last executing test programs: 1m57.90550131s ago: executing program 1 (id=354): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x800000000040eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680), 0x0) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003180), r2) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000000000)={0x18, r3, 0x301, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x9, 0x6, 0x3ff, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0x8f, 0x29f, 0x100, 0x83, 0x6, 0xc, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x5, 0x4, 0xa) 1m55.336599421s ago: executing program 1 (id=364): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x18, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_PBSS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x14}, 0x10) r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000600)={0x1c, r2, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x14) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x83, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) 1m55.021639035s ago: executing program 1 (id=366): r0 = prctl$auto_PR_SCHED_CORE_GET(0x4, 0x0, 0x0, 0x2400000000004, 0x8000003) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x0, 0x1, 0x106) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000000)=@ethernet={0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x54) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) r1 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$auto(0x3, 0x0, 0x8) read$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0xcfd) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_DEL_RADIO(r2, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000480)={0x2c, r3, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@HWSIM_ATTR_RADIO_NAME={0x16, 0x11, '/dev/snd/midiC2D0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000010) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4ecec3e55f29319e}, 0x40) write$auto(0xca, 0x0, 0x2b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/pcrypt/pdecrypt/serial_cpumask\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40008c5) 1m54.34746933s ago: executing program 1 (id=368): mmap$auto(0x0, 0x800000000020009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x82, 0x6, 0x6, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x0, 0x400005, 0x100000005}}) io_uring_enter$auto(r1, 0x9, 0x820e, 0x6, 0x0, 0x18) ioctl$auto_EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x8, r0, 0x2, 0x5, 0x1, 0x2}) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x40001, 0x0, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x2, 0x88) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x8, 0xfc, r2, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x40000000000005, 0xffffffffffffffff, 0x0, 0x1}, 0x4) r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) getsockopt$auto_SO_RCVMARK(r6, 0x0, 0x4b, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r7, 0x0, 0x800007, 0x9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) 1m53.315731024s ago: executing program 1 (id=371): r0 = openat$auto_mon_fops_stat_usb_mon(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/usb/usbmon/31s\x00', 0x0, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) (rerun: 32) io_uring_setup$auto(0x3, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) r1 = getpid() (async) r2 = gettid() rt_tgsigqueueinfo$auto(r1, r2, 0xffffffff, 0x0) ppoll$auto(&(0x7f0000000100)={0xffffffffffffffff, 0x690, 0xffa1}, 0x5, 0x0, &(0x7f0000000140)={0x4}, 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r3) (async, rerun: 64) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001a80)={'wg2\x00', 0x0}) (async, rerun: 64) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r3) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r3, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000001ac0)={0x24, r5, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0x4, 0x2, 0x0, 0x1, [@generic]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040000}, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (rerun: 32) read$auto_mon_fops_stat_usb_mon(r0, 0x0, 0x0) 1m52.386653676s ago: executing program 1 (id=375): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x400000002, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xf, 0x6, 0x3a) connect$auto(0x3, &(0x7f0000000000)=@hci={0x1f, 0x2, 0x4}, 0x7) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000001) close_range$auto(0x2, r1, 0xd7c) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/printk_devkmsg\x00', 0x202, 0x0) sendfile$auto(r3, r3, 0x0, 0x7fffe000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x119902, 0x0) sendfile$auto(r4, r4, 0x0, 0x2) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xffd8) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, 0x0, 0x0) syz_clone3(0x0, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x4005, 0x4, 0xa) 1m37.040516076s ago: executing program 32 (id=375): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x400000002, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xf, 0x6, 0x3a) connect$auto(0x3, &(0x7f0000000000)=@hci={0x1f, 0x2, 0x4}, 0x7) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000001) close_range$auto(0x2, r1, 0xd7c) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/printk_devkmsg\x00', 0x202, 0x0) sendfile$auto(r3, r3, 0x0, 0x7fffe000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x119902, 0x0) sendfile$auto(r4, r4, 0x0, 0x2) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xffd8) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, 0x0, 0x0) syz_clone3(0x0, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x4005, 0x4, 0xa) 11.100442086s ago: executing program 2 (id=683): socket(0xa, 0x3, 0x3b) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) quotactl$auto(0x9, 0x0, 0x62a0, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0xe31, 0x40000000000a5, 0x8000) syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000100), 0xffffffffffffffff) socketpair$auto(0x2, 0x80, 0xfffffffc, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SG_NEXT_CMD_LEN(0xffffffffffffffff, 0x2283, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) epoll_create$auto(0x3ff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sda\x00', 0xa0102, 0x0) ioctl$auto_IOC_PR_RELEASE(r0, 0x401070ca, 0x0) madvise$auto(0x0, 0x2003f0, 0x17) 10.183116239s ago: executing program 4 (id=685): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) eventfd$auto(0x80) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) madvise$auto(0xfffffffffffffffa, 0x9, 0x19) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) mmap$auto(0x2, 0x1, 0x4000000000df, 0x78, r1, 0x300000000000) socket(0x1d, 0x3, 0x1) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xb, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x3624239c, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) unshare$auto(0x40000080) bpf$auto_BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)=@bpf_attr_7={@map_id=0x8001, 0xffffc1b3, 0x5}, 0x6) prctl$auto(0x1d, 0xfffffffffffffffb, 0x8, 0x10000005, 0xfffffffffffffff9) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, &(0x7f00000000c0)={0x225c17d03}, 0x0, 0x5) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/default/ignore_routes_with_linkdown\x00', 0x42a81, 0x0) pwrite64$auto(r4, &(0x7f0000000000)='/proc/sys/net/ipv6/coX\t/all/forwarding\x00', 0x1, 0x2) 9.898783356s ago: executing program 2 (id=686): socket(0x11, 0x3, 0xe) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc0803, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280), 0x1) clone$auto(0x20003b48, 0x2, 0x0, 0x0, 0x5) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0xc, 0x2000000000940, 0x1ffde, 0x7, 0x4, 0x3fe, 0x9, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x407, 0x5, 0x8000000007, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf3, 0x200, 0xfffffffc, 0x0, 0x1, 0x0, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000000004, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x47e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe3a]}, 0x400, 0x81) socket(0x10, 0x2, 0x0) r0 = socket(0xa, 0x3, 0x3c) write$auto(r0, &(0x7f00000003c0)='+&\x00', 0x273f) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='p\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24048040}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x406a) io_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0xb, 0x0, 0x8) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1441, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0x151d, &(0x7f0000004c40)) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r3 = getpgrp(0xffffffffffffffff) shmctl$auto_SHM_UNLOCK(0x1000, 0xc, &(0x7f0000000540)={{0xc24, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x8}, 0xffff38de, 0x4, 0x5, 0xffff, @inferred=r3, @raw=0xa, 0x8, 0x0, &(0x7f0000000480), &(0x7f00000004c0)="600af194a15f71bbddf8e8a1e2e0544417c98f5fbce52fb526da5a1521803779a54c11c5852849dd3d930b79621646edc954c568923c3859e1c63789ccb8f6d7b0ef1db121572d64ed7f1a54259478238f1a7840c731a44b7f9432606041f7736b"}) shmctl$auto_SHM_INFO(0x8, 0xe, &(0x7f0000000680)={{0x5, 0xee01, 0xffffffffffffffff, 0x2, 0x800, 0x1, 0x8}, 0x6, 0x6, 0x2, 0x10000, @raw=0x5, @inferred, 0xffff, 0x0, &(0x7f00000005c0)="59f3848d6c60d42e8f598e731d3ed4d3adc4f4bffb6313735ea0210b23c026", &(0x7f0000000600)="73d70e2005e6046a93ee67edbc4932ceae2cb2cab52639bfdeaeb26cf4d5aa136a564c19a7035b385db1b9708a3bb62e2a38b2f10422674d81670e8012cad8e73ad65aea446ab9644703a5ffa934cfdcb48e2e35ebcaa245ba1e0a67d79c36cfcec855610e70505d4260f8d38089"}) ptrace$auto(0x10, 0x0, 0x2, 0x1007ff) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000008c0)={"63162e8af87a39116a5e8f0fa34b77a209e5ba1f9fc3b0aa055fea47d80db364", 0x401, 0x31f8ef74, 0xdad, 0x7, 0xc1, 0xffffffffffffffff}) getpid() process_vm_readv$auto(0x0, &(0x7f0000000100)={0x0, 0xfff}, 0x7ffffffff, &(0x7f0000000280)={&(0x7f0000000080), 0x1fffffffe}, 0x95, 0x800) read$auto_hwsim_fops_rx_rssi_(0xffffffffffffffff, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) 8.766698634s ago: executing program 2 (id=690): unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) pidfd_open$auto(0x0, 0xfffffffe) socket(0x23, 0x1, 0x0) setresuid$auto(0x0, 0x0, 0x0) socket(0x1a, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) r0 = pipe$auto(&(0x7f0000000040)=0xffffffffffffffff) tee$auto(r1, r0, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20005, 0x1000000000000df, 0xeb1, r1, 0x8000) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0x2b, 0x1, 0x1) io_uring_setup$auto(0x8d, 0x0) io_uring_register$auto(r2, 0x2, &(0x7f00000000c0), 0x1) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) socket(0x2, 0x1, 0x0) accept$auto(0x3, 0x0, 0x0) 6.342441753s ago: executing program 4 (id=695): openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) unshare$auto(0x40000080) prctl$auto_PR_SCHED_CORE_SHARE_TO(0x7, 0x2, 0xffffffffffffffff, 0x6, 0x3) socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x1813, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8740, 0x0) poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400) ioctl$auto(r2, 0x5100, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x2a, 0x2, 0x1) io_uring_register$auto_IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, 0x0, 0x3) connect$auto(r3, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000340), 0xe8040, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1) close_range$auto(0x2, 0x8, 0x0) readv$auto(r1, &(0x7f0000000100)={&(0x7f0000000140)="38f0457c6dad8a362e9df323855255fad8d518ebacaa797c82e418c86758994beb7b0ad43b7760fb24d765a65abca7d7849463cc89795516ea3a5e72b10c47d0bb95e6a3cb5bf8a615c2d3", 0xffffffffffffff18}, 0x9d08) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, 0x0, 0x54) getsockopt$auto(0xffffffffffffffff, 0x84, 0x76, 0x0, &(0x7f00000002c0)=0x1000c0) 5.989768857s ago: executing program 2 (id=696): r0 = openat$auto_fops_atomic_t_ro_(0xffffffffffffff9c, &(0x7f00000012c0), 0x201, 0x0) keyctl$auto_KEYCTL_WATCH_KEY(0x20, 0x3, r0, 0x3, 0x8) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440)="1100000007000000000000000000000001", 0x11) ioctl$auto_XFS_IOC_FD_TO_HANDLE(r2, 0xc038586a, &(0x7f00000011c0)={r1, &(0x7f0000000080)="1554489b0795706c4fbcb2a0b01a6c1d4baa961e449a90cfc33a32f4181647c3a05d5a43915573392cbac507b113a9bd76fdbbe5a6b92b5409c8980d16456d85302dee4438d1ad4230fa07068ab9ec19c92696e7c00031c68aeb16eeb3eae1c7ebf653b76c9d8d6da9a7d123689cca41e20a6d55cc5ca183538013866f84767be978aa2123eb13918fd755de2c", 0x4, &(0x7f0000000140)="a9f096fb84ca1eea2b28ed451945ae542a16ff43e067c2b0dd2cc20f39978dbacb45f34a5aa3f10608a0093acbbf785acb8893dafd848d53b4cb910f5ee530dd52eeda03bae8b49f34d1aa163c832b3f173d528590d7d595fcdee9d39b62caae68c1a436fc42dcd52430c9ae11d154ffd37c593b359dbe1c28bd1e47911bb8857b37524bee0303af31f4666bec3e2e967b771477121cbfd963c7db6ef0a1179fb6d0dfe4eb780e9312a6b78c22ea5067ed042845663e7694bf3e285811d10a88244ff46eb7b65791ff20cf41e55792f94e8f9decaf958bb0c04293562ea60a3b77087a2f4e016383a74b81749927fe6fec51a30f93ee216a8a2a77743d10f18565639c80dcd27cc73401a5894b7a37c3c0a7d45c94f87a709e39730b1e309a2191a4f4a4e2636fbc73c2d52b3f8636f093ac77cb65178c6ea0184ac5aa0cfe44750f2079ea835ca56f673f8d589db92a28c475d5e3b56b61aa7b65f8f6e277da48118d151cde520618b06b096b49526408ae69adebb6cb9d8e72dd1646b42a0e512c23dc8f4b8cf90885c7fd33e4e0e0adf9be4a2557b41b9efc8babd6db660b4ed486dba9e8247ba7a5f09ff084a99178924ffed5250687d326ef8672a895e1f011b55649abb1623773cb3dad596d111e95bc442b6a5608ac6b3d1beb7b75d694de5e6027e18aa4c6070633b388ea9c90eb41a7ea140914975009f772550ca52918a5add72bfb38b0f8b0a8a12c55295713a6cc7ae4d80781201b6eafe262f8c4f16d5f47abe62d5a7f005f0271e707bf1f129d4cb486d8583e03b835addb024c3430cb4c799efbf31793343d552e222f89a0af504061887f25891d61de41631abec0faa0019f968a98c07f3ea537a1f048556e7cde8f2f33dbbfa4a1f9031da9fcf9c450ddbcd43d97ada8d6bf0ff597e40721611d9f40c59a9525e264c232cf87fd7933daf6e9ec4912c82f021b7e49a15917b37e7d215991798c02ba3311531cc94c41b1fb2bb89dd50157c7a8685e4a4cebf408c7d91f56bb5c5865dee94971e1aa482e1988fc13d6295a1911f04ea855717de6bbee6ca275f6d5ca27a06d70d02d1ff9a71bbb4edd2be2c3bcfaa9515e0cec4ec0bb77d850c279acb479794b815d83d276d828506200c542dcb08761de1cf4d35ba770eed52e060dad5e0f394e609faf372e23dab39cdf341cc853f043c3b96ee428266b8bd0452fda9485cc097d82cd07958924aed49799a2020aef1a55f21a723dcffda4deafd8c6c946e4ed37d1ec9b03f10906ff2bd7e996ca21c75fdbdc4b5dec885c57b5d4038504b75ef1a4bdc20ea80427edc39c8feaf7455de12e9e3ba064524109aba6dc638fd7b676f6058496d1c59ae5d5541f3bbfbdc9b4030c4e899d95b41bb682d6fa958226dc368001d05fe753ee4139468ce208bb0602fc4ab88487bfad05c02560c5d584fe59a26163935c41667a7e5c9f33bd6fa65226807b42aad550d477a4ac0b5fa8a7b79db0f72f4315fd1ce7bdd30f3690acc7d9da2243656b4d7b3b18718fe5c205fe7f7822ae762189b7f0a93e4a50e13875a8c4cf7e2dd125f2ecd945e1f99e1beeb4a79421d7142dfc9a5831a72b9983625ad588b6a4935eb7fa9166f4784e6200d948cdbdcf5da65097e086e8588239eb58c4f441f5c13bac07d936cbfaec13d879d83f747fbd9aace4f7330ea566af3206464234312189cc05ffaaa9b73ffde3ce34c53924d27faee248ccace44533558534b771916a3bded972c838b9811a91c0e08c204a3e8adac5776dde9ca388f9d5c1c66af40d3653036c1614e081eee0f8e636019750eeaf203f6f011eec377dd7c4bbf40de84320ad8fb0bcfc09b0574d52391817ac2c177ddf03f6584b9caf7f77d04eeaa06e63fbd00744f0e0d8dbe061d6361a8fc5678d2c671ae4573febba6de4c4246df654de9117af1b7d01321cc47f1d5c59b4e8aee6839740058a69af701e6d71998ed9b113d27d29891c56d832fdd918a459a194aa19c7d29443365c80b8bb93fe63b3fef5efbf37b922e82386e8cef492a16fc9d02d270fbda682bca2feab005002c987787cff1823e87c399bcf67e206b9236e080a99c30c3218550c04c3dd03825875ac8fb1991c1720f08825c077909512c7703dea00185df6dd1dcc157da2f45fdd4b7c243d8e4846bce46aca92e2d0d2e2ee635b71c1b08d1c994a8943a1fb958b84ce46b795e23c016e96808ef2be983fe94f6d85b10cbca6d6efcfcc3262aeed7774851d34821db04fd6b7a1d9e1a8aa87b30f00f6e3d52598e65ef5c794868cedf13c9ee3b1e24d1d0041058ae775b17ec4d41fc1d028b397062af2ac2e2b8d5bf2e33fe7bd281aa69f61826fb575978523080dd650f630fb766345662094ba0539fe89d793c2ae7e2e2fdd1db5545c3c4040a16f2ecbadf20516a01a848d490eb126c52aac5a2951c3d6bf2e4d9c22b820a8999b864352c25174fb41beb3b5d4fc82e8260d0b6022cad42083531938fb95e734d20770e4e4ca1a82b33d9decfe3b37d714f0d6ce1d924cd2174fd856115a228becc04e8cfe189ceb1caed6d18c971a9b6fa47ec1e2d26f5bc34fddde5830b38cebea6770b9df27ebc9d0980b082208ef9f42cc9d33f73a0e570d27265b551028a52e58df76bacac4d72ce514c09b9491eed7dbbb5c9a7daee376b5c5fbee1028d56189a608110d2a49ab9504623ac0decf181d7aecb01dd61fc3ab0a90524a2edc973c9feaf58901f1d2b0469fc914e9e6b23157073190f20acdadc121201e56c9c34e2f9343539cd47194e573ec5bbda2a14b8f2c10616f54033274cda5f22c50935bcb47be35704d08ffb0f4364931b5f15e764f9b6a1954e2535ece9ccf172b5c698b19de5dd38436510f28bbcca156bb2af7cdb3bfad2323066d19254af47d96ad79cdc8929cd5e0d650d21172457469f9e95c66fba3a43f1ddfdc265b27cd87fa8bc6a5b072dd1bc58a6d09c9cfa30bdaf0967a57b881dc980948f322204c9620ea694874dc02b6eb73a37f929e71ebeb3c49404dad95a90fd3781c0d55417bf37506e5dd1ea97902399442a6a50a1163f73c89a000e8e2ea7f54d0c071eb8cbff469bc7d5038ceb1227f156f7fb1fa478b75a29663e3997c38f9aec90accbcd7ca3d66265887915a9ab25dbe0207ab106b30d449dd84492312aa480b1c8eca54e39557020d9d7f908e66b1e5d9e978ae026aa941a425c2a084d4fc442082ac2259edb2e0d03ae99c5897cc26a6abee0be8ba48bb7a88d9938e4f685c3ccf21681cfce354d931b16c151f3fea75a0d8bffe3da387c1ea71028f707baa0ecbb8bbbb3bd0613c6158f4f2db5e0e8134d9e81d559ac633c5f654c01f553e9cd613f0bfbbb1fd0bf61ec8974580ca361123643d7cb51b8b2cdb0cfccdc50b7f5ebf77ea55e52c695c6c7b9c6a93b77cfac03dd5477541a06e87585b6a47ce919072821cd7647469d181edf3a15cbf5fb4b729f2eba4cad45d60f50c78903e15ad09d9be4640666e90c8ae3dd48d40b8e2a8783464bb150acf3c575589c38593639051197d3efe9289194e854d6a26da35ab444193b32d22d1498a21e0b1e0c270251799f7f4ab3277d6083f4ee8e52ad2b304298b7ea5eb9de7aabd78b623ef6af91e9e2b0de590ec1dbf077aab26ffdd1ab1952c5e53a8dd63263abb116c3b09fca307bc7213d5c9e922f7c5baac60ff2a2f0b57a6eab51fb4b6c28fab763ade9e6502fbb36d4b6a17057c7cebf69458010abd737a5e212efc8be1bc907448ccbe9d32060f52f06c032bdf0d400b7fe858a9d4505088d1a8794b58c3c6ba8503f44b047bf7e81fbc3312c5653416719d6b6318972e1df546698a36e6c37d0cf6d5a2933b5f80cc8a48d4988c0a2faf01984523ff93edfc189f9c2659e1e38134d51d7e1a42dabf84d276eb982f6890a5c6888ea21d3ee7757398a2550ddc1167f59faefd100366f1836b09374f3091bcb8b18d3b8e578fccf40f02ee17f3b2e7a97d4290b1d62c7cf7825d1b37b92b9b7a644e7275eb69d91030694f85c8b4ca32fe46ec2f6cf0286df18deba0eb55b3b7fe0eb0fd163998696df6f309da2e0c22841cbe3776259fbc0d4e8fb5512129e9861f4ab72ef624fea555e5d927c6b6c11e07a1c7548fd29b12ab21a70515208bbddad58ed03c626f929c5ab74ed738a414e5a5b18dea299d6c27b7d147ef5fec12a19e422bad1611f4311aa3d0ed858d2a1ec9943913140e00cfb6b1f98e305a121e4957ebada89744a15d978a8e6f79829b082cfc4a68943c07b9115dde4272ab65f45be34847dc2de03266c1f80327e35ff217870f6963673aff156d91c991e88b52c7e561c7e68fe3997665de9a9676f7cea1fce7577a31e3902ed0d55a5fdde2fda5bca569d44d0b20a1cb1dbbed93e28d7107748327957dd47660fd600e7491fa1a523d39b28fd23ecb635b7bcb50f6035c308e10a1a9bbded934ace2104b0f9a6323140c497a8605b2a5bc1a4788b22d30471a13e30520010bd805e067564b65f46f31f3f9d5cdbc8de20e12c493794de9639a258466585707184e0167af6b8b8f67ac9fe05ffbd22d0c258dc4ee0d540c8d95c51c8e701d103729ee904b9e9928b66810a0f0bd5f2bf9c64dce8c192d9c4757b0d47652e1681772e6194dd3eb91fda5c4b3ecffcd749761d38e76275cdc7ba07c59a1921449d85e6366407b8d0f0dcd79f3994dfd7c2263666b2523ead3946faa9b7e1ceec8266677e0b9768bbc9d1487f4a18bc474b004ab77def825d7644077e0bfe53b893170e4447b36ffcb597de81ccaeb8bb187c8f200bd72a2fe8143c0a5bcc7226f5c20142d598c845bebfc821fa397d3d18b1b565f52dbc171909f0c8fa795bebedd40367f96fb27189a212a444d55a6c9bfa238dfad437bd1e5989fe586c16ea8e396c610d243776323fb04937a5a623136257086836da202b40768ac2eefb1244e350f13e339c58202b2936b71734945d6edea0c97ec65eeb78803224b1164654119510aa862a7fed8a9c74370d10a303f5016fafef284787c274330dba3d11463f64de52f1469888a91b1708bbc35e5365dec8e850a10c72221dc7ac350fef70b53be798a6e7ad6803c06ee3ddcb3785695e0f97bc2a2880606a8c4fb5a9c2252f27756dcd2530920ab1ca5c1f24cfc813598c8a36e4e87dac2e04f56c901f8425159da8b0f3a875f482a5088553d874df7b68b25272e80434377b30234c6a3a6e67b344250817d17fa745a9bc73689dc992dca61236c2f8d1d48c0c221cc07c620b1ad70a85dcd0f1f4a2fb7c48dd1045f611706d5a0a8f2339cad4f593497de1835bc951ed1c516c151e23334a256e0697c97c611690c9d1696998b727f224ab7554058fde0d51fab82d9ef089f477353dde584f54c0a98fe2e2e9bc8d9227e41b7c6658a82ec251b08a32caed0dd3af0bb3cf38420f71e4fad40e1a9cd6d0f24ee372c1e32c62f32c2cc37227cf7bd59214a92b80bc22e31107d401f44cbeb3daf2dcd6754a02dcaba95c4c8cf34832580ed7e39afcfa99c05be37d63b245ae59bd843317d5b5453b57a9d5445235ca9bc7ffe76e3cef709e3a86c771e63eec4d76f01b0e3cb95cb37183ec7a876a8525d592c6828e5be8fda3440d65068fac0dea90160eec6ac763a13ac4dd254cfb9206e1f13a6de11d0c406f6d933e9f1188cbaa38a308ba474534045222bbfb234788898578f61652251f878f1f2809717e81392ee29032dc85ae3ef323b3fc583960383d3cfc56dbf90089a5db083", 0x10000, &(0x7f0000001140)="9d92a988fefa", &(0x7f0000001180)=0x4b6}) getsockopt$auto_SO_RCVTIMEO_OLD(r1, 0x9, 0x14, &(0x7f0000001200)='^-@\x00', &(0x7f0000001240)=0x99f4) timer_create$auto(0x7, &(0x7f0000000000)={@sival_ptr=0x0, @inferred, 0x1, @_tid=0xffffffffffffffff}, &(0x7f0000000040)=0x200) timer_settime$auto(0x0, 0x3b4, &(0x7f0000000040)={{0x0, 0xd3}, {0x200001005, 0x6}}, &(0x7f0000000140)={{0x6, 0x4}, {0x8, 0x800007ff}}) read$auto(r2, 0x0, 0x1) r4 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/hwsim/ps\x00', 0x1102, 0x0) write$auto(r4, 0x0, 0x4000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000001300)='/dev/nbd6\x00', 