11886] dump_stack_lvl+0x100/0x190 [ 398.385815][T11886] should_fail_ex.cold+0x5/0xa [ 398.385833][T11886] ? lsm_blob_alloc+0x68/0x90 [ 398.385849][T11886] should_failslab+0xc2/0x120 [ 398.385865][T11886] __kmalloc_noprof+0xe0/0x850 [ 398.385887][T11886] ? trace_kmem_cache_alloc+0xf3/0x120 [ 398.385904][T11886] lsm_blob_alloc+0x68/0x90 [ 398.385921][T11886] security_sk_alloc+0x2d/0x290 [ 398.385949][T11886] sk_prot_alloc+0x1d1/0x2a0 [ 398.385971][T11886] sk_alloc+0x36/0xe80 [ 398.385986][T11886] inet_create+0x3a0/0x1060 [ 398.386008][T11886] ? inet_create+0x94/0x1060 [ 398.386031][T11886] __sock_create+0x339/0x860 [ 398.386056][T11886] udp_sock_create4+0xa6/0x450 [ 398.386073][T11886] ? __pfx_udp_sock_create4+0x10/0x10 [ 398.386092][T11886] ? lockdep_hardirqs_on+0x78/0x100 [ 398.386110][T11886] ? crng_make_state+0x2b0/0x6c0 [ 398.386132][T11886] rxrpc_open_socket+0x4ef/0x6b0 [ 398.386154][T11886] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 398.386185][T11886] ? rcu_is_watching+0x12/0xc0 [ 398.386210][T11886] rxrpc_lookup_local+0xac7/0x1220 [ 398.386234][T11886] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 398.386257][T11886] ? __local_bh_enable_ip+0x9e/0x120 [ 398.386275][T11886] rxrpc_sendmsg+0x34a/0x680 [ 398.386300][T11886] sock_write_iter+0x566/0x610 [ 398.386321][T11886] ? __pfx_sock_write_iter+0x10/0x10 [ 398.386348][T11886] ? bpf_lsm_file_permission+0x9/0x10 [ 398.386370][T11886] ? security_file_permission+0x76/0x210 [ 398.386393][T11886] ? rw_verify_area+0xce/0x6d0 [ 398.386414][T11886] vfs_write+0x6ac/0x1070 [ 398.386442][T11886] ? __pfx_sock_write_iter+0x10/0x10 [ 398.386464][T11886] ? __pfx_vfs_write+0x10/0x10 [ 398.386483][T11886] ? find_held_lock+0x2b/0x80 [ 398.386509][T11886] ksys_write+0x1f8/0x250 [ 398.386534][T11886] ? __pfx_ksys_write+0x10/0x10 [ 398.386563][T11886] do_syscall_64+0x106/0xf80 [ 398.386581][T11886] ? clear_bhb_loop+0x40/0x90 [ 398.386599][T11886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.386616][T11886] RIP: 0033:0x7ff7a379c799 [ 398.386630][T11886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 398.386648][T11886] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 398.386665][T11886] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 398.386677][T11886] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 398.386686][T11886] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 398.386695][T11886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 398.386704][T11886] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 398.386725][T11886] [ 399.183760][T11896] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1381'. [ 399.377625][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 399.456770][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 399.465282][T11902] futex_wake_op: syz.3.1382 tries to shift op by -2048; fix this program [ 399.535793][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout [ 399.535831][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 399.684023][T11907] futex_wake_op: syz.0.1384 tries to shift op by -2048; fix this program [ 400.032603][T11924] FAULT_INJECTION: forcing a failure. [ 400.032603][T11924] name failslab, interval 1, probability 0, space 0, times 0 [ 400.058146][T11920] FAULT_INJECTION: forcing a failure. [ 400.058146][T11920] name failslab, interval 1, probability 0, space 0, times 0 [ 400.076283][T11924] CPU: 0 UID: 0 PID: 11924 Comm: syz.0.1388 Tainted: G U L syzkaller #0 PREEMPT(full) [ 400.076311][T11924] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 400.076317][T11924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 400.076327][T11924] Call Trace: [ 400.076332][T11924] [ 400.076338][T11924] dump_stack_lvl+0x100/0x190 [ 400.076366][T11924] should_fail_ex.cold+0x5/0xa [ 400.076384][T11924] should_failslab+0xc2/0x120 [ 400.076400][T11924] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 400.076420][T11924] ? sk_prot_alloc+0x60/0x2a0 [ 400.076443][T11924] sk_prot_alloc+0x60/0x2a0 [ 400.076464][T11924] sk_alloc+0x36/0xe80 [ 400.076480][T11924] inet_create+0x3a0/0x1060 [ 400.076502][T11924] ? inet_create+0x94/0x1060 [ 400.076525][T11924] __sock_create+0x339/0x860 [ 400.076550][T11924] __sys_socket+0x14d/0x260 [ 400.076572][T11924] ? __pfx___sys_socket+0x10/0x10 [ 400.076599][T11924] __x64_sys_socket+0x72/0xb0 [ 400.076619][T11924] ? lockdep_hardirqs_on+0x78/0x100 [ 400.076636][T11924] do_syscall_64+0x106/0xf80 [ 400.076652][T11924] ? clear_bhb_loop+0x40/0x90 [ 400.076670][T11924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.076686][T11924] RIP: 0033:0x7f7ad9f9c799 [ 400.076699][T11924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 400.076714][T11924] RSP: 002b:00007f7adae9c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 400.076730][T11924] RAX: ffffffffffffffda RBX: 00007f7ada215fa0 RCX: 00007f7ad9f9c799 [ 400.076739][T11924] RDX: 0000000000000088 RSI: 0000000000000002 RDI: 0000000000000002 [ 400.076748][T11924] RBP: 00007f7ada032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 400.076764][T11924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 400.076773][T11924] R13: 00007f7ada216038 R14: 00007f7ada215fa0 R15: 00007ffdf7df6a58 [ 400.076793][T11924] [ 400.330120][T11920] CPU: 0 UID: 0 PID: 11920 Comm: syz.2.1386 Tainted: G U L syzkaller #0 PREEMPT(full) [ 400.330147][T11920] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 400.330152][T11920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 400.330161][T11920] Call Trace: [ 400.330166][T11920] [ 400.330172][T11920] dump_stack_lvl+0x100/0x190 [ 400.330199][T11920] should_fail_ex.cold+0x5/0xa [ 400.330215][T11920] ? copy_splice_read+0x1a3/0xb90 [ 400.330236][T11920] should_failslab+0xc2/0x120 [ 400.330250][T11920] __kmalloc_noprof+0xe0/0x850 [ 400.330269][T11920] ? current_time+0x8a/0x3b0 [ 400.330288][T11920] copy_splice_read+0x1a3/0xb90 [ 400.330308][T11920] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 400.330326][T11920] ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300 [ 400.330347][T11920] ? __pfx_copy_splice_read+0x10/0x10 [ 400.330376][T11920] ? find_held_lock+0x2b/0x80 [ 400.330390][T11920] ? __pfx_copy_splice_read+0x10/0x10 [ 400.330411][T11920] do_splice_read+0x285/0x370 [ 400.330434][T11920] splice_direct_to_actor+0x2a1/0xa30 [ 400.330457][T11920] ? __pfx_direct_splice_actor+0x10/0x10 [ 400.330482][T11920] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 400.330509][T11920] do_splice_direct+0x174/0x240 [ 