last executing test programs: 1m35.628502574s ago: executing program 2 (id=415): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) pread64$auto(r0, &(0x7f0000000040)='uete1\x00', 0x200000000006, 0x7) ioctl$auto_FS_IOC_UNRESVSP64(r0, 0x4030582b, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x3, 0x6) r2 = socket(0x2, 0x1, 0x0) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) write$auto(r1, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0xcb) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0xb2c, 0x2, 0x20000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) write$auto(0x3, 0x0, 0x100085) 1m35.120752986s ago: executing program 2 (id=418): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/modules\x00', 0x88880, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/rds/tcp/rds_tcp_sndbuf\x00', 0x40601, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socket(0xa, 0x5, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r2 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x80000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 1m34.703766755s ago: executing program 2 (id=422): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x6, 0x5, 0x8) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x0, 0x0, 0xf8a5, 0xb}, 0x800008}, 0x6, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) listen$auto(0x3, 0x81) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_11={0x1, 0x6, 0x6, 0x7, 0x1bb080, 0x97, 0xff, r1}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) rt_tgsigqueueinfo$auto(0x3, 0x96, 0x7, &(0x7f0000000180)={@siginfo_0_0={0x0, 0x9c2a, 0xffffffff, @_sigsys={0x0, 0x5d35, 0x6}}}) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x8040) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m33.63155691s ago: executing program 2 (id=425): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) setsockopt$auto_SO_CNX_ADVICE(r0, 0xfff, 0x35, &(0x7f0000001500)='\x00', 0x9) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000025, 0x0) fsopen$auto(0x0, 0x1) syz_genetlink_get_family_id$auto_ipvs(0x0, r1) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r0, 0x0, 0x40011) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) process_vm_readv$auto(0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x2) execveat$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80) statx$auto(0xffffffffffffff9c, 0x0, 0x0, 0x9000000, &(0x7f0000001280)={0x4, 0xac, 0xfffffffffffffffb, 0x1, 0xee00, 0x0, 0x7, 0x100, 0xa, 0x8001, 0x2, 0x0, {0x4, 0x7}, {0x3, 0x3274925}, {0x1, 0x4}, {0x180000000000000, 0x400}, 0x10001, 0x3, 0x8, 0x727, 0x33, 0x8, 0xfffffffd, 0xfffffffffffffffd, 0xfffffffe, 0x401, 0x3, 0xc58, [0x5, 0xa71d, 0x7df5, 0x6, 0x9, 0x0, 0x8000, 0x6, 0x81]}) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 1m31.80447518s ago: executing program 2 (id=429): bpf$auto(0x21, &(0x7f0000000080)=@enable_stats={0x5}, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D3\x00', 0x20c00, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000700)={0x18, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x48000}, 0x4000) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) wait4$auto(0x80000000, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop10/queue/add_random\x00', 0x80302, 0x0) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) bpf$auto(0x3, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x8, 0x10017, 0x8020000000a, 0x2, 0x5f, 0x20000000000803, 0x3}, 0x6f0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) 1m29.283875784s ago: executing program 2 (id=435): r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) mbind$auto(0x4, 0x8, 0x3, &(0x7f00000002c0)=0x30, 0x800, 0x8) sendmsg$auto_NET_SHAPER_CMD_DELETE(r1, 0x0, 0x4004) msgsnd$auto(0x2, &(0x7f0000000300)={0x4, 0x9}, 0x65, 0xfffffffd) fsconfig$auto(r1, 0x2, &(0x7f0000000180)='\x00', &(0x7f0000000580)="10ab6b39a25e5d9c4947936e05c1ebf9895356b0a5fc915241b26bebe1bf3648ecb6260c4d40bcaaf9620450e0f236d9cf2e9bfa15663032904f14a0bfebeb6f41d8f77bd0bca982dfe6b49e308e606721133b53711ed21bb9e1e32f4be7a7c60b1e11a84523b8f0f030b169292f0b65a26107a850d0b970a474f1e71b47", 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=ANY=[@ANYBLOB="20010000", @ANYRES16=0x0, @ANYBLOB="020028bd7000fcdbdf250e000000", @ANYRES32=r2, @ANYBLOB="feecfe6137558008", @ANYRES32=r4, @ANYBLOB="9ccf332a704a94d2e1e0187d742fe21d7e2b0402523713af3edb72728db6b522f09fa5fcb5b2414dd7260ba80ac51a2956b49a888fd6a1dd44ab94a164c423fd126f8f76cfabf2e15d6526c3a4178460cd92e04941e4c50fbef21b429c6919ea9e6136290323c5a49c4a92e1be02e00929e5de4911ef589c3c99d62bc216cd130220822310a1173ca8c51449c54d4710dd4d19a2e813ac3d44da35ee58206e88349747f1642046fbf31bcb52"], 0x120}, 0x1, 0x0, 0x0, 0x44}, 0x20000800) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, 0x0, 0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@prog_fd, @target_ifindex=r5, 0x3, 0x81, @uprobe_multi={0x3, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x96) 1m14.092565575s ago: executing program 32 (id=435): r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) mbind$auto(0x4, 0x8, 0x3, &(0x7f00000002c0)=0x30, 0x800, 0x8) sendmsg$auto_NET_SHAPER_CMD_DELETE(r1, 0x0, 0x4004) msgsnd$auto(0x2, &(0x7f0000000300)={0x4, 0x9}, 0x65, 0xfffffffd) fsconfig$auto(r1, 0x2, &(0x7f0000000180)='\x00', &(0x7f0000000580)="10ab6b39a25e5d9c4947936e05c1ebf9895356b0a5fc915241b26bebe1bf3648ecb6260c4d40bcaaf9620450e0f236d9cf2e9bfa15663032904f14a0bfebeb6f41d8f77bd0bca982dfe6b49e308e606721133b53711ed21bb9e1e32f4be7a7c60b1e11a84523b8f0f030b169292f0b65a26107a850d0b970a474f1e71b47", 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=ANY=[@ANYBLOB="20010000", @ANYRES16=0x0, @ANYBLOB="020028bd7000fcdbdf250e000000", @ANYRES32=r2, @ANYBLOB="feecfe6137558008", @ANYRES32=r4, @ANYBLOB="9ccf332a704a94d2e1e0187d742fe21d7e2b0402523713af3edb72728db6b522f09fa5fcb5b2414dd7260ba80ac51a2956b49a888fd6a1dd44ab94a164c423fd126f8f76cfabf2e15d6526c3a4178460cd92e04941e4c50fbef21b429c6919ea9e6136290323c5a49c4a92e1be02e00929e5de4911ef589c3c99d62bc216cd130220822310a1173ca8c51449c54d4710dd4d19a2e813ac3d44da35ee58206e88349747f1642046fbf31bcb52"], 