0x2000, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000001280)='/sys/kernel/debug/ieee80211/phy5/netdev:wlan1/state\x00', 0x20000, 0x0) 5.860727785s ago: executing program 0 (id=697): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xebd, 0xfffffffffffffffa, 0x8000) r1 = socket(0x2, 0x1, 0x106) r2 = getpgid$auto(0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x4040, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) userfaultfd$auto(0x9) close_range$auto(0x2, 0x8, 0x0) r3 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_NFC_CMD_STOP_POLL(r3, &(0x7f0000001100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001080)={&(0x7f0000000040)=ANY=[@ANYBLOB="28100000", @ANYRES16=0x0, @ANYRES16=r0], 0x1028}, 0x1, 0x0, 0x0, 0x20000004}, 0x80) fanotify_init$auto(0x65, 0x2) mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0xffffffffffffffff, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r4, 0x0, 0x400) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xc040, 0x0) r5 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) getsockopt$auto_SO_LOCK_FILTER(r5, 0x5, 0x2c, &(0x7f00000010c0)='/dev/sequencer\x00', &(0x7f0000001140)=0x7fff) ioctl$auto(0x3, 0x40086200, 0x38) r6 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) write$auto_snd_seq_f_ops_seq_clientmgr(r6, &(0x7f00000000c0)="632d1bfe595046ab5c40bd6163307acb6d16baef6176e669a216aae1824ccafdd80500ffffffffdfff1a0e00fffffffe0000000000000000", 0x38) 5.53398699s ago: executing program 2 (id=698): r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_EVIOCGKEYCODE_V2(0xffffffffffffffff, 0x80284504, &(0x7f0000000080)={0x5, 0x3, 0x0, 0x5, "8571c52e45fb22cb5304a5907206f593bfb4214eadd2c5f28827a86ae19516cc"}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff018}}) 5.442482201s ago: executing program 4 (id=699): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(r0, 0x84, 0x7c, 0x0, 0x0) r1 = socket(0x11, 0x3, 0x2) r2 = openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0) readv$auto(r2, &(0x7f0000000a80)={0x0, 0xffff}, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D1\x00', 0x24400, 0x0) getsockopt$auto(r1, 0x107, 0x17, 0x0, 0x0) socketpair$auto(0x5, 0x7, 0x0, &(0x7f0000000000)=0xfffffffd) 5.441491953s ago: executing program 3 (id=700): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000340)={&(0x7f0000000200)="4c0300000000000000a3677337f9", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x1d50, 0x100) r1 = openat$auto_fops_u64_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim0/psample/latency_max\x00', 0x4000, 0x0) mmap$auto(0x1, 0x10000020009, 0x4000000000df, 0xeb1, r1, 0x8003) modify_ldt$auto(0x1, 0x0, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x24044010}, 0xc0) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) r4 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(r4, 0x84, 0x1, 0x0, &(0x7f0000000000)=0x9d) ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c09, 0x0) 5.199018914s ago: executing program 0 (id=701): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x6a) socket(0xa, 0x2, 0x88) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), 0xffffffffffffffff) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x102, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x6) 4.829760336s ago: executing program 3 (id=702): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x80140, 0x0) read$auto(r0, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x21, 0x80000, 0xa) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x14f3c0, 0x0) socket(0x2, 0x3, 0xa) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x5) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000140), 0x260000, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0x200, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x1}, 0x4, 0x966, 0x3, @inferred, @integer={0x800000000000400e, 0x2000000b752, 0x8}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffefffffe]}, 0x0) mmap$auto(0x4, 0x2000c, 0x4000000000df, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r4 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) connect$auto(r4, &(0x7f00000018c0)=@generic={0x11, "0400"}, 0x100002) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket$nl_generic(0x10, 0x3, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000040)=0x5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x134240, 0x0) 4.698653855s ago: executing program 4 (id=703): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x1ff000, 0x100008, 0x843, 0x3, 0xfffff000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x8081) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) r0 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r0, 0x3a, 0xbe2, 0x0, 0x0) mmap$auto(0x0, 0x40000000008, 0x7, 0x4000000100000eb1, r0, 0xffffffffffffffff) r1 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r1, 0x65, 0x4, 0x0, 0x0) 4.378498497s ago: executing program 2 (id=704): r0 = socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x400009, 0x1ff, 0x9b72, 0x8000000000000003, 0x8000) r1 = socket(0xa, 0x80000, 0x84) io_uring_setup$auto(0x401, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) getsockopt$auto(r1, 0x84, 0x1a, 0x0, 0x0) setsockopt$auto(r0, 0x1, 0x12, 0x0, 0xeb66) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0x5, 0x9b72, 0x2, 0x6) socket(0x2b, 0x2, 0x7) bind$auto(0x3, &(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x1, {{0x42, 0x2}, 0x2}}, 0x6a) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x101, 0x0) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) unshare$auto(0x40000080) fallocate$auto(0xffffffffffffffff, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) getdents$auto(r2, 0x0, 0x62d4) socket(0x15, 0x5, 0x0) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net/net_prio.ifpriomap\x00', 0x10b142, 0x0) sendfile$auto(r3, r3, 0x0, 0x5) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) 4.296862598s ago: executing program 0 (id=705): unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) pidfd_open$auto(0x0, 0xfffffffe) socket(0x23, 0x1, 0x0) setresuid$auto(0x0, 0x0, 0x0) socket(0x1a, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) r0 = pipe$auto(&(0x7f0000000040)=0xffffffffffffffff) tee$auto(r1, r0, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20005, 0x1000000000000df, 0xeb1, r1, 0x8000) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0x2b, 0x1, 0x1) io_uring_setup$auto(0x8d, 0x0) io_uring_register$auto(r2, 0x2, &(0x7f00000000c0), 0x1) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) socket(0x2, 0x1, 0x0) accept$auto(0x3, 0x0, 0x0) 4.098909269s ago: executing program 4 (id=706): socket(0x8, 0x4, 0x0) (async) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="42bf", 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x41, 0x0, 0x0) 3.834436185s ago: executing program 4 (id=707): r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x20000045}, 0x24000044) write$auto(r0, &(0x7f0000000100)='\x00', 0xfffffffffffffffa) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.5/usb20/20-0:1.0/usb20-port7/state\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x0, 0x100000008, 0x2100000000, 0x0, 0x6, 0xfffffffe) madvise$auto(0x110c230000, 0x8031ca, 0x9) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) bpf$auto(0x7fffffe, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3, 0x80, 0x8, 0x4, 0x1, 0x200, 0x8, 0x401, 0x2, 0xe2, 0x4, 0xd}, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r2, 0x0, 0x24000000) write$auto(r3, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r3, &(0x7f00000005c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0xffffffffffffffff, 0x2000d, 0x8, 0xeb2, 0x404, 0x80000000) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x37) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4bfa, 0x1) r5 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r5, 0x400, 0x1) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r6, 0x20, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000850}, 0xc08c) 3.756128977s ago: executing program 3 (id=708): add_key$auto_KEY_SPEC_PROCESS_KEYRING(&(0x7f0000000040)='nl80211\x00', &(0x7f00000000c0)='nl80211\x00', &(0x7f0000000200)="0382636b143f97934671a969f5f165f3e9f7283254e4a24fd3f5c522d2e265145f599606b7173d900ee58bbbaf366606d77460b457ef01650948923579cea5672542fc753dbef497e1127024e58585998201f03333f488b4c6c67e6dbf1a06996798409512066f803422ec57ae18fad34c44423a24862428b318262ea81a7f799c5d2f7324b1bda33c8072b5165ad8649db3f00fe58542830297f78bbfabf3dafe7c094c4dd5e36b0e0a2ed30431b24099d3a2bb600bd1b0f1fbdfd5b0264b44d2aee69316416ab515cfd9b6d0f71f100bd3e779b092b24d3c084892d95006d10401a132891cc4e33757ffdad99af8d1c7e8ae5585ad088dc56bf2b3d1cbf27f906f38d2b557c5e7f212c436d4c3df32eff75aace1632dbe5eb08c048c47a1b0374af69456df0b0b4374fff9e01df13b6bb2d84d8f558dd2c4d0f95eaa8960496e99d58f751742b3e0da3e0c00a0db6aed6e3d676555e9d6db49538d252f1d55a8fda62116767038a4867172ace9b76009e060cb96c56f7f9fd96c7fd3d6599d2ec177e401f593be260799dc5c732e5cbacea70bd7f2a1a9a6f97c7dab8185072d213dab2c8b503b782a7af00bf104528ee4f95a913512dffcf7be27e774c483949e9db836cb2066ff343a429638732566eb287e6f6eaa30a76be43934d1a1bce0a7e24d5d081d5e58ea0160e4c6cc11add471857aea5e22d589623177da2410645184ebcc8f404b7d595266f700def80166d4eef1e5612477d103d0638a14bc8ab9f7133ef940d2b905924f81ee22d18444b5137b3b2a28e535ac3e20beb9039fe0f980d9bb5b8c5a8ce1f0cfef2d583e628ca03efe796ccd9b470b8ca625deed51d952a6fde8304784b2487f8b23064dd130fa05b9c6432e6aa9445412fd16b99fe717e3d3557e642a951bb63add31118f76ced4035b9c07b93c12aa01da549eb644e5cacc8a83bc171d6202311b08091d5470a0b53f1601f698390a128a6ceacf790c6001b64702e84f6d3fe24711c7d6d9c23e5af3d47e2562e35c15b21083965f4c302d11e6b01a21fa940c353e6fd1b6c8d3a08b20f64f76c00bd8a0ca8db620be5a5d556c2d045d66622a1bbde3060de5f79d3f31475d2e038d4345b0a6e7f9ea2f5c9b76f35088d3c7829b20907132a7a5f1477cda01976ca088bf26d225773f2f401f6280e50f86d8188f80ec4d357e2ee24821f84d3fb3bbc26ebdc7763441f704e66b7e92d11bce6bd815d547fdbab6d4bb46e1d3893f8f213b5a51436587da10c40ab82d638961464e68c892ed766c70a61a4f5d893fa517834bcae71febe616b63c7645c63db3866cc8c2dc1ea93ab4a265cc0fa443912087c306af3e6be710ede49c73694523c172934d4b9b0fd1d08055216e682243997f76d23ebbdbb7d1181adb1701bf568b726dde2aa2373ed2d6b7e02d97cd7b1a146360ad7ce35424db034b704081b1102a2fae8610b2f46d3d5163eb2b45da27aeaf5c81be43b018043f6582a0c53b0069ac9ccf666958da8c42e2d88abca5683e7cc873bf90afc350a066db617c326c996dfb44abf2298e62f4ebe2178761fd29f3d27039020d6e2ec67a4ab337b39aba70249b64262758285d3d826334a5e32862cecc5a3bb4f6a6754c73230b2db2f2c09f0757e1c20439aa3f656b83481b49ed49c212c731c8fd00a7314e582ed370c1ad57875de9608283d7bd5052e3d86459199b2fc5a723e5e9ea7e5723ceb527d49436a94424ae541b4e45b8be5721d82c3334637ee3274fe480b68a1f5c20cb9106480d8fde136d1fd41729acc131df102422106d03c95592cffd8f9afe97221d80b51e1c98943addfae3aa4a943c7c15ff289371b4aab43f3ab3586b27223876853543fc9da4ec8264c865fcdbee11ec43fc1b969669c03d5d03d21fc9dba7ae4d7e3c93303be347f0dd9c6d55d33726231c0205507ffa90f849497ab27cbb0df9df5530a04da07524a94d407af94b61571d869482c2cf1caec5552ab74003b9d40174002dfb728176e4dfc393edd9c5e617468621e166ba904feb449cd79c353b7f4041aa7ae9f54de6e40a1a9d913737e2997f61d0cb0116a8d91fbebced3aa01656e5996369c6bc74bee74409107818fabd8355e9b80d48b2cf1a04a589a1be21abcfef89429e4209f52f36df6c95782534f4a5944fe4659a54dc332df9a1ec42cc4a22a52e21a2744121bb855a28ccbf20052d8578d7516428cd0c06d0c9609a3865413400d5aea3d59c05a6980bb54010fbceb6bec8996688bc884e5bf016e5335a686d21a16bf5d14e39dd3e075bc96290b70c3f2fb8305f4e7d8002e6ad33cff7728dd15e7c248f23a1602b178eb8230648a48c06f7c46f8941e3a5e830bd87de6e0f05b1f43881fa93f6bccb2c939124c37d9bd95cd86012302d5ad5099109701484d6529da7d64c41c5cb6ea674814eb0d8406440011e98a4d50db5d39c08c0d88a2d088379dd7f02e61fbb07fa520adb3fd8b63adf7feb9937c9b0806fdb80888f93f772b33618354e93d363d1e8dc98ec8ae9cf90622402a7a119ed00831e54281826a2b6ec38b59886133d1b07746e078f18a0f9980fd7e25aef5f760345b482a1c71d092280eee53304fec3191b8c9019818c38c232bdd0379e54c3cfef0e3cd592e0c31349ee685e7f1227533623bd00f19ffb90d0e55bfabfbc79e6fa25f1e93a12627bf38afa96010f41a483a227cd0b11d590b745dad6b14dd1b5c0aa3426f1ce5dc14b7752d0e8e44c541d472f4c62b5c6574bd63ba40a4a6926c25fa7c48bb6f945b6e568547df10c9659ef0f14cf9ce62188c9fcd2c54efca4219c504d640e8d429991f03665d359318b82a7a6dcced9a495bf06a0f3bc7cfb7f064dc04f9a1aa313d973fcb0c7c7f6fc62ef4923465ef7d3efd184ce53a412935782e1d7d0b49a7dc293dfd8fc867fe5ee202a2ece7bd5abf5a2d327299301a0d7d7ce4c8c5ee0dd19e85b72e91df9582e6c8fe97aed2327267886f125a99308a5ce2f5c8b8268f9112966b0c488b775835d203b2d35a04677e7094bc1df7275dc52dfa265e01d4b564084c77edd7f14809dc93a9e3b2f87fa5bc3f79c47a6e6b8a2fd7baee771955ddee58bf25ecd847668fdc058571a4999d242e7ce18a7bc8b69d0b75786149128144300d3adfaddce9ed67cbc1547c337e84e01b1c10309e6c06e90f42b0ac2e8f414617d7102ecc6295645297d17837d36d867235a389f9a87589a1450d4388b7cd2cd874ea0befca2261d27fb2cd34033480641d0380b813942e7cb1dab3998ba402a42d4f3c26b98e622d9ee4c3f53d049b2750546586f1c29aea8acfad792145eda227b9edce0af8e082c0c4a7a14e398dbe2c49d82e7c264029db0055876b94ceac30e862cf430b8feededa66ba0b34353b047a70c9d9c84c2f11a6d55dffefa4667c953e07d6c6b7f9bfeeff42db02fe43d812233962165e644c1bc1e6c2d5fc2bbb5633277d2248ab471192e66957c394ec24ddcc04cfbdd846ba008b1f852550e214eca7a8b5a6fb2e856faed23d3007abaa71fcfb7d8e9df3709d1bdcde95d435645a531b4cc7f6584e24f9dbfa661333332ac21ec1a25a3eac98ed64d1ebdb3777880cfe7ea0e616c9baa732f861c36ae10ff65c12edc166db1113b94b13a12d82a281a9508deceeca574356b7f8e27e7f68f13b9fcf5b01b88dd308a351c0ca691c9ff16f8f7874c41bade32081b561dfaa529a1fe2823cf2023ed11935fa3d8c1007131e6ab619583f52afa889f8ed6a1ddaed60888b2886b69ff7f8b3fda2f2c952cc7ca533ec6c562f8b22524da686a2ab84bb8f8dd7cdb09dc8923180137d951a0260bdfd367e8e396f31f856b4ebe0901a62eaf0c1c6b2b58cd4540c20637d139e187281224b218f0bb43143580962b1d592dc050cf33ac3a71ea52ddf9ce28bd98f277250fbf032d81c486a5e93cfd482f2f7b67d71a402e824a98c000b7a9151ead727cbd3462611934edd55a3403e9a09e429476fec4bfb6305ac9318bde9e3c3eeaf25e31e8fa8a9662fb15e211e88826fd0ad9af8e694accfdff29d4bcb969fe2672c79f051408f1587645462c5158b00d475c84cd37b0ff9069f7dbf74850bf26234fa260563618d430dbe44239b318b1c80cce1caf6a25cb7381990d7595f8e176ffc7be394832014521879cb2567572ff399e5777568c489f79454bda4654e40428f6f0ec746405dd9fb9c1130429a890d8c05e9ce2dde393f27bb339b9a41b9db3870cde9b20f5886912d56dbda47843807a9117ea02abdd8960139788d8c9bf3fc4605d6a5528d3ff2d654a227f3638e12d2c318c437f3c081cb3cf6cb9e3ed810680d6aabb985b0ddc77f511fc31de1dc6e55ab36f420e2425ae8e4410512aeb70ebe793b6aa1571505b9677251d22fc2feeb6e3e8d9b840bb13c5b5088c81ec294c4d0fabff3032d6f5a9d48ea2103c55755233c6a5d0efc515133b66127ae207f8fcbecc363e7af741b8762dd694d561def508702aac5a03fed84292e79e6e8004882ff94cb26911acc6728aa8fcffdcf7486f643fa7d6ea87b2ab4dfdbf41f47c8a8072e3659a1e6eecd96e77b3244be4027fd407de9e9f2af2fab08a3e14ceeb5925826cb935cf298a414157a3081c868c6adbfb25b4ff3f9d3810e23f08e272433c0fdd1448b4185f4f80b6459b49a1e98083575fad50cd8c5602539e21c4c41f5111afcefa111d59fd1bc5ff58ac5e4d1beb7e9f93de16587d3a0e569035b6a19ec8a4c3a5504308bc0560215d98ab5cd2e594a4e49a0df488ee4b2ce1005c707a6a8dc2f53e0342f43170649c2d57ce98a86b00e7dbec1456470a5f449eb78f87209c0004f2afb5b27dfb8878a6c6ae2d189667ca58957ef6612034c5be5b688b6a6b408e6bec87fe3f9cc04dfde94e552df9768626cb16c598fd709b04f1003ac7db85ee023bdf63b8945a430e2b2c8910dcdb419166bfac0091c75685a21a1a5404e3c2e1d8de0bab78960c317d557ef0f5ed524245bf8322b8566bc756cfbf6b211cad51b19513aa101cdd605ac8d085ae5659938e5eb33485df3c8c35164e8660f6186e64d2b5fe922c5e8061a7fd34a5a149ad4bd7fe19b87987658bfa6e1173e7b1684bd4fcf67d8ed0214ca1a34aa52e24b9e8cbe185c4a0e6bef515b2fbb893d149e53074bf272c5a0d31e9b4faa696dfa80d6ffbd81ef16a1d03018a310479dd5fd1fe10882527252af96bfeca2fc125b380f4c504a7e7f9648e5965d72e08b726ef0da314841c64b4743f506523acfba230a1908bc189e99a4bf9fa555e2b4d7ccf9fa567a939c6115724c7df98ca4a04167646763377613b0be9f9c04e56d2824addec82946628347aaa8a45015ee6c1b91b70f24ae71711b9ad4ecba25fffff08b7492c1eb7336310c534fe13f70635035de3106a511059eada3ab4ea4975c87f68cd2be7aa2a218eb5ea5664ff9543605e82403da7fa49d9862969edda7173378c1956bdc0950ef1f5d56a3728e6f10583e5df368671426589b0805eede23c18384c98cb5fe987a87699095a66e49fd63b32c75d48f11e2d82fb63c8a0a8fc020b8ac1d8779dc96b1fed09d09758f3b84e381fdfb65ddccc9833a38dd41169bc3dfa26260580a5c1613ff97b12a3c51a78fbef40651cc125efa9de2818eafee525d200ef5db64069e3a2665545063a9126e6b0c7eed87da0df4463df9dbdfab9c8f442feac1d27ea3802902719af6700413f0cb65a25849d0615f68590cad249b85a0cb398e4015f0fdb4741", 0x7, 0xfffffffffffffffe) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x1b}, 0x403) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r0, 0x802c550a, &(0x7f0000000300)=ANY=[@ANYBLOB="020000060000e6ff040000000100400008"]) r1 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x6, 0x1000}, 0x5}, 0x2, 0x100) 3.059250711s ago: executing program 3 (id=709): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0) r1 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000001080)='\xcb:\x00', 0x2) read$auto(r0, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x2) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) read$auto(r3, &(0x7f0000000040)='$(\xc2[\x00', 0xe) r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0xa100, 0x0) ioctl$auto_SNDCTL_SEQ_RESETSAMPLES(r6, 0x40045109, &(0x7f00000010c0)="fb7ea87773db3b26ae686211257407abcf061012cfd7e3d6635d1238d86ea36ee5f2f02b532100f137863c621179efbb148734e89c7f04c2d6518933ef4ce176391d5ca84116ff932dc41ea9935e1051a4249f52a73db24656b8f655628a5383e30dc07623602596dd7396d4984131d639801cfd29514e4b1026304877ff7bc491b2c8f7a79ae9be530723d9b6ebd0aaaa0eb9e516bc0e66a331ba8191639a5ed5e45b15194ab70b567048c365197fa7645dd34b120c57e8636fdca2075e8aa118d40e1a408c0d2357a41df826be113aff7b78efb7ec15dc9ef61c2c19a7ea7728eef9c976318407061e06ee7c2b4bd5d4969d18c047272501d7b86a37eb1eb4509ebdaecee08b77b9bffbe94a2eedc3a09943782ea3ac7598caf7c41b3e53cd72110329838e6a7f794bcef44f63280f67278686537a2dbdaef6224996f4a8c7608686265415c7310867e75765d05da57402de6446450b012d3c6c1870fbd410ae4b683ab571fc1df483aa15d155ffaf92726819ec8ba5ffe404540bb1eae4c301cbd588c778c60c5363046c7d3ce2a9d7dc89712594bb17a347db2c046dba3c0e11221c673cbd519a8321014e5cb80bf783e94040bc178c01065b3459bd17a4699f045d98be189a576c6fd5cd6a0665dfb1c2809ecf002d3cba007fdfccac49b99c082b798547f69bea03e84335214f204aefbb9ab01b40d322834b0d3cdcb89eabe444ee5b9240b01ef485916b190df1b17dd97398183a7f21a1108d2373ca187f4f901389b4655c0e580fd9f2f0e132f99a92b1f2b57787be336c2a5268088ff00291df9f383d5ddc5cd1fa4041a77468672585dd3987d657aa003fc9ce58231c795240816bb9698f4d928c78a7a317bf5d37129847607a06bb828474c4e4a2839dbc3aec7cdd8520676684a1a5f84b35b37208cb3a9d5edd96f3b85fb31cc73385cb882528e9dcc2f16f8a15be5f60ae64c95a1a82130a90d8838ba1df9b19b7f90da06552f50097daf3758a935024869d2daee70a28c188b4e6d4482e9817a8a9691a888d53345f94b76bb077565872821fe888ebeb28566c954bde94f7337b5f090552bc71b11be6e9658ce4401671f6f6514544f6af8cc1fbe41c0d31e200ccbe6681bc6fdf9c1ac7ce9e5d7346906e077c2865535c783a71b6c36a19cf2cc210c435f9bc968dadaf9776273d9e2d09c2d806c53914154793bd19f49246321735061154f346d140f42e2d8c6ef26794a8f5edf60484615369d0df461ab51ae9e1c67c18c1ab48fa0be6ad842b0c2809f03668aa2ad3a869fd5a2d68057fd15c0887cffd43054634fcc41604271ea598cb119326552649da626b5f256daac8e9193b56377696b4a6aad88b51720e81d1e698466536fa55a28cdd5a4e941bf90f64a675f45d8cc5f53123b7f20574a119cffed6a0319b0f8c982425ec85687a8fea5ba6da866e4957baf104ea8b7a1dbc9fc61ddfbd770c4f3fa67c304ee01bce8fb569e09c621f628e65ea81ece3a5816a8e66aef82adf1cfa937ae716104fbce78cc41f013d5f617ea7d8128a63bfe75dc1df76ccde1ad9baec732ec5e88272f71e6b467557089bd8ffd627e643c40b8ace1e4bd415e7e1ce17a1f8a4ed42f7a831aa525312dc712d5bc1c179134fad9bd37bf49f80dfb5245d4eb5141c0ebae8906ea50707307a643e9cd5dd6ee6f7e2e5c056d39aaf4674c5926f284498f7d84c7c4d90e574db66db13033c2c08fffbb283b7b27c52372b1f9d70f3f5ac3d0cd21523eb5762bb272d835299c9cf6b1730e113523a23b9ae91d6d3b939f96da1f526bf7cf38d7f16ade2844c34cc44e904deb9e41647cce35cd0a00343742b5c051812e0545200c5ca39cc54d47e487d76bf92a124170637d7948398948d0f9cf31bbae258be9687aa0ad14089926ea56f78af4757a9f4ac5c3bcf4606c2c9edaf7d5127e7c5033e47d0b44536df79c33d6261f60218047ff50c0809e70f83720b8a8d2a712fafb06c74153e355c4a74d196fdaecc4d4e28f0c5da90a6d66071d0cd378a2d2d8e4d9a848c534125d192ef55a7ba1c4ec3377d332e1c0f851cfdf33ab49da5dba374a15101628fd941edc64381d1f239ddac46212db95716e9c578ca4562fb775d1dd8a3c97c1cff9d73747c3ff693c16016559689d26b26d8f3e72e2418986f1f7ec495fdf25fd2c57e351b7ce5c6cdefea76d34f2f141de67f403c545099bdf2a56fad42ae84145ac3a36a4f0d35f7dfde1f19cde84ee3e2eff36a1d1f671a4929eeca9af73aae5d0d72934c56f2e456baad969039ba197cc94b49ff1e90af64e6b147c74a63c2628f0a8e3bc8343704a9bb781f9560056e2f2c1efec31665a76a6a76f8ebaf687a11d9ba83b70a8e29422b548b258ef243d638f0983b0e2dcbf60002503d508e332150479916a406e87ac1c94a75d6b31df0fe36cbffc2b727c30da41a72e01b10ea1b3f0fc98487a9ba1599f6efa586827297199694ae6366386d079b410805b1bd416c6ac541b19cba6c8db7e58bd6e82de2198447260d259eb32a74f7b86308bdb43d01bec7dee3e41133bd428a57ab11fa82ab6159a234cafd7a107c3713199803f7efd1a3d0e81143dfa1385bc2212dd8c655a76ff01e0d6172b397b8bafa13d006bd574221c8daffc184d3f1a7505234311040e371fb049d31e2c406fe0381a8052e16665d92c0b6514a0bbe8e1f68a81d6f8f1b35fccfe288cdf313a982e5efbfbf23da1c9c7efeed0f8d79be046d2d939cdb76a115d34dfc9414b8fc97b34fe838efe503da2832d0495600197be39fa16e81dba845304b750e815550765b535f2dce18c7371cd015ae0181648d1c74a96a80f83337162f2bd82c4beffa530994c863e1fc8b56fe479841176976828a78f798f3d0fe363ff8e1f90a5d69d8838ad3a095ea45a3d1e246837dd560fbf868daa7996b52853612954d1bcb4471557c549e9a364e7bec