last executing test programs: 13.387316225s ago: executing program 0 (id=2003): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) write$auto(0x3, 0x0, 0xfdef) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x5609, r1) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x6, 0x0, 0x800000001, 0x0, 0x7, 0xa505}, 0x4}, 0x2, 0x4048) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x5}, 0xa) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x110c230000, 0x8031ca, 0x9) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) bpf$auto(0x1, 0x0, 0xf) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r4) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 12.093056415s ago: executing program 1 (id=2005): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) time$auto(&(0x7f0000000000)=0x101) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) waitid$auto(0x5, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0x8, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) prctl$auto(0x5, 0x80000000, r0, 0x4, 0x8) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b"}, 0x6, 0x3, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x8800, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000180)) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) lsm_list_modules$auto(0x0, 0x0, 0x0) r4 = socket(0x2, 0x801, 0x106) getsockopt$auto(r4, 0x11c, 0x3, 0x0, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) 11.102124927s ago: executing program 1 (id=2007): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/sound/ctl-led/speaker/card2/reset\x00', 0xa001, 0x0) r0 = openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000001200)='/proc/thread-self/mounts\x00', 0x28000, 0x0) preadv$auto(r0, &(0x7f0000000140)={&(0x7f00000000c0), 0x20000182}, 0x7, 0x4, 0x2) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r2, 0x8000) semctl$auto(0x3, 0x7, 0x13, 0x7) r3 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r3, 0x29, 0x20, 0x0, 0x20) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mlock2$auto(0x1, 0x8001, 0x0) io_pgetevents$auto(0x7, 0x9, 0x7ff, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1}}) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x40000080) r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x4280, 0x0) getsockopt$auto(r4, 0x1, 0x2, &(0x7f0000000180)='/cec27\x00f-e\xfb\xb1\xd7\x95\xca\xf5~\xc0\xd134\xf8\x02%\xf8', 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0xa2382, 0x0) r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000008ac0)='/dev/audio\x00', 0xa00, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC2(r6, 0x80044dff, &(0x7f00000001c0)) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r7 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7) ioctl$auto_BLKTRACESETUP2(r7, 0xc0481273, 0x0) brk$auto(0xffffffffffffff66) sendfile$auto(r5, r5, 0x0, 0x1) 9.709749378s ago: executing program 1 (id=2008): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0xffffffffffffffff, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x6, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) r0 = openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/clk/clk_orphan_summary\x00', 0x40, 0x0) close_range$auto(r0, r0, 0x0) socket(0x1e, 0x4, 0x0) r1 = socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0x7, 0x0, 0x4) clone$auto(0x7fff, 0xff, 0x0, 0x0, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r2, 0x4b45, 0x0) syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000000), r1) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x800000000007, 0xd3e, 0x1, 0x948f, 0x3, 0xf1f, 0xc0, 0x3, 0x62, 0x80000001, 0x7, 0x8, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) dup2$auto(0x5, 0x4) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, 0x2, 0x0, 0x10000, 0x9) getpid() io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x506, 0x0) ioctl$auto_SNDCTL_DSP_STEREO(r3, 0xc0045003, 0x0) 9.637042596s ago: executing program 3 (id=2009): r0 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) write$auto_cachefiles_daemon_fops_internal(r0, &(0x7f0000000300)="a04f", 0x2) unshare$auto(0x40000080) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x2c2104, 0x0) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000640)={0x18, r2, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_FRAME={0x0, 0x3, "406a4781b3446e46b84c1f0a3bc0dfc6bc5a4e03d6ca9c2ec19754cd324bd5594f0944db8c822e3fdcffc7043284a53b0333d7d96d988d9107e81028951dadb5f9868ee3e87ecba93cc3bd57f247c335ddd1f696b8bc3ac1dbf41a834771277f659c6b2cb39835984f842bb0fdcac21b8828ce1ca393db28e5c5eaa879dab1db9af82037cf385d8c73179a7c788f81a1218c8c43106b29454ef37d2ba28c83166055f64403bf64dd47d60766956d2b3f4e8724bf3861b01b1a149ed34fb2b3401e09a644fad1edb14681f3e41b7b818e599b1f3ab92a41bb2cd1ac097b13f96c9072ca73dd36289842e4fcdb65d552ddcc1a7e36802626446a535e130923a512ea37866021c31d75f62d4bcc8d84fa7e0cece79744e9ce810baa0bb0b90c8c2b89af522ba0e62a893947866820f5c822cac7a7fb98cfa2c2bcd9db83d475852eb17801c2199fcbd620e72422ddcdf2a9f42a7cbf0b5356f0fa26a9b11448de21a6164e7cd1997fc7ec061f1269c72d34e28ae222fd938262b783d2be1b6af0376e4dffca8d8d167bf2ab79cbd19bbdbe6fc2c1c4ec192f5c6bc2394a9c99b2795fda719089555ddd5f9ade18438651c7a5f735b3741870346baaad7b080ad8d53609f288515786a5e130e20dd246cf74c17b144c29f95457deb6a7957b045504485840ee49a16f95ccb0511cf9de181d9bd5a3db44704990fed62f9c7ba5e571dd6e7090063d3c62a80675cd9047a7edf8d7f01bc52478e04954d0a1b88f2681dbd54fd9059e6c1370f83f6778c1d8ba5c9ccab504251dfe17215d554e06c35e7adab99a8a9e3e57180fd4425aa0cfd6bec6464f833ae095a4ed13a5c900f832133cac2f03799a0f3c1931e572f30e9a7cf41924476ec7415f40d3525e3f207c3e26656ea42bd25f627f880442c1a6f46a46266d631a1e1e6403d40fe97e51b645fda5aa43b7c36c1f291a2c9260cf904b56702a4dc41739d2791e26896b06b6641024e94caab0c0b8975baa45ca2561fd0425951b2c806c6accd95be78422696de2b2e4858686c76f79331f24fca67791d59c505973e6be884adcf4a97cf57872921aa79ba84e9067053cc509a7e433f9022ea9f1b759577747dac4804388c5f69f1cebedb3d5be623c38ec1c3a1d7f1dfa0f0803465a98e41c02ba7a722d682d2610a8ec2cbe60e314fcc22aa0e39078f81039c1b0e3a9aa7622de66ffb2b90d44276713a0b0d6c2f0baa129c37f051ffad3f119d2fba5b948caeaf1fe1f984ace20ba0b71f70088e5a8f4472762ea43e522fd3e47ee8f393d025c7ac8ef576c6c08400d2ef13f068825b2dcdb2746e1c2bdb0fd9aa8bd92c9db2e74708276a699d242c3cc8b033ff28c88edb79fe9404633227dce0c67438a567615360194aefdceb32232a87217e497aaf7a543912c2ea79efdb4e2f18aa9c3d0b9d7750551026526a6b75046586762207bfa449a70a8468ebf0cddb93b148145cfe27c1b3ceb8a8000785d3b875954ad0b4fb84a410bec45e5410bb3750ad1b4f1723e66d75de959a973db27493638fb99938fc93ed002541835bdbc3612b178680f12c1ffe9881776fd138cb02044b3250decab91fd60ed8b8b81f92a939172304f455ada6ed3d99086e56b9ef9af43acc9b87b34158324df28700f22e63bf7fb0b85ddc5fc7fad9c7d9e079f0d805cfc499ead1eb3bb8c7bedc3962d1a2deeb3d50e3b828ef2c12a97a9e4d6c3ae4d22830bfe6bc0be1a"}]}, 0xfffffffffffffe84}, 0x1, 0x0, 0x0, 0x40c4}, 0x4048000) ioctl$auto_KVM_GET_MSR_FEATURE_INDEX_LIST(r1, 0xc004ae0a, &(0x7f0000000180)={0x7, [0x31f, 0x4, 0x10]}) unshare$auto(0x40000080) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event\x00', 0x101901, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = socket(0x2, 0x1, 0x0) getsockopt$auto_SO_OOBINLINE(r5, 0x0, 0xa, &(0x7f0000000040)='H\xff\x7f\v\x00kvm\x00', &(0x7f0000000080)=0x400) write$auto(r4, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x60802, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) sysfs$auto(0x2, 0x4, 0x0) mbind$auto(0x0, 0xfaa1, 0x8001, &(0x7f0000000280)=0xc9e, 0x400, 0x1) mremap$auto(0x200000001000, 0x8, 0x37, 0x3, 0x110c230000) open(&(0x7f0000000000)='./bus\x00', 0xa23c2, 0x1c0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x2) getdents64$auto(r6, &(0x7f0000000f40)={0x309, 0x7, 0xffff, 0x7}, 0x200c8) 9.545392295s ago: executing program 0 (id=2010): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x101001, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/eql/ifalias\x00', 0xb02, 0x0) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000280), 0x94001, 0x0) ioctl$auto_UI_SET_ABSBIT(r1, 0x40045567, &(0x7f0000000300)=0x81) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000440)=""/240, 0xf0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250af4"], 0x1c}}, 0x20008810) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) open(&(0x7f0000001bc0)='./file0\x00', 0x4142, 0x1) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty57\x00', 0x40741, 0x0) ioctl$auto(0x3, 0x402c542d, r3) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0x3, 0x541b, 0x74) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) r6 = openat$auto_ext4_dir_operations_ext4(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/bluetooth/hci4/power\x00', 0x8a040, 0x0) fcntl$auto_F_DUPFD_QUERY(r6, 0x403, r2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r4, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@ETHTOOL_A_TUNNEL_INFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x4000000) 9.060408336s ago: executing program 2 (id=2011): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = timerfd_create$auto(0x6, 0xe9fb) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/machinecheck/machinecheck0/check_interval\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyrb\x00', 0x208801, 0x0) socket(0x2b, 0x1, 0x0) select$auto(0x804, 0x0, &(0x7f0000000100)={[0x9, 0x0, 0x5, 0x80000300, 0x1, 0x10000000, 0x2, 0x3, 0x81, 0x10000005e58296b, 0x1e, 0x9, 0x7ff, 0x200, 0x20000000008, 0x4000000000006]}, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000880), r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc811}, 0x10) r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000280), r2) sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000008c0)=ANY=[@ANYBLOB="d8020000", @ANYRES16=r3, @ANYBLOB="000129bd7000fedbdf2504000000b4020500b03013af5e02de8bfa50c786b104c722b5e29f94c96e3dc63d620d71edfaf5dd7281ad6c1012fb36b76f44df24680b5cd9890ae3e4090bd47a7f6c75f07f73e9941017a8e5a06e2a40cf7dd7b6df6c3c1f06701681f570f4b040fe898ae027ec54f6bcdb87ca46f681f5deb2317db68f46f7a5f320b7af2d99e60f79cfe40e5bd6fdb47d15596b4d3a0133fbc0d603406fd4a300430762fb553d85ab0087bf265bbef2df19c916e1fa0752e79c9a4daa75b69df9789d1703a56e9f3db03304c78a9e77854c9200a6e81d8b05d909cd2f02fa45b4c14c2014765e8e78fd1a6dd5c1d4b40715be40c0491155136e73d9e3560159f48336a7458737c9f737425b12dd849b920f9f39f781b3ce08ed3473794084cb9757095a8640f77aa38fa0c9c37f42f13523a3f8613a4b702188b4e086c67249e9b912b7ca11484ad7bc7b762f933eedc570134758f3442f9b0e5b3bd9a53d8cb1a73675f56ae49d9cb0ad43e4bcb5440e133e8d2d3747160be349702a4063248dbc255986623ae09a4d7f7e31aa3cb5a964376833a98746464bb5c129dc7482119f0f5f518939eeb325959821ec501820ea0678eec7b78a295976552822858661745f023b61fc43554b59023310c76aa6fb632136a3187610605e1e64f61320681e654429f3590c4361e24ce5eec7d27ea88a5d817fd56c8bc88aeface3f5dfa91669740b917ec6a1667f6f1b1c97bb32f25de165ef1a529ce918307daf74b6e5020af877d06b50773504cf6e8f15f0e50c5f111da411de0ef58a3f1f1488788a015265ac0f9b48f9dbf31e5b1e172e629cfb8a478993ab0d0b2a46cb4531eda2b4b4741f0934c719425b7cec09b8edeab385c16f46316b4ea178cff9b65b4a0d7c5004cb8f45b80305d827e3acedcf34a0b75b11f6a619050359db57bab52099b26f0be3b315fd36c5bf9e5539f41d68b10e3a9f200610a59292d2b708000400f9d9ffff08000400cd0000000b3cbf73b3e4ba636203eaeb95255daef16c5390e2c07fbd13c4981e5fb6b908e413d68b6e9140b7bcb51d1cb17a171971882db15a00303e39757d8c100053e8e4b0c2a5aa27b73f949092f63b696b5e247a064cde01293ab288b07a2b745d900f7daebf9b50c3"], 0x2d8}}, 0x24000000) r4 = open(0x0, 0x82, 0x154) r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000700), r2) sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(r4, 0x0, 0x8004) execveat$auto(r4, 0x0, 0x0, 0x0, 0x1000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88b02, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x1a1280, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x0, 0x0) read$auto(r6, 0x0, 0x6) write$auto(0x3, 0x0, 0x7) r7 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/current_tracer\x00', 0x22000, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYRES8=r4, @ANYRES16=r7, @ANYBLOB="010025bd7000fcdbdf250400000005001300f9000000060003000500030005001500df000000", @ANYBLOB="2d35399092fd5c573b17c66ec2a90da145f6f21d917c48f1c8b9e85db68a787e4dd5a6f915e0b2", @ANYRESHEX=r5], 0x2c}, 0x1, 0x0, 0x0, 0x8810}, 0x4000) r8 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r8, 0xc004743e, 0x0) ioctl$auto_PPPIOCSCOMPRESS(r8, 0x4010744d, &(0x7f00000001c0)={0x0, 0x8, 0x80}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/cgroup.max.depth\x00', 0x182b02, 0x0) 8.438989856s ago: executing program 1 (id=2012): r0 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) write$auto_cachefiles_daemon_fops_internal(r0, &(0x7f0000000300)="a04f", 0x2) unshare$auto(0x40000080) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x2c2104, 0x0) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000640)={0x18, r2, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_FRAME={0x0, 0x3, "406a4781b3446e46b84c1f0a3bc0dfc6bc5a4e03d6ca9c2ec19754cd324bd5594f0944db8c822e3fdcffc7043284a53b0333d7d96d988d9107e81028951dadb5f9868ee3e87ecba93cc3bd57f247c335ddd1f696b8bc3ac1dbf41a834771277f659c6b2cb39835984f842bb0fdcac21b8828ce1ca393db28e5c5eaa879dab1db9af82037cf385d8c73179a7c788f81a1218c8c43106b29454ef37d2ba28c83166055f64403bf64dd47d60766956d2b3f4e8724bf3861b01b1a149ed34fb2b3401e09a644fad1edb14681f3e41b7b818e599b1f3ab92a41bb2cd1ac097b13f96c9072ca73dd36289842e4fcdb65d552ddcc1a7e36802626446a535e130923a512ea37866021c31d75f62d4bcc8d84fa7e0cece79744e9ce810baa0bb0b90c8c2b89af522ba0e62a893947866820f5c822cac7a7fb98cfa2c2bcd9db83d475852eb17801c2199fcbd620e72422ddcdf2a9f42a7cbf0b5356f0fa26a9b11448de21a6164e7cd1997fc7ec061f1269c72d34e28ae222fd938262b783d2be1b6af0376e4dffca8d8d167bf2ab79cbd19bbdbe6fc2c1c4ec192f5c6bc2394a9c99b2795fda719089555ddd5f9ade18438651c7a5f735b3741870346baaad7b080ad8d53609f288515786a5e130e20dd246cf74c17b144c29f95457deb6a7957b045504485840ee49a16f95ccb0511cf9de181d9bd5a3db44704990fed62f9c7ba5e571dd6e7090063d3c62a80675cd9047a7edf8d7f01bc52478e04954d0a1b88f2681dbd54fd9059e6c1370f83f6778c1d8ba5c9ccab504251dfe17215d554e06c35e7adab99a8a9e3e57180fd4425aa0cfd6bec6464f833ae095a4ed13a5c900f832133cac2f03799a0f3c1931e572f30e9a7cf41924476ec7415f40d3525e3f207c3e26656ea42bd25f627f880442c1a6f46a46266d631a1e1e6403d40fe97e51b645fda5aa43b7c36c1f291a2c9260cf904b56702a4dc41739d2791e26896b06b6641024e94caab0c0b8975baa45ca2561fd0425951b2c806c6accd95be78422696de2b2e4858686c76f79331f24fca67791d59c505973e6be884adcf4a97cf57872921aa79ba84e9067053cc509a7e433f9022ea9f1b759577747dac4804388c5f69f1cebedb3d5be623c38ec1c3a1d7f1dfa0f0803465a98e41c02ba7a722d682d2610a8ec2cbe60e314fcc22aa0e39078f81039c1b0e3a9aa7622de66ffb2b90d44276713a0b0d6c2f0baa129c37f051ffad3f119d2fba5b948caeaf1fe1f984ace20ba0b71f70088e5a8f4472762ea43e522fd3e47ee8f393d025c7ac8ef576c6c08400d2ef13f068825b2dcdb2746e1c2bdb0fd9aa8bd92c9db2e74708276a699d242c3cc8b033ff28c88edb79fe9404633227dce0c67438a567615360194aefdceb32232a87217e497aaf7a543912c2ea79efdb4e2f18aa9c3d0b9d7750551026526a6b75046586762207bfa449a70a8468ebf0cddb93b148145cfe27c1b3ceb8a8000785d3b875954ad0b4fb84a410bec45e5410bb3750ad1b4f1723e66d75de959a973db27493638fb99938fc93ed002541835bdbc3612b178680f12c1ffe9881776fd138cb02044b3250decab91fd60ed8b8b81f92a939172304f455ada6ed3d99086e56b9ef9af43acc9b87b34158324df28700f22e63bf7fb0b85ddc5fc7fad9c7d9e079f0d805cfc499ead1eb3bb8c7bedc3962d1a2deeb3d50e3b828ef2c12a97a9e4d6c3ae4d22830bfe6bc0be1a"}]}, 0xfffffffffffffe84}, 0x1, 0x0, 0x0, 0x40c4}, 0x4048000) ioctl$auto_KVM_GET_MSR_FEATURE_INDEX_LIST(r1, 0xc004ae0a, &(0x7f0000000180)={0x7, [0x31f, 0x4, 0x10]}) unshare$auto(0x40000080) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event\x00', 0x101901, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = socket(0x2, 0x1, 0x0) getsockopt$auto_SO_OOBINLINE(r5, 0x0, 0xa, &(0x7f0000000040)='H\xff\x7f\v\x00kvm\x00', &(0x7f0000000080)=0x400) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x60802, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) sysfs$auto(0x2, 0x4, 0x0) mbind$auto(0x0, 0xfaa1, 0x8001, &(0x7f0000000280)=0xc9e, 0x400, 0x1) mremap$auto(0x200000001000, 0x8, 0x37, 0x3, 0x110c230000) open(&(0x7f0000000000)='./bus\x00', 0xa23c2, 0x1c0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x2) getdents64$auto(r6, &(0x7f0000000f40)={0x309, 0x7, 0xffff, 0x7}, 0x200c8) 8.027361794s ago: executing program 0 (id=2013): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto(0x3, 0x541b, 0x38) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4) dup3$auto(0x8000000000000001, 0x5, 0x800080000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0x4068aea3, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000000240)={{@raw=0x81, 0x6, 0x8000, 0x4, "b132ce14b9040000000000000000dab2591457de9c4db5868dcff7e9cc1994ed0a00", @raw=0x8ef}, 0x2, 0x8, 0x1895, @inferred, @integer={0x0, 0xf, 0x9}, "f82d0516c633863c5281ae962fd8c811792ad96298c95d5a9da1400adb4ee0bc170d51ef637d9927912407406936d9cbf46ddadb7820b40766245026a272cd3a"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) memfd_secret$auto(0x5) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x20100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptytf\x00', 0x20440, 0x0) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82400, 0x0) ioctl$auto_SG_SCSI_RESET(r3, 0x2284, &(0x7f00000001c0)) write$auto(0x3, 0x0, 0xfffffdef) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x4, 0x6, 0x0, 0x9b72, r0, 0xa8000) socket(0x2, 0x5, 0x0) io_uring_setup$auto(0x406, 0x0) 6.707207679s ago: executing program 0 (id=2014): r0 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) write$auto_cachefiles_daemon_fops_internal(r0, &(0x7f0000000300)="a04f", 0x2) unshare$auto(0x40000080) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x2c2104, 0x0) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000640)={0x18, r2, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_FRAME={0x0, 0x3, "406a4781b3446e46b84c1f0a3bc0dfc6bc5a4e03d6ca9c2ec19754cd324bd5594f0944db8c822e3fdcffc7043284a53b0333d7d96d988d9107e81028951dadb5f9868ee3e87ecba93cc3bd57f247c335ddd1f696b8bc3ac1dbf41a834771277f659c6b2cb39835984f842bb0fdcac21b8828ce1ca393db28e5c5eaa879dab1db9af82037cf385d8c73179a7c788f81a1218c8c43106b29454ef37d2ba28c83166055f64403bf64dd47d60766956d2b3f4e8724bf3861b01b1a149ed34fb2b3401e09a644fad1edb14681f3e41b7b818e599b1f3ab92a41bb2cd1ac097b13f96c9072ca73dd36289842e4fcdb65d552ddcc1a7e36802626446a535e130923a512ea37866021c31d75f62d4bcc8d84fa7e0cece79744e9ce810baa0bb0b90c8c2b89af522ba0e62a893947866820f5c822cac7a7fb98cfa2c2bcd9db83d475852eb17801c2199fcbd620e72422ddcdf2a9f42a7cbf0b5356f0fa26a9b11448de21a6164e7cd1997fc7ec061f1269c72d34e28ae222fd938262b783d2be1b6af0376e4dffca8d8d167bf2ab79cbd19bbdbe6fc2c1c4ec192f5c6bc2394a9c99b2795fda719089555ddd5f9ade18438651c7a5f735b3741870346baaad7b080ad8d53609f288515786a5e130e20dd246cf74c17b144c29f95457deb6a7957b045504485840ee49a16f95ccb0511cf9de181d9bd5a3db44704990fed62f9c7ba5e571dd6e7090063d3c62a80675cd9047a7edf8d7f01bc52478e04954d0a1b88f2681dbd54fd9059e6c1370f83f6778c1d8ba5c9ccab504251dfe17215d554e06c35e7adab99a8a9e3e57180fd4425aa0cfd6bec6464f833ae095a4ed13a5c900f832133cac2f03799a0f3c1931e572f30e9a7cf41924476ec7415f40d3525e3f207c3e26656ea42bd25f627f880442c1a6f46a46266d631a1e1e6403d40fe97e51b645fda5aa43b7c36c1f291a2c9260cf904b56702a4dc41739d2791e26896b06b6641024e94caab0c0b8975baa45ca2561fd0425951b2c806c6accd95be78422696de2b2e4858686c76f79331f24fca67791d59c505973e6be884adcf4a97cf57872921aa79ba84e9067053cc509a7e433f9022ea9f1b759577747dac4804388c5f69f1cebedb3d5be623c38ec1c3a1d7f1dfa0f0803465a98e41c02ba7a722d682d2610a8ec2cbe60e314fcc22aa0e39078f81039c1b0e3a9aa7622de66ffb2b90d44276713a0b0d6c2f0baa129c37f051ffad3f119d2fba5b948caeaf1fe1f984ace20ba0b71f70088e5a8f4472762ea43e522fd3e47ee8f393d025c7ac8ef576c6c08400d2ef13f068825b2dcdb2746e1c2bdb0fd9aa8bd92c9db2e74708276a699d242c3cc8b033ff28c88edb79fe9404633227dce0c67438a567615360194aefdceb32232a87217e497aaf7a543912c2ea79efdb4e2f18aa9c3d0b9d7750551026526a6b75046586762207bfa449a70a8468ebf0cddb93b148145cfe27c1b3ceb8a8000785d3b875954ad0b4fb84a410bec45e5410bb3750ad1b4f1723e66d75de959a973db27493638fb99938fc93ed002541835bdbc3612b178680f12c1ffe9881776fd138cb02044b3250decab91fd60ed8b8b81f92a939172304f455ada6ed3d99086e56b9ef9af43acc9b87b34158324df28700f22e63bf7fb0b85ddc5fc7fad9c7d9e079f0d805cfc499ead1eb3bb8c7bedc3962d1a2deeb3d50e3b828ef2c12a97a9e4d6c3ae4d22830bfe6bc0be1a"}]}, 0xfffffffffffffe84}, 0x1, 0x0, 0x0, 0x40c4}, 0x4048000) ioctl$auto_KVM_GET_MSR_FEATURE_INDEX_LIST(r1, 0xc004ae0a, &(0x7f0000000180)={0x7, [0x31f, 0x4, 0x10]}) unshare$auto(0x40000080) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event\x00', 0x101901, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = socket(0x2, 0x1, 0x0) getsockopt$auto_SO_OOBINLINE(r5, 0x0, 0xa, &(0x7f0000000040)='H\xff\x7f\v\x00kvm\x00', &(0x7f0000000080)=0x400) write$auto(r4, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x60802, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) sysfs$auto(0x2, 0x4, 0x0) mbind$auto(0x0, 0xfaa1, 0x8001, &(0x7f0000000280)=0xc9e, 0x400, 0x1) mremap$auto(0x200000001000, 0x8, 0x37, 0x3, 0x110c230000) open(&(0x7f0000000000)='./bus\x00', 0xa23c2, 0x1c0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x2) getdents64$auto(r6, &(0x7f0000000f40)={0x309, 0x7, 0xffff, 0x7}, 0x200c8) 6.518475178s ago: executing program 2 (id=2015): write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) futex$auto(0x0, 0x6, 0x1f, 0x0, 0x0, 0x8000fff5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) connect$auto(0x3, 0x0, 0x54) sendmmsg$auto(r0, 0x0, 0x9a5, 0x47ffff7e) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x0, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020007, 0xc818, 0xeb1, r3, 0x8002) mmap$auto(0x1cdf, 0x2020009, 0x5, 0xebe, 0xfffffffffffffffa, 0x6a4d) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f00000003c0)=""/242, 0xf2) socket(0x1d, 0x800, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a242, 0x0) ioctl$auto(r4, 0x5646, r4) statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x9, 0x1, 0x3ff, 0x1ffde, 0x7, 0x401, 0x2, 0x9, 0xffffffff, 0x6, 0x4, 0xb0, 0x9, 0x3, 0xfffc, 0x7f, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1000000001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x7, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x3, 0x0, 0x9, 0xd, 0x0, 0x0, 0x7]}, 0x202, 0xd) r5 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r6 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x2001, 0x0) ioctl$auto(r6, 0xc0046209, 0x9) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000380), r5) r7 = openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) pread64$auto(r7, 0x0, 0x2, 0x3) 6.363863506s ago: executing program 3 (id=2016): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_mISDN_fops_timerdev(0xffffffffffffffff, &(0x7f0000001a00)=""/4097, 0x1001) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000100), 0x20000, 0x0) ioctl$auto_I2C_SLAVE(r0, 0x703, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0d566b3dd008e4edd9650200000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x183941, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x3, &(0x7f00000001c0)=@query={@target_fd=0xffffffffffffffff, 0x1, 0x86e6, 0x9, 0x63, @count=0x4, 0x0, 0x1, 0x2, 0x10004, 0xb716}, 0xc) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x100) bpf$auto(0x0, &(0x7f00000001c0)=@token_create={0x1}, 0x6f6) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, &(0x7f00000001c0)) madvise$auto(0x0, 0x20000a, 0x4) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f00000001c0)) getpgrp(0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) ioctl$auto_USBDEVFS_RELEASEINTERFACE(r2, 0x80045510, &(0x7f0000000280)=0x2) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0xffffffffffffffff, 0x0, 0x8) ioctl$auto_CEC_S_MODE(0xffffffffffffffff, 0x40046109, 0x0) 5.638135808s ago: executing program 3 (id=2017): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/sound/ctl-led/speaker/card2/reset\x00', 0xa001, 0x0) r0 = openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000001200)='/proc/thread-self/mounts\x00', 0x28000, 0x0) preadv$auto(r0, &(0x7f0000000140)={&(0x7f00000000c0), 0x20000182}, 0x7, 0x4, 0x2) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r2, 0x8000) semctl$auto(0x3, 0x7, 0x13, 0x7) r3 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r3, 0x29, 0x20, 0x0, 0x20) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mlock2$auto(0x1, 0x8001, 0x0) io_pgetevents$auto(0x7, 0x9, 0x7ff, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1}}) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x40000080) r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x4280, 0x0) getsockopt$auto(r4, 0x1, 0x2, &(0x7f0000000180)='/cec27\x00f-e\xfb\xb1\xd7\x95\xca\xf5~\xc0\xd134\xf8\x02%\xf8', 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0xa2382, 0x0) r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000008ac0)='/dev/audio\x00', 0xa00, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC2(r6, 0x80044dff, &(0x7f00000001c0)) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r7 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7) ioctl$auto_BLKTRACESETUP2(r7, 0xc0481273, 0x0) brk$auto(0xffffffffffffff66) sendfile$auto(r5, r5, 0x0, 0x1) 5.413726308s ago: executing program 2 (id=2018): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000140)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000480)={{&(0x7f00000001c0)="8d10a50b60e1380b545f89c54bab4fbfb3e0feda7edd7e46ae550aa997ff56be56fea27cb83751daf5f24ad06844d84862e0d8ddb179f76038831d67eaac8ab77003e5fc4eaf9d788521bd99b2729d94e367eabcdce535dd22dee07e455f0d28213b56b89d026239a1a68f51487800b3643829c256b36302e01c43618a797b05025b5feebfc59d59d2d916fd4248245863a0fd01593abab17301a9c36f0ec8bcbd4d8e6757f5b19d5092696e8e3e7ae1179791a4d12d4b6e213364b1f45cbae151889a10e446fe3ddc6e35545780a45518a4", 0x3, &(0x7f00000003c0)={&(0x7f00000002c0)="a05773e17fc3f097c1dda9674cdda8495227c3f6143b1c9dae28868eb2521113ee53fe55139a6cafe81097998f467936029d7cc2a59bd8df4aac7fbffdb54dfbc4dabe4693db529a457b072d24a74a8cc4064a179611df8dbc3eb7d0d68f653f5c970fe5e8039b309bf88b2d95319ac03fe3fed98f97feb30230ed7bc44c009694c3a27e9526df2fdf2b2d30adf6f4e00f90211708f37043fdc4153b871250e305e2c21184eaa67cb94b2d8e79f89ec13959f9918ffa08e8a519c2ad073327cf5ae99cbd9397b8187ea2e9c37e5535d88c6ce6ca1e247930b3585aa92c14fee55aef257d", 0x100}, 0x1, &(0x7f0000000400)="2491e2f933b13df8b9767a34918374d206e5f3c766ee0baae721e41d7b28fc255fc9387e8c68e335e84ca7720ac49cdfdff203042b32ffe2ddf3fee62aa25966f135af5acda0f5ee35af2663f7f69d40ea81d8bce8fc80c0add9b8", 0x1, 0x1}, 0x401}, 0x5, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r3, 0x4018620d, 0x9) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) socket(0x10, 0x2, 0x6) socketpair$auto(0x5, 0x5, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) setrlimit$auto(0xb, 0x0) getpid() openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.2/usb3/3-0:1.0/authorized\x00', 0x220080, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2, 0x3, 0xa) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x7ffff000) sendmmsg$auto(r0, 0x0, 0x9a6, 0x7000000) 4.004010289s ago: executing program 2 (id=2019): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000140)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000480)={{&(0x7f00000001c0)="8d10a50b60e1380b545f89c54bab4fbfb3e0feda7edd7e46ae550aa997ff56be56fea27cb83751daf5f24ad06844d84862e0d8ddb179f76038831d67eaac8ab77003e5fc4eaf9d788521bd99b2729d94e367eabcdce535dd22dee07e455f0d28213b56b89d026239a1a68f51487800b3643829c256b36302e01c43618a797b05025b5feebfc59d59d2d916fd4248245863a0fd01593abab17301a9c36f0ec8bcbd4d8e6757f5b19d5092696e8e3e7ae1179791a4d12d4b6e213364b1f45cbae151889a10e446fe3ddc6e35545780a45518a4", 0x3, &(0x7f00000003c0)={&(0x7f00000002c0)="a05773e17fc3f097c1dda9674cdda8495227c3f6143b1c9dae28868eb2521113ee53fe55139a6cafe81097998f467936029d7cc2a59bd8df4aac7fbffdb54dfbc4dabe4693db529a457b072d24a74a8cc4064a179611df8dbc3eb7d0d68f653f5c970fe5e8039b309bf88b2d95319ac03fe3fed98f97feb30230ed7bc44c009694c3a27e9526df2fdf2b2d30adf6f4e00f90211708f37043fdc4153b871250e305e2c21184eaa67cb94b2d8e79f89ec13959f9918ffa08e8a519c2ad073327cf5ae99cbd9397b8187ea2e9c37e5535d88c6ce6ca1e2479", 0x100}, 0x1, &(0x7f0000000400)="2491e2f933b13df8b9767a34918374d206e5f3c766ee0baae721e41d7b28fc255fc9387e8c68e335e84ca7720ac49cdfdff203042b32ffe2ddf3fee62aa25966f135af5acda0f5ee35af2663f7f69d40ea81d8bce8fc80c0add9b8", 0x1, 0x1}, 0x401}, 0x5, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r3, 0x4018620d, 0x9) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) socket(0x10, 0x2, 0x6) socketpair$auto(0x5, 0x5, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) setrlimit$auto(0xb, 0x0) getpid() openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.2/usb3/3-0:1.0/authorized\x00', 0x220080, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2, 0x3, 0xa) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x7ffff000) sendmmsg$auto(r0, 0x0, 0x9a6, 0x7000000) 2.588712145s ago: executing program 1 (id=2020): close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0) r1 = socket(0x11, 0x3, 0xe) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc0803, 0x0) mmap$auto(0x8000000000000, 0x6, 0xdf, 0xeb1, r1, 0x8000) io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280), 0x1) r2 = clone$auto(0x20003b48, 0x2, 0x0, 0x0, 0x5) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000040)='/dev/media1\x00', 0x30001, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x8, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x1000, 0xb, 0x1, 0xced80000000000, 0x9, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0xc, 0x82000000000940, 0x1ffde, 0x7, 0x4, 0x9, 0x9, 0x1, 0x2, 0x7, 0x9, 0x3979d5ff, 0x8, 0x1407, 0x5, 0x8000000007, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf3, 0x0, 0xfffffffc, 0x0, 0x4, 0x0, [0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x80000000004, 0x0, 0x0, 0x40000000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffff5, 0x1, 0x0, 0xffffffffffffffff, 0x47e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400000000e3a, 0x101, 0xfffffffffffffffe, 0x80000000, 0x2000000]}, 0x400, 0x9632) r3 = socket(0x10, 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000003c0)='+&\x00', 0x273f) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="df00faddf3b1ddd7b2d2286649aed213ec3cb3931597535947a8f29973287e747d08085eab1cc8799e8eb3407f5f5f3c62b6708d997705ee42a8a8b6b6444808c5b0eb8393b2a45ce283e90144ae116a4f0bb25ec854846bae5bb64099f37edfa1e22246302e9ee009b78260b4c69e7f64ec71457c3855a8a0f689e28f8b683f8e61dc8b652d1e15f4fe89b0641b559c683b52735d3d16f56f787564244d5ed426da777074a827c3da666f01121653877f7d6761b77b8f2ca62d92679e58d439eb0262d7f96811ce0cc4678a2656dfb1df3b300217cef127be9af7", @ANYBLOB='p\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24048040}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB], 0x1ac}}, 0x40000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram5\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x40048c5) msgctl$auto_MSG_INFO(0x9, 0xc, &(0x7f0000000440)={{0xfffffff2, 0x0, 0xffffffffffffffff, 0x7f, 0x5, 0x4, 0x7}, &(0x7f0000000380)=0x2, &(0x7f0000000500), 0x9, 0x80, 0x7, 0x4, 0x0, 0x38, 0x0, 0x22f0, @inferred=r2, @inferred=r2}) lstat$auto(0x0, &(0x7f0000000180)={0x7, 0x3b, 0x2, 0x10009, r4, 0x0, 0x0, 0x1000000009, 0x10001, 0x3, 0x400, 0x7ffffffb, 0x5, 0x4, 0x5, 0x61, 0x104}) r5 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x1, 0x2, 0xe, 0x12, 0xffffffffffffffff, 0x5) ioctl$sock_SIOCGIFINDEX(r5, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/thread-self/fail-nth\x00', 0x40, 0x0) write$auto(r6, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\'g\t$K\xcb\x12\xfa\x00\x00\xcfk', 0xb7f) select$auto(0x1, &(0x7f0000000040)={[0xfffffffffffff91e, 0x9, 0x4, 0x80, 0x7, 0x3, 0x80000001, 0xfff, 0x3, 0xfffffffffffffffc, 0x5, 0xb, 0x4, 0x7, 0x0, 0xa1ae]}, &(0x7f00000000c0)={[0xffffffffffffffff, 0x4, 0x0, 0x1, 0xffffffffffffffee, 0x6, 0x7f, 0x4, 0x2, 0xc6d, 0x8, 0xffffffff, 0x1, 0x0, 0x7491, 0x40]}, 0x0, &(0x7f00000001c0)={0xb0b, 0xffffffffffffffff}) r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r7, &(0x7f0000000180)='7\x00\\\xa0\x04|4\x00\x00\x03\x00\x00\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\x00rRVr\xc4O\xdc1\x9b%\x10Z\'\xb9\'\xa3stC=\x85\xc6\xf6\x13 \xeb\xff%\x11\x82\x05\xdfV\x02\xca&\xd8$<\xab&\xc8B-\xcc\x15\x04&\x13;\xfe\xbdQ\xaa\x16o\x1f\xc7\x94\xa3\xc9\x9a\xe1d\xf5\n\xe2\x88\x84\vT?\x98\xa2\x00'/206, 0x5) fsopen$auto(0x0, 0x1) write$auto(r0, &(0x7f0000000140)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~1\xf5\xf8\x93*jH\x85H\x05\xae\xdf\xf0\x15A\xdb$\'\x87', 0x81) 2.314844863s ago: executing program 0 (id=2021): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x4a800, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x14, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x1, 0x8, 0x2, 0x7d, r0, 0x3) sysfs$auto(0x2, 0x24, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x81, 0x3, 0x15, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder1\x00', 0x189160, 0x0) ioctl$auto_BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r2, 0x40046210, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptys7\x00', 0x34f041, 0x0) epoll_create$auto(0x3e) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mmap$auto(0xfffffffffffffff8, 0x40000c, 0x0, 0x9b71, 0x2, 0x40000002) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x9c0302, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xae}, 0x5, 0x0, 0x3, 0x3a32182}, 0x4}, 0x3, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) 2.124401188s ago: executing program 3 (id=2022): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/set_event\x00', 0x8c1a2, 0x0) socket(0x25, 0x5, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x40802, 0x0) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto(r0, 0x4611, r0) r1 = bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x4) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_GET_SE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)={0x94, r2, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@NFC_ATTR_COMM_MODE={0x5}, @NFC_ATTR_VENDOR_DATA={0x70, 0x1f, "4867d901dacc02eee1ab47506566b7c229d22cc8a7fbdfcfd9bd6028aa45e54fa80dca082e29c1e5b387677a7a5ae38f64b5edda851d2e0632b3268a8713d048450c51ae49a3cab3b0434f170ac98a1d4b2af52a1318bc7b75e97377c1719dc4396b8cd427aebea5bd8b9ef8"}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0x1}]}, 0x94}, 0x1, 0x0, 0x0, 0x44110}, 0x2400c000) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c0000004c0a15770d3c8624268adb31474d65fd988d4ed5775c3cb2e680705a7f66bc6a9dbb2170a54e3795e4114c8b5ac23f458e70273f2135e1529c53db84b52da477735b42e03aa05b30e5d8d17a3aefa82db522bd87c545de0af4f8a753a6b6c28d8f77bfecd10719678e1453a56039ce6fbfce53eeb63f2ef49cc14fe9be963bde73ce595a15b14d11462800"/157, @ANYRES16=r2, @ANYBLOB="00042cbd7000fbdbdf250200000008000400080000000e001400255c2723292626252a28000005000f00030000000d0002002f6465762f66623000000000060002002b2f0000050010000100000005000f000900"], 0x5c}, 0x1, 0x0, 0x0, 0x41}, 0xc044) socket(0xa, 0x3, 0xff) setsockopt$auto(0x400000000000003, 0x29, 0x3a, 0x0, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r6) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) fsopen$auto(0x0, 0x1) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) r9 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff) sendmsg$auto_WG_CMD_SET_DEVICE(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010029bd7000fddbdf250100000008000100", @ANYRES32=r8, @ANYBLOB="0000001400000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000011}, 0x810) close_range$auto(0x2, 0x8000, 0x0) 1.311124509s ago: executing program 2 (id=2023): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto(0x3, 0x541b, 0x38) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4) dup3$auto(0x8000000000000001, 0x5, 0x800080000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0x4068aea3, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000000240)={{@raw=0x81, 0x6, 0x8000, 0x4, "b132ce14b9040000000000000000dab2591457de9c4db5868dcff7e9cc1994ed0a00", @raw=0x8ef}, 0x2, 0x8, 0x1895, @inferred, @integer={0x0, 0xf, 0x9}, "f82d0516c633863c5281ae962fd8c811792ad96298c95d5a9da1400adb4ee0bc170d51ef637d9927912407406936d9cbf46ddadb7820b40766245026a272cd3a"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) memfd_secret$auto(0x5) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x20100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptytf\x00', 0x20440, 0x0) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82400, 0x0) ioctl$auto_SG_SCSI_RESET(r3, 0x2284, &(0x7f00000001c0)) write$auto(0x3, 0x0, 0xfffffdef) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x4, 0x6, 0x0, 0x9b72, r0, 0xa8000) socket(0x2, 0x5, 0x0) io_uring_setup$auto(0x406, 0x0) 1.220734185s ago: executing program 1 (id=2024): mmap$auto(0x0, 0x20009, 0x10000000000df, 0x4eb2, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x400, 0x22) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x20002, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) r2 = epoll_create$auto(0x8800001) epoll_ctl$auto(r2, 0x1, r0, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000080)="caef145ab03dae9b44c6ebd07167c55157e9c80cfdf3a82c9562222cb9d16f377a4bce6c76d2eecc9f1ac6f60fe0c669687a289e39731e14d3cdf9d77a41370d25abaff7933258b938c40d91ecb6f9c215cb04f98d587be2810d060a3951e11e7d60dce035db164f028d5be39080e372f0b15c6626381eb49bcffd288d50") openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x189002, 0x0) write$auto(0x3, 0x0, 0xfdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto_TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000000)=0x425792c7) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), 0xffffffffffffffff) openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8202, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x20, r3, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x10}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x24040071}, 0x800) epoll_pwait2$auto(0x1, 0xfffffffffffffffc, 0x3, 0xfffffffffffffffd, 0xffffffffffffffff, 0x6) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) r5 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) mmap$auto(0x0, 0x400008, 0xdf, 0x20000009b72, 0x2, 0x8000) clone$auto(0x6, 0x7, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) mprotect$auto(0x0, 0x806121, 0x8) r6 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/mem\x00', 0x20401, 0x0) write$auto_proc_mem_operations_base(r6, &(0x7f0000001680)="97", 0x80000) mkdir$auto(&(0x7f0000000040)='./cgroup.net/\f\x00\x00\x00\x00', 0xa6) 1.116564583s ago: executing program 3 (id=2025): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) time$auto(&(0x7f0000000000)=0x101) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) waitid$auto(0x5, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0x8, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) prctl$auto(0x5, 0x80000000, r0, 0x4, 0x8) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b"}, 0x6, 0x3, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x8800, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000180)) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) lsm_list_modules$auto(0x0, 0x0, 0x0) r4 = socket(0x2, 0x801, 0x106) getsockopt$auto(r4, 0x11c, 0x3, 0x0, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) 132.338208ms ago: executing program 2 (id=2026): unshare$auto(0x40000080) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC2\x00', 0x80, 0x0) mmap$auto(0x80000, 0x401, 0x2, 0xeb1, 0xffffffffffffffff, 0x8000000080) mmap$auto(0x0, 0x2020009, 0x1003, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x80000, 0x300) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000010c0)='./file0\x00', 0x2001, 0x8) r3 = getuid() r4 = getegid() setregid$auto(r4, r4) statx$auto(r2, &(0x7f0000001100)='./file0\x00', 0x0, 0x10001, &(0x7f0000001140)={0x3, 0x6, 0x9, 0x8, r3, r4, 0x5, 0x1, 0x3, 0xffff, 0xb, 0xb6, {0x10, 0xfffffffa}, {0x1, 0x2}, {0x5, 0x8001}, {0x8, 0x101}, 0x7e05b10d, 0x7, 0x7b6, 0x1, 0xb, 0x7, 0xa, 0x2, 0x5, 0x3, 0x3, 0x1c5, [0x3ff, 0x2, 0x80000001, 0x8, 0x96, 0x0, 0x20, 0x0, 0xffffffffffff0000]}) r5 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r5, &(0x7f0000000040)=""/4096, 0xfffffe82) futimesat$auto(0xffffffffffffffff, 0x0, &(0x7f0000001280)={0xa, 0x1000}) r6 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="01002bbd7000fbdbdf250100000031208be8a5b4f52d83483e5c2d79da46e337d98473588f99774c7eb4868b973c1cef8187525db7b5b4e78678eb59512dbc7b11f4e29c29e3273c870a9555cf469e67e8886341e84d38edd658cf267f92e1e785a50fe500fbc125a65f8a4e5aa458a90f3d87fc71eca6309fc0ee1724cea121a7c96dbba43270448ec20cd22915c1cfa658b316e773d1eff747e371aace10d66450a3666b7be9754bde44d1"], 0x14}, 0x1, 0x0, 0x0, 0x4014}, 0x0) sendmsg$auto_ILA_CMD_FLUSH(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r6, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x40008c4) semctl$auto(0x7, 0x2, 0x13, 0x1) r7 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r8 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r8, 0x0) ioctl$auto_UI_DEV_SETUP(r7, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x3, 0x8001}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r7, 0x5501, 0x0) ioctl$auto_UI_SET_SNDBIT(r7, 0x4004556a, 0x0) rseq$auto(&(0x7f0000001040)={0x22, 0xfffffff2, 0x0, 0x10006, 0xffffffff, 0x2, "67389f7852507eb45c3d192c9ef4aad67cb4416102db09e8992a5954c593c6d9650f4fb01997f368147a2820ccf07c523db70234e8b670211274246937c22dc85ab6004a61ed"}, 0x8002, 0x0, 0x6) 8.198167ms ago: executing program 0 (id=2027): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000840)='./cgroup.cpu/memory.stat\x00', 0x111100, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = prctl$auto(0xac6, 0xf2, 0xffffffffffffffff, 0x100000001, 0x7e37) getdents64$auto(r0, 0x0, 0x1) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) kexec_load$auto(0x5, 0x2, &(0x7f0000000100)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x6) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x7f) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto(r1, 0x5427, 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4000804) lstat$auto(0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_VENDOR(r2, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)={0x14, r3, 0x705, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r4, &(0x7f0000000340)=',02.15.4 ]\x98\x0f7V\xd4l\xf2AC\x04\xecQ=\xa2\xce\nO}\x1d\xd7\xb5\x92\xf7\xb2\xc2\xddm\xfbR\xfb\x92x\xd8\xb2\x8a&\xda\\\xa1}&^\x03\x02\xf28\xfd|\xed~\a\xaf\x14\xb5.\x92\"-6.