0x120}, 0x1, 0x0, 0x0, 0x44}, 0x20000800) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, 0x0, 0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@prog_fd, @target_ifindex=r5, 0x3, 0x81, @uprobe_multi={0x3, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x96) 23.503565706s ago: executing program 3 (id=663): r0 = socketcall$auto(0x2, 0x0) setsockopt$auto_SO_ATTACH_REUSEPORT_CBPF(r0, 0x81, 0x33, &(0x7f0000000380)='-\'\x00', 0x4) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x5eba82, 0x0) ioctl$auto_BLKALIGNOFF(r1, 0x127a, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x7, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x80100, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000003c0)={"0f388da2cf4d2948e1ca9862fdcbdb886c5819512b017c3770c8d167f5d2147b", 0x0, 0x0, 0xeefd, 0x1, 0x4}) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x4004) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r3, &(0x7f0000007b00)={0x0, 0x0, &(0x7f0000007ac0)={&(0x7f0000007a80)={0x14, r4, 0x311, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) 22.271245624s ago: executing program 3 (id=670): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/kcore\x00', 0x28000, 0x0) pread64$auto(r1, 0x0, 0x800003, 0x270) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x5, 0x109) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x80011, 0x0) write$auto_seq_oss_f_ops_seq_oss(r2, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) shmget$auto(0x100000000, 0x3, 0x79e56dc9) close_range$auto(0x2, 0xa, 0x0) setsockopt$auto(0x3, 0x0, 0xd0, 0xfffffffffffffffc, 0x4) 20.450489778s ago: executing program 3 (id=676): clone3$auto(0x0, 0x40) getrandom$auto(0x0, 0x6000000, 0x3) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) r1 = io_uring_setup$auto(0x1d48, 0x0) prctl$auto(0x5, 0x2, 0x0, 0x0, 0x10000) io_uring_register$auto(r1, 0x15, 0x0, 0x9) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, r2) sendmsg$auto_SMC_PNETID_FLUSH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400006d", @ANYRES16=r0, @ANYBLOB="fb6127bd700000dcdf2504000000"], 0x14}}, 0x20) mmap$auto(0x0, 0x20009, 0xdc, 0xeb1, 0x40000000000a5, 0x7ffe) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x4a0400, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000140)="3318cb") write$auto(r3, 0x0, 0x7fffffff) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) fadvise64$auto_POSIX_FADV_NORMAL(0xffffffffffffffff, 0x9, 0x9, 0x0) 19.156050687s ago: executing program 3 (id=680): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = clone$auto(0x6, 0x8000000000000001, &(0x7f0000000080)=0xcf, &(0x7f00000000c0)=0xffff7fff, 0x1000) prctl$auto(0xa134, 0x22, r1, 0x800, 0x5) socket(0x2, 0x1, 0x106) socket(0x2, 0x3, 0xa) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf4, 0xb0, @raw=0xfffff03c}}) setsockopt$auto(0x4, 0x0, 0x3, &(0x7f0000000000)='!/*:(*\'\x00', 0x800000e) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r0, 0x300000000000) statmount$auto(&(0x7f0000000040)={0xffff, @raw=0xb8, 0x7, 0x4, 0xfffffffffffffff8}, &(0x7f0000000340)={0x3ff, 0x1, 0x7fff, 0x8, 0x6, 0x3, 0x0, 0x5, 0x8, 0x8, 0x3, 0x690, 0x1604000000000, 0x2, 0x100, 0xfff, 0x2, 0x9, 0xfffff1a0, 0x8, 0xc, 0xfff, 0x3, 0x9503, 0x0, 0x9, 0xeb, 0x5c1f, 0x1, 0x9, 0x20000000, [0x9, 0x1ff, 0x8, 0x2, 0x0, 0x2, 0x2, 0x7, 0x6, 0x7f, 0x100, 0x2, 0x9, 0x1, 0x4, 0x3, 0x0, 0x10001, 0x9, 0x5148d73f, 0x7, 0xa5, 0xc, 0x1, 0x8000000000000000, 0x100000000, 0x3, 0x80000001, 0x2, 0x2, 0x0, 0x9, 0xe23f, 0x7fff, 0x3, 0x0, 0x9, 0x4, 0x6, 0x0, 0x7, 0xfff, 0xffffffff], "0d4da07757fc0a8e5de18bd363ce4cd41558fdae0643974f4f329960f2cb8c8e546a2541ef8227735f9d60e3cb50f6712c580dab3d8d1876a632fbe3c7bc8983b2033f3e94ce99928fb6f63d6a5d00427e16356cd2bb5ac7332f15102dfa643a2ac8b0a2354713be651e33e04d87dc8db31dee05bda730841ad8c01c925cfb6c19c83be19a876ab65f124cbd4bf03702b919"}, 0x6, 0x7) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x63, 0x4000008000001f, 0x7, 0x6d3e, 0x20000009, 0x2, 0x6]}, 0x0) 17.057138058s ago: executing program 3 (id=685): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) getrlimit$auto(0x3, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram1\x00', 0x6281, 0x0) ioctl$auto_BLKZEROOUT(r0, 0x127f, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) lseek$auto(0x3, 0xffffffffff800002, 0x10) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) socket(0x2, 0x5, 0x0) 15.838740021s ago: executing program 3 (id=693): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) unshare$auto(0x40000080) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_XFS_IOC_FSINUMBERS(0xffffffffffffffff, 0xc0205867, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x1) getcwd$auto(0x0, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x10b142, 0x0) socket(0xa, 0x2, 0x73) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec29\x00', 0x8801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto(0x3, 0xae41, r1) 12.337969675s ago: executing program 0 (id=701): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/controlC1\x00', 0x62c620, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f00000004c0)={{@raw=0x5, 0xffffff7d, 0xa, 0xfffffffc, "50ddcc2d0a7b79ca0e62e667b5000000000000000000000000000000000100ffffffffffffffe700", @inferred=0xffffffffffffffff}, 0x1, @integer64=@value=[0x1, 0x9, 0x6b92, 0x6, 0xfffffffffffffffe, 0x7fffffff, 0x1, 0x5, 0xc, 0xffffffffffffff30, 0x6, 0x2000000002, 0x8, 0x7c1, 0x2, 0x8, 0x2, 0x2, 0xca1, 0xfffffffffffffffc, 0xffffffff00000001, 0x2, 0xffff, 0x6, 0x6, 0xc, 0x4, 0x93, 0xaa, 0x4, 0x2, 0x81, 0x7, 0x8003, 0x749, 0x3, 0x4, 0x7, 0x1, 0x3, 0x9186, 0x1000000003, 0x1, 0x1, 0x8, 0x6, 0x345f, 0x3, 0x4, 0x7fff, 0x3, 0x1, 0xaa7, 0x0, 0xfffffffffffff41f, 0xb0, 0x8000000e36c, 0x22e, 0x9, 0x10000000, 0xaca7, 0xf3c, 0x9660, 