2b33689320d99163485aeb4901edc0b50c5cbd38f83695aa18bde868d00773a3eb441ebe90aee141f41f55c7619f8c6ffdb4e3a6b625856eb017d60ed25b72d8ed60f7e2ec7e43bdfd55c7d35802026ef900cf201952c2d2f82ba486fb131be8b0711cd7f69875500cde273d23458b4898e5493bd7cb77007ae98fc0cd5cc369dd364e2d34c6e2fd4f07c99e49e98b6ffa1aac1863a98672da6aa2b8e05100a86a0b6e86c37fa37951234333bf31a292c9015d6afb7567d6f761740e2176636aba50661e8fc63344a1d0d690adf38c594e85e9cf4b8ac7c9248f9c9edc4bc0008a6eb8ac274d670e4f899658bdae5247eb54279f8dbf7c3b07315f2e4325681f2d023ad39d3edb8aec100201006fbb83886c3c6d44dd1afdce0e9c9ce5bc5a4e6df1e893212618af2e5fe4f68d6eba9e18e2fd82c64e621f43b2e634aa45b0c02d3f3e3a51c820081a127178439d59ece96a980bfb84823baccef997bc6a45e20f325b9241472b88279f9b95a508758e9b4829d6d209687c0d63204805fe454dcc6cd7f08c2affa910bacc00bcd1f9f54ca23c4d30b56ee72c656d263109a0dcba05d93b37cb51a3e16a86d8b4b03488765e1e1709a96e633975fe5fd03e2f8fa1567b1b6f68a2fa73d3d71624f5c360ffce0862b543151c7d90b5da6ad5255ca2a586034b2e2a6937a56b44e40c97360e0bc3082383a0c63b1ea25d90da7e68f6edd68b2daa3426a588299366595593f7594e2acef14770524ff2ff8d576e031bca84a5e4c76793f566016d9b1cfc523066fb45fdf9aaa282cff5ce3b31409ce49b5fd2e3c247cafaea4c5187307cc3567a5b0a7fc21e9c5cb8aca8c7be8a842051fdb8e48ce8ca969718fa857d1f523ecc6a53c8d6f1434610076b9c18ac60d2ba06ba84b44b5c9b632b81e8926e4201b0128e161298b0c0e7c89f5c2eaae756438529cc74736b3df339c529337799dc8a25f38efa9d49ce85f081ebd099e5fa923614b07ffa7a4160b322a55b86c775eb9252e7e6691de40293a472e75ea1964efc3d2997416523462ffec4f6451f774fbdeaacd1a004d4da5e4c95e5b501417d928788c7fcf2ea7f52628e326c476a5457d10194802c881a964b09c9c40fe45e77ddf00235e94029df9ff21ab1bd890599cf2fac908b229104ddb85b1c86c0e81323936408f92c1928b27d8e782bf10c3bed9260fd4efc5a199077ef50a9c6914ef8485a4d0aad5fbaad17834113f15cbf4296fe8ab6d93334fdb7dfcb8c4327608c79e08620a32a0795d957b6c443d03ccc09e7d48f0f8298d5c798539b8140ea6357361ab2c231600b3db61b9351ee4e81ad4eb01f3a368bf5306f1587cc371c673ab983c5e96a1b958a615e342e2368081e18fb08de61a9b820eaa953344ddc1e7ce78f7ad7b10350766cdcab44d39b2df2977f6dca906d600864d3ff24508bf5b5fd75816e5bb313fcca6d2b605f959c30f62a3568e8df22a0bec20e9ee570c63aa48ef4ff5f31bb40cd29c3deecc12d20061eb27af5034a74177653621008e5fd5916c8318ed5e9ea4f912b9284f137a6342b4417ce77b88cfbf76f18c7986897c686a3d726ed7fe9cc83480214bb1cea90cba0599f5e480586865ddd7501a409fe92801cdaa0cf1ab332fcf33f6d5d85238209f098f943c61af49b60a2a31f8f50b2cf7a5cd31f06435ca916dc4a692675d3776b6fda27cac73b3be54fa6330e951946b7523111734fc15453378be43e2cfdc9d6f0d5b7ae36c131ef34deedbd6975976b09e3914b8e2caa0346dbf23015985061a0505f7e215432eec9fc67a16503bc610356979480feb08a4a4319f0534744065fdd9ee395af68bd9774451b2a716b961b0a847e278538fa303757aca4c173f69304a3a29f6fc011db29eac5616b41f9a9f4c841ba37eda31ffab4b69d5eeba38fda6bce9f51d2a9250b79fea32715c36a3105ebf94261c3709999fc18f20ebe6d71f748addc67a67af1ab1e1f7a0cc9393e5062b6431062764431519a89b41121b8582a3739f3e4076200c28e1daf22184b76d13f45e5a79b90357f8d9fae2993ec4b0f56ec223a64d593c4747f80d7251cf1aa0bda2c97a5923d32984cf279eb50e8f13fdc057bb4c305c4c44ca0f3dd86af0e64fb04022b01e8d491f8841904dfab299e2aaeeaeeaa32284bc75a82c1ac8e169ab5a5203d4baab651853df3ecf98606a907cae8a6b17ed3731930ae21f4670042cadd8b269f925e173250cd3fd42b6f277bb985d64fb43f3c1e9924fae37b107f4ab393ac081c8244cf35d1660afc2c14ba5c3e2e15b0b22b1ecc4656a2d7353ccbb2323fc13b7029d88ffda28cd1c3ae08e1463337d33e8b0cf26eef29b2c57170ba5467a812b13dd2f502cd83b368d80aa5206a5c428b6763bb42e70aa3a8bb63cc77d53e0935edd2357d99d1d871c8ae5eac400327fc063076d41712d618929eef36f681bf249014d81f356d22783168b8a2994a9b3bc41968cd1abb6a9c233bd044e812492947cd3d39ec214dc902005ba7a54b9139876072e1ed23e6ee8648408b3458d1a7fbc333c95ce9765651d59bf5c7705940cf983d9025fe6cd6c8fe5b02738befaad13cf02183d9a39ec274b9126a135dfcd3ae9e5ab1d01fb99bd17e0060c880c9d78c7f39755a629d64b2397d9014aa828501303928fd9e7d2bc444a782480504f96f252b24f5866ce5a48849a684dd66e2956eaa08270af949e602117e8ae477fffe03867393cc51343182957e516d741c7ecb9ef696c46da0c6adc41a1f12dfe953064a1d53d942fa8e0cf1824e") ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x1c, r4, 0x305, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40008}, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE_EXT(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r9, 0x201, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000810) sendmsg$auto_KSMBD_EVENT_LOGIN_REQUEST_EXT(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r9, 0x10, 0x70bd2b, 0x25dfdbfc, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x90) 3.039031169s ago: executing program 0 (id=710): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/uts\x00') statx$auto(0xffffff9c, 0x0, 0x1000, 0x0, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x1, 0x3) chown$auto(0x0, 0xee01, 0x0) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000001640), 0x200, 0x0) r2 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) ioctl$auto_LOOP_CTL_ADD(r2, 0x4c80, 0xfffffffffffffffd) 2.805740895s ago: executing program 0 (id=711): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x242e40, 0x0) mmap$auto(0xfffffffffffffff5, 0xffffffdffffffffb, 0x100000000000, 0x15, 0x2, 0x6) ioctl$auto(0xffffffffffffffff, 0x540a, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r0, 0x800001, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(r0, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) open(&(0x7f0000000180)='./cgroup\x00', 0x452f82, 0x80) lseek$auto(0xffffffffffffffff, 0x10000, 0x6) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) rename$auto(&(0x7f0000000500)='./file0\x00', &(0x7f0000000100)='./cgroup\x00') open(&(0x7f0000000040)='./file0\x00', 0x1e9e02, 0x40) mincore$auto(0x80000000001, 0x2, 0x0) write$auto(r1, &(0x7f0000000000)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x9) kexec_load$auto(0x7ceb, 0x5, &(0x7f00000000c0)={@buf=&(0x7f0000000200), 0x0, 0x800, 0xfffffffffeffffff}, 0xfc) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) sysfs$auto(0x9, 0x100000000000030, 0x40) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) socketpair$auto(0x1, 0x20000a, 0x6, 0x0) ioctl$auto(r2, 0x89f2, r2) 1.44429311s ago: executing program 3 (id=712): mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x1, 0x100) setsockopt$auto(0x3, 0x6, 0x8009, 0x0, 0xfb3) mknod$auto(&(0x7f0000000340)='\xe1\x9eHU\x00', 0x63c1, 0x7ff) socket(0xa, 0x5, 0x84) mmap$auto(0x2, 0x400, 0x4, 0xeb1, 0xffffffffffffffff, 0x8000) (async, rerun: 64) io_uring_setup$auto(0x6, 0x0) (rerun: 64) socket(0x2, 0x5, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async, rerun: 32) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) (async, rerun: 32) access$auto(&(0x7f0000000280)='\xe1\x9eHU\x00', 0x6) 570.637155ms ago: executing program 3 (id=713): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) socket(0x6, 0x3, 0x37) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x26, 0x5, 0x8c68) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x101e41, 0x0) ioperm$auto(0x4, 0x100000001, 0x4000005) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyr0\x00', 0x74c40, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000005880)='/proc/sys/kernel/panic_print\x00', 0x80801, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) mmap$auto(0x800, 0x8000009, 0x1, 0x19, 0xffffffffffffffff, 0x100000000000008) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x7, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x40146f2c, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x40146f2b, 0x0) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x50ba82, 0x0) read$auto(r5, 0x0, 0xb4d3) unshare$auto(0x40000080) setsockopt$auto(r0, 0xd0, 0x800000e4, 0x0, 0x569) 0s ago: executing program 0 (id=714): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getrlimit$auto(0x3, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) readv$auto(r2, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x4b2201, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x8, 0x7, 0x15, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0xb) bind$auto(0x3, 0x0, 0x6b) pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) kernel console output (not intermixed with test programs): hsr_slave_1: entered promiscuous mode [ 77.575762][ T5820] debugfs: 'hsr0' already exists in 'hsr' [ 77.581485][ T5820] Cannot create hsr debugfs directory [ 77.888577][ T5825] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 77.908558][ T5825] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 77.919477][ T5825] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 77.938355][ T5825] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 78.006437][ T5822] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 78.030352][ T5822] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 78.047632][ T5822] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 78.065259][ T5822] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 78.130249][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 78.141792][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 78.152666][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 78.177356][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 78.246274][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.273710][ T5820] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 78.299135][ T5820] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 78.309377][ T5820] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 78.320901][ T5820] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 78.336390][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.368700][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.375999][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.411629][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.418745][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.536323][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.581636][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.607809][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.636560][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.643706][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.683049][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.690223][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.710868][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.746173][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.755522][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.762618][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.803573][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.831311][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.838492][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.851354][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.858456][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.868984][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.876075][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.933848][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.106237][ T5825] veth0_vlan: entered promiscuous mode [ 79.145963][ T5825] veth1_vlan: entered promiscuous mode [ 79.237622][ T5825] veth0_macvtap: entered promiscuous mode [ 79.258935][ T5825] veth1_macvtap: entered promiscuous mode [ 79.310135][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.346240][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.397672][ T51] Bluetooth: hci1: command tx timeout [ 79.403732][ T3564] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.425977][ T55] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.454878][ T55] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.468858][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.477700][ T51] Bluetooth: hci3: command tx timeout [ 79.483138][ T51] Bluetooth: hci0: command tx timeout [ 79.489380][ T5831] Bluetooth: hci2: command tx timeout [ 79.502663][ T55] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.524354][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.563491][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.652601][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.657597][ T5820] veth0_vlan: entered promiscuous mode [ 79.673185][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.726117][ T5820] veth1_vlan: entered promiscuous mode [ 79.736600][ T5822] veth0_vlan: entered promiscuous mode [ 79.737492][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.749437][ T5822] veth1_vlan: entered promiscuous mode [ 79.755588][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.806116][ T5824] veth0_vlan: entered promiscuous mode [ 79.839988][ T5825] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 79.857144][ T5824] veth1_vlan: entered promiscuous mode [ 79.877727][ T5820] veth0_macvtap: entered promiscuous mode [ 79.901113][ T5822] veth0_macvtap: entered promiscuous mode [ 79.945437][ T5820] veth1_macvtap: entered promiscuous mode [ 79.967192][ T5822] veth1_macvtap: entered promiscuous mode [ 80.023033][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.048341][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.067771][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.080386][ T5824] veth0_macvtap: entered promiscuous mode [ 80.088834][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.097842][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.115688][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.130141][ T5824] veth1_macvtap: entered promiscuous mode [ 80.140131][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.161562][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.197746][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.208504][ T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.220755][ T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.241945][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.250330][ T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.259673][ T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.295492][ T55] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.297550][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.304367][ T55] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.304429][ T55] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.304472][ T55] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.323861][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.418289][ T3564] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.429160][ T3564] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.488077][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.503371][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.548332][ T3564] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.560960][ T3564] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.616664][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.627427][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.705181][ T3564] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.728057][ T3564] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.902466][ T5916] Console: switching to colour VGA+ 80x25 [ 81.182805][ T5924] FAULT_INJECTION: forcing a failure. [ 81.182805][ T5924] name failslab, interval 1, probability 0, space 0, times 1 [ 81.196092][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.205989][ T5924] CPU: 1 UID: 0 PID: 5924 Comm: syz.1.5 Not tainted syzkaller #0 PREEMPT(full) [ 81.206025][ T5924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 81.206047][ T5924] Call Trace: [ 81.206056][ T5924] [ 81.206069][ T5924] dump_stack_lvl+0x100/0x190 [ 81.206123][ T5924] should_fail_ex.cold+0x5/0xa [ 81.206163][ T5924] should_failslab+0xc2/0x120 [ 81.206190][ T5924] __kmalloc_cache_noprof+0x7a/0x6f0 [ 81.206224][ T5924] ? alloc_fs_context+0x57/0xf40 [ 81.206250][ T5924] ? __get_fs_type+0x12c/0x170 [ 81.206281][ T5924] alloc_fs_context+0x57/0xf40 [ 81.206305][ T5924] ? __get_fs_type+0x12c/0x170 [ 81.206338][ T5924] fs_context_for_submount+0x26/0xc0 [ 81.206368][ T5924] trace_automount+0x47/0xa0 [ 81.206400][ T5924] ? mntput_no_expire+0xd8/0x220 [ 81.206441][ T5924] __traverse_mounts+0x1b9/0x8a0 [ 81.206478][ T5924] step_into_slowpath+0xb7e/0xf90 [ 81.206513][ T5924] ? __d_lookup+0x25c/0x4a0 [ 81.206545][ T5924] ? __d_lookup+0x25c/0x4a0 [ 81.206582][ T5924] ? __pfx_step_into_slowpath+0x10/0x10 [ 81.206619][ T5924] ? __d_lookup+0x266/0x4a0 [ 81.206657][ T5924] ? lookup_fast+0x2da/0x600 [ 81.206690][ T5924] ? inode_permission+0x374/0x620 [ 81.206727][ T5924] link_path_walk+0xf28/0x1cc0 [ 81.206777][ T5924] path_openat+0x1be/0x31a0 [ 81.206801][ T5924] ? kasan_save_stack+0x3f/0x50 [ 81.206838][ T5924] ? kasan_save_stack+0x30/0x50 [ 81.206874][ T5924] ? kasan_save_track+0x14/0x30 [ 81.206911][ T5924] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 81.206953][ T5924] ? __pfx_path_openat+0x10/0x10 [ 81.206990][ T5924] do_file_open+0x20e/0x430 [ 81.207019][ T5924] ? __pfx_do_file_open+0x10/0x10 [ 81.207065][ T5924] ? alloc_fd+0x476/0x790 [ 81.207101][ T5924] ? do_getname+0x191/0x390 [ 81.207142][ T5924] do_sys_openat2+0x10d/0x1e0 [ 81.207175][ T5924] ? __pfx_do_sys_openat2+0x10/0x10 [ 81.207209][ T5924] ? __fget_files+0x21f/0x3d0 [ 81.207254][ T5924] __x64_sys_openat+0x12d/0x210 [ 81.207286][ T5924] ? __pfx___x64_sys_openat+0x10/0x10 [ 81.207328][ T5924] do_syscall_64+0x106/0xf80 [ 81.207355][ T5924] ? clear_bhb_loop+0x40/0x90 [ 81.207386][ T5924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.207411][ T5924] RIP: 0033:0x7fa687b9c799 [ 81.207438][ T5924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 81.207466][ T5924] RSP: 002b:00007fa688ac3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 81.207493][ T5924] RAX: ffffffffffffffda RBX: 00007fa687e15fa0 RCX: 00007fa687b9c799 [ 81.207509][ T5924] RDX: 0000000000109c00 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 81.207525][ T5924] RBP: 00007fa687c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 81.207539][ T5924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.207553][ T5924] R13: 00007fa687e16038 R14: 00007fa687e15fa0 R15: 00007ffca3fa0fc8 [ 81.207584][ T5924] [ 81.503699][ T51] Bluetooth: hci1: command tx timeout [ 81.580629][ T51] Bluetooth: hci0: command tx timeout [ 81.607206][ T51] Bluetooth: hci2: command tx timeout [ 81.612722][ T5831] Bluetooth: hci3: command tx timeout [ 81.779292][ T5925] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 81.805146][ T5925] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 81.894854][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.896340][ T5925] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 81.914857][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.936658][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.945195][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.989558][ T5925] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 82.004421][ T5925] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 82.053142][ T5925] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 82.107316][ T5925] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 82.113537][ T5925] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 82.175625][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.215133][ T5925] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 82.259553][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.274548][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.275662][ T5925] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 82.295689][ T5925] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 82.369315][ T5925] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 82.453173][ T5937] Invalid ELF header magic: != ELF [ 82.882365][ T5944] futex_wake_op: syz.3.9 tries to shift op by -2048; fix this program [ 82.891626][ T5944] futex_wake_op: syz.3.9 tries to shift op by -2048; fix this program [ 82.927689][ T5944] 0x000000000001-0x000000020000 : "" [ 83.036915][ T5944] ftl_cs: FTL header corrupt! [ 83.464436][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 83.654124][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 83.797657][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 84.037527][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 84.117259][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 84.355238][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 84.618592][ T5968] HfR: entered promiscuous mode [ 84.765648][ T5972] netlink: 32 bytes leftover after parsing attributes in process `syz.0.15'. [ 85.643322][ T5964] Zero length message leads to an empty skb [ 85.653916][ T5995] netlink: 980 bytes leftover after parsing attributes in process `syz.2.19'. [ 85.894290][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 86.126657][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 86.194780][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 86.224795][ T6000] kernel read not supported for file /\*)A (pid: 6000 comm: syz.3.20) [ 86.264723][ T30] audit: type=1800 audit(2147483648.680:2): pid=6000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.20" name="\*)A" dev="mqueue" ino=8608 res=0 errno=0 [ 86.285171][ T6000] netlink: 'syz.3.20': attribute type 1 has an invalid length. [ 86.436241][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 86.763935][ T29] cfg80211: failed to load regulatory.db [ 86.974472][ T6015] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 87.074358][ T6015] CIFS mount error: No usable UNC path provided in device string! [ 87.074358][ T6015] [ 