\xb2$\x88\xeb\xdc\x0f\xba$?c\x8b\xcb\xf4q\r\xf5>}4\x99(\xb8D\x15\xb8\xc9U\x14\xd6r\xc9\x81\xbbI\xc9+^\x00\xf6\xb5\xd9\x1e\x89G?/\xc5\x86\xd0\xab\xb3\xfd\xc9?\xa7B\x1b\xdc\xff\xab\xb6~\x96\xd6\x9f\x1d\xfb\xa1dg\x9d\x8d]\xdek\x9c0\xea\xb3\nV\x1d\x10g\xaa\xf9\xf0\xc9\n\x8c\xf25G\x9c\x19\xe5\xd8\xa3\xee\x11\x12f\xd5o\x00\xeaY\n\xe0\x9f\r\xd4\x8e9G\x01\x04\xb2j\xbfYX\x9a)OQ\xedk\xb9\x85\x03c\xf3\x80\x10eG(\x94m81PL\x8d\xa47\x1a\x16\x11\xcd\xcdf\x15\r\x19\xc3\x90\xbe\x12\x85V\xeb\x8d\x97\xf0\x9c!\x86:\xe8\x8b\xa7@l', 0x3) getpid() r5 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0xc1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r5, 0x0) r6 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x364f9cefc8a0a83, 0x0) ioctl$auto_tracing_buffers_fops_trace(r6, 0x5220, 0x0) socket(0x2, 0x3, 0x1) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) 0s ago: executing program 3 (id=2028): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) getsockopt$auto_SO_RCVMARK(r0, 0x0, 0x4b, 0x0, 0x0) sendto$auto(r1, &(0x7f0000000140)="c99b97a4a18833a72aff5c6edec12838e6c36aa3b8efa7e23eab4f993ce66256c3ee1fa1470cc34d0844ef66ea5db21196afca7b6062c22e25bd38ff3a8ffce75c51cd146c42cece3a3c2eb0447313f733c79892b36978f22e11d89e044a5b7bc7cdd5b31fdb70dc8e1742fcffaaf5320703e7538d2d3b504ec3a67c52bf6efbf9e534702706e6a69a3fede118ad99154fc7e5e32bfbee8042e6352c285efc95675ed362f8255371c3422c3232332f10f51ccf72cabaf2fe303f88bf7d5b99b4c4139c4450af0df371", 0x0, 0x1e71, &(0x7f0000000000)=@can, 0x2) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mlockall$auto(0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r2) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={0x2c, r3, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@ETHTOOL_A_PLCA_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x885}, 0x8008040) ioctl$auto_TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000000000)=0x2) mmap$auto(0x29, 0x401, 0x8, 0x10, 0xffffffffffffffff, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f6) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, &(0x7f00000001c0)) r4 = ioctl$auto_NS_GET_PID_FROM_PIDNS(0xffffffffffffffff, 0x8004b706, &(0x7f0000000040)=0x9f0) ioctl$auto_CEC_ADAP_S_PHYS_ADDR(r4, 0x40026102, &(0x7f0000000100)) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x1, 0x9) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) kernel console output (not intermixed with test programs): M) 6*8kB (UM) 17*16kB (UM) 16*32kB (UM) 9*64kB (UM) 7*128kB (UM) 4*256kB (UM) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (U) 958*4096kB (UM) = 3932960kB [ 228.965305][ T7940] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 228.965317][ T7940] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=1 hugepages_size=2048kB [ 228.965328][ T7940] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 228.965340][ T7940] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 228.965415][ T7940] 72594 total pagecache pages [ 228.966096][ T7940] 0 pages in swap cache [ 228.966121][ T7940] Free swap = 124996kB [ 228.966132][ T7940] Total swap = 124996kB [ 228.966144][ T7940] 2097051 pages RAM [ 228.966155][ T7940] 0 pages HighMem/MovableOnly [ 228.966164][ T7940] 430821 pages reserved [ 228.966176][ T7940] 0 pages cma reserved [ 229.149695][ T7921] kexec: Could not allocate control_code_buffer [ 232.100833][ T7974] misc userio: Invalid payload size [ 234.990829][ T8022] NFSD: Failed to start, no listeners configured. [ 239.830862][ T8069] can: request_module (can-proto-4) failed. [ 248.519059][ T8186] FAULT_INJECTION: forcing a failure. [ 248.519059][ T8186] name failslab, interval 1, probability 0, space 0, times 0 [ 248.543958][ T8186] CPU: 0 UID: 0 PID: 8186 Comm: syz.3.387 Tainted: G U L syzkaller #0 PREEMPT(full) [ 248.544015][ T8186] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 248.544027][ T8186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 248.544044][ T8186] Call Trace: [ 248.544053][ T8186] [ 248.544063][ T8186] dump_stack_lvl+0x100/0x190 [ 248.544115][ T8186] should_fail_ex.cold+0x5/0xa [ 248.544151][ T8186] should_failslab+0xc2/0x120 [ 248.544185][ T8186] __kmalloc_cache_noprof+0x7a/0x6f0 [ 248.544222][ T8186] ? p9_client_create+0xaf/0xd40 [ 248.544287][ T8186] p9_client_create+0xaf/0xd40 [ 248.544336][ T8186] ? __pfx_p9_client_create+0x10/0x10 [ 248.544389][ T8186] ? lockdep_init_map_type+0x5c/0x250 [ 248.544429][ T8186] ? __raw_spin_lock_init+0x3a/0x110 [ 248.544476][ T8186] v9fs_session_init+0x40/0xce0 [ 248.544516][ T8186] ? kasan_save_track+0x14/0x30 [ 248.544569][ T8186] v9fs_get_tree+0xb8/0xb50 [ 248.544608][ T8186] ? rcu_is_watching+0x12/0xc0 [ 248.544652][ T8186] ? __pfx_v9fs_get_tree+0x10/0x10 [ 248.544701][ T8186] ? bpf_lsm_capable+0x9/0x10 [ 248.544732][ T8186] ? security_capable+0x80/0x260 [ 248.544776][ T8186] vfs_get_tree+0x92/0x320 [ 248.544809][ T8186] vfs_cmd_create+0xd7/0x2a0 [ 248.544843][ T8186] __do_sys_fsconfig+0x55a/0xcb0 [ 248.544882][ T8186] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 248.544935][ T8186] do_syscall_64+0x106/0xf80 [ 248.544972][ T8186] ? clear_bhb_loop+0x40/0x90 [ 248.545012][ T8186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.545040][ T8186] RIP: 0033:0x7fb64d39c799 [ 248.545067][ T8186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 248.545092][ T8186] RSP: 002b:00007fb64e1c0028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 248.545119][ T8186] RAX: ffffffffffffffda RBX: 00007fb64d615fa0 RCX: 00007fb64d39c799 [ 248.545137][ T8186] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 [ 248.545152][ T8186] RBP: 00007fb64d432c99 R08: 0000000000000000 R09: 0000000000000000 [ 248.545167][ T8186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.545183][ T8186] R13: 00007fb64d616038 R14: 00007fb64d615fa0 R15: 00007ffeeda02018 [ 248.545220][ T8186] [ 252.696533][ T8229] FAULT_INJECTION: forcing a failure. [ 252.696533][ T8229] name failslab, interval 1, probability 0, space 0, times 0 [ 252.696567][ T8229] CPU: 0 UID: 0 PID: 8229 Comm: syz.3.393 Tainted: G U L syzkaller #0 PREEMPT(full) [ 252.696590][ T8229] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 252.696596][ T8229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 252.696605][ T8229] Call Trace: [ 252.696610][ T8229] [ 252.696616][ T8229] dump_stack_lvl+0x100/0x190 [ 252.696642][ T8229] should_fail_ex.cold+0x5/0xa [ 252.696662][ T8229] should_failslab+0xc2/0x120 [ 252.696678][ T8229] __kmalloc_cache_noprof+0x7a/0x6f0 [ 252.696699][ T8229] ? copy_ipcs+0x10d/0x7e0 [ 252.696718][ T8229] copy_ipcs+0x10d/0x7e0 [ 252.696734][ T8229] create_new_namespaces+0x20a/0xac0 [ 252.696752][ T8229] ? security_capable+0x80/0x260 [ 252.696775][ T8229] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 252.696794][ T8229] ksys_unshare+0x473/0xad0 [ 252.696814][ T8229] ? __pfx_ksys_unshare+0x10/0x10 [ 252.696838][ T8229] __x64_sys_unshare+0x31/0x40 [ 252.696855][ T8229] do_syscall_64+0x106/0xf80 [ 252.696874][ T8229] ? clear_bhb_loop+0x40/0x90 [ 252.696891][ T8229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.696906][ T8229] RIP: 0033:0x7fb64d39c799 [ 252.696920][ T8229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 252.696934][ T8229] RSP: 002b:00007fb64e1c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 252.696949][ T8229] RAX: ffffffffffffffda RBX: 00007fb64d615fa0 RCX: 00007fb64d39c799 [ 252.696958][ T8229] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 252.696966][ T8229] RBP: 00007fb64d432c99 R08: 0000000000000000 R09: 0000000000000000 [ 252.696975][ T8229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 252.696983][ T8229] R13: 00007fb64d616038 R14: 00007fb64d615fa0 R15: 00007ffeeda02018 [ 252.697001][ T8229] [ 255.837725][ T8278] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 255.845843][ T8278] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 255.852038][ T8278] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 255.962096][ T8278] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 256.466759][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.474233][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.895601][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout [ 257.896514][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 257.908717][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 257.975628][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 258.387919][ T8322] random: crng reseeded on system resumption [ 259.465065][ T8322] FAULT_INJECTION: forcing a failure. [ 259.465065][ T8322] name failslab, interval 1, probability 0, space 0, times 0 [ 259.505786][ T8322] CPU: 1 UID: 0 PID: 8322 Comm: syz.0.411 Tainted: G U L syzkaller #0 PREEMPT(full) [ 259.505837][ T8322] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 259.505846][ T8322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 259.505863][ T8322] Call Trace: [ 259.505871][ T8322] [ 259.505881][ T8322] dump_stack_lvl+0x100/0x190 [ 259.505929][ T8322] should_fail_ex.cold+0x5/0xa [ 259.505962][ T8322] should_failslab+0xc2/0x120 [ 259.505991][ T8322] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 259.506031][ T8322] ? __proc_create+0x2cb/0x8c0 [ 259.506081][ T8322] __proc_create+0x2cb/0x8c0 [ 259.506135][ T8322] ? __pfx___proc_create+0x10/0x10 [ 259.506175][ T8322] ? find_held_lock+0x2b/0x80 [ 259.506204][ T8322] ? mark_held_locks+0x40/0x70 [ 259.506237][ T8322] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 259.506275][ T8322] proc_create_reg+0x75/0x170 [ 259.506305][ T8322] proc_create_net_data+0x8e/0x1c0 [ 259.506331][ T8322] ? __pfx_proc_create_net_data+0x10/0x10 [ 259.506365][ T8322] ip_vs_control_net_init+0x436/0x1d50 [ 259.506396][ T8322] ? mutex_init_lockep+0x110/0x150 [ 259.506435][ T8322] __ip_vs_init+0x217/0x520 [ 259.506468][ T8322] ? __pfx___ip_vs_init+0x10/0x10 [ 259.506501][ T8322] ops_init+0x1e2/0x5f0 [ 259.506544][ T8322] setup_net+0x118/0x3a0 [ 259.506582][ T8322] ? __pfx_setup_net+0x10/0x10 [ 259.506619][ T8322] ? lockdep_init_map_type+0x5c/0x250 [ 259.506653][ T8322] ? mutex_init_lockep+0x110/0x150 [ 259.506698][ T8322] copy_net_ns+0x46f/0x7c0 [ 259.506744][ T8322] create_new_namespaces+0x3ea/0xac0 [ 259.506779][ T8322] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 259.506813][ T8322] ksys_unshare+0x473/0xad0 [ 259.506849][ T8322] ? __pfx_ksys_unshare+0x10/0x10 [ 259.506899][ T8322] __x64_sys_unshare+0x31/0x40 [ 259.506932][ T8322] do_syscall_64+0x106/0xf80 [ 259.506969][ T8322] ? clear_bhb_loop+0x40/0x90 [ 259.507002][ T8322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.507031][ T8322] RIP: 0033:0x7f49d239c799 [ 259.507054][ T8322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 259.507081][ T8322] RSP: 002b:00007f49d31cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 259.507105][ T8322] RAX: ffffffffffffffda RBX: 00007f49d2615fa0 RCX: 00007f49d239c799 [ 259.507135][ T8322] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 259.507152][ T8322] RBP: 00007f49d2432c99 R08: 0000000000000000 R09: 0000000000000000 [ 259.507170][ T8322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.507187][ T8322] R13: 00007f49d2616038 R14: 00007f49d2615fa0 R15: 00007ffd18afdc38 [ 259.507221][ T8322] [ 260.354652][ T8337] misc userio: Invalid payload size [ 261.021115][ T8351] random: crng reseeded on system resumption [ 264.000715][ T8380] kexec: Could not allocate control_code_buffer [ 264.002893][ T8396] misc userio: Invalid payload size [ 265.783239][ T8425] mkiss: ax0: crc mode is auto. [ 268.548901][ T8458] misc userio: Invalid payload size [ 271.707630][ T8490] kexec: Could not allocate control_code_buffer [ 272.223095][ T8511] misc userio: Invalid payload size [ 276.575721][ T8583] misc userio: Invalid payload size [ 277.116525][ T8592] misc userio: Invalid payload size [ 278.256547][ T8608] zswap: compressor not available [ 281.404914][ T8657] misc userio: Invalid payload size [ 281.620950][ T8649] misc userio: Invalid payload size [ 283.221707][ T8692] misc userio: Invalid payload size [ 284.382485][ T8704] Invalid ELF header magic: != ELF [ 286.016752][ T8735] misc userio: Invalid payload size [ 288.189842][ T8768] misc userio: Invalid payload size [ 288.383793][ T8771] can: request_module (can-proto-4) failed. [ 288.454088][ T8757] kexec: Could not allocate control_code_buffer [ 289.220407][ T8783] misc userio: Invalid payload size [ 289.367748][ T8787] random: crng reseeded on system resumption [ 292.262498][ T8842] misc userio: Invalid payload size [ 293.363937][ T8851] misc userio: Invalid payload size [ 293.623250][ T8837] kexec: Could not allocate control_code_buffer [ 294.402562][ T8865] zswap: compressor not available [ 297.516308][ T8919] misc userio: Invalid payload size [ 298.251903][ T8941] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 301.979893][ T8996] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 302.730848][ T8997] kexec: Could not allocate control_code_buffer [ 307.922341][ T9071] kexec: Could not allocate control_code_buffer [ 309.513572][ T9119] misc userio: Invalid payload size [ 313.469174][ T9204] misc userio: Invalid payload size [ 316.307218][ T9266] futex_wake_op: syz.2.564 tries to shift op by -2048; fix this program [ 316.442098][ T9270] random: crng reseeded on system resumption [ 317.899934][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.906649][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 320.316279][ T9345] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 320.452773][ T9344] ima: policy update failed [ 320.479927][ T30] audit: type=1802 audit(1773407589.427:4): pid=9344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.577" res=0 errno=0 [ 324.245208][ T9409] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 324.270454][ T9409] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 324.291502][ T9404] NFSD: Failed to start, no listeners configured. [ 324.322014][ T9409] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 324.343983][ T9409] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 325.735907][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 326.295674][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 326.376177][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 326.376617][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 327.070642][ T9446] netlink: 8 bytes leftover after parsing attributes in process `syz.0.591'. [ 330.668682][ T9500] kexec: Could not allocate control_code_buffer [ 331.666302][ T9540] FAULT_INJECTION: forcing a failure. [ 331.666302][ T9540] name failslab, interval 1, probability 0, space 0, times 0 [ 331.695622][ T9540] CPU: 1 UID: 0 PID: 9540 Comm: syz.2.607 Tainted: G U L syzkaller #0 PREEMPT(full) [ 331.695668][ T9540] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 331.695678][ T9540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 331.695693][ T9540] Call Trace: [ 331.695701][ T9540] [ 331.695711][ T9540] dump_stack_lvl+0x100/0x190 [ 331.695762][ T9540] should_fail_ex.cold+0x5/0xa [ 331.695795][ T9540] should_failslab+0xc2/0x120 [ 331.695824][ T9540] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 331.695864][ T9540] ? __d_alloc+0x34/0xa80 [ 331.695901][ T9540] __d_alloc+0x34/0xa80 [ 331.695932][ T9540] d_alloc+0x4a/0x1e0 [ 331.695964][ T9540] lookup_one_qstr_excl+0x175/0x250 [ 331.696000][ T9540] start_dirop+0x59/0xb0 [ 331.696038][ T9540] simple_start_creating+0xf9/0x110 [ 331.696073][ T9540] ? __pfx_simple_start_creating+0x10/0x10 [ 331.696115][ T9540] ? mntput+0x70/0xa0 [ 331.696158][ T9540] ? simple_pin_fs+0xa3/0x190 [ 331.696196][ T9540] debugfs_start_creating.part.0+0x82/0x170 [ 331.696228][ T9540] debugfs_create_symlink+0x7f/0x220 [ 331.696258][ T9540] ref_tracker_dir_symlink+0x257/0x3b0 [ 331.696294][ T9540] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 331.696327][ T9540] ? __lock_acquire+0x4a5/0x2630 [ 331.696385][ T9540] ? lockdep_hardirqs_on+0x78/0x100 [ 331.696424][ T9540] ? crng_make_state+0x2b0/0x6c0 [ 331.696460][ T9540] ? __pfx_net_ns_net_init+0x10/0x10 [ 331.696501][ T9540] net_ns_net_init+0x7e/0x120 [ 331.696541][ T9540] ops_init+0x1e2/0x5f0 [ 331.696598][ T9540] setup_net+0x118/0x3a0 [ 331.696640][ T9540] ? __pfx_setup_net+0x10/0x10 [ 331.696677][ T9540] ? lockdep_init_map_type+0x5c/0x250 [ 331.696713][ T9540] ? mutex_init_lockep+0x110/0x150 [ 331.696754][ T9540] copy_net_ns+0x46f/0x7c0 [ 331.696798][ T9540] create_new_namespaces+0x3ea/0xac0 [ 331.696835][ T9540] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 331.696867][ T9540] ksys_unshare+0x473/0xad0 [ 331.696904][ T9540] ? __pfx_ksys_unshare+0x10/0x10 [ 331.696955][ T9540] __x64_sys_unshare+0x31/0x40 [ 331.696987][ T9540] do_syscall_64+0x106/0xf80 [ 331.697024][ T9540] ? clear_bhb_loop+0x40/0x90 [ 331.697058][ T9540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.697092][ T9540] RIP: 0033:0x7f449839c799 [ 331.697117][ T9540] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 331.697146][ T9540] RSP: 002b:00007f4499293028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 331.697175][ T9540] RAX: ffffffffffffffda RBX: 00007f4498615fa0 RCX: 00007f449839c799 [ 331.697196][ T9540] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 331.697212][ T9540] RBP: 00007f4498432c99 R08: 0000000000000000 R09: 0000000000000000 [ 331.697227][ T9540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 331.697241][ T9540] R13: 00007f4498616038 R14: 00007f4498615fa0 R15: 00007ffe516d8e28 [ 331.697279][ T9540] [ 335.945644][ T9611] netlink: 24 bytes leftover after parsing attributes in process `syz.0.618'. [ 336.411252][ T9599] kexec: Could not allocate control_code_buffer [ 341.917336][ T9683] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 341.956611][ T9683] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 341.962861][ T9683] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 342.028551][ T9683] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 343.417610][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 343.975547][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 343.981647][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 344.058801][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 344.127618][ T9687] kexec: Could not allocate control_code_buffer [ 350.852210][ T9812] tipc: Started in network mode [ 350.875010][ T9812] tipc: Node identity ffffffff, cluster identity 4711 [ 350.943361][ T9812] tipc: Node number set to 4294967295 [ 353.324439][ T9861] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 354.249868][ T9875] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 357.629474][ T9890] kexec: Could not allocate control_code_buffer [ 363.245130][ T9961] kexec: Could not allocate control_code_buffer [ 368.399931][T10071] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 370.707930][T10092] bridge_slave_1: left allmulticast mode [ 370.713819][T10092] bridge_slave_1: left promiscuous mode [ 370.727362][T10092] bridge0: port 2(bridge_slave_1) entered disabled state [ 371.161823][T10085] kexec: Could not allocate control_code_buffer [ 371.813090][T10108] FAULT_INJECTION: forcing a failure. [ 371.813090][T10108] name fail_futex, interval 1, probability 0, space 0, times 1 [ 371.876012][T10108] CPU: 1 UID: 0 PID: 10108 Comm: syz.0.688 Tainted: G U L syzkaller #0 PREEMPT(full) [ 371.876057][T10108] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 371.876066][T10108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 371.876082][T10108] Call Trace: [ 371.876090][T10108] [ 371.876100][T10108] dump_stack_lvl+0x100/0x190 [ 371.876248][T10108] should_fail_ex.cold+0x5/0xa [ 371.876300][T10108] get_futex_key+0x1d2/0x1620 [ 371.876362][T10108] ? __pfx_get_futex_key+0x10/0x10 [ 371.876391][T10108] ? lock_acquire+0x1cf/0x380 [ 371.876452][T10108] futex_wake+0xea/0x530 [ 371.876495][T10108] ? __pfx_futex_wake+0x10/0x10 [ 371.876534][T10108] ? exit_mm_release+0x19/0x30 [ 371.876584][T10108] do_futex+0x32b/0x350 [ 371.876619][T10108] ? __pfx_do_futex+0x10/0x10 [ 371.876649][T10108] ? __might_fault+0xc5/0x140 [ 371.876713][T10108] mm_release+0x24a/0x2f0 [ 371.876742][T10108] do_exit+0x704/0x2b60 [ 371.876782][T10108] ? __pfx_do_exit+0x10/0x10 [ 371.876815][T10108] ? do_raw_spin_lock+0x128/0x260 [ 371.876852][T10108] ? find_held_lock+0x2b/0x80 [ 371.876876][T10108] ? get_signal+0x7e0/0x21e0 [ 371.876914][T10108] do_group_exit+0xd5/0x2a0 [ 371.876951][T10108] get_signal+0x1ec7/0x21e0 [ 371.877007][T10108] ? ksys_write+0x190/0x250 [ 371.877051][T10108] ? __pfx_get_signal+0x10/0x10 [ 371.877080][T10108] ? do_futex+0x192/0x350 [ 371.877117][T10108] arch_do_signal_or_restart+0x91/0x770 [ 371.877178][T10108] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 371.877219][T10108] ? __pfx___x64_sys_futex+0x10/0x10 [ 371.877262][T10108] exit_to_user_mode_loop+0x86/0x4a0 [ 371.877319][T10108] do_syscall_64+0x668/0xf80 [ 371.877488][T10108] ? clear_bhb_loop+0x40/0x90 [ 371.877532][T10108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.877559][T10108] RIP: 0033:0x7f49d239c799 [ 371.877584][T10108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 371.877610][T10108] RSP: 002b:00007f49d31aa0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 371.877636][T10108] RAX: fffffffffffffe00 RBX: 00007f49d2616098 RCX: 00007f49d239c799 [ 371.877652][T10108] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f49d2616098 [ 371.877668][T10108] RBP: 00007f49d2616090 R08: 0000000000000000 R09: 0000000000000000 [ 371.877683][T10108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.877698][T10108] R13: 00007f49d2616128 R14: 00007ffd18afdb50 R15: 00007ffd18afdc38 [ 371.877733][T10108] [ 374.358315][T10140] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 376.191805][T10167] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 377.350893][T10158] kexec: Could not allocate control_code_buffer [ 378.594059][ T30] audit: type=1804 audit(1773407647.552:5): pid=10192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.705" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=420 res=1 errno=0 [ 379.358147][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.366402][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.880753][ T30] audit: type=1800 audit(1773407648.842:6): pid=10212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=132469 res=0 errno=0 [ 385.242498][T10301] Format for deleting device is "id" (uint). [ 388.132507][T10342] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 389.553004][T10335] kexec: Could not allocate control_code_buffer [ 390.723984][T10362] GUP no longer grows the stack in syz.2.731 (10362): 14000-401000 (4000) [ 390.815634][T10362] CPU: 1 UID: 0 PID: 10362 Comm: syz.2.731 Tainted: G U L syzkaller #0 PREEMPT(full) [ 390.815690][T10362] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 390.815702][T10362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 390.815720][T10362] Call Trace: [ 390.815731][T10362] [ 390.815742][T10362] dump_stack_lvl+0x100/0x190 [ 390.815800][T10362] gup_vma_lookup.cold+0x83/0x96 [ 390.815842][T10362] __get_user_pages+0x241/0x34d0 [ 390.815890][T10362] ? down_read_killable+0x30e/0x4c0 [ 390.816025][T10362] ? __lock_acquire+0x4a5/0x2630 [ 390.816066][T10362] ? __pfx___get_user_pages+0x10/0x10 [ 390.816112][T10362] __gup_longterm_locked+0x87d/0x16f0 [ 390.816154][T10362] ? __pfx___gup_longterm_locked+0x10/0x10 [ 390.816189][T10362] ? try_get_folio+0x262/0x750 [ 390.816211][T10362] ? find_held_lock+0x2b/0x80 [ 390.816235][T10362] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 390.816266][T10362] gup_fast_fallback+0x18c6/0x2460 [ 390.816365][T10362] ? __pfx_gup_fast_fallback+0x10/0x10 [ 390.816402][T10362] ? __lock_acquire+0x4a5/0x2630 [ 390.816440][T10362] ? bio_associate_blkg_from_css+0xe33/0x13f0 [ 390.816577][T10362] ? bio_associate_blkg+0x10c/0x2a0 [ 390.816616][T10362] ? pcpu_block_update+0x36a/0x690 [ 390.816663][T10362] pin_user_pages_fast+0xa7/0xf0 [ 390.816696][T10362] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 390.816730][T10362] ? find_held_lock+0x2b/0x80 [ 390.816758][T10362] ? __debug_object_init+0x2de/0x3d0 [ 390.816867][T10362] ? __debug_object_init+0x2de/0x3d0 [ 390.816918][T10362] iov_iter_extract_pages+0xa0d/0x1ef0 [ 390.816995][T10362] ? __lock_acquire+0x4a5/0x2630 [ 390.817033][T10362] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 390.817075][T10362] ? __lock_acquire+0x4a5/0x2630 [ 390.817122][T10362] iov_iter_extract_bvecs+0x10e/0xf40 [ 390.817163][T10362] ? find_held_lock+0x2b/0x80 [ 390.817187][T10362] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 390.817227][T10362] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 390.817263][T10362] ? bio_associate_blkg_from_css+0x550/0x13f0 [ 390.817320][T10362] bio_iov_iter_get_pages+0x26a/0x970 [ 390.817399][T10362] __blkdev_direct_IO_simple+0x3a7/0x890 [ 390.817477][T10362] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 390.817555][T10362] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 390.817593][T10362] ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300 [ 390.817636][T10362] blkdev_direct_IO+0xc76/0x1fb0 [ 390.817693][T10362] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 390.817728][T10362] ? rcu_is_watching+0x12/0xc0 [ 390.817767][T10362] ? __mark_inode_dirty+0x55c/0x1790 [ 390.817819][T10362] ? filemap_check_errors+0xa9/0x150 [ 390.817873][T10362] blkdev_write_iter+0x703/0xd70 [ 390.817920][T10362] vfs_write+0x6ac/0x1070 [ 390.817964][T10362] ? __pfx_blkdev_write_iter+0x10/0x10 [ 390.818004][T10362] ? __pfx_vfs_write+0x10/0x10 [ 390.818041][T10362] ? find_held_lock+0x2b/0x80 [ 390.818087][T10362] ksys_write+0x12a/0x250 [ 390.818112][T10362] ? __pfx_ksys_write+0x10/0x10 [ 390.818145][T10362] do_syscall_64+0x106/0xf80 [ 390.818185][T10362] ? clear_bhb_loop+0x40/0x90 [ 390.818220][T10362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.818252][T10362] RIP: 0033:0x7f449839c799 [ 390.818274][T10362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 390.818308][T10362] RSP: 002b:00007f4499272028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 390.818337][T10362] RAX: ffffffffffffffda RBX: 00007f4498616090 RCX: 00007f449839c799 [ 390.818357][T10362] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000004 [ 390.818374][T10362] RBP: 00007f4498432c99 R08: 0000000000000000 R09: 0000000000000000 [ 390.818393][T10362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 390.818411][T10362] R13: 00007f4498616128 R14: 00007f4498616090 R15: 00007ffe516d8e28 [ 390.818448][T10362] [ 395.356255][T10412] FAULT_INJECTION: forcing a failure. [ 395.356255][T10412] name fail_futex, interval 1, probability 0, space 0, times 0 [ 395.504765][T10412] CPU: 0 UID: 0 PID: 10412 Comm: syz.2.737 Tainted: G U L syzkaller #0 PREEMPT(full) [ 395.504819][T10412] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 395.504831][T10412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 395.504848][T10412] Call Trace: [ 395.504857][T10412] [ 395.504869][T10412] dump_stack_lvl+0x100/0x190 [ 395.504924][T10412] should_fail_ex.cold+0x5/0xa [ 395.504960][T10412] get_futex_key+0x1d2/0x1620 [ 395.505001][T10412] ? __pfx_get_futex_key+0x10/0x10 [ 395.505035][T10412] ? kernfs_fop_write_iter+0x1df/0x5f0 [ 395.505120][T10412] ? kasan_save_stack+0x3f/0x50 [ 395.505168][T10412] ? kasan_save_stack+0x30/0x50 [ 395.505213][T10412] ? kasan_save_track+0x14/0x30 [ 395.505255][T10412] ? kasan_save_free_info+0x3b/0x70 [ 395.505289][T10412] ? __kasan_slab_free+0x5f/0x80 [ 395.505314][T10412] ? kfree+0x1f6/0x6b0 [ 395.505358][T10412] ? kernfs_fop_write_iter+0x1df/0x5f0 [ 395.505386][T10412] futex_wait_setup+0x83/0x510 [ 395.505431][T10412] __futex_wait+0x19f/0x300 [ 395.505469][T10412] ? __pfx___futex_wait+0x10/0x10 [ 395.505510][T10412] ? __pfx_futex_wake_mark+0x10/0x10 [ 395.505563][T10412] ? futex_hash+0x2c5/0x380 [ 395.505610][T10412] futex_wait+0xed/0x380 [ 395.505656][T10412] ? __pfx_futex_wait+0x10/0x10 [ 395.505710][T10412] ? ksys_write+0x190/0x250 [ 395.505736][T10412] ? ksys_write+0x190/0x250 [ 395.505768][T10412] do_futex+0x1ef/0x350 [ 395.505803][T10412] ? __pfx_do_futex+0x10/0x10 [ 395.505844][T10412] __x64_sys_futex+0x34f/0x4d0 [ 395.505882][T10412] ? fput+0x79/0x100 [ 395.505912][T10412] ? __pfx___x64_sys_futex+0x10/0x10 [ 395.505940][T10412] ? ksys_write+0x1ac/0x250 [ 395.505960][T10412] ? __pfx_ksys_write+0x10/0x10 [ 395.505987][T10412] do_syscall_64+0x106/0xf80 [ 395.506024][T10412] ? clear_bhb_loop+0x40/0x90 [ 395.506058][T10412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.506087][T10412] RIP: 0033:0x7f449839c799 [ 395.506110][T10412] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 395.506136][T10412] RSP: 002b:00007f44992930e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 395.506161][T10412] RAX: ffffffffffffffda RBX: 00007f4498615fa8 RCX: 00007f449839c799 [ 395.506176][T10412] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4498615fa8 [ 395.506190][T10412] RBP: 00007f4498615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 395.506203][T10412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 395.506217][T10412] R13: 00007f4498616038 R14: 00007ffe516d8d40 R15: 00007ffe516d8e28 [ 395.506252][T10412] [ 396.169763][T10421] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 398.740419][T10430] kexec: Could not allocate control_code_buffer [ 400.134685][T10469] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 402.532739][T10497] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 402.552656][T10495] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 403.613719][T10485] kexec: Could not allocate control_code_buffer [ 404.475807][T10488] can: request_module (can-proto-0) failed. [ 412.009005][T10591] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 412.108810][T10593] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 416.494060][T10633] futex_wake_op: syz.2.775 tries to shift op by -2048; fix this program [ 416.575466][T10633] futex_wake_op: syz.2.775 tries to shift op by -2048; fix this program [ 417.153316][T10632] Invalid ELF header magic: != ELF [ 418.765328][T10661] kexec: Could not allocate control_code_buffer [ 419.276799][T10680] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 420.892346][T10690] kexec: Could not allocate control_code_buffer [ 424.313997][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807acd2800: rx timeout, send abort [ 424.824210][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807acd2800: abort rx timeout. Force session deactivation [ 427.742903][T10769] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 428.165002][T10766] kexec: Could not allocate control_code_buffer [ 431.041225][T10797] kexec: Could not allocate control_code_buffer [ 436.208405][T10857] kexec: Could not allocate control_code_buffer [ 436.723526][T10879] futex_wake_op: syz.3.813 tries to shift op by -2048; fix this program [ 436.747823][T10879] futex_wake_op: syz.3.813 tries to shift op by -2048; fix this program [ 438.518408][T10887] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 438.524750][T10887] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 438.536102][T10887] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 438.585970][T10887] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 439.095568][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 440.535623][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 440.616069][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 440.616831][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 440.800212][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.807900][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.465552][T10969] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 445.158145][T10995] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 447.857657][ T51] Bluetooth: hci3: unexpected event 0x04 length: 64 > 10 [ 447.857823][ T51] Bluetooth: hci3: connection err: -111 [ 448.395764][T11046] vhci_hcd vhci_hcd.2: SetHubDepth req not supported for USB 2.0 roothub [ 450.914371][T11064] kexec: Could not allocate control_code_buffer [ 452.830232][T11104] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 456.841292][T11136] kexec: Could not allocate control_code_buffer [ 457.607662][T11185] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 457.897403][T11190] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 459.863602][T11203] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 463.434643][T11222] kexec: Could not allocate control_code_buffer [ 464.540552][T11256] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 465.048577][T11261] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 468.802517][T11299] kexec: Could not allocate control_code_buffer [ 470.337365][T11330] kexec: Could not allocate control_code_buffer [ 470.820276][T11341] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 472.523793][T11359] kexec: Could not allocate control_code_buffer [ 473.816443][ T30] audit: type=1804 audit(1773407742.782:7): pid=11384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.894" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=420 res=1 errno=0 [ 474.603435][T11403] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 477.676203][T11454] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 480.316699][T11486] Invalid ELF header magic: != ELF [ 485.919085][T11553] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 486.914027][T11547] kexec: Could not allocate control_code_buffer [ 487.859049][T11562] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 489.122475][T11571] kexec: Could not allocate control_code_buffer [ 491.159474][T11599] kexec: Could not allocate control_code_buffer [ 491.762408][T11621] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 493.035753][T11630] kexec: Could not allocate control_code_buffer [ 493.403555][T11645] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 494.340296][T11635] kexec: Could not allocate control_code_buffer [ 496.870990][T11686] FAULT_INJECTION: forcing a failure. [ 496.870990][T11686] name failslab, interval 1, probability 0, space 0, times 0 [ 496.927513][T11686] CPU: 1 UID: 0 PID: 11686 Comm: syz.0.943 Tainted: G U L syzkaller #0 PREEMPT(full) [ 496.927548][T11686] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 496.927553][T11686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 496.927567][T11686] Call Trace: [ 496.927573][T11686] [ 496.927581][T11686] dump_stack_lvl+0x100/0x190 [ 496.927618][T11686] should_fail_ex.cold+0x5/0xa [ 496.927640][T11686] should_failslab+0xc2/0x120 [ 496.927658][T11686] __kmalloc_cache_noprof+0x7a/0x6f0 [ 496.927682][T11686] ? landlock_init_hierarchy_log+0xa9/0x820 [ 496.927779][T11686] landlock_init_hierarchy_log+0xa9/0x820 [ 496.927809][T11686] ? inherit_tree+0x197/0x2d0 [ 496.927827][T11686] landlock_merge_ruleset+0x67b/0x830 [ 496.927847][T11686] __do_sys_landlock_restrict_self+0x2a6/0x9e0 [ 496.927905][T11686] do_syscall_64+0x106/0xf80 [ 496.927932][T11686] ? clear_bhb_loop+0x40/0x90 [ 496.927954][T11686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 496.927980][T11686] RIP: 0033:0x7f49d239c799 [ 496.928008][T11686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 496.928039][T11686] RSP: 002b:00007f49d31cb028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 496.928076][T11686] RAX: ffffffffffffffda RBX: 00007f49d2615fa0 RCX: 00007f49d239c799 [ 496.928094][T11686] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003 [ 496.928104][T11686] RBP: 00007f49d2432c99 R08: 0000000000000000 R09: 0000000000000000 [ 496.928114][T11686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 496.928123][T11686] R13: 00007f49d2616038 R14: 00007f49d2615fa0 R15: 00007ffd18afdc38 [ 496.928145][T11686] [ 497.795585][T11699] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 498.607076][T11704] kexec: Could not allocate control_code_buffer [ 499.990333][T11707] kexec: Could not allocate control_code_buffer [ 502.220281][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.232383][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.340937][T11762] FAULT_INJECTION: forcing a failure. [ 502.340937][T11762] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 502.417857][T11762] CPU: 1 UID: 0 PID: 11762 Comm: syz.1.957 Tainted: G U L syzkaller #0 PREEMPT(full) [ 502.417892][T11762] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 502.417900][T11762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 502.417911][T11762] Call Trace: [ 502.417917][T11762] [ 502.417923][T11762] dump_stack_lvl+0x100/0x190 [ 502.417954][T11762] should_fail_ex.cold+0x5/0xa [ 502.417971][T11762] ? prepare_alloc_pages+0x16d/0x5f0 [ 502.417990][T11762] should_fail_alloc_page+0xeb/0x140 [ 502.418009][T11762] prepare_alloc_pages+0x1f0/0x5f0 [ 502.418026][T11762] ? arch_stack_walk+0xa6/0xf0 [ 502.418077][T11762] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 502.418103][T11762] ? stack_trace_save+0x8e/0xc0 [ 502.418120][T11762] ? __pfx_stack_trace_save+0x10/0x10 [ 502.418136][T11762] ? stack_depot_save_flags+0x27/0x9d0 [ 502.418240][T11762] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 502.418261][T11762] ? kasan_save_stack+0x3f/0x50 [ 502.418284][T11762] ? kasan_save_stack+0x30/0x50 [ 502.418304][T11762] ? kasan_save_track+0x14/0x30 [ 502.418324][T11762] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 502.418346][T11762] ? walk_pgd_range+0x896/0x1eb0 [ 502.418367][T11762] ? __walk_page_range+0x163/0x820 [ 502.418386][T11762] ? walk_page_range_vma_unsafe+0x209/0x8f0 [ 502.418408][T11762] ? madvise_guard_install+0x43f/0x7c0 [ 502.418423][T11762] ? madvise_vma_behavior+0x11f1/0x3050 [ 502.418439][T11762] ? madvise_walk_vmas+0x71c/0xa90 [ 502.418454][T11762] ? madvise_do_behavior+0x1ea/0x510 [ 502.418469][T11762] ? do_madvise+0x195/0x240 [ 502.418483][T11762] ? __x64_sys_madvise+0xa9/0x110 [ 502.418507][T11762] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 502.418544][T11762] ? policy_nodemask+0xed/0x4f0 [ 502.418562][T11762] alloc_pages_mpol+0x1fb/0x550 [ 502.418580][T11762] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 502.418601][T11762] alloc_pages_noprof+0x131/0x390 [ 502.418617][T11762] pte_alloc_one+0x1c/0x3d0 [ 502.418640][T11762] __pte_alloc+0x6d/0x3e0 [ 502.418655][T11762] ? __pfx___pte_alloc+0x10/0x10 [ 502.418672][T11762] ? _raw_spin_unlock+0x28/0x50 [ 502.418732][T11762] ? __pmd_alloc+0x3fb/0x950 [ 502.418751][T11762] walk_pgd_range+0xb83/0x1eb0 [ 502.418778][T11762] ? __pfx_guard_install_set_pte+0x10/0x10 [ 502.418794][T11762] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 502.418812][T11762] ? __pfx_guard_install_set_pte+0x10/0x10 [ 502.418829][T11762] ? __pfx_guard_install_set_pte+0x10/0x10 [ 502.418845][T11762] ? __pfx_guard_install_set_pte+0x10/0x10 [ 502.418861][T11762] ? __pfx_walk_pgd_range+0x10/0x10 [ 502.418888][T11762] __walk_page_range+0x163/0x820 [ 502.418911][T11762] ? process_measurement+0x4c8/0x2350 [ 502.418975][T11762] walk_page_range_vma_unsafe+0x209/0x8f0 [ 502.419000][T11762] ? css_rstat_updated+0x1ce/0x5a0 [ 502.419019][T11762] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 502.419042][T11762] ? __pfx_css_rstat_updated+0x10/0x10 [ 502.419056][T11762] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 502.419108][T11762] madvise_guard_install+0x43f/0x7c0 [ 502.419131][T11762] ? __pfx_madvise_guard_install+0x10/0x10 [ 502.419150][T11762] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 502.419166][T11762] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 502.419184][T11762] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 502.419205][T11762] ? __pfx_guard_install_set_pte+0x10/0x10 [ 502.419222][T11762] ? __lock_acquire+0x4a5/0x2630 [ 502.419244][T11762] madvise_vma_behavior+0x11f1/0x3050 [ 502.419263][T11762] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 502.419280][T11762] ? reacquire_held_locks+0xce/0x1e0 [ 502.419297][T11762] ? lock_vma_under_rcu+0x11d/0x590 [ 502.419320][T11762] ? lock_vma_under_rcu+0x17c/0x590 [ 502.419342][T11762] ? lock_vma_under_rcu+0x25/0x590 [ 502.419360][T11762] ? lock_vma_under_rcu+0x1f9/0x590 [ 502.419378][T11762] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 502.419402][T11762] ? __futex_wait+0x256/0x300 [ 502.419428][T11762] madvise_walk_vmas+0x71c/0xa90 [ 502.419448][T11762] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 502.419465][T11762] ? futex_hash+0x2c5/0x380 [ 502.419484][T11762] madvise_do_behavior+0x1ea/0x510 [ 502.419502][T11762] ? __pfx_madvise_do_behavior+0x10/0x10 [ 502.419519][T11762] ? futex_wait+0x125/0x380 [ 502.419545][T11762] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 502.419585][T11762] do_madvise+0x195/0x240 [ 502.419610][T11762] ? __pfx_do_madvise+0x10/0x10 [ 502.419635][T11762] ? do_futex+0x192/0x350 [ 502.419671][T11762] ? find_held_lock+0x2b/0x80 [ 502.419718][T11762] __x64_sys_madvise+0xa9/0x110 [ 502.419737][T11762] ? lockdep_hardirqs_on+0x78/0x100 [ 502.419758][T11762] do_syscall_64+0x106/0xf80 [ 502.419779][T11762] ? clear_bhb_loop+0x40/0x90 [ 502.419799][T11762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 502.419814][T11762] RIP: 0033:0x7fba0119c799 [ 502.419831][T11762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 502.419846][T11762] RSP: 002b:00007fb9ff3f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 502.419861][T11762] RAX: ffffffffffffffda RBX: 00007fba01416090 RCX: 00007fba0119c799 [ 502.419871][T11762] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 502.419880][T11762] RBP: 00007fba01232c99 R08: 0000000000000000 R09: 0000000000000000 [ 502.419890][T11762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 502.419898][T11762] R13: 00007fba01416128 R14: 00007fba01416090 R15: 00007ffd1519f488 [ 502.419918][T11762] [ 506.133930][T11792] kexec: Could not allocate control_code_buffer [ 507.422078][T11809] kexec: Could not allocate control_code_buffer [ 508.277233][T11840] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 509.838264][T11858] netlink: 8 bytes leftover after parsing attributes in process `syz.0.971'. [ 510.849709][T11863] kexec: Could not allocate control_code_buffer [ 515.496181][T11926] kexec: Could not allocate control_code_buffer [ 521.682965][T12022] kexec: Could not allocate control_code_buffer [ 522.002986][T12045] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 522.404657][T12050] rtc_cmos 00:00: Alarms can be up to one day in the future [ 522.933481][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 522.964839][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 523.014174][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 523.043329][T12046] kexec: