last executing test programs: 10.952337576s ago: executing program 0 (id=1194): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) acct$auto(&(0x7f0000000380)='/sys/kernel/debug/tracing/events/fmalloc/free_vmap_area_noflush/fo\"mat\x00') mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = ioctl$auto_TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000100)=0xffffffff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r2 = io_uring_setup$auto(0x1ff, 0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9) mprotect$auto(0x110c238000, 0x1, 0xffffffffffffff83) mmap$auto(0x3, 0x20004020009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) shmctl$auto_SHM_INFO(0x2, 0xe, &(0x7f0000000240)={{0x6, 0x0, 0xee00, 0x0, 0x1, 0x7, 0x8000}, 0x6, 0x800000002123, 0x0, 0x2, @raw=0x3af5, @raw, 0x100, 0x0, &(0x7f00000000c0)="734a4313bd865a83a0c0fe7953fe0c809fa839cfc628bf9027f7ceb39e6e5741f82c520720f6785440d5a3606b023a725a475299f3df06218d", &(0x7f0000000140)="5ff49128ceae9cf44c1c931db101d274e09a5f3edbeb11be9ed741f9f2cfbecd9e77e1975412e81cb1c8fbbd4087c87d4a93dd9589e6d95ddc9256cea93104663d994799f211dc39bd7616ef67c3d29b2b15dbbe565e11e7bd9e4aaf8b045add0fdd748044a04010cf3fc2307e47e66c93cdef83783ad3e98e10cff4d46d5a9364d4f77c2da5de5ae8b8479db22e082488fd315c75b864928559e41a9c50e644c8898527c22b27caa030672c59f472787ca4723d95c5d014402ea346bfd5c89c72c183d2e7082682992790443bad234e6031bf76ea76a83442922e1602dfb954c103c72570e0da2de916d33128c75fe79fa64e47ad379420f0547b6a2cf2"}) ioctl$auto_XFS_IOC_ALLOCSP(r2, 0x4030580a, &(0x7f00000002c0)={0x1, 0x7, 0x806, 0x5, 0x6, 0xffffffffffffffff}) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) ioctl$auto_XFS_IOC_ALLOCSP(r0, 0x4030580a, &(0x7f0000000300)={0x0, 0x8, 0x9, 0x9, 0x200}) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/tracing/error_log\x00', 0x8000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f00000006c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000680)={&(0x7f0000000a00)={0x2e8, 0x0, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_ACTIONS={0x2d4, 0x2, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @nested={0x23c, 0x11a, 0x0, 0x1, [@nested={0x237, 0x31, 0x0, 0x1, [@generic="87e9dfafebf0809600b3c919b83b6982fb0e3a4a883f71c30bb9cb973a06174aea91f6e7cf63d388b8d0c9f5109cd3c6d2a6c82ad92a1df351b37800f418ff1111bebe34a33d0d995d5e67907bd8a86418deffbda652be45cb01d162a593e72374f7b4a528591f37bb550fd5b59ef627bbf12e201ded69b12bf59ff9d1030793591998bfff9beca51eb0b8e3f75d85b58f", @nested={0x4, 0x54}, @nested={0x4, 0x47}, @typed={0xc, 0xca, 0x0, 0x0, @u64=0x4bf}, @generic="1ca542f5ad657d4af3e2889924fa5e04960677238daeebcd52498041275cae509d87d194e0bf18f3cf0b8a92aa5b42eebb84547b2ce2af4f921a5020aa5555f33b125bad99a00ee955e14c442acee1c52cb82d9c96a8a27d2b18757f26e56fef40e4356f4102a90e12393e1a7cb5c710264d3cc50b74e6884ce2688701f08fe15451ae639835e2e949b749b7143b25a9d9f4c565dd7ed56df30aad18d98fd1f0d7e601b4752da8ddfa439bc4a1524edad3848a48776e0f3d23c1bbf129ddfc2300a5a51ff7c5a05420ad690bc26610ac1ac514ab5b9d091f4a5722f24da80006c6c80d32747f39eaaa68c4b70beccfbf5840333f0e7b9cc6409ec3dd", @generic="36dd13139f47", @nested={0x4, 0x28}, @nested={0x4, 0xb6}, @generic="84c9c5bc259a86c839200909b37233623cc6266321d3a0b564d153f600894bd673d75f68fbd219f5db505098c4d18a5083851d770944588da29b3806902085866955d6a2b2ea6b99690540a5fc60db21bdae7e68b463330c7d3033084a2d1132800fa56c2eabe719b72a6dfd881b886ca90208f19006ce", @generic="376156c131a3f3405562ab8a29"]}]}, @nested={0x71, 0x153, 0x0, 0x1, [@typed={0x14, 0xc3, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @typed={0x4, 0x162}, @typed={0x8, 0xd7, 0x0, 0x0, @ipv4=@multicast1}, @generic="17fb4373ced33f00ec54191b0604671a2ff422e44eb20f48bcae18f89a4cf4652dfe0549502e853aae254852167d36711680724d50ea4070190cc674c07ef5892775ec36d356f4176fb209fd7e"]}, @nested={0x8, 0x1b, 0x0, 0x1, [@nested={0x4, 0xfc}]}, @nested={0x4, 0x4f}]}]}, 0x2e8}}, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x7, 0x28000) r3 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa) write$auto(r3, 0x0, 0xfffffdf1) 9.517679904s ago: executing program 1 (id=1198): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/crash_elfcorehdr_size\x00', 0x688140, 0x0) socket(0x2a, 0x2, 0x1) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) shmctl$auto_SHM_LOCK(0x7ff, 0xb, &(0x7f0000000140)={{0x6, 0x0, 0xee01, 0xaf1, 0xa, 0x6, 0x1}, 0xca, 0xe42, 0x1, 0x8000000000000001, @raw=0x5, @raw=0x10000, 0x6, 0x0, 0x0, &(0x7f00000000c0)}) mmap$auto(0x0, 0x2020009, 0x0, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x400c000) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0) close_range$auto(0x2, 0xa, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) ioctl$auto(0x3, 0x4048aec9, 0xffffffffffffffff) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x8100, 0x0) mmap$auto(0x200000, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) 9.284758898s ago: executing program 1 (id=1200): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x11, 0x80003, 0x300) socket(0x11, 0x80003, 0x200300) sendto$auto(0x3, 0x0, 0x8000000000005, 0x80000000, &(0x7f0000000340)=@can, 0x22) unshare$auto(0x40000080) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r0, 0x92106402, r0) recvfrom$auto(0xffffffffffffffff, 0x0, 0x1, 0x49441806, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8a241, 0x0) bpf$auto(0x5, 0x0, 0x39) mmap$auto(0xff, 0x8, 0xdf, 0xef3, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/memory.max_usage_in_bytes\x00', 0x62181, 0x0) writev$auto(r1, 0x0, 0x3) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001) write$auto(0x3, 0x0, 0x100085) socket(0x22, 0x3, 0xfeff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) write$auto(r2, 0x0, 0x6051) 9.013773223s ago: executing program 0 (id=1202): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x38}}, 0x54) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, 0x0, 0x20103, 0x0) set_mempolicy$auto(0x3, 0x0, 0x9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpuidle/current_governor\x00', 0xa42, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000c00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_VLAN(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4008090) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x58, 0x0, 0x8, 0x70bd26, 0x25dfdbfd, {}, [@HSR_A_IFINDEX={0x8, 0x2, r4}, @HSR_A_IF2_AGE={0x8, 0x4, 0x5}, @HSR_A_IF2_AGE={0x8, 0x4, 0x1}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x9}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @broadcast}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xffff}, @HSR_A_IF2_AGE={0x8, 0x4, 0x1}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x1}]}, 0x58}}, 0x20004000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_ECCGETSTATS(0xffffffffffffffff, 0x80104d12, &(0x7f0000000140)={0x81, 0x9c6c, 0xffffffff, 0x80}) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0x2, 0x2009b72, 0x2, 0x8000) write$auto(r1, 0x0, 0xffff) mmap$auto(0xfffffffffffffffe, 0xfffffffffffffffe, 0xd88a, 0x19, 0xffffffffffffffff, 0x3c3c) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) io_uring_setup$auto(0x9e6, 0x0) 7.857081728s ago: executing program 3 (id=1204): write$auto(0xffffffffffffffff, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) sendmsg$auto_NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f0000004540)={0x0, 0x0, &(0x7f0000004500)={&(0x7f0000000480)=ANY=[@ANYBLOB="04020000", @ANYRES16=0x0, @ANYBLOB="020029bd7000fbdbdf250e00000004002101ec011180e8010580b02842917027bba1e379000080ac0003800400020088000180280001800400080004000b00040008000400010004000a0005000d000100000004000a0004000a0020000180080002000600000004000a00040008000500070007000000040009001400018004000b00060004000b000000040001002800018004000a000800020013050000080002000100000004000b00050006000700000004000a001c0001801800018004000c0005000600030000000400090004000100340100800d00010001901a723ce1840925000000ed0001005ecc9e6eefbc2e652745faa3366fe384b219606e4c1b8df1aaf7f2910afbc05b4787d92cecbef4f58766d0c4b73267c2440cf9436a50389b0309afdeab74cdc75f6d8ec07cf121dbfa58715eee351a0bd90b1c681d4aa29298bf12af9e3b03c29459054f427dac4f0037830f98fc20f3c1eb6e032e3952e5ae9563ea4d967e2e8fb71443de7289bd556087e54914b08e48d6b8f452e75cd467f077e811bbf6df31d8d66fdd9069422b32c1155332106e905f8765fbf27dd2a4a3fecd72805cbb6ae8aeff53ea433b88a39e25fcbc608c96ef6d32226338506ee8ca5f6997fb23a6f2aed63c97b10b28000000300003802c0001802800018005000d000c000000050007000600000005000d00100000000400010004000c0004000100644042a320e33b6d51b1cb30a3810acd0565f6a759601ae88dcbcaab3b03f2c09e76"], 0x204}, 0x1, 0x0, 0x0, 0x4085}, 0x240180d1) socket(0x1e, 0x4, 0x0) r0 = gettid() close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/pid\x00') syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xa, 0x0) socket(0x2, 0x5, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x5, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\'\x00\xc9\n\xbf\xb9\x12\xfa\x00\x00\xcfk', 0xb7f) msgctl$auto_MSG_STAT(0x1, 0xb, 0x0) rt_tgsigqueueinfo$auto(0x0, r0, 0x21, &(0x7f0000000340)={@siginfo_0_0={0x3, 0x1, 0x20cce3, @_rt={0x0, 0x0, @sival_int=0xf}}}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) r3 = socketcall$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) 7.570491456s ago: executing program 1 (id=1205): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x38}}, 0x54) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, 0x0, 0x20103, 0x0) set_mempolicy$auto(0x3, 0x0, 0x9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpuidle/current_governor\x00', 0xa42, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000c00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_VLAN(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4008090) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x58, 0x0, 0x8, 0x70bd26, 0x25dfdbfd, {}, [@HSR_A_IFINDEX={0x8, 0x2, r4}, @HSR_A_IF2_AGE={0x8, 0x4, 0x5}, @HSR_A_IF2_AGE={0x8, 0x4, 0x1}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x9}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @broadcast}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xffff}, @HSR_A_IF2_AGE={0x8, 0x4, 0x1}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x1}]}, 0x58}}, 0x20004000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_ECCGETSTATS(0xffffffffffffffff, 0x80104d12, &(0x7f0000000140)={0x81, 0x9c6c, 0xffffffff, 0x80}) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0x2, 0x2009b72, 0x2, 0x8000) write$auto(r1, 0x0, 0xffff) mmap$auto(0xfffffffffffffffe, 0xfffffffffffffffe, 0xd88a, 0x19, 0xffffffffffffffff, 0x3c3c) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) io_uring_setup$auto(0x9e6, 0x0) 6.513408985s ago: executing program 3 (id=1207): r0 = openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/options/event-fork\x00', 0x226300, 0x0) read$auto_trace_options_core_fops_trace(r0, 0x0, 0x0) openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000002840)='/sys/kernel/tracing/trace_clock\x00', 0x8000, 0x0) 6.310430963s ago: executing program 0 (id=1208): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/crash_elfcorehdr_size\x00', 0x688140, 0x0) getcwd$auto(&(0x7f0000000040)='/dev/qrtr-tun\x00', 0x8001) socket(0x2a, 0x2, 0x1) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) shmctl$auto_SHM_LOCK(0x7ff, 0xb, &(0x7f0000000140)={{0x6, 0x0, 0xee01, 0xaf1, 0xa, 0x6, 0x1}, 0xca, 0xe42, 0x1, 0x8000000000000001, @raw=0x5, @raw=0x10000, 0x6, 0x0, 0x0, &(0x7f00000000c0)}) mmap$auto(0x0, 0x2020009, 0x0, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x400c000) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) setsockopt$auto(0x3, 0x0, 0xc9, 0xfffffffffffffffc, 0xfd72) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) mmap$auto(0x0, 0x5, 0xf633, 0x40eb2, 0xffffffffffffffff, 0x300000000000) sysfs$auto(0x2, 0x100000000000036, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) mmap$auto(0x200000, 0x20009, 0xdf, 0xeb1, r1, 0x7ffa) 6.18840533s ago: executing program 3 (id=1209): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x5f5a02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyv8\x00', 0x480, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/v4l-subdev0\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) socket(0x2, 0x801, 0x106) r3 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3, @multicast2}, 0x66) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) unshare$auto(0x40000080) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) bpf$auto(0xd, &(0x7f0000000000)=@bpf_attr_11={0xfffffffffffffffb, 0x9a, 0x80, 0x8, 0x7, 0x80000001, 0x6, 0x6}, 0x7) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) getsockopt$auto(r3, 0x84, 0x7c, 0x0, &(0x7f0000000000)=0x7ffe) ioctl$auto(r2, 0xc040564a, r1) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty46\x00', 0x88a42, 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x222c0, 0x0) getsockopt$auto_SO_REUSEPORT(r0, 0x0, 0xf, &(0x7f0000000040)=',+&]+^^\x00', &(0x7f0000000080)=0x9b) ioctl$auto(0x3, 0x4b48, r4) 5.705811978s ago: executing program 0 (id=1210): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x41d75856, 0x200000000001, 0x2008, 0xfffffffffffffffb, 0x3ff) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0xaaa41, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x2200, 0x0) read$auto(r0, 0x0, 0x10001) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000240)={0x0, 0x7}, 0x2) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/usb/usbmon/26u\x00', 0x22202, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon25\x00', 0x4000, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dsp1\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r3, 0x40086602, &(0x7f0000000100)) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) execveat$auto(r4, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x10000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000200)='5', 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, r5) mmap$auto(0x2000, 0x400008, 0xcf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) 4.761784253s ago: executing program 1 (id=1212): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = ioctl$auto_TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000100)=0xffffffff) ioctl$auto_SCSI_IOCTL_PROBE_HOST(r0, 0x5385, &(0x7f0000000140)="61f65870de89d8174ec3b9303906") socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) io_uring_setup$auto(0x1ff, 0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) mmap$auto(0x0, 0x4020009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) setsockopt$auto(0x3, 0x100000000, 0x15, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x23, 0x80805, 0x0) ioctl$auto(0x3, 0x541b, 0x7f) futex_wait$auto(0x0, 0x903, 0x0, 0x2, 0x0, 0x1) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00'}) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x0, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x400) 4.761279082s ago: executing program 2 (id=1213): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001ec0)='/sys/power/mem_sleep\x00', 0x2402, 0x0) write$auto(r1, &(0x7f0000000cc0)='\x00\xad\xe8\xc7.\xf0\xb0f\xd2\x02\x00>\x00\xae\x1a\x13I_{\xe8\n\xd4n\x9f\xae\xed\xcd6\x9f\xf6\x01\x00s\xa6\x03y\x97\x0eR\xb8\xb7\xcc\x83\xb8O\xe5\b_\xd0\xd7\xc0+:\x17\x8d\xf4\t\x00\x00\x00`\xdb\x80E|X\xc3\xa4H\xb9\xd8\x03*\x9c\x00\x00\x00\x00\x00\x00\x00[\x1a\fX[\xb8\x91M\xdb\xe7\xdc6w\xb1\x8b9\x9a\x9a\xf9c\x95)b\xff\x80\xd5\xbb\xc9+Ed\xa16?\xab<\xee\x8b\x18\xe6\xf3a]1OZ\x9e\xa9\xb2;H\xbcn}n\xca\x0e\x0e\xd8\xce_2\xe2\xb1@\x8dy\v\xc3\xacH\x9a\t\x8e\xa1g\xa2?\x89\x01\xb9\xf1\xbb%[\xf1L<\xd8\x8c\xd9\x1f\x9e\xfe\xbf\xb2\x95\xb6Y\xba\xaf\'a\xe2\xc3\x9a$c\xad\x82\x13\x1e\xbc\xf3\x1f.\xef\x1es\xb0\xf2I$\x02\x0e\xc8\xf0\x8b\xc7\xd8\x9c\x04\xa6[\xe2Q\xd6\x13\xa8[\xbcP,\xadS\x7f}/>\x13\xbe\\\x8cq(\x06\xdb4', 0x4) getsockopt$auto(0x3, 0x200000000001, 0x3b, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) io_uring_register$auto_IORING_REGISTER_FILES_UPDATE2(r0, 0xe, &(0x7f0000000040)="2a281fd06d60f9221e8911767c70561387313b6198d5583f9496853174e4a0a882b6e14bd265e41d2f487b01fc4a4568675fdc79297595f43c5aaf647e5094878800efad11aea38b72b5bfcd3b7f3b4e61e22ea2baefbd07e00813a21abf87862388f716015bdc06525d74f2c62da0055f70379493d4686ec6e32dd50fab1fa136c77826046c4ba320bc90c912006e2765", 0x3) lsetxattr$auto(&(0x7f0000000d40)='./file0\x00', &(0x7f0000000280)='security.caility\xf6\x06\xa1\xcd\xd3<\x81\a(\xa2f*\xaf\xc8\x02\xe9\x14\x8fE2k\x19{\xd4\xf2\xdf\x80\x9c\x87\x86\xde20\x8e\x1cN\xd40\xd3Z\xf3K\x98vW\x7f\x94Z\x0e>\x85S&\xe5\x96\xce\xf15\xb3v\xa8R\x05\x94\x8c\x1df\x11\xbd\xd0\x7fu\xc7{\xe1\xff\xff\xc4\xbb\x17\xd5\xee\xd8\x143\xed\xc4|\xd3\f\x05\f\x95\xce\xbf9\xc8\xf1m\x96\xa3\xc0\xf29\x8b\x02\x89\xed`\xb4\xcb\xb3O\x97X\xe3\xd0j\xa5\xd0\x9e*\xf9|\xd9\xc2\xf4X\xc9[\xfa\xcf\xa3\xeb\x05EOgaA\xb1@f\x93F0\x8cR\xc5\xb6\x16\xfa\xe7\x13\x00\x02\xf4\x80\xe3\xd2\xf4MP\x87vB\xefJ\xeb\xb3\\\x88\x18` \xca\x8faI\x89\xb6\x91\x1ae\xd2\xad\xbe\xb3\xe6\bX]\xd7\x81.\xd2\xed\xc4\x9f\xb5~\xb4\xc6^\x97\xc3\xa2\x16\x99\xfc\x00_\xe6\xb0G\xe9`\xb4+2\x93\n9 EU\x1e\xb4\xbeVt\x89\xf9\xc7\xe1`4O\x00\x00\x00\x00\xa5\xe0\xf5\xb2\x00\x00t\x10\"\x15\xbc\xdb\x92\xff\xa7\xe1Vv\xe5*\xc5\xe1r\xf5\xa4Cw\x1c/?\xbcn\xe3\x8aX\xfc\xe9,\xca,9\xda\xad\x87\xb1\xb2\xff#\xa1Yi\xd3\x17l6\xa0\xd8\x1b\xad8\a\xfc%\xa6(\xcb\x97(\x16\x81\xbf\xc6\xdbw\x13!