400.330539][T11920] ? __pfx_do_splice_direct+0x10/0x10 [ 400.330562][T11920] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 400.330585][T11920] ? rw_verify_area+0xce/0x6d0 [ 400.330608][T11920] do_sendfile+0xadc/0xe20 [ 400.330632][T11920] ? __pfx_do_sendfile+0x10/0x10 [ 400.330653][T11920] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 400.330675][T11920] __x64_sys_sendfile64+0x1d8/0x220 [ 400.330691][T11920] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 400.330711][T11920] do_syscall_64+0x106/0xf80 [ 400.330727][T11920] ? clear_bhb_loop+0x40/0x90 [ 400.330750][T11920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.330765][T11920] RIP: 0033:0x7fba1a79c799 [ 400.330779][T11920] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 400.330796][T11920] RSP: 002b:00007fba1b5f0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 400.330810][T11920] RAX: ffffffffffffffda RBX: 00007fba1aa16090 RCX: 00007fba1a79c799 [ 400.330821][T11920] RDX: 0000000000000000 RSI: 0000000000000027 RDI: 0000000000000026 [ 400.330831][T11920] RBP: 00007fba1a832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 400.330839][T11920] R10: 0000000001000200 R11: 0000000000000246 R12: 0000000000000000 [ 400.330847][T11920] R13: 00007fba1aa16128 R14: 00007fba1aa16090 R15: 00007ffc127a9ff8 [ 400.330866][T11920] [ 401.205217][T11943] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 401.211977][T11943] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 401.680852][ T29] audit: type=1807 audit(4294967325.050:12): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 401.768146][T11954] ima: policy update failed [ 401.778085][ T29] audit: type=1802 audit(4294967325.100:13): pid=11951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.1391" res=0 errno=0 [ 401.922526][ T29] audit: type=1802 audit(4294967325.250:14): pid=11954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1391" res=0 errno=0 [ 403.449792][T11974] openvswitch: netlink: IPv4 tunnel dst address is zero [ 404.006902][T11998] FAULT_INJECTION: forcing a failure. [ 404.006902][T11998] name failslab, interval 1, probability 0, space 0, times 0 [ 404.115849][T12000] futex_wake_op: syz.3.1403 tries to shift op by -2048; fix this program [ 404.161799][T11998] CPU: 0 UID: 0 PID: 11998 Comm: syz.3.1403 Tainted: G U L syzkaller #0 PREEMPT(full) [ 404.161828][T11998] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 404.161834][T11998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 404.161843][T11998] Call Trace: [ 404.161849][T11998] [ 404.161857][T11998] dump_stack_lvl+0x100/0x190 [ 404.161885][T11998] should_fail_ex.cold+0x5/0xa [ 404.161904][T11998] should_failslab+0xc2/0x120 [ 404.161919][T11998] __kmalloc_cache_node_noprof+0x7d/0x770 [ 404.161942][T11998] ? __alloc_workqueue+0xf78/0x1880 [ 404.161958][T11998] ? lockdep_init_map_type+0x5c/0x250 [ 404.161981][T11998] __alloc_workqueue+0xf78/0x1880 [ 404.162004][T11998] alloc_workqueue_noprof+0xd2/0x200 [ 404.162021][T11998] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 404.162040][T11998] ? rcu_is_watching+0x12/0xc0 [ 404.162062][T11998] ? trace_kmalloc+0x101/0x130 [ 404.162075][T11998] ? __kasan_kmalloc+0xaa/0xb0 [ 404.162096][T11998] ? __kmalloc_noprof+0x320/0x850 [ 404.162119][T11998] ieee80211_register_hw+0x1f80/0x4140 [ 404.162148][T11998] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 404.162167][T11998] ? __pfx___debug_object_init+0x10/0x10 [ 404.162192][T11998] ? find_held_lock+0x2b/0x80 [ 404.162206][T11998] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 404.162230][T11998] ? __hrtimer_setup+0x178/0x280 [ 404.162251][T11998] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 404.162283][T11998] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 404.162308][T11998] hwsim_new_radio_nl+0xc1f/0x1340 [ 404.162346][T11998] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 404.162377][T11998] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 404.162400][T11998] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 404.162426][T11998] genl_family_rcv_msg_doit+0x214/0x300 [ 404.162450][T11998] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 404.162471][T11998] ? genl_get_cmd+0x3ef/0x720 [ 404.162495][T11998] ? bpf_lsm_capable+0x9/0x10 [ 404.162509][T11998] ? security_capable+0x80/0x260 [ 404.162529][T11998] ? ns_capable+0xd2/0xf0 [ 404.162544][T11998] genl_rcv_msg+0x560/0x800 [ 404.162567][T11998] ? __pfx_genl_rcv_msg+0x10/0x10 [ 404.162591][T11998] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 404.162616][T11998] netlink_rcv_skb+0x159/0x420 [ 404.162634][T11998] ? __pfx_genl_rcv_msg+0x10/0x10 [ 404.162655][T11998] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 404.162681][T11998] ? netlink_deliver_tap+0x1ae/0xcc0 [ 404.162701][T11998] genl_rcv+0x28/0x40 [ 404.162718][T11998] netlink_unicast+0x5aa/0x870 [ 404.162739][T11998] ? __pfx_netlink_unicast+0x10/0x10 [ 404.162764][T11998] netlink_sendmsg+0x8b0/0xda0 [ 404.162786][T11998] ? __pfx_netlink_sendmsg+0x10/0x10 [ 404.162803][T11998] ? __import_iovec+0x1d2/0x640 [ 404.162827][T11998] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 404.162849][T11998] ____sys_sendmsg+0xa54/0xc30 [ 404.162872][T11998] ? __pfx_____sys_sendmsg+0x10/0x10 [ 404.162895][T11998] ? try_to_wake_up+0x644/0x1a80 [ 404.162914][T11998] ___sys_sendmsg+0x190/0x1e0 [ 404.162936][T11998] ? __pfx____sys_sendmsg+0x10/0x10 [ 404.162957][T11998] ? futex_private_hash_put+0x107/0x1c0 [ 404.162997][T11998] __sys_sendmsg+0x170/0x220 [ 404.163014][T11998] ? __pfx___sys_sendmsg+0x10/0x10 [ 404.163030][T11998] ? __x64_sys_futex+0x34f/0x4d0 [ 404.163059][T11998] do_syscall_64+0x106/0xf80 [ 404.163075][T11998] ? clear_bhb_loop+0x40/0x90 [ 404.163093][T11998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 404.163108][T11998] RIP: 0033:0x7ff7a379c799 [ 404.163124][T11998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 404.163138][T11998] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 404.163153][T11998] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 404.163164][T11998] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 404.163173][T11998] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 404.163182][T11998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 404.163191][T11998] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 404.163212][T11998] [ 406.169562][T12018] FAULT_INJECTION: forcing a failure. [ 406.169562][T12018] name failslab, interval 1, probability 0, space 0, times 0 [ 406.226928][T12018] CPU: 