Could not allocate control_code_buffer [ 523.046213][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 523.102059][ T24] rtc rtc0: __rtc_set_alarm: err=-22 [ 524.572275][T12067] kexec: Could not allocate control_code_buffer [ 526.692206][T12084] kexec: Could not allocate control_code_buffer [ 527.065169][T12109] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 530.202663][T12124] kexec: Could not allocate control_code_buffer [ 530.346990][T12140] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 530.466542][T12142] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 531.742459][T12148] kexec: Could not allocate control_code_buffer [ 535.758250][T12207] kexec: Could not allocate control_code_buffer [ 537.910051][T12248] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 547.935918][T12335] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 549.766511][T12344] kexec: Could not allocate control_code_buffer [ 555.251844][T12418] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 556.381285][T12419] kexec: Could not allocate control_code_buffer [ 558.228088][T12450] kexec: Could not allocate control_code_buffer [ 563.659861][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.666337][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.769023][T12528] kexec: Could not allocate control_code_buffer [ 565.588788][T12536] kexec: Could not allocate control_code_buffer [ 567.416399][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 567.432225][T12545] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 568.607640][T12545] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 568.630395][T12545] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 568.668339][T12545] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 569.576020][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 570.196452][T12615] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 570.582746][T12608] kexec: Could not allocate control_code_buffer [ 570.695439][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 570.701868][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 571.439883][T12631] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 575.017482][T12649] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 575.045269][T12649] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 575.096691][T12649] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 575.123202][T12649] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 575.655498][T12620] Bluetooth: hci0: command 0x0c1a tx timeout [ 575.782680][T12686] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 576.491349][T12677] kexec: Could not allocate control_code_buffer [ 577.095805][T12620] Bluetooth: hci1: command 0x0c1a tx timeout [ 577.177718][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 577.184268][T12620] Bluetooth: hci3: command 0x0c1a tx timeout [ 578.057641][T12711] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 579.607313][T12726] random: crng reseeded on system resumption [ 579.958095][T12726] sp0: Synchronizing with TNC [ 581.998164][T12620] Bluetooth: hci3: unexpected event 0x33 length: 124 > 10 [ 584.376162][T12620] Bluetooth: hci0: command 0x0c1a tx timeout [ 584.390076][T12763] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 584.485892][T12763] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 584.533167][T12763] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 584.584603][T12763] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 586.455403][T12620] Bluetooth: hci1: command 0x0c1a tx timeout [ 586.545410][T12620] Bluetooth: hci2: command 0x0c1a tx timeout [ 586.615585][T12620] Bluetooth: hci3: command 0x0c1a tx timeout [ 589.060139][T12810] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 589.137880][T12810] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 589.144054][T12810] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 589.179489][T12837] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 589.231344][T12810] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 589.975389][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 591.179655][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 591.186044][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 591.267100][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 592.455448][T12844] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 592.463858][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 592.513921][T12844] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 592.562403][T12844] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 592.620404][T12844] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 592.667939][T12863] kexec: Could not allocate control_code_buffer [ 594.571128][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 594.615512][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 594.695391][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 598.028821][T12921] kexec: Could not allocate control_code_buffer [ 599.080990][T12933] kexec: Could not allocate control_code_buffer [ 601.319153][T12972] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 604.101839][T13009] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 607.617490][T13006] kexec: Could not allocate control_code_buffer [ 611.080846][T13043] kexec: Could not allocate control_code_buffer [ 612.239048][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1162'. [ 612.703888][T13092] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 614.886777][T13121] nvme_fabrics: unknown parameter or missing value '@' in ctrl creation request [ 615.979377][T13135] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 619.239699][T13162] random: crng reseeded on system resumption [ 619.267503][T13162] Restarting kernel threads ... [ 619.319944][T13162] Done restarting kernel threads. [ 619.471537][T13161] sp0: Synchronizing with TNC [ 619.534301][T13166] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 620.939288][T13173] Invalid ELF header magic: != ELF [ 621.961976][T13178] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 624.830817][T13211] Invalid ELF header magic: != ELF [ 625.176143][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.225620][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.528079][T13210] kexec: Could not allocate control_code_buffer [ 627.713414][T13242] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 629.742799][T13240] kexec: Could not allocate control_code_buffer [ 631.745611][T13265] Invalid ELF header magic: != ELF [ 635.521020][T13316] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 639.774493][T13333] kexec: Could not allocate control_code_buffer [ 641.500558][ T5829] block nbd0: Receive control failed (result -32) [ 641.692437][T13391] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 642.098589][T13404] random: crng reseeded on system resumption [ 642.295073][T13404] hub 1-0:1.0: USB hub found [ 642.310437][T13404] hub 1-0:1.0: 1 port detected [ 643.461295][T13400] kexec: Could not allocate control_code_buffer [ 645.993707][T13454] FAULT_INJECTION: forcing a failure. [ 645.993707][T13454] name failslab, interval 1, probability 0, space 0, times 0 [ 646.074265][T13444] kexec: Could not allocate control_code_buffer [ 646.133388][T13454] CPU: 1 UID: 0 PID: 13454 Comm: syz.3.1220 Tainted: G U L syzkaller #0 PREEMPT(full) [ 646.133453][T13454] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 646.133466][T13454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 646.133486][T13454] Call Trace: [ 646.133495][T13454] [ 646.133507][T13454] dump_stack_lvl+0x100/0x190 [ 646.133570][T13454] should_fail_ex.cold+0x5/0xa [ 646.133609][T13454] should_failslab+0xc2/0x120 [ 646.133644][T13454] __kmalloc_cache_noprof+0x7a/0x6f0 [ 646.133689][T13454] ? kstrdup_quotable_cmdline+0x52/0x210 [ 646.133802][T13454] ? get_cmdline+0x86/0x360 [ 646.133843][T13454] kstrdup_quotable_cmdline+0x52/0x210 [ 646.133891][T13454] __report_access+0x77/0x230 [ 646.133934][T13454] ? _raw_spin_unlock_irq+0x23/0x50 [ 646.133982][T13454] task_work_run+0x150/0x240 [ 646.134031][T13454] ? __pfx_task_work_run+0x10/0x10 [ 646.134073][T13454] ? xfd_validate_state+0x129/0x190 [ 646.134122][T13454] exit_to_user_mode_loop+0x100/0x4a0 [ 646.134166][T13454] do_syscall_64+0x668/0xf80 [ 646.134203][T13454] ? clear_bhb_loop+0x40/0x90 [ 646.134238][T13454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 646.134266][T13454] RIP: 0033:0x7fb64d39c799 [ 646.134292][T13454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 646.134319][T13454] RSP: 002b:00007fb64e1c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 646.134348][T13454] RAX: ffffffffffffffff RBX: 00007fb64d615fa0 RCX: 00007fb64d39c799 [ 646.134368][T13454] RDX: 0000000000000012 RSI: 0000200000002980 RDI: 0000000000000001 [ 646.134388][T13454] RBP: 00007fb64d432c99 R08: 0000000000000004 R09: 0000000000000000 [ 646.134416][T13454] R10: 0000200000002a40 R11: 0000000000000246 R12: 0000000000000000 [ 646.134437][T13454] R13: 00007fb64d616038 R14: 00007fb64d615fa0 R15: 00007ffeeda02018 [ 646.134479][T13454] [ 646.134876][T13454] ptrace attach of "./syz-executor exec"[5827] was attempted by "(null)"[13454] [ 648.345407][T13485] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 649.330896][T13470] kexec: Could not allocate control_code_buffer [ 652.038060][T13514] kexec: Could not allocate control_code_buffer [ 654.202051][T13525] kexec: Could not allocate control_code_buffer [ 654.446186][T13547] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 654.696926][T13552] random: crng reseeded on system resumption [ 654.936831][T13552] hub 1-0:1.0: USB hub found [ 654.942132][T13552] hub 1-0:1.0: 1 port detected [ 659.630504][T13606] kexec: Could not allocate control_code_buffer [ 660.638626][T13632] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 661.416647][T13638] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 661.899522][T13595] kexec: Could not allocate control_code_buffer [ 662.954645][T13649] usb usb24: usbfs: process 13649 (syz.2.1252) did not claim interface 0 before use [ 667.205553][T13702] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 667.257241][T13702] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 667.292644][T13702] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 667.329557][T13702] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 667.487924][T13702] futex_wake_op: syz.3.1259 tries to shift op by -2048; fix this program [ 667.553036][T13702] futex_wake_op: syz.3.1259 tries to shift op by -2048; fix this program [ 669.255489][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 669.337493][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 669.337502][T12620] Bluetooth: hci2: command 0x0c1a tx timeout [ 669.350173][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 669.686278][T13738] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 671.620339][T13753] kexec: Could not allocate control_code_buffer [ 671.861956][T13760] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 677.286241][T13808] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 681.559558][T13845] kexec: Could not allocate control_code_buffer [ 684.625543][T12620] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 685.378712][T13903] FAULT_INJECTION: forcing a failure. [ 685.378712][T13903] name fail_futex, interval 1, probability 0, space 0, times 0 [ 685.534990][T13903] CPU: 0 UID: 0 PID: 13903 Comm: syz.1.1292 Tainted: G U L syzkaller #0 PREEMPT(full) [ 685.535056][T13903] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 685.535069][T13903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 685.535091][T13903] Call Trace: [ 685.535100][T13903] [ 685.535114][T13903] dump_stack_lvl+0x100/0x190 [ 685.535181][T13903] should_fail_ex.cold+0x5/0xa [ 685.535221][T13903] get_futex_key+0x1d2/0x1620 [ 685.535263][T13903] ? __pfx_get_futex_key+0x10/0x10 [ 685.535295][T13903] ? kasan_quarantine_put+0x104/0x240 [ 685.535332][T13903] ? lockdep_hardirqs_on+0x78/0x100 [ 685.535375][T13903] futex_wake+0xea/0x530 [ 685.535414][T13903] ? find_held_lock+0x2b/0x80 [ 685.535447][T13903] ? __pfx_futex_wake+0x10/0x10 [ 685.535491][T13903] ? ksys_write+0x190/0x250 [ 685.535513][T13903] ? ksys_write+0x190/0x250 [ 685.535541][T13903] do_futex+0x32b/0x350 [ 685.535573][T13903] ? __pfx_do_futex+0x10/0x10 [ 685.535615][T13903] __x64_sys_futex+0x34f/0x4d0 [ 685.535651][T13903] ? fput+0x79/0x100 [ 685.535675][T13903] ? __pfx___x64_sys_futex+0x10/0x10 [ 685.535717][T13903] ? ksys_write+0x1ac/0x250 [ 685.535741][T13903] ? __pfx_ksys_write+0x10/0x10 [ 685.535775][T13903] do_syscall_64+0x106/0xf80 [ 685.535807][T13903] ? clear_bhb_loop+0x40/0x90 [ 685.535839][T13903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.535868][T13903] RIP: 0033:0x7fba0119c799 [ 685.535890][T13903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 685.535916][T13903] RSP: 002b:00007fb9ff3f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 685.535943][T13903] RAX: ffffffffffffffda RBX: 00007fba01416098 RCX: 00007fba0119c799 [ 685.535959][T13903] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fba0141609c [ 685.535975][T13903] RBP: 00007fba01416090 R08: 0000000000000000 R09: 0000000000000000 [ 685.535992][T13903] R10: 0000000000000081 R11: 0000000000000246 R12: 0000000000000000 [ 685.536009][T13903] R13: 00007fba01416128 R14: 00007ffd1519f3a0 R15: 00007ffd1519f488 [ 685.536045][T13903] [ 686.540078][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.547489][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 689.641598][T13958] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 696.790128][T14036] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 696.910056][T14019] kexec: Could not allocate control_code_buffer [ 700.612845][T14056] hub 1-0:1.0: USB hub found [ 700.621771][T14056] hub 1-0:1.0: 1 port detected [ 706.071360][ T30] audit: type=1800 audit(1773408998.008:8): pid=14115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1325" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 706.661467][T14121] input: f as /devices/virtual/input/input14 [ 708.502750][T14145] kexec: Could not allocate control_code_buffer [ 710.540905][T12620] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 712.996573][T14189] FAULT_INJECTION: forcing a failure. [ 712.996573][T14189] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 713.261521][T14189] CPU: 1 UID: 0 PID: 14189 Comm: syz.3.1340 Tainted: G U L syzkaller #0 PREEMPT(full) [ 713.261576][T14189] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 713.261586][T14189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 713.261599][T14189] Call Trace: [ 713.261607][T14189] [ 713.261617][T14189] dump_stack_lvl+0x100/0x190 [ 713.261672][T14189] should_fail_ex.cold+0x5/0xa [ 713.261698][T14189] ? prepare_alloc_pages+0x16d/0x5f0 [ 713.261735][T14189] should_fail_alloc_page+0xeb/0x140 [ 713.261768][T14189] prepare_alloc_pages+0x1f0/0x5f0 [ 713.261802][T14189] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 713.261845][T14189] ? rcu_is_watching+0x12/0xc0 [ 713.261887][T14189] ? trace_mm_page_alloc+0x17a/0x1d0 [ 713.261917][T14189] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 713.261947][T14189] ? kernel_text_address+0x71/0x100 [ 713.261978][T14189] ? unwind_get_return_address+0x59/0xa0 [ 713.262006][T14189] ? arch_stack_walk+0xa6/0xf0 [ 713.262034][T14189] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 713.262090][T14189] ? stack_depot_save_flags+0x27/0x9d0 [ 713.262127][T14189] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 713.262173][T14189] ? pcpu_get_vm_areas+0x520/0x55d0 [ 713.262201][T14189] ? pcpu_create_chunk+0x254/0x730 [ 713.262242][T14189] ? pcpu_create_chunk+0x254/0x730 [ 713.262274][T14189] ? pcpu_alloc_noprof+0x18c4/0x1c50 [ 713.262313][T14189] alloc_pages_bulk_noprof+0x782/0x1490 [ 713.262371][T14189] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 713.262429][T14189] ? alloc_pages_noprof+0x233/0x390 [ 713.262464][T14189] __kasan_populate_vmalloc+0xf0/0x210 [ 713.262509][T14189] pcpu_get_vm_areas+0x2df1/0x55d0 [ 713.262570][T14189] ? __pfx_pcpu_get_vm_areas+0x10/0x10 [ 713.262607][T14189] pcpu_create_chunk+0x254/0x730 [ 713.262656][T14189] pcpu_alloc_noprof+0x18c4/0x1c50 [ 713.262719][T14189] bpf_map_alloc_percpu+0x9a/0xf0 [ 713.262812][T14189] ? __pfx_bpf_map_alloc_percpu+0x10/0x10 [ 713.262855][T14189] ? __pfx___might_resched+0x10/0x10 [ 713.262889][T14189] ? __bpf_map_area_alloc+0x13a/0x200 [ 713.262918][T14189] htab_map_alloc+0x1054/0x14e0 [ 713.262978][T14189] ? ns_capable+0xd2/0xf0 [ 713.263006][T14189] ? __pfx_htab_map_mem_usage+0x10/0x10 [ 713.263043][T14189] map_create+0x84e/0x2ba0 [ 713.263062][T14189] ? futex_unqueue+0x13d/0x2c0 [ 713.263091][T14189] ? __futex_wait+0x256/0x300 [ 713.263136][T14189] ? __pfx_map_create+0x10/0x10 [ 713.263158][T14189] ? __might_fault+0xc5/0x140 [ 713.263188][T14189] ? __might_fault+0xc5/0x140 [ 713.263230][T14189] __sys_bpf+0x2091/0x4b90 [ 713.263259][T14189] ? __pfx___sys_bpf+0x10/0x10 [ 713.263290][T14189] ? __pfx_futex_wait+0x10/0x10 [ 713.263348][T14189] ? do_writev+0x214/0x340 [ 713.263400][T14189] ? do_futex+0x192/0x350 [ 713.263448][T14189] ? xfd_validate_state+0x129/0x190 [ 713.263495][T14189] __x64_sys_bpf+0x7b/0xc0 [ 713.263525][T14189] ? lockdep_hardirqs_on+0x78/0x100 [ 713.263567][T14189] do_syscall_64+0x106/0xf80 [ 713.263604][T14189] ? clear_bhb_loop+0x40/0x90 [ 713.263637][T14189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.263663][T14189] RIP: 0033:0x7fb64d39c799 [ 713.263684][T14189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 713.263715][T14189] RSP: 002b:00007fb64e1c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 713.263743][T14189] RAX: ffffffffffffffda RBX: 00007fb64d615fa0 RCX: 00007fb64d39c799 [ 713.263765][T14189] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000 [ 713.263780][T14189] RBP: 00007fb64d432c99 R08: 0000000000000000 R09: 0000000000000000 [ 713.263795][T14189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 713.263810][T14189] R13: 00007fb64d616038 R14: 00007fb64d615fa0 R15: 00007ffeeda02018 [ 713.263845][T14189] [ 713.265752][T14192] Invalid ELF header magic: != ELF [ 714.782999][T12620] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 715.521949][T14217] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 715.900117][T14204] kexec: Could not allocate control_code_buffer [ 717.988927][T14234] zswap: compressor not available [ 722.580315][T14271] kexec: Could not allocate control_code_buffer [ 724.520518][T14313] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 726.075808][T14329] futex_wake_op: syz.1.1361 tries to shift op by -2048; fix this program [ 726.111620][T14329] futex_wake_op: syz.1.1361 tries to shift op by -2048; fix this program [ 733.117155][T12620] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 735.837719][T14391] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 737.292751][T14394] kexec: Could not allocate control_code_buffer [ 738.044293][T14407] FAULT_INJECTION: forcing a failure. [ 738.044293][T14407] name failslab, interval 1, probability 0, space 0, times 0 [ 738.061112][T14407] CPU: 0 UID: 0 PID: 14407 Comm: syz.0.1375 Tainted: G U L syzkaller #0 PREEMPT(full) [ 738.061168][T14407] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 738.061180][T14407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 738.061197][T14407] Call Trace: [ 738.061207][T14407] [ 738.061218][T14407] dump_stack_lvl+0x100/0x190 [ 738.061275][T14407] should_fail_ex.cold+0x5/0xa [ 738.061308][T14407] ? cache_create_net+0xa2/0x1f0 [ 738.061464][T14407] should_failslab+0xc2/0x120 [ 738.061502][T14407] __kmalloc_noprof+0xe0/0x850 [ 738.061559][T14407] cache_create_net+0xa2/0x1f0 [ 738.061608][T14407] nfsd_idmap_init+0x11f/0x250 [ 738.061667][T14407] ? __pfx_nfsd_net_init+0x10/0x10 [ 738.061702][T14407] nfsd_net_init+0x69/0x3d0 [ 738.061730][T14407] ? __pfx_nfsd_net_init+0x10/0x10 [ 738.061756][T14407] ops_init+0x1e2/0x5f0 [ 738.061872][T14407] setup_net+0x118/0x3a0 [ 738.061912][T14407] ? __pfx_setup_net+0x10/0x10 [ 738.061948][T14407] ? lockdep_init_map_type+0x5c/0x250 [ 738.061987][T14407] ? mutex_init_lockep+0x110/0x150 [ 738.062028][T14407] copy_net_ns+0x46f/0x7c0 [ 738.062105][T14407] create_new_namespaces+0x3ea/0xac0 [ 738.062142][T14407] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 738.062173][T14407] ksys_unshare+0x473/0xad0 [ 738.062209][T14407] ? __pfx_ksys_unshare+0x10/0x10 [ 738.062257][T14407] __x64_sys_unshare+0x31/0x40 [ 738.062295][T14407] do_syscall_64+0x106/0xf80 [ 738.062338][T14407] ? clear_bhb_loop+0x40/0x90 [ 738.062381][T14407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 738.062415][T14407] RIP: 0033:0x7f49d239c799 [ 738.062445][T14407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 738.062478][T14407] RSP: 002b:00007f49d31aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 738.062526][T14407] RAX: ffffffffffffffda RBX: 00007f49d2616090 RCX: 00007f49d239c799 [ 738.062548][T14407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 738.062566][T14407] RBP: 00007f49d2432c99 R08: 0000000000000000 R09: 0000000000000000 [ 738.062582][T14407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 738.062599][T14407] R13: 