0x9], "bee8fd3b16a97731269aff7312ae1a01006266a3bde1f332e1078696becfd044280e7fb7719d4362b09d9f6cb070bad3af7185ae1e691c585914c0b11dd65468fb68dfc32254d8ed55c8d806a2ef4bba7bc65cd90676ce6dec79ff2f44034ad55049ff128dd27f04ac14d8dbaffacc77596ca0dffa00"}) mremap$auto(0x110c230000, 0x0, 0x2000101, 0x3, 0xf000) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/mem\x00', 0x68200, 0x0) readv$auto(r2, &(0x7f0000000700)={0x0, 0x6}, 0x3) fsopen$auto(0xfffffffffffffffd, 0x8) unshare$auto(0x0) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x5453, 0x0) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_DEL_RADIO(r0, &(0x7f0000001a00)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_ID={0x8, 0xa, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000010) socket(0x10, 0x2, 0x0) open_by_handle_at$auto(r0, &(0x7f0000000140)={0xa3, 0x1f5, "c16de251ef28fd3c8c3344e1d61155e496668c6cd3afd5cfc30446470486e025685aaef1ca384331066efa213baf72dba72831a660dbc648aea5444fdc5c2fbe091de795eb0d4dc506da8d538b49c0ea7bfde75b03bba6783392f0c3caa8db5a5c6fb061e02e6b970c85cee3cdc141a5980f7efdcfe1b9703c743faf35ee592d93c28fbb1553b38f84fd6dea91e8f631356449983958778538a744fb896765ac9ebf2e"}, 0x3) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r4 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x10e, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r4, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0xcb}, 0x3, 0x0, 0x0, 0x6}, 0x9}, 0x7, 0x6, 0x0) 11.560814353s ago: executing program 1 (id=702): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) pread64$auto(r0, &(0x7f0000000040)='uete1\x00', 0x200000000006, 0x7) ioctl$auto_FS_IOC_UNRESVSP64(r0, 0x4030582b, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0xb2c, 0x2, 0x20000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) write$auto(0x3, 0x0, 0x100085) 11.432991377s ago: executing program 0 (id=703): mmap$auto(0xcf, 0x400aaf, 0x4000000000df, 0x40200000000ebd, 0xffffffffffffffff, 0xa000) socketpair$auto(0xb, 0xd, 0xfffffffd, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x50000, 0x3797, 0x200000020120002, 0x9000000eb1, r0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14be02, 0x0) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x7111}, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ttynull\x00', 0x101000, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r2, 0x5412, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x10) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 10.535372339s ago: executing program 0 (id=705): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/kcore\x00', 0x28000, 0x0) pread64$auto(r1, 0x0, 0x800003, 0x270) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x5, 0x109) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x80011, 0x0) write$auto_seq_oss_f_ops_seq_oss(r2, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) shmget$auto(0x100000000, 0x3, 0x79e56dc9) close_range$auto(0x2, 0xa, 0x0) setsockopt$auto(0x3, 0x0, 0xd0, 0xfffffffffffffffc, 0x4) 10.50560685s ago: executing program 1 (id=706): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4241, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x18ab82, 0x0) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x7, 0x0) io_uring_register$auto(r0, 0x8, &(0x7f0000001100), 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) ioctl$auto(0x3, 0x80004508, 0x10000000000402) fcntl$auto_F_SETSIG(0xffffffffffffffff, 0xa, 0x400000000000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x6}, 0x8000000000001b) unshare$auto(0x40000080) mmap$auto(0x1, 0x0, 0x44000000000dd, 0x15, 0x401, 0x7fff) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x85}, 0x8, 0x7) msgsnd$auto(0x0, &(0x7f0000000040)={0x40000007fc, 0x7}, 0x400, 0x2) ioctl$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x4, &(0x7f0000000280)="f26891cb2ed18376017ff1ab12c1792935603a41d4aa06cb408af493565f5f681a8ea3c393851f3e9e9ff18e46c874829f4690aa9deb4ce9ff6524a4e182a843681ee75966c8d0e7e77d777a1531cdc6faff458cf96f44dab5415092292166f727df1ee0ae366beace4eb1de82c93a7f5f0a839fe922f2b3393f4df6af12803213f171c129cc17d13400c1da13f077dfa7251c1a477921e24f5cdc93dd2292daaee610ad261965c267f6a73a") read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00<\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t+\xe4\xc2\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) msgrcv$auto(0x0, 0x0, 0x4bd, 0x1, 0xf1) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) 9.506018595s ago: executing program 1 (id=707): socket(0x11, 0x80003, 0x300) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_enter$auto(0xffffffffffffffff, 0x7, 0x2, 0x10, 0x0, 0xf2a7214) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x8fb5) fcntl$auto(0x0, 0x408, 0x100000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 9.43878511s ago: executing program 4 (id=708): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) pread64$auto(r0, &(0x7f0000000040)='uete1\x00', 0x200000000006, 0x7) ioctl$auto_FS_IOC_UNRESVSP64(r0, 0x4030582b, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x3, 0x6) r2 = socket(0x2, 0x1, 0x0) write$auto(r1, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0xcb) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0xb2c, 0x2, 0x20000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) write$auto(0x3, 0x0, 0x100085) 8.767503477s ago: executing program 4 (id=709): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/modules\x00', 0x88880, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/rds/tcp/rds_tcp_sndbuf\x00', 0x40601, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socket(0xa, 0x5, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r2 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x80000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 8.456412766s ago: executing program 1 (id=710): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x3f, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000240)={0x0, 0x7}, 0x3) shmctl$auto_SHM_UNLOCK(0x2, 