0 UID: 0 PID: 12018 Comm: syz.2.1406 Tainted: G U L syzkaller #0 PREEMPT(full) [ 406.226957][T12018] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 406.226964][T12018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 406.226973][T12018] Call Trace: [ 406.226979][T12018] [ 406.226985][T12018] dump_stack_lvl+0x100/0x190 [ 406.227012][T12018] should_fail_ex.cold+0x5/0xa [ 406.227031][T12018] should_failslab+0xc2/0x120 [ 406.227046][T12018] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 406.227067][T12018] ? __kernfs_new_node+0xd2/0x960 [ 406.227092][T12018] __kernfs_new_node+0xd2/0x960 [ 406.227112][T12018] ? __lock_acquire+0x4a5/0x2630 [ 406.227131][T12018] ? __pfx___kernfs_new_node+0x10/0x10 [ 406.227163][T12018] ? find_held_lock+0x2b/0x80 [ 406.227177][T12018] ? kernfs_root+0xee/0x2a0 [ 406.227195][T12018] ? kernfs_root+0xee/0x2a0 [ 406.227219][T12018] kernfs_new_node+0x11b/0x1a0 [ 406.227245][T12018] __kernfs_create_file+0x53/0x350 [ 406.227263][T12018] sysfs_add_file_mode_ns+0x207/0x3c0 [ 406.227287][T12018] internal_create_group+0x593/0xf40 [ 406.227312][T12018] ? __pfx_internal_create_group+0x10/0x10 [ 406.227335][T12018] ? kernfs_create_link+0x1bd/0x240 [ 406.227354][T12018] internal_create_groups+0x9d/0x150 [ 406.227375][T12018] device_add+0x77a/0x1950 [ 406.227400][T12018] ? __pfx_device_add+0x10/0x10 [ 406.227430][T12018] __add_disk+0x518/0xe40 [ 406.227451][T12018] ? find_held_lock+0x2b/0x80 [ 406.227466][T12018] add_disk_fwnode+0x3d4/0x5c0 [ 406.227488][T12018] zram_add+0x4d2/0x610 [ 406.227504][T12018] ? __pfx_zram_add+0x10/0x10 [ 406.227532][T12018] ? find_held_lock+0x2b/0x80 [ 406.227545][T12018] ? sysfs_file_kobj+0xe4/0x290 [ 406.227564][T12018] ? __pfx_hot_add_show+0x10/0x10 [ 406.227579][T12018] hot_add_show+0x21/0x80 [ 406.227594][T12018] class_attr_show+0x72/0xa0 [ 406.227615][T12018] ? __pfx_class_attr_show+0x10/0x10 [ 406.227635][T12018] sysfs_kf_seq_show+0x217/0x3a0 [ 406.227656][T12018] seq_read_iter+0x32f/0x1270 [ 406.227686][T12018] kernfs_fop_read_iter+0x46c/0x610 [ 406.227702][T12018] ? rw_verify_area+0xce/0x6d0 [ 406.227721][T12018] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 406.227738][T12018] vfs_read+0x825/0xb30 [ 406.227761][T12018] ? __pfx_vfs_read+0x10/0x10 [ 406.227795][T12018] ksys_read+0x12a/0x250 [ 406.227816][T12018] ? __pfx_ksys_read+0x10/0x10 [ 406.227843][T12018] do_syscall_64+0x106/0xf80 [ 406.227859][T12018] ? clear_bhb_loop+0x40/0x90 [ 406.227877][T12018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.227897][T12018] RIP: 0033:0x7fba1a79c799 [ 406.227910][T12018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 406.227924][T12018] RSP: 002b:00007fba1b611028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 406.227939][T12018] RAX: ffffffffffffffda RBX: 00007fba1aa15fa0 RCX: 00007fba1a79c799 [ 406.227949][T12018] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000007 [ 406.227962][T12018] RBP: 00007fba1a832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 406.227971][T12018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 406.227979][T12018] R13: 00007fba1aa16038 R14: 00007fba1aa15fa0 R15: 00007ffc127a9ff8 [ 406.227999][T12018] [ 406.962463][T12022] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 406.968901][T12022] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 406.990004][T12022] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 407.029302][T12022] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 407.449890][T12037] futex_wake_op: syz.0.1410 tries to shift op by -2048; fix this program [ 407.892546][T12048] FAULT_INJECTION: forcing a failure. [ 407.892546][T12048] name failslab, interval 1, probability 0, space 0, times 0 [ 407.933464][T12048] CPU: 0 UID: 0 PID: 12048 Comm: syz.3.1414 Tainted: G U L syzkaller #0 PREEMPT(full) [ 407.933493][T12048] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 407.933499][T12048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 407.933508][T12048] Call Trace: [ 407.933514][T12048] [ 407.933520][T12048] dump_stack_lvl+0x100/0x190 [ 407.933548][T12048] should_fail_ex.cold+0x5/0xa [ 407.933566][T12048] should_failslab+0xc2/0x120 [ 407.933582][T12048] __kmalloc_cache_noprof+0x7a/0x6f0 [ 407.933600][T12048] ? kobject_uevent_env+0x263/0x18b0 [ 407.933626][T12048] kobject_uevent_env+0x263/0x18b0 [ 407.933649][T12048] ? queue_work_on+0x11b/0x1e0 [ 407.933669][T12048] ? bus_to_subsys+0x114/0x150 [ 407.933686][T12048] driver_bound+0x13e/0x220 [ 407.933706][T12048] device_bind_driver+0x3a/0x70 [ 407.933725][T12048] mac80211_hwsim_new_radio+0x3fb/0x57d0 [ 407.933753][T12048] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 407.933778][T12048] ? __nla_validate_parse+0x1e7/0x28b0 [ 407.933796][T12048] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 407.933821][T12048] hwsim_new_radio_nl+0xc1f/0x1340 [ 407.933843][T12048] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 407.933868][T12048] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 407.933893][T12048] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 407.933918][T12048] genl_family_rcv_msg_doit+0x214/0x300 [ 407.933941][T12048] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 407.933961][T12048] ? genl_get_cmd+0x3ef/0x720 [ 407.933984][T12048] ? bpf_lsm_capable+0x9/0x10 [ 407.933998][T12048] ? security_capable+0x80/0x260 [ 407.934025][T12048] ? ns_capable+0xd2/0xf0 [ 407.934041][T12048] genl_rcv_msg+0x560/0x800 [ 407.934065][T12048] ? __pfx_genl_rcv_msg+0x10/0x10 [ 407.934086][T12048] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 407.934112][T12048] netlink_rcv_skb+0x159/0x420 [ 407.934130][T12048] ? __pfx_genl_rcv_msg+0x10/0x10 [ 407.934151][T12048] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 407.934179][T12048] ? netlink_deliver_tap+0x1ae/0xcc0 [ 407.934199][T12048] genl_rcv+0x28/0x40 [ 407.934217][T12048] netlink_unicast+0x5aa/0x870 [ 407.934238][T12048] ? __pfx_netlink_unicast+0x10/0x10 [ 407.934264][T12048] netlink_sendmsg+0x8b0/0xda0 [ 407.934285][T12048] ? __pfx_netlink_sendmsg+0x10/0x10 [ 407.934302][T12048] ? __import_iovec+0x1d2/0x640 [ 407.934327][T12048] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 407.934349][T12048] ____sys_sendmsg+0xa54/0xc30 [ 407.934372][T12048] ? __pfx_____sys_sendmsg+0x10/0x10 [ 407.934395][T12048] ? try_to_wake_up+0x644/0x1a80 [ 407.934413][T12048] ___sys_sendmsg+0x190/0x1e0 [ 407.934436][T12048] ? __pfx____sys_sendmsg+0x10/0x10 [ 407.934460][T12048] ? futex_private_hash_put+0x107/0x1c0 [ 