87.104595][ T6015] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 87.964455][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 88.034898][ T6046] syz.2.29 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 88.093854][ T30] audit: type=1326 audit(2147501994.547:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6047 comm="syz.0.31" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1f0b59c799 code=0x0 [ 88.116474][ T6052] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 88.116474][ T6052] The task syz.0.31 (6052) triggered the difference, watch for misbehavior. [ 88.204728][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 88.284359][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 88.440834][ T6019] syz.3.24 uses obsolete (PF_INET,SOCK_PACKET) [ 88.514292][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 89.845529][ T6071] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1633771873.1633771873.1633771873), cmd(5) [ 90.273156][ T6078] netlink: 'syz.0.37': attribute type 11 has an invalid length. [ 90.304343][ T6078] netlink: 'syz.0.37': attribute type 11 has an invalid length. [ 90.312029][ T6078] netlink: 'syz.0.37': attribute type 11 has an invalid length. [ 90.748931][ T6079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 90.804347][ T6079] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 90.838077][ T6079] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 90.854325][ T6079] page_type: f5(slab) [ 90.864552][ T6079] raw: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122 [ 90.883733][ T6079] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 90.893966][ T6084] netlink: 12 bytes leftover after parsing attributes in process `syz.0.37'. [ 90.903733][ T6079] head: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122 [ 90.903800][ T6079] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 90.903828][ T6079] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 90.903855][ T6079] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 90.903873][ T6079] page dumped because: unmovable page [ 90.903903][ T6079] page_owner tracks the page as allocated [ 90.904091][ T6079] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5192, tgid 5192 (udevd), ts 33561542261, free_ts 24008276150 [ 91.014326][ T6079] post_alloc_hook+0x153/0x170 [ 91.075543][ T6079] get_page_from_freelist+0x111d/0x3140 [ 91.081151][ T6079] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 91.096776][ T6079] new_slab+0xa6/0x6d0 [ 91.108884][ T6079] refill_objects+0x26b/0x400 [ 91.119364][ T6079] __pcs_replace_empty_main+0x19f/0x600 [ 91.132836][ T6079] __kmalloc_noprof+0x688/0x850 [ 91.149202][ T6079] tomoyo_realpath_from_path+0xb6/0x690 [ 91.164576][ T6079] tomoyo_check_open_permission+0x2af/0x3c0 [ 91.271406][ T6079] tomoyo_file_open+0x6b/0x90 [ 91.276223][ T6079] security_file_open+0xb5/0x1e0 [ 91.281345][ T6079] do_dentry_open+0x5aa/0x1660 [ 91.286222][ T6079] vfs_open+0x82/0x3f0 [ 91.290322][ T6079] path_openat+0x208c/0x31a0 [ 91.295305][ T6079] do_file_open+0x20e/0x430 [ 91.299840][ T6079] do_sys_openat2+0x10d/0x1e0 [ 91.306224][ T6079] page last free pid 1 tgid 1 stack trace: [ 91.334349][ T6079] __free_frozen_pages+0x7e1/0x10d0 [ 91.339611][ T6079] free_contig_range+0xde/0x1d0 [ 91.369462][ T6079] destroy_args+0xa8/0x7a0 [ 91.373960][ T6079] debug_vm_pgtable+0x1b66/0x34c0 [ 91.414322][ T6079] do_one_initcall+0x11d/0x760 [ 91.419990][ T6079] kernel_init_freeable+0x6e5/0x7a0 [ 91.452524][ T6079] kernel_init+0x1f/0x1e0 [ 91.460837][ T6079] ret_from_fork+0x754/0xd80 [ 91.465967][ T6079] ret_from_fork_asm+0x1a/0x30 [ 92.287756][ T6119] sg_write: data in/out 4060/39 bytes for SCSI command 0x0-- guessing data in; [ 92.287756][ T6119] program syz.0.46 not setting count and/or reply_len properly [ 92.845433][ T6129] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 92.937710][ T6131] process 'syz.0.47' launched './file0' with NULL argv: empty string added [ 94.125250][ T6147] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 94.508900][ T6167] kafs: addr_prefs: Invalid Command [ 95.265069][ T6193] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 95.344374][ T6174] syz.1.55 (6174) used greatest stack depth: 19672 bytes left [ 96.496898][ T6219] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 96.960237][ T6216] FAULT_INJECTION: forcing a failure. [ 96.960237][ T6216] name failslab, interval 1, probability 0, space 0, times 0 [ 97.046701][ T6216] CPU: 1 UID: 0 PID: 6216 Comm: syz.3.56 Tainted: G L syzkaller #0 PREEMPT(full) [ 97.046746][ T6216] Tainted: [L]=SOFTLOCKUP [ 97.046756][ T6216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 97.046773][ T6216] Call Trace: [ 97.046782][ T6216] [ 97.046793][ T6216] dump_stack_lvl+0x100/0x190 [ 97.046837][ T6216] should_fail_ex.cold+0x5/0xa [ 97.046870][ T6216] should_failslab+0xc2/0x120 [ 97.046898][ T6216] __kmalloc_cache_noprof+0x7a/0x6f0 [ 97.046933][ T6216] ? newseg+0x269/0xed0 [ 97.046966][ T6216] newseg+0x269/0xed0 [ 97.046995][ T6216] ? __pfx_futex_wait+0x10/0x10 [ 97.047037][ T6216] ? __pfx_newseg+0x10/0x10 [ 97.047063][ T6216] ? down_write+0x146/0x1f0 [ 97.047098][ T6216] ? __sched_setaffinity+0x17c/0x280 [ 97.047129][ T6216] ? __pfx___sched_setaffinity+0x10/0x10 [ 97.047163][ T6216] ipcget+0xee/0xf50 [ 97.047190][ T6216] ? do_futex+0x192/0x350 [ 97.047224][ T6216] ? __pfx_do_futex+0x10/0x10 [ 97.047258][ T6216] ? sched_setaffinity+0xe0/0x400 [ 97.047283][ T6216] ? __might_fault+0xc5/0x140 [ 97.047320][ T6216] ? __pfx_ipcget+0x10/0x10 [ 97.047350][ T6216] ? __x64_sys_futex+0x34f/0x4d0 [ 97.047379][ T6216] ? __x64_sys_futex+0x358/0x4d0 [ 97.047420][ T6216] __x64_sys_shmget+0x13b/0x1b0 [ 97.047449][ T6216] ? __pfx___x64_sys_shmget+0x10/0x10 [ 97.047486][ T6216] do_syscall_64+0x106/0xf80 [ 97.047515][ T6216] ? clear_bhb_loop+0x40/0x90 [ 97.047548][ T6216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.047575][ T6216] RIP: 0033:0x7f609159c799 [ 97.047598][ T6216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 97.047625][ T6216] RSP: 002b:00007f608f7f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 97.047660][ T6216] RAX: ffffffffffffffda RBX: 00007f6091816180 RCX: 00007f609159c799 [ 97.047679][ T6216] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 97.047697][ T6216] RBP: 00007f6091632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 97.047717][ T6216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 97.047732][ T6216] R13: 00007f6091816218 R14: 00007f6091816180 R15: 00007ffcf81bdcc8 [ 97.047767][ T6216] [ 99.683216][ T6293] openvswitch: netlink: IP tunnel TTL not specified. [ 100.257146][ T6306] mmap: syz.2.74 (6306) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 102.834352][ T5830] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 103.623867][ T6422] Invalid ELF header magic: != ELF [ 104.086744][ T6430] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 105.734915][ T6455] zswap: compressor not available [ 107.230141][ T6485] netlink: 28 bytes leftover after parsing attributes in process `syz.1.107'. [ 107.263863][ T6489] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.302884][ T6492] netlink: 28 bytes leftover after parsing attributes in process `syz.2.108'. [ 107.407766][ T6485] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.556487][ T6485] bridge_slave_1 (unregistering): left allmulticast mode [ 107.597035][ T6485] bridge_slave_1 (unregistering): left promiscuous mode [ 107.619573][ T6485] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.964763][ T6505] ubi0: attaching mtd0 [ 107.977406][ T6505] ubi0: scanning is finished [ 107.982073][ T6505] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 108.289002][ T6505] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 108.360704][ T6516] netlink: 16 bytes leftover after parsing attributes in process `syz.3.114'. [ 108.520579][ T6520] usb usb24: usbfs: process 6520 (syz.1.113) did not claim interface 0 before use [ 109.149653][ T30] audit: type=1807 audit(2147502015.607:4): UNKNOWN=òÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿ [ 109.151273][ T30] audit: type=1802 audit(2147502015.607:5): pid=6523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.115" res=0 errno=0 [ 109.454396][ T6519] ima: policy update failed [ 109.469900][ T30] audit: type=1802 audit(2147502015.917:6): pid=6519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.115" res=0 errno=0 [ 109.852337][ T6532] FAULT_INJECTION: forcing a failure. [ 109.852337][ T6532] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 109.892256][ T6532] CPU: 0 UID: 0 PID: 6532 Comm: syz.1.118 Tainted: G L syzkaller #0 PREEMPT(full) [ 109.892299][ T6532] Tainted: [L]=SOFTLOCKUP [ 109.892309][ T6532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 109.892322][ T6532] Call Trace: [ 109.892330][ T6532] [ 109.892339][ T6532] dump_stack_lvl+0x100/0x190 [ 109.892385][ T6532] should_fail_ex.cold+0x5/0xa [ 109.892418][ T6532] _copy_from_user+0x2e/0xd0 [ 109.892459][ T6532] io_uring_setup+0xc0/0x160 [ 109.892492][ T6532] ? __pfx_io_uring_setup+0x10/0x10 [ 109.892525][ T6532] ? do_futex+0x192/0x350 [ 109.892561][ T6532] ? __pfx_do_futex+0x10/0x10 [ 109.892613][ T6532] ? xfd_validate_state+0x129/0x190 [ 109.892669][ T6532] __x64_sys_io_uring_setup+0xc2/0x170 [ 109.892702][ T6532] do_syscall_64+0x106/0xf80 [ 109.892733][ T6532] ? clear_bhb_loop+0x40/0x90 [ 109.892768][ T6532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.892795][ T6532] RIP: 0033:0x7fa687b9c799 [ 109.892816][ T6532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 109.892841][ T6532] RSP: 002b:00007fa688ac3028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 109.892866][ T6532] RAX: ffffffffffffffda RBX: 00007fa687e15fa0 RCX: 00007fa687b9c799 [ 109.892882][ T6532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 109.892898][ T6532] RBP: 00007fa687c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 109.892914][ T6532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 109.892929][ T6532] R13: 00007fa687e16038 R14: 00007fa687e15fa0 R15: 00007ffca3fa0fc8 [ 109.892965][ T6532] [ 110.245232][ T6534] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 112.079034][ T6586] netlink: 4 bytes leftover after parsing attributes in process `syz.0.130'. [ 112.121724][ T6586] netlink: 'syz.0.130': attribute type 2 has an invalid length. [ 112.154353][ T6586] netlink: 'syz.0.130': attribute type 3 has an invalid length. [ 112.184422][ T6586] netlink: 51505 bytes leftover after parsing attributes in process `syz.0.130'. [ 113.323258][ T6625] can: request_module (can-proto-0) failed. [ 115.362930][ T6671] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 115.626812][ T6682] bond0: invalid ARP target specified [ 116.750540][ T6707] netlink: 12 bytes leftover after parsing attributes in process `syz.2.151'. [ 118.166557][ T6742] could not allocate digest TFM handle  [ 119.037729][ T6781] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 119.043856][ T6781] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 119.052025][ T6781] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 119.082072][ T6781] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 119.907150][ T6832] netlink: 12 bytes leftover after parsing attributes in process `syz.2.168'. [ 120.306793][ T6811] random: crng reseeded on system resumption [ 120.873244][ T5830] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 120.873281][ T5830] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 120.889289][ T5830] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 120.889352][ T5830] Bluetooth: hci3: adv larger than maximum supported [ 120.898623][ T5830] Bluetooth: hci3: adv larger than maximum supported [ 120.905431][ T5830] Bluetooth: hci3: Malformed LE Event: 0x0d [ 121.074687][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.074706][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.080776][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 121.154521][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.958071][ T6881] netlink: 'syz.2.181': attribute type 16 has an invalid length. [ 121.982282][ T6881] netlink: 50 bytes leftover after parsing attributes in process `syz.2.181'. [ 122.014694][ T6881] netlink: 'syz.2.181': attribute type 16 has an invalid length. [ 122.022472][ T6881] netlink: 50 bytes leftover after parsing attributes in process `syz.2.181'. [ 122.300777][ T6892] FAULT_INJECTION: forcing a failure. [ 122.300777][ T6892] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 122.435443][ T6892] CPU: 1 UID: 0 PID: 6892 Comm: syz.3.183 Tainted: G L syzkaller #0 PREEMPT(full) [ 122.435488][ T6892] Tainted: [L]=SOFTLOCKUP [ 122.435498][ T6892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 122.435514][ T6892] Call Trace: [ 122.435523][ T6892] [ 122.435534][ T6892] dump_stack_lvl+0x100/0x190 [ 122.435585][ T6892] should_fail_ex.cold+0x5/0xa [ 122.435616][ T6892] _copy_from_user+0x2e/0xd0 [ 122.435655][ T6892] copy_msghdr_from_user+0x9f/0x4f0 [ 122.435695][ T6892] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 122.435735][ T6892] ? __pfx_futex_wake_mark+0x10/0x10 [ 122.435775][ T6892] ___sys_sendmsg+0x106/0x1e0 [ 122.435816][ T6892] ? __pfx____sys_sendmsg+0x10/0x10 [ 122.435894][ T6892] __sys_sendmsg+0x170/0x220 [ 122.435925][ T6892] ? __pfx___sys_sendmsg+0x10/0x10 [ 122.435953][ T6892] ? __x64_sys_futex+0x34f/0x4d0 [ 122.436003][ T6892] do_syscall_64+0x106/0xf80 [ 122.436033][ T6892] ? clear_bhb_loop+0x40/0x90 [ 122.436066][ T6892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.436092][ T6892] RIP: 0033:0x7f609159c799 [ 122.436123][ T6892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 122.436149][ T6892] RSP: 002b:00007f6092386028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 122.436179][ T6892] RAX: ffffffffffffffda RBX: 00007f6091816090 RCX: 00007f609159c799 [ 122.436197][ T6892] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 0000000000000004 [ 122.436214][ T6892] RBP: 00007f6091632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 122.436231][ T6892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.436254][ T6892] R13: 00007f6091816128 R14: 00007f6091816090 R15: 00007ffcf81bdcc8 [ 122.436291][ T6892] [ 122.441071][ T6890] netlink: 32 bytes leftover after parsing attributes in process `syz.3.183'. [ 122.773862][ T6905] Lens A: ================= START STATUS ================= [ 122.787753][ T6905] Lens A: Focus, Absolute: 0 [ 122.819672][ T6905] Lens A: ================== END STATUS ================== [ 122.870789][ T6905] Lens A: ================= START STATUS ================= [ 122.958332][ T6905] Lens A: Focus, Absolute: 0 [ 122.962985][ T6905] Lens A: ================== END STATUS ================== [ 123.203562][ T6914] input: f¬ as /devices/virtual/input/input6 [ 125.599138][ T6962] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input7 [ 126.126068][ T6975] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 126.174435][ T6975] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 126.245644][ T6975] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 126.309857][ T6975] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 128.618348][ T7032] FAULT_INJECTION: forcing a failure. [ 128.618348][ T7032] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 128.694467][ T7032] CPU: 1 UID: 0 PID: 7032 Comm: syz.3.214 Tainted: G L syzkaller #0 PREEMPT(full) [ 128.694510][ T7032] Tainted: [L]=SOFTLOCKUP [ 128.694519][ T7032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 128.694534][ T7032] Call Trace: [ 128.694542][ T7032] [ 128.694552][ T7032] dump_stack_lvl+0x100/0x190 [ 128.694594][ T7032] should_fail_ex.cold+0x5/0xa [ 128.694621][ T7032] ? prepare_alloc_pages+0x16d/0x5f0 [ 128.694652][ T7032] should_fail_alloc_page+0xeb/0x140 [ 128.694680][ T7032] prepare_alloc_pages+0x1f0/0x5f0 [ 128.694709][ T7032] ? unwind_get_return_address+0x59/0xa0 [ 128.694740][ T7032] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 128.694787][ T7032] ? stack_trace_save+0x8e/0xc0 [ 128.694813][ T7032] ? __pfx_stack_trace_save+0x10/0x10 [ 128.694838][ T7032] ? stack_depot_save_flags+0x27/0x9d0 [ 128.694882][ T7032] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 128.694922][ T7032] ? kasan_save_stack+0x3f/0x50 [ 128.694968][ T7032] ? kasan_save_track+0x14/0x30 [ 128.695006][ T7032] ? __kasan_slab_alloc+0x89/0x90 [ 128.695043][ T7032] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 128.695078][ T7032] ? __pmd_alloc+0xbf/0x9c0 [ 128.695102][ T7032] ? __handle_mm_fault+0xa99/0x2b60 [ 128.695133][ T7032] ? handle_mm_fault+0x36d/0xa20 [ 128.695164][ T7032] ? __get_user_pages+0xf9c/0x34d0 [ 128.695189][ T7032] ? faultin_page_range+0x1f1/0x9e0 [ 128.695217][ T7032] ? madvise_do_behavior+0x354/0x510 [ 128.695262][ T7032] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 128.695302][ T7032] ? policy_nodemask+0xed/0x4f0 [ 128.695327][ T7032] alloc_pages_mpol+0x1fb/0x550 [ 128.695350][ T7032] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 128.695383][ T7032] ? __pfx_filemap_map_pages+0x10/0x10 [ 128.695415][ T7032] alloc_pages_noprof+0x131/0x390 [ 128.695443][ T7032] pte_alloc_one+0x1e/0x3e0 [ 128.695473][ T7032] __do_fault+0x359/0x550 [ 128.695514][ T7032] ? __pfx_filemap_map_pages+0x10/0x10 [ 128.695550][ T7032] do_fault+0x2db/0x1950 [ 128.695578][ T7032] ? __pmd_alloc+0x6aa/0x9c0 [ 128.695611][ T7032] __handle_mm_fault+0x180f/0x2b60 [ 128.695657][ T7032] ? __pfx___handle_mm_fault+0x10/0x10 [ 128.695689][ T7032] ? find_held_lock+0x2b/0x80 [ 128.695714][ T7032] ? mtree_load+0x311/0xa40 [ 128.695745][ T7032] ? mtree_load+0x311/0xa40 [ 128.695803][ T7032] handle_mm_fault+0x36d/0xa20 [ 128.695845][ T7032] __get_user_pages+0xf9c/0x34d0 [ 128.695889][ T7032] ? __pfx___get_user_pages+0x10/0x10 [ 128.695935][ T7032] faultin_page_range+0x1f1/0x9e0 [ 128.695976][ T7032] madvise_do_behavior+0x354/0x510 [ 128.696012][ T7032] ? __pfx_madvise_do_behavior+0x10/0x10 [ 128.696066][ T7032] do_madvise+0x195/0x240 [ 128.696096][ T7032] ? __pfx_do_madvise+0x10/0x10 [ 128.696126][ T7032] ? do_futex+0x192/0x350 [ 128.696197][ T7032] __x64_sys_madvise+0xa9/0x110 [ 128.696227][ T7032] ? lockdep_hardirqs_on+0x78/0x100 [ 128.696258][ T7032] do_syscall_64+0x106/0xf80 [ 128.696288][ T7032] ? clear_bhb_loop+0x40/0x90 [ 128.696323][ T7032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.696351][ T7032] RIP: 0033:0x7f609159c799 [ 128.696372][ T7032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.696398][ T7032] RSP: 002b:00007f6092386028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 128.696424][ T7032] RAX: ffffffffffffffda RBX: 00007f6091816090 RCX: 00007f609159c799 [ 128.696443][ T7032] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 128.696460][ T7032] RBP: 00007f6091632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 128.696477][ T7032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.696494][ T7032] R13: 00007f6091816128 R14: 00007f6091816090 R15: 00007ffcf81bdcc8 [ 128.696534][ T7032] [ 131.728382][ T7091] loop6: detected capacity change from 0 to 8192 [ 132.842087][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.849844][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.709508][ T7126] futex_wake_op: syz.2.235 tries to shift op by -2048; fix this program [ 133.722135][ T7126] 0x000000000001-0x000000020000 : "" [ 133.740732][ T7126] ftl_cs: FTL header corrupt! [ 136.139461][ T7168] netlink: 'syz.2.245': attribute type 64 has an invalid length. [ 136.166502][ T7168] netlink: 74 bytes leftover after parsing attributes in process `syz.2.245'. [ 136.716004][ T7181] netlink: 146 bytes leftover after parsing attributes in process `syz.3.246'. [ 136.796905][ T7172] netlink: 'syz.1.248': attribute type 1 has an invalid length. [ 137.636500][ T7206] netlink: zone id is out of range [ 137.641657][ T7206] netlink: zone id is out of range [ 137.674399][ T7206] netlink: zone id is out of range [ 137.684734][ T7206] netlink: zone id is out of range [ 137.702833][ T7206] netlink: zone id is out of range [ 137.708646][ T7206] netlink: zone id is out of range [ 137.714814][ T7206] netlink: zone id is out of range [ 137.937376][ T7206] netlink: zone id is out of range [ 137.942618][ T7206] netlink: zone id is out of range [ 138.019523][ T7206] netlink: zone id is out of range [ 138.609850][ T7229] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 138.649745][ T7224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 138.702482][ T7224] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 138.734338][ T7224] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 138.834602][ T7224] page_type: f5(slab) [ 138.834633][ T7224] raw: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122 [ 138.834658][ T7224] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 138.834684][ T7224] head: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122 [ 138.834708][ T7224] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 138.834733][ T7224] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 138.834766][ T7224] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 138.834782][ T7224] page dumped because: unmovable page [ 138.834796][ T7224] page_owner tracks the page as allocated [ 138.834806][ T7224] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5192, tgid 5192 (udevd), ts 33561542261, free_ts 24008276150 [ 138.834853][ T7224] post_alloc_hook+0x153/0x170 [ 