00007f49d2616128 R14: 00007f49d2616090 R15: 00007ffd18afdc38 [ 738.062632][T14407] [ 743.413748][T14468] FAULT_INJECTION: forcing a failure. [ 743.413748][T14468] name failslab, interval 1, probability 0, space 0, times 0 [ 743.433793][T14468] CPU: 1 UID: 0 PID: 14468 Comm: syz.2.1385 Tainted: G U L syzkaller #0 PREEMPT(full) [ 743.433843][T14468] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 743.433854][T14468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 743.433870][T14468] Call Trace: [ 743.433879][T14468] [ 743.433889][T14468] dump_stack_lvl+0x100/0x190 [ 743.433952][T14468] should_fail_ex.cold+0x5/0xa [ 743.433986][T14468] should_failslab+0xc2/0x120 [ 743.434018][T14468] __kmalloc_node_noprof+0xe6/0x850 [ 743.434062][T14468] ? __rb_allocate_pages+0x589/0xf50 [ 743.434111][T14468] __rb_allocate_pages+0x589/0xf50 [ 743.434165][T14468] ring_buffer_subbuf_order_set+0x3ef/0x18c0 [ 743.434210][T14468] ? tracing_stop_tr+0xf6/0x210 [ 743.434250][T14468] ? __pfx_ring_buffer_subbuf_order_set+0x10/0x10 [ 743.434284][T14468] ? __pfx___might_resched+0x10/0x10 [ 743.434325][T14468] ? iovec_from_user+0xda/0x140 [ 743.434367][T14468] buffer_subbuf_size_write+0x182/0x280 [ 743.434408][T14468] ? __pfx_buffer_subbuf_size_write+0x10/0x10 [ 743.434453][T14468] ? iov_iter_advance+0xac/0x6d0 [ 743.434495][T14468] ? __pfx_buffer_subbuf_size_write+0x10/0x10 [ 743.434536][T14468] vfs_writev+0x5ea/0xe10 [ 743.434571][T14468] ? rcu_is_watching+0x12/0xc0 [ 743.434619][T14468] ? __pfx_vfs_writev+0x10/0x10 [ 743.434657][T14468] ? fdget_pos+0x2aa/0x380 [ 743.434708][T14468] ? __fget_files+0x21f/0x3d0 [ 743.434743][T14468] ? do_writev+0x13e/0x340 [ 743.434782][T14468] do_writev+0x13e/0x340 [ 743.434823][T14468] ? __pfx_do_writev+0x10/0x10 [ 743.434877][T14468] do_syscall_64+0x106/0xf80 [ 743.434926][T14468] ? clear_bhb_loop+0x40/0x90 [ 743.434960][T14468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.434985][T14468] RIP: 0033:0x7f449839c799 [ 743.435011][T14468] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 743.435037][T14468] RSP: 002b:00007f4499293028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 743.435062][T14468] RAX: ffffffffffffffda RBX: 00007f4498615fa0 RCX: 00007f449839c799 [ 743.435081][T14468] RDX: 000000000000000a RSI: 0000200000000200 RDI: 0000000000000009 [ 743.435098][T14468] RBP: 00007f4498432c99 R08: 0000000000000000 R09: 0000000000000000 [ 743.435114][T14468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 743.435130][T14468] R13: 00007f4498616038 R14: 00007f4498615fa0 R15: 00007ffe516d8e28 [ 743.435170][T14468] [ 745.864664][T14477] kexec: Could not allocate control_code_buffer [ 748.004239][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.020667][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.150684][T14511] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1388'. [ 748.365974][T14503] kexec: Could not allocate control_code_buffer [ 754.455141][T14595] FAULT_INJECTION: forcing a failure. [ 754.455141][T14595] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 754.524185][T14595] CPU: 0 UID: 0 PID: 14595 Comm: syz.1.1406 Tainted: G U L syzkaller #0 PREEMPT(full) [ 754.524218][T14595] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 754.524224][T14595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 754.524233][T14595] Call Trace: [ 754.524239][T14595] [ 754.524246][T14595] dump_stack_lvl+0x100/0x190 [ 754.524279][T14595] should_fail_ex.cold+0x5/0xa [ 754.524300][T14595] _copy_from_user+0x2e/0xd0 [ 754.524320][T14595] memdup_user+0x6b/0xe0 [ 754.524334][T14595] msr_io+0xea/0x480 [ 754.524382][T14595] ? __pfx_do_get_feature_msr+0x10/0x10 [ 754.524404][T14595] ? __pfx_msr_io+0x10/0x10 [ 754.524426][T14595] kvm_arch_dev_ioctl+0x487/0x770 [ 754.524445][T14595] ? __pfx_kvm_arch_dev_ioctl+0x10/0x10 [ 754.524467][T14595] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 754.524495][T14595] ? do_vfs_ioctl+0x226/0x13e0 [ 754.524519][T14595] kvm_dev_ioctl+0x73a/0x1a50 [ 754.524547][T14595] ? find_held_lock+0x2b/0x80 [ 754.524567][T14595] ? __fget_files+0x215/0x3d0 [ 754.524588][T14595] ? hook_file_ioctl_common+0x146/0x410 [ 754.524610][T14595] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 754.524630][T14595] ? __fget_files+0x21f/0x3d0 [ 754.524647][T14595] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 754.524666][T14595] __x64_sys_ioctl+0x18e/0x210 [ 754.524689][T14595] do_syscall_64+0x106/0xf80 [ 754.524709][T14595] ? clear_bhb_loop+0x40/0x90 [ 754.524728][T14595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.524744][T14595] RIP: 0033:0x7fba0119c799 [ 754.524760][T14595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 754.524774][T14595] RSP: 002b:00007fba01f83028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 754.524789][T14595] RAX: ffffffffffffffda RBX: 00007fba01415fa0 RCX: 00007fba0119c799 [ 754.524799][T14595] RDX: 0000200000000040 RSI: 00000000c008ae88 RDI: 0000000000000009 [ 754.524808][T14595] RBP: 00007fba01232c99 R08: 0000000000000000 R09: 0000000000000000 [ 754.524817][T14595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.524827][T14595] R13: 00007fba01416038 R14: 00007fba01415fa0 R15: 00007ffd1519f488 [ 754.524847][T14595] [ 755.883716][T14612] futex_wake_op: syz.1.1407 tries to shift op by -2048; fix this program [ 759.764915][T14652] kexec: Could not allocate control_code_buffer [ 759.823732][T14662] input: jJǸ as /devices/virtual/input/input15 [ 761.529108][T14658] kexec: Could not allocate control_code_buffer [ 762.790689][T14679] kexec: Could not allocate control_code_buffer [ 763.354337][T14707] FAULT_INJECTION: forcing a failure. [ 763.354337][T14707] name failslab, interval 1, probability 0, space 0, times 0 [ 763.377291][T14707] CPU: 0 UID: 0 PID: 14707 Comm: syz.1.1423 Tainted: G U L syzkaller #0 PREEMPT(full) [ 763.377345][T14707] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 763.377356][T14707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 763.377373][T14707] Call Trace: [ 763.377382][T14707] [ 763.377393][T14707] dump_stack_lvl+0x100/0x190 [ 763.377455][T14707] should_fail_ex.cold+0x5/0xa [ 763.377496][T14707] should_failslab+0xc2/0x120 [ 763.377525][T14707] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 763.377566][T14707] ? mas_alloc_nodes+0x280/0x390 [ 763.377701][T14707] mas_alloc_nodes+0x280/0x390 [ 763.377735][T14707] mas_preallocate+0x39c/0xf10 [ 763.377772][T14707] ? __memcg_slab_post_alloc_hook+0x4c0/0x990 [ 763.377810][T14707] ? __pfx_mas_preallocate+0x10/0x10 [ 763.377856][T14707] ? anon_vma_name+0x5a/0x250 [ 763.377890][T14707] __split_vma+0x33d/0xd90 [ 763.377927][T14707] ? __pfx___split_vma+0x10/0x10 [ 763.377969][T14707] ? find_vma+0xbf/0x140 [ 763.378006][T14707] vma_modify+0x1121/0x2250 [ 763.378055][T14707] ? __pfx_vma_modify+0x10/0x10 [ 763.378105][T14707] vma_modify_policy+0x238/0x300 [ 763.378145][T14707] ? __pfx_vma_modify_policy+0x10/0x10 [ 763.378204][T14707] ? mas_walk+0x6ef/0x9b0 [ 763.378241][T14707] mbind_range+0x175/0x550 [ 763.378276][T14707] do_mbind+0x7de/0xfd0 [ 763.378316][T14707] ? __pfx_do_mbind+0x10/0x10 [ 763.378348][T14707] ? __lock_acquire+0x4a5/0x2630 [ 763.378400][T14707] ? __pfx_get_nodes+0x10/0x10 [ 763.378446][T14707] ? find_held_lock+0x2b/0x80 [ 763.378484][T14707] kernel_mbind+0x1b7/0x200 [ 763.378522][T14707] ? __pfx_kernel_mbind+0x10/0x10 [ 763.378568][T14707] do_syscall_64+0x106/0xf80 [ 763.378607][T14707] ? clear_bhb_loop+0x40/0x90 [ 763.378639][T14707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 763.378670][T14707] RIP: 0033:0x7fba0119c799 [ 763.378703][T14707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 763.378733][T14707] RSP: 002b:00007fba01f83028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 763.378764][T14707] RAX: ffffffffffffffda RBX: 00007fba01415fa0 RCX: 00007fba0119c799 [ 763.378782][T14707] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 763.378799][T14707] RBP: 00007fba01232c99 R08: 0000000000000006 R09: 0000000000000002 [ 763.378816][T14707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 763.378830][T14707] R13: 00007fba01416038 R14: 00007fba01415fa0 R15: 00007ffd1519f488 [ 763.378866][T14707] [ 769.007841][T14761] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1431'. [ 777.059910][T14858] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1446'. [ 777.718614][T14844] kexec: Could not allocate control_code_buffer [ 780.058635][T14884] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1451'. [ 780.756957][T14876] kexec: Could not allocate control_code_buffer [ 789.333925][T14956] kexec: Could not allocate control_code_buffer [ 792.985761][T15013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1473'. [ 793.066188][T15013] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1473'. [ 794.828473][T15032] kexec: Could not allocate control_code_buffer [ 796.906119][T15056] block2mtd: illegal erase size [ 802.412535][T15094] kexec: Could not allocate control_code_buffer [ 804.122858][T15145] FAULT_INJECTION: forcing a failure. [ 804.122858][T15145] name failslab, interval 1, probability 0, space 0, times 0 [ 804.137704][T15145] CPU: 1 UID: 0 PID: 15145 Comm: syz.3.1495 Tainted: G U L syzkaller #0 PREEMPT(full) [ 804.137756][T15145] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 804.137768][T15145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 804.137785][T15145] Call Trace: [ 804.137805][T15145] [ 804.137813][T15145] dump_stack_lvl+0x100/0x190 [ 804.137851][T15145] should_fail_ex.cold+0x5/0xa [ 804.137875][T15145] should_failslab+0xc2/0x120 [ 804.137893][T15145] __kmalloc_cache_noprof+0x7a/0x6f0 [ 804.137916][T15145] ? vkms_plane_duplicate_state+0x45/0x130 [ 804.138075][T15145] vkms_plane_duplicate_state+0x45/0x130 [ 804.138106][T15145] drm_atomic_get_plane_state+0x279/0x760 [ 804.138171][T15145] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 804.138243][T15145] ? trace_contention_end+0x140/0x180 [ 804.138274][T15145] ? __mutex_lock+0x26a/0x1b90 [ 804.138307][T15145] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 804.138333][T15145] ? drm_master_internal_acquire+0x21/0x80 [ 804.138395][T15145] drm_client_modeset_commit_locked+0x14d/0x580 [ 804.138421][T15145] drm_client_modeset_commit+0x4f/0x80 [ 804.138445][T15145] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 804.138507][T15145] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 804.138532][T15145] drm_fbdev_client_restore+0x1b/0x30 [ 804.138572][T15145] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 804.138589][T15145] drm_client_dev_restore+0x205/0x2a0 [ 804.138624][T15145] drm_release+0x2c6/0x360 [ 804.138684][T15145] ? __pfx_drm_release+0x10/0x10 [ 804.138704][T15145] __fput+0x3ff/0xb40 [ 804.138729][T15145] task_work_run+0x150/0x240 [ 804.138751][T15145] ? __pfx_task_work_run+0x10/0x10 [ 804.138777][T15145] exit_to_user_mode_loop+0x100/0x4a0 [ 804.138800][T15145] do_syscall_64+0x668/0xf80 [ 804.138827][T15145] ? clear_bhb_loop+0x40/0x90 [ 804.138849][T15145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 804.138866][T15145] RIP: 0033:0x7fb64d39c799 [ 804.138883][T15145] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 804.138899][T15145] RSP: 002b:00007fb64e1c0028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 804.138916][T15145] RAX: 0000000000000000 RBX: 00007fb64d615fa0 RCX: 00007fb64d39c799 [ 804.138928][T15145] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 804.138938][T15145] RBP: 00007fb64d432c99 R08: 0000000000000000 R09: 0000000000000000 [ 804.138948][T15145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 804.138959][T15145] R13: 00007fb64d616038 R14: 00007fb64d615fa0 R15: 00007ffeeda02018 [ 804.138987][T15145] [ 804.870968][T15148] sd 0:0:1:0: device reset [ 807.816336][T15153] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 809.473532][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.480047][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 810.082860][T15154] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 814.296059][T15220] kexec: Could not allocate control_code_buffer [ 814.764591][T15244] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 817.741387][T15272] zswap: compressor not available [ 824.557701][T15333] usb usb24: usbfs: process 15333 (syz.1.1524) did not claim interface 0 before use [ 825.002411][T15330] kexec: Could not allocate control_code_buffer [ 826.713610][T15363] futex_wake_op: syz.0.1528 tries to shift op by -2048; fix this program [ 826.757848][T15363] futex_wake_op: syz.0.1528 tries to shift op by -2048; fix this program [ 826.777127][T15359] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 826.808866][T15359] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 826.844441][T15369] FAULT_INJECTION: forcing a failure. [ 826.844441][T15369] name fail_futex, interval 1, probability 0, space 0, times 0 [ 826.867301][T15359] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 826.919275][T15369] CPU: 1 UID: 0 PID: 15369 Comm: syz.2.1529 Tainted: G U L syzkaller #0 PREEMPT(full) [ 826.919306][T15369] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 826.919312][T15369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 826.919323][T15369] Call Trace: [ 826.919329][T15369] [ 826.919336][T15369] dump_stack_lvl+0x100/0x190 [ 826.919366][T15369] should_fail_ex.cold+0x5/0xa [ 826.919388][T15369] get_futex_key+0x1d2/0x1620 [ 826.919409][T15369] ? __pfx_get_futex_key+0x10/0x10 [ 826.919428][T15369] ? kasan_quarantine_put+0x104/0x240 [ 826.919450][T15369] ? lockdep_hardirqs_on+0x78/0x100 [ 826.919473][T15369] futex_wake+0xea/0x530 [ 826.919494][T15369] ? find_held_lock+0x2b/0x80 [ 826.919509][T15369] ? __pfx_futex_wake+0x10/0x10 [ 826.919532][T15369] ? ksys_write+0x190/0x250 [ 826.919546][T15369] ? ksys_write+0x190/0x250 [ 826.919561][T15369] do_futex+0x32b/0x350 [ 826.919580][T15369] ? __pfx_do_futex+0x10/0x10 [ 826.919602][T15369] __x64_sys_futex+0x34f/0x4d0 [ 826.919632][T15369] ? __pfx___x64_sys_futex+0x10/0x10 [ 826.919658][T15369] do_syscall_64+0x106/0xf80 [ 826.919678][T15369] ? clear_bhb_loop+0x40/0x90 [ 826.919698][T15369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.919713][T15369] RIP: 0033:0x7f449839c799 [ 826.919726][T15369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 826.919739][T15369] RSP: 002b:00007f44992720e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 826.919754][T15369] RAX: ffffffffffffffda RBX: 00007f4498616098 RCX: 00007f449839c799 [ 826.919763][T15369] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f449861609c [ 826.919771][T15369] RBP: 00007f4498616090 R08: 0000000000000000 R09: 0000000000000000 [ 826.919780][T15369] R10: 0000000000000081 R11: 0000000000000246 R12: 0000000000000000 [ 826.919788][T15369] R13: 00007f4498616128 R14: 00007ffe516d8d40 R15: 00007ffe516d8e28 [ 826.919806][T15369] [ 827.126635][T15359] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 828.848406][T12620] Bluetooth: hci1: command 0x0c1a tx timeout [ 828.854520][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 828.920299][T12620] Bluetooth: hci2: command 0x0c1a tx timeout [ 829.185005][T15393] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 829.400927][T12620] Bluetooth: hci3: command 0x0c1a tx timeout [ 830.088638][T15384] kexec: Could not allocate control_code_buffer [ 831.689343][T15400] kexec: Could not allocate control_code_buffer [ 832.146627][T15420] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 835.558232][T15446] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0 [ 836.033855][T15432] netlink: 'syz.0.1539': attribute type 10 has an invalid length. [ 836.042445][T15432] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1539'. [ 841.294682][T15487] kexec: Could not allocate control_code_buffer [ 841.518781][T15507] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 842.937307][T15521] FAULT_INJECTION: forcing a failure. [ 842.937307][T15521] name fail_futex, interval 1, probability 0, space 0, times 0 [ 843.027234][T15521] CPU: 0 UID: 0 PID: 15521 Comm: syz.0.1552 Tainted: G U L syzkaller #0 PREEMPT(full) [ 843.027289][T15521] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 843.027301][T15521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 843.027319][T15521] Call Trace: [ 843.027329][T15521] [ 843.027342][T15521] dump_stack_lvl+0x100/0x190 [ 843.027395][T15521] should_fail_ex.cold+0x5/0xa [ 843.027433][T15521] get_futex_key+0x1d2/0x1620 [ 843.027472][T15521] ? __pfx_get_futex_key+0x10/0x10 [ 843.027510][T15521] ? kasan_quarantine_put+0x104/0x240 [ 843.027557][T15521] ? lockdep_hardirqs_on+0x78/0x100 [ 843.027604][T15521] futex_wake+0xea/0x530 [ 843.027646][T15521] ? find_held_lock+0x2b/0x80 [ 843.027675][T15521] ? __pfx_futex_wake+0x10/0x10 [ 843.027725][T15521] ? ksys_write+0x190/0x250 [ 843.027751][T15521] ? ksys_write+0x190/0x250 [ 843.027785][T15521] do_futex+0x32b/0x350 [ 843.027821][T15521] ? __pfx_do_futex+0x10/0x10 [ 843.027867][T15521] __x64_sys_futex+0x34f/0x4d0 [ 843.027909][T15521] ? __pfx___x64_sys_futex+0x10/0x10 [ 843.027960][T15521] do_syscall_64+0x106/0xf80 [ 843.027997][T15521] ? clear_bhb_loop+0x40/0x90 [ 843.028032][T15521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 843.028061][T15521] RIP: 0033:0x7f49d239c799 [ 843.028086][T15521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 843.028114][T15521] RSP: 002b:00007f49d31aa0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 843.028142][T15521] RAX: ffffffffffffffda RBX: 00007f49d2616098 RCX: 00007f49d239c799 [ 843.028165][T15521] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f49d261609c [ 843.028182][T15521] RBP: 00007f49d2616090 R08: 0000000000000000 R09: 0000000000000000 [ 843.028199][T15521] R10: 0000000000000081 R11: 0000000000000246 R12: 0000000000000000 [ 843.028223][T15521] R13: 00007f49d2616128 R14: 00007ffd18afdb50 R15: 00007ffd18afdc38 [ 843.028263][T15521] [ 843.259063][T15512] kexec: Could not allocate control_code_buffer [ 846.687629][T15573] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 849.179846][T15589] kexec: Could not allocate control_code_buffer [ 849.453392][T15605] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0 [ 850.583439][T15597] kexec: Could not allocate control_code_buffer [ 853.738454][T15651] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 856.436721][T15652] kexec: Could not allocate control_code_buffer [ 859.519607][T15696] kexec: Could not allocate control_code_buffer [ 861.404156][T15726] input: f as /devices/virtual/input/input18 [ 861.875113][T15732] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 862.327988][T15718] kexec: Could not allocate control_code_buffer [ 862.590227][T15737] Invalid ELF header magic: != ELF [ 866.356400][T15751] kexec: Could not allocate control_code_buffer [ 869.734462][T15804] input: f as /devices/virtual/input/input19 [ 870.152743][T15794] kexec: Could not allocate control_code_buffer [ 871.006697][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 871.015155][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 875.420566][T15838] kexec: Could not allocate control_code_buffer [ 880.786199][T12620] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 883.990981][T15919] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 884.839572][T15924] zswap: compressor not available [ 886.806931][T15958] Format for deleting device is "id" (uint). [ 887.166467][T15951] kexec: Could not allocate control_code_buffer [ 893.267599][T16034] Invalid ELF header magic: != ELF [ 895.231816][T16046] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 896.784844][T16051] hub 1-0:1.0: USB hub found [ 896.792242][T16051] hub 1-0:1.0: 1 port detected [ 902.073666][T16119] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 903.481897][T16136] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 903.571853][T16120] kexec: Could not allocate control_code_buffer [ 904.424308][T16126] hub 1-0:1.0: USB hub found [ 904.448140][T16126] hub 1-0:1.0: 1 port detected [ 908.608175][T16174] kexec: Could not allocate control_code_buffer [ 909.113412][T16192] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 911.461835][T16228] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 914.183386][T16245] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 915.274794][T16261] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 920.703002][T16301] kexec: Could not allocate control_code_buffer [ 925.204476][T16362] Invalid ELF header magic: != ELF [ 932.423915][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.431686][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 935.369255][T16451] kexec: Could not allocate control_code_buffer [ 938.975147][T12620] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 943.368834][T16523] FAULT_INJECTION: forcing a failure. [ 943.368834][T16523] name failslab, interval 1, probability 0, space 0, times 0 [ 943.447355][T16523] CPU: 0 UID: 0 PID: 16523 Comm: syz.3.1711 Tainted: G U L syzkaller #0 PREEMPT(full) [ 943.447412][T16523] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 943.447425][T16523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 943.447444][T16523] Call Trace: [ 943.447455][T16523] [ 943.447466][T16523] dump_stack_lvl+0x100/0x190 [ 943.447525][T16523] should_fail_ex.cold+0x5/0xa [ 943.447559][T16523] should_failslab+0xc2/0x120 [ 943.447594][T16523] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 943.447640][T16523] ? __proc_create+0x2cb/0x8c0 [ 943.447700][T16523] __proc_create+0x2cb/0x8c0 [ 943.447745][T16523] ? __pfx___proc_create+0x10/0x10 [ 943.447794][T16523] ? _raw_write_unlock+0x28/0x50 [ 943.447836][T16523] ? proc_register+0x559/0x8a0 [ 943.447869][T16523] proc_create_reg+0x75/0x170 [ 943.447905][T16523] proc_create_data+0x86/0x110 [ 943.447933][T16523] ? __pfx_proc_create_data+0x10/0x10 [ 943.447961][T16523] ? cache_register_net+0x137/0x5e0 [ 943.448112][T16523] ? cache_register_net+0x137/0x5e0 [ 943.448167][T16523] cache_register_net+0x2d6/0x5e0 [ 943.448207][T16523] nfsd_export_init+0x16e/0x250 [ 943.448242][T16523] ? __pfx_nfsd_net_init+0x10/0x10 [ 943.448275][T16523] nfsd_net_init+0x33/0x3d0 [ 943.448308][T16523] ? __pfx_nfsd_net_init+0x10/0x10 [ 943.448341][T16523] ops_init+0x1e2/0x5f0 [ 943.448392][T16523] setup_net+0x118/0x3a0 [ 943.448436][T16523] ? __pfx_setup_net+0x10/0x10 [ 943.448478][T16523] ? lockdep_init_map_type+0x5c/0x250 [ 943.448518][T16523] ? mutex_init_lockep+0x110/0x150 [ 943.448561][T16523] copy_net_ns+0x46f/0x7c0 [ 943.448608][T16523] create_new_namespaces+0x3ea/0xac0 [ 943.448651][T16523] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 943.448689][T16523] ksys_unshare+0x473/0xad0 [ 943.448732][T16523] ? __pfx_ksys_unshare+0x10/0x10 [ 943.448782][T16523] __x64_sys_unshare+0x31/0x40 [ 943.448818][T16523] do_syscall_64+0x106/0xf80 [ 943.448858][T16523] ? clear_bhb_loop+0x40/0x90 [ 943.448895][T16523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.448926][T16523] RIP: 0033:0x7fb64d39c799 [ 943.448952][T16523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 943.448983][T16523] RSP: 002b:00007fb64e19f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 943.449013][T16523] RAX: ffffffffffffffda RBX: 00007fb64d616090 RCX: 00007fb64d39c799 [ 943.449047][T16523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 943.449067][T16523] RBP: 00007fb64d432c99 R08: 0000000000000000 R09: 0000000000000000 [ 943.449087][T16523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 943.449106][T16523] R13: 00007fb64d616128 R14: 00007fb64d616090 R15: 00007ffeeda02018 [ 943.449147][T16523] [ 943.989976][T16515] kexec: Could not allocate control_code_buffer [ 944.335031][T16536] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 944.972765][T16534] kexec: Could not allocate control_code_buffer [ 952.342506][T16594] kexec: Could not allocate control_code_buffer [ 952.985243][T16604] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 953.118560][T16611] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 961.425160][T16669] kexec: Could not allocate control_code_buffer [ 962.932876][T16693] kexec: Could not allocate control_code_buffer [ 966.061408][T16722] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1741'. [ 971.477083][T16763] kexec: Could not allocate control_code_buffer [ 973.882794][T16808] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1754'. [ 976.094124][T16821] zswap: compressor not available [ 978.170955][T16846] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 979.587777][T16848] kexec: Could not allocate control_code_buffer [ 983.227323][T16917] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 989.366468][T16968] block2mtd: illegal erase size [ 989.569418][T16977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1783'. [ 991.867208][T16990] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 993.887759][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.897066][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 996.888697][T17026] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 999.391134][T17055] can: request_module (can-proto-0) failed. [ 1000.929500][T17061] kexec: Could not allocate control_code_buffer [ 1001.564472][T17046] netlink: 'syz.3.1797': attribute type 10 has an invalid length. [ 1001.646565][T17046] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1797'. [ 1003.853192][T17096] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y [ 1004.272523][T17096] ieee80211 !PjE r҄y*"l-yL̓]: Failed to add default virtual iface [ 1006.856290][T17107] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1006.881859][T17107] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1006.899895][T17107] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1006.906028][T17107] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1007.249347][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 1007.620889][T17135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1810'. [ 1007.785220][T17139] bond0: no command found in slaves file - use +ifname or -ifname [ 1008.929962][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 1008.936109][T12620] Bluetooth: hci2: command 0x0c1a tx timeout [ 1008.936158][T15390] Bluetooth: hci1: command 0x0c1a tx timeout [ 1008.974457][T17152] Format for deleting device is "id" (uint). [ 1014.509949][T17190] kexec: Could not allocate control_code_buffer [ 1016.188186][T17218] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1018.206300][T17234] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1021.247489][T17263] zswap: compressor not available [ 1022.628008][T17268] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1022.671752][T17268] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1022.683955][T17268] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1022.722183][T17268] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1023.275211][T17289] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1830'. [ 1023.657391][T15390] Bluetooth: hci0: command 0x0c1a tx timeout [ 1024.697901][T15390] Bluetooth: hci2: command 0x0c1a tx timeout [ 1024.697959][T12620] Bluetooth: hci1: command 0x0c1a tx timeout [ 1024.781573][T12620] Bluetooth: hci3: command 0x0c1a tx timeout [ 1032.287863][T17373] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1043.314876][T17481] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1050.342732][T17539] FAULT_INJECTION: forcing a failure. [ 1050.342732][T17539] name failslab, interval 1, probability 0, space 0, times 0 [ 1050.431168][T17539] CPU: 1 UID: 0 PID: 17539 Comm: syz.1.1875 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1050.431202][T17539] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1050.431208][T17539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1050.431219][T17539] Call Trace: [ 1050.431225][T17539] [ 1050.431232][T17539] dump_stack_lvl+0x100/0x190 [ 1050.431266][T17539] should_fail_ex.cold+0x5/0xa [ 1050.431287][T17539] ? __register_sysctl_table+0xbe4/0x1650 [ 1050.431315][T17539] should_failslab+0xc2/0x120 [ 1050.431333][T17539] __kmalloc_noprof+0xe0/0x850 [ 1050.431371][T17539] __register_sysctl_table+0xbe4/0x1650 [ 1050.431402][T17539] ? __pfx___register_sysctl_table+0x10/0x10 [ 1050.431427][T17539] ? __pfx_rcu_is_watching+0x1/0x10 [ 1050.431452][T17539] ? __asan_memcpy+0x3c/0x60 [ 1050.431473][T17539] register_pidns_sysctls+0x11d/0x1c0 [ 1050.431495][T17539] ? __ns_common_init+0x299/0x4b0 [ 1050.431514][T17539] copy_pid_ns+0x680/0x10a0 [ 1050.431533][T17539] ? __pfx_copy_pid_ns+0x10/0x10 [ 1050.431549][T17539] ? rcu_is_watching+0x12/0xc0 [ 1050.431571][T17539] ? copy_mnt_ns+0x106/0xc30 [ 1050.431588][T17539] ? create_new_namespaces+0x30/0xac0 [ 1050.431606][T17539] create_new_namespaces+0x2aa/0xac0 [ 1050.431625][T17539] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1050.431643][T17539] ksys_unshare+0x473/0xad0 [ 1050.431662][T17539] ? __pfx_ksys_unshare+0x10/0x10 [ 1050.431687][T17539] __x64_sys_unshare+0x31/0x40 [ 1050.431704][T17539] do_syscall_64+0x106/0xf80 [ 1050.431725][T17539] ? clear_bhb_loop+0x40/0x90 [ 1050.431743][T17539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1050.431759][T17539] RIP: 0033:0x7fba0119c799 [ 1050.431774][T17539] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1050.431789][T17539] RSP: 002b:00007fba01f83028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1050.431804][T17539] RAX: ffffffffffffffda RBX: 00007fba01415fa0 RCX: 00007fba0119c799 [ 1050.431813][T17539] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 1050.431822][T17539] RBP: 00007fba01232c99 R08: 0000000000000000 R09: 0000000000000000 [ 1050.431831][T17539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1050.431839][T17539] R13: 00007fba01416038 R14: 00007fba01415fa0 R15: 00007ffd1519f488 [ 1050.431859][T17539] [ 1050.431868][T17539] sysctl could not get directory: /kernel -12 [ 1052.709182][T17541] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1052.789400][T17541] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1052.812099][T17541] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1052.875869][T17541] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1053.033004][T12620] Bluetooth: hci0: command 0x0c1a tx timeout [ 1054.804516][T12620] Bluetooth: hci1: command 0x0c1a tx timeout [ 1054.878906][T15390] Bluetooth: hci3: command 0x0c1a tx timeout [ 1054.893052][T12620] Bluetooth: hci2: command 0x0c1a tx timeout [ 1055.358551][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.366897][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1061.542539][T17621] tipc: Started in network mode [ 1061.662089][T17621] tipc: Node identity ee00, cluster identity 4711 [ 1061.849555][T17621] tipc: Node number set to 60928 [ 1065.646575][T17679] can: request_module (can-proto-0) failed. [ 1067.779006][T17703] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1068.282730][T17707] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1072.195734][T17736] FAULT_INJECTION: forcing a failure. [ 1072.195734][T17736] name failslab, interval 1, probability 0, space 0, times 0 [ 1072.309137][T17736] CPU: 0 UID: 0 PID: 17736 Comm: syz.2.1904 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1072.309173][T17736] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1072.309179][T17736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1072.309190][T17736] Call Trace: [ 1072.309197][T17736] [ 1072.309205][T17736] dump_stack_lvl+0x100/0x190 [ 1072.309239][T17736] should_fail_ex.cold+0x5/0xa [ 1072.309260][T17736] ? __register_sysctl_table+0xbe4/0x1650 [ 1072.309286][T17736] should_failslab+0xc2/0x120 [ 1072.309302][T17736] __kmalloc_noprof+0xe0/0x850 [ 1072.309332][T17736] __register_sysctl_table+0xbe4/0x1650 [ 1072.309359][T17736] ? __pfx___register_sysctl_table+0x10/0x10 [ 1072.309381][T17736] ? __pfx_rcu_is_watching+0x1/0x10 [ 1072.309419][T17736] ? __asan_memcpy+0x3c/0x60 [ 1072.309444][T17736] register_pidns_sysctls+0x11d/0x1c0 [ 1072.309467][T17736] ? __ns_common_init+0x299/0x4b0 [ 1072.309487][T17736] copy_pid_ns+0x680/0x10a0 [ 1072.309505][T17736] ? __pfx_copy_pid_ns+0x10/0x10 [ 1072.309522][T17736] ? rcu_is_watching+0x12/0xc0 [ 1072.309543][T17736] ? copy_mnt_ns+0x106/0xc30 [ 1072.309560][T17736] ? create_new_namespaces+0x30/0xac0 [ 1072.309579][T17736] create_new_namespaces+0x2aa/0xac0 [ 1072.309598][T17736] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1072.309616][T17736] ksys_unshare+0x473/0xad0 [ 1072.309636][T17736] ? __pfx_ksys_unshare+0x10/0x10 [ 1072.309662][T17736] __x64_sys_unshare+0x31/0x40 [ 1072.309679][T17736] do_syscall_64+0x106/0xf80 [ 1072.309699][T17736] ? clear_bhb_loop+0x40/0x90 [ 1072.309717][T17736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1072.309734][T17736] RIP: 0033:0x7f449839c799 [ 1072.309749][T17736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1072.309763][T17736] RSP: 002b:00007f4499272028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1072.309778][T17736] RAX: ffffffffffffffda RBX: 00007f4498616090 RCX: 00007f449839c799 [ 1072.309788][T17736] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 1072.309797][T17736] RBP: 00007f4498432c99 R08: 0000000000000000 R09: 0000000000000000 [ 1072.309805][T17736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1072.309813][T17736] R13: 00007f4498616128 R14: 00007f4498616090 R15: 00007ffe516d8e28 [ 1072.309832][T17736] [ 1072.309840][T17736] sysctl could not get directory: /kernel -12 [ 1078.776795][T17776] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1080.214364][T17778] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1080.255324][T17804] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1913'. [ 1080.305156][T17778] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1080.336337][T17778] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1080.403769][T17778] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1080.889795][T12620] Bluetooth: hci0: command 0x0c1a tx timeout [ 1081.166937][T17822] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1918'. [ 1082.336877][T12620] Bluetooth: hci1: command 0x0c1a tx timeout [ 1082.416653][T12620] Bluetooth: hci3: command 0x0c1a tx timeout [ 1082.416794][T15390] Bluetooth: hci2: command 0x0c1a tx timeout [ 1082.725466][T17825] netlink: 'syz.1.1917': attribute type 10 has an invalid length. [ 1082.733989][T17825] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1917'. [ 1083.668900][T17840] can: request_module (can-proto-0) failed. [ 1085.020636][T17856] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1923'. [ 1086.895873][T17866] FAULT_INJECTION: forcing a failure. [ 1086.895873][T17866] name failslab, interval 1, probability 0, space 0, times 0 [ 1086.912466][T17870] deleting an unspecified loop device is not supported. [ 1086.981389][T17866] CPU: 0 UID: 0 PID: 17866 Comm: syz.3.1925 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1086.981424][T17866] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1086.981430][T17866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1086.981441][T17866] Call Trace: [ 1086.981447][T17866] [ 1086.981455][T17866] dump_stack_lvl+0x100/0x190 [ 1086.981489][T17866] should_fail_ex.cold+0x5/0xa [ 1086.981511][T17866] ? __register_sysctl_table+0xbe4/0x1650 [ 1086.981540][T17866] should_failslab+0xc2/0x120 [ 1086.981559][T17866] __kmalloc_noprof+0xe0/0x850 [ 1086.981588][T17866] __register_sysctl_table+0xbe4/0x1650 [ 1086.981615][T17866] ? __pfx___register_sysctl_table+0x10/0x10 [ 1086.981637][T17866] ? __pfx_rcu_is_watching+0x1/0x10 [ 1086.981662][T17866] ? __asan_memcpy+0x3c/0x60 [ 1086.981683][T17866] register_pidns_sysctls+0x11d/0x1c0 [ 1086.981703][T17866] ? __ns_common_init+0x299/0x4b0 [ 1086.981723][T17866] copy_pid_ns+0x680/0x10a0 [ 1086.981741][T17866] ? __pfx_copy_pid_ns+0x10/0x10 [ 1086.981758][T17866] ? rcu_is_watching+0x12/0xc0 [ 1086.981780][T17866] ? copy_mnt_ns+0x106/0xc30 [ 1086.981797][T17866] ? create_new_namespaces+0x30/0xac0 [ 1086.981815][T17866] create_new_namespaces+0x2aa/0xac0 [ 1086.981835][T17866] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1086.981864][T17866] ksys_unshare+0x473/0xad0 [ 1086.981909][T17866] ? __pfx_ksys_unshare+0x10/0x10 [ 1086.981941][T17866] __x64_sys_unshare+0x31/0x40 [ 1086.981961][T17866] do_syscall_64+0x106/0xf80 [ 1086.981982][T17866] ? clear_bhb_loop+0x40/0x90 [ 1086.982001][T17866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.982018][T17866] RIP: 0033:0x7fb64d39c799 [ 1086.982033][T17866] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1086.982047][T17866] RSP: 002b:00007fb64e1c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1086.982062][T17866] RAX: ffffffffffffffda RBX: 00007fb64d615fa0 RCX: 00007fb64d39c799 [ 1086.982072][T17866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 1086.982081][T17866] RBP: 00007fb64d432c99 R08: 0000000000000000 R09: 0000000000000000 [ 1086.982092][T17866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1086.982101][T17866] R13: 00007fb64d616038 R14: 00007fb64d615fa0 R15: 00007ffeeda02018 [ 1086.982122][T17866] [ 1086.982131][T17866] sysctl could not get directory: /kernel -12 [ 1092.768306][T17935] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1093.342523][ T30] audit: type=1800 audit(1773411431.080:9): pid=17941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1941" name="lu_gp_id" dev="configfs" ino=723625 res=0 errno=0 [ 1094.198811][T17949] FAULT_INJECTION: forcing a failure. [ 1094.198811][T17949] name failslab, interval 1, probability 0, space 0, times 0 [ 1094.292587][T17949] CPU: 1 UID: 0 PID: 17949 Comm: syz.0.1944 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1094.292641][T17949] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1094.292652][T17949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1094.292671][T17949] Call Trace: [ 1094.292682][T17949] [ 1094.292692][T17949] dump_stack_lvl+0x100/0x190 [ 1094.292749][T17949] should_fail_ex.cold+0x5/0xa [ 1094.292802][T17949] should_failslab+0xc2/0x120 [ 1094.292835][T17949] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1094.292877][T17949] ? vkms_plane_duplicate_state+0x45/0x130 [ 1094.292936][T17949] vkms_plane_duplicate_state+0x45/0x130 [ 1094.292975][T17949] drm_atomic_get_plane_state+0x279/0x760 [ 1094.293014][T17949] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 1094.293052][T17949] ? trace_contention_end+0x140/0x180 [ 1094.293095][T17949] ? __mutex_lock+0x26a/0x1b90 [ 1094.293139][T17949] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1094.293193][T17949] ? drm_master_internal_acquire+0x21/0x80 [ 1094.293267][T17949] drm_client_modeset_commit_locked+0x14d/0x580 [ 1094.293311][T17949] drm_client_modeset_commit+0x4f/0x80 [ 1094.293351][T17949] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1094.293397][T17949] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1094.293441][T17949] drm_fbdev_client_restore+0x1b/0x30 [ 1094.293471][T17949] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1094.293499][T17949] drm_client_dev_restore+0x205/0x2a0 [ 1094.293544][T17949] drm_release+0x2c6/0x360 [ 1094.293579][T17949] ? __pfx_drm_release+0x10/0x10 [ 1094.293621][T17949] __fput+0x3ff/0xb40 [ 1094.293666][T17949] task_work_run+0x150/0x240 [ 1094.293709][T17949] ? __pfx_task_work_run+0x10/0x10 [ 1094.293759][T17949] exit_to_user_mode_loop+0x100/0x4a0 [ 1094.293816][T17949] do_syscall_64+0x668/0xf80 [ 1094.293857][T17949] ? clear_bhb_loop+0x40/0x90 [ 1094.293892][T17949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1094.293923][T17949] RIP: 0033:0x7f49d239c799 [ 1094.293946][T17949] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1094.293973][T17949] RSP: 002b:00007f49d31cb028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1094.294004][T17949] RAX: 0000000000000000 RBX: 00007f49d2615fa0 RCX: 00007f49d239c799 [ 1094.294021][T17949] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1094.294036][T17949] RBP: 00007f49d2432c99 R08: 0000000000000000 R09: 0000000000000000 [ 1094.294052][T17949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1094.294069][T17949] R13: 00007f49d2616038 R14: 00007f49d2615fa0 R15: 00007ffd18afdc38 [ 1094.294108][T17949] [ 1094.651505][T17949] sd 0:0:1:0: device reset [ 1096.671965][T17963] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1097.187799][T17974] can: request_module (can-proto-0) failed. [ 1103.108072][T18022] vivid-007: ================= START STATUS ================= [ 1103.116341][T18022] vivid-007: Generate PTS: true [ 1103.123775][T18022] vivid-007: Generate SCR: true [ 1103.147608][T18022] tpg source WxH: 320x240 (Y'CbCr) [ 1103.154726][T18022] tpg field: 1 [ 1103.278956][T18022] tpg crop: (0,0)/320x240 [ 1103.283386][T18022] tpg compose: (0,0)/320x240 [ 1103.320046][T18022] tpg colorspace: 8 [ 1103.323929][T18022] tpg transfer function: 0/0 [ 1103.410129][T18022] tpg Y'CbCr encoding: 0/0 [ 1103.417312][T18022] tpg quantization: 0/0 [ 1103.421652][T18022] tpg RGB range: 0/2 [ 1103.430565][T18022] vivid-007: ================== END STATUS ================== [ 1104.086059][T18047] block nbd0: shutting down sockets [ 1104.631960][T18040] NFSD: Failed to start, no listeners configured. [ 1107.352747][T18068] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1109.718742][T18076] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1965'. [ 1111.066792][T18101] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input21 [ 1111.116579][T18101] FAULT_INJECTION: forcing a failure. [ 1111.116579][T18101] name failslab, interval 1, probability 0, space 0, times 0 [ 1111.206198][T18101] CPU: 1 UID: 0 PID: 18101 Comm: syz.1.1970 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1111.206261][T18101] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1111.206272][T18101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1111.206292][T18101] Call Trace: [ 1111.206302][T18101] [ 1111.206309][T18101] dump_stack_lvl+0x100/0x190 [ 1111.206344][T18101] should_fail_ex.cold+0x5/0xa [ 1111.206366][T18101] should_failslab+0xc2/0x120 [ 1111.206382][T18101] __kmalloc_node_noprof+0xe6/0x850 [ 1111.206404][T18101] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 1111.206429][T18101] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 1111.206454][T18101] ? kernel_clone+0xfc/0x9a0 [ 1111.206476][T18101] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1111.206499][T18101] ? rcu_is_watching+0x12/0xc0 [ 1111.206521][T18101] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1111.206540][T18101] ? kernel_clone+0xfc/0x9a0 [ 1111.206557][T18101] __vmalloc_node_noprof+0xad/0xf0 [ 1111.206585][T18101] ? kernel_clone+0xfc/0x9a0 [ 