407.934499][T12048] __sys_sendmsg+0x170/0x220 [ 407.934516][T12048] ? __pfx___sys_sendmsg+0x10/0x10 [ 407.934532][T12048] ? __x64_sys_futex+0x34f/0x4d0 [ 407.934562][T12048] do_syscall_64+0x106/0xf80 [ 407.934578][T12048] ? clear_bhb_loop+0x40/0x90 [ 407.934596][T12048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.934611][T12048] RIP: 0033:0x7ff7a379c799 [ 407.934626][T12048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 407.934641][T12048] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 407.934656][T12048] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 407.934667][T12048] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 407.934676][T12048] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 407.934685][T12048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 407.934695][T12048] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 407.934715][T12048] [ 408.301012][T12054] futex_wake_op: syz.3.1414 tries to shift op by -2048; fix this program [ 408.715933][T12067] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 408.725699][T12067] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 408.765161][T12067] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 408.789448][T12067] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 410.735726][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 410.741872][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 410.816117][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 410.822185][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 411.475848][T12132] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 411.498425][T12132] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 411.535357][T12132] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 411.571695][T12132] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 411.643979][T12136] pim6reg: entered allmulticast mode [ 412.682342][T12141] openvswitch: netlink: IPv4 tunnel dst address is zero [ 413.456289][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 413.536878][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 413.542954][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 413.615864][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 414.056140][T12187] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 414.069942][T12187] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 414.097633][T12187] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 414.135950][T12187] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 414.180241][T12192] futex_wake_op: syz.0.1445 tries to shift op by -2048; fix this program [ 416.016514][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 416.095805][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 416.175766][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 416.181910][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 416.796688][T12231] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 416.823192][T12231] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 416.854083][T12231] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 416.889549][T12231] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 418.095729][ T5145] Bluetooth: hci0: command 0x0c1a tx timeout [ 418.554401][T12271] FAULT_INJECTION: forcing a failure. [ 418.554401][T12271] name failslab, interval 1, probability 0, space 0, times 0 [ 418.627074][T12273] futex_wake_op: syz.1.1463 tries to shift op by -2048; fix this program [ 418.675010][T12271] CPU: 0 UID: 0 PID: 12271 Comm: syz.1.1463 Tainted: G U L syzkaller #0 PREEMPT(full) [ 418.675040][T12271] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 418.675046][T12271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 418.675055][T12271] Call Trace: [ 418.675061][T12271] [ 418.675067][T12271] dump_stack_lvl+0x100/0x190 [ 418.675096][T12271] should_fail_ex.cold+0x5/0xa [ 418.675115][T12271] should_failslab+0xc2/0x120 [ 418.675130][T12271] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 418.675150][T12271] ? __kernfs_new_node+0xd2/0x960 [ 418.675174][T12271] __kernfs_new_node+0xd2/0x960 [ 418.675195][T12271] ? __pfx___kernfs_new_node+0x10/0x10 [ 418.675219][T12271] ? find_held_lock+0x2b/0x80 [ 418.675233][T12271] ? kernfs_root+0xee/0x2a0 [ 418.675251][T12271] ? kernfs_root+0xee/0x2a0 [ 418.675275][T12271] kernfs_new_node+0x11b/0x1a0 [ 418.675299][T12271] __kernfs_create_file+0x53/0x350 [ 418.675317][T12271] sysfs_add_file_mode_ns+0x207/0x3c0 [ 418.675339][T12271] sysfs_merge_group+0x194/0x340 [ 418.675360][T12271] ? __pfx_sysfs_merge_group+0x10/0x10 [ 418.675382][T12271] ? __pfx_dev_add_physical_location+0x10/0x10 [ 418.675404][T12271] ? bus_to_subsys+0x114/0x150 [ 418.675422][T12271] dpm_sysfs_add+0x237/0x280 [ 418.675444][T12271] device_add+0x9ef/0x1950 [ 418.675469][T12271] ? __pfx_device_add+0x10/0x10 [ 418.675489][T12271] ? kfree_const+0x5a/0x70 [ 418.675509][T12271] ? kfree+0x2ec/0x6b0 [ 418.675531][T12271] device_create_groups_vargs+0x1f8/0x270 [ 418.675557][T12271] device_create+0xed/0x130 [ 418.675584][T12271] ? __pfx_device_create+0x10/0x10 [ 418.675605][T12271] ? lockdep_init_map_type+0x5c/0x250 [ 418.675625][T12271] ? timer_init_key+0x150/0x340 [ 418.675645][T12271] ? ieee80211_roc_setup+0x136/0x270 [ 418.675660][T12271] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 418.675682][T12271] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 418.675711][T12271] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 418.675736][T12271] ? __nla_validate_parse+0x1e7/0x28b0 [ 418.675754][T12271] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 418.675780][T12271] hwsim_new_radio_nl+0xc1f/0x1340 [ 418.675800][T12271] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 418.675825][T12271] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 418.675847][T12271] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 418.675872][T12271] genl_family_rcv_msg_doit+0x214/0x300 [ 418.675895][T12271] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 418.675915][T12271] ? genl_get_cmd+0x3ef/0x720 [ 418.675938][T12271] ? bpf_lsm_capable+0x9/0x10 [ 418.675953][T12271] ? security_capable+0x80/0x260 [ 418.675981][T12271] ? ns_capable+0xd2/0xf0 [ 418.675998][T12271] genl_rcv_msg+0x560/0x800 [ 418.676021][T12271] ? __pfx_genl_rcv_msg+0x10/0x10 [ 418.676043][T12271] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 418.676070][T12271] netlink_rcv_skb+0x159/0x420 [ 418.676089][T12271] ? __pfx_genl_rcv_msg+0x10/0x10 [ 