138.834888][ T7224] get_page_from_freelist+0x111d/0x3140 [ 138.834922][ T7224] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 138.834957][ T7224] new_slab+0xa6/0x6d0 [ 138.834984][ T7224] refill_objects+0x26b/0x400 [ 138.835014][ T7224] __pcs_replace_empty_main+0x19f/0x600 [ 138.835048][ T7224] __kmalloc_noprof+0x688/0x850 [ 138.835081][ T7224] tomoyo_realpath_from_path+0xb6/0x690 [ 138.835109][ T7224] tomoyo_check_open_permission+0x2af/0x3c0 [ 138.835146][ T7224] tomoyo_file_open+0x6b/0x90 [ 138.835175][ T7224] security_file_open+0xb5/0x1e0 [ 138.835199][ T7224] do_dentry_open+0x5aa/0x1660 [ 138.835236][ T7224] vfs_open+0x82/0x3f0 [ 138.835263][ T7224] path_openat+0x208c/0x31a0 [ 138.835286][ T7224] do_file_open+0x20e/0x430 [ 138.835309][ T7224] do_sys_openat2+0x10d/0x1e0 [ 138.835337][ T7224] page last free pid 1 tgid 1 stack trace: [ 138.835352][ T7224] __free_frozen_pages+0x7e1/0x10d0 [ 138.835379][ T7224] free_contig_range+0xde/0x1d0 [ 138.835405][ T7224] destroy_args+0xa8/0x7a0 [ 138.835434][ T7224] debug_vm_pgtable+0x1b66/0x34c0 [ 138.847365][ T7224] do_one_initcall+0x11d/0x760 [ 138.847401][ T7224] kernel_init_freeable+0x6e5/0x7a0 [ 138.847434][ T7224] kernel_init+0x1f/0x1e0 [ 138.847467][ T7224] ret_from_fork+0x754/0xd80 [ 138.847502][ T7224] ret_from_fork_asm+0x1a/0x30 [ 138.935864][ T7227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 138.935897][ T7227] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 138.935918][ T7227] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 138.935943][ T7227] page_type: f5(slab) [ 138.935966][ T7227] raw: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122 [ 138.935991][ T7227] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 138.936017][ T7227] head: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122 [ 138.936041][ T7227] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 138.936066][ T7227] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 138.936091][ T7227] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 138.936107][ T7227] page dumped because: unmovable page [ 138.936120][ T7227] page_owner tracks the page as allocated [ 138.936131][ T7227] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5192, tgid 5192 (udevd), ts 33561542261, free_ts 24008276150 [ 138.936175][ T7227] post_alloc_hook+0x153/0x170 [ 138.936210][ T7227] get_page_from_freelist+0x111d/0x3140 [ 138.936244][ T7227] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 138.936278][ T7227] new_slab+0xa6/0x6d0 [ 138.936305][ T7227] refill_objects+0x26b/0x400 [ 138.936336][ T7227] __pcs_replace_empty_main+0x19f/0x600 [ 138.936370][ T7227] __kmalloc_noprof+0x688/0x850 [ 138.936402][ T7227] tomoyo_realpath_from_path+0xb6/0x690 [ 138.936428][ T7227] tomoyo_check_open_permission+0x2af/0x3c0 [ 138.936465][ T7227] tomoyo_file_open+0x6b/0x90 [ 138.936494][ T7227] security_file_open+0xb5/0x1e0 [ 138.936518][ T7227] do_dentry_open+0x5aa/0x1660 [ 138.936555][ T7227] vfs_open+0x82/0x3f0 [ 138.936583][ T7227] path_openat+0x208c/0x31a0 [ 138.936606][ T7227] do_file_open+0x20e/0x430 [ 138.936629][ T7227] do_sys_openat2+0x10d/0x1e0 [ 138.936657][ T7227] page last free pid 1 tgid 1 stack trace: [ 138.936671][ T7227] __free_frozen_pages+0x7e1/0x10d0 [ 138.936699][ T7227] free_contig_range+0xde/0x1d0 [ 138.936734][ T7227] destroy_args+0xa8/0x7a0 [ 138.936765][ T7227] debug_vm_pgtable+0x1b66/0x34c0 [ 138.936796][ T7227] do_one_initcall+0x11d/0x760 [ 138.936823][ T7227] kernel_init_freeable+0x6e5/0x7a0 [ 138.936854][ T7227] kernel_init+0x1f/0x1e0 [ 138.936888][ T7227] ret_from_fork+0x754/0xd80 [ 138.936921][ T7227] ret_from_fork_asm+0x1a/0x30 [ 139.857444][ T5830] block nbd0: Receive control failed (result -32) [ 140.263766][ T5830] Bluetooth: hci3: unexpected event 0x03 length: 123 > 11 [ 142.084171][ T7330] netlink: 28 bytes leftover after parsing attributes in process `syz.0.277'. [ 143.395922][ T7357] FAULT_INJECTION: forcing a failure. [ 143.395922][ T7357] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.469620][ T7359] capability: warning: `syz.2.281' uses 32-bit capabilities (legacy support in use) [ 143.505690][ T7357] CPU: 1 UID: 0 PID: 7357 Comm: syz.2.281 Tainted: G L syzkaller #0 PREEMPT(full) [ 143.505729][ T7357] Tainted: [L]=SOFTLOCKUP [ 143.505738][ T7357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 143.505752][ T7357] Call Trace: [ 143.505760][ T7357] [ 143.505769][ T7357] dump_stack_lvl+0x100/0x190 [ 143.505810][ T7357] should_fail_ex.cold+0x5/0xa [ 143.505840][ T7357] _copy_from_user+0x2e/0xd0 [ 143.505879][ T7357] __x64_sys_sethostname+0x197/0x330 [ 143.505913][ T7357] ? __pfx___x64_sys_sethostname+0x10/0x10 [ 143.505961][ T7357] do_syscall_64+0x106/0xf80 [ 143.505988][ T7357] ? clear_bhb_loop+0x40/0x90 [ 143.506020][ T7357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.506046][ T7357] RIP: 0033:0x7ff04099c799 [ 143.506067][ T7357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 143.506090][ T7357] RSP: 002b:00007ff0417db028 EFLAGS: 00000246 ORIG_RAX: 00000000000000aa [ 143.506114][ T7357] RAX: ffffffffffffffda RBX: 00007ff040c15fa0 RCX: 00007ff04099c799 [ 143.506131][ T7357] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 143.506145][ T7357] RBP: 00007ff040a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 143.506160][ T7357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.506175][ T7357] R13: 00007ff040c16038 R14: 00007ff040c15fa0 R15: 00007ffe614ad7b8 [ 143.506209][ T7357] [ 144.190623][ T7380] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 144.702417][ T7390] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 144.829950][ T7380] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 145.732544][ T7419] net_ratelimit: 14 callbacks suppressed [ 145.732567][ T7419] netlink: zone id is out of range [ 145.763799][ T7419] netlink: zone id is out of range [ 145.769745][ T7419] netlink: zone id is out of range [ 145.779601][ T7419] netlink: zone id is out of range [ 145.796760][ T7419] netlink: zone id is out of range [ 145.926165][ T7419] netlink: set zone limit has 8 unknown bytes [ 147.356078][ T7462] netlink: 252 bytes leftover after parsing attributes in process `syz.1.310'. [ 149.145343][ T7498] netlink: 314 bytes leftover after parsing attributes in process `syz.1.317'. [ 150.238155][ T7537] bridge0: port 2(team0) entered blocking state [ 150.268660][ T7513] netlink: 40 bytes leftover after parsing attributes in process `syz.2.320'. [ 150.282557][ T7537] bridge0: port 2(team0) entered disabled state [ 150.291822][ T7537] team0: entered allmulticast mode [ 150.316339][ T7537] team_slave_0: entered allmulticast mode [ 150.348266][ T7537] team_slave_1: entered allmulticast mode [ 150.369851][ T7537] team0: entered promiscuous mode [ 150.375030][ T7537] team_slave_0: entered promiscuous mode [ 150.380951][ T7537] team_slave_1: entered promiscuous mode [ 150.387900][ T7537] bridge0: port 2(team0) entered blocking state [ 150.394304][ T7537] bridge0: port 2(team0) entered forwarding state [ 151.305377][ T7550] __vm_enough_memory: pid: 7550, comm: syz.3.328, bytes: 4398046511104 not enough memory for the allocation [ 151.340135][ T7551] futex_wake_op: syz.1.329 tries to shift op by -2048; fix this program [ 151.401317][ T7553] 0x000000000001-0x000000040001 : "" [ 151.407010][ T7553] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1ffff [ 151.434106][ T7553] ftl_cs: FTL header corrupt! [ 151.663819][ T30] audit: type=1800 audit(2147502058.117:7): pid=7559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.330" name="dbroot" dev="configfs" ino=17552 res=0 errno=0 [ 151.667520][ T7559] netlink: 28 bytes leftover after parsing attributes in process `syz.2.330'. [ 151.757889][ T7559] team0: Port device team_slave_1 removed [ 152.563479][ T30] audit: type=1800 audit(2147502059.017:8): pid=7571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.331" name="features" dev="configfs" ino=17609 res=0 errno=0 [ 154.584956][ T7617] MTRR 1 not used [ 154.628222][ T7624] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 154.767121][ T7624] warning: `syz.0.345' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 156.060751][ T7647] FAULT_INJECTION: forcing a failure. [ 156.060751][ T7647] name failslab, interval 1, probability 0, space 0, times 0 [ 156.077583][ T7647] CPU: 0 UID: 0 PID: 7647 Comm: syz.3.347 Tainted: G L syzkaller #0 PREEMPT(full) [ 156.077619][ T7647] Tainted: [L]=SOFTLOCKUP [ 156.077625][ T7647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 156.077634][ T7647] Call Trace: [ 156.077639][ T7647] [ 156.077646][ T7647] dump_stack_lvl+0x100/0x190 [ 156.077674][ T7647] should_fail_ex.cold+0x5/0xa [ 156.077692][ T7647] should_failslab+0xc2/0x120 [ 156.077707][ T7647] __kmalloc_cache_noprof+0x7a/0x6f0 [ 156.077725][ T7647] ? refill_pi_state_cache+0x91/0x260 [ 156.077751][ T7647] refill_pi_state_cache+0x91/0x260 [ 156.077773][ T7647] futex_lock_pi+0x177/0x7b0 [ 156.077796][ T7647] ? __pfx_futex_lock_pi+0x10/0x10 [ 156.077818][ T7647] ? __pfx___futex_wait+0x10/0x10 [ 156.077856][ T7647] ? __pfx_futex_wake_mark+0x10/0x10 [ 156.077880][ T7647] ? __might_fault+0x111/0x140 [ 156.077900][ T7647] ? do_vfs_ioctl+0x226/0x13e0 [ 156.077921][ T7647] do_futex+0x18a/0x350 [ 156.077940][ T7647] ? __pfx_do_futex+0x10/0x10 [ 156.077959][ T7647] ? find_held_lock+0x2b/0x80 [ 156.077975][ T7647] __x64_sys_futex+0x34f/0x4d0 [ 156.077996][ T7647] ? __pfx___x64_sys_futex+0x10/0x10 [ 156.078021][ T7647] do_syscall_64+0x106/0xf80 [ 156.078037][ T7647] ? clear_bhb_loop+0x40/0x90 [ 156.078055][ T7647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.078070][ T7647] RIP: 0033:0x7f609159c799 [ 156.078089][ T7647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 156.078104][ T7647] RSP: 002b:00007f6092386028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 156.078119][ T7647] RAX: ffffffffffffffda RBX: 00007f6091816090 RCX: 00007f609159c799 [ 156.078129][ T7647] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 156.078138][ T7647] RBP: 00007f6091632bd9 R08: 0000000000000000 R09: 000000008000fff5 [ 156.078147][ T7647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.078156][ T7647] R13: 00007f6091816128 R14: 00007f6091816090 R15: 00007ffcf81bdcc8 [ 156.078176][ T7647] [ 156.820052][ T7672] netlink: 330 bytes leftover after parsing attributes in process `syz.1.351'. [ 156.922942][ T7677] FAULT_INJECTION: forcing a failure. [ 156.922942][ T7677] name fail_futex, interval 1, probability 0, space 0, times 1 [ 156.935886][ T7677] CPU: 1 UID: 0 PID: 7677 Comm: syz.1.351 Tainted: G L syzkaller #0 PREEMPT(full) [ 156.935933][ T7677] Tainted: [L]=SOFTLOCKUP [ 156.935944][ T7677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 156.935961][ T7677] Call Trace: [ 156.935970][ T7677] [ 156.935981][ T7677] dump_stack_lvl+0x100/0x190 [ 156.936030][ T7677] should_fail_ex.cold+0x5/0xa [ 156.936066][ T7677] get_futex_key+0x1d2/0x1620 [ 156.936105][ T7677] ? __pfx_get_futex_key+0x10/0x10 [ 156.936137][ T7677] ? kasan_quarantine_put+0x104/0x240 [ 156.936177][ T7677] ? lockdep_hardirqs_on+0x78/0x100 [ 156.936219][ T7677] futex_wake+0xea/0x530 [ 156.936267][ T7677] ? path_setxattrat+0x21c/0x3b0 [ 156.936294][ T7677] ? __pfx_futex_wake+0x10/0x10 [ 156.936338][ T7677] ? __pfx_poll_select_finish+0x10/0x10 [ 156.936385][ T7677] do_futex+0x32b/0x350 [ 156.936421][ T7677] ? __pfx_do_futex+0x10/0x10 [ 156.936467][ T7677] __x64_sys_futex+0x34f/0x4d0 [ 156.936508][ T7677] ? __pfx___x64_sys_futex+0x10/0x10 [ 156.936558][ T7677] do_syscall_64+0x106/0xf80 [ 156.936589][ T7677] ? clear_bhb_loop+0x40/0x90 [ 156.936624][ T7677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.936653][ T7677] RIP: 0033:0x7fa687b9c799 [ 156.936677][ T7677] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 156.936704][ T7677] RSP: 002b:00007fa688aa20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 156.936732][ T7677] RAX: ffffffffffffffda RBX: 00007fa687e16098 RCX: 00007fa687b9c799 [ 156.936751][ T7677] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa687e1609c [ 156.936768][ T7677] RBP: 00007fa687e16090 R08: 0000000000000000 R09: 0000000000000000 [ 156.936785][ T7677] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 156.936802][ T7677] R13: 00007fa687e16128 R14: 00007ffca3fa0ee0 R15: 00007ffca3fa0fc8 [ 156.936840][ T7677] [ 158.225886][ T7699] FAULT_INJECTION: forcing a failure. [ 158.225886][ T7699] name fail_futex, interval 1, probability 0, space 0, times 0 [ 158.264588][ T7699] CPU: 1 UID: 0 PID: 7699 Comm: syz.3.358 Tainted: G L syzkaller #0 PREEMPT(full) [ 158.264625][ T7699] Tainted: [L]=SOFTLOCKUP [ 158.264634][ T7699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 158.264647][ T7699] Call Trace: [ 158.264654][ T7699] [ 158.264663][ T7699] dump_stack_lvl+0x100/0x190 [ 158.264705][ T7699] should_fail_ex.cold+0x5/0xa [ 158.264735][ T7699] get_futex_key+0x1d2/0x1620 [ 158.264769][ T7699] ? __pfx_get_futex_key+0x10/0x10 [ 158.264810][ T7699] futex_wake+0xea/0x530 [ 158.264866][ T7699] ? __pfx_futex_wake+0x10/0x10 [ 158.264907][ T7699] ? errseq_sample+0x51/0x70 [ 158.264943][ T7699] ? file_init_path+0x48e/0x670 [ 158.264977][ T7699] do_futex+0x32b/0x350 [ 158.265008][ T7699] ? __pfx_do_futex+0x10/0x10 [ 158.265039][ T7699] ? fd_install+0x223/0x580 [ 158.265082][ T7699] __x64_sys_futex+0x34f/0x4d0 [ 158.265122][ T7699] ? __sys_socket+0xac/0x260 [ 158.265159][ T7699] ? __pfx___x64_sys_futex+0x10/0x10 [ 158.265204][ T7699] do_syscall_64+0x106/0xf80 [ 158.265233][ T7699] ? clear_bhb_loop+0x40/0x90 [ 158.265263][ T7699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.265289][ T7699] RIP: 0033:0x7f609159c799 [ 158.265310][ T7699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 158.265333][ T7699] RSP: 002b:00007f60923a70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 158.265356][ T7699] RAX: ffffffffffffffda RBX: 00007f6091815fa8 RCX: 00007f609159c799 [ 158.265374][ T7699] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6091815fac [ 158.265389][ T7699] RBP: 00007f6091815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 158.265405][ T7699] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 158.265419][ T7699] R13: 00007f6091816038 R14: 00007ffcf81bdbe0 R15: 00007ffcf81bdcc8 [ 158.265453][ T7699] [ 158.752943][ T7706] FAULT_INJECTION: forcing a failure. [ 158.752943][ T7706] name failslab, interval 1, probability 0, space 0, times 0 [ 158.766301][ T7706] CPU: 1 UID: 0 PID: 7706 Comm: syz.3.359 Tainted: G L syzkaller #0 PREEMPT(full) [ 158.766347][ T7706] Tainted: [L]=SOFTLOCKUP [ 158.766357][ T7706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 158.766374][ T7706] Call Trace: [ 158.766383][ T7706] [ 158.766394][ T7706] dump_stack_lvl+0x100/0x190 [ 158.766443][ T7706] should_fail_ex.cold+0x5/0xa [ 158.766478][ T7706] should_failslab+0xc2/0x120 [ 158.766506][ T7706] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 158.766548][ T7706] ? snd_timer_instance_new+0x65/0x2e0 [ 158.766594][ T7706] kstrdup+0x51/0xe0 [ 158.766634][ T7706] snd_timer_instance_new+0x65/0x2e0 [ 158.766673][ T7706] snd_seq_timer_open+0x1d4/0x600 [ 158.766709][ T7706] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 158.766753][ T7706] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 158.766783][ T7706] ? lockdep_hardirqs_on+0x78/0x100 [ 158.766814][ T7706] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 158.766848][ T7706] queue_use+0xdc/0x1f0 [ 158.766889][ T7706] snd_seq_queue_alloc+0x2e5/0x590 [ 158.766940][ T7706] snd_seq_ioctl_create_queue+0xa9/0x370 [ 158.766978][ T7706] call_seq_client_ctl+0xa3/0x130 [ 158.767017][ T7706] snd_seq_kernel_client_ctl+0x77/0xd0 [ 158.767056][ T7706] alloc_seq_queue+0xdb/0x180 [ 158.767094][ T7706] ? __pfx_alloc_seq_queue+0x10/0x10 [ 158.767160][ T7706] ? mark_held_locks+0x40/0x70 [ 158.767191][ T7706] ? _raw_spin_unlock_irq+0x23/0x50 [ 158.767216][ T7706] ? lockdep_hardirqs_on+0x78/0x100 [ 158.767250][ T7706] snd_seq_oss_open+0x2b2/0xa10 [ 158.767294][ T7706] odev_open+0x79/0xc0 [ 158.767326][ T7706] ? __pfx_odev_open+0x10/0x10 [ 158.767359][ T7706] soundcore_open+0x2e3/0x5a0 [ 158.767400][ T7706] ? __pfx_soundcore_open+0x10/0x10 [ 158.767437][ T7706] chrdev_open+0x234/0x6a0 [ 158.767463][ T7706] ? __pfx_apparmor_file_open+0x10/0x10 [ 158.767501][ T7706] ? __pfx_chrdev_open+0x10/0x10 [ 158.767529][ T7706] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 158.767583][ T7706] do_dentry_open+0x6d8/0x1660 [ 158.767626][ T7706] ? __pfx_chrdev_open+0x10/0x10 [ 158.767662][ T7706] vfs_open+0x82/0x3f0 [ 158.767699][ T7706] path_openat+0x208c/0x31a0 [ 158.767740][ T7706] ? __pfx_path_openat+0x10/0x10 [ 158.767781][ T7706] do_file_open+0x20e/0x430 [ 158.767810][ T7706] ? __pfx_do_file_open+0x10/0x10 [ 158.767862][ T7706] ? alloc_fd+0x476/0x790 [ 158.767907][ T7706] ? do_getname+0x191/0x390 [ 158.767941][ T7706] do_sys_openat2+0x10d/0x1e0 [ 158.767983][ T7706] ? __pfx_do_sys_openat2+0x10/0x10 [ 158.768021][ T7706] ? __fget_files+0x21f/0x3d0 [ 158.768072][ T7706] __x64_sys_openat+0x12d/0x210 [ 158.768228][ T7706] ? __pfx___x64_sys_openat+0x10/0x10 [ 158.768294][ T7706] do_syscall_64+0x106/0xf80 [ 158.768326][ T7706] ? clear_bhb_loop+0x40/0x90 [ 158.768363][ T7706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.768390][ T7706] RIP: 0033:0x7f609159c799 [ 158.768413][ T7706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 158.768437][ T7706] RSP: 002b:00007f60923a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 158.768462][ T7706] RAX: ffffffffffffffda RBX: 00007f6091815fa0 RCX: 00007f609159c799 [ 158.768480][ T7706] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 158.768498][ T7706] RBP: 00007f6091632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 158.768512][ T7706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.768526][ T7706] R13: 00007f6091816038 R14: 00007f6091815fa0 R15: 00007ffcf81bdcc8 [ 158.768557][ T7706] [ 159.731124][ T7710] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input11 [ 161.104854][ T7734] nvme_fabrics: missing parameter 'transport=%s' [ 161.115312][ T7734] nvme_fabrics: missing parameter 'nqn=%s' [ 161.230403][ T7731] nvme_fabrics: missing parameter 'transport=%s' [ 161.236925][ T7731] nvme_fabrics: missing parameter 'nqn=%s' [ 164.525703][ T7791] Debayer A: ================= START STATUS ================= [ 164.536317][ T7791] Debayer A: Debayer Mean Window Size: 3 [ 164.545453][ T7791] Debayer A: ================== END STATUS ================== [ 165.445731][ T7793] netlink: 342 bytes leftover after parsing attributes in process `syz.0.370'. [ 174.957138][ T7938] random: crng reseeded on system resumption [ 175.030024][ T7938] hub 1-0:1.0: USB hub found [ 175.099946][ T7938] hub 1-0:1.0: 1 port detected [ 176.340378][ T7948] netlink: 'syz.2.404': attribute type 33 has an invalid length. [ 176.815477][ T7948] netlink: 334 bytes leftover after parsing attributes in process `syz.2.404'. [ 177.303094][ T7967] zswap: compressor not available [ 179.233922][ T30] audit: type=1800 audit(2147502085.687:9): pid=8002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.414" name="dbroot" dev="configfs" ino=19829 res=0 errno=0 [ 179.306800][ T5831] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 179.324439][ T5831] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 179.332379][ T5831] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 179.348827][ T5831] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 179.370062][ T5831] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 181.252591][ T8003] chnl_net:caif_netlink_parms(): no params data found [ 181.394412][ T5831] Bluetooth: hci4: command tx timeout [ 181.846043][ T8003] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.902949][ T8003] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.948440][ T8003] bridge_slave_0: entered allmulticast mode [ 181.985481][ T8003] bridge_slave_0: entered promiscuous mode [ 182.197015][ T8003] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.234150][ T8003] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.265635][ T8003] bridge_slave_1: entered allmulticast mode [ 182.292398][ T8003] bridge_slave_1: entered promiscuous mode [ 182.522894][ T8003] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 182.578285][ T8003] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 182.738252][ T8003] team0: Port device team_slave_0 added [ 182.770474][ T8003] team0: Port device team_slave_1 added [ 182.887621][ T8003] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 182.934918][ T8003] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 183.044278][ T8003] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 183.086687][ T8003] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 183.093653][ T8003] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 183.186161][ T8003] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 183.477470][ T5831] Bluetooth: hci4: command tx timeout [ 183.593741][ T8003] hsr_slave_0: entered promiscuous mode [ 183.600076][ T8003] hsr_slave_1: entered promiscuous mode [ 183.615117][ T8003] debugfs: 'hsr0' already exists in 'hsr' [ 183.631069][ T8003] Cannot create hsr debugfs directory [ 184.627844][ T8047] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 184.766750][ T8003] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 184.863546][ T8003] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 184.930429][ T8003] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 184.997263][ T8003] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 185.306231][ T8003] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.370115][ T8003] 8021q: adding VLAN 0 to HW filter on device team0 [ 185.428192][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.435566][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.459346][ T6346] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.466552][ T6346] bridge0: port 2(bridge_slave_1) entered forwarding state [ 185.554911][ T5831] Bluetooth: hci4: command tx timeout [ 185.677335][ T8062] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 186.093306][ T8003] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 186.263294][ T8069] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 187.203963][ T8003] veth0_vlan: entered promiscuous mode [ 187.269123][ T8003] veth1_vlan: entered promiscuous mode [ 187.397823][ T8003] veth0_macvtap: entered promiscuous mode [ 187.472756][ T8003] veth1_macvtap: entered promiscuous mode [ 187.578196][ T8003] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.636837][ T5831] Bluetooth: hci4: command tx timeout [ 187.648050][ T8003] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.755865][ T7664] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.790126][ T7664] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.864181][ T7664] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.961735][ T7656] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.194434][ T7655] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.222692][ T7655] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.314549][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.343243][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.527440][ T8148] zswap: compressor not available [ 190.601478][ T8172] netlink: 13 bytes leftover after parsing attributes in process `syz.0.446'. [ 190.798919][ T8175] netlink: 8 bytes leftover after parsing attributes in process `syz.4.447'. [ 192.177885][ T8185] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 192.869054][ T8203] netlink: Unknown conntrack attr (0) [ 194.031179][ T8214] netlink: 'syz.2.458': attribute type 10 has an invalid length. [ 194.039814][ T8214] netlink: 330 bytes leftover after parsing attributes in process `syz.2.458'. [ 194.281751][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.288158][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.634054][ T8192] kexec: Could not allocate control_code_buffer [ 197.020596][ T8256] netlink: 186 bytes leftover after parsing attributes in process `syz.2.464'. [ 198.467980][ T8284] FAULT_INJECTION: forcing a failure. [ 198.467980][ T8284] name failslab, interval 1, probability 0, space 0, times 0 [ 198.595438][ T8284] CPU: 1 UID: 0 PID: 8284 Comm: syz.4.469 Tainted: G L syzkaller #0 PREEMPT(full) [ 198.595466][ T8284] Tainted: [L]=SOFTLOCKUP [ 198.595471][ T8284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 198.595483][ T8284] Call Trace: [ 198.595489][ T8284] [ 198.595498][ T8284] dump_stack_lvl+0x100/0x190 [ 198.595527][ T8284] should_fail_ex.cold+0x5/0xa [ 198.595545][ T8284] should_failslab+0xc2/0x120 [ 198.595560][ T8284] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 198.595581][ T8284] ? security_inode_alloc+0x3b/0x2c0 [ 198.595603][ T8284] ? lockdep_init_map_type+0x5c/0x250 [ 198.595624][ T8284] security_inode_alloc+0x3b/0x2c0 [ 198.595646][ T8284] inode_init_always_gfp+0xced/0x1040 [ 198.595671][ T8284] alloc_inode+0x8e/0x250 [ 198.595688][ T8284] new_inode+0x22/0x1c0 [ 198.595707][ T8284] proc_pid_make_inode+0x22/0x160 [ 198.595728][ T8284] proc_pident_instantiate+0x85/0x310 [ 198.595749][ T8284] proc_pident_lookup+0x1e3/0x270 [ 198.595773][ T8284] __lookup_slow+0x251/0x460 [ 198.595791][ T8284] ? __pfx___lookup_slow+0x10/0x10 [ 198.595824][ T8284] lookup_slow+0x50/0x70 [ 198.595841][ T8284] link_path_walk+0x1377/0x1cc0 [ 198.595868][ T8284] path_openat+0x1be/0x31a0 [ 198.595881][ T8284] ? kasan_save_stack+0x3f/0x50 [ 198.595900][ T8284] ? kasan_save_stack+0x30/0x50 [ 198.595919][ T8284] ? kasan_save_track+0x14/0x30 [ 198.595939][ T8284] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 198.595964][ T8284] ? __pfx_path_openat+0x10/0x10 [ 198.595984][ T8284] do_file_open+0x20e/0x430 [ 198.595999][ T8284] ? __pfx_do_file_open+0x10/0x10 [ 198.596020][ T8284] ? __pfx_kfree_link+0x10/0x10 [ 198.596044][ T8284] ? alloc_fd+0x476/0x790 [ 198.596067][ T8284] ? do_getname+0x191/0x390 [ 198.596085][ T8284] do_sys_openat2+0x10d/0x1e0 [ 198.596103][ T8284] ? __pfx_do_sys_openat2+0x10/0x10 [ 198.596122][ T8284] ? __fget_files+0x21f/0x3d0 [ 198.596147][ T8284] __x64_sys_openat+0x12d/0x210 [ 198.596165][ T8284] ? __pfx___x64_sys_openat+0x10/0x10 [ 198.596190][ T8284] do_syscall_64+0x106/0xf80 [ 198.596206][ T8284] ? clear_bhb_loop+0x40/0x90 [ 198.596224][ T8284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.596238][ T8284] RIP: 0033:0x7f13eb19c799 [ 198.596253][ T8284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 198.596266][ T8284] RSP: 002b:00007f13ec00d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 198.596280][ T8284] RAX: ffffffffffffffda RBX: 00007f13eb416090 RCX: 00007f13eb19c799 [ 198.596290][ T8284] RDX: 0000000000008002 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 198.596299][ T8284] RBP: 00007f13eb232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 198.596307][ T8284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.596315][ T8284] R13: 00007f13eb416128 R14: 00007f13eb416090 R15: 00007ffee9c4b988 [ 198.596336][ T8284] [ 199.648043][ T8298] netlink: 8 bytes leftover after parsing attributes in process `syz.3.473'. [ 199.953997][ T8300] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 199.977758][ T8300] pci 0000:00:01.3: PCI INT A: no GSI [ 200.308367][ T8315] FAULT_INJECTION: forcing a failure. [ 200.308367][ T8315] name failslab, interval 1, probability 0, space 0, times 0 [ 200.355975][ T8315] CPU: 1 UID: 0 PID: 8315 Comm: syz.0.477 Tainted: G L syzkaller #0 PREEMPT(full) [ 200.356021][ T8315] Tainted: [L]=SOFTLOCKUP [ 200.356031][ T8315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 200.356047][ T8315] Call Trace: [ 200.356056][ T8315] [ 200.356067][ T8315] dump_stack_lvl+0x100/0x190 [ 200.356112][ T8315] should_fail_ex.cold+0x5/0xa [ 200.356143][ T8315] should_failslab+0xc2/0x120 [ 200.356170][ T8315] __kmalloc_cache_noprof+0x7a/0x6f0 [ 200.356205][ T8315] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 200.356251][ T8315] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 200.356299][ T8315] snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 200.356355][ T8315] ? snd_pcm_oss_sync+0x243/0x840 [ 200.356395][ T8315] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 200.356440][ T8315] ? __pfx___mutex_lock+0x10/0x10 [ 200.356493][ T8315] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 200.356537][ T8315] snd_pcm_oss_sync+0x265/0x840 [ 200.356585][ T8315] snd_pcm_oss_release+0x238/0x300 [ 200.356626][ T8315] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 200.356666][ T8315] __fput+0x3ff/0xb40 [ 200.356704][ T8315] task_work_run+0x150/0x240 [ 200.356745][ T8315] ? __pfx_task_work_run+0x10/0x10 [ 200.356792][ T8315] exit_to_user_mode_loop+0x100/0x4a0 [ 200.356831][ T8315] do_syscall_64+0x668/0xf80 [ 200.356861][ T8315] ? clear_bhb_loop+0x40/0x90 [ 200.356895][ T8315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.356923][ T8315] RIP: 0033:0x7f1f0b59c799 [ 200.356946][ T8315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 200.356982][ T8315] RSP: 002b:00007f1f0c47f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 200.357010][ T8315] RAX: 0000000000000000 RBX: 00007f1f0b815fa0 RCX: 00007f1f0b59c799 [ 200.357028][ T8315] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 200.357045][ T8315] RBP: 00007f1f0b632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 200.357062][ T8315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.357078][ T8315] R13: 00007f1f0b816038 R14: 00007f1f0b815fa0 R15: 00007fff12f0c5f8 [ 200.357115][ T8315] [ 200.850528][ T8321] netlink: 338 bytes leftover after parsing attributes in process `syz.3.478'. [ 201.086646][ T5831] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 201.096773][ T5831] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff [ 202.040767][ T8348] FAULT_INJECTION: forcing a failure. [ 202.040767][ T8348] name failslab, interval 1, probability 0, space 0, times 0 [ 202.082615][ T8348] CPU: 1 UID: 0 PID: 8348 Comm: syz.3.483 Tainted: G L syzkaller #0 PREEMPT(full) [ 202.082652][ T8348] Tainted: [L]=SOFTLOCKUP [ 202.082660][ T8348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 202.082672][ T8348] Call Trace: [ 202.082680][ T8348] [ 202.082688][ T8348] dump_stack_lvl+0x100/0x190 [ 202.082729][ T8348] should_fail_ex.cold+0x5/0xa [ 202.082760][ T8348] should_failslab+0xc2/0x120 [ 202.082785][ T8348] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 202.082819][ T8348] ? __kernfs_new_node+0xd2/0x960 [ 202.082869][ T8348] __kernfs_new_node+0xd2/0x960 [ 202.082907][ T8348] ? __pfx___kernfs_new_node+0x10/0x10 [ 202.082949][ T8348] ? find_held_lock+0x2b/0x80 [ 202.082972][ T8348] ? kernfs_root+0xee/0x2a0 [ 202.083002][ T8348] ? kernfs_root+0xee/0x2a0 [ 202.083043][ T8348] kernfs_new_node+0x11b/0x1a0 [ 202.083084][ T8348] __kernfs_create_file+0x53/0x350 [ 202.083116][ T8348] sysfs_add_file_mode_ns+0x207/0x3c0 [ 202.083156][ T8348] internal_create_group+0x593/0xf40 [ 202.083199][ T8348] ? __pfx_internal_create_group+0x10/0x10 [ 202.083239][ T8348] ? kernfs_create_link+0x1bd/0x240 [ 202.083272][ T8348] internal_create_groups+0x9d/0x150 [ 202.083309][ T8348] device_add+0x71a/0x1950 [ 202.083348][ T8348] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 202.083388][ T8348] ? __pfx_device_add+0x10/0x10 [ 202.083424][ T8348] ? lockdep_init_map_type+0x5c/0x250 [ 202.083456][ T8348] ? __init_waitqueue_head+0xca/0x150 [ 202.083501][ T8348] netdev_register_kobject+0x1a9/0x3d0 [ 202.083545][ T8348] register_netdevice+0x12e0/0x2210 [ 202.083584][ T8348] ? __pfx_register_netdevice+0x10/0x10 [ 202.083626][ T8348] internal_dev_create+0x2d3/0x520 [ 202.083660][ T8348] ovs_vport_add+0x147/0x4d0 [ 202.083690][ T8348] new_vport+0x16/0x1d0 [ 202.083726][ T8348] ovs_dp_cmd_new+0x65d/0xdf0 [ 202.083774][ T8348] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 202.083820][ T8348] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 202.083862][ T8348] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 202.083903][ T8348] genl_family_rcv_msg_doit+0x214/0x300 [ 202.083939][ T8348] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 202.083973][ T8348] ? genl_get_cmd+0x3ef/0x720 [ 202.084013][ T8348] ? bpf_lsm_capable+0x9/0x10 [ 202.084036][ T8348] ? security_capable+0x80/0x260 [ 202.084065][ T8348] ? ns_capable+0xd2/0xf0 [ 202.084089][ T8348] genl_rcv_msg+0x560/0x800 [ 202.084124][ T8348] ? __pfx_genl_rcv_msg+0x10/0x10 [ 202.084154][ T8348] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 202.084197][ T8348] netlink_rcv_skb+0x159/0x420 [ 202.084225][ T8348] ? __pfx_genl_rcv_msg+0x10/0x10 [ 202.084257][ T8348] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 202.084296][ T8348] ? netlink_deliver_tap+0x1ae/0xcc0 [ 202.084326][ T8348] genl_rcv+0x28/0x40 [ 202.084352][ T8348] netlink_unicast+0x5aa/0x870 [ 202.084384][ T8348] ? __pfx_netlink_unicast+0x10/0x10 [ 202.084422][ T8348] netlink_sendmsg+0x8b0/0xda0 [ 202.084455][ T8348] ? __pfx_netlink_sendmsg+0x10/0x10 [ 202.084479][ T8348] ? __import_iovec+0x1d2/0x640 [ 202.084515][ T8348] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 202.084548][ T8348] ____sys_sendmsg+0xa54/0xc30 [ 202.084581][ T8348] ? __pfx_____sys_sendmsg+0x10/0x10 [ 202.084617][ T8348] ? __pfx_futex_wake_mark+0x10/0x10 [ 202.084653][ T8348] ___sys_sendmsg+0x190/0x1e0 [ 202.084686][ T8348] ? __pfx____sys_sendmsg+0x10/0x10 [ 202.084756][ T8348] __sys_sendmsg+0x170/0x220 [ 202.084782][ T8348] ? __pfx___sys_sendmsg+0x10/0x10 [ 202.084806][ T8348] ? __x64_sys_futex+0x34f/0x4d0 [ 202.084857][ T8348] do_syscall_64+0x106/0xf80 [ 202.084881][ T8348] ? clear_bhb_loop+0x40/0x90 [ 202.084908][ T8348] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.084931][ T8348] RIP: 0033:0x7f609159c799 [ 202.084949][ T8348] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 202.084970][ T8348] RSP: 002b:00007f60923a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 202.084991][ T8348] RAX: ffffffffffffffda RBX: 00007f6091815fa0 RCX: 00007f609159c799 [ 202.085006][ T8348] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005 [ 202.085019][ T8348] RBP: 00007f6091632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 202.085032][ T8348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.085045][ T8348] R13: 00007f6091816038 R14: 00007f6091815fa0 R15: 00007ffcf81bdcc8 [ 202.085076][ T8348] [ 203.038349][ T8362] HSR: entered promiscuous mode [ 203.755173][ T8388] netlink: 32 bytes leftover after parsing attributes in process `syz.0.492'. [ 204.623368][ T8403] openvswitch: netlink: Flow key attr not present in new flow. [ 204.965853][ T8416] vhci_hcd vhci_hcd.2: invalid port number 16 [ 204.973806][ T8416] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 206.934599][ T8459] __vm_enough_memory: pid: 8459, comm: syz.4.508, bytes: 4398046511104 not enough memory for the allocation [ 207.120333][ T8467] i2c i2c-0: new_device: Invalid device name [ 208.306186][ T8485] netlink: 28 bytes leftover after parsing attributes in process `syz.2.513'. [ 208.369203][ T8485] hsr_slave_0 (unregistering): left promiscuous mode [ 208.509632][ T8492] netlink: 8 bytes leftover after parsing attributes in process `syz.0.514'. [ 209.777037][ T5831] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 209.786182][ T5831] Bluetooth: hci4: Invalid handle: 0x3a4a > 0x0eff [ 212.116003][ T8585] netlink: 'syz.3.533': attribute type 4 has an invalid length. [ 212.137113][ T8585] netlink: 'syz.3.533': attribute type 4 has an invalid length. [ 212.502611][ T8594] netlink: 28 bytes leftover after parsing attributes in process `syz.4.534'. [ 212.511663][ T8594] vlan1: entered promiscuous mode [ 212.516948][ T8594] vlan1: entered allmulticast mode [ 212.522223][ T8594] veth0_vlan: entered allmulticast mode [ 212.695681][ T8598] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 213.887072][ T8621] zswap: compressor û not available [ 215.234564][ T8651] netlink: 'syz.2.547': attribute type 4 has an invalid length. [ 218.995608][ T5830] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 219.016792][ T5830] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 219.025069][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 219.033224][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 219.040684][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 219.287110][ T6343] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.736348][ T6343] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.038880][ T6343] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.273868][ T6343] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.396515][ T8685] kexec: Could not allocate control_code_buffer [ 220.704013][ T8700] chnl_net:caif_netlink_parms(): no params data found [ 221.156057][ T5830] Bluetooth: hci2: command tx timeout [ 221.684853][ T6343] bridge_slave_1: left allmulticast mode [ 221.690971][ T6343] bridge_slave_1: left promiscuous mode [ 221.747835][ T6343] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.873981][ T6343] bridge_slave_0: left allmulticast mode [ 221.906186][ T6343] bridge_slave_0: left promiscuous mode [ 221.912005][ T6343] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.234299][ T5830] Bluetooth: hci2: command tx timeout [ 223.462215][ T6343] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 223.505005][ T6343] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 223.531690][ T6343] bond0 (unregistering): Released all slaves [ 223.564596][ T8700] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.571803][ T8700] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.584609][ T8700] bridge_slave_0: entered allmulticast mode [ 223.607887][ T8700] bridge_slave_0: entered promiscuous mode [ 223.677704][ T8700] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.707866][ T8700] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.725895][ T8700] bridge_slave_1: entered allmulticast mode [ 223.744370][ T8700] bridge_slave_1: entered promiscuous mode [ 223.756653][ T6343] HSR: left promiscuous mode [ 224.024055][ T8700] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 224.220796][ T8700] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 224.453246][ T8700] team0: Port device team_slave_0 added [ 224.490669][ T8700] team0: Port device team_slave_1 added [ 224.697451][ T8700] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 224.726187][ T8700] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 224.796931][ T8700] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 224.851533][ T8700] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 224.880579][ T8700] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 224.923769][ T8700] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 225.022620][ T6343] hsr_slave_0: left promiscuous mode [ 225.051936][ T6343] hsr_slave_1: left promiscuous mode [ 225.081811][ T6343] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 225.099907][ T6343] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 225.148671][ T6343] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.167312][ T6343] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 225.250815][ T6343] veth1_macvtap: left promiscuous mode [ 225.269257][ T6343] veth0_macvtap: left promiscuous mode [ 225.282745][ T6343] veth1_vlan: left promiscuous mode [ 225.296699][ T6343] veth0_vlan: left promiscuous mode [ 225.323705][ T5830] Bluetooth: hci2: command tx timeout [ 226.795812][ T6343] team0 (unregistering): Port device team_slave_1 removed [ 226.944779][ T6343] team0 (unregistering): Port device team_slave_0 removed [ 227.276490][ T8828] zswap: compressor  not available [ 227.394821][ T5830] Bluetooth: hci2: command tx timeout [ 227.925816][ T8700] hsr_slave_0: entered promiscuous mode [ 227.932550][ T8700] hsr_slave_1: entered promiscuous mode [ 227.975224][ T8700] debugfs: 'hsr0' already exists in 'hsr' [ 227.998085][ T8700] Cannot create hsr debugfs directory [ 230.889135][ T8700] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 231.242487][ T8907] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 231.281306][ T8700] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 231.327337][ T8700] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 231.485811][ T8700] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 231.998816][ T8700] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.057163][ T8700] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.100774][ T6343] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.107920][ T6343] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.225471][ T6343] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.232647][ T6343] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.227099][ T8700] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 233.611618][ T8700] veth0_vlan: entered promiscuous mode [ 233.747451][ T8700] veth1_vlan: entered promiscuous mode [ 233.911517][ T8700] veth0_macvtap: entered promiscuous mode [ 234.016498][ T8700] veth1_macvtap: entered promiscuous mode [ 234.116309][ T8700] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.196494][ T8700] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.295315][ T295] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.319926][ T7655] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.389303][ T7655] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.497543][ T7655] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.658263][ T6343] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.690594][ T6343] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.784622][ T7663] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.805964][ T7663] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.231143][ T8971] netlink: 'syz.3.556': attribute type 11 has an invalid length. [ 235.251025][ T8967] Invalid ELF header magic: != ELF [ 235.320520][ T30] audit: type=1326 audit(4294967304.860:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8970 comm="syz.3.556" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2d8539c799 code=0x0 [ 236.312557][ T8992] netlink: 28 bytes leftover after parsing attributes in process `syz.3.594'. [ 236.372324][ T8992] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 238.467031][ T9028] FAULT_INJECTION: forcing a failure. [ 238.467031][ T9028] name failslab, interval 1, probability 0, space 0, times 0 [ 238.480404][ T9028] CPU: 1 UID: 0 PID: 9028 Comm: syz.0.597 Tainted: G L syzkaller #0 PREEMPT(full) [ 238.480447][ T9028] Tainted: [L]=SOFTLOCKUP [ 238.480459][ T9028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 238.480474][ T9028] Call Trace: [ 238.480484][ T9028] [ 238.480495][ T9028] dump_stack_lvl+0x100/0x190 [ 238.480541][ T9028] should_fail_ex.cold+0x5/0xa [ 238.480576][ T9028] should_failslab+0xc2/0x120 [ 238.480604][ T9028] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 