0xc, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/system/node/node1/hugepages/hugepages-1048576kB/demote\x00', 0x183841, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) read$auto(r3, 0x0, 0xfffffdef) read$auto(0x3, 0x0, 0x5) ioctl$auto(0x3, 0x402c542b, 0x38) ioctl$auto_TIOCSTI2(r3, 0x5412, 0x0) 8.44587529s ago: executing program 4 (id=711): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) write$auto(r0, &(0x7f0000000100)='/dev/audio1\x00\xf6\x89\t\xb6t\xae\x12Q\x15E O\xd8\x8d/\xd9\x13\v_\xbcTd\xe0DS\xef?f\xf1ou\xa4W&^\x80\xb2}\x96K\x16*\xa0\x10[8\xa3\x86\x9a3\xc1\xf7\x89x; 4\x8d,U\xa2\xd8\xd5\xfd\xf8\xd8\xb0\xe0W\xad\xe7\x05l*\xc5Z\x8d\xc88}n\x81\tK\x00\x12\xae\xff\xe5\xf1\xb5w\x81$\xd4\xca\xbe&\x195\xc1\xda>\x8c\x89P\xa1\xdb\xb4g9E\xc8\x92\xf6m\x1c\x9b\xebAzeI\xcb\x16f\xc0@\x978x\xbe\x15\'\xc6d}\xc2\xd3\x9f\xc5F8\x15f\x90\xa2\x84', 0x6051) readv$auto(0x3, 0x0, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) shmctl$auto_SHM_INFO(0x0, 0xe, &(0x7f0000000340)={{0x3, 0xffffffffffffffff, 0xffffffffffffffff, 0xff, 0x4, 0x2, 0x3}, 0x0, 0x4c, 0xfffffffffffffffe, 0x6, @inferred, @inferred=0xffffffffffffffff, 0xf29, 0x0, &(0x7f00000001c0)="783374976bc57458676fe4a6a582084b4711212a6d5e5d59c35a97ed9276a2f21fdda9c700c6d5eca67f66bab1b05c1e49957dea0025b585bb057a8f5bf807fc285a0572d0dc6dfdca791b75b7167599982b7c2e74002846d0c276f2175280ee0e33e3e2e0cfcb3f16ae4907eab39d01e2963e24fede869a4b7a09ed0f42355eae2fcd2c06a627a7a063d9cba2cecabb7f5e0f125ec0c0ca7ec14b6359c8513eb3a7eab8c4b25443aa9f6b011a956658e8fa4cd0b76fc8ac8d9b501730f14a09281c7a27944566", &(0x7f00000002c0)="cae4ce1b68d04a281469c9e7f0050860b0a7f842f305f203f9321d4dc5cc51f08bf1b972b76d62bb6b152627ed5db9e04c6b387d5c92cbd50030164d4df5116e3037f05ef282e8"}) msync$auto(0x0, 0xe0, 0x6) 8.282897912s ago: executing program 0 (id=712): mmap$auto(0x0, 0x7fffffffffffffff, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x1000000003b, 0x3, 0x0, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) symlink$auto(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00') r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008011, 0x4, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x18, 0xa, 0x1) fchdir$auto(0xffffffffffffffff) unshare$auto(0x8000000) semget$auto(0x0, 0x2e4a, 0x8000) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1f4, 0x0) unshare$auto(0x8000400) 7.245848587s ago: executing program 1 (id=713): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) prlimit64$auto(0xffffffffffffffff, 0x101, 0x0, 0x0) write$auto_ftrace_subsystem_filter_fops_trace_events(r0, &(0x7f0000000240)="8f0447fef2afea7e35a0274f508a73119aff3bc0528f45fd27fea1bb4baa95f757cf9e57a14e04353736f4a23ce2a531c678ed7d6d28d43aaea2a69abe3e93453380adf35653f5875227ce319330afe5e4cc7601a8eccbb3729f9869ca35edaf6343e41fe91304ef53273ed0943b28e00e9c2f919d54fe990911e4c265c3d23eb66229", 0x83) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x8000000000000001, 0x2020009, 0x3, 0x1fb, 0xfffffffffffffffa, 0xc000000000000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, 0x0, 0x2) ioctl$auto_FS_IOC_FSGETXATTR(r1, 0x801c581f, 0xa) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/err_count\x00', 0x800, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r2, 0x127f, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) madvise$auto(0x0, 0x2000000080000001, 0x3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) write$auto_tap_fops_tap(r3, &(0x7f0000000000)="c6c45342f36d76e12eaa55e1d6f56e36b2641f6f81fa48a1243798eb218435a659637ceb5ff4b2089e31", 0x2a) shutdown$auto(r3, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/slab/kmalloc-64/total_objects\x00', 0x80000, 0x0) 6.797934328s ago: executing program 4 (id=714): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) socket(0xa, 0x1, 0x84) close_range$auto(0x2, r0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/net/ip6_mr_vif\x00', 0x480, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/blkio.bfq.weight\x00', 0x8001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0x181840, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/mountinfo\x00', 0x28c40, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x60540, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x5, 0x100000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pts/ptmx\x00', 0x80, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) io_uring_setup$auto(0xa, 0x0) read$auto(r0, 0x0, 0x83) close_range$auto(0x2, 0x8, 0x0) 6.346562231s ago: executing program 4 (id=715): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) pread64$auto(r0, &(0x7f0000000040)='uete1\x00', 0x200000000006, 0x7) ioctl$auto_FS_IOC_UNRESVSP64(r0, 0x4030582b, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x3, 0x6) r2 = socket(0x2, 0x1, 0x0) write$auto(r1, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0xcb) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0xb2c, 0x2, 0x20000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) write$auto(0x3, 0x0, 0x100085) 6.329558392s ago: executing program 0 (id=723): socket(0x6, 0x3, 0x37) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x26, 0x5, 0x8c68) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x101e41, 0x0) ioperm$auto(0x4, 0x100000001, 0x4000005) futex_waitv$auto(0x0, 0x7ff, 0x8, &(0x7f00000000c0)={0x1000000004, 0x10}, 0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x74c40, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x7, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r4 = ioctl$auto_TUNATTACHFILTER(r0, 0x401054d5, 0x0) ioctl$auto_virtual_ncidev_fops_virtual_ncidev(r4, 0x6, 0x0) r5 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r5, 0x40146f2c, 0x0) unshare$auto(0x40000080) setsockopt$auto(r1, 0xd0, 0x800000e4, 0x0, 0x569) 456.450721ms ago: executing program 33 (id=693): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) unshare$auto(0x40000080) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_XFS_IOC_FSINUMBERS(0xffffffffffffffff, 