418.676110][T12271] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 418.676137][T12271] ? netlink_deliver_tap+0x1ae/0xcc0 [ 418.676157][T12271] genl_rcv+0x28/0x40 [ 418.676175][T12271] netlink_unicast+0x5aa/0x870 [ 418.676197][T12271] ? __pfx_netlink_unicast+0x10/0x10 [ 418.676222][T12271] netlink_sendmsg+0x8b0/0xda0 [ 418.676243][T12271] ? __pfx_netlink_sendmsg+0x10/0x10 [ 418.676260][T12271] ? __import_iovec+0x1d2/0x640 [ 418.676285][T12271] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 418.676307][T12271] ____sys_sendmsg+0xa54/0xc30 [ 418.676330][T12271] ? __pfx_____sys_sendmsg+0x10/0x10 [ 418.676354][T12271] ? __pfx_futex_wake_mark+0x10/0x10 [ 418.676378][T12271] ___sys_sendmsg+0x190/0x1e0 [ 418.676401][T12271] ? __pfx____sys_sendmsg+0x10/0x10 [ 418.676446][T12271] __sys_sendmsg+0x170/0x220 [ 418.676463][T12271] ? __pfx___sys_sendmsg+0x10/0x10 [ 418.676479][T12271] ? __x64_sys_futex+0x34f/0x4d0 [ 418.676509][T12271] do_syscall_64+0x106/0xf80 [ 418.676526][T12271] ? clear_bhb_loop+0x40/0x90 [ 418.676546][T12271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.676562][T12271] RIP: 0033:0x7fdedf19c799 [ 418.676576][T12271] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 418.676591][T12271] RSP: 002b:00007fdedffe3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 418.676607][T12271] RAX: ffffffffffffffda RBX: 00007fdedf415fa0 RCX: 00007fdedf19c799 [ 418.676618][T12271] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 418.676627][T12271] RBP: 00007fdedf232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 418.676636][T12271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 418.676645][T12271] R13: 00007fdedf416038 R14: 00007fdedf415fa0 R15: 00007ffc0fdb8928 [ 418.676666][T12271] [ 419.746861][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 419.752891][ T5145] Bluetooth: hci2: command 0x0c1a tx timeout [ 419.760130][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 420.765322][T12283] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.0.1466: bg 1: bad block bitmap checksum [ 420.897202][T12283] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6685: Filesystem failed CRC [ 421.098421][T12284] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 421.420399][T12289] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 421.504098][T12295] futex_wake_op: syz.2.1469 tries to shift op by -2048; fix this program [ 421.967291][T12288] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 421.978475][T12288] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 422.008272][T12288] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 422.034644][T12288] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 422.405786][T12309] futex_wake_op: syz.3.1472 tries to shift op by -2048; fix this program [ 423.295656][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 423.760296][T12334] FAULT_INJECTION: forcing a failure. [ 423.760296][T12334] name failslab, interval 1, probability 0, space 0, times 0 [ 423.858659][T12334] CPU: 0 UID: 0 PID: 12334 Comm: syz.3.1478 Tainted: G U L syzkaller #0 PREEMPT(full) [ 423.858688][T12334] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 423.858693][T12334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 423.858703][T12334] Call Trace: [ 423.858709][T12334] [ 423.858715][T12334] dump_stack_lvl+0x100/0x190 [ 423.858743][T12334] should_fail_ex.cold+0x5/0xa [ 423.858761][T12334] should_failslab+0xc2/0x120 [ 423.858775][T12334] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 423.858799][T12334] ? kstrdup_const+0x63/0x80 [ 423.858825][T12334] kstrdup+0x51/0xe0 [ 423.858847][T12334] kstrdup_const+0x63/0x80 [ 423.858868][T12334] __kernfs_new_node+0x9b/0x960 [ 423.858890][T12334] ? __pfx___kernfs_new_node+0x10/0x10 [ 423.858914][T12334] ? find_held_lock+0x2b/0x80 [ 423.858927][T12334] ? kernfs_root+0xee/0x2a0 [ 423.858945][T12334] ? kernfs_root+0xee/0x2a0 [ 423.858968][T12334] kernfs_new_node+0x11b/0x1a0 [ 423.858992][T12334] kernfs_create_link+0xcc/0x240 [ 423.859010][T12334] sysfs_do_create_link_sd+0x90/0x140 [ 423.859030][T12334] sysfs_create_link+0x61/0xc0 [ 423.859049][T12334] device_add+0x675/0x1950 [ 423.859072][T12334] ? kfree_const+0x5a/0x70 [ 423.859093][T12334] ? __pfx_device_add+0x10/0x10 [ 423.859113][T12334] ? kfree_const+0x5a/0x70 [ 423.859132][T12334] ? kfree+0x2ec/0x6b0 [ 423.859154][T12334] device_create_groups_vargs+0x1f8/0x270 [ 423.859180][T12334] device_create+0xed/0x130 [ 423.859203][T12334] ? __pfx_device_create+0x10/0x10 [ 423.859224][T12334] ? lockdep_init_map_type+0x5c/0x250 [ 423.859243][T12334] ? timer_init_key+0x150/0x340 [ 423.859261][T12334] ? ieee80211_roc_setup+0x136/0x270 [ 423.859277][T12334] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 423.859299][T12334] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 423.859327][T12334] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 423.859352][T12334] ? __nla_validate_parse+0x1e7/0x28b0 [ 423.859371][T12334] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 423.859396][T12334] hwsim_new_radio_nl+0xc1f/0x1340 [ 423.859417][T12334] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 423.859442][T12334] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 423.859464][T12334] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 423.859489][T12334] genl_family_rcv_msg_doit+0x214/0x300 [ 423.859525][T12334] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 423.859546][T12334] ? genl_get_cmd+0x3ef/0x720 [ 423.859570][T12334] ? bpf_lsm_capable+0x9/0x10 [ 423.859584][T12334] ? security_capable+0x80/0x260 [ 423.859604][T12334] ? ns_capable+0xd2/0xf0 [ 423.859620][T12334] genl_rcv_msg+0x560/0x800 [ 423.859643][T12334] ? __pfx_genl_rcv_msg+0x10/0x10 [ 423.859663][T12334] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 423.859692][T12334] netlink_rcv_skb+0x159/0x420 [ 423.859710][T12334] ? __pfx_genl_rcv_msg+0x10/0x10 [ 423.859731][T12334] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 423.859757][T12334] ? netlink_deliver_tap+0x1ae/0xcc0 [ 423.859777][T12334] genl_rcv+0x28/0x40 [ 423.859795][T12334] netlink_unicast+0x5aa/0x870 [ 423.859816][T12334] ? __pfx_netlink_unicast+0x10/0x10 [ 423.859841][T12334] netlink_sendmsg+0x8b0/0xda0 [ 423.859862][T12334] ? __pfx_netlink_sendmsg+0x10/0x10 [ 423.859879][T12334] ? __import_iovec+0x1d2/0x640 [ 423.859904][T12334] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 423.859926][T12334] ____sys_sendmsg+0xa54/0xc30 [ 423.859949][T12334] ? __pfx_____sys_sendmsg+0x10/0x10 [ 