\xc9\xc6\xc3\xfbc\xfe\x83\xcd\x16 e\xcd\x91y@\xe2\xd8{\xec\xbb\xbb\x1d5\t\xed>\xa9&\xce\xfc\xab[\xae\xa1\x94\b\xcc/-\x12\x8d\x84K\xf0\xd0\x0f\x13)\x17CI\xb7\xf35\xfc\xe8(\xfa\t2\xafQ8}\xd8\xbb\xe4nlR\xf8\xc9\xf2\xa3\xe5\x83\r\t\xb96d\xd6\x1e\xbd*\xa4\xc9\xcbE2\xe9\x81\xc3\xc3\x8a\x15\xcb\xf2\x03\x00\x00\x00\x00\x00\x00\x00!dJ+\xd2\x01#v\xd8BgB`\x8alP\r\x04\xce\x04$\xaag\xb6\xdb6-0>\xb3u\xd4\xdb\xd8~\xb0\f\xd0\xa9\x9e\xa0\xc7\xf7\'\x8d\xab\xae\x035\xa8f\xe5\xfe\xfc\xc0\xb1rR\xae54\x13\x1c8=\x92\xc3=w\x89\xbb\xfb)\x94p\xc18`G', &(0x7f0000001340), 0x2, 0x0) 4.405274796s ago: executing program 2 (id=1214): openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x40, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x4, 0x10000000400008, 0x5, 0x979, 0x2, 0x40000008000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c001}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4d6}, 0x6, 0x0, 0x4, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) 3.90221451s ago: executing program 3 (id=1215): openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x40, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/media16\x00', 0x105200, 0x0) mmap$auto(0x4, 0x10000000400008, 0x5, 0x979, 0x2, 0x40000008000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c001}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4d6}, 0x6, 0x0, 0x4, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) 3.690728278s ago: executing program 1 (id=1216): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x8000000007, 0x100000000) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0x5, &(0x7f0000000080)='*\x00', 0xe6) sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0) unshare$auto(0x40000080) unshare$auto(0x40000080) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r3 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vkms/clients\x00', 0x2100, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) write$auto(0x3, 0x0, 0x1) ioctl$auto(r2, 0x80286f4e, r3) r4 = gettid() rt_sigqueueinfo$auto(r1, 0x6, &(0x7f00000001c0)={@siginfo_0_0={0x1, 0x401, 0xfffffff9, @_timer={r4, 0xd, @sival_ptr=0x0, 0x62}}}) ioctl$auto(0x3, 0x541b, 0x10000000000402) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(r5, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) r6 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r6, 0x40603d10, 0x0) close_range$auto(0x2, r2, 0xd) mmap$auto(0x0, 0x3fffff, 0x7, 0x11, 0xdd, 0x4000000000000) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x400022, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x109206, 0x0) setsockopt$auto(r2, 0xffffffff, 0x3, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/clients\x00', 0x2) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x3380, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1203000, 0x0, 0x0, 0x0, 0x0, 0x0) 3.370083532s ago: executing program 2 (id=1217): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000100)=0xffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) io_uring_setup$auto(0x1ff, 0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x700) mprotect$auto(0x110c238000, 0x1, 0x3) mmap$auto(0x0, 0x4020009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0) 2.473044127s ago: executing program 3 (id=1218): openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x40, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/media16\x00', 0x105200, 0x0) mmap$auto(0x4, 0x10000000400008, 0x5, 0x979, 0x2, 0x40000008000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c001}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4d6}, 0x6, 0x0, 0x4, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) 2.139888666s ago: executing program 2 (id=1219): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sda\x00', 0x84100, 0x0) ioctl$auto_IOC_PR_RELEASE(r0, 0x801070cf, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event1\x00', 0x4100, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000040)={0x7, 0x8000, 0x2}) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0xffff, @rand_addr=0xfffffffe}, 0xfffffde1) accept$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffffd) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r2, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f00000004c0)={0x3c, r3, 0x789, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0x5}, @ETHTOOL_A_MODULE_EEPROM_OFFSET={0x8, 0x2, 0xdc}, @ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0x9}, @ETHTOOL_A_MODULE_EEPROM_BANK={0x5, 0x5, 0xb}, @ETHTOOL_A_MODULE_EEPROM_PAGE={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004840) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000080)=0x9) r4 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(r4, 0x40084d02, r4) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0xb, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5e, 0x80000001, 0x7, 0x2, 0x93, 0x400000001, 0x2]}, 0x0) r5 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x8000, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68) ioctl$auto_FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000080)) 1.375516797s ago: executing program 1 (id=1220): mmap$auto(0x0, 0x2000a, 0x4000000000df, 0xeb1, 0x405, 0x200000008000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/sequencer2\x00', 0x8081, 0x0) mmap$auto(0x4, 0x40009, 0xdf, 0x9b72, r0, 0x28000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/radio2\x00', 0x0, 0x0) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000100)=""/4096, 0x1000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) kexec_load$auto(0x0, 0x2, 0x0, 0x1000000000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram12/queue/io_poll_delay\x00', 0x0, 0x0) unshare$auto(0x40000080) unshare$auto(0x40000080) r2 = epoll_create$auto(0x1) capset$auto(0x0, 0x0) epoll_ctl$auto(r2, 0x1, 0x8000000000000000, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0) read$auto(r3, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) 1.363108688s ago: executing program 2 (id=1221): sigaltstack$auto(&(0x7f00000000c0)={&(0x7f0000000180)="f038afe10105ff42e782ea31d34fd7bead1778c91029c17ebfc96bb68ab0b20380c0985c7702041eb7a604d8a298cd7b", 0x0, 0x7fffffff}, &(0x7f00000001c0)={0x0, 0x76, 0x20}) socket(0x1a, 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/net/kcm_stats\x00', 0x88780, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) connect$auto(0x3, &(0x7f00000000c0), 0x55) write$auto(0x3, 0x0, 0x800) 1.151626502s ago: executing program 0 (id=1222): sigaltstack$auto(&(0x7f00000000c0)={&(0x7f0000000180)="f038afe10105ff42e782ea31d34fd7bead1778c91029c17ebfc96bb68ab0b20380c0985c7702041eb7a604d8a298cd7b", 0x0, 0x7fffffff}, &(0x7f00000001c0)={0x0, 0x76, 0x20}) socket(0x1a, 0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/net/kcm_stats\x00', 0x88780, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) connect$auto(0x3, &(0x7f00000000c0), 0x55) write$auto(0x3, 0x0, 0x800) 1.020578275s ago: executing program 3 (id=1223): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x169402, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) msgctl$auto_IPC_STAT(0x8293, 0x2, 0x0) r2 = gettid() process_vm_writev$auto(r2, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) r3 = setfsuid$auto(0xee00) setreuid$auto(r3, 0x0) r4 = setfsuid$auto(0xee00) setreuid$auto(r4, 0x0) read$auto(r0, 0x0, 0x10001) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000240)={0x0, 0x7}, 0x2) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f00000001c0), 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000040)={0x8020000, 0x0, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0x0], 0x1}, 0x58) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x28c83, 0x0) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r7, 0x4, 0x7ff) ptrace$auto(0xf, r7, 0x1, 0x4053) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REPLACE(r6, 0xc1105518, &(0x7f0000000080)={{@inferred, 0x0, 0x7, 0x9, "86362c746689ae16423d49e2a5fac50222481f59df3b96ecafc32c611fb62b6a5bf25912cc9eef3b7eecb84e", @inferred=r7}, 0xfffffff8, 0x0, 0x8, @inferred, @enumerated={0x0, 0xe, "063c3f8c31bd55e86cf2db8ad963f8acde068a5d66b9161c0c0e45a531cfd4466ec74dca749cb5dbee3aa6411af4226fea81fed17eb5c3fa4a3fdfef2115a1cc", 0x7, 0x3}, "64308865bdb8fe205493f2f3569408bb7d10494bf8fc846ceedb75db3060a310a150948a4f3363f2b46b45d914b5f8bb0ef5f2140011508bb0bc88e4d72c9001"}) socket(0x2, 0x80802, 0x0) socket(0x2b, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) 153.459717ms ago: executing program 2 (id=1224): mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000380)="7a47301037954c081c9a0bb84bb7b04ef84993eab91abe1686f43e43d786e964e8f04455bd620de9f3fb6d65e6c078c1a672c549dbc7876cb528ba081a81d884bfc00dd4eef57cedc0cc4156ff6a5b0aa8ba9511fe2b07c6e7f4732fe36ba218aa5b0ff402f2e6adb8ea60886c1e52c60d7d87e4c0551386501763ad098eb2b9602f83b2a643399f10dfdb0f4018b401be4db675d0acf8d348c26acf338cbe20fcb76439ca602a3c022f4463a8820f1c6f865d24e058af98f0c48bf552c3f6cc28c09d9054347db3c28701c67fa1e57d81b881638b518dd8e24969b7fd10406fcf6eb9bb66bf56ed7568510c72b380fa6efbca845bde90f7672708000000000000003513") mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) socket(0x10, 0x2, 0x0) setsockopt$auto(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x4) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x1f1e40, 0x177) execve$auto(0x0, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000004c0)=&(0x7f0000000340)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\xbe\xb2\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5', 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r1, 0x80045017, &(0x7f0000000180)) read$auto(0xffffffffffffffff, 0x0, 0x1f40) ioctl$auto(0xc8, 0x800454e1, 0x5c8d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(0x3, 0x0, 0x8080) sendmsg$auto_SMC_NETLINK_DUMP_UEID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40015}, 0x4) write$auto(0xffffffffffffffff, 0x0, 0x81) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) write$auto(0x3, 0x0, 0x100082) 0s ago: executing program 0 (id=1225): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) sysfs$auto(0x2, 0x4c, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x882, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4040aea0, 0x0) open(0x0, 0x141742, 0x130) keyctl$auto(0xb, 0xfffffffd, 0xee01, 0x1, 0x404001000000b90) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/can/stats\x00', 0x121040, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x20000000, 0x4, 0x4000000000de, 0x40eb1, 0x401, 0x2ffffffffffe) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x24040000}, 0x4000080) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) mprotect$auto(0x1ffffffff000, 0x100004, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/devices/platform/dummy_hcd.5/usb6/bMaxPower\x00', 0x80, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) mq_getsetattr$auto(0x3, 0x0, &(0x7f0000000100)={0x8, 0x8, 0x2, 0x1}) mmap$auto(0x0, 0x8, 0xdf, 0x100000011, 0x2, 0x8000) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x403c6f2b, 0x0) kernel console output (not intermixed with test programs): 35505][ T5631] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 91.447808][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 91.456392][ T5631] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 91.468320][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 91.476643][ T5631] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.489063][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 91.581742][ T5633] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.596958][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 91.612665][ T5633] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.623529][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 91.632427][ T5633] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.643215][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 91.657762][ T5633] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.667823][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 91.756857][ T5634] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 91.769997][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 91.778670][ T5634] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 91.789059][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 91.797155][ T5634] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 91.809371][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 91.818788][ T5634] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.829174][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 91.895875][ T5631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.911702][ T10] cfg80211: failed to load regulatory.db [ 91.967002][ T5632] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 91.978755][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 91.986265][ T5635] Bluetooth: hci1: command tx timeout [ 91.999162][ T5632] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 92.009282][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 92.030681][ T5632] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 92.040784][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 92.054810][ T5632] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 92.064891][ T5635] Bluetooth: hci0: command tx timeout [ 92.065743][ T5642] Bluetooth: hci2: command tx timeout [ 92.075769][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 92.083520][ T50] Bluetooth: hci3: command tx timeout [ 92.096834][ T5631] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.147590][ T139] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.155201][ T139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.195730][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.203342][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.268553][ T5633] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.332806][ T5634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.346279][ T5633] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.378441][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.385645][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.415917][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.423139][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.474152][ T5634] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.516485][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.523726][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.552949][ T5632] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.572183][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.579418][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.665777][ T5632] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.738233][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.745471][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.764283][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.771654][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.432459][ T5631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.607434][ T5631] veth0_vlan: entered promiscuous mode [ 93.640941][ T5631] veth1_vlan: entered promiscuous mode [ 93.747251][ T5631] veth0_macvtap: entered promiscuous mode [ 93.781151][ T5633] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.792329][ T5631] veth1_macvtap: entered promiscuous mode [ 93.857967][ T5631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.891065][ T5631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.947059][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.960923][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.991112][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.006560][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.031613][ T5633] veth0_vlan: entered promiscuous mode [ 94.065740][ T5642] Bluetooth: hci1: command tx timeout [ 94.116438][ T5633] veth1_vlan: entered promiscuous mode [ 94.144743][ T50] Bluetooth: hci3: command tx timeout [ 94.145304][ T5635] Bluetooth: hci0: command tx timeout [ 94.151176][ T5642] Bluetooth: hci2: command tx timeout [ 94.173749][ T5632] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.196620][ T5634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.251922][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.265250][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.321949][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.335348][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.379119][ T5633] veth0_macvtap: entered promiscuous mode [ 94.398625][ T5634] veth0_vlan: entered promiscuous mode [ 94.406821][ T5633] veth1_macvtap: entered promiscuous mode [ 94.456521][ T5634] veth1_vlan: entered promiscuous mode [ 94.471327][ T5631] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 94.496246][ T5632] veth0_vlan: entered promiscuous mode [ 94.511504][ T5633] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.534212][ T5633] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.569039][ T48] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.580634][ T48] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.592687][ T5632] veth1_vlan: entered promiscuous mode [ 94.617127][ T48] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.636749][ T48] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.697969][ T5789] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3'. [ 94.725319][ T5789] mac80211_hwsim hwsim2 : renamed from wlan0 (while UP) [ 94.753319][ T5789] Zero length message leads to an empty skb [ 94.776532][ T5634] veth0_macvtap: entered promiscuous mode [ 94.812463][ T5634] veth1_macvtap: entered promiscuous mode [ 94.898796][ T5792] syz.2.5 uses obsolete (PF_INET,SOCK_PACKET) [ 94.913663][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.938704][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.949624][ T5632] veth0_macvtap: entered promiscuous mode [ 95.001551][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.012703][ T5632] veth1_macvtap: entered promiscuous mode [ 95.030867][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.043302][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.054815][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.073507][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.084249][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.111522][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.135995][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.168357][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.218832][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.285552][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.315581][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.391500][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.428364][ T1124] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.442184][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.458232][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.532214][ T5798] sd 0:0:1:0: PR command failed: 1026 [ 95.554877][ T5798] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 95.563495][ T5798] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 95.711677][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.731216][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.936685][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.989985][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.017859][ T5796] ima: policy update failed [ 96.023329][ T29] audit: type=1802 audit(1781326968.960:2): pid=5796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.6" res=0 errno=0 [ 96.145583][ T5642] Bluetooth: hci1: command tx timeout [ 96.224808][ T5642] Bluetooth: hci2: command tx timeout [ 96.225369][ T50] Bluetooth: hci3: command tx timeout [ 96.236166][ T5635] Bluetooth: hci0: command tx timeout [ 96.382591][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.440230][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.578171][ T5815] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 97.046779][ T5823] sd 0:0:1:0: PR command failed: 1026 [ 97.069155][ T5823] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 97.085005][ T5823] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 97.221127][ T5821] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 97.625486][ T5822] ima: policy update failed [ 97.630613][ T29] audit: type=1802 audit(1781326970.570:3): pid=5822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.9" res=0 errno=0 [ 99.303437][ T5849] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 99.838218][ T5857] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 100.073786][ T5866] sd 0:0:1:0: PR command failed: 1026 [ 100.092601][ T5866] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 100.114658][ T5866] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 100.572679][ T5865] ima: policy update failed [ 100.579360][ T29] audit: type=1802 audit(1781326973.520:4): pid=5865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.19" res=0 errno=0 [ 101.459697][ T50] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 101.459735][ T50] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 101.475968][ T50] Bluetooth: hci1: Unknown advertising packet type: 0x3e [ 101.476038][ T50] Bluetooth: hci1: adv larger than maximum supported [ 101.484913][ T50] Bluetooth: hci1: Malformed LE Event: 0x0d [ 102.462821][ T5904] process 'syz.3.28' launched './file0' with NULL argv: empty