0xc0205867, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x1) getcwd$auto(0x0, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x10b142, 0x0) socket(0xa, 0x2, 0x73) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec29\x00', 0x8801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto(0x3, 0xae41, r1) 1.099581ms ago: executing program 0 (id=717): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/modules\x00', 0x88880, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/rds/tcp/rds_tcp_sndbuf\x00', 0x40601, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socket(0xa, 0x5, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r2 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x80000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 531.673µs ago: executing program 1 (id=718): mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x40000b, 0xdf, 0x9b72, 0x2, 0x108000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) futex$auto(0x0, 0x1, 0x40000006, 0x0, 0x0, 0x80000001) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96) mmap$auto(0x0, 0x400, 0xfffffffffffffffa, 0xeb1, 0x401, 0x8000) madvise$auto(0x4, 0x2004, 0x15) 0s ago: executing program 4 (id=725): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x801, 0x100) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) pwrite64$auto(0xc8, 0x0, 0xfdf0, 0x39) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x400002) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) prctl$auto(0x43, 0xe, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.55' (ED25519) to the list of known hosts. [ 87.866022][ T5810] cgroup: Unknown subsys name 'net' [ 87.962645][ T5810] cgroup: Unknown subsys name 'cpuset' [ 87.974091][ T5810] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 89.809394][ T5810] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.074116][ T5826] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.084246][ T5826] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.113188][ T5829] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.121512][ T5829] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 92.130275][ T5829] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 92.148848][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 92.156796][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 92.166588][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 92.174920][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.183318][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.186050][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.198623][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 92.199275][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.211706][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 92.216670][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.220664][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.234903][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 92.236668][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 92.262917][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.274269][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.883004][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 92.952645][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 92.989535][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 93.125507][ T5821] chnl_net:caif_netlink_parms(): no params data found [ 93.178574][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.185798][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.193604][ T5828] bridge_slave_0: entered allmulticast mode [ 93.201864][ T5828] bridge_slave_0: entered promiscuous mode [ 93.267443][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.274738][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.282173][ T5828] bridge_slave_1: entered allmulticast mode [ 93.289727][ T5828] bridge_slave_1: entered promiscuous mode [ 93.298477][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.305658][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.313023][ T5823] bridge_slave_0: entered allmulticast mode [ 93.320882][ T5823] bridge_slave_0: entered promiscuous mode [ 93.365526][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.373020][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.380644][ T5823] bridge_slave_1: entered allmulticast mode [ 93.388204][ T5823] bridge_slave_1: entered promiscuous mode [ 93.402758][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.410043][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.417288][ T5827] bridge_slave_0: entered allmulticast mode [ 93.425009][ T5827] bridge_slave_0: entered promiscuous mode [ 93.463564][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.471066][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.478620][ T5827] bridge_slave_1: entered allmulticast mode [ 93.486022][ T5827] bridge_slave_1: entered promiscuous mode [ 93.496611][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.541762][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.554571][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.604538][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.640186][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.674200][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.681566][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.688963][ T5821] bridge_slave_0: entered allmulticast mode [ 93.696463][ T5821] bridge_slave_0: entered promiscuous mode [ 93.706809][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.719108][ T5828] team0: Port device team_slave_0 added [ 93.738667][ T5823] team0: Port device team_slave_0 added [ 93.744996][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.752416][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.759863][ T5821] bridge_slave_1: entered allmulticast mode [ 93.767226][ T5821] bridge_slave_1: entered promiscuous mode [ 93.781569][ T5828] team0: Port