423.859973][T12334] ? __pfx_futex_wake_mark+0x10/0x10 [ 423.859999][T12334] ___sys_sendmsg+0x190/0x1e0 [ 423.860021][T12334] ? __pfx____sys_sendmsg+0x10/0x10 [ 423.860066][T12334] __sys_sendmsg+0x170/0x220 [ 423.860083][T12334] ? __pfx___sys_sendmsg+0x10/0x10 [ 423.860099][T12334] ? __x64_sys_futex+0x34f/0x4d0 [ 423.860129][T12334] do_syscall_64+0x106/0xf80 [ 423.860145][T12334] ? clear_bhb_loop+0x40/0x90 [ 423.860165][T12334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.860181][T12334] RIP: 0033:0x7ff7a379c799 [ 423.860195][T12334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 423.860209][T12334] RSP: 002b:00007ff7a461f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 423.860225][T12334] RAX: ffffffffffffffda RBX: 00007ff7a3a15fa0 RCX: 00007ff7a379c799 [ 423.860235][T12334] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 423.860244][T12334] RBP: 00007ff7a3832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 423.860254][T12334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 423.860263][T12334] R13: 00007ff7a3a16038 R14: 00007ff7a3a15fa0 R15: 00007ffe22e4fa98 [ 423.860283][T12334] [ 424.332006][T12338] FAULT_INJECTION: forcing a failure. [ 424.332006][T12338] name failslab, interval 1, probability 0, space 0, times 0 [ 424.344787][T12338] CPU: 0 UID: 0 PID: 12338 Comm: syz.0.1479 Tainted: G U L syzkaller #0 PREEMPT(full) [ 424.344816][T12338] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 424.344822][T12338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 424.344832][T12338] Call Trace: [ 424.344838][T12338] [ 424.344844][T12338] dump_stack_lvl+0x100/0x190 [ 424.344871][T12338] should_fail_ex.cold+0x5/0xa [ 424.344890][T12338] should_failslab+0xc2/0x120 [ 424.344905][T12338] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 424.344926][T12338] ? __kernfs_new_node+0xd2/0x960 [ 424.344950][T12338] __kernfs_new_node+0xd2/0x960 [ 424.344973][T12338] ? __pfx___kernfs_new_node+0x10/0x10 [ 424.344997][T12338] ? find_held_lock+0x2b/0x80 [ 424.345010][T12338] ? kernfs_root+0xee/0x2a0 [ 424.345029][T12338] ? kernfs_root+0xee/0x2a0 [ 424.345052][T12338] kernfs_new_node+0x11b/0x1a0 [ 424.345076][T12338] __kernfs_create_file+0x53/0x350 [ 424.345094][T12338] sysfs_add_file_mode_ns+0x207/0x3c0 [ 424.345117][T12338] sysfs_merge_group+0x194/0x340 [ 424.345137][T12338] ? __pfx_sysfs_merge_group+0x10/0x10 [ 424.345160][T12338] ? __pfx_dev_add_physical_location+0x10/0x10 [ 424.345182][T12338] ? bus_to_subsys+0x114/0x150 [ 424.345199][T12338] dpm_sysfs_add+0x237/0x280 [ 424.345221][T12338] device_add+0x9ef/0x1950 [ 424.345245][T12338] ? __pfx_device_add+0x10/0x10 [ 424.345266][T12338] ? kfree_const+0x5a/0x70 [ 424.345285][T12338] ? kfree+0x2ec/0x6b0 [ 424.345308][T12338] device_create_groups_vargs+0x1f8/0x270 [ 424.345333][T12338] device_create+0xed/0x130 [ 424.345357][T12338] ? __pfx_device_create+0x10/0x10 [ 424.345377][T12338] ? lockdep_init_map_type+0x5c/0x250 [ 424.345397][T12338] ? timer_init_key+0x150/0x340 [ 424.345415][T12338] ? ieee80211_roc_setup+0x136/0x270 [ 424.345431][T12338] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 424.345453][T12338] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 424.345483][T12338] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 424.345507][T12338] ? __nla_validate_parse+0x1e7/0x28b0 [ 424.345526][T12338] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 424.345551][T12338] hwsim_new_radio_nl+0xc1f/0x1340 [ 424.345577][T12338] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 424.345602][T12338] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 424.345625][T12338] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 424.345651][T12338] genl_family_rcv_msg_doit+0x214/0x300 [ 424.345675][T12338] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 424.345704][T12338] ? genl_get_cmd+0x3ef/0x720 [ 424.345728][T12338] ? bpf_lsm_capable+0x9/0x10 [ 424.345742][T12338] ? security_capable+0x80/0x260 [ 424.345762][T12338] ? ns_capable+0xd2/0xf0 [ 424.345778][T12338] genl_rcv_msg+0x560/0x800 [ 424.345800][T12338] ? __pfx_genl_rcv_msg+0x10/0x10 [ 424.345821][T12338] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 424.345847][T12338] netlink_rcv_skb+0x159/0x420 [ 424.345865][T12338] ? __pfx_genl_rcv_msg+0x10/0x10 [ 424.345886][T12338] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 424.345912][T12338] ? netlink_deliver_tap+0x1ae/0xcc0 [ 424.345932][T12338] genl_rcv+0x28/0x40 [ 424.345949][T12338] netlink_unicast+0x5aa/0x870 [ 424.345970][T12338] ? __pfx_netlink_unicast+0x10/0x10 [ 424.345995][T12338] netlink_sendmsg+0x8b0/0xda0 [ 424.346018][T12338] ? __pfx_netlink_sendmsg+0x10/0x10 [ 424.346034][T12338] ? __import_iovec+0x1d2/0x640 [ 424.346058][T12338] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 424.346080][T12338] ____sys_sendmsg+0xa54/0xc30 [ 424.346103][T12338] ? __pfx_____sys_sendmsg+0x10/0x10 [ 424.346127][T12338] ? __pfx_futex_wake_mark+0x10/0x10 [ 424.346152][T12338] ___sys_sendmsg+0x190/0x1e0 [ 424.346175][T12338] ? __pfx____sys_sendmsg+0x10/0x10 [ 424.346219][T12338] __sys_sendmsg+0x170/0x220 [ 424.346237][T12338] ? __pfx___sys_sendmsg+0x10/0x10 [ 424.346253][T12338] ? __x64_sys_futex+0x34f/0x4d0 [ 424.346282][T12338] do_syscall_64+0x106/0xf80 [ 424.346299][T12338] ? clear_bhb_loop+0x40/0x90 [ 424.346319][T12338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.346335][T12338] RIP: 0033:0x7f7ad9f9c799 [ 424.346350][T12338] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 424.346365][T12338] RSP: 002b:00007f7adae9c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 424.346379][T12338] RAX: ffffffffffffffda RBX: 00007f7ada215fa0 RCX: 00007f7ad9f9c799 [ 424.346390][T12338] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 424.346399][T12338] RBP: 00007f7ada032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 424.346408][T12338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 424.346417][T12338] R13: 00007f7ada216038 R14: 00007f7ada215fa0 R15: 00007ffdf7df6a58 [ 424.346438][T12338] [ 424.802472][T12339] futex_wake_op: syz.0.1479 tries to shift op by -2048; fix this program [ 424.869615][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 424.875920][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 424.881954][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout [ 426.991842][T12361] futex_wake_op: syz.2.1483 tries to shift op by -2048; fix this program [ 427.576727][T12379] futex_wake_op: syz.3.1487 tries to shift op by -2048; fix this program [ 427.631601][T12381] 