string added [ 103.937909][ T5919] mmap: syz.3.31 (5919) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 105.974540][ T5936] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 106.001142][ T5936] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 106.058325][ T5936] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 106.090352][ T5936] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 106.108047][ T5936] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 106.127760][ T5936] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 106.154245][ T5936] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 106.191274][ T5936] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 106.240548][ T5936] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 106.257882][ T5936] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 106.274169][ T5936] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 106.290008][ T5936] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 107.434585][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 108.144667][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 108.225598][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 108.304657][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 109.504849][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 110.225021][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 110.304636][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 110.394501][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 111.584898][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 111.873327][ T6054] vivid-011: ================= START STATUS ================= [ 111.881490][ T6054] vivid-011: Radio HW Seek Mode: Bounded [ 111.890373][ T6054] vivid-011: Radio Programmable HW Seek: false [ 111.896934][ T6054] vivid-011: RDS Rx I/O Mode: Block I/O [ 111.903197][ T6054] vivid-011: Generate RBDS Instead of RDS: false [ 111.914594][ T6054] vivid-011: RDS Reception: true [ 111.919641][ T6054] vivid-011: RDS Program Type: 0 inactive [ 111.925892][ T6054] vivid-011: RDS PS Name: inactive [ 111.931202][ T6054] vivid-011: RDS Radio Text: inactive [ 111.943311][ T6054] vivid-011: RDS Traffic Announcement: false inactive [ 111.950783][ T6054] vivid-011: RDS Traffic Program: false inactive [ 111.957898][ T6054] vivid-011: RDS Music: false inactive [ 111.964287][ T6054] vivid-011: ================== END STATUS ================== [ 112.304972][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 112.385754][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 112.464550][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 115.485800][ T6102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.64'. [ 116.043977][ T6114] netlink: zone id is out of range [ 116.077862][ T6114] netlink: zone id is out of range [ 116.090726][ T6114] netlink: zone id is out of range [ 116.097238][ T6114] netlink: zone id is out of range [ 116.140294][ T6114] netlink: zone id is out of range [ 116.161727][ T6114] netlink: zone id is out of range [ 116.229319][ T6114] netlink: zone id is out of range [ 116.244710][ T6114] netlink: zone id is out of range [ 116.263018][ T6114] netlink: zone id is out of range [ 116.277571][ T6114] netlink: zone id is out of range [ 119.356869][ T6202] FAULT_INJECTION: forcing a failure. [ 119.356869][ T6202] name failslab, interval 1, probability 0, space 0, times 1 [ 119.407231][ T6202] CPU: 0 UID: 0 PID: 6202 Comm: syz.2.79 Not tainted syzkaller #0 PREEMPT(full) [ 119.407275][ T6202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 119.407302][ T6202] Call Trace: [ 119.407312][ T6202] [ 119.407322][ T6202] dump_stack_lvl+0x100/0x190 [ 119.407387][ T6202] should_fail_ex.cold+0x5/0xa [ 119.407428][ T6202] ? __pfx_rpc_fill_super+0x10/0x10 [ 119.407473][ T6202] should_failslab+0xc2/0x120 [ 119.407514][ T6202] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 119.407568][ T6202] ? alloc_inode+0x68/0x250 [ 119.407616][ T6202] ? __pfx_rpc_alloc_inode+0x10/0x10 [ 119.407646][ T6202] ? __pfx_rpc_fill_super+0x10/0x10 [ 119.407681][ T6202] alloc_inode+0x68/0x250 [ 119.407734][ T6202] new_inode+0x22/0x1c0 [ 119.407784][ T6202] ? __pfx_rpc_fill_super+0x10/0x10 [ 119.407819][ T6202] ? __pfx_rpc_fill_super+0x10/0x10 [ 119.407869][ T6202] rpc_fill_super+0x199/0x4f0 [ 119.407907][ T6202] ? __pfx_rpc_fill_super+0x10/0x10 [ 119.407941][ T6202] get_tree_keyed+0x10e/0x1d0 [ 119.407974][ T6202] vfs_get_tree+0x92/0x320 [ 119.408000][ T6202] vfs_cmd_create+0xd7/0x2a0 [ 119.408045][ T6202] __do_sys_fsconfig+0x55a/0xcb0 [ 119.408095][ T6202] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 119.408138][ T6202] ? xfd_validate_state+0x129/0x190 [ 119.408172][ T6202] ? rcu_is_watching+0x12/0xc0 [ 119.408209][ T6202] do_syscall_64+0x115/0x840 [ 119.408248][ T6202] ? clear_bhb_loop+0x40/0x90 [ 119.408282][ T6202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.408310][ T6202] RIP: 0033:0x7f476bf9ce59 [ 119.408334][ T6202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 119.408378][ T6202] RSP: 002b:00007f476ce96028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 119.408404][ T6202] RAX: ffffffffffffffda RBX: 00007f476c216090 RCX: 00007f476bf9ce59 [ 119.408421][ T6202] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000000b [ 119.408437][ T6202] RBP: 00007f476c032d6f R08: 0000000000000000 R09: 0000000000000000 [ 119.408453][ T6202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.408468][ T6202] R13: 00007f476c216128 R14: 00007f476c216090 R15: 00007fff1ff39c18 [ 119.408506][ T6202] [ 120.816473][ T6229] futex_wake_op: syz.0.84 tries to shift op by -2048; fix this program [ 120.831165][ T6229] 0x000000000001-0x000000020000 : "" [ 120.893450][ T6229] ftl_cs: FTL header corrupt! [ 121.926751][ T6247] netlink: 228 bytes leftover after parsing attributes in process `syz.1.87'. [ 122.627969][ T6273] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 123.088336][ T6280] FAULT_INJECTION: forcing a failure. [ 123.088336][ T6280] name failslab, interval 1, probability 0, space 0, times 0 [ 123.125819][ T6280] CPU: 1 UID: 0 PID: 6280 Comm: syz.0.94 Not tainted syzkaller #0 PREEMPT(full) [ 123.125860][ T6280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 123.125879][ T6280] Call Trace: [ 123.125889][ T6280] [ 123.125901][ T6280] dump_stack_lvl+0x100/0x190 [ 123.125959][ T6280] should_fail_ex.cold+0x5/0xa [ 123.126006][ T6280] should_failslab+0xc2/0x120 [ 123.126058][ T6280] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 123.126123][ T6280] ? ptlock_alloc+0x1f/0x70 [ 123.126223][ T6280] ptlock_alloc+0x1f/0x70 [ 123.126287][ T6280] pte_alloc_one+0x82/0x3d0 [ 123.126357][ T6280] __pte_alloc+0x6d/0x380 [ 123.126403][ T6280] ? __pfx___pte_alloc+0x10/0x10 [ 123.126441][ T6280] ? _raw_spin_unlock+0x28/0x50 [ 123.126484][ T6280] ? __pmd_alloc+0x3fb/0x950 [ 123.126536][ T6280] move_page_tables+0x2ec4/0x4610 [ 123.126595][ T6280] ? __pfx_copy_vma+0x10/0x10 [ 123.126666][ T6280] ? __pfx_move_page_tables+0x10/0x10 [ 123.126766][ T6280] copy_vma_and_data+0x25c/0x7c0 [ 123.126828][ T6280] ? __pfx_copy_vma_and_data+0x10/0x10 [ 123.126899][ T6280] ? __vma_start_write+0x17f/0x280 [ 123.126950][ T6280] ? __pfx___vma_start_write+0x10/0x10 [ 123.127012][ T6280] move_vma+0x574/0x1920 [ 123.127076][ T6280] ? __pfx_move_vma+0x10/0x10 [ 123.127137][ T6280] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 123.127183][ T6280] ? cap_mmap_addr+0x4b/0x120 [ 123.127216][ T6280] ? bpf_lsm_mmap_addr+0x9/0x30 [ 123.127249][ T6280] ? security_mmap_addr+0x71/0x1e0 [ 123.127297][ T6280] ? __get_unmapped_area+0x255/0x3e0 [ 123.127345][ T6280] ? vrm_set_new_addr+0x204/0x290 [ 123.127412][ T6280] mremap_to+0x234/0x4c0 [ 123.127465][ T6280] ? mas_walk+0x6ef/0x9b0 [ 123.127510][ T6280] ? __pfx_mremap_to+0x10/0x10 [ 123.127581][ T6280] __do_sys_mremap+0x88c/0x1850 [ 123.127672][ T6280] ? __pfx___do_sys_mremap+0x10/0x10 [ 123.127735][ T6280] ? do_futex+0x192/0x350 [ 123.127772][ T6280] ? __pfx_do_futex+0x10/0x10 [ 123.127818][ T6280] ? __x64_sys_futex+0x34f/0x4d0 [ 123.127867][ T6280] ? rcu_is_watching+0x12/0xc0 [ 123.127906][ T6280] do_syscall_64+0x115/0x840 [ 123.127946][ T6280] ? clear_bhb_loop+0x40/0x90 [ 123.127980][ T6280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.128010][ T6280] RIP: 0033:0x7f49c039ce59 [ 123.128032][ T6280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 123.128059][ T6280] RSP: 002b:00007f49be5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 123.128086][ T6280] RAX: ffffffffffffffda RBX: 00007f49c0616090 RCX: 00007f49c039ce59 [ 123.128104][ T6280] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000000 [ 123.128120][ T6280] RBP: 00007f49c0432d6f R08: 0000000100000000 R09: 0000000000000000 [ 123.128138][ T6280] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 123.128156][ T6280] R13: 00007f49c0616128 R14: 00007f49c0616090 R15: 00007fff4d96c748 [ 123.128194][ T6280] [ 123.428171][ T6285] net_ratelimit: 18 callbacks suppressed [ 123.428189][ T6285] openvswitch: netlink: Duplicate key (type 15). [ 125.132129][ T6327] capability: warning: `syz.2.102' uses 32-bit capabilities (legacy support in use) [ 127.732087][ T6371] netlink: 228 bytes leftover after parsing attributes in process `syz.0.113'. [ 129.635220][ T6406] FAULT_INJECTION: forcing a failure. [ 129.635220][ T6406] name failslab, interval 1, probability 0, space 0, times 0 [ 129.676498][ T6406] CPU: 1 UID: 0 PID: 6406 Comm: syz.3.122 Not tainted syzkaller #0 PREEMPT(full) [ 129.676540][ T6406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 129.676565][ T6406] Call Trace: [ 129.676575][ T6406] [ 129.676586][ T6406] dump_stack_lvl+0x100/0x190 [ 129.676648][ T6406] should_fail_ex.cold+0x5/0xa [ 129.676687][ T6406] should_failslab+0xc2/0x120 [ 129.676725][ T6406] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 129.676784][ T6406] ? __proc_create+0x2cb/0x8c0 [ 129.676834][ T6406] __proc_create+0x2cb/0x8c0 [ 129.676876][ T6406] ? __pfx___proc_create+0x10/0x10 [ 129.676920][ T6406] ? _raw_write_unlock+0x28/0x50 [ 129.676961][ T6406] ? proc_register+0x559/0x8a0 [ 129.677006][ T6406] proc_create_reg+0x75/0x170 [ 129.677047][ T6406] ? __pfx_can_rcvlist_eff_proc_show+0x10/0x10 [ 129.677096][ T6406] proc_create_net_single+0x86/0x180 [ 129.677137][ T6406] ? __pfx_proc_create_net_single+0x10/0x10 [ 129.677180][ T6406] ? round_jiffies+0x10a/0x160 [ 129.677230][ T6406] can_init_proc+0x319/0x4b0 [ 129.677276][ T6406] can_pernet_init+0x1e4/0x370 [ 129.677318][ T6406] ? __pfx_can_pernet_init+0x10/0x10 [ 129.677357][ T6406] ops_init+0x1e2/0x5f0 [ 129.677395][ T6406] setup_net+0x118/0x3a0 [ 129.677430][ T6406] ? __pfx_setup_net+0x10/0x10 [ 129.677464][ T6406] ? mutex_init_lockdep+0xf1/0x120 [ 129.677502][ T6406] copy_net_ns+0x46f/0x7c0 [ 129.677542][ T6406] create_new_namespaces+0x3ea/0xac0 [ 129.677593][ T6406] unshare_nsproxy_namespaces+0xf2/0x220 [ 129.677635][ T6406] ksys_unshare+0x438/0xab0 [ 129.677682][ T6406] ? __pfx_ksys_unshare+0x10/0x10 [ 129.677724][ T6406] ? xfd_validate_state+0x129/0x190 [ 129.677772][ T6406] __x64_sys_unshare+0x31/0x40 [ 129.677816][ T6406] do_syscall_64+0x115/0x840 [ 129.677857][ T6406] ? clear_bhb_loop+0x40/0x90 [ 129.677895][ T6406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.677926][ T6406] RIP: 0033:0x7f723939ce59 [ 129.677950][ T6406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 129.677980][ T6406] RSP: 002b:00007f723a31a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 129.678009][ T6406] RAX: ffffffffffffffda RBX: 00007f7239615fa0 RCX: 00007f723939ce59 [ 129.678029][ T6406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 129.678047][ T6406] RBP: 00007f7239432d6f R08: 0000000000000000 R09: 0000000000000000 [ 129.678065][ T6406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.678083][ T6406] R13: 00007f7239616038 R14: 00007f7239615fa0 R15: 00007fff48164158 [ 129.678122][ T6406] [ 130.226379][ T6413] netlink: 228 bytes leftover after parsing attributes in process `syz.2.124'. [ 130.699018][ T29] audit: type=1800 audit(1781327003.640:5): pid=6427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.128" name="lu_gp_id" dev="configfs" ino=12315 res=0 errno=0 [ 131.245937][ T29] audit: type=1800 audit(1781327004.190:6): pid=6444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.130" name="members" dev="configfs" ino=11487 res=0 errno=0 [ 132.736063][ T6463] netlink: 228 bytes leftover after parsing attributes in process `syz.0.135'. [ 132.872932][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.880931][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.005675][ T6474] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 133.395480][ T6490] random: crng reseeded on system resumption [ 134.576417][ T6514] netlink: 228 bytes leftover after parsing attributes in process `syz.3.149'. [ 134.665312][ T6515] FAULT_INJECTION: forcing a failure. [ 134.665312][ T6515] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 134.772450][ T6515] CPU: 1 UID: 0 PID: 6515 Comm: syz.2.148 Not tainted syzkaller #0 PREEMPT(full) [ 134.772493][ T6515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 134.772511][ T6515] Call Trace: [ 134.772521][ T6515] [ 134.772534][ T6515] dump_stack_lvl+0x100/0x190 [ 134.772596][ T6515] should_fail_ex.cold+0x5/0xa [ 134.772637][ T6515] _copy_to_user+0x32/0xd0 [ 134.772687][ T6515] simple_read_from_buffer+0xcb/0x170 [ 134.772736][ T6515] proc_fail_nth_read+0x1af/0x230 [ 134.772802][ T6515] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 134.772858][ T6515] ? rw_verify_area+0xce/0x6d0 [ 134.772890][ T6515] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 134.772942][ T6515] vfs_read+0x1e4/0xb30 [ 134.772991][ T6515] ? __pfx_vfs_read+0x10/0x10 [ 134.773028][ T6515] ? __fget_files+0x215/0x3d0 [ 134.773074][ T6515] ? __fget_files+0x21f/0x3d0 [ 134.773125][ T6515] ksys_read+0x12a/0x250 [ 134.773169][ T6515] ? __pfx_ksys_read+0x10/0x10 [ 134.773203][ T6515] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 134.773254][ T6515] ? syscall_user_dispatch+0x76/0x130 [ 134.773295][ T6515] do_syscall_64+0x115/0x840 [ 134.773342][ T6515] ? clear_bhb_loop+0x40/0x90 [ 134.773382][ T6515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.773415][ T6515] RIP: 0033:0x7f476bf5d68e [ 134.773440][ T6515] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 134.773471][ T6515] RSP: 002b:00007f476ce95fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 134.773501][ T6515] RAX: ffffffffffffffda RBX: 00007f476ce966c0 RCX: 00007f476bf5d68e [ 134.773521][ T6515] RDX: 000000000000000f RSI: 00007f476ce960a0 RDI: 0000000000000003 [ 134.773539][ T6515] RBP: 00007f476ce96090 R08: 0000000000000000 R09: 0000000000000000 [ 134.773557][ T6515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 134.773575][ T6515] R13: 00007f476c216128 R14: 00007f476c216090 R15: 00007fff1ff39c18 [ 134.773617][ T6515] [ 135.373259][ T6520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.150'. [ 135.539235][ T6529] netlink: 342 bytes leftover after parsing attributes in process `syz.2.153'. [ 135.992186][ T6534] FAULT_INJECTION: forcing a failure. [ 135.992186][ T6534] name failslab, interval 1, probability 0, space 0, times 0 [ 136.042538][ T6534] CPU: 1 UID: 0 PID: 6534 Comm: syz.3.150 Not tainted syzkaller #0 PREEMPT(full) [ 136.042579][ T6534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 136.042598][ T6534] Call Trace: [ 136.042609][ T6534] [ 136.042620][ T6534] dump_stack_lvl+0x100/0x190 [ 136.042682][ T6534] should_fail_ex.cold+0x5/0xa [ 136.042734][ T6534] should_failslab+0xc2/0x120 [ 136.042770][ T6534] __kmalloc_cache_noprof+0x7a/0x6f0 [ 136.042814][ T6534] ? __request_module+0x2c3/0x6c0 [ 136.042843][ T6534] ? lockdep_hardirqs_on+0x78/0x100 [ 136.042891][ T6534] __request_module+0x2c3/0x6c0 [ 136.042924][ T6534] ? __pfx___request_module+0x10/0x10 [ 136.042970][ T6534] ? find_held_lock+0x2b/0x80 [ 136.043006][ T6534] ? inet6_create+0xba3/0x12b0 [ 136.043057][ T6534] inet6_create+0xd69/0x12b0 [ 136.043098][ T6534] ? inet6_create+0x7f/0x12b0 [ 136.043139][ T6534] __sock_create+0x339/0x860 [ 136.043187][ T6534] __sys_socket+0x14d/0x260 [ 136.043229][ T6534] ? __pfx___sys_socket+0x10/0x10 [ 136.043282][ T6534] __x64_sys_socket+0x72/0xb0 [ 136.043322][ T6534] ? lockdep_hardirqs_on+0x78/0x100 [ 136.043375][ T6534] do_syscall_64+0x115/0x840 [ 136.043412][ T6534] ? clear_bhb_loop+0x40/0x90 [ 136.043446][ T6534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.043492][ T6534] RIP: 0033:0x7f723939ce59 [ 136.043515][ T6534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 136.043543][ T6534] RSP: 002b:00007f723a2b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 136.043571][ T6534] RAX: ffffffffffffffda RBX: 00007f7239616270 RCX: 00007f723939ce59 [ 136.043590][ T6534] RDX: 0000000000000083 RSI: 0000000000000006 RDI: 000000000000000a [ 136.043606][ T6534] RBP: 00007f7239432d6f R08: 0000000000000000 R09: 0000000000000000 [ 136.043623][ T6534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.043639][ T6534] R13: 00007f7239616308 R14: 00007f7239616270 R15: 00007fff48164158 [ 136.043676][ T6534] [ 137.737115][ T6604] futex_wake_op: syz.3.162 tries to shift op by -2048; fix this program [ 138.141437][ T6619] netlink: 'syz.2.166': attribute type 1 has an invalid length. [ 138.528934][ T6632] zswap: compressor not available [ 140.131116][ T6628] Process accounting resumed [ 140.432754][ T6670] netlink: 28 bytes leftover after parsing attributes in process `syz.0.175'. [ 140.506055][ T6664] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.082821][ T6664] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.707288][ T6664] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.934177][ T6688] vivid-007: ================= START STATUS ================= [ 141.957720][ T6688] vivid-007: Generate PTS: true [ 141.980407][ T6688] vivid-007: Generate SCR: true [ 141.997652][ T6688] tpg source WxH: 320x240 (Y'CbCr) [ 142.004065][ T6688] tpg field: 1 [ 142.015765][ T6688] tpg crop: (0,0)/320x240 [ 142.039184][ T6688] tpg compose: (0,0)/320x240 [ 142.045073][ T6688] tpg colorspace: 8 [ 142.049128][ T6688] tpg transfer function: 0/0 [ 142.059552][ T6664] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.070764][ T6688] tpg Y'CbCr encoding: 0/0 [ 142.076782][ T6688] tpg quantization: 0/0 [ 142.081679][ T6688] tpg RGB range: 0/2 [ 142.091460][ T6688] vivid-007: ================== END STATUS ================== [ 143.552352][ T6710] netlink: zone id is out of range [ 143.577798][ T6710] netlink: zone id is out of range [ 143.683892][ T6710] netlink: set zone limit has 8 unknown bytes [ 144.744789][ T6734] netlink: 28 bytes leftover after parsing attributes in process `syz.2.188'. [ 145.480660][ T6758] netlink: 228 bytes leftover after parsing attributes in process `syz.1.192'. [ 145.930194][ T6768] ptp ptp0: only physical clock in use now [ 147.326341][ T6812] netlink: 228 bytes leftover after parsing attributes in process `syz.2.203'. [ 150.587922][ T6880] netlink: 'syz.1.214': attribute type 33 has an invalid length. [ 150.770890][ T6887] netlink: 228 bytes leftover after parsing attributes in process `syz.3.216'. [ 152.551135][ T6923] netlink: 342 bytes leftover after parsing attributes in process `syz.1.224'. [ 152.577932][ T6923] netlink: 342 bytes leftover