1111.206605][T18101] copy_process+0x5ec/0x7a10 [ 1111.206625][T18101] ? preempt_schedule_thunk+0x16/0x30 [ 1111.206656][T18101] ? try_to_wake_up+0x644/0x1a80 [ 1111.206680][T18101] ? __pfx_copy_process+0x10/0x10 [ 1111.206699][T18101] ? find_held_lock+0x2b/0x80 [ 1111.206717][T18101] ? futex_private_hash_put+0x107/0x1c0 [ 1111.206741][T18101] kernel_clone+0xfc/0x9a0 [ 1111.206764][T18101] ? __pfx_kernel_clone+0x10/0x10 [ 1111.206791][T18101] __do_sys_clone+0xd9/0x120 [ 1111.206807][T18101] ? __pfx___do_sys_clone+0x10/0x10 [ 1111.206833][T18101] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1111.206851][T18101] ? syscall_user_dispatch+0x76/0x130 [ 1111.206874][T18101] do_syscall_64+0x106/0xf80 [ 1111.206894][T18101] ? clear_bhb_loop+0x40/0x90 [ 1111.206914][T18101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1111.206931][T18101] RIP: 0033:0x7fba0119c799 [ 1111.206946][T18101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1111.206963][T18101] RSP: 002b:00007fb9ff3d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1111.206978][T18101] RAX: ffffffffffffffda RBX: 00007fba01416180 RCX: 00007fba0119c799 [ 1111.206988][T18101] RDX: 0000200000000080 RSI: 000000000000000b RDI: 0000000000000008 [ 1111.206998][T18101] RBP: 00007fba01232c99 R08: 0000000000000002 R09: 0000000000000000 [ 1111.207008][T18101] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 1111.207017][T18101] R13: 00007fba01416218 R14: 00007fba01416180 R15: 00007ffd1519f488 [ 1111.207038][T18101] [ 1111.577920][T18101] syz.1.1970: vmalloc error: size 32768, failed to allocated page array size 64, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1111.965593][T18101] CPU: 1 UID: 0 PID: 18101 Comm: syz.1.1970 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1111.965649][T18101] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1111.965660][T18101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1111.965678][T18101] Call Trace: [ 1111.965689][T18101] [ 1111.965700][T18101] dump_stack_lvl+0x100/0x190 [ 1111.965755][T18101] warn_alloc.cold+0x95/0x1c1 [ 1111.965804][T18101] ? __pfx_warn_alloc+0x10/0x10 [ 1111.965845][T18101] ? dump_stack_lvl+0x17c/0x190 [ 1111.965887][T18101] ? trace_kmalloc+0x101/0x130 [ 1111.965915][T18101] ? __kasan_kmalloc+0x8a/0xb0 [ 1111.965956][T18101] ? __kmalloc_node_noprof+0x324/0x850 [ 1111.965994][T18101] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 1111.966034][T18101] __vmalloc_node_range_noprof+0x1275/0x1530 [ 1111.966074][T18101] ? kernel_clone+0xfc/0x9a0 [ 1111.966126][T18101] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1111.966163][T18101] ? rcu_is_watching+0x12/0xc0 [ 1111.966189][T18101] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1111.966208][T18101] ? kernel_clone+0xfc/0x9a0 [ 1111.966225][T18101] __vmalloc_node_noprof+0xad/0xf0 [ 1111.966245][T18101] ? kernel_clone+0xfc/0x9a0 [ 1111.966263][T18101] copy_process+0x5ec/0x7a10 [ 1111.966280][T18101] ? preempt_schedule_thunk+0x16/0x30 [ 1111.966302][T18101] ? try_to_wake_up+0x644/0x1a80 [ 1111.966319][T18101] ? __pfx_copy_process+0x10/0x10 [ 1111.966336][T18101] ? find_held_lock+0x2b/0x80 [ 1111.966352][T18101] ? futex_private_hash_put+0x107/0x1c0 [ 1111.966376][T18101] kernel_clone+0xfc/0x9a0 [ 1111.966395][T18101] ? __pfx_kernel_clone+0x10/0x10 [ 1111.966422][T18101] __do_sys_clone+0xd9/0x120 [ 1111.966439][T18101] ? __pfx___do_sys_clone+0x10/0x10 [ 1111.966465][T18101] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1111.966484][T18101] ? syscall_user_dispatch+0x76/0x130 [ 1111.966507][T18101] do_syscall_64+0x106/0xf80 [ 1111.966527][T18101] ? clear_bhb_loop+0x40/0x90 [ 1111.966545][T18101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1111.966562][T18101] RIP: 0033:0x7fba0119c799 [ 1111.966582][T18101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1111.966599][T18101] RSP: 002b:00007fb9ff3d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1111.966616][T18101] RAX: ffffffffffffffda RBX: 00007fba01416180 RCX: 00007fba0119c799 [ 1111.966627][T18101] RDX: 0000200000000080 RSI: 000000000000000b RDI: 0000000000000008 [ 1111.966638][T18101] RBP: 00007fba01232c99 R08: 0000000000000002 R09: 0000000000000000 [ 1111.966650][T18101] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 1111.966658][T18101] R13: 00007fba01416218 R14: 00007fba01416180 R15: 00007ffd1519f488 [ 1111.966677][T18101] [ 1111.966704][T18101] Mem-Info: [ 1112.551788][T18101] active_anon:41754 inactive_anon:2926 isolated_anon:512 [ 1112.551788][T18101] active_file:8737 inactive_file:50113 isolated_file:0 [ 1112.551788][T18101] unevictable:768 dirty:1660 writeback:0 [ 1112.551788][T18101] slab_reclaimable:20941 slab_unreclaimable:126186 [ 1112.551788][T18101] mapped:38951 shmem:20739 pagetables:1352 [ 1112.551788][T18101] sec_pagetables:0 bounce:0 [ 1112.551788][T18101] kernel_misc_reclaimable:0 [ 1112.551788][T18101] free:1247389 free_pcp:6361 free_cma:0 [ 1112.825548][T18101] Node 0 active_anon:167988kB inactive_anon:11704kB active_file:34948kB inactive_file:200320kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:156996kB dirty:6896kB writeback:0kB shmem:82436kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:69632kB kernel_stack:11340kB pagetables:5300kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1113.180221][T18101] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1113.308697][T18101] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1113.381410][T18101] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 1113.420682][T18101] Node 0 DMA32 free:1025888kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:183300kB inactive_anon:11704kB active_file:34948kB inactive_file:200320kB unevictable:1536kB writepending:5912kB zspages:688kB present:3129332kB managed:2537400kB mlocked:0kB bounce:0kB free_pcp:30312kB local_pcp:14308kB free_cma:0kB [ 1113.530949][T18101] lowmem_reserve[]: 0 0 1 1 1 [ 1113.556245][T18101] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1113.672175][T18101] lowmem_reserve[]: 0 0 0 0 0 [ 1113.677028][T18101] Node 1 Normal free:3933200kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1113.791267][T18101] lowmem_reserve[]: 0 0 0 0 0 [ 1113.810113][T18101] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1113.829924][T18101] Node 0 DMA32: 2523*4kB (UME) 1985*8kB (UME) 1326*16kB (UE) 77*32kB (UE) 929*64kB (UME) 764*128kB (UME) 523*256kB (ME) 381*512kB (UM) 228*1024kB (ME) 2*2048kB (ME) 58*4096kB (UM) = 1010996kB [ 1113.860748][T18101] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 1114.052422][T18101] Node 1 Normal: 6*4kB (UM) 9*8kB (UM) 13*16kB (UM) 15*32kB (UM) 8*64kB (UM) 6*128kB (UM) 6*256kB (UM) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (U) 958*4096kB (UM) = 3933200kB [ 1114.132521][T18101] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1114.162592][T18101] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 1114.172034][T18101] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1114.264271][T18101] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1114.356123][T18101] 86223 total pagecache pages [ 1114.361248][T18101] 98 pages in swap cache [ 1114.389926][T18101] Free swap = 120832kB [ 1114.423432][T18101] Total swap = 124996kB [ 1114.427667][T18101] 2097051 pages RAM [ 1114.431495][T18101] 0 pages HighMem/MovableOnly [ 1114.458270][T18101] 430821 pages reserved [ 1114.462907][T18101] 0 pages cma reserved [ 1116.849727][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.856279][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1123.317173][T18194] netlink: 'syz.1.1987': attribute type 4 has an invalid length. [ 1123.365430][T18179] kexec: Could not allocate control_code_buffer [ 1127.601330][T18218] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1991'. [ 1128.246231][T18218] team0: Port device team_slave_0 removed [ 1128.279279][T18227] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1993'. [ 1128.527600][T18230] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1994'. [ 1128.838006][T18230] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1128.921079][T18230] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1129.038326][T18230] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1129.088786][T18230] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1131.241514][T18262] FAULT_INJECTION: forcing a failure. [ 1131.241514][T18262] name failslab, interval 1, probability 0, space 0, times 0 [ 1131.270666][T18262] CPU: 1 UID: 0 PID: 18262 Comm: syz.2.2000 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1131.270723][T18262] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1131.270734][T18262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1131.270752][T18262] Call Trace: [ 1131.270761][T18262] [ 1131.270772][T18262] dump_stack_lvl+0x100/0x190 [ 1131.270826][T18262] should_fail_ex.cold+0x5/0xa [ 1131.270865][T18262] should_failslab+0xc2/0x120 [ 1131.270897][T18262] __kvmalloc_node_noprof+0xfa/0xa00 [ 1131.270991][T18262] ? tap_open+0x381/0x1180 [ 1131.271185][T18262] tap_open+0x381/0x1180 [ 1131.271221][T18262] ? __pfx_tap_open+0x10/0x10 [ 1131.271253][T18262] chrdev_open+0x234/0x6a0 [ 1131.271282][T18262] ? __pfx_apparmor_file_open+0x10/0x10 [ 1131.271365][T18262] ? __pfx_chrdev_open+0x10/0x10 [ 1131.271398][T18262] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1131.271451][T18262] do_dentry_open+0x6d8/0x1660 [ 1131.271480][T18262] ? __pfx_chrdev_open+0x10/0x10 [ 1131.271517][T18262] vfs_open+0x82/0x3f0 [ 1131.271552][T18262] path_openat+0x208c/0x31a0 [ 1131.271591][T18262] ? __pfx_path_openat+0x10/0x10 [ 1131.271636][T18262] do_file_open+0x20e/0x430 [ 1131.271668][T18262] ? __pfx_do_file_open+0x10/0x10 [ 1131.271721][T18262] ? alloc_fd+0x476/0x790 [ 1131.271752][T18262] ? do_getname+0x191/0x390 [ 1131.271788][T18262] do_sys_openat2+0x10d/0x1e0 [ 1131.271824][T18262] ? __pfx_do_sys_openat2+0x10/0x10 [ 1131.271869][T18262] __x64_sys_openat+0x12d/0x210 [ 1131.271901][T18262] ? __pfx___x64_sys_openat+0x10/0x10 [ 1131.272003][T18262] do_syscall_64+0x106/0xf80 [ 1131.272051][T18262] ? clear_bhb_loop+0x40/0x90 [ 1131.272085][T18262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1131.272112][T18262] RIP: 0033:0x7f449839c799 [ 1131.272136][T18262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1131.272167][T18262] RSP: 002b:00007f4499251028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1131.272198][T18262] RAX: ffffffffffffffda RBX: 00007f4498616180 RCX: 00007f449839c799 [ 1131.272215][T18262] RDX: 0000000000000801 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1131.272232][T18262] RBP: 00007f4498432c99 R08: 0000000000000000 R09: 0000000000000000 [ 1131.272248][T18262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1131.272268][T18262] R13: 00007f4498616218 R14: 00007f4498616180 R15: 00007ffe516d8e28 [ 1131.272310][T18262] [ 1131.592661][T18265] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1134.641227][T18302] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1135.507335][T18277] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1135.515998][T18277] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1135.537585][T18277] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1135.553097][T15390] Bluetooth: hci0: command 0x0c1a tx timeout [ 1135.564851][T18277] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1135.713387][T18281] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 1135.763967][T18296] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 1137.555474][T15390] Bluetooth: hci1: command 0x0c1a tx timeout [ 1137.556445][T12620] Bluetooth: hci2: command 0x0c1a tx timeout [ 1137.634306][T12620] Bluetooth: hci3: command 0x0c1a tx timeout [ 1139.392472][T18347] vivid-007: ================= START STATUS ================= [ 1139.437198][T18347] vivid-007: Generate PTS: true [ 1139.467656][T18347] vivid-007: Generate SCR: true [ 1139.481070][T18347] tpg source WxH: 320x240 (Y'CbCr) [ 1139.488971][T18347] tpg field: 1 [ 1139.613761][T18352] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2016'. [ 1139.624069][T18347] tpg crop: (0,0)/320x240 [ 1139.658044][T18347] tpg compose: (0,0)/320x240 [ 1139.671338][T18347] tpg colorspace: 8 [ 1139.671517][T18342] can: request_module (can-proto-0) failed. [ 1139.690155][T18347] tpg transfer function: 0/0 [ 1139.807359][T18347] tpg Y'CbCr encoding: 0/0 [ 1139.811892][T18347] tpg quantization: 0/0 [ 1139.849145][T18347] tpg RGB range: 0/2 [ 1139.915067][T18347] vivid-007: ================== END STATUS ================== [ 1140.258808][T18354] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1143.962142][T18380] FAULT_INJECTION: forcing a failure. [ 1143.962142][T18380] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1143.988924][T18388] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2022'. [ 1143.999334][T18380] CPU: 1 UID: 0 PID: 18380 Comm: syz.1.2020 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1143.999394][T18380] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1143.999406][T18380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1143.999425][T18380] Call Trace: [ 1143.999435][T18380] [ 1143.999446][T18380] dump_stack_lvl+0x100/0x190 [ 1143.999507][T18380] should_fail_ex.cold+0x5/0xa [ 1143.999543][T18380] get_futex_key+0x1d2/0x1620 [ 1143.999584][T18380] ? __pfx_get_futex_key+0x10/0x10 [ 1143.999630][T18380] futex_wait_setup+0x83/0x510 [ 1143.999681][T18380] __futex_wait+0x19f/0x300 [ 1143.999726][T18380] ? __pfx___futex_wait+0x10/0x10 [ 1143.999774][T18380] ? __pfx_futex_wake_mark+0x10/0x10 [ 1143.999820][T18380] ? find_held_lock+0x2b/0x80 [ 1143.999847][T18380] ? futex_wake+0x456/0x530 [ 1143.999894][T18380] futex_wait+0xed/0x380 [ 1143.999935][T18380] ? __pfx_futex_wait+0x10/0x10 [ 1143.999984][T18380] ? ksys_write+0x190/0x250 [ 1144.000011][T18380] ? ksys_write+0x190/0x250 [ 1144.000043][T18380] do_futex+0x1ef/0x350 [ 1144.000080][T18380] ? __pfx_do_futex+0x10/0x10 [ 1144.000125][T18380] __x64_sys_futex+0x34f/0x4d0 [ 1144.000165][T18380] ? __pfx___x64_sys_futex+0x10/0x10 [ 1144.000212][T18380] do_syscall_64+0x106/0xf80 [ 1144.000252][T18380] ? clear_bhb_loop+0x40/0x90 [ 1144.000292][T18380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1144.000323][T18380] RIP: 0033:0x7fba0119c799 [ 1144.000348][T18380] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1144.000387][T18380] RSP: 002b:00007fba01f830e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1144.000418][T18380] RAX: ffffffffffffffda RBX: 00007fba01415fa8 RCX: 00007fba0119c799 [ 1144.000439][T18380] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fba01415fa8 [ 1144.000458][T18380] RBP: 00007fba01415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1144.000477][T18380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1144.000493][T18380] R13: 00007fba01416038 R14: 00007ffd1519f3a0 R15: 00007ffd1519f488 [ 1144.000530][T18380] [ 1144.964753][T18396] openvswitch: netlink: IP tunnel dst address not specified [ 1145.913227][T12620] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 1146.067782][T18419] ------------[ cut here ]------------ [ 1146.074821][T18419] !reader [ 1146.074857][T18419] WARNING: kernel/trace/ring_buffer.c:7407 at ring_buffer_map_get_reader+0x659/0x880, CPU#1: syz.0.2027/18419 [ 1146.089567][T18419] Modules linked in: [ 1146.094516][T18419] CPU: 1 UID: 0 PID: 18419 Comm: syz.0.2027 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1146.105499][T18419] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1146.110704][T18419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1146.120782][T18419] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 1146.127423][T18419] Code: ff e8 1b d5 fb ff 48 8d 3d 54 59 d1 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 f8 d4 fb ff 90 <0f> 0b 90 e8 ef d4 fb ff 48 89 df 31 db e8 e5 0f fe ff 48 8b 74 24 [ 1146.147167][T18419] RSP: 0018:ffffc900033f7d90 EFLAGS: 00010083 [ 1146.153376][T18419] RAX: 000000000000078f RBX: ffff88813fea5000 RCX: ffffc90010faa000 [ 1146.161487][T18419] RDX: 0000000000080000 RSI: ffffffff820c3e88 RDI: ffff888031d25b80 [ 1146.169664][T18419] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 1146.177644][T18419] R10: 0000000000000000 R11: ffff88813fea50b0 R12: ffff88813fea50b0 [ 1146.185758][T18419] R13: dffffc0000000000 R14: ffff88813fea5190 R15: ffff88813fea5018 [ 1146.193751][T18419] FS: 00007f49d01f46c0(0000) GS:ffff88812444c000(0000) knlGS:0000000000000000 [ 1146.202705][T18419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1146.209302][T18419] CR2: 0000001b30cccff8 CR3: 00000000311fc000 CR4: 00000000003526f0 [ 1146.217287][T18419] Call Trace: [ 1146.220571][T18419] [ 1146.223531][T18419] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 1146.229816][T18419] ? __fget_files+0x21f/0x3d0 [ 1146.234520][T18419] tracing_buffers_ioctl+0x30d/0x400 [ 1146.239834][T18419] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 1146.245718][T18419] __x64_sys_ioctl+0x18e/0x210 [ 1146.250553][T18419] do_syscall_64+0x106/0xf80 [ 1146.255182][T18419] ? clear_bhb_loop+0x40/0x90 [ 1146.259911][T18419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1146.265920][T18419] RIP: 0033:0x7f49d239c799 [ 1146.270355][T18419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1146.289987][T18419] RSP: 002b:00007f49d01f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1146.298431][T18419] RAX: ffffffffffffffda RBX: 00007f49d2616270 RCX: 00007f49d239c799 [ 1146.306435][T18419] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 000000000000000a [ 1146.314426][T18419] RBP: 00007f49d2432c99 R08: 0000000000000000 R09: 0000000000000000 [ 1146.322405][T18419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1146.330382][T18419] R13: 00007f49d2616308 R14: 00007f49d2616270 R15: 00007ffd18afdc38 [ 1146.338397][T18419] [ 1146.341439][T18419] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1146.348794][T18419] CPU: 1 UID: 0 PID: 18419 Comm: syz.0.2027 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1146.359926][T18419] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1146.365112][T18419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1146.375257][T18419] Call Trace: [ 1146.378541][T18419] [ 1146.381477][T18419] dump_stack_lvl+0x100/0x190 [ 1146.386197][T18419] vpanic+0x552/0x970 [ 1146.390203][T18419] ? __pfx_vpanic+0x10/0x10 [ 1146.394728][T18419] panic+0xd1/0xe0 [ 1146.398572][T18419] ? __pfx_panic+0x10/0x10 [ 1146.403037][T18419] check_panic_on_warn.cold+0x19/0x34 [ 1146.408528][T18419] ? ring_buffer_map_get_reader+0x659/0x880 [ 1146.414607][T18419] __warn.cold+0x191/0x348 [ 1146.419040][T18419] __report_bug+0x296/0x3d0 [ 1146.423759][T18419] ? ring_buffer_map_get_reader+0x659/0x880 [ 1146.429674][T18419] ? __pfx___report_bug+0x10/0x10 [ 1146.434815][T18419] ? rcu_is_watching+0x12/0xc0 [ 1146.439611][T18419] ? trace_contention_end+0x140/0x180 [ 1146.445017][T18419] ? rb_set_head_page+0x1e6/0x2f0 [ 1146.450145][T18419] ? ring_buffer_map_get_reader+0x659/0x880 [ 1146.456054][T18419] report_bug+0xb2/0x220 [ 1146.460430][T18419] ? ring_buffer_map_get_reader+0x659/0x880 [ 1146.466545][T18419] handle_bug+0x16a/0x2a0 [ 1146.471392][T18419] exc_invalid_op+0x17/0x50 [ 1146.476049][T18419] asm_exc_invalid_op+0x1a/0x20 [ 1146.480925][T18419] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 1146.487889][T18419] Code: ff e8 1b d5 fb ff 48 8d 3d 54 59 d1 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 f8 d4 fb ff 90 <0f> 0b 90 e8 ef d4 fb ff 48 89 df 31 db e8 e5 0f fe ff 48 8b 74 24 [ 1146.507526][T18419] RSP: 0018:ffffc900033f7d90 EFLAGS: 00010083 [ 1146.513736][T18419] RAX: 000000000000078f RBX: ffff88813fea5000 RCX: ffffc90010faa000 [ 1146.521719][T18419] RDX: 0000000000080000 RSI: ffffffff820c3e88 RDI: ffff888031d25b80 [ 1146.529698][T18419] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 1146.537678][T18419] R10: 0000000000000000 R11: ffff88813fea50b0 R12: ffff88813fea50b0 [ 1146.545862][T18419] R13: dffffc0000000000 R14: ffff88813fea5190 R15: ffff88813fea5018 [ 1146.553872][T18419] ? ring_buffer_map_get_reader+0x658/0x880 [ 1146.560175][T18419] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 1146.566469][T18419] ? __fget_files+0x21f/0x3d0 [ 1146.571200][T18419] tracing_buffers_ioctl+0x30d/0x400 [ 1146.576715][T18419] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 1146.582655][T18419] __x64_sys_ioctl+0x18e/0x210 [ 1146.587547][T18419] do_syscall_64+0x106/0xf80 [ 1146.592196][T18419] ? clear_bhb_loop+0x40/0x90 [ 1146.596904][T18419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1146.602900][T18419] RIP: 0033:0x7f49d239c799 [ 1146.607339][T18419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1146.627159][T18419] RSP: 002b:00007f49d01f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1146.635606][T18419] RAX: ffffffffffffffda RBX: 00007f49d2616270 RCX: 00007f49d239c799 [ 1146.643646][T18419] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 000000000000000a [ 1146.651749][T18419] RBP: 00007f49d2432c99 R08: 0000000000000000 R09: 0000000000000000 [ 1146.659780][T18419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1146.667792][T18419] R13: 00007f49d2616308 R14: 00007f49d2616270 R15: 00007ffd18afdc38 [ 1146.675821][T18419] [ 1146.679178][T18419] Kernel Offset: disabled [ 1146.683516][T18419] Rebooting in 86400 seconds..