0x3030363000000001-0x30303630000a3031 : "" [ 427.666761][T12381] mtd: partition "" is out of reach -- disabled [ 427.716620][T12381] ftl_cs: FTL header not found. [ 430.139149][T12447] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1496'. [ 430.269161][T12461] futex_wake_op: syz.0.1494 tries to shift op by -2048; fix this program [ 430.640675][T12473] bridge0: port 4(team0) entered blocking state [ 430.671136][T12473] bridge0: port 4(team0) entered disabled state [ 430.698070][T12473] team0: entered allmulticast mode [ 430.712343][T12473] team_slave_0: entered allmulticast mode [ 430.731182][T12473] team_slave_1: entered allmulticast mode [ 430.753255][T12473] team0: entered promiscuous mode [ 430.770945][T12473] team_slave_0: entered promiscuous mode [ 430.791158][T12473] team_slave_1: entered promiscuous mode [ 430.811800][T12473] bridge0: port 4(team0) entered blocking state [ 430.818214][T12473] bridge0: port 4(team0) entered forwarding state [ 431.035263][T12482] futex_wake_op: syz.2.1501 tries to shift op by -2048; fix this program [ 431.088272][T12482] 0x3030363000000001-0x30303630000a3031 : "" [ 431.121734][T12482] mtd: partition "" is out of reach -- disabled [ 431.157897][T12482] FAULT_INJECTION: forcing a failure. [ 431.157897][T12482] name failslab, interval 1, probability 0, space 0, times 0 [ 431.237442][T12482] CPU: 0 UID: 0 PID: 12482 Comm: syz.2.1501 Tainted: G U L syzkaller #0 PREEMPT(full) [ 431.237471][T12482] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 431.237478][T12482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 431.237487][T12482] Call Trace: [ 431.237493][T12482] [ 431.237500][T12482] dump_stack_lvl+0x100/0x190 [ 431.237527][T12482] should_fail_ex.cold+0x5/0xa [ 431.237547][T12482] should_failslab+0xc2/0x120 [ 431.237566][T12482] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 431.237588][T12482] ? __kernfs_new_node+0xd2/0x960 [ 431.237612][T12482] __kernfs_new_node+0xd2/0x960 [ 431.237634][T12482] ? __pfx___kernfs_new_node+0x10/0x10 [ 431.237657][T12482] ? find_held_lock+0x2b/0x80 [ 431.237671][T12482] ? kernfs_root+0xee/0x2a0 [ 431.237689][T12482] ? kernfs_root+0xee/0x2a0 [ 431.237711][T12482] kernfs_new_node+0x11b/0x1a0 [ 431.237736][T12482] __kernfs_create_file+0x53/0x350 [ 431.237754][T12482] sysfs_add_file_mode_ns+0x207/0x3c0 [ 431.237777][T12482] internal_create_group+0x593/0xf40 [ 431.237810][T12482] ? __pfx_internal_create_group+0x10/0x10 [ 431.237835][T12482] ? kernfs_create_link+0x1bd/0x240 [ 431.237854][T12482] internal_create_groups+0x9d/0x150 [ 431.237876][T12482] device_add+0x77a/0x1950 [ 431.237901][T12482] ? lockdep_init_map_type+0x5c/0x250 [ 431.237921][T12482] ? __pfx_device_add+0x10/0x10 [ 431.237942][T12482] ? lockdep_init_map_type+0x5c/0x250 [ 431.237961][T12482] ? __init_waitqueue_head+0xca/0x150 [ 431.237988][T12482] add_mtd_device+0x928/0x17a0 [ 431.238010][T12482] ? __pfx_add_mtd_device+0x10/0x10 [ 431.238032][T12482] mtd_add_partition+0x30a/0x660 [ 431.238053][T12482] ? __pfx_mtd_add_partition+0x10/0x10 [ 431.238071][T12482] ? __might_fault+0xc5/0x140 [ 431.238089][T12482] ? __might_fault+0xc5/0x140 [ 431.238115][T12482] mtdchar_blkpg_ioctl+0x207/0x250 [ 431.238135][T12482] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 431.238171][T12482] mtdchar_ioctl+0x1670/0x1fd0 [ 431.238198][T12482] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 431.238219][T12482] ? lock_acquire+0x1cf/0x380 [ 431.238241][T12482] ? trace_contention_end+0x140/0x180 [ 431.238263][T12482] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 431.238284][T12482] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 431.238307][T12482] ? __pfx___mutex_lock+0x10/0x10 [ 431.238328][T12482] ? find_held_lock+0x2b/0x80 [ 431.238350][T12482] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 431.238370][T12482] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 431.238392][T12482] __x64_sys_ioctl+0x18e/0x210 [ 431.238413][T12482] do_syscall_64+0x106/0xf80 [ 431.238428][T12482] ? clear_bhb_loop+0x40/0x90 [ 431.238447][T12482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.238462][T12482] RIP: 0033:0x7fba1a79c799 [ 431.238475][T12482] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 431.238490][T12482] RSP: 002b:00007fba1b611028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 431.238505][T12482] RAX: ffffffffffffffda RBX: 00007fba1aa15fa0 RCX: 00007fba1a79c799 [ 431.238515][T12482] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000008 [ 431.238524][T12482] RBP: 00007fba1a832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 431.238533][T12482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 431.238542][T12482] R13: 00007fba1aa16038 R14: 00007fba1aa15fa0 R15: 00007ffc127a9ff8 [ 431.238562][T12482] [ 431.655810][T12482] ------------[ cut here ]------------ [ 431.661319][T12482] !list_empty(&mtd->part.node) [ 431.661336][T12482] WARNING: drivers/mtd/mtdpart.c:37 at release_mtd_partition+0x71/0x90, CPU#0: syz.2.1501/12482 [ 431.676821][T12482] Modules linked in: [ 431.680983][T12482] CPU: 0 UID: 0 PID: 12482 Comm: syz.2.1501 Tainted: G U L syzkaller #0 PREEMPT(full) [ 431.692009][T12482] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 431.697361][T12482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 431.709371][T12482] RIP: 0010:release_mtd_partition+0x71/0x90 [ 431.715316][T12482] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 df 18 dd fb 48 89 df 5b 5d e9 d5 18 dd fb e8 90 c0 7d fb 90 <0f> 0b 90 eb c2 e8 65 29 e9 fb eb db 48 89 ef e8 5b 29 e9 fb eb a5 [ 431.735002][T12482] RSP: 0018:ffffc90004e1f818 EFLAGS: 00010287 [ 431.741109][T12482] RAX: 000000000002f5f6 RBX: ffff888061001000 RCX: ffffc9000d0d1000 [ 431.749111][T12482] RDX: 0000000000080000 RSI: ffffffff868a3a10 RDI: ffff888061001000 [ 431.757404][T12482] RBP: ffff888061001650 R08: 0000000000000001 R09: 0000000000000001 [ 431.765422][T12482] R10: 0000000000000010 R11: ffffffff82733254 R12: 0000000000000000 [ 431.773433][T12482] R13: dffffc0000000000 R14: ffff888021e84ce0 R15: 0000000000000000 [ 431.781518][T12482] FS: 00007fba1b6116c0(0000) GS:ffff88812434e000(0000) knlGS:0000000000000000 [ 431.790513][T12482] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 431.797114][T12482] CR2: 00007fb00564ae9c CR3: 000000003443c000 CR4: 00000000003526f0 [ 431.805942][T12482] Call Trace: [ 431.809209][T12482] [ 431.812127][T12482] mtd_release+0xa0/0xd0 [ 431.816867][T12482] ? __pfx_mtd_release+0x10/0x10 [ 431.821818][T12482] device_release+0xa4/0x240 [ 431.826433][T12482] kobject_put+0x1f7/0x640 [ 431.830843][T12482] put_device+0x1f/0x30 [ 431.835009][T12482] add_mtd_device+0xbd7/0x17a0 [ 431.839819][T12482] ? __pfx_add_mtd_device+0x10/0x10 [ 431.845030][T12482] mtd_add_partition+0x30a/0x660 [ 431.850011][T12482] ? __pfx_mtd_add_partition+0x10/0x10 [ 431.855470][T12482] ? __might_fault+0xc5/0x140 [ 431.860304][T12482] ? __might_fault+0xc5/0x140 [ 431.865110][T12482] mtdchar_blkpg_ioctl+0x207/0x250 [ 431.870241][T12482] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 431.875915][T12482] mtdchar_ioctl+0x1670/0x1fd0 [ 431.880673][T12482] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 431.885801][T12482] ? lock_acquire+0x1cf/0x380 [ 431.890473][T12482] ? trace_contention_end+0x140/0x180 [ 431.895880][T12482] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 431.901347][T12482] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 431.907572][T12482] ? __pfx___mutex_lock+0x10/0x10 [ 431.912598][T12482] ? find_held_lock+0x2b/0x80 [ 431.917340][T12482] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 431.922542][T12482] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 431.928455][T12482] __x64_sys_ioctl+0x18e/0x210 [ 431.933226][T12482] do_syscall_64+0x106/0xf80 [ 431.937923][T12482] ? clear_bhb_loop+0x40/0x90 [ 431.942587][T12482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.948496][T12482] RIP: 0033:0x7fba1a79c799 [ 431.952897][T12482] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 431.972576][T12482] RSP: 002b:00007fba1b611028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 431.981004][T12482] RAX: ffffffffffffffda RBX: 00007fba1aa15fa0 RCX: 00007fba1a79c799 [ 431.989000][T12482] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000008 [ 431.996995][T12482] RBP: 00007fba1a832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 432.004968][T12482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.013777][T12482] R13: 00007fba1aa16038 R14: 00007fba1aa15fa0 R15: 00007ffc127a9ff8 [ 432.022216][T12482] [ 432.025236][T12482] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 432.032515][T12482] CPU: 0 UID: 0 PID: 12482 Comm: syz.2.1501 Tainted: G U L syzkaller #0 PREEMPT(full) [ 432.043434][T12482] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 432.048606][T12482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 432.058644][T12482] Call Trace: [ 432.062007][T12482] [ 432.064932][T12482] dump_stack_lvl+0x100/0x190 [ 432.069606][T12482] vpanic+0x552/0x970 [ 432.073573][T12482] ? __pfx_vpanic+0x10/0x10 [ 432.078065][T12482] panic+0xd1/0xe0 [ 432.081793][T12482] ? __pfx_panic+0x10/0x10 [ 432.086199][T12482] check_panic_on_warn.cold+0x19/0x34 [ 432.091555][T12482] ? release_mtd_partition+0x71/0x90 [ 432.096849][T12482] __warn.cold+0x191/0x348 [ 432.101252][T12482] __report_bug+0x296/0x3d0 [ 432.105740][T12482] ? release_mtd_partition+0x71/0x90 [ 432.111011][T12482] ? __pfx___report_bug+0x10/0x10 [ 432.116025][T12482] ? delete_node+0x20a/0x8f0 [ 432.120609][T12482] ? release_mtd_partition+0x71/0x90 [ 432.125885][T12482] report_bug+0xb2/0x220 [ 432.130286][T12482] ? release_mtd_partition+0x71/0x90 [ 432.135586][T12482] handle_bug+0x166/0x2a0 [ 432.139903][T12482] exc_invalid_op+0x17/0x50 [ 432.144391][T12482] asm_exc_invalid_op+0x1a/0x20 [ 432.149223][T12482] RIP: 0010:release_mtd_partition+0x71/0x90 [ 432.155103][T12482] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 df 18 dd fb 48 89 df 5b 5d e9 d5 18 dd fb e8 90 c0 7d fb 90 <0f> 0b 90 eb c2 e8 65 29 e9 fb eb db 48 89 ef e8 5b 29 e9 fb eb a5 [ 432.174695][T12482] RSP: 0018:ffffc90004e1f818 EFLAGS: 00010287 [ 432.180760][T12482] RAX: 000000000002f5f6 RBX: ffff888061001000 RCX: ffffc9000d0d1000 [ 432.188725][T12482] RDX: 0000000000080000 RSI: ffffffff868a3a10 RDI: ffff888061001000 [ 432.196677][T12482] RBP: ffff888061001650 R08: 0000000000000001 R09: 0000000000000001 [ 432.204634][T12482] R10: 0000000000000010 R11: ffffffff82733254 R12: 0000000000000000 [ 432.212590][T12482] R13: dffffc0000000000 R14: ffff888021e84ce0 R15: 0000000000000000 [ 432.220547][T12482] ? kasan_save_track+0x14/0x30 [ 432.225401][T12482] ? release_mtd_partition+0x70/0x90 [ 432.230678][T12482] ? release_mtd_partition+0x70/0x90 [ 432.235955][T12482] mtd_release+0xa0/0xd0 [ 432.240186][T12482] ? __pfx_mtd_release+0x10/0x10 [ 432.245108][T12482] device_release+0xa4/0x240 [ 432.249685][T12482] kobject_put+0x1f7/0x640 [ 432.254123][T12482] put_device+0x1f/0x30 [ 432.258263][T12482] add_mtd_device+0xbd7/0x17a0 [ 432.263016][T12482] ? __pfx_add_mtd_device+0x10/0x10 [ 432.268216][T12482] mtd_add_partition+0x30a/0x660 [ 432.273170][T12482] ? __pfx_mtd_add_partition+0x10/0x10 [ 432.278632][T12482] ? __might_fault+0xc5/0x140 [ 432.283319][T12482] ? __might_fault+0xc5/0x140 [ 432.288089][T12482] mtdchar_blkpg_ioctl+0x207/0x250 [ 432.293202][T12482] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 432.298840][T12482] mtdchar_ioctl+0x1670/0x1fd0 [ 432.303596][T12482] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 432.308714][T12482] ? lock_acquire+0x1cf/0x380 [ 432.313386][T12482] ? trace_contention_end+0x140/0x180 [ 432.318770][T12482] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 432.324137][T12482] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 432.329156][T12482] ? __pfx___mutex_lock+0x10/0x10 [ 432.334171][T12482] ? find_held_lock+0x2b/0x80 [ 432.338873][T12482] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 432.344094][T12482] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 432.349984][T12482] __x64_sys_ioctl+0x18e/0x210 [ 432.354746][T12482] do_syscall_64+0x106/0xf80 [ 432.359337][T12482] ? clear_bhb_loop+0x40/0x90 [ 432.363999][T12482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.369881][T12482] RIP: 0033:0x7fba1a79c799 [ 432.374284][T12482] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 432.393876][T12482] RSP: 002b:00007fba1b611028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 432.402272][T12482] RAX: ffffffffffffffda RBX: 00007fba1aa15fa0 RCX: 00007fba1a79c799 [ 432.410223][T12482] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000008 [ 432.418174][T12482] RBP: 00007fba1a832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 432.426125][T12482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.434077][T12482] R13: 00007fba1aa16038 R14: 00007fba1aa15fa0 R15: 00007ffc127a9ff8 [ 432.442042][T12482] [ 432.445109][T12482] Kernel Offset: disabled [ 432.449419][T12482] Rebooting in 86400 seconds..