after parsing attributes in process `syz.1.224'. [ 153.118170][ T29] audit: type=1804 audit(1781327026.020:7): pid=6931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.225" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=22 res=1 errno=0 [ 153.201503][ T29] audit: type=1804 audit(1781327026.110:8): pid=6928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.225" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=22 res=1 errno=0 [ 153.224607][ T6914] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 153.253925][ T6914] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 153.260241][ T6914] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 153.266859][ T6914] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 153.615800][ T6944] netlink: 228 bytes leftover after parsing attributes in process `syz.2.229'. [ 154.147230][ T5635] Bluetooth: hci0: command 0x0c1a tx timeout [ 154.739687][ T6986] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd23 [ 155.116027][ T6993] netlink: 228 bytes leftover after parsing attributes in process `syz.1.240'. [ 155.344512][ T5635] Bluetooth: hci1: command 0x0c1a tx timeout [ 155.345624][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 155.352420][ T5635] Bluetooth: hci3: command 0x0c1a tx timeout [ 155.713397][ T7005] random: crng reseeded on system resumption [ 155.917552][ T7008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.244'. [ 156.073062][ T6971] kexec: Could not allocate control_code_buffer [ 156.502625][ T7016] binder: 7015:7016 ioctl c00c620f 200000000d40 returned -22 [ 157.486259][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.256'. [ 158.271395][ T7080] netlink: 16 bytes leftover after parsing attributes in process `syz.2.259'. syzkaller syzkaller login: [ 158.551949][ T7082] kafs: addr_prefs: Invalid Command [ 158.587337][ T7086] kafs: addr_prefs: Invalid Command [ 158.793287][ T7090] netlink: 342 bytes leftover after parsing attributes in process `syz.1.262'. [ 158.816227][ T7090] IPv6: NLM_F_CREATE should be specified when creating new route [ 158.843891][ T7090] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 158.852136][ T7090] IPv6: NLM_F_CREATE should be set when creating new route [ 158.859410][ T7090] IPv6: NLM_F_CREATE should be set when creating new route [ 158.982568][ T7082] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 159.183104][ T7094] futex_wake_op: syz.3.261 tries to shift op by -2048; fix this program [ 159.275305][ T7085] 0x000000000001-0x000000020000 : "" [ 159.315898][ T7085] ftl_cs: FTL header corrupt! [ 160.631879][ T7104] HfR: entered promiscuous mode [ 162.300572][ T7134] netlink: 28 bytes leftover after parsing attributes in process `syz.2.274'. [ 163.268293][ T7157] netlink: 8 bytes leftover after parsing attributes in process `syz.3.272'. [ 166.059558][ T7226] vivid-008: ================= START STATUS ================= [ 166.080438][ T7226] vivid-008: ================== END STATUS ================== [ 167.348015][ T7252] dyndbg: bad flag-op , at start of 4 [ 167.359818][ T7252] dyndbg: flags parse failed [ 169.782111][ T7279] bridge0: port 3(team0) entered blocking state [ 169.786012][ T7279] bridge0: port 3(team0) entered disabled state [ 169.786377][ T7279] team0: entered allmulticast mode [ 169.786396][ T7279] team_slave_0: entered allmulticast mode [ 169.786413][ T7279] team_slave_1: entered allmulticast mode [ 169.913108][ T7279] team0: entered promiscuous mode [ 169.941810][ T7279] team_slave_0: entered promiscuous mode [ 169.942204][ T7279] team_slave_1: entered promiscuous mode [ 169.978928][ T7279] bridge0: port 3(team0) entered blocking state [ 169.986067][ T7279] bridge0: port 3(team0) entered forwarding state [ 170.461792][ T7269] bond0: option slaves: interface -]=,Do does not exist! [ 170.914614][ T7285] Process accounting paused [ 171.849619][ T7336] QAT: failed to copy from user cfg_data. [ 172.722514][ T7336] random: crng reseeded on system resumption [ 172.995325][ T7357] bond0: option arp_interval: invalid value () [ 173.002782][ T7357] bond0: option arp_interval: allowed values 0 - 2147483647 [ 173.877174][ T7380] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 175.953552][ T7442] netlink: 4 bytes leftover after parsing attributes in process `syz.3.340'. [ 176.230167][ T7452] netlink: 28 bytes leftover after parsing attributes in process `syz.0.344'. [ 176.535102][ T5635] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 177.879616][ T7496] netlink: 12 bytes leftover after parsing attributes in process `syz.3.357'. [ 177.925064][ T7497] netlink: 'syz.3.357': attribute type 15 has an invalid length. [ 177.954486][ T7497] netlink: 'syz.3.357': attribute type 16 has an invalid length. [ 177.979339][ T7497] netlink: 194 bytes leftover after parsing attributes in process `syz.3.357'. [ 178.365200][ T7490] KVM: debugfs: duplicate directory 7490-3 [ 178.627175][ T5642] Bluetooth: hci0: command 0x0c1a tx timeout [ 180.202989][ T7533] random: crng reseeded on system resumption [ 180.704563][ T5642] Bluetooth: hci0: command 0x0c1a tx timeout [ 180.752747][ T7544] netlink: 228 bytes leftover after parsing attributes in process `syz.3.368'. [ 180.847266][ T7548] netlink: 266 bytes leftover after parsing attributes in process `syz.1.365'. [ 180.868960][ T7548] IPv6: NLM_F_CREATE should be specified when creating new route [ 180.883624][ T7548] FAULT_INJECTION: forcing a failure. [ 180.883624][ T7548] name failslab, interval 1, probability 0, space 0, times 0 [ 180.897745][ T7548] CPU: 1 UID: 0 PID: 7548 Comm: syz.1.365 Tainted: G L syzkaller #0 PREEMPT(full) [ 180.897801][ T7548] Tainted: [L]=SOFTLOCKUP [ 180.897813][ T7548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 180.897837][ T7548] Call Trace: [ 180.897847][ T7548] [ 180.897859][ T7548] dump_stack_lvl+0x100/0x190 [ 180.897934][ T7548] should_fail_ex.cold+0x5/0xa [ 180.897975][ T7548] should_failslab+0xc2/0x120 [ 180.898015][ T7548] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 180.898069][ T7548] ? shmem_alloc_inode+0x25/0x50 [ 180.898128][ T7548] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 180.898180][ T7548] shmem_alloc_inode+0x25/0x50 [ 180.898237][ T7548] alloc_inode+0x68/0x250 [ 180.898289][ T7548] new_inode+0x22/0x1c0 [ 180.898337][ T7548] ? trace_kmem_cache_alloc+0xd5/0x100 [ 180.898382][ T7548] shmem_get_inode+0x1e3/0xfb0 [ 180.898431][ T7548] ? __pfx_shmem_get_inode+0x10/0x10 [ 180.898498][ T7548] __shmem_file_setup+0x382/0x460 [ 180.898544][ T7548] ? __pfx___shmem_file_setup+0x10/0x10 [ 180.898592][ T7548] ? vm_area_alloc+0x1f/0x160 [ 180.898642][ T7548] shmem_zero_setup+0x96/0x1b0 [ 180.898677][ T7548] __mmap_region+0x2509/0x2dd0 [ 180.898733][ T7548] ? __pfx___mmap_region+0x10/0x10 [ 180.898787][ T7548] ? find_held_lock+0x2b/0x80 [ 180.898842][ T7548] ? process_measurement+0x4c8/0x2350 [ 180.898875][ T7548] ? process_measurement+0x4c8/0x2350 [ 180.898957][ T7548] ? __lock_acquire+0x4a5/0x2630 [ 180.899024][ T7548] ? lock_acquire+0x1b1/0x370 [ 180.899083][ T7548] ? find_held_lock+0x2b/0x80 [ 180.899124][ T7548] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 180.899231][ T7548] mmap_region+0x35d/0x620 [ 180.899265][ T7548] ? rcu_is_watching+0x12/0xc0 [ 180.899303][ T7548] ? __pfx_mmap_region+0x10/0x10 [ 180.899340][ T7548] ? cap_mmap_addr+0x4b/0x120 [ 180.899371][ T7548] ? bpf_lsm_mmap_addr+0x9/0x30 [ 180.899402][ T7548] ? security_mmap_addr+0x71/0x1e0 [ 180.899447][ T7548] ? __get_unmapped_area+0x255/0x3e0 [ 180.899495][ T7548] do_mmap+0xc63/0x12f0 [ 180.899543][ T7548] ? __pfx_do_mmap+0x10/0x10 [ 180.899583][ T7548] ? __pfx_down_write_killable+0x10/0x10 [ 180.899648][ T7548] vm_mmap_pgoff+0x29e/0x470 [ 180.899698][ T7548] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 180.899743][ T7548] ? do_futex+0x192/0x350 [ 180.899778][ T7548] ? __pfx_do_futex+0x10/0x10 [ 180.899820][ T7548] ksys_mmap_pgoff+0xe4/0x610 [ 180.899861][ T7548] ? __x64_sys_futex+0x358/0x4d0 [ 180.899896][ T7548] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 180.899935][ T7548] ? xfd_validate_state+0x129/0x190 [ 180.899967][ T7548] ? ksys_write+0x1ac/0x250 [ 180.900011][ T7548] __x64_sys_mmap+0x125/0x190 [ 180.900050][ T7548] do_syscall_64+0x115/0x840 [ 180.900117][ T7548] ? clear_bhb_loop+0x40/0x90 [ 180.900157][ T7548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.900189][ T7548] RIP: 0033:0x7f683c79ce59 [ 180.900222][ T7548] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 180.900253][ T7548] RSP: 002b:00007f683a9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 180.900288][ T7548] RAX: ffffffffffffffda RBX: 00007f683ca15fa0 RCX: 00007f683c79ce59 [ 180.900307][ T7548] RDX: 00004000000000db RSI: 0000000000020009 RDI: 0000000000000000 [ 180.900325][ T7548] RBP: 00007f683c832d6f R08: 0000000000000401 R09: 0000000000008000 [ 180.900343][ T7548] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 180.900361][ T7548] R13: 00007f683ca16038 R14: 00007f683ca15fa0 R15: 00007ffed6d06ff8 [ 180.900400][ T7548] [ 181.448727][ T7558] netlink: 28 bytes leftover after parsing attributes in process `syz.3.371'. [ 181.897835][ T7562] netlink: 'syz.2.373': attribute type 1 has an invalid length. [ 181.924127][ T7562] netlink: 33 bytes leftover after parsing attributes in process `syz.2.373'. [ 183.122659][ T7582] zswap: compressor not available [ 183.984084][ T7621] ima: policy update failed [ 183.990384][ T29] audit: type=1802 audit(1781329104.945:9): pid=7621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.380" res=0 errno=0 [ 184.032766][ T7621] FAULT_INJECTION: forcing a failure. [ 184.032766][ T7621] name fail_futex, interval 1, probability 0, space 0, times 1 [ 184.063475][ T7621] CPU: 1 UID: 0 PID: 7621 Comm: syz.0.380 Tainted: G L syzkaller #0 PREEMPT(full) [ 184.063512][ T7621] Tainted: [L]=SOFTLOCKUP [ 184.063533][ T7621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 184.063546][ T7621] Call Trace: [ 184.063553][ T7621] [ 184.063561][ T7621] dump_stack_lvl+0x100/0x190 [ 184.063604][ T7621] should_fail_ex.cold+0x5/0xa [ 184.063651][ T7621] get_futex_key+0x1d2/0x1510 [ 184.063714][ T7621] ? __pfx_get_futex_key+0x10/0x10 [ 184.063767][ T7621] ? sock_write_iter+0x339/0x5a0 [ 184.063812][ T7621] ? __pfx_smc_sendmsg+0x10/0x10 [ 184.063848][ T7621] ? __pfx_sock_write_iter+0x10/0x10 [ 184.063899][ T7621] futex_wake+0xea/0x530 [ 184.063951][ T7621] ? __pfx_futex_wake+0x10/0x10 [ 184.063985][ T7621] ? vfs_write+0x15d/0x1070 [ 184.064013][ T7621] ? __pfx_sock_write_iter+0x10/0x10 [ 184.064047][ T7621] do_futex+0x32b/0x350 [ 184.064072][ T7621] ? __pfx_do_futex+0x10/0x10 [ 184.064104][ T7621] __x64_sys_futex+0x34f/0x4d0 [ 184.064130][ T7621] ? fput+0x79/0x100 [ 184.064162][ T7621] ? __pfx___x64_sys_futex+0x10/0x10 [ 184.064197][ T7621] ? ksys_write+0x1ac/0x250 [ 184.064230][ T7621] ? __pfx_ksys_write+0x10/0x10 [ 184.064258][ T7621] ? rcu_is_watching+0x12/0xc0 [ 184.064288][ T7621] do_syscall_64+0x115/0x840 [ 184.064320][ T7621] ? clear_bhb_loop+0x40/0x90 [ 184.064347][ T7621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.064370][ T7621] RIP: 0033:0x7f49c039ce59 [ 184.064387][ T7621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.064408][ T7621] RSP: 002b:00007f49c118e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 184.064429][ T7621] RAX: ffffffffffffffda RBX: 00007f49c0615fa8 RCX: 00007f49c039ce59 [ 184.064444][ T7621] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f49c0615fac [ 184.064457][ T7621] RBP: 00007f49c0615fa0 R08: 0000000000000001 R09: 0000000000000000 [ 184.064471][ T7621] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 184.064484][ T7621] R13: 00007f49c0616038 R14: 00007fff4d96c660 R15: 00007fff4d96c748 [ 184.064512][ T7621] [ 184.873669][ T7645] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 184.873669][ T7645] The task syz.3.384 (7645) triggered the difference, watch for misbehavior. [ 187.306418][ T5635] Bluetooth: hci1: unexpected event 0x18 length: 726 > 23 [ 187.890536][ T7718] random: crng reseeded on system resumption [ 187.932518][ T7714] ubi0: attaching mtd0 [ 188.472588][ T7714] ubi0: scanning is finished [ 188.481208][ T7714] ubi0: empty MTD device detected [ 188.517950][ T7723] FAULT_INJECTION: forcing a failure. [ 188.517950][ T7723] name fail_futex, interval 1, probability 0, space 0, times 0 [ 188.582765][ T7723] CPU: 1 UID: 0 PID: 7723 Comm: syz.3.401 Tainted: G L syzkaller #0 PREEMPT(full) [ 188.582825][ T7723] Tainted: [L]=SOFTLOCKUP [ 188.582833][ T7723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 188.582847][ T7723] Call Trace: [ 188.582855][ T7723] [ 188.582864][ T7723] dump_stack_lvl+0x100/0x190 [ 188.582910][ T7723] should_fail_ex.cold+0x5/0xa [ 188.582941][ T7723] get_futex_key+0x1d2/0x1510 [ 188.582984][ T7723] ? __pfx_get_futex_key+0x10/0x10 [ 188.583048][ T7723] ? __lock_acquire+0x4a5/0x2630 [ 188.583107][ T7723] futex_wake+0xea/0x530 [ 188.583152][ T7723] ? __pfx_futex_wake+0x10/0x10 [ 188.583202][ T7723] ? find_held_lock+0x2b/0x80 [ 188.583265][ T7723] ? do_sys_openat2+0x1b4/0x1e0 [ 188.583308][ T7723] ? do_sys_openat2+0x1b4/0x1e0 [ 188.583352][ T7723] do_futex+0x32b/0x350 [ 188.583377][ T7723] ? __pfx_do_futex+0x10/0x10 [ 188.583400][ T7723] ? __pfx_do_sys_openat2+0x10/0x10 [ 188.583446][ T7723] __x64_sys_futex+0x34f/0x4d0 [ 188.583473][ T7723] ? __x64_sys_openat+0x12d/0x210 [ 188.583513][ T7723] ? __pfx___x64_sys_futex+0x10/0x10 [ 188.583538][ T7723] ? ksys_write+0x1ac/0x250 [ 188.583566][ T7723] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 188.583605][ T7723] ? syscall_user_dispatch+0x76/0x130 [ 188.583634][ T7723] do_syscall_64+0x115/0x840 [ 188.583669][ T7723] ? clear_bhb_loop+0x40/0x90 [ 188.583699][ T7723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.583724][ T7723] RIP: 0033:0x7f723939ce59 [ 188.583743][ T7723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 188.583767][ T7723] RSP: 002b:00007f723a31a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 188.583796][ T7723] RAX: ffffffffffffffda RBX: 00007f7239615fa8 RCX: 00007f723939ce59 [ 188.583812][ T7723] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7239615fac [ 188.583826][ T7723] RBP: 00007f7239615fa0 R08: 0000000000000001 R09: 0000000000000000 [ 188.583841][ T7723] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 188.583855][ T7723] R13: 00007f7239616038 R14: 00007fff48164070 R15: 00007fff48164158 [ 188.583885][ T7723] [ 189.565719][ T7714] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 189.637968][ T7714] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 189.682404][ T7714] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 189.732642][ T7714] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 189.759605][ T7714] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 189.796940][ T7714] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 189.839679][ T7714] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4094328658 [ 189.922966][ T7714] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 189.993100][ T7737] ubi0: background thread "ubi_bgt0d" started, PID 7737 [ 190.033510][ T7717] ubi0: detaching mtd0 [ 190.112629][ T7717] ubi0: mtd0 is detached [ 192.000564][ T7776] netlink: 228 bytes leftover after parsing attributes in process `syz.3.412'. [ 192.247121][ T7783] netlink: 228 bytes leftover after parsing attributes in process `syz.3.413'. [ 194.256720][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.267931][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.410784][ T7820] netlink: 'syz.1.421': attribute type 1 has an invalid length. [ 194.426057][ T7820] netlink: 33 bytes leftover after parsing attributes in process `syz.1.421'. [ 194.743095][ T7825] random: crng reseeded on system resumption [ 194.885741][ T7831] QAT: Stopping all acceleration devices. [ 196.440567][ T7872] netlink: 228 bytes leftover after parsing attributes in process `syz.1.432'. [ 196.635172][ T7876] sd 0:0:1:0: PR command failed: 1026 [ 196.651315][ T7876] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 196.687789][ T7876] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 196.984820][ T7885] netlink: 228 bytes leftover after parsing attributes in process `syz.0.435'. [ 197.211232][ T29] audit: type=1326 audit(1781329118.234:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.0.436" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f49c039ce59 code=0x0 [ 197.236745][ T7874] ima: policy update failed [ 197.253206][ T29] audit: type=1802 audit(1781329118.274:11): pid=7874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.433" res=0 errno=0 [ 198.282947][ T7923] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 198.569651][ T7925] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 199.254504][ T7945] netlink: 228 bytes leftover after parsing attributes in process `syz.0.443'. [ 201.348485][ T7997] Process accounting resumed [ 202.675022][ T5635] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 202.675087][ T5635] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 202.692862][ T5635] Bluetooth: hci0: Unknown advertising packet type: 0x3e [ 202.692910][ T5635] Bluetooth: hci0: adv larger than maximum supported [ 202.700206][ T5635] Bluetooth: hci0: Malformed LE Event: 0x0d [ 202.875168][ T8027] random: crng reseeded on system resumption [ 203.046520][ T8024] Unrecognized hibernate image header format! [ 203.062285][ T8024] PM: hibernation: Image mismatch: architecture specific data [ 203.361175][ T8024] syz.3.460 (8024) used greatest stack depth: 18768 bytes left [ 205.454619][ T8078] random: crng reseeded on system resumption [ 205.656784][ T8077] Unrecognized hibernate image header format! [ 205.696791][ T8077] PM: hibernation: Image mismatch: architecture specific data [ 206.827110][ T8088] vhci_hcd vhci_hcd.2: invalid port number 16 [ 206.846410][ T8088] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 210.338367][ T8143] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 210.346105][ T8143] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 210.356806][ T8143] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 210.365501][ T8143] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 211.752996][ T5635] Bluetooth: hci0: command 0x0c1a tx timeout [ 212.390928][ T5635] Bluetooth: hci1: command 0x0c1a tx timeout [ 212.397936][ T5642] Bluetooth: hci2: command 0x0c1a tx timeout [ 212.397936][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 212.998729][ T8205] vivid-011: ================= START STATUS ================= [ 213.019751][ T8205] vivid-011: Radio HW Seek Mode: Bounded [ 213.039398][ T8205] vivid-011: Radio Programmable HW Seek: false [ 213.062122][ T8205] vivid-011: RDS Rx I/O Mode: Block I/O [ 213.099002][ T8205] vivid-011: Generate RBDS Instead of RDS: false [ 213.133668][ T8205] vivid-011: RDS Reception: true [ 213.154907][ T8205] vivid-011: RDS Program Type: 0 inactive [ 213.175702][ T8205] vivid-011: RDS PS Name: inactive [ 213.181025][ T8205] vivid-011: RDS Radio Text: inactive [ 213.211157][ T8205] vivid-011: RDS Traffic Announcement: false inactive [ 213.232688][ T8205] vivid-011: RDS Traffic Program: false inactive [ 213.272471][ T8205] vivid-011: RDS Music: false inactive [ 213.306870][ T8205] vivid-011: ================== END STATUS ================== [ 214.094777][ T8230] lo: entered allmulticast mode [ 214.146903][ T8230] lo: left allmulticast mode [ 214.523453][ T8231] netlink: 8 bytes leftover after parsing attributes in process `syz.2.507'. [ 218.810058][ T8345] lo: entered allmulticast mode [ 218.861310][ T8345] lo: left allmulticast mode [ 222.099746][ T8391] netlink: 228 bytes leftover after parsing attributes in process `syz.2.533'. [ 224.112209][ T8429] lo: entered allmulticast mode [ 224.202810][ T8429] lo: left allmulticast mode [ 226.233600][ T8456] netlink: 228 bytes leftover after parsing attributes in process `syz.0.545'. [ 229.764580][ T8564] binder: 8562:8564 ioctl 541b 0 returned -22 [ 230.849260][ T29] audit: type=1800 audit(1843104524.076:12): pid=8587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.581" name="version" dev="configfs" ino=26170 res=0 errno=0 [ 231.688749][ T8588] Process accounting paused [ 232.691161][ T8628] bridge0: port 3(veth1) entered blocking state [ 232.725567][ T8628] bridge0: port 3(veth1) entered disabled state [ 232.756571][ T8628] veth1: entered allmulticast mode [ 232.787753][ T8628] veth1: entered promiscuous mode [ 232.808683][ T8628] bridge0: port 3(veth1) entered blocking state [ 232.815086][ T8628] bridge0: port 3(veth1) entered forwarding state [ 234.461243][ T8645] Process accounting resumed [ 235.337560][ T8683] smpboot: CPU 1 is now offline [ 236.054987][ T8709] : Can't lookup blockdev [ 236.691005][ T8718] netlink: 228 bytes leftover after parsing attributes in process `syz.1.610'. [ 237.266198][ T8721] vivid-007: ================= START STATUS ================= [ 237.306738][ T8721] vivid-007: Generate PTS: true [ 237.335389][ T8721] vivid-007: Generate SCR: true [ 237.369279][ T8721] tpg source WxH: 320x240 (Y'CbCr) [ 237.399741][ T8721] tpg field: 1 [ 237.419131][ T8721] tpg crop: (0,0)/320x240 [ 237.441389][ T8721] tpg compose: (0,0)/320x240 [ 237.466720][ T8721] tpg colorspace: 8 [ 237.485343][ T8721] tpg transfer function: 0/0 [ 237.508576][ T8721] tpg Y'CbCr encoding: 0/0 [ 237.530718][ T8721] tpg quantization: 0/0 [ 237.572082][ T8721] tpg RGB range: 0/2 [ 237.592382][ T8721] vivid-007: ================== END STATUS ================== [ 239.374938][ T8757] binder: 8754:8757 ioctl 541b 0 returned -22 [ 239.538747][ T8761] netlink: 8 bytes leftover after parsing attributes in process `syz.2.624'. [ 240.695852][ T8785] netlink: 62 bytes leftover after parsing attributes in process `syz.2.629'. [ 240.745843][ T8785] netlink: 62 bytes leftover after parsing attributes in process `syz.2.629'. [ 240.791176][ T8785] netlink: 62 bytes leftover after parsing attributes in process `syz.2.629'. [ 240.827309][ T8785] netlink: 62 bytes leftover after parsing attributes in process `syz.2.629'. [ 240.884202][ T8785] netlink: 62 bytes leftover after parsing attributes in process `syz.2.629'. [ 240.929720][ T8785] netlink: 62 bytes leftover after parsing attributes in process `syz.2.629'. [ 240.970181][ T8785] netlink: 62 bytes leftover after parsing attributes in process `syz.2.629'. [ 241.004711][ T8785] netlink: 62 bytes leftover after parsing attributes in process `syz.2.629'. [ 241.641451][ T8795] FAULT_INJECTION: forcing a failure. [ 241.641451][ T8795] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 241.707140][ T8795] CPU: 0 UID: 0 PID: 8795 Comm: syz.3.632 Tainted: G L syzkaller #0 PREEMPT(full) [ 241.707173][ T8795] Tainted: [L]=SOFTLOCKUP [ 241.707179][ T8795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 241.707195][ T8795] Call Trace: [ 241.707202][ T8795] [ 241.707210][ T8795] dump_stack_lvl+0x100/0x190 [ 241.707251][ T8795] should_fail_ex.cold+0x5/0xa [ 241.707278][ T8795] _copy_from_iter+0x1f4/0x1690 [ 241.707315][ T8795] ? __pfx__copy_from_iter+0x10/0x10 [ 241.707344][ T8795] ? rcu_is_watching+0x12/0xc0 [ 241.707368][ T8795] ? trace_kmalloc+0xe3/0x110 [ 241.707393][ T8795] ? __kasan_kmalloc+0xaa/0xb0 [ 241.707415][ T8795] ? __kmalloc_noprof+0x320/0x850 [ 241.707453][ T8795] kernfs_fop_write_iter+0x186/0x5f0 [ 241.707491][ T8795] vfs_write+0x6ac/0x1070 [ 241.707515][ T8795] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 241.707548][ T8795] ? __pfx_vfs_write+0x10/0x10 [ 241.707589][ T8795] ksys_write+0x12a/0x250 [ 241.707612][ T8795] ? __pfx_ksys_write+0x10/0x10 [ 241.707638][ T8795] ? rcu_is_watching+0x12/0xc0 [ 241.707665][ T8795] do_syscall_64+0x115/0x840 [ 241.707694][ T8795] ? clear_bhb_loop+0x40/0x90 [ 241.707720][ T8795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.707741][ T8795] RIP: 0033:0x7f723939ce59 [ 241.707757][ T8795] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.707776][ T8795] RSP: 002b:00007f723a31a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 241.707799][ T8795] RAX: ffffffffffffffda RBX: 00007f7239615fa0 RCX: 00007f723939ce59 [ 241.707813][ T8795] RDX: 000000000000007f RSI: 0000200000000180 RDI: 0000000000000003 [ 241.707825][ T8795] RBP: 00007f723a31a090 R08: 0000000000000000 R09: 0000000000000000 [ 241.707837][ T8795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 241.707849][ T8795] R13: 00007f7239616038 R14: 00007f7239615fa0 R15: 00007fff48164158 [ 241.707876][ T8795] [ 242.656193][ T8794] FAULT_INJECTION: forcing a failure. [ 242.656193][ T8794] name failslab, interval 1, probability 0, space 0, times 0 [ 242.802524][ T8794] CPU: 0 UID: 0 PID: 8794 Comm: syz.1.630 Tainted: G L syzkaller #0 PREEMPT(full) [ 242.802556][ T8794] Tainted: [L]=SOFTLOCKUP [ 242.802563][ T8794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 242.802576][ T8794] Call Trace: [ 242.802583][ T8794] [ 242.802590][ T8794] dump_stack_lvl+0x100/0x190 [ 242.802630][ T8794] should_fail_ex.cold+0x5/0xa [ 242.802657][ T8794] should_failslab+0xc2/0x120 [ 242.802682][ T8794] __kmalloc_cache_noprof+0x7a/0x6f0 [ 242.802713][ T8794] ? __request_module+0x2c3/0x6c0 [ 242.802734][ T8794] ? lockdep_hardirqs_on+0x78/0x100 [ 242.802768][ T8794] __request_module+0x2c3/0x6c0 [ 242.802790][ T8794] ? __pfx___request_module+0x10/0x10 [ 242.802824][ T8794] ? find_held_lock+0x2b/0x80 [ 242.802849][ T8794] ? inet6_create+0xba3/0x12b0 [ 242.802887][ T8794] inet6_create+0xd69/0x12b0 [ 242.802915][ T8794] ? inet6_create+0x7f/0x12b0 [ 242.802945][ T8794] __sock_create+0x339/0x860 [ 242.802978][ T8794] __sys_socket+0x14d/0x260 [ 242.803008][ T8794] ? __pfx___sys_socket+0x10/0x10 [ 242.803045][ T8794] __x64_sys_socket+0x72/0xb0 [ 242.803073][ T8794] ? lockdep_hardirqs_on+0x78/0x100 [ 242.803103][ T8794] do_syscall_64+0x115/0x840 [ 242.803132][ T8794] ? clear_bhb_loop+0x40/0x90 [ 242.803158][ T8794] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.803179][ T8794] RIP: 0033:0x7f683c79ce59 [ 242.803195][ T8794] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 242.803215][ T8794] RSP: 002b:00007f683a591028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 242.803234][ T8794] RAX: ffffffffffffffda RBX: 00007f683ca16270 RCX: 00007f683c79ce59 [ 242.803266][ T8794] RDX: 0000000000000083 RSI: 0000000000000006 RDI: 000000000000000a [ 242.803279][ T8794] RBP: 00007f683c832d6f R08: 0000000000000000 R09: 0000000000000000 [ 242.803293][ T8794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.803305][ T8794] R13: 00007f683ca16308 R14: 00007f683ca16270 R15: 00007ffed6d06ff8 [ 242.803333][ T8794] [ 246.051466][ T8873] __nla_validate_parse: 10 callbacks suppressed [ 246.051484][ T8873] netlink: 228 bytes leftover after parsing attributes in process `syz.3.649'. [ 246.306410][ T8879] ubi31: attaching mtd0 [ 246.331455][ T8879] ubi31 error: validate_ec_hdr: bad VID header offset 64, expected 514 [ 246.331496][ T8879] ubi31 error: validate_ec_hdr: bad EC header [ 246.331521][ T8879] Erase counter header dump: [ 246.331529][ T8879] magic 0x55424923 [ 246.331539][ T8879] version 1 [ 246.331548][ T8879] ec 1 [ 246.331557][ T8879] vid_hdr_offset 64 [ 246.331566][ T8879] data_offset 128 [ 246.331575][ T8879] image_seq -200638638 [ 246.331584][ T8879] hdr_crc 0x5308317c [ 246.331594][ T8879] erase counter header hexdump: [ 246.331710][ T8879] CPU: 0 UID: 0 PID: 8879 Comm: syz.1.648 Tainted: G L syzkaller #0 PREEMPT(full) [ 246.331743][ T8879] Tainted: [L]=SOFTLOCKUP [ 246.331751][ T8879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 246.331766][ T8879] Call Trace: [ 246.331773][ T8879] [ 246.331782][ T8879] dump_stack_lvl+0x100/0x190 [ 246.331827][ T8879] validate_ec_hdr+0x2d0/0x330 [ 246.331856][ T8879] ubi_io_read_ec_hdr+0x656/0x6d0 [ 246.331888][ T8879] ubi_attach+0x601/0x4d30 [ 246.331932][ T8879] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 246.331968][ T8879] ? ubi_msg+0x114/0x159 [ 246.331992][ T8879] ? __pfx_ubi_msg+0x10/0x10 [ 246.332025][ T8879] ? __pfx_ubi_attach+0x10/0x10 [ 246.332059][ T8879] ? lockdep_init_map_type+0x5c/0x250 [ 246.332105][ T8879] ? ubi_attach_mtd_dev+0x1353/0x32a0 [ 246.332142][ T8879] ? __vmalloc_node_noprof+0xad/0xf0 [ 246.332175][ T8879] ? ubi_attach_mtd_dev+0x1353/0x32a0 [ 246.332220][ T8879] ubi_attach_mtd_dev+0x139f/0x32a0 [ 246.332270][ T8879] ? __pfx_ubi_attach_mtd_dev+0x10/0x10 [ 246.332306][ T8879] ? __pfx_get_mtd_device+0x10/0x10 [ 246.332342][ T8879] ctrl_cdev_ioctl+0x36a/0x400 [ 246.332379][ T8879] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 246.332425][ T8879] ? __pfx_ctrl_cdev_ioctl+0x10/0x10 [ 246.332464][ T8879] __x64_sys_ioctl+0x18e/0x210 [ 246.332491][ T8879] do_syscall_64+0x115/0x840 [ 246.332526][ T8879] ? clear_bhb_loop+0x40/0x90 [ 246.332556][ T8879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.332581][ T8879] RIP: 0033:0x7f683c79ce59 [ 246.332600][ T8879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 246.332623][ T8879] RSP: 002b:00007f683a9b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 246.332646][ T8879] RAX: ffffffffffffffda RBX: 00007f683ca16180 RCX: 00007f683c79ce59 [ 246.332663][ T8879] RDX: 0000200000000000 RSI: 0000000040186f40 RDI: 0000000000000007 [ 246.332678][ T8879] RBP: 00007f683c832d6f R08: 0000000000000000 R09: 0000000000000000 [ 246.332692][ T8879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.332706][ T8879] R13: 00007f683ca16218 R14: 00007f683ca16180 R15: 00007ffed6d06ff8 [ 246.332737][ T8879] [ 246.344391][ T8879] ubi31 error: ubi_io_read_ec_hdr: validation failed for PEB 0 [ 246.423443][ T8879] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 248.266410][ T8889] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 248.274873][ T8889] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 248.277430][ T8889] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 248.278027][ T8889] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 248.511286][ T8859] Process accounting resumed [ 249.158649][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 249.174187][ T8909] FAULT_INJECTION: forcing a failure. [ 249.174187][ T8909] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 249.241841][ T8909] CPU: 0 UID: 0 PID: 8909 Comm: syz.1.657 Tainted: G L syzkaller #0 PREEMPT(full) [ 249.241876][ T8909] Tainted: [L]=SOFTLOCKUP [ 249.241883][ T8909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 249.241897][ T8909] Call Trace: [ 249.241904][ T8909] [ 249.241912][ T8909] dump_stack_lvl+0x100/0x190 [ 249.241955][ T8909] should_fail_ex.cold+0x5/0xa [ 249.241984][ T8909] _copy_to_user+0x32/0xd0 [ 249.242018][ T8909] simple_read_from_buffer+0xcb/0x170 [ 249.242047][ T8909] proc_fail_nth_read+0x1af/0x230 [ 249.242084][ T8909] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 249.242122][ T8909] ? rw_verify_area+0xce/0x6d0 [ 249.242144][ T8909] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 249.242179][ T8909] vfs_read+0x1e4/0xb30 [ 249.242208][ T8909] ? __pfx_vfs_read+0x10/0x10 [ 249.242238][ T8909] ? __fget_files+0x215/0x3d0 [ 249.242271][ T8909] ? __fget_files+0x21f/0x3d0 [ 249.242304][ T8909] ksys_read+0x12a/0x250 [ 249.242329][ T8909] ? __pfx_ksys_read+0x10/0x10 [ 249.242356][ T8909] ? rcu_is_watching+0x12/0xc0 [ 249.242386][ T8909] do_syscall_64+0x115/0x840 [ 249.242417][ T8909] ? clear_bhb_loop+0x40/0x90 [ 249.242445][ T8909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.242467][ T8909] RIP: 0033:0x7f683c75d68e [ 249.242485][ T8909] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 249.242505][ T8909] RSP: 002b:00007f683a9f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 249.242526][ T8909] RAX: ffffffffffffffda RBX: 00007f683a9f66c0 RCX: 00007f683c75d68e [ 249.242540][ T8909] RDX: 000000000000000f RSI: 00007f683a9f60a0 RDI: 0000000000000004 [ 249.242553][ T8909] RBP: 00007f683a9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 249.242566][ T8909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 249.242579][ T8909] R13: 00007f683ca16038 R14: 00007f683ca15fa0 R15: 00007ffed6d06ff8 [ 249.242608][ T8909] [ 250.275541][ T5635] Bluetooth: hci2: command 0x0c1a tx timeout [ 250.282612][ T5642] Bluetooth: hci3: command 0x0c1a tx timeout [ 250.288793][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 250.688529][ T8951] FAULT_INJECTION: forcing a failure. [ 250.688529][ T8951] name failslab, interval 1, probability 0, space 0, times 0 [ 250.757356][ T8951] CPU: 0 UID: 0 PID: 8951 Comm: syz.3.667 Tainted: G L syzkaller #0 PREEMPT(full) [ 250.757396][ T8951] Tainted: [L]=SOFTLOCKUP [ 250.757404][ T8951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 250.757418][ T8951] Call Trace: [ 250.757425][ T8951] [ 250.757434][ T8951] dump_stack_lvl+0x100/0x190 [ 250.757478][ T8951] should_fail_ex.cold+0x5/0xa [ 250.757508][ T8951] should_failslab+0xc2/0x120 [ 250.757537][ T8951] __kvmalloc_node_noprof+0xfa/0xa00 [ 250.757560][ T8951] ? seq_read_iter+0x819/0x1270 [ 250.757592][ T8951] seq_read_iter+0x819/0x1270 [ 250.757619][ T8951] ? aa_file_perm+0x7f3/0x14d0 [ 250.757662][ T8951] seq_read+0x33b/0x4c0 [ 250.757687][ T8951] ? __pfx_seq_read+0x10/0x10 [ 250.757717][ T8951] ? lock_acquire+0x1b1/0x370 [ 250.757764][ T8951] ? __pfx_seq_read+0x10/0x10 [ 250.757788][ T8951] proc_reg_read+0x240/0x330 [ 250.757816][ T8951] ? __pfx_proc_reg_read+0x10/0x10 [ 250.757845][ T8951] vfs_read+0x1e4/0xb30 [ 250.757875][ T8951] ? __pfx_vfs_read+0x10/0x10 [ 250.757900][ T8951] ? __fget_files+0x215/0x3d0 [ 250.757933][ T8951] ? __fget_files+0x21f/0x3d0 [ 250.757968][ T8951] ksys_read+0x12a/0x250 [ 250.757994][ T8951] ? __pfx_ksys_read+0x10/0x10 [ 250.758022][ T8951] ? rcu_is_watching+0x12/0xc0 [ 250.758053][ T8951] do_syscall_64+0x115/0x840 [ 250.758095][ T8951] ? clear_bhb_loop+0x40/0x90 [ 250.758124][ T8951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.758147][ T8951] RIP: 0033:0x7f723939ce59 [ 250.758165][ T8951] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 250.758187][ T8951] RSP: 002b:00007f723a31a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 250.758208][ T8951] RAX: ffffffffffffffda RBX: 00007f7239615fa0 RCX: 00007f723939ce59 [ 250.758223][ T8951] RDX: 0000000000000008 RSI: 0000200000000180 RDI: 0000000000000004 [ 250.758237][ T8951] RBP: 00007f723a31a090 R08: 0000000000000000 R09: 0000000000000000 [ 250.758250][ T8951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 250.758263][ T8951] R13: 00007f7239616038 R14: 00007f7239615fa0 R15: 00007fff48164158 [ 250.758293][ T8951] [ 251.456799][ T8949] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 251.463598][ T8949] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 251.470616][ T8949] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 251.479257][ T8949] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 252.724455][ T8987] program syz.2.673 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 252.739528][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 253.034184][ T8992] netlink: 8 bytes leftover after parsing attributes in process `syz.0.685'. [ 253.456906][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 253.535568][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 253.541731][ T5635] Bluetooth: hci2: command 0x0c1a tx timeout [ 254.096336][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 254.103759][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 254.200064][ T9007] FAULT_INJECTION: forcing a failure. [ 254.200064][ T9007] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 254.253419][ T9007] CPU: 0 UID: 0 PID: 9007 Comm: syz.2.678 Tainted: G L syzkaller #0 PREEMPT(full) [ 254.253453][ T9007] Tainted: [L]=SOFTLOCKUP [ 254.253460][ T9007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 254.253473][ T9007] Call Trace: [ 254.253480][ T9007] [ 254.253488][ T9007] dump_stack_lvl+0x100/0x190 [ 254.253532][ T9007] should_fail_ex.cold+0x5/0xa [ 254.253562][ T9007] _copy_to_iter+0x5a4/0x1720 [ 254.253604][ T9007] ? __pfx__copy_to_iter+0x10/0x10 [ 254.253638][ T9007] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 254.253660][ T9007] ? seq_read_iter+0x819/0x1270 [ 254.253696][ T9007] seq_read_iter+0xdab/0x1270 [ 254.253732][ T9007] seq_read+0x33b/0x4c0 [ 254.253756][ T9007] ? __pfx_seq_read+0x10/0x10 [ 254.253786][ T9007] ? lock_acquire+0x1b1/0x370 [ 254.253831][ T9007] ? __pfx_seq_read+0x10/0x10 [ 254.253855][ T9007] proc_reg_read+0x240/0x330 [ 254.253882][ T9007] ? __pfx_proc_reg_read+0x10/0x10 [ 254.253910][ T9007] vfs_read+0x1e4/0xb30 [ 254.253938][ T9007] ? __pfx_vfs_read+0x10/0x10 [ 254.253963][ T9007] ? __fget_files+0x215/0x3d0 [ 254.253995][ T9007] ? __fget_files+0x21f/0x3d0 [ 254.254029][ T9007] ksys_read+0x12a/0x250 [ 254.254053][ T9007] ? __pfx_ksys_read+0x10/0x10 [ 254.254081][ T9007] ? rcu_is_watching+0x12/0xc0 [ 254.254110][ T9007] do_syscall_64+0x115/0x840 [ 254.254142][ T9007] ? clear_bhb_loop+0x40/0x90 [ 254.254170][ T9007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.254192][ T9007] RIP: 0033:0x7f476bf9ce59 [ 254.254209][ T9007] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 254.254230][ T9007] RSP: 002b:00007f476ceb7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 254.254251][ T9007] RAX: ffffffffffffffda RBX: 00007f476c215fa0 RCX: 00007f476bf9ce59 [ 254.254265][ T9007] RDX: 0000000000000008 RSI: 0000200000000180 RDI: 0000000000000004 [ 254.254278][ T9007] RBP: 00007f476ceb7090 R08: 0000000000000000 R09: 0000000000000000 [ 254.254291][ T9007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 254.254304][ T9007] R13: 00007f476c216038 R14: 00007f476c215fa0 R15: 00007fff1ff39c18 [ 254.254332][ T9007] [ 255.249631][ T9023] FAULT_INJECTION: forcing a failure. [ 255.249631][ T9023] name failslab, interval 1, probability 0, space 0, times 0 [ 255.278832][ T9023] CPU: 0 UID: 0 PID: 9023 Comm: syz.0.687 Tainted: G L syzkaller #0 PREEMPT(full) [ 255.278877][ T9023] Tainted: [L]=SOFTLOCKUP [ 255.278884][ T9023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 255.278896][ T9023] Call Trace: [ 255.278902][ T9023] [ 255.278910][ T9023] dump_stack_lvl+0x100/0x190 [ 255.278951][ T9023] should_fail_ex.cold+0x5/0xa [ 255.278978][ T9023] should_failslab+0xc2/0x120 [ 255.279003][ T9023] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 255.279037][ T9023] ? prepare_creds+0x2c/0x950 [ 255.279058][ T9023] ? from_kgid_munged+0xab/0x130 [ 255.279092][ T9023] prepare_creds+0x2c/0x950 [ 255.279114][ T9023] __sys_setfsgid+0xe3/0x3b0 [ 255.279143][ T9023] do_syscall_64+0x115/0x840 [ 255.279175][ T9023] ? clear_bhb_loop+0x40/0x90 [ 255.279201][ T9023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.279222][ T9023] RIP: 0033:0x7f49c039ce59 [ 255.279238][ T9023] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 255.279257][ T9023] RSP: 002b:00007f49c118e028 EFLAGS: 00000246 ORIG_RAX: 000000000000007b [ 255.279276][ T9023] RAX: ffffffffffffffda RBX: 00007f49c0615fa0 RCX: 00007f49c039ce59 [ 255.279307][ T9023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 255.279320][ T9023] RBP: 00007f49c0432d6f R08: 0000000000000000 R09: 0000000000000000 [ 255.279333][ T9023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.279345][ T9023] R13: 00007f49c0616038 R14: 00007f49c0615fa0 R15: 00007fff4d96c748 [ 255.279374][ T9023] [ 256.427746][ T9073] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5634] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[9073] [ 257.266417][ T9100] random: crng reseeded on system resumption [ 258.728129][ T9130] tc_dump_action: action bad kind [ 260.428880][ T9162] netlink: 228 bytes leftover after parsing attributes in process `syz.2.711'. [ 260.478930][ T9164] netlink: 228 bytes leftover after parsing attributes in process `syz.1.712'. [ 260.919747][ T29] audit: type=1806 audit(1843104554.292:13): xattr="" res=-22 [ 262.771028][ T9196] Process accounting resumed [ 262.900976][ T9210] netlink: 5007 bytes leftover after parsing attributes in process `syz.3.719'. [ 263.532727][ T9226] netlink: 228 bytes leftover after parsing attributes in process `syz.1.722'. [ 264.229859][ T9240] program syz.1.726 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 265.060064][ T9206] Process accounting paused [ 268.911722][ T9321] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 268.918901][ T9321] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 268.995698][ T9321] netlink: 20 bytes leftover after parsing attributes in process `syz.1.746'. [ 269.105210][ T9321] hsr_slave_0 (unregistering): left promiscuous mode [ 271.145039][ T9308] kexec: Could not allocate control_code_buffer [ 272.176623][ T9363] netlink: 228 bytes leftover after parsing attributes in process `syz.2.753'. [ 272.475366][ T9367] netlink: 228 bytes leftover after parsing attributes in process `syz.0.754'. [ 272.754363][ T9370] netlink: 228 bytes leftover after parsing attributes in process `syz.2.755'. [ 273.453668][ T29] audit: type=1806 audit(1843104566.907:14): xattr="" res=-22 [ 275.564804][ T9417] block nbd0: Unsupported socket: should be TCP or UNIX. [ 277.444589][ T9448] netlink: 228 bytes leftover after parsing attributes in process `syz.0.775'. [ 278.681758][ T9459] binder: 9455:9459 ioctl c0046209 ffffffffffffffff returned -22 [ 279.624721][ T9459] Process accounting paused [ 281.159647][ T9502] netlink: 228 bytes leftover after parsing attributes in process `syz.3.786'. [ 282.262032][ T9522] netlink: 'syz.1.791': attribute type 9 has an invalid length. [ 282.293172][ T9522] netlink: 330 bytes leftover after parsing attributes in process `syz.1.791'. [ 286.799581][ T9617] FAULT_INJECTION: forcing a failure. [ 286.799581][ T9617] name failslab, interval 1, probability 0, space 0, times 0 [ 286.949716][ T9617] CPU: 0 UID: 0 PID: 9617 Comm: syz.3.810 Tainted: G L syzkaller #0 PREEMPT(full) [ 286.949751][ T9617] Tainted: [L]=SOFTLOCKUP [ 286.949759][ T9617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 286.949772][ T9617] Call Trace: [ 286.949779][ T9617] [ 286.949786][ T9617] dump_stack_lvl+0x100/0x190 [ 286.949829][ T9617] should_fail_ex.cold+0x5/0xa [ 286.949858][ T9617] should_failslab+0xc2/0x120 [ 286.949885][ T9617] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 286.949922][ T9617] ? security_inode_alloc+0x3b/0x2c0 [ 286.949947][ T9617] ? lockdep_init_map_type+0x5c/0x250 [ 286.949988][ T9617] security_inode_alloc+0x3b/0x2c0 [ 286.950014][ T9617] inode_init_always_gfp+0xc77/0xfb0 [ 286.950046][ T9617] alloc_inode+0x8e/0x250 [ 286.950081][ T9617] new_inode+0x22/0x1c0 [ 286.950119][ T9617] proc_get_inode+0x1d/0x780 [ 286.950147][ T9617] proc_lookup_de+0x236/0x360 [ 286.950180][ T9617] proc_lookup+0xcf/0x110 [ 286.950210][ T9617] proc_root_lookup+0x3b/0x70 [ 286.950239][ T9617] __lookup_slow+0x251/0x460 [ 286.950277][ T9617] ? __pfx___lookup_slow+0x10/0x10 [ 286.950334][ T9617] lookup_slow+0x50/0x70 [ 286.950375][ T9617] link_path_walk+0x1377/0x1cc0 [ 286.950409][ T9617] path_openat+0x1be/0x31a0 [ 286.950436][ T9617] ? kasan_save_stack+0x3f/0x50 [ 286.950457][ T9617] ? kasan_save_stack+0x30/0x50 [ 286.950479][ T9617] ? kasan_save_track+0x14/0x30 [ 286.950500][ T9617] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 286.950544][ T9617] ? __pfx_path_openat+0x10/0x10 [ 286.950582][ T9617] do_file_open+0x20e/0x430 [ 286.950613][ T9617] ? __pfx_do_file_open+0x10/0x10 [ 286.950660][ T9617] ? alloc_fd+0x476/0x790 [ 286.950690][ T9617] ? do_getname+0x191/0x390 [ 286.950726][ T9617] do_sys_openat2+0x10d/0x1e0 [ 286.950762][ T9617] ? __pfx_do_sys_openat2+0x10/0x10 [ 286.950799][ T9617] ? do_raw_spin_lock+0x128/0x260 [ 286.950829][ T9617] __x64_sys_openat+0x12d/0x210 [ 286.950866][ T9617] ? __pfx___x64_sys_openat+0x10/0x10 [ 286.950907][ T9617] ? rcu_is_watching+0x12/0xc0 [ 286.950935][ T9617] do_syscall_64+0x115/0x840 [ 286.950968][ T9617] ? clear_bhb_loop+0x40/0x90 [ 286.950995][ T9617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.951018][ T9617] RIP: 0033:0x7f723939ce59 [ 286.951054][ T9617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 286.951076][ T9617] RSP: 002b:00007f723a2d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 286.951101][ T9617] RAX: ffffffffffffffda RBX: 00007f7239616180 RCX: 00007f723939ce59 [ 286.951117][ T9617] RDX: 0000000000000b40 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 286.951131][ T9617] RBP: 00007f7239432d6f R08: 0000000000000000 R09: 0000000000000000 [ 286.951146][ T9617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.951159][ T9617] R13: 00007f7239616218 R14: 00007f7239616180 R15: 00007fff48164158 [ 286.951189][ T9617] [ 287.553328][ T9629] netlink: 228 bytes leftover after parsing attributes in process `syz.3.815'. [ 288.274835][ T9639] can: request_module (can-proto-3) failed. [ 289.008818][ T9665] FAULT_INJECTION: forcing a failure. [ 289.008818][ T9665] name fail_futex, interval 1, probability 0, space 0, times 0 [ 289.022031][ T9665] CPU: 0 UID: 0 PID: 9665 Comm: syz.3.819 Tainted: G L syzkaller #0 PREEMPT(full) [ 289.022068][ T9665] Tainted: [L]=SOFTLOCKUP [ 289.022076][ T9665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 289.022091][ T9665] Call Trace: [ 289.022099][ T9665] [ 289.022107][ T9665] dump_stack_lvl+0x100/0x190 [ 289.022154][ T9665] should_fail_ex.cold+0x5/0xa [ 289.022185][ T9665] should_fail_futex+0x4c/0x60 [ 289.022225][ T9665] futex_lock_pi_atomic+0xe7/0xaf0 [ 289.022265][ T9665] ? futex_hash+0x141/0x370 [ 289.022308][ T9665] futex_lock_pi+0x245/0x7a0 [ 289.022342][ T9665] ? __pfx_futex_lock_pi+0x10/0x10 [ 289.022375][ T9665] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 289.022435][ T9665] ? __pfx_futex_wake_mark+0x10/0x10 [ 289.022486][ T9665] ? ksys_write+0x190/0x250 [ 289.022512][ T9665] ? ksys_write+0x190/0x250 [ 289.022545][ T9665] do_futex+0x18a/0x350 [ 289.022570][ T9665] ? __pfx_do_futex+0x10/0x10 [ 289.022601][ T9665] __x64_sys_futex+0x34f/0x4d0 [ 289.022630][ T9665] ? __pfx___x64_sys_futex+0x10/0x10 [ 289.022653][ T9665] ? ksys_write+0x1ac/0x250 [ 289.022684][ T9665] ? rcu_is_watching+0x12/0xc0 [ 289.022715][ T9665] do_syscall_64+0x115/0x840 [ 289.022749][ T9665] ? clear_bhb_loop+0x40/0x90 [ 289.022778][ T9665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.022802][ T9665] RIP: 0033:0x7f723939ce59 [ 289.022820][ T9665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.022843][ T9665] RSP: 002b:00007f723a2f9028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 289.022865][ T9665] RAX: ffffffffffffffda RBX: 00007f7239616090 RCX: 00007f723939ce59 [ 289.022881][ T9665] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 289.022894][ T9665] RBP: 00007f7239432d6f R08: 0000000000000000 R09: 000000008000fff5 [ 289.022909][ T9665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.022923][ T9665] R13: 00007f7239616128 R14: 00007f7239616090 R15: 00007fff48164158 [ 289.022952][ T9665] [ 290.042216][ T9678] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 290.422030][ T9678] zswap: compressor 000 not available [ 291.175542][ T9665] Process accounting resumed [ 291.397782][ T9690] netlink: 228 bytes leftover after parsing attributes in process `syz.3.825'. [ 291.613718][ T9654] kexec: Could not allocate control_code_buffer [ 292.826835][ T9723] netlink: 228 bytes leftover after parsing attributes in process `syz.2.834'. [ 292.996128][ T9722] Process accounting paused [ 297.131489][ T9781] random: crng reseeded on system resumption [ 298.090499][ T9798] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 298.289321][ T9794] netlink: 222 bytes leftover after parsing attributes in process `syz.2.848'. [ 298.647678][ T9808] random: crng reseeded on system resumption [ 299.266795][ T5635] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 299.442646][ T9814] futex_wake_op: syz.2.852 tries to shift op by -2048; fix this program [ 301.209289][ T9844] FAULT_INJECTION: forcing a failure. [ 301.209289][ T9844] name failslab, interval 1, probability 0, space 0, times 0 [ 301.365251][ T9844] CPU: 0 UID: 0 PID: 9844 Comm: syz.2.858 Tainted: G L syzkaller #0 PREEMPT(full) [ 301.365287][ T9844] Tainted: [L]=SOFTLOCKUP [ 301.365295][ T9844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 301.365309][ T9844] Call Trace: [ 301.365317][ T9844] [ 301.365325][ T9844] dump_stack_lvl+0x100/0x190 [ 301.365374][ T9844] should_fail_ex.cold+0x5/0xa [ 301.365404][ T9844] should_failslab+0xc2/0x120 [ 301.365435][ T9844] __kmalloc_cache_noprof+0x7a/0x6f0 [ 301.365471][ T9844] ? ocfs2_control_open+0x45/0x1d0 [ 301.365519][ T9844] ocfs2_control_open+0x45/0x1d0 [ 301.365557][ T9844] ? __pfx_ocfs2_control_open+0x10/0x10 [ 301.365595][ T9844] misc_open+0x26d/0x450 [ 301.365620][ T9844] ? __pfx_misc_open+0x10/0x10 [ 301.365643][ T9844] chrdev_open+0x234/0x6a0 [ 301.365675][ T9844] ? __pfx_chrdev_open+0x10/0x10 [ 301.365707][ T9844] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 301.365745][ T9844] do_dentry_open+0x6ab/0x14d0 [ 301.365774][ T9844] ? __pfx_chrdev_open+0x10/0x10 [ 301.365810][ T9844] vfs_open+0x82/0x3f0 [ 301.365850][ T9844] path_openat+0x208c/0x31a0 [ 301.365889][ T9844] ? __pfx_path_openat+0x10/0x10 [ 301.365930][ T9844] do_file_open+0x20e/0x430 [ 301.365963][ T9844] ? __pfx_do_file_open+0x10/0x10 [ 301.366019][ T9844] ? alloc_fd+0x476/0x790 [ 301.366051][ T9844] ? do_getname+0x191/0x390 [ 301.366090][ T9844] do_sys_openat2+0x10d/0x1e0 [ 301.366128][ T9844] ? __pfx_do_sys_openat2+0x10/0x10 [ 301.366167][ T9844] ? do_raw_spin_lock+0x128/0x260 [ 301.366200][ T9844] __x64_sys_openat+0x12d/0x210 [ 301.366238][ T9844] ? __pfx___x64_sys_openat+0x10/0x10 [ 301.366282][ T9844] ? rcu_is_watching+0x12/0xc0 [ 301.366313][ T9844] do_syscall_64+0x115/0x840 [ 301.366347][ T9844] ? clear_bhb_loop+0x40/0x90 [ 301.366376][ T9844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.366407][ T9844] RIP: 0033:0x7f476bf9ce59 [ 301.366426][ T9844] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 301.366449][ T9844] RSP: 002b:00007f476ce96028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 301.366471][ T9844] RAX: ffffffffffffffda RBX: 00007f476c216090 RCX: 00007f476bf9ce59 [ 301.366486][ T9844] RDX: 000000000004c280 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 301.366501][ T9844] RBP: 00007f476c032d6f R08: 0000000000000000 R09: 0000000000000000 [ 301.366516][ T9844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.366530][ T9844] R13: 00007f476c216128 R14: 00007f476c216090 R15: 00007fff1ff39c18 [ 301.366559][ T9844] [ 302.074101][ T9860] hub 1-0:1.0: USB hub found [ 302.087179][ T9860] hub 1-0:1.0: 1 port detected [ 302.806179][ T9857] random: crng reseeded on system resumption [ 309.704486][ T9987] netlink: 228 bytes leftover after parsing attributes in process `syz.1.891'. [ 310.656749][ T9985] Process accounting resumed [ 311.779730][ T9991] kexec: Could not allocate control_code_buffer [ 313.399725][T10037] zswap: compressor not available [ 313.458969][T10027] sg_write: data in/out 262108/45 bytes for SCSI command 0x61-- guessing data in; [ 313.458969][T10027] program syz.1.899 not setting count and/or reply_len properly [ 314.700718][T10062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.905'. [ 315.885598][T10083] netlink: 350 bytes leftover after parsing attributes in process `syz.3.909'. [ 316.252911][T10047] kexec: Could not allocate control_code_buffer [ 316.492519][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.502212][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.997512][T10100] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 318.056688][T10122] netlink: 228 bytes leftover after parsing attributes in process `syz.1.915'. [ 319.767666][T10157] random: crng reseeded on system resumption [ 321.241055][T10188] Process accounting paused [ 321.890221][T10204] mtrr: base(0x1000000) is not aligned on a size(0x0000) boundary [ 322.413575][T10214] binder: 10210:10214 ioctl 400c620e 0 returned -22 [ 324.386554][T10246] netlink: 228 bytes leftover after parsing attributes in process `syz.3.940'. [ 325.151778][T10219] Process accounting resumed [ 325.534209][T10258] netlink: 330 bytes leftover after parsing attributes in process `syz.3.944'. [ 326.788317][T10243] kexec: Could not allocate control_code_buffer [ 327.249746][T10283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.946'. [ 327.487859][T10286] sysfs_service_op_show: Client not running :-5: [ 327.596716][T10286] netlink: 3 bytes leftover after parsing attributes in process `syz.1.947'. [ 328.866796][ T5635] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 332.844648][T10365] netlink: 342 bytes leftover after parsing attributes in process `syz.3.962'. [ 333.311996][T10362] netlink: 334 bytes leftover after parsing attributes in process `syz.1.961'. [ 333.546215][T10373] netlink: 228 bytes leftover after parsing attributes in process `syz.2.964'. [ 334.130448][T10385] random: crng reseeded on system resumption [ 335.333718][T10414] netlink: 228 bytes leftover after parsing attributes in process `syz.1.972'. [ 335.656086][T10421] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 336.587289][T10440] FAULT_INJECTION: forcing a failure. [ 336.587289][T10440] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 336.636501][T10440] CPU: 0 UID: 0 PID: 10440 Comm: syz.2.979 Tainted: G L syzkaller #0 PREEMPT(full) [ 336.636540][T10440] Tainted: [L]=SOFTLOCKUP [ 336.636548][T10440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 336.636561][T10440] Call Trace: [ 336.636568][T10440] [ 336.636577][T10440] dump_stack_lvl+0x100/0x190 [ 336.636623][T10440] should_fail_ex.cold+0x5/0xa [ 336.636652][T10440] _copy_from_user+0x2e/0xd0 [ 336.636685][T10440] acpi_system_write_wakeup_device+0xbe/0x580 [ 336.636718][T10440] ? __pfx_acpi_system_write_wakeup_device+0x10/0x10 [ 336.636757][T10440] ? __pfx_acpi_system_write_wakeup_device+0x10/0x10 [ 336.636787][T10440] proc_reg_write+0x240/0x330 [ 336.636818][T10440] vfs_write+0x2aa/0x1070 [ 336.636845][T10440] ? __pfx_proc_reg_write+0x10/0x10 [ 336.636874][T10440] ? __pfx_vfs_write+0x10/0x10 [ 336.636899][T10440] ? __fget_files+0x215/0x3d0 [ 336.636932][T10440] ? __fget_files+0x21f/0x3d0 [ 336.636966][T10440] ksys_write+0x12a/0x250 [ 336.636991][T10440] ? __pfx_ksys_write+0x10/0x10 [ 336.637019][T10440] ? rcu_is_watching+0x12/0xc0 [ 336.637049][T10440] do_syscall_64+0x115/0x840 [ 336.637080][T10440] ? clear_bhb_loop+0x40/0x90 [ 336.637108][T10440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.637131][T10440] RIP: 0033:0x7f476bf9ce59 [ 336.637148][T10440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 336.637169][T10440] RSP: 002b:00007f476ceb7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 336.637190][T10440] RAX: ffffffffffffffda RBX: 00007f476c215fa0 RCX: 00007f476bf9ce59 [ 336.637205][T10440] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 336.637218][T10440] RBP: 00007f476ceb7090 R08: 0000000000000000 R09: 0000000000000000 [ 336.637231][T10440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 336.637244][T10440] R13: 00007f476c216038 R14: 00007f476c215fa0 R15: 00007fff1ff39c18 [ 336.637272][T10440] [ 336.896228][T10416] kexec: Could not allocate control_code_buffer [ 339.522679][T10484] FAULT_INJECTION: forcing a failure. [ 339.522679][T10484] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 339.602348][T10484] CPU: 0 UID: 0 PID: 10484 Comm: syz.3.991 Tainted: G L syzkaller #0 PREEMPT(full) [ 339.602389][T10484] Tainted: [L]=SOFTLOCKUP [ 339.602397][T10484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 339.602411][T10484] Call Trace: [ 339.602419][T10484] [ 339.602427][T10484] dump_stack_lvl+0x100/0x190 [ 339.602474][T10484] should_fail_ex.cold+0x5/0xa [ 339.602499][T10484] ? prepare_alloc_pages+0x16d/0x5f0 [ 339.602531][T10484] should_fail_alloc_page+0xeb/0x140 [ 339.602568][T10484] prepare_alloc_pages+0x1f0/0x5f0 [ 339.602597][T10484] ? ima_match_policy+0x8c4/0x2350 [ 339.602630][T10484] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 339.602693][T10484] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 339.602733][T10484] ? __pfx___might_resched+0x10/0x10 [ 339.602759][T10484] ? find_held_lock+0x2b/0x80 [ 339.602787][T10484] ? process_measurement+0x4c8/0x2350 [ 339.602809][T10484] ? process_measurement+0x4c8/0x2350 [ 339.602837][T10484] ? up_write+0x28c/0x4f0 [ 339.602861][T10484] ? vma_is_special_huge+0x23f/0x2d0 [ 339.602888][T10484] ? __pfx_vma_is_special_huge+0x10/0x10 [ 339.602916][T10484] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 339.602951][T10484] ? policy_nodemask+0xed/0x4f0 [ 339.602981][T10484] alloc_pages_mpol+0x1fb/0x540 [ 339.603010][T10484] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 339.603040][T10484] ? __pfx___thp_vma_allowable_orders+0x10/0x10 [ 339.603077][T10484] alloc_pages_noprof+0x1a/0x160 [ 339.603109][T10484] __pmd_alloc+0x3b/0x950 [ 339.603142][T10484] __handle_mm_fault+0xa9c/0x2a00 [ 339.603182][T10484] ? mt_find+0x45e/0x8e0 [ 339.603218][T10484] ? __pfx___handle_mm_fault+0x10/0x10 [ 339.603252][T10484] ? __pfx_mt_find+0x10/0x10 [ 339.603309][T10484] ? find_vma+0xbf/0x140 [ 339.603334][T10484] ? __pfx_find_vma+0x10/0x10 [ 339.603362][T10484] handle_mm_fault+0x37b/0xa30 [ 339.603407][T10484] do_user_addr_fault+0x74c/0x12f0 [ 339.603438][T10484] ? trace_page_fault_kernel+0x7a/0x200 [ 339.603466][T10484] exc_page_fault+0x6f/0xd0 [ 339.603500][T10484] asm_exc_page_fault+0x26/0x30 [ 339.603523][T10484] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 339.603548][T10484] Code: c4 10 e9 04 9d 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 cd 9c 04 00 66 66 [ 339.603570][T10484] RSP: 0018:ffffc90003f0fbd0 EFLAGS: 00050202 [ 339.603588][T10484] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 339.603602][T10484] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90003f0fc38 [ 339.603616][T10484] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520007e1f87 [ 339.603630][T10484] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 339.603643][T10484] R13: ffffc90003f0fc38 R14: 000000000000fdef R15: 1ffff920007e1f83 [ 339.603672][T10484] _copy_from_user+0x98/0xd0 [ 339.603706][T10484] acpi_system_write_wakeup_device+0xbe/0x580 [ 339.603741][T10484] ? __pfx_acpi_system_write_wakeup_device+0x10/0x10 [ 339.603781][T10484] ? __pfx_acpi_system_write_wakeup_device+0x10/0x10 [ 339.603813][T10484] proc_reg_write+0x240/0x330 [ 339.603844][T10484] vfs_write+0x2aa/0x1070 [ 339.603871][T10484] ? __pfx_proc_reg_write+0x10/0x10 [ 339.603902][T10484] ? __pfx_vfs_write+0x10/0x10 [ 339.603927][T10484] ? __fget_files+0x215/0x3d0 [ 339.603961][T10484] ? __fget_files+0x21f/0x3d0 [ 339.603996][T10484] ksys_write+0x12a/0x250 [ 339.604022][T10484] ? __pfx_ksys_write+0x10/0x10 [ 339.604051][T10484] ? rcu_is_watching+0x12/0xc0 [ 339.604082][T10484] do_syscall_64+0x115/0x840 [ 339.604114][T10484] ? clear_bhb_loop+0x40/0x90 [ 339.604142][T10484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.604165][T10484] RIP: 0033:0x7f723939ce59 [ 339.604183][T10484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 339.604204][T10484] RSP: 002b:00007f723a31a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 339.604223][T10484] RAX: ffffffffffffffda RBX: 00007f7239615fa0 RCX: 00007f723939ce59 [ 339.604238][T10484] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 339.604251][T10484] RBP: 00007f723a31a090 R08: 0000000000000000 R09: 0000000000000000 [ 339.604269][T10484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.604282][T10484] R13: 00007f7239616038 R14: 00007f7239615fa0 R15: 00007fff48164158 [ 339.604312][T10484] [ 341.215084][T10494] Process accounting paused [ 341.475865][T10507] netlink: 28 bytes leftover after parsing attributes in process `syz.0.997'. [ 342.666623][T10530] FAULT_INJECTION: forcing a failure. [ 342.666623][T10530] name failslab, interval 1, probability 0, space 0, times 0 [ 342.730065][T10530] CPU: 0 UID: 0 PID: 10530 Comm: syz.3.1003 Tainted: G L syzkaller #0 PREEMPT(full) [ 342.730100][T10530] Tainted: [L]=SOFTLOCKUP [ 342.730108][T10530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 342.730121][T10530] Call Trace: [ 342.730128][T10530] [ 342.730136][T10530] dump_stack_lvl+0x100/0x190 [ 342.730179][T10530] should_fail_ex.cold+0x5/0xa [ 342.730208][T10530] should_failslab+0xc2/0x120 [ 342.730235][T10530] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 342.730272][T10530] ? __pmd_alloc+0xbf/0x950 [ 342.730306][T10530] __pmd_alloc+0xbf/0x950 [ 342.730337][T10530] __handle_mm_fault+0xa9c/0x2a00 [ 342.730376][T10530] ? mt_find+0x45e/0x8e0 [ 342.730411][T10530] ? __pfx___handle_mm_fault+0x10/0x10 [ 342.730443][T10530] ? __pfx_mt_find+0x10/0x10 [ 342.730496][T10530] ? find_vma+0xbf/0x140 [ 342.730520][T10530] ? __pfx_find_vma+0x10/0x10 [ 342.730547][T10530] handle_mm_fault+0x37b/0xa30 [ 342.730586][T10530] do_user_addr_fault+0x74c/0x12f0 [ 342.730617][T10530] ? trace_page_fault_kernel+0x7a/0x200 [ 342.730645][T10530] exc_page_fault+0x6f/0xd0 [ 342.730677][T10530] asm_exc_page_fault+0x26/0x30 [ 342.730700][T10530] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 342.730725][T10530] Code: c4 10 e9 04 9d 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 cd 9c 04 00 66 66 [ 342.730745][T10530] RSP: 0018:ffffc90003c17bd0 EFLAGS: 00050202 [ 342.730763][T10530] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 342.730776][T10530] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90003c17c38 [ 342.730789][T10530] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52000782f87 [ 342.730809][T10530] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 342.730821][T10530] R13: ffffc90003c17c38 R14: 000000000000fdef R15: 1ffff92000782f83 [ 342.730849][T10530] _copy_from_user+0x98/0xd0 [ 342.730882][T10530] acpi_system_write_wakeup_device+0xbe/0x580 [ 342.730922][T10530] ? __pfx_acpi_system_write_wakeup_device+0x10/0x10 [ 342.730982][T10530] ? __pfx_acpi_system_write_wakeup_device+0x10/0x10 [ 342.731014][T10530] proc_reg_write+0x240/0x330 [ 342.731046][T10530] vfs_write+0x2aa/0x1070 [ 342.731073][T10530] ? __pfx_proc_reg_write+0x10/0x10 [ 342.731104][T10530] ? __pfx_vfs_write+0x10/0x10 [ 342.731129][T10530] ? __fget_files+0x215/0x3d0 [ 342.731163][T10530] ? __fget_files+0x21f/0x3d0 [ 342.731198][T10530] ksys_write+0x12a/0x250 [ 342.731224][T10530] ? __pfx_ksys_write+0x10/0x10 [ 342.731253][T10530] ? rcu_is_watching+0x12/0xc0 [ 342.731284][T10530] do_syscall_64+0x115/0x840 [ 342.731316][T10530] ? clear_bhb_loop+0x40/0x90 [ 342.731344][T10530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.731367][T10530] RIP: 0033:0x7f723939ce59 [ 342.731385][T10530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 342.731406][T10530] RSP: 002b:00007f723a31a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 342.731425][T10530] RAX: ffffffffffffffda RBX: 00007f7239615fa0 RCX: 00007f723939ce59 [ 342.731440][T10530] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 342.731453][T10530] RBP: 00007f723a31a090 R08: 0000000000000000 R09: 0000000000000000 [ 342.731467][T10530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.731480][T10530] R13: 00007f7239616038 R14: 00007f7239615fa0 R15: 00007fff48164158 [ 342.731510][T10530] [ 345.106336][T10558] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1010'. [ 346.449854][T10582] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1016'. [ 346.880606][T10594] FAULT_INJECTION: forcing a failure. [ 346.880606][T10594] name failslab, interval 1, probability 0, space 0, times 0 [ 346.967104][T10594] CPU: 0 UID: 0 PID: 10594 Comm: syz.3.1018 Tainted: G L syzkaller #0 PREEMPT(full) [ 346.967159][T10594] Tainted: [L]=SOFTLOCKUP [ 346.967167][T10594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 346.967195][T10594] Call Trace: [ 346.967202][T10594] [ 346.967210][T10594] dump_stack_lvl+0x100/0x190 [ 346.967254][T10594] should_fail_ex.cold+0x5/0xa [ 346.967282][T10594] should_failslab+0xc2/0x120 [ 346.967309][T10594] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 346.967348][T10594] ? alloc_empty_file+0x5b/0x1c0 [ 346.967394][T10594] alloc_empty_file+0x5b/0x1c0 [ 346.967429][T10594] alloc_file_pseudo+0x13a/0x230 [ 346.967464][T10594] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 346.967499][T10594] ? alloc_fd+0x476/0x790 [ 346.967531][T10594] sock_alloc_file+0x50/0x210 [ 346.967556][T10594] __sys_socket+0x1c0/0x260 [ 346.967588][T10594] ? __pfx___sys_socket+0x10/0x10 [ 346.967618][T10594] ? ksys_write+0x1ac/0x250 [ 346.967650][T10594] __x64_sys_socket+0x72/0xb0 [ 346.967681][T10594] ? lockdep_hardirqs_on+0x78/0x100 [ 346.967713][T10594] do_syscall_64+0x115/0x840 [ 346.967744][T10594] ? clear_bhb_loop+0x40/0x90 [ 346.967771][T10594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.967793][T10594] RIP: 0033:0x7f723939ce59 [ 346.967811][T10594] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 346.967832][T10594] RSP: 002b:00007f723a31a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 346.967853][T10594] RAX: ffffffffffffffda RBX: 00007f7239615fa0 RCX: 00007f723939ce59 [ 346.967867][T10594] RDX: 000000000000000a RSI: 0000000000000002 RDI: 0000000000000021 [ 346.967880][T10594] RBP: 00007f7239432d6f R08: 0000000000000000 R09: 0000000000000000 [ 346.967893][T10594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.967906][T10594] R13: 00007f7239616038 R14: 00007f7239615fa0 R15: 00007fff48164158 [ 346.967933][T10594] [ 347.440759][T10595] FAULT_INJECTION: forcing a failure. [ 347.440759][T10595] name fail_futex, interval 1, probability 0, space 0, times 0 [ 347.555054][T10595] CPU: 0 UID: 0 PID: 10595 Comm: syz.3.1018 Tainted: G L syzkaller #0 PREEMPT(full) [ 347.555091][T10595] Tainted: [L]=SOFTLOCKUP [ 347.555099][T10595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 347.555113][T10595] Call Trace: [ 347.555121][T10595] [ 347.555129][T10595] dump_stack_lvl+0x100/0x190 [ 347.555175][T10595] should_fail_ex.cold+0x5/0xa [ 347.555205][T10595] get_futex_key+0x1d2/0x1510 [ 347.555248][T10595] ? __pfx_get_futex_key+0x10/0x10 [ 347.555297][T10595] futex_wake+0xea/0x530 [ 347.555335][T10595] ? rcu_is_watching+0x12/0xc0 [ 347.555363][T10595] ? __pfx_futex_wake+0x10/0x10 [ 347.555396][T10595] ? putname+0xb1/0x110 [ 347.555427][T10595] ? kmem_cache_free+0x127/0x6c0 [ 347.555469][T10595] do_futex+0x32b/0x350 [ 347.555494][T10595] ? __pfx_do_futex+0x10/0x10 [ 347.555516][T10595] ? __pfx_do_sys_openat2+0x10/0x10 [ 347.555555][T10595] ? do_raw_spin_lock+0x128/0x260 [ 347.555603][T10595] __x64_sys_futex+0x34f/0x4d0 [ 347.555643][T10595] ? __x64_sys_openat+0x12d/0x210 [ 347.555682][T10595] ? __pfx___x64_sys_futex+0x10/0x10 [ 347.555712][T10595] ? rcu_is_watching+0x12/0xc0 [ 347.555742][T10595] do_syscall_64+0x115/0x840 [ 347.555776][T10595] ? clear_bhb_loop+0x40/0x90 [ 347.555805][T10595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.555829][T10595] RIP: 0033:0x7f723939ce59 [ 347.555848][T10595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 347.555871][T10595] RSP: 002b:00007f723a2f90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 347.555893][T10595] RAX: ffffffffffffffda RBX: 00007f7239616098 RCX: 00007f723939ce59 [ 347.555908][T10595] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f723961609c [ 347.555923][T10595] RBP: 00007f7239616090 R08: 0000000000000001 R09: 0000000000000000 [ 347.555937][T10595] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 347.555951][T10595] R13: 00007f7239616128 R14: 00007fff48164070 R15: 00007fff48164158 [ 347.555981][T10595] [ 349.429727][T10575] kexec: Could not allocate control_code_buffer [ 350.304018][T10635] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1028'. [ 352.000125][T10643] Process accounting resumed [ 353.102357][T10688] sysfs: cannot create duplicate filename '/class/ieee80211/11!phy1!netdev:wlan1!rc_rateidx_mcs_mask' [ 353.137055][T10688] CPU: 0 UID: 0 PID: 10688 Comm: syz.1.1038 Tainted: G L syzkaller #0 PREEMPT(full) [ 353.137092][T10688] Tainted: [L]=SOFTLOCKUP [ 353.137100][T10688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 353.137115][T10688] Call Trace: [ 353.137178][T10688] [ 353.137187][T10688] dump_stack_lvl+0x100/0x190 [ 353.137284][T10688] sysfs_warn_dup.cold+0x1c/0x28 [ 353.137334][T10688] sysfs_do_create_link_sd+0x113/0x140 [ 353.137383][T10688] sysfs_create_link+0x61/0xc0 [ 353.137409][T10688] device_add+0x675/0x1950 [ 353.137494][T10688] ? __pfx_device_add+0x10/0x10 [ 353.137519][T10688] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 353.137573][T10688] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 353.137688][T10688] wiphy_register+0x1edd/0x2d90 [ 353.137718][T10688] ? __rtnl_unlock+0xb9/0xf0 [ 353.137800][T10688] ? __pfx_wiphy_register+0x10/0x10 [ 353.137837][T10688] ? __asan_memset+0x23/0x50 [ 353.137886][T10688] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 353.137979][T10688] ieee80211_register_hw+0x3055/0x4570 [ 353.138071][T10688] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 353.138109][T10688] ? __pfx___debug_object_init+0x10/0x10 [ 353.138208][T10688] ? find_held_lock+0x2b/0x80 [ 353.138249][T10688] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 353.138285][T10688] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 353.138373][T10688] ? __hrtimer_setup+0x208/0x330 [ 353.138405][T10688] mac80211_hwsim_new_radio+0x2a01/0x5aa0 [ 353.138471][T10688] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 353.138506][T10688] ? __asan_memcpy+0x3c/0x60 [ 353.138548][T10688] hwsim_new_radio_nl+0xc5f/0x1370 [ 353.138578][T10688] ? rcu_is_watching+0x12/0xc0 [ 353.138607][T10688] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 353.138646][T10688] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 353.138717][T10688] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 353.138762][T10688] genl_family_rcv_msg_doit+0x214/0x300 [ 353.138808][T10688] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 353.138845][T10688] ? genl_get_cmd+0x3e7/0x760 [ 353.138886][T10688] ? bpf_lsm_capable+0x9/0x10 [ 353.138918][T10688] ? security_capable+0x80/0x260 [ 353.138977][T10688] ? ns_capable+0xd2/0xf0 [ 353.139014][T10688] genl_rcv_msg+0x560/0x800 [ 353.139054][T10688] ? __pfx_genl_rcv_msg+0x10/0x10 [ 353.139091][T10688] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 353.139132][T10688] netlink_rcv_skb+0x159/0x420 [ 353.139165][T10688] ? __pfx_genl_rcv_msg+0x10/0x10 [ 353.139203][T10688] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 353.139247][T10688] ? netlink_deliver_tap+0x1ae/0xcc0 [ 353.139282][T10688] genl_rcv+0x28/0x40 [ 353.139314][T10688] netlink_unicast+0x585/0x850 [ 353.139351][T10688] ? __pfx_netlink_unicast+0x10/0x10 [ 353.139391][T10688] netlink_sendmsg+0x8b0/0xda0 [ 353.139429][T10688] ? __pfx_netlink_sendmsg+0x10/0x10 [ 353.139459][T10688] ? __import_iovec+0x1d2/0x640 [ 353.139534][T10688] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 353.139582][T10688] ____sys_sendmsg+0x9e1/0xb70 [ 353.139633][T10688] ? __pfx_netlink_sendmsg+0x10/0x10 [ 353.139668][T10688] ? __pfx_____sys_sendmsg+0x10/0x10 [ 353.139705][T10688] ? rcu_is_watching+0x12/0xc0 [ 353.139731][T10688] ? ___sys_sendmsg+0x19d/0x1e0 [ 353.139763][T10688] ? kfree+0x1dd/0x6c0 [ 353.139810][T10688] ___sys_sendmsg+0x190/0x1e0 [ 353.139846][T10688] ? __pfx____sys_sendmsg+0x10/0x10 [ 353.139907][T10688] ? __pfx___might_resched+0x10/0x10 [ 353.139943][T10688] __sys_sendmmsg+0x205/0x430 [ 353.139972][T10688] ? __pfx___sys_sendmmsg+0x10/0x10 [ 353.140020][T10688] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 353.140099][T10688] ? kcov_ioctl+0x16a/0x720 [ 353.140137][T10688] __x64_sys_sendmmsg+0x9c/0x100 [ 353.140161][T10688] ? lockdep_hardirqs_on+0x78/0x100 [ 353.140226][T10688] do_syscall_64+0x115/0x840 [ 353.140260][T10688] ? clear_bhb_loop+0x40/0x90 [ 353.140294][T10688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.140319][T10688] RIP: 0033:0x7f683c79ce59 [ 353.140338][T10688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 353.140361][T10688] RSP: 002b:00007f683a9d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 353.140384][T10688] RAX: ffffffffffffffda RBX: 00007f683ca16090 RCX: 00007f683c79ce59 [ 353.140400][T10688] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 353.140415][T10688] RBP: 00007f683c832d6f R08: 0000000000000000 R09: 0000000000000000 [ 353.140429][T10688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 353.140443][T10688] R13: 00007f683ca16128 R14: 00007f683ca16090 R15: 00007ffed6d06ff8 [ 353.140473][T10688] [ 353.842304][T10699] bond0: invalid ARP target specified [ 354.093627][ T5635] block nbd0: Receive control failed (result -32) [ 355.499081][T10732] netlink: 228 bytes leftover after parsing attributes in process `syz.2.1048'. [ 359.143254][T10775] kexec: Could not allocate control_code_buffer [ 360.234713][ T5635] Bluetooth: hci2: unexpected event 0x10 length: 124 > 1 [ 360.237773][ T50] Bluetooth: hci2: hardware error 0x00 [ 360.348383][ T5635] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 362.291371][ T29] audit: type=1326 audit(2147483734.904:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10856 comm="syz.3.1077" exe="/root/ci-qemu-gce-upstream-auto/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f723939ce59 code=0x0 [ 362.354837][ T50] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 362.378892][T10862] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1077'. [ 363.696525][T10888] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1084'. [ 364.790483][T10907] futex_wake_op: syz.1.1089 tries to shift op by -2048; fix this program [ 364.837456][T10907] futex_wake_op: syz.1.1089 tries to shift op by -2048; fix this program [ 368.974787][T10982] hub 1-0:1.0: USB hub found [ 369.010710][T10982] hub 1-0:1.0: 1 port detected [ 371.110948][T11003] Process accounting resumed [ 371.181223][T11020] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1115'. [ 371.457425][T11019] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1115'. [ 373.489500][ T50] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 373.497632][ T50] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0' [ 373.510176][ T50] CPU: 0 UID: 0 PID: 50 Comm: kworker/u9:0 Tainted: G L syzkaller #0 PREEMPT(full) [ 373.510211][ T50] Tainted: [L]=SOFTLOCKUP [ 373.510219][ T50] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 373.510234][ T50] Workqueue: hci0 hci_rx_work [ 373.510422][ T50] Call Trace: [ 373.510430][ T50] [ 373.510439][ T50] dump_stack_lvl+0x100/0x190 [ 373.510483][ T50] sysfs_warn_dup.cold+0x1c/0x28 [ 373.510518][ T50] sysfs_create_dir_ns+0x24b/0x2b0 [ 373.510546][ T50] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 373.510570][ T50] ? find_held_lock+0x2b/0x80 [ 373.510600][ T50] ? kobject_add_internal+0x25f/0x930 [ 373.510659][ T50] ? kobject_add_internal+0x25f/0x930 [ 373.510696][ T50] ? do_raw_spin_unlock+0x145/0x1e0 [ 373.510731][ T50] kobject_add_internal+0x2c8/0x930 [ 373.510759][ T50] kobject_add+0x16a/0x1e0 [ 373.510783][ T50] ? __pfx_kobject_add+0x10/0x10 [ 373.510805][ T50] ? class_to_subsys+0x10f/0x150 [ 373.510862][ T50] ? kobject_put+0xb9/0x640 [ 373.510914][ T50] ? _raw_spin_unlock+0x28/0x50 [ 373.510952][ T50] device_add+0x294/0x1950 [ 373.510979][ T50] ? __pfx_dev_set_name+0x10/0x10 [ 373.511030][ T50] ? __pfx_device_add+0x10/0x10 [ 373.511057][ T50] ? mgmt_send_event_skb+0x2fb/0x460 [ 373.511119][ T50] hci_conn_add_sysfs+0x1a3/0x260 [ 373.511188][ T50] le_conn_complete_evt+0x11eb/0x1f60 [ 373.511253][ T50] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 373.511283][ T50] ? __pfx_bt_warn+0x10/0x10 [ 373.511332][ T50] hci_le_conn_complete_evt+0x23c/0x3a0 [ 373.511365][ T50] ? skb_pull_data+0x15f/0x1e0 [ 373.511422][ T50] hci_le_meta_evt+0x34a/0x5f0 [ 373.511471][ T50] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 373.511508][ T50] hci_event_packet+0x51c/0xcd0 [ 373.511540][ T50] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 373.511575][ T50] ? __pfx_hci_event_packet+0x10/0x10 [ 373.511609][ T50] ? kcov_remote_start+0x374/0x660 [ 373.511642][ T50] ? lockdep_hardirqs_on+0x78/0x100 [ 373.511684][ T50] hci_rx_work+0x451/0xfc0 [ 373.511719][ T50] process_one_work+0xa0e/0x1980 [ 373.511761][ T50] ? __pfx_process_one_work+0x10/0x10 [ 373.511792][ T50] ? __pfx_hci_rx_work+0x10/0x10 [ 373.511825][ T50] worker_thread+0x5ef/0xe50 [ 373.511860][ T50] ? kthread+0x13a/0x450 [ 373.511895][ T50] ? __pfx_worker_thread+0x10/0x10 [ 373.511916][ T50] kthread+0x370/0x450 [ 373.511952][ T50] ? __pfx_kthread+0x10/0x10 [ 373.511991][ T50] ret_from_fork+0x72b/0xd50 [ 373.512028][ T50] ? __pfx_ret_from_fork+0x10/0x10 [ 373.512055][ T50] ? __switch_to+0x800/0x1100 [ 373.512092][ T50] ? __switch_to_asm+0x39/0x70 [ 373.512123][ T50] ? __pfx_kthread+0x10/0x10 [ 373.512161][ T50] ret_from_fork_asm+0x1a/0x30 [ 373.512207][ T50] [ 374.050862][T11057] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1124'. [ 374.077735][ T50] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 374.091848][ T50] Bluetooth: hci0: failed to register connection device [ 374.295051][T11055] can: request_module (can-proto-3) failed. [ 374.614518][ T50] Bluetooth: hci0: unexpected event 0x33 length: 0 < 10 [ 376.098196][ T5635] Bluetooth: hci0: command 0x0c1a tx timeout [ 377.614717][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.623388][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.167309][ T5635] Bluetooth: hci0: command 0x0c1a tx timeout [ 381.552525][T11131] kexec: Could not allocate control_code_buffer [ 382.296373][T11182] Process accounting paused [ 384.640583][T11224] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1160'. [ 384.884577][T11224] veth1_vlan: entered allmulticast mode [ 385.482028][T11205] kexec: Could not allocate control_code_buffer [ 385.885574][T11245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1163'. [ 386.219028][T11253] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1166'. [ 388.592462][T11294] futex_wake_op: syz.0.1174 tries to shift op by -2048; fix this program [ 388.678051][T11284] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1171'. [ 389.744616][T11310] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1177'. [ 392.352277][T11322] kexec: Could not allocate control_code_buffer [ 395.273620][T11390] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:3 is already present [ 398.948408][T11442] FAULT_INJECTION: forcing a failure. [ 398.948408][T11442] name fail_futex, interval 1, probability 0, space 0, times 0 [ 399.035423][T11442] CPU: 0 UID: 0 PID: 11442 Comm: syz.3.1204 Tainted: G L syzkaller #0 PREEMPT(full) [ 399.035461][T11442] Tainted: [L]=SOFTLOCKUP [ 399.035469][T11442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 399.035485][T11442] Call Trace: [ 399.035492][T11442] [ 399.035501][T11442] dump_stack_lvl+0x100/0x190 [ 399.035546][T11442] should_fail_ex.cold+0x5/0xa [ 399.035605][T11442] get_futex_key+0x1d2/0x1510 [ 399.035648][T11442] ? __pfx_get_futex_key+0x10/0x10 [ 399.035686][T11442] ? futex_hash+0x2ad/0x370 [ 399.035732][T11442] futex_wake+0xea/0x530 [ 399.035760][T11442] ? __might_fault+0xc5/0x140 [ 399.035801][T11442] ? __pfx_futex_wake+0x10/0x10 [ 399.035834][T11442] ? _copy_from_user+0x59/0xd0 [ 399.035869][T11442] ? post_copy_siginfo_from_user.isra.0+0x227/0x300 [ 399.035915][T11442] do_futex+0x32b/0x350 [ 399.035940][T11442] ? __pfx_do_futex+0x10/0x10 [ 399.035972][T11442] __x64_sys_futex+0x34f/0x4d0 [ 399.035997][T11442] ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10 [ 399.036037][T11442] ? __pfx___x64_sys_futex+0x10/0x10 [ 399.036066][T11442] ? rcu_is_watching+0x12/0xc0 [ 399.036098][T11442] do_syscall_64+0x115/0x840 [ 399.036133][T11442] ? clear_bhb_loop+0x40/0x90 [ 399.036163][T11442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.036187][T11442] RIP: 0033:0x7f723939ce59 [ 399.036211][T11442] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 399.036235][T11442] RSP: 002b:00007f723a31a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 399.036258][T11442] RAX: ffffffffffffffda RBX: 00007f7239615fa8 RCX: 00007f723939ce59 [ 399.036274][T11442] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7239615fac [ 399.036292][T11442] RBP: 00007f7239615fa0 R08: 0000000000000001 R09: 0000000000000000 [ 399.036306][T11442] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 399.036321][T11442] R13: 00007f7239616038 R14: 00007fff48164070 R15: 00007fff48164158 [ 399.036351][T11442] [ 401.061076][T11463] FAULT_INJECTION: forcing a failure. [ 401.061076][T11463] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 401.156890][T11463] CPU: 0 UID: 0 PID: 11463 Comm: syz.0.1210 Tainted: G L syzkaller #0 PREEMPT(full) [ 401.156928][T11463] Tainted: [L]=SOFTLOCKUP [ 401.156937][T11463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 401.156952][T11463] Call Trace: [ 401.156961][T11463] [ 401.156977][T11463] dump_stack_lvl+0x100/0x190 [ 401.157026][T11463] should_fail_ex.cold+0x5/0xa [ 401.157053][T11463] ? prepare_alloc_pages+0x16d/0x5f0 [ 401.157089][T11463] should_fail_alloc_page+0xeb/0x140 [ 401.157120][T11463] prepare_alloc_pages+0x1f0/0x5f0 [ 401.157158][T11463] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 401.157215][T11463] ? stack_trace_save+0x8e/0xc0 [ 401.157249][T11463] ? __pfx_stack_trace_save+0x10/0x10 [ 401.157283][T11463] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 401.157331][T11463] ? kasan_save_stack+0x3f/0x50 [ 401.157355][T11463] ? kasan_save_stack+0x30/0x50 [ 401.157377][T11463] ? kasan_save_track+0x14/0x30 [ 401.157401][T11463] ? __kasan_kmalloc+0xaa/0xb0 [ 401.157424][T11463] ? mon_bin_open+0x1a8/0x470 [ 401.157525][T11463] ? chrdev_open+0x234/0x6a0 [ 401.157567][T11463] ? __x64_sys_openat+0x12d/0x210 [ 401.157607][T11463] ? do_syscall_64+0x115/0x840 [ 401.157644][T11463] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.157677][T11463] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 401.157714][T11463] ? policy_nodemask+0xed/0x4f0 [ 401.157751][T11463] alloc_pages_mpol+0x1fb/0x540 [ 401.157782][T11463] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 401.157820][T11463] alloc_pages_noprof+0x1a/0x160 [ 401.157855][T11463] get_zeroed_page_noprof+0x18/0xb0 [ 401.157887][T11463] mon_alloc_buff+0xce/0x1b0 [ 401.157913][T11463] ? kasan_save_track+0x14/0x30 [ 401.157951][T11463] mon_bin_open+0x207/0x470 [ 401.157983][T11463] ? __pfx_mon_bin_open+0x10/0x10 [ 401.158009][T11463] chrdev_open+0x234/0x6a0 [ 401.158039][T11463] ? __pfx_chrdev_open+0x10/0x10 [ 401.158069][T11463] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 401.158113][T11463] do_dentry_open+0x6ab/0x14d0 [ 401.158140][T11463] ? __pfx_chrdev_open+0x10/0x10 [ 401.158174][T11463] vfs_open+0x82/0x3f0 [ 401.158211][T11463] path_openat+0x208c/0x31a0 [ 401.158249][T11463] ? __pfx_path_openat+0x10/0x10 [ 401.158287][T11463] do_file_open+0x20e/0x430 [ 401.158318][T11463] ? __pfx_do_file_open+0x10/0x10 [ 401.158366][T11463] ? alloc_fd+0x476/0x790 [ 401.158400][T11463] ? do_getname+0x191/0x390 [ 401.158436][T11463] do_sys_openat2+0x10d/0x1e0 [ 401.158471][T11463] ? __pfx_do_sys_openat2+0x10/0x10 [ 401.158508][T11463] ? __fget_files+0x21f/0x3d0 [ 401.158540][T11463] __x64_sys_openat+0x12d/0x210 [ 401.158577][T11463] ? __pfx___x64_sys_openat+0x10/0x10 [ 401.158618][T11463] ? rcu_is_watching+0x12/0xc0 [ 401.158647][T11463] do_syscall_64+0x115/0x840 [ 401.158679][T11463] ? clear_bhb_loop+0x40/0x90 [ 401.158706][T11463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.158729][T11463] RIP: 0033:0x7f49c039ce59 [ 401.158747][T11463] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 401.158770][T11463] RSP: 002b:00007f49c118e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 401.158792][T11463] RAX: ffffffffffffffda RBX: 00007f49c0615fa0 RCX: 00007f49c039ce59 [ 401.158807][T11463] RDX: 0000000000004000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 401.158821][T11463] RBP: 00007f49c0432d6f R08: 0000000000000000 R09: 0000000000000000 [ 401.158835][T11463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 401.158848][T11463] R13: 00007f49c0616038 R14: 00007f49c0615fa0 R15: 00007fff4d96c748 [ 401.158876][T11463] [ 403.014571][T11483] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 403.106179][T11483] PCI: Can't parse resource_alignment parameter: eC/OVGDf8=ֶ2|:ht3 [ 405.370820][T11462] Process accounting paused [ 405.778041][T11527] FAULT_INJECTION: forcing a failure. [ 405.778041][T11527] name failslab, interval 1, probability 0, space 0, times 0 [ 405.862752][T11527] CPU: 0 UID: 0 PID: 11527 Comm: syz.3.1223 Tainted: G L syzkaller #0 PREEMPT(full) [ 405.862788][T11527] Tainted: [L]=SOFTLOCKUP [ 405.862796][T11527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 405.862810][T11527] Call Trace: [ 405.862817][T11527] [ 405.862826][T11527] dump_stack_lvl+0x100/0x190 [ 405.862869][T11527] should_fail_ex.cold+0x5/0xa [ 405.862896][T11527] ? process_vm_rw_core.constprop.0+0x1d7/0x950 [ 405.862921][T11527] should_failslab+0xc2/0x120 [ 405.862947][T11527] __kmalloc_noprof+0xe0/0x850 [ 405.862983][T11527] ? find_held_lock+0x2b/0x80 [ 405.863015][T11527] process_vm_rw_core.constprop.0+0x1d7/0x950 [ 405.863042][T11527] ? futex_unqueue+0x13d/0x2c0 [ 405.863072][T11527] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 405.863098][T11527] ? iovec_from_user+0xda/0x140 [ 405.863142][T11527] ? iovec_from_user+0xda/0x140 [ 405.863176][T11527] process_vm_rw+0x226/0x2d0 [ 405.863201][T11527] ? __pfx_process_vm_rw+0x10/0x10 [ 405.863250][T11527] ? msgctl_stat+0x543/0x780 [ 405.863357][T11527] ? __pfx_ksys_msgctl.constprop.0+0x10/0x10 [ 405.863417][T11527] ? xfd_validate_state+0x129/0x190 [ 405.863438][T11527] ? __task_pid_nr_ns+0x1ca/0x510 [ 405.863476][T11527] __x64_sys_process_vm_writev+0xe2/0x1c0 [ 405.863507][T11527] ? do_syscall_64+0x90/0x840 [ 405.863540][T11527] ? lockdep_hardirqs_on+0x78/0x100 [ 405.863572][T11527] do_syscall_64+0x115/0x840 [ 405.863604][T11527] ? clear_bhb_loop+0x40/0x90 [ 405.863631][T11527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 405.863654][T11527] RIP: 0033:0x7f723939ce59 [ 405.863671][T11527] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 405.863694][T11527] RSP: 002b:00007f723a2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 405.863715][T11527] RAX: ffffffffffffffda RBX: 00007f7239616090 RCX: 00007f723939ce59 [ 405.863730][T11527] RDX: 0000000000000003 RSI: 0000200000002980 RDI: 0000000000000454 [ 405.863744][T11527] RBP: 00007f7239432d6f R08: 0000000000000004 R09: 0000000000000000 [ 405.863757][T11527] R10: 0000200000002a40 R11: 0000000000000246 R12: 0000000000000000 [ 405.863771][T11527] R13: 00007f7239616128 R14: 00007f7239616090 R15: 00007fff48164158 [ 405.863799][T11527] [ 406.761634][T11538] FAULT_INJECTION: forcing a failure. [ 406.761634][T11538] name failslab, interval 1, probability 0, space 0, times 0 [ 406.800417][T11538] CPU: 0 UID: 0 PID: 11538 Comm: syz.0.1225 Tainted: G L syzkaller #0 PREEMPT(full) [ 406.800457][T11538] Tainted: [L]=SOFTLOCKUP [ 406.800465][T11538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 406.800480][T11538] Call Trace: [ 406.800488][T11538] [ 406.800497][T11538] dump_stack_lvl+0x100/0x190 [ 406.800544][T11538] should_fail_ex.cold+0x5/0xa [ 406.800575][T11538] should_failslab+0xc2/0x120 [ 406.800605][T11538] __kmalloc_cache_noprof+0x7a/0x6f0 [ 406.800641][T11538] ? vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 406.800778][T11538] vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 406.800821][T11538] vidtv_mux_init+0x8a6/0xbf0 [ 406.800865][T11538] vidtv_start_feed+0x34e/0x500 [ 406.800892][T11538] ? __pfx_vidtv_start_feed+0x10/0x10 [ 406.800920][T11538] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 406.800963][T11538] dmx_section_feed_start_filtering+0x3a8/0x660 [ 406.801031][T11538] dvb_dmxdev_filter_start+0x767/0xdd0 [ 406.801077][T11538] dvb_demux_do_ioctl+0xe64/0x1200 [ 406.801114][T11538] dvb_usercopy+0x167/0x340 [ 406.801199][T11538] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 406.801228][T11538] ? __pfx_dvb_usercopy+0x10/0x10 [ 406.801281][T11538] ? __fget_files+0x21f/0x3d0 [ 406.801317][T11538] dvb_demux_ioctl+0x29/0x40 [ 406.801340][T11538] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 406.801364][T11538] __x64_sys_ioctl+0x18e/0x210 [ 406.801391][T11538] do_syscall_64+0x115/0x840 [ 406.801437][T11538] ? clear_bhb_loop+0x40/0x90 [ 406.801469][T11538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.801495][T11538] RIP: 0033:0x7f49c039ce59 [ 406.801515][T11538] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 406.801540][T11538] RSP: 002b:00007f49be5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 406.801564][T11538] RAX: ffffffffffffffda RBX: 00007f49c0616090 RCX: 00007f49c039ce59 [ 406.801581][T11538] RDX: 0000000000000000 RSI: 00000000403c6f2b RDI: 000000000000000a [ 406.801596][T11538] RBP: 00007f49c0432d6f R08: 0000000000000000 R09: 0000000000000000 [ 406.801612][T11538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 406.801626][T11538] R13: 00007f49c0616128 R14: 00007f49c0616090 R15: 00007fff4d96c748 [ 406.801659][T11538] [ 406.801836][ T808] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 407.040625][ T808] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 407.049061][ T808] CPU: 0 UID: 0 PID: 808 Comm: kworker/0:2 Tainted: G L syzkaller #0 PREEMPT(full) [ 407.059955][ T808] Tainted: [L]=SOFTLOCKUP [ 407.064289][ T808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 407.074352][ T808] Workqueue: events vidtv_mux_tick [ 407.079505][ T808] RIP: 0010:vidtv_psi_ts_psi_write_into+0x4bb/0xb40 [ 407.086110][ T808] Code: db d9 d7 f9 4d 8d 65 20 4c 89 e0 48 c1 e8 03 80 3c 18 00 0f 85 fe 04 00 00 49 8b 45 20 48 89 c2 48 89 c1 48 c1 ea 03 83 e1 07 <0f> b6 14 1a 38 ca 7f 08 84 d2 0f 85 c6 04 00 00 0f b6 10 48 8b 7c [ 407.105744][ T808] RSP: 0018:ffffc900048ff3f0 EFLAGS: 00010202 [ 407.111827][ T808] RAX: 0000000000000002 RBX: dffffc0000000000 RCX: 0000000000000002 [ 407.119816][ T808] RDX: 0000000000000000 RSI: ffffffff88302385 RDI: ffff888026d03e00 [ 407.127797][ T808] RBP: 0000000000000008 R08: 0000000000000005 R09: 0000000000000000 [ 407.135791][ T808] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc900048ff690 [ 407.143787][ T808] R13: ffffc900048ff670 R14: 0000000000000178 R15: 0000000000000000 [ 407.151764][ T808] FS: 0000000000000000(0000) GS:ffff88812438e000(0000) knlGS:0000000000000000 [ 407.160718][ T808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 407.167329][ T808] CR2: 0000001b34ef0ff8 CR3: 000000007beac000 CR4: 00000000003526f0 [ 407.175316][ T808] Call Trace: [ 407.178601][ T808] [ 407.181550][ T808] ? __pfx_vidtv_psi_ts_psi_write_into+0x10/0x10 [ 407.187905][ T808] vidtv_psi_pmt_write_into+0x3b2/0xa70 [ 407.193485][ T808] ? __pfx_vidtv_psi_pmt_write_into+0x10/0x10 [ 407.199579][ T808] ? vidtv_psi_pat_write_into+0x56a/0x690 [ 407.205329][ T808] ? __pfx_vidtv_psi_pat_write_into+0x10/0x10 [ 407.211439][ T808] ? unwind_next_frame+0x3be/0x2090 [ 407.216683][ T808] ? unwind_next_frame+0x3be/0x2090 [ 407.221901][ T808] ? unwind_next_frame+0x3c8/0x2090 [ 407.227113][ T808] ? ret_from_fork_asm+0x1a/0x30 [ 407.232089][ T808] vidtv_mux_push_si+0x932/0xe80 [ 407.237328][ T808] ? __pfx_vidtv_mux_push_si+0x10/0x10 [ 407.242826][ T808] ? kfree_skbmem+0x19a/0x210 [ 407.247596][ T808] ? vidtv_memset+0x50/0x90 [ 407.252114][ T808] ? vidtv_ts_pcr_write_into+0x45b/0x650 [ 407.257875][ T808] ? rcu_is_watching+0x12/0xc0 [ 407.262671][ T808] ? find_held_lock+0x2b/0x80 [ 407.267372][ T808] ? clockevents_program_event+0x23e/0x820 [ 407.273204][ T808] vidtv_mux_tick+0xe93/0x1460 [ 407.277998][ T808] ? ktime_get+0x9f/0x320 [ 407.282357][ T808] ? lapic_next_event+0x10/0x20 [ 407.287252][ T808] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 407.292488][ T808] ? irqentry_exit+0x24d/0x970 [ 407.297293][ T808] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 407.302563][ T808] ? process_one_work+0x129c/0x1980 [ 407.307785][ T808] ? process_one_work+0x9e5/0x1980 [ 407.312917][ T808] process_one_work+0xa0e/0x1980 [ 407.317875][ T808] ? __pfx_process_one_work+0x10/0x10 [ 407.323270][ T808] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 407.328498][ T808] worker_thread+0x5ef/0xe50 [ 407.333099][ T808] ? __pfx_worker_thread+0x10/0x10 [ 407.338222][ T808] ? kthread+0x13a/0x450 [ 407.342482][ T808] ? __pfx_worker_thread+0x10/0x10 [ 407.347601][ T808] kthread+0x370/0x450 [ 407.351687][ T808] ? __pfx_kthread+0x10/0x10 [ 407.356292][ T808] ret_from_fork+0x72b/0xd50 [ 407.360893][ T808] ? __pfx_ret_from_fork+0x10/0x10 [ 407.366026][ T808] ? __switch_to+0x800/0x1100 [ 407.370752][ T808] ? __switch_to_asm+0x39/0x70 [ 407.375526][ T808] ? __pfx_kthread+0x10/0x10 [ 407.380139][ T808] ret_from_fork_asm+0x1a/0x30 [ 407.384925][ T808] [ 407.387957][ T808] Modules linked in: [ 407.392735][ T808] ---[ end trace 0000000000000000 ]--- [ 407.435434][T11529] FAULT_INJECTION: forcing a failure. [ 407.435434][T11529] name fail_futex, interval 1, probability 0, space 0, times 0 [ 407.464819][T11529] CPU: 0 UID: 0 PID: 11529 Comm: syz.3.1223 Tainted: G D L syzkaller #0 PREEMPT(full) [ 407.464860][T11529] Tainted: [D]=DIE, [L]=SOFTLOCKUP [ 407.464869][T11529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 407.464885][T11529] Call Trace: [ 407.464893][T11529] [ 407.464901][T11529] dump_stack_lvl+0x100/0x190 [ 407.464947][T11529] should_fail_ex.cold+0x5/0xa [ 407.464975][T11529] get_futex_key+0x1d2/0x1510 [ 407.465017][T11529] ? __pfx_get_futex_key+0x10/0x10 [ 407.465056][T11529] ? is_bpf_text_address+0x94/0x1a0 [ 407.465115][T11529] ? kernel_text_address+0x8d/0x100 [ 407.465139][T11529] ? __kernel_text_address+0xd/0x30 [ 407.465164][T11529] futex_wait_setup+0x83/0x510 [ 407.465198][T11529] __futex_wait+0x19f/0x300 [ 407.465229][T11529] ? __pfx___futex_wait+0x10/0x10 [ 407.465258][T11529] ? trace_irq_enable.constprop.0+0x11e/0x160 [ 407.465305][T11529] ? __pfx_futex_wake_mark+0x10/0x10 [ 407.465337][T11529] ? do_raw_spin_lock+0x128/0x260 [ 407.465369][T11529] ? futex_wake+0x456/0x530 [ 407.465397][T11529] ? rcu_is_watching+0x12/0xc0 [ 407.465427][T11529] futex_wait+0xe6/0x370 [ 407.465459][T11529] ? __pfx_futex_wait+0x10/0x10 [ 407.465496][T11529] do_futex+0x1ef/0x350 [ 407.465520][T11529] ? __pfx_do_futex+0x10/0x10 [ 407.465544][T11529] ? __pfx___might_resched+0x10/0x10 [ 407.465573][T11529] ? blkcg_maybe_throttle_current+0x5e8/0xeb0 [ 407.465684][T11529] ? cleanup_mnt+0x263/0x450 [ 407.465711][T11529] __x64_sys_futex+0x34f/0x4d0 [ 407.465738][T11529] ? __pfx___x64_sys_futex+0x10/0x10 [ 407.465762][T11529] ? exit_to_user_mode_loop+0xf3/0x670 [ 407.465805][T11529] ? rcu_is_watching+0x12/0xc0 [ 407.465834][T11529] do_syscall_64+0x115/0x840 [ 407.465869][T11529] ? clear_bhb_loop+0x40/0x90 [ 407.465897][T11529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.465922][T11529] RIP: 0033:0x7f723939ce59 [ 407.465941][T11529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 407.465965][T11529] RSP: 002b:00007f723a2d80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 407.465988][T11529] RAX: ffffffffffffffda RBX: 00007f7239616188 RCX: 00007f723939ce59 [ 407.466004][T11529] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7239616188 [ 407.466019][T11529] RBP: 00007f7239616180 R08: 0000000000000000 R09: 0000000000000000 [ 407.466034][T11529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 407.466049][T11529] R13: 00007f7239616218 R14: 00007fff48164070 R15: 00007fff48164158 [ 407.466072][T11529] [ 407.772876][T11517] kexec: Could not allocate control_code_buffer [ 407.997446][ T808] RIP: 0010:vidtv_psi_ts_psi_write_into+0x4bb/0xb40 [ 408.009590][ T808] Code: db d9 d7 f9 4d 8d 65 20 4c 89 e0 48 c1 e8 03 80 3c 18 00 0f 85 fe 04 00 00 49 8b 45 20 48 89 c2 48 89 c1 48 c1 ea 03 83 e1 07 <0f> b6 14 1a 38 ca 7f 08 84 d2 0f 85 c6 04 00 00 0f b6 10 48 8b 7c [ 408.029739][ T808] RSP: 0018:ffffc900048ff3f0 EFLAGS: 00010202 [ 408.044028][ T808] RAX: 0000000000000002 RBX: dffffc0000000000 RCX: 0000000000000002 [ 408.057713][ T808] RDX: 0000000000000000 RSI: ffffffff88302385 RDI: ffff888026d03e00 [ 408.066055][ T808] RBP: 0000000000000008 R08: 0000000000000005 R09: 0000000000000000 [ 408.085604][ T808] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc900048ff690 [ 408.099822][ T808] R13: ffffc900048ff670 R14: 0000000000000178 R15: 0000000000000000 [ 408.108258][ T808] FS: 0000000000000000(0000) GS:ffff88812438e000(0000) knlGS:0000000000000000 [ 408.182580][ T808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 408.196119][ T808] CR2: 0000001b34fb1ff8 CR3: 000000002f6b0000 CR4: 00000000003526f0 [ 408.204518][ T808] Kernel panic - not syncing: Fatal exception [ 408.210650][ T808] Kernel Offset: disabled [ 408.214980][ T808] Rebooting in 86400 seconds..