238.480642][ T9028] ? vm_area_dup+0x27/0x8e0 [ 238.480674][ T9028] ? __vma_start_write+0x17f/0x280 [ 238.480714][ T9028] vm_area_dup+0x27/0x8e0 [ 238.480751][ T9028] dup_mmap+0x6f6/0x2180 [ 238.480797][ T9028] ? __pfx_dup_mmap+0x10/0x10 [ 238.480826][ T9028] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 238.480864][ T9028] ? __lock_acquire+0x4a5/0x2630 [ 238.480900][ T9028] ? find_held_lock+0x2b/0x80 [ 238.480925][ T9028] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 238.480997][ T9028] copy_process+0x73d7/0x7a10 [ 238.481049][ T9028] ? __pfx_copy_process+0x10/0x10 [ 238.481081][ T9028] ? find_held_lock+0x2b/0x80 [ 238.481112][ T9028] ? futex_private_hash_put+0x107/0x1c0 [ 238.481153][ T9028] kernel_clone+0xfc/0x9a0 [ 238.481187][ T9028] ? __pfx_kernel_clone+0x10/0x10 [ 238.481241][ T9028] __do_sys_clone+0xd9/0x120 [ 238.481274][ T9028] ? __pfx___do_sys_clone+0x10/0x10 [ 238.481306][ T9028] ? do_futex+0x1c4/0x350 [ 238.481370][ T9028] do_syscall_64+0x106/0xf80 [ 238.481407][ T9028] ? clear_bhb_loop+0x40/0x90 [ 238.481446][ T9028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.481475][ T9028] RIP: 0033:0x7f1f0b59c799 [ 238.481499][ T9028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 238.481526][ T9028] RSP: 002b:00007f1f0c45dfd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 238.481553][ T9028] RAX: ffffffffffffffda RBX: 00007f1f0b816090 RCX: 00007f1f0b59c799 [ 238.481571][ T9028] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 238.481587][ T9028] RBP: 00007f1f0b632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 238.481602][ T9028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.481618][ T9028] R13: 00007f1f0b816128 R14: 00007f1f0b816090 R15: 00007fff12f0c5f8 [ 238.481656][ T9028] [ 239.287731][ T9032] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 239.357190][ T9032] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 239.363409][ T9032] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 239.376289][ T9032] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 239.428355][ T9032] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 239.568079][ T9032] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 239.734442][ T9050] can: request_module (can-proto-0) failed. [ 239.832857][ T9032] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 239.861691][ T9032] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 239.975289][ T9032] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 240.034666][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 240.680169][ T9061] wlan1: mtu less than device minimum [ 241.395606][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 241.395606][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 241.395661][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout [ 241.756968][ T30] audit: type=1107 audit(4294967311.300:11): pid=9082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 241.792283][ T30] audit: type=1107 audit(4294967311.330:12): pid=9082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 241.876045][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 241.935969][ T9090] futex_wake_op: syz.3.608 tries to shift op by -2048; fix this program [ 241.967793][ T5831] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 241.981724][ T9090] futex_wake_op: syz.3.608 tries to shift op by -2048; fix this program [ 242.086298][ T9090] 0x000000000001-0x000000020000 : "" [ 242.170155][ T9090] ftl_cs: FTL header corrupt! [ 242.262869][ T30] audit: type=1800 audit(4294967311.770:13): pid=9098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.609" name="dbroot" dev="configfs" ino=26851 res=0 errno=0 [ 243.474381][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout [ 243.908140][ T9115] nvme_fcloop: unknown parameter or missing value '7' [ 243.960803][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 244.534445][ T9140] input: f¬ as /devices/virtual/input/input15 [ 244.876624][ T9143] bridge0: port 3(gretap0) entered blocking state [ 244.890268][ T9143] bridge0: port 3(gretap0) entered disabled state [ 244.959955][ T9148] bcache: register_bcache() error : failed to open device [ 244.974438][ T9143] gretap0: entered allmulticast mode [ 245.029011][ T9143] gretap0: entered promiscuous mode [ 245.059835][ T9143] bridge0: port 3(gretap0) entered blocking state [ 245.066388][ T9143] bridge0: port 3(gretap0) entered forwarding state [ 245.554512][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout [ 245.979849][ T9154] FAULT_INJECTION: forcing a failure. [ 245.979849][ T9154] name failslab, interval 1, probability 0, space 0, times 0 [ 246.036429][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 246.051649][ T9160] netlink: 93 bytes leftover after parsing attributes in process `syz.3.622'. [ 246.074289][ T9154] CPU: 0 UID: 0 PID: 9154 Comm: syz.4.621 Tainted: G L syzkaller #0 PREEMPT(full) [ 246.074332][ T9154] Tainted: [L]=SOFTLOCKUP [ 246.074339][ T9154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 246.074352][ T9154] Call Trace: [ 246.074358][ T9154] [ 246.074365][ T9154] dump_stack_lvl+0x100/0x190 [ 246.074392][ T9154] should_fail_ex.cold+0x5/0xa [ 246.074410][ T9154] should_failslab+0xc2/0x120 [ 246.074424][ T9154] __kmalloc_cache_noprof+0x7a/0x6f0 [ 246.074443][ T9154] ? snd_timer_instance_new+0x47/0x2e0 [ 246.074469][ T9154] snd_timer_instance_new+0x47/0x2e0 [ 246.074490][ T9154] snd_seq_timer_open+0x1d4/0x600 [ 246.074510][ T9154] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 246.074532][ T9154] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 246.074548][ T9154] ? lockdep_hardirqs_on+0x78/0x100 [ 246.074564][ T9154] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 246.074580][ T9154] queue_use+0xdc/0x1f0 [ 246.074604][ T9154] snd_seq_queue_alloc+0x2e5/0x590 [ 246.074632][ T9154] snd_seq_ioctl_create_queue+0xa9/0x370 [ 246.074653][ T9154] call_seq_client_ctl+0xa3/0x130 [ 246.074673][ T9154] snd_seq_kernel_client_ctl+0x77/0xd0 [ 246.074693][ T9154] alloc_seq_queue+0xdb/0x180 [ 246.074719][ T9154] ? __pfx_alloc_seq_queue+0x10/0x10 [ 246.074749][ T9154] ? mark_held_locks+0x40/0x70 [ 246.074768][ T9154] ? _raw_spin_unlock_irq+0x23/0x50 [ 246.074783][ T9154] ? lockdep_hardirqs_on+0x78/0x100 [ 246.074801][ T9154] snd_seq_oss_open+0x2b2/0xa10 [ 246.074827][ T9154] odev_open+0x79/0xc0 [ 246.074844][ T9154] ? __pfx_odev_open+0x10/0x10 [ 246.074862][ T9154] soundcore_open+0x2e3/0x5a0 [ 246.074883][ T9154] ? __pfx_soundcore_open+0x10/0x10 [ 246.074902][ T9154] chrdev_open+0x234/0x6a0 [ 246.074915][ T9154] ? __pfx_apparmor_file_open+0x10/0x10 [ 246.074935][ T9154] ? __pfx_chrdev_open+0x10/0x10 [ 246.074949][ T9154] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 246.074977][ T9154] do_dentry_open+0x6d8/0x1660 [ 246.075001][ T9154] ? __pfx_chrdev_open+0x10/0x10 [ 246.075019][ T9154] vfs_open+0x82/0x3f0 [ 246.075039][ T9154] path_openat+0x208c/0x31a0 [ 246.075059][ T9154] ? __pfx_path_openat+0x10/0x10 [ 246.075079][ T9154] do_file_open+0x20e/0x430 [ 246.075094][ T9154] ? __pfx_do_file_open+0x10/0x10 [ 246.075122][ T9154] ? alloc_fd+0x476/0x790 [ 246.075146][ T9154] ? do_getname+0x191/0x390 [ 246.075164][ T9154] do_sys_openat2+0x10d/0x1e0 [ 246.075181][ T9154] ? __pfx_do_sys_openat2+0x10/0x10 [ 246.075200][ T9154] ? __fget_files+0x21f/0x3d0 [ 246.075225][ T9154] __x64_sys_openat+0x12d/0x210 [ 246.075243][ T9154] ? __pfx___x64_sys_openat+0x10/0x10 [ 246.075268][ T9154] do_syscall_64+0x106/0xf80 [ 246.075284][ T9154] ? clear_bhb_loop+0x40/0x90 [ 246.075302][ T9154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.075317][ T9154] RIP: 0033:0x7f13eb19c799 [ 246.075330][ T9154] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 246.075344][ T9154] RSP: 002b:00007f13ec02e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 246.075363][ T9154] RAX: ffffffffffffffda RBX: 00007f13eb415fa0 RCX: 00007f13eb19c799 [ 246.075373][ T9154] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 246.075383][ T9154] RBP: 00007f13eb232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 246.075391][ T9154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.075400][ T9154] R13: 00007f13eb416038 R14: 00007f13eb415fa0 R15: 00007ffee9c4b988 [ 246.075420][ T9154] [ 246.787638][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 246.804477][ T9131] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 247.399874][ T9131] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 247.407774][ T9131] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 247.428635][ T9131] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 247.435659][ T9131] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 247.450637][ T9131] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 248.400106][ T9188] binder: 9178:9188 ioctl 40046205 0 returned -22 [ 248.717089][ T9175] Invalid ELF header magic: != ELF [ 248.837478][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 249.113075][ T9175] Invalid ELF header magic: != ELF [ 249.474328][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 249.481966][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout [ 249.488000][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 249.687745][ T9212] FAULT_INJECTION: forcing a failure. [ 249.687745][ T9212] name fail_futex, interval 1, probability 0, space 0, times 0 [ 249.709052][ T9212] CPU: 1 UID: 0 PID: 9212 Comm: syz.3.633 Tainted: G L syzkaller #0 PREEMPT(full) [ 249.709099][ T9212] Tainted: [L]=SOFTLOCKUP [ 249.709109][ T9212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 249.709124][ T9212] Call Trace: [ 249.709132][ T9212] [ 249.709143][ T9212] dump_stack_lvl+0x100/0x190 [ 249.709190][ T9212] should_fail_ex.cold+0x5/0xa [ 249.709224][ T9212] get_futex_key+0x1d2/0x1620 [ 249.709263][ T9212] ? __pfx_get_futex_key+0x10/0x10 [ 249.709296][ T9212] ? __pfx_get_futex_key+0x10/0x10 [ 249.709335][ T9212] futex_wait_setup+0x81/0x500 [ 249.709385][ T9212] __futex_wait+0x19f/0x300 [ 249.709429][ T9212] ? __pfx___futex_wait+0x10/0x10 [ 249.709475][ T9212] ? __pfx_futex_wake_mark+0x10/0x10 [ 249.709520][ T9212] ? futex_hash+0x2c5/0x380 [ 249.709563][ T9212] futex_wait+0xed/0x380 [ 249.709611][ T9212] ? __pfx_futex_wait+0x10/0x10 [ 249.709650][ T9212] ? ksys_write+0x190/0x250 [ 249.709689][ T9212] ? ksys_write+0x190/0x250 [ 249.709740][ T9212] do_futex+0x1ef/0x350 [ 249.709775][ T9212] ? __pfx_do_futex+0x10/0x10 [ 249.709820][ T9212] __x64_sys_futex+0x34f/0x4d0 [ 249.709857][ T9212] ? __pfx___x64_sys_futex+0x10/0x10 [ 249.709903][ T9212] do_syscall_64+0x106/0xf80 [ 249.709942][ T9212] ? clear_bhb_loop+0x40/0x90 [ 249.709980][ T9212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.710009][ T9212] RIP: 0033:0x7f2d8539c799 [ 249.710031][ T9212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 249.710059][ T9212] RSP: 002b:00007f2d861cc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 249.710089][ T9212] RAX: ffffffffffffffda RBX: 00007f2d85616098 RCX: 00007f2d8539c799 [ 249.710107][ T9212] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2d85616098 [ 249.710125][ T9212] RBP: 00007f2d85616090 R08: 0000000000000000 R09: 0000000000000000 [ 249.710142][ T9212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 249.710158][ T9212] R13: 00007f2d85616128 R14: 00007ffc47993670 R15: 00007ffc47993758 [ 249.710195][ T9212] [ 250.015196][ T9198] vivid-007: ================= START STATUS ================= [ 250.143226][ T9204] Invalid ELF header magic: != ELF [ 250.174812][ T9198] vivid-007: Generate PTS: true [ 250.180442][ T9198] vivid-007: Generate SCR: true [ 250.204847][ T9198] tpg source WxH: 320x240 (Y'CbCr) [ 250.210343][ T9198] tpg field: 1 [ 250.264320][ T9198] tpg crop: (0,0)/320x240 [ 250.270255][ T9198] tpg compose: (0,0)/320x240 [ 250.292027][ T9198] tpg colorspace: 8 [ 250.295940][ T9198] tpg transfer function: 0/0 [ 250.300515][ T9198] tpg Y'CbCr encoding: 0/0 [ 250.328296][ T9198] tpg quantization: 0/0 [ 250.336947][ T9198] tpg RGB range: 0/2 [ 250.344523][ T9198] vivid-007: ================== END STATUS ================== [ 250.944140][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 251.026142][ T9218] random: crng reseeded on system resumption [ 251.360565][ T9224] FAULT_INJECTION: forcing a failure. [ 251.360565][ T9224] name failslab, interval 1, probability 0, space 0, times 0 [ 251.487507][ T9224] CPU: 0 UID: 0 PID: 9224 Comm: syz.4.635 Tainted: G L syzkaller #0 PREEMPT(full) [ 251.487550][ T9224] Tainted: [L]=SOFTLOCKUP [ 251.487559][ T9224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 251.487573][ T9224] Call Trace: [ 251.487581][ T9224] [ 251.487592][ T9224] dump_stack_lvl+0x100/0x190 [ 251.487637][ T9224] should_fail_ex.cold+0x5/0xa [ 251.487668][ T9224] should_failslab+0xc2/0x120 [ 251.487694][ T9224] __kmalloc_cache_noprof+0x7a/0x6f0 [ 251.487728][ T9224] ? ima_d_path+0xc9/0x260 [ 251.487761][ T9224] ? xattr_resolve_name+0x27d/0x3f0 [ 251.487806][ T9224] ima_d_path+0xc9/0x260 [ 251.487844][ T9224] ? __pfx_ima_d_path+0x10/0x10 [ 251.487887][ T9224] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 251.487924][ T9224] process_measurement+0x1b25/0x2350 [ 251.487966][ T9224] ? stack_trace_save+0x8e/0xc0 [ 251.487992][ T9224] ? __pfx_process_measurement+0x10/0x10 [ 251.488028][ T9224] ? __lock_acquire+0x4a5/0x2630 [ 251.488060][ T9224] ? __kasan_slab_alloc+0x89/0x90 [ 251.488098][ T9224] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 251.488136][ T9224] ? init_file+0x95/0x480 [ 251.488162][ T9224] ? alloc_empty_file+0x73/0x1c0 [ 251.488191][ T9224] ? alloc_file_pseudo+0x13a/0x230 [ 251.488219][ T9224] ? ksys_mmap_pgoff+0x232/0x650 [ 251.488242][ T9224] ? __x64_sys_mmap+0x125/0x190 [ 251.488280][ T9224] ? do_syscall_64+0x106/0xf80 [ 251.488344][ T9224] ? __pfx_aa_file_perm+0x10/0x10 [ 251.488386][ T9224] ima_file_mmap+0x1c4/0x1f0 [ 251.488420][ T9224] ? __pfx_ima_file_mmap+0x10/0x10 [ 251.488475][ T9224] security_mmap_file+0x278/0x9b0 [ 251.488503][ T9224] vm_mmap_pgoff+0xec/0x470 [ 251.488537][ T9224] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 251.488564][ T9224] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 251.488600][ T9224] ? hugetlbfs_get_inode+0x36e/0x750 [ 251.488650][ T9224] ksys_mmap_pgoff+0x273/0x650 [ 251.488678][ T9224] ? __x64_sys_futex+0x358/0x4d0 [ 251.488714][ T9224] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 251.488741][ T9224] ? xfd_validate_state+0x129/0x190 [ 251.488782][ T9224] __x64_sys_mmap+0x125/0x190 [ 251.488824][ T9224] do_syscall_64+0x106/0xf80 [ 251.488852][ T9224] ? clear_bhb_loop+0x40/0x90 [ 251.488883][ T9224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.488907][ T9224] RIP: 0033:0x7f13eb19c799 [ 251.488934][ T9224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 251.488961][ T9224] RSP: 002b:00007f13ec02e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 251.488988][ T9224] RAX: ffffffffffffffda RBX: 00007f13eb415fa0 RCX: 00007f13eb19c799 [ 251.489007][ T9224] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 251.489023][ T9224] RBP: 00007f13eb232bd9 R08: ffffffffffffffff R09: 0000300000000000 [ 251.489039][ T9224] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 251.489053][ T9224] R13: 00007f13eb416038 R14: 00007f13eb415fa0 R15: 00007ffee9c4b988 [ 251.489087][ T9224] [ 252.124883][ T9235] netlink: 346 bytes leftover after parsing attributes in process `syz.2.638'. [ 252.175545][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.636'. [ 252.237645][ T9239] openvswitch: netlink: Key 5 has unexpected len 4 expected 2 [ 252.245754][ T9239] FAULT_INJECTION: forcing a failure. [ 252.245754][ T9239] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 252.285554][ T9239] CPU: 1 UID: 0 PID: 9239 Comm: syz.0.636 Tainted: G L syzkaller #0 PREEMPT(full) [ 252.285582][ T9239] Tainted: [L]=SOFTLOCKUP [ 252.285587][ T9239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 252.285597][ T9239] Call Trace: [ 252.285602][ T9239] [ 252.285608][ T9239] dump_stack_lvl+0x100/0x190 [ 252.285636][ T9239] should_fail_ex.cold+0x5/0xa [ 252.285654][ T9239] _copy_from_user+0x2e/0xd0 [ 252.285679][ T9239] copy_msghdr_from_user+0x9f/0x4f0 [ 252.285702][ T9239] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 252.285726][ T9239] ? rcu_is_watching+0x12/0xc0 [ 252.285748][ T9239] ? ___sys_recvmsg+0x177/0x1a0 [ 252.285767][ T9239] ? kfree+0x2ec/0x6b0 [ 252.285788][ T9239] ___sys_recvmsg+0xdd/0x1a0 [ 252.285809][ T9239] ? __pfx____sys_recvmsg+0x10/0x10 [ 252.285840][ T9239] ? __pfx___might_resched+0x10/0x10 [ 252.285865][ T9239] do_recvmmsg+0x301/0x760 [ 252.285888][ T9239] ? __pfx_do_recvmmsg+0x10/0x10 [ 252.285913][ T9239] ? do_futex+0x192/0x350 [ 252.285938][ T9239] ? __x64_sys_futex+0x34f/0x4d0 [ 252.285958][ T9239] __x64_sys_recvmmsg+0x22a/0x280 [ 252.285977][ T9239] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 252.286000][ T9239] do_syscall_64+0x106/0xf80 [ 252.286016][ T9239] ? clear_bhb_loop+0x40/0x90 [ 252.286034][ T9239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.286049][ T9239] RIP: 0033:0x7f1f0b59c799 [ 252.286062][ T9239] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 252.286075][ T9239] RSP: 002b:00007f1f0c45e028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 252.286089][ T9239] RAX: ffffffffffffffda RBX: 00007f1f0b816090 RCX: 00007f1f0b59c799 [ 252.286107][ T9239] RDX: 00000000fffffff9 RSI: 0000000000000000 RDI: 0000000000000003 [ 252.286116][ T9239] RBP: 00007f1f0b632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 252.286125][ T9239] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000000 [ 252.286134][ T9239] R13: 00007f1f0b816128 R14: 00007f1f0b816090 R15: 00007fff12f0c5f8 [ 252.286154][ T9239] [ 252.825548][ T9245] FAULT_INJECTION: forcing a failure. [ 252.825548][ T9245] name failslab, interval 1, probability 0, space 0, times 0 [ 252.838189][ T9245] CPU: 0 UID: 0 PID: 9245 Comm: syz.4.639 Tainted: G L syzkaller #0 PREEMPT(full) [ 252.838213][ T9245] Tainted: [L]=SOFTLOCKUP [ 252.838219][ T9245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 252.838228][ T9245] Call Trace: [ 252.838234][ T9245] [ 252.838240][ T9245] dump_stack_lvl+0x100/0x190 [ 252.838267][ T9245] should_fail_ex.cold+0x5/0xa [ 252.838290][ T9245] should_failslab+0xc2/0x120 [ 252.838305][ T9245] __kmalloc_cache_noprof+0x7a/0x6f0 [ 252.838325][ T9245] ? refill_pi_state_cache+0x91/0x260 [ 252.838351][ T9245] refill_pi_state_cache+0x91/0x260 [ 252.838372][ T9245] futex_lock_pi+0x177/0x7b0 [ 252.838395][ T9245] ? __pfx_futex_lock_pi+0x10/0x10 [ 252.838417][ T9245] ? __pfx___futex_wait+0x10/0x10 [ 252.838457][ T9245] ? __pfx_futex_wake_mark+0x10/0x10 [ 252.838483][ T9245] ? __might_fault+0x111/0x140 [ 252.838502][ T9245] ? do_vfs_ioctl+0x226/0x13e0 [ 252.838524][ T9245] do_futex+0x18a/0x350 [ 252.838542][ T9245] ? __pfx_do_futex+0x10/0x10 [ 252.838561][ T9245] ? find_held_lock+0x2b/0x80 [ 252.838578][ T9245] __x64_sys_futex+0x34f/0x4d0 [ 252.838598][ T9245] ? __pfx___x64_sys_futex+0x10/0x10 [ 252.838624][ T9245] do_syscall_64+0x106/0xf80 [ 252.838640][ T9245] ? clear_bhb_loop+0x40/0x90 [ 252.838657][ T9245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.838672][ T9245] RIP: 0033:0x7f13eb19c799 [ 252.838685][ T9245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 252.838699][ T9245] RSP: 002b:00007f13ec02e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 252.838713][ T9245] RAX: ffffffffffffffda RBX: 00007f13eb415fa0 RCX: 00007f13eb19c799 [ 252.838724][ T9245] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 252.838732][ T9245] RBP: 00007f13eb232bd9 R08: 0000000000000000 R09: 000000008000fff5 [ 252.838741][ T9245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 252.838750][ T9245] R13: 00007f13eb416038 R14: 00007f13eb415fa0 R15: 00007ffee9c4b988 [ 252.838769][ T9245] [ 253.103794][ T9245] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[k<÷:1 is already present [ 255.719681][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.728397][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.632959][ T9314] FAULT_INJECTION: forcing a failure. [ 256.632959][ T9314] name failslab, interval 1, probability 0, space 0, times 0 [ 256.704431][ T9314] CPU: 0 UID: 0 PID: 9314 Comm: syz.0.654 Tainted: G L syzkaller #0 PREEMPT(full) [ 256.704458][ T9314] Tainted: [L]=SOFTLOCKUP [ 256.704463][ T9314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 256.704472][ T9314] Call Trace: [ 256.704478][ T9314] [ 256.704484][ T9314] dump_stack_lvl+0x100/0x190 [ 256.704511][ T9314] should_fail_ex.cold+0x5/0xa [ 256.704530][ T9314] should_failslab+0xc2/0x120 [ 256.704545][ T9314] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 256.704565][ T9314] ? acpi_ut_create_generic_state+0x61/0xc0 [ 256.704592][ T9314] acpi_ut_create_generic_state+0x61/0xc0 [ 256.704613][ T9314] acpi_ds_result_push+0x2a4/0x600 [ 256.704635][ T9314] ? acpi_ds_obj_stack_pop+0x105/0x270 [ 256.704659][ T9314] acpi_ds_evaluate_name_path+0x225/0x4a0 [ 256.704680][ T9314] ? __pfx_acpi_ds_evaluate_name_path+0x10/0x10 [ 256.704711][ T9314] ? acpi_ps_get_next_namepath+0x1f6/0xa10 [ 256.704732][ T9314] ? acpi_ut_trace_ptr+0x1a1/0x2a0 [ 256.704758][ T9314] acpi_ds_exec_end_op+0xb78/0x1e60 [ 256.704782][ T9314] ? __pfx_acpi_ds_exec_end_op+0x10/0x10 [ 256.704803][ T9314] acpi_ps_parse_loop+0x5dd/0x24a0 [ 256.704830][ T9314] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 256.704850][ T9314] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 256.704869][ T9314] ? acpi_ut_create_thread_state+0x6d/0x170 [ 256.704896][ T9314] acpi_ps_parse_aml+0x81e/0x1120 [ 256.704922][ T9314] acpi_ps_execute_method+0x5c4/0xe90 [ 256.704947][ T9314] acpi_ns_evaluate+0x640/0x1670 [ 256.704968][ T9314] acpi_evaluate_object+0x420/0xe00 [ 256.704987][ T9314] ? kasan_save_stack+0x30/0x50 [ 256.705007][ T9314] ? kasan_save_track+0x14/0x30 [ 256.705030][ T9314] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 256.705056][ T9314] acpi_evaluate_integer+0xdf/0x220 [ 256.705075][ T9314] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 256.705100][ T9314] ? __pfx_status_show+0x10/0x10 [ 256.705119][ T9314] status_show+0xa0/0x120 [ 256.705138][ T9314] ? __pfx_status_show+0x10/0x10 [ 256.705163][ T9314] dev_attr_show+0x52/0xa0 [ 256.705187][ T9314] ? __pfx_dev_attr_show+0x10/0x10 [ 256.705208][ T9314] sysfs_kf_seq_show+0x217/0x3a0 [ 256.705229][ T9314] seq_read_iter+0x32f/0x1270 [ 256.705259][ T9314] kernfs_fop_read_iter+0x46c/0x610 [ 256.705274][ T9314] ? rw_verify_area+0xce/0x6d0 [ 256.705292][ T9314] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 256.705309][ T9314] vfs_read+0x825/0xb30 [ 256.705332][ T9314] ? __pfx_vfs_read+0x10/0x10 [ 256.705366][ T9314] ksys_read+0x12a/0x250 [ 256.705386][ T9314] ? __pfx_ksys_read+0x10/0x10 [ 256.705413][ T9314] do_syscall_64+0x106/0xf80 [ 256.705430][ T9314] ? clear_bhb_loop+0x40/0x90 [ 256.705452][ T9314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.705468][ T9314] RIP: 0033:0x7f1f0b59c799 [ 256.705481][ T9314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 256.705494][ T9314] RSP: 002b:00007f1f0c47f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 256.705509][ T9314] RAX: ffffffffffffffda RBX: 00007f1f0b815fa0 RCX: 00007f1f0b59c799 [ 256.705519][ T9314] RDX: 000000000000007f RSI: 0000200000000240 RDI: 0000000000000007 [ 256.705528][ T9314] RBP: 00007f1f0b632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 256.705537][ T9314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 256.705545][ T9314] R13: 00007f1f0b816038 R14: 00007f1f0b815fa0 R15: 00007fff12f0c5f8 [ 256.705566][ T9314] [ 256.705640][ T9314] ACPI Error: Failed to extend the result stack (20251212/dswstate-130) [ 257.334674][ T9314] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 257.378345][ T9322] FAULT_INJECTION: forcing a failure. [ 257.378345][ T9322] name fail_futex, interval 1, probability 0, space 0, times 0 [ 257.517909][ T9322] CPU: 0 UID: 0 PID: 9322 Comm: syz.4.655 Tainted: G L syzkaller #0 PREEMPT(full) [ 257.517954][ T9322] Tainted: [L]=SOFTLOCKUP [ 257.517963][ T9322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 257.517979][ T9322] Call Trace: [ 257.517988][ T9322] [ 257.517998][ T9322] dump_stack_lvl+0x100/0x190 [ 257.518044][ T9322] should_fail_ex.cold+0x5/0xa [ 257.518077][ T9322] get_futex_key+0x1d2/0x1620 [ 257.518115][ T9322] ? __pfx_get_futex_key+0x10/0x10 [ 257.518146][ T9322] ? find_held_lock+0x2b/0x80 [ 257.518170][ T9322] ? futex_wake+0x456/0x530 [ 257.518218][ T9322] futex_wake+0xea/0x530 [ 257.518251][ T9322] ? __pfx_futex_wait+0x10/0x10 [ 257.518282][ T9322] ? __pfx_futex_wake+0x10/0x10 [ 257.518325][ T9322] ? __lock_acquire+0x4a5/0x2630 [ 257.518365][ T9322] do_futex+0x32b/0x350 [ 257.518400][ T9322] ? __pfx_do_futex+0x10/0x10 [ 257.518437][ T9322] ? find_held_lock+0x2b/0x80 [ 257.518468][ T9322] __x64_sys_futex+0x34f/0x4d0 [ 257.518500][ T9322] ? __fget_files+0x21f/0x3d0 [ 257.518540][ T9322] ? __pfx___x64_sys_futex+0x10/0x10 [ 257.518596][ T9322] do_syscall_64+0x106/0xf80 [ 257.518626][ T9322] ? clear_bhb_loop+0x40/0x90 [ 257.518659][ T9322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.518685][ T9322] RIP: 0033:0x7f13eb19c799 [ 257.518706][ T9322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 257.518732][ T9322] RSP: 002b:00007f13ec02e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 257.518756][ T9322] RAX: ffffffffffffffda RBX: 00007f13eb415fa8 RCX: 00007f13eb19c799 [ 257.518774][ T9322] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f13eb415fac [ 257.518790][ T9322] RBP: 00007f13eb415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 257.518805][ T9322] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 257.518820][ T9322] R13: 00007f13eb416038 R14: 00007ffee9c4b8a0 R15: 00007ffee9c4b988 [ 257.518855][ T9322] [ 259.778744][ T9361] FAULT_INJECTION: forcing a failure. [ 259.778744][ T9361] name failslab, interval 1, probability 0, space 0, times 0 [ 259.954392][ T9361] CPU: 0 UID: 0 PID: 9361 Comm: syz.3.664 Tainted: G L syzkaller #0 PREEMPT(full) [ 259.954435][ T9361] Tainted: [L]=SOFTLOCKUP [ 259.954444][ T9361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 259.954457][ T9361] Call Trace: [ 259.954465][ T9361] [ 259.954476][ T9361] dump_stack_lvl+0x100/0x190 [ 259.954521][ T9361] should_fail_ex.cold+0x5/0xa [ 259.954554][ T9361] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 259.954587][ T9361] should_failslab+0xc2/0x120 [ 259.954615][ T9361] __kmalloc_noprof+0xe0/0x850 [ 259.954661][ T9361] ? acpi_ut_trace_ptr+0x1d2/0x2a0 [ 259.954711][ T9361] acpi_ns_get_normalized_pathname+0x95/0x250 [ 259.954747][ T9361] acpi_ex_start_trace_method+0x30/0x4f0 [ 259.954785][ T9361] acpi_ds_begin_method_execution+0x60/0xc20 [ 259.954821][ T9361] ? down_timeout+0x6b/0x90 [ 259.954854][ T9361] ? acpi_tb_check_dsdt_header+0x324/0x3f0 [ 259.954896][ T9361] acpi_ps_execute_method+0xb1/0xe90 [ 259.954924][ T9361] ? acpi_ut_acquire_mutex+0x2d7/0x500 [ 259.954966][ T9361] acpi_ns_evaluate+0x640/0x1670 [ 259.955004][ T9361] acpi_evaluate_object+0x420/0xe00 [ 259.955041][ T9361] ? kasan_save_stack+0x30/0x50 [ 259.955078][ T9361] ? kasan_save_track+0x14/0x30 [ 259.955124][ T9361] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 259.955174][ T9361] acpi_evaluate_integer+0xdf/0x220 [ 259.955209][ T9361] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 259.955258][ T9361] ? __pfx_status_show+0x10/0x10 [ 259.955294][ T9361] status_show+0xa0/0x120 [ 259.955347][ T9361] ? __pfx_status_show+0x10/0x10 [ 259.955395][ T9361] dev_attr_show+0x52/0xa0 [ 259.955433][ T9361] ? __pfx_dev_attr_show+0x10/0x10 [ 259.955469][ T9361] sysfs_kf_seq_show+0x217/0x3a0 [ 259.955508][ T9361] seq_read_iter+0x32f/0x1270 [ 259.955565][ T9361] kernfs_fop_read_iter+0x46c/0x610 [ 259.955592][ T9361] ? rw_verify_area+0xce/0x6d0 [ 259.955629][ T9361] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 259.955666][ T9361] vfs_read+0x825/0xb30 [ 259.955712][ T9361] ? __pfx_vfs_read+0x10/0x10 [ 259.955775][ T9361] ksys_read+0x12a/0x250 [ 259.955815][ T9361] ? __pfx_ksys_read+0x10/0x10 [ 259.955867][ T9361] do_syscall_64+0x106/0xf80 [ 259.955897][ T9361] ? clear_bhb_loop+0x40/0x90 [ 259.955932][ T9361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.955960][ T9361] RIP: 0033:0x7f2d8539c799 [ 259.955985][ T9361] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 259.956011][ T9361] RSP: 002b:00007f2d861ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 259.956040][ T9361] RAX: ffffffffffffffda RBX: 00007f2d85615fa0 RCX: 00007f2d8539c799 [ 259.956059][ T9361] RDX: 000000000000007f RSI: 0000200000000240 RDI: 0000000000000005 [ 259.956075][ T9361] RBP: 00007f2d85432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 259.956093][ T9361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.956110][ T9361] R13: 00007f2d85616038 R14: 00007f2d85615fa0 R15: 00007ffc47993758 [ 259.956150][ T9361] [ 259.956163][ T9361] ACPI Error: Could not allocate 15 bytes (20251212/nsnames-308) [ 261.613338][ T9379] FAULT_INJECTION: forcing a failure. [ 261.613338][ T9379] name failslab, interval 1, probability 0, space 0, times 0 [ 261.646670][ T9379] CPU: 0 UID: 0 PID: 9379 Comm: syz.0.669 Tainted: G L syzkaller #0 PREEMPT(full) [ 261.646701][ T9379] Tainted: [L]=SOFTLOCKUP [ 261.646710][ T9379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 261.646727][ T9379] Call Trace: [ 261.646736][ T9379] [ 261.646747][ T9379] dump_stack_lvl+0x100/0x190 [ 261.646800][ T9379] should_fail_ex.cold+0x5/0xa [ 261.646827][ T9379] ? binder_open+0x146/0xdd0 [ 261.646844][ T9379] should_failslab+0xc2/0x120 [ 261.646859][ T9379] __kmalloc_noprof+0xe0/0x850 [ 261.646885][ T9379] binder_open+0x146/0xdd0 [ 261.646901][ T9379] ? __pfx_apparmor_file_open+0x10/0x10 [ 261.646921][ T9379] ? __pfx_binder_open+0x10/0x10 [ 261.646938][ T9379] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 261.646966][ T9379] do_dentry_open+0x6d8/0x1660 [ 261.646989][ T9379] ? __pfx_binder_open+0x10/0x10 [ 261.647010][ T9379] vfs_open+0x82/0x3f0 [ 261.647029][ T9379] path_openat+0x208c/0x31a0 [ 261.647049][ T9379] ? __pfx_path_openat+0x10/0x10 [ 261.647070][ T9379] do_file_open+0x20e/0x430 [ 261.647085][ T9379] ? __pfx_do_file_open+0x10/0x10 [ 261.647112][ T9379] ? alloc_fd+0x476/0x790 [ 261.647136][ T9379] ? do_getname+0x191/0x390 [ 261.647155][ T9379] do_sys_openat2+0x10d/0x1e0 [ 261.647172][ T9379] ? __pfx_do_sys_openat2+0x10/0x10 [ 261.647191][ T9379] ? __fget_files+0x21f/0x3d0 [ 261.647219][ T9379] __x64_sys_openat+0x12d/0x210 [ 261.647237][ T9379] ? __pfx___x64_sys_openat+0x10/0x10 [ 261.647262][ T9379] do_syscall_64+0x106/0xf80 [ 261.647279][ T9379] ? clear_bhb_loop+0x40/0x90 [ 261.647296][ T9379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.647311][ T9379] RIP: 0033:0x7f1f0b59c799 [ 261.647325][ T9379] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 261.647339][ T9379] RSP: 002b:00007f1f0c47f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 261.647354][ T9379] RAX: ffffffffffffffda RBX: 00007f1f0b815fa0 RCX: 00007f1f0b59c799 [ 261.647364][ T9379] RDX: 0000000000060000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 261.647374][ T9379] RBP: 00007f1f0b632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 261.647383][ T9379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.647392][ T9379] R13: 00007f1f0b816038 R14: 00007f1f0b815fa0 R15: 00007fff12f0c5f8 [ 261.647413][ T9379] [ 263.303972][ T9419] zswap: compressor not available [ 264.041863][ T9437] vhci_hcd vhci_hcd.2: SetHubDepth req not supported for USB 2.0 roothub [ 264.307074][ T9444] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0 [ 265.003512][ T9455] sd 0:0:1:0: PR command failed: 1026 [ 265.009132][ T9455] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 265.024077][ T9455] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 267.482953][ T9486] futex_wake_op: syz.3.688 tries to shift op by -2048; fix this program [ 268.416965][ T9502] netlink: 28 bytes leftover after parsing attributes in process `syz.0.693'. [ 268.580914][ T9502] bridge_slave_1: left allmulticast mode [ 268.620922][ T9502] bridge_slave_1: left promiscuous mode [ 268.632310][ T9502] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.687513][ T9502] bridge_slave_0: left allmulticast mode [ 268.693250][ T9502] bridge_slave_0: left promiscuous mode [ 268.736346][ T9502] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.529872][ T9508] zswap: compressor not available [ 272.384734][ T9562] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 272.950209][ T9572] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 273.006772][ T9569] FAULT_INJECTION: forcing a failure. [ 273.006772][ T9569] name failslab, interval 1, probability 0, space 0, times 0 [ 273.020603][ T9569] CPU: 0 UID: 0 PID: 9569 Comm: syz.3.709 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.020628][ T9569] Tainted: [L]=SOFTLOCKUP [ 273.020634][ T9569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 273.020644][ T9569] Call Trace: [ 273.020650][ T9569] [ 273.020656][ T9569] dump_stack_lvl+0x100/0x190 [ 273.020682][ T9569] should_fail_ex.cold+0x5/0xa [ 273.020700][ T9569] ? snd_pcm_plugin_build+0x434/0x650 [ 273.020715][ T9569] should_failslab+0xc2/0x120 [ 273.020731][ T9569] __kmalloc_noprof+0xe0/0x850 [ 273.020756][ T9569] snd_pcm_plugin_build+0x434/0x650 [ 273.020773][ T9569] snd_pcm_plugin_build_mulaw+0x280/0x760 [ 273.020790][ T9569] ? __pfx_mulaw_decode+0x10/0x10 [ 273.020805][ T9569] ? __pfx_snd_pcm_plugin_build_mulaw+0x10/0x10 [ 273.020824][ T9569] ? snd_pcm_hw_params+0x262/0x1cb0 [ 273.020843][ T9569] snd_pcm_plug_format_plugins+0xbdd/0x1430 [ 273.020860][ T9569] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 273.020878][ T9569] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 273.020906][ T9569] snd_pcm_oss_change_params_locked+0x2e3c/0x39f0 [ 273.020938][ T9569] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 273.020959][ T9569] ? task_work_add+0x201/0x3b0 [ 273.020981][ T9569] ? __pfx___mutex_lock+0x10/0x10 [ 273.021019][ T9569] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 273.021060][ T9569] snd_pcm_oss_sync+0x265/0x840 [ 273.021111][ T9569] snd_pcm_oss_release+0x238/0x300 [ 273.021160][ T9569] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 273.021202][ T9569] __fput+0x3ff/0xb40 [ 273.021242][ T9569] task_work_run+0x150/0x240 [ 273.021282][ T9569] ? __pfx_task_work_run+0x10/0x10 [ 273.021332][ T9569] exit_to_user_mode_loop+0x100/0x4a0 [ 273.021373][ T9569] do_syscall_64+0x668/0xf80 [ 273.021403][ T9569] ? clear_bhb_loop+0x40/0x90 [ 273.021438][ T9569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.021468][ T9569] RIP: 0033:0x7f2d8539c799 [ 273.021490][ T9569] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.021518][ T9569] RSP: 002b:00007f2d861ed028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 273.021545][ T9569] RAX: 0000000000000000 RBX: 00007f2d85615fa0 RCX: 00007f2d8539c799 [ 273.021564][ T9569] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 273.021581][ T9569] RBP: 00007f2d85432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 273.021598][ T9569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.021614][ T9569] R13: 00007f2d85616038 R14: 00007f2d85615fa0 R15: 00007ffc47993758 [ 273.021653][ T9569] [ 273.885966][ T9566] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 273.959622][ T9569] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 275.192806][ T9586] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 275.267120][ T9587] FAULT_INJECTION: forcing a failure. [ 275.267120][ T9587] name failslab, interval 1, probability 0, space 0, times 0 [ 275.313966][ T9587] CPU: 1 UID: 0 PID: 9587 Comm: syz.3.713 Tainted: G L syzkaller #0 PREEMPT(full) [ 275.314013][ T9587] Tainted: [L]=SOFTLOCKUP [ 275.314024][ T9587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 275.314041][ T9587] Call Trace: [ 275.314051][ T9587] [ 275.314062][ T9587] dump_stack_lvl+0x100/0x190 [ 275.314110][ T9587] should_fail_ex.cold+0x5/0xa [ 275.314145][ T9587] should_failslab+0xc2/0x120 [ 275.314173][ T9587] __kmalloc_cache_noprof+0x7a/0x6f0 [ 275.314210][ T9587] ? vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 275.314252][ T9587] vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 275.314290][ T9587] vidtv_mux_init+0x8a6/0xbf0 [ 275.314327][ T9587] vidtv_start_feed+0x33e/0x4c0 [ 275.314365][ T9587] ? __pfx_vidtv_start_feed+0x10/0x10 [ 275.314406][ T9587] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 275.314454][ T9587] ? mark_held_locks+0x40/0x70 [ 275.314495][ T9587] ? __pfx_vidtv_start_feed+0x10/0x10 [ 275.314534][ T9587] dmx_ts_feed_start_filtering+0xf6/0x220 [ 275.314582][ T9587] dvb_dmxdev_start_feed+0x273/0x3f0 [ 275.314623][ T9587] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 275.314660][ T9587] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 275.314708][ T9587] dvb_demux_do_ioctl+0xe64/0x1200 [ 275.314756][ T9587] dvb_usercopy+0x167/0x340 [ 275.314788][ T9587] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 275.314830][ T9587] ? __pfx_dvb_usercopy+0x10/0x10 [ 275.314880][ T9587] ? __fget_files+0x21f/0x3d0 [ 275.314928][ T9587] dvb_demux_ioctl+0x29/0x40 [ 275.314971][ T9587] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 275.315007][ T9587] __x64_sys_ioctl+0x18e/0x210 [ 275.315048][ T9587] do_syscall_64+0x106/0xf80 [ 275.315078][ T9587] ? clear_bhb_loop+0x40/0x90 [ 275.315111][ T9587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.315140][ T9587] RIP: 0033:0x7f2d8539c799 [ 275.315163][ T9587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 275.315190][ T9587] RSP: 002b:00007f2d861cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 275.315216][ T9587] RAX: ffffffffffffffda RBX: 00007f2d85616090 RCX: 00007f2d8539c799 [ 275.315235][ T9587] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 275.315253][ T9587] RBP: 00007f2d85432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 275.315270][ T9587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 275.315287][ T9587] R13: 00007f2d85616128 R14: 00007f2d85616090 R15: 00007ffc47993758 [ 275.315327][ T9587] [ 275.738630][ T798] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 275.750543][ T798] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 275.758946][ T798] CPU: 1 UID: 0 PID: 798 Comm: kworker/1:2 Tainted: G L syzkaller #0 PREEMPT(full) [ 275.769779][ T798] Tainted: [L]=SOFTLOCKUP [ 275.774086][ T798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 275.785696][ T798] Workqueue: events vidtv_mux_tick [ 275.790805][ T798] RIP: 0010:vidtv_psi_ts_psi_write_into+0x54a/0xbc0 [ 275.797419][ T798] Code: 3c a2 dc f9 4c 8d 63 20 4c 89 e0 48 c1 e8 03 80 3c 28 00 0f 85 e8 04 00 00 48 8b 43 20 48 89 c2 48 89 c1 48 c1 ea 03 83 e1 07 <0f> b6 14 2a 38 ca 7f 08 84 d2 0f 85 19 05 00 00 0f b6 10 48 8b 7c [ 275.817021][ T798] RSP: 0018:ffffc900043573f8 EFLAGS: 00010202 [ 275.823084][ T798] RAX: 0000000000000002 RBX: ffffc90004357678 RCX: 0000000000000002 [ 275.831046][ T798] RDX: 0000000000000000 RSI: ffffffff882b5864 RDI: ffff8880273b0000 [ 275.839010][ T798] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 275.846983][ T798] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90004357698 [ 275.854945][ T798] R13: 0000000000000178 R14: 0000000000000000 R15: 0000000000000008 [ 275.862906][ T798] FS: 0000000000000000(0000) GS:ffff88812444e000(0000) knlGS:0000000000000000 [ 275.871831][ T798] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 275.878408][ T798] CR2: 0000001b3420bff8 CR3: 000000007e770000 CR4: 00000000003526f0 [ 275.886371][ T798] Call Trace: [ 275.889637][ T798] [ 275.892562][ T798] ? __pfx_vidtv_psi_ts_psi_write_into+0x10/0x10 [ 275.898912][ T798] vidtv_psi_pmt_write_into+0x3b2/0xa70 [ 275.905061][ T798] ? __pfx_vidtv_psi_pmt_write_into+0x10/0x10 [ 275.911123][ T798] ? vidtv_psi_pat_write_into+0x56a/0x690 [ 275.916838][ T798] ? __pfx_vidtv_psi_pat_write_into+0x10/0x10 [ 275.922915][ T798] ? ret_from_fork_asm+0x1a/0x30 [ 275.927849][ T798] vidtv_mux_push_si+0x932/0xe80 [ 275.932790][ T798] ? __pfx_vidtv_mux_push_si+0x10/0x10 [ 275.938247][ T798] ? __lock_acquire+0x4a5/0x2630 [ 275.943184][ T798] ? stack_depot_save_flags+0x27/0x9d0 [ 275.948658][ T798] ? __pfx_vidtv_ts_pcr_write_into+0x10/0x10 [ 275.954643][ T798] ? debug_object_activate+0x331/0x490 [ 275.960115][ T798] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 275.965923][ T798] vidtv_mux_tick+0xe9b/0x1480 [ 275.970681][ T798] ? rcu_is_watching+0x12/0xc0 [ 275.975450][ T798] ? __lock_acquire+0x4a5/0x2630 [ 275.980390][ T798] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 275.985587][ T798] ? __lock_acquire+0x4a5/0x2630 [ 275.990525][ T798] ? debug_object_deactivate+0x2e4/0x3b0 [ 275.996162][ T798] ? rcu_is_watching+0x12/0xc0 [ 276.000931][ T798] process_one_work+0x9d7/0x1920 [ 276.005876][ T798] ? __pfx_process_one_work+0x10/0x10 [ 276.011251][ T798] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 276.016446][ T798] worker_thread+0x5da/0xe40 [ 276.021043][ T798] ? kthread+0x13a/0x450 [ 276.025284][ T798] ? __pfx_worker_thread+0x10/0x10 [ 276.030395][ T798] kthread+0x370/0x450 [ 276.034461][ T798] ? __pfx_kthread+0x10/0x10 [ 276.039060][ T798] ret_from_fork+0x754/0xd80 [ 276.043753][ T798] ? __pfx_ret_from_fork+0x10/0x10 [ 276.048883][ T798] ? __switch_to+0x7b4/0x1120 [ 276.053649][ T798] ? __pfx_kthread+0x10/0x10 [ 276.058246][ T798] ret_from_fork_asm+0x1a/0x30 [ 276.063019][ T798] [ 276.066028][ T798] Modules linked in: [ 276.070644][ T798] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 276.316032][ T9591] Invalid ELF header magic: != ELF [ 276.424316][ T798] RIP: 0010:vidtv_psi_ts_psi_write_into+0x54a/0xbc0 [ 276.430963][ T798] Code: 3c a2 dc f9 4c 8d 63 20 4c 89 e0 48 c1 e8 03 80 3c 28 00 0f 85 e8 04 00 00 48 8b 43 20 48 89 c2 48 89 c1 48 c1 ea 03 83 e1 07 <0f> b6 14 2a 38 ca 7f 08 84 d2 0f 85 19 05 00 00 0f b6 10 48 8b 7c [ 276.542212][ T798] RSP: 0018:ffffc900043573f8 EFLAGS: 00010202 [ 276.605384][ T798] RAX: 0000000000000002 RBX: ffffc90004357678 RCX: 0000000000000002 [ 276.634189][ T798] RDX: 0000000000000000 RSI: ffffffff882b5864 RDI: ffff8880273b0000 [ 276.667816][ T798] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 276.716713][ T798] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90004357698 [ 276.724979][ T798] R13: 0000000000000178 R14: 0000000000000000 R15: 0000000000000008 [ 276.744409][ T798] FS: 0000000000000000(0000) GS:ffff88812444e000(0000) knlGS:0000000000000000 [ 276.753721][ T798] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 276.761201][ T798] CR2: 0000001b307fbff8 CR3: 00000000347a2000 CR4: 00000000003526f0 [ 276.769411][ T798] Kernel panic - not syncing: Fatal exception [ 276.775861][ T798] Kernel Offset: disabled [ 276.780178][ T798] Rebooting in 86400 seconds..