device team_slave_1 added [ 93.800273][ T5823] team0: Port device team_slave_1 added [ 93.807760][ T5827] team0: Port device team_slave_0 added [ 93.851338][ T5827] team0: Port device team_slave_1 added [ 93.906946][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.914261][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.940325][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.955117][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.965810][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.973152][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.999244][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.023668][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.030784][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.057754][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.071601][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.081591][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.089088][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.115090][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.134259][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.141388][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.167576][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.187372][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.194478][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.220613][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.271152][ T5821] team0: Port device team_slave_0 added [ 94.278894][ T5143] Bluetooth: hci1: command tx timeout [ 94.284957][ T5836] Bluetooth: hci3: command tx timeout [ 94.304527][ T5821] team0: Port device team_slave_1 added [ 94.358666][ T5143] Bluetooth: hci2: command tx timeout [ 94.364586][ T5836] Bluetooth: hci0: command tx timeout [ 94.411073][ T5823] hsr_slave_0: entered promiscuous mode [ 94.417762][ T5823] hsr_slave_1: entered promiscuous mode [ 94.443930][ T5828] hsr_slave_0: entered promiscuous mode [ 94.450681][ T5828] hsr_slave_1: entered promiscuous mode [ 94.457078][ T5828] debugfs: 'hsr0' already exists in 'hsr' [ 94.463304][ T5828] Cannot create hsr debugfs directory [ 94.475913][ T5827] hsr_slave_0: entered promiscuous mode [ 94.482920][ T5827] hsr_slave_1: entered promiscuous mode [ 94.489377][ T5827] debugfs: 'hsr0' already exists in 'hsr' [ 94.495144][ T5827] Cannot create hsr debugfs directory [ 94.515880][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.523069][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.549286][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.562244][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.569361][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 94.596171][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.802063][ T5821] hsr_slave_0: entered promiscuous mode [ 94.809189][ T5821] hsr_slave_1: entered promiscuous mode [ 94.815429][ T5821] debugfs: 'hsr0' already exists in 'hsr' [ 94.821295][ T5821] Cannot create hsr debugfs directory [ 95.217109][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.232390][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.244208][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.257115][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 95.339208][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.356143][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.369505][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.384040][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.495301][ T5828] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 95.506675][ T5828] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 95.518734][ T5828] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 95.531444][ T5828] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 95.652488][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.678754][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.692222][ T5821] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 95.704562][ T5821] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 95.738977][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.746256][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.757243][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.764451][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.780210][ T5821] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.804744][ T5821] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.889741][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.969944][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.996660][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.022931][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.030277][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.052849][ T169] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.060146][ T169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.090699][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.151566][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.158847][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.183755][ T152] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.191057][ T152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.331666][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.359298][ T5836] Bluetooth: hci3: command tx timeout [ 96.364801][ T5836] Bluetooth: hci1: command tx timeout [ 96.435745][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.448341][ T5836] Bluetooth: hci0: command tx timeout [ 96.449459][ T5143] Bluetooth: hci2: command tx timeout [ 96.491876][ T169] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.499171][ T169] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.547250][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.571178][ T169] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.578428][ T169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.761008][ T5827] veth0_vlan: entered promiscuous mode [ 96.822095][ T5827] veth1_vlan: entered promiscuous mode [ 96.904180][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.965786][ T5827] veth0_macvtap: entered promiscuous mode [ 96.977185][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.993437][ T5827] veth1_macvtap: entered promiscuous mode [ 97.083420][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.117092][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.130495][ T5823] veth0_vlan: entered promiscuous mode [ 97.155180][ T5828] veth0_vlan: entered promiscuous mode [ 97.172254][ T24] cfg80211: failed to load regulatory.db [ 97.181228][ T169] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.194705][ T169] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.216936][ T169] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.226737][ T169] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.244528][ T5823] veth1_vlan: entered promiscuous mode [ 97.283253][ T5828] veth1_vlan: entered promiscuous mode [ 97.316394][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.408729][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.416770][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.470338][ T5823] veth0_macvtap: entered promiscuous mode [ 97.501734][ T5828] veth0_macvtap: entered promiscuous mode [ 97.511448][ T5823] veth1_macvtap: entered promiscuous mode [ 97.540495][ T3476] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.548893][ T3476] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.556695][ T5828] veth1_macvtap: entered promiscuous mode [ 97.586171][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.624300][ T5821] veth0_vlan: entered promiscuous mode [ 97.643681][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.659644][ T5827] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.695475][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.713982][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.726728][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.738860][ T5821] veth1_vlan: entered promiscuous mode [ 97.752084][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.770163][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.789240][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.843628][ T49] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.860401][ T49] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.898659][ T49] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.947097][ T49] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.999659][ T5821] veth0_macvtap: entered promiscuous mode [ 98.021241][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 98.097838][ T5821] veth1_macvtap: entered promiscuous mode [ 98.167296][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.285947][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.295096][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.307203][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.349961][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.357860][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.368636][ T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.418498][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.427341][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.452551][ T5143] Bluetooth: hci1: command tx timeout [ 98.452570][ T5836] Bluetooth: hci3: command tx timeout [ 98.473237][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.483966][ T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.492747][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.518606][ T5836] Bluetooth: hci0: command tx timeout [ 98.520960][ T5143] Bluetooth: hci2: command tx timeout [ 98.691188][ T152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.718098][ T152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.825020][ T3476] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.857541][ T3476] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.931353][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.942627][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.148303][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.200069][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 99.208921][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.218187][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.358979][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.367334][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.518464][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.527210][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.558025][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 99.870124][ T5924] syz.0.1 (5924) used greatest stack depth: 18120 bytes left [ 100.336307][ T5940] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 100.519862][ T5143] Bluetooth: hci3: command tx timeout [ 100.519899][ T5836] Bluetooth: hci1: command tx timeout [ 100.598534][ T5836] Bluetooth: hci2: command tx timeout [ 100.600308][ T5143] Bluetooth: hci0: command tx timeout [ 100.646243][ T5945] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 102.264984][ T5958] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.973361][ T5985] Console: switching to colour VGA+ 80x25 [ 104.149725][ T5985] Console: switching to colour frame buffer device 128x48 [ 104.804189][ T5993] Zero length message leads to an empty skb [ 106.035480][ T6004] sd 0:0:1:0: PR command failed: 1026 [ 106.045941][ T6004] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 106.054135][ T6004] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 106.075162][ T6004] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 106.187526][ T6004] can0: slcan on ttyS2. [ 106.551466][ T6011] syz.0.20 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 106.630972][ T6003] can0 (unregistered): slcan off ttyS2. [ 108.359820][ T6051] syz.3.25 uses obsolete (PF_INET,SOCK_PACKET) [ 111.069023][ T6097] can: request_module (can-proto-4) failed. [ 111.478212][ T5143] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 115.206551][ T6169] Console: switching to colour VGA+ 80x25 [ 115.728890][ T6170] Console: switching to colour frame buffer device 128x48 [ 116.500114][ T6187] netlink: 25 bytes leftover after parsing attributes in process `syz.2.49'. [ 120.026831][ T6237] netlink: 25 bytes leftover after parsing attributes in process `syz.0.60'. [ 121.014833][ T6255] binder: 6254:6255 ioctl c018620c 2000000000c0 returned -22 [ 127.247467][ T6354] netlink: 4 bytes leftover after parsing attributes in process `syz.2.91'. [ 127.281881][ T6354] netlink: 13 bytes leftover after parsing attributes in process `syz.2.91'. [ 132.096186][ T6414] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 133.008877][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.015477][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.488022][ T6502] capability: warning: `syz.1.123' uses 32-bit capabilities (legacy support in use) [ 140.653921][ T6507] ptp ptp0: new virtual clock ptp1 [ 140.701758][ T6507] ptp ptp0: new virtual clock ptp2 [ 140.727154][ T6507] ptp ptp0: new virtual clock ptp3 [ 140.788280][ T6507] ptp ptp0: guarantee physical clock free running [ 141.949593][ T6518] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 145.474219][ T6588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.138'. [ 145.524364][ T6588] netlink: 354 bytes leftover after parsing attributes in process `syz.2.138'. [ 146.480874][ T6604] FAULT_INJECTION: forcing a failure. [ 146.480874][ T6604] name fail_futex, interval 1, probability 0, space 0, times 1 [ 146.528939][ T6604] CPU: 1 UID: 0 PID: 6604 Comm: syz.2.145 Not tainted syzkaller #0 PREEMPT(full) [ 146.528980][ T6604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 146.529005][ T6604] Call Trace: [ 146.529014][ T6604] [ 146.529025][ T6604] dump_stack_lvl+0x100/0x190 [ 146.529094][ T6604] should_fail_ex.cold+0x5/0xa [ 146.529129][ T6604] get_futex_key+0x1d2/0x1620 [ 146.529167][ T6604] ? __pfx_get_futex_key+0x10/0x10 [ 146.529203][ T6604] ? find_held_lock+0x2b/0x80 [ 146.529237][ T6604] futex_wake+0xea/0x530 [ 146.529283][ T6604] ? __mutex_unlock_slowpath+0x15c/0x790 [ 146.529324][ T6604] ? __pfx_futex_wake+0x10/0x10 [ 146.529373][ T6604] ? find_held_lock+0x2b/0x80 [ 146.529397][ T6604] ? __might_fault+0xc5/0x140 [ 146.529442][ T6604] do_futex+0x32b/0x350 [ 146.529481][ T6604] ? __pfx_do_futex+0x10/0x10 [ 146.529517][ T6604] ? snd_pcm_oss_ioctl+0x2b6/0x3720 [ 146.529551][ T6604] __x64_sys_futex+0x34f/0x4d0 [ 146.529592][ T6604] ? __pfx___x64_sys_futex+0x10/0x10 [ 146.529642][ T6604] do_syscall_64+0x106/0xf80 [ 146.529675][ T6604] ? clear_bhb_loop+0x40/0x90 [ 146.529717][ T6604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.529746][ T6604] RIP: 0033:0x7f9a9d79c799 [ 146.529774][ T6604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 146.529805][ T6604] RSP: 002b:00007f9a9e6330e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 146.529832][ T6604] RAX: ffffffffffffffda RBX: 00007f9a9da16098 RCX: 00007f9a9d79c799 [ 146.529851][ T6604] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9a9da1609c [ 146.529868][ T6604] RBP: 00007f9a9da16090 R08: 0000000000000000 R09: 0000000000000000 [ 146.529885][ T6604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.529902][ T6604] R13: 00007f9a9da16128 R14: 00007ffe2a31bf90 R15: 00007ffe2a31c078 [ 146.529939][ T6604] [ 147.791354][ T6613] netlink: 4 bytes leftover after parsing attributes in process `syz.2.147'. [ 147.846375][ T6613] netlink: 'syz.2.147': attribute type 2 has an invalid length. [ 147.859983][ T6613] netlink: 'syz.2.147': attribute type 3 has an invalid length. [ 147.867712][ T6613] netlink: 51505 bytes leftover after parsing attributes in process `syz.2.147'. [ 148.685903][ T6616] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 150.241237][ T6632] can: request_module (can-proto-0) failed. [ 151.368677][ T6649] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 152.322309][ T6662] binder: 6659:6662 ioctl c018620c 0 returned -1 [ 156.297406][ T6702] FAULT_INJECTION: forcing a failure. [ 156.297406][ T6702] name failslab, interval 1, probability 0, space 0, times 0 [ 156.378957][ T6702] CPU: 1 UID: 0 PID: 6702 Comm: syz.0.178 Not tainted syzkaller #0 PREEMPT(full) [ 156.379001][ T6702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 156.379027][ T6702] Call Trace: [ 156.379038][ T6702] [ 156.379050][ T6702] dump_stack_lvl+0x100/0x190 [ 156.379108][ T6702] should_fail_ex.cold+0x5/0xa [ 156.379147][ T6702] ? udp_init_sock+0x24e/0x450 [ 156.379179][ T6702] should_failslab+0xc2/0x120 [ 156.379215][ T6702] __kmalloc_noprof+0xe0/0x850 [ 156.379264][ T6702] ? lockdep_init_map_type+0x5c/0x250 [ 156.379317][ T6702] udp_init_sock+0x24e/0x450 [ 156.379356][ T6702] ? __pfx_udp_init_sock+0x10/0x10 [ 156.379392][ T6702] inet_create+0x94c/0x1060 [ 156.379445][ T6702] ? inet_create+0x94/0x1060 [ 156.379503][ T6702] __sock_create+0x339/0x860 [ 156.379562][ T6702] udp_sock_create4+0xa6/0x450 [ 156.379604][ T6702] ? __pfx_udp_sock_create4+0x10/0x10 [ 156.379651][ T6702] ? lockdep_hardirqs_on+0x78/0x100 [ 156.379692][ T6702] ? crng_make_state+0x2b0/0x6c0 [ 156.379748][ T6702] rxrpc_open_socket+0x4ef/0x6b0 [ 156.379803][ T6702] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 156.379876][ T6702] ? rcu_is_watching+0x12/0xc0 [ 156.379935][ T6702] rxrpc_lookup_local+0xac7/0x1220 [ 156.379994][ T6702] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 156.380050][ T6702] ? __local_bh_enable_ip+0x9e/0x120 [ 156.380091][ T6702] rxrpc_sendmsg+0x34a/0x680 [ 156.380131][ T6702] sock_write_iter+0x524/0x5a0 [ 156.380183][ T6702] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 156.380216][ T6702] ? __pfx_sock_write_iter+0x10/0x10 [ 156.380281][ T6702] ? bpf_lsm_file_permission+0x9/0x10 [ 156.380334][ T6702] ? security_file_permission+0x76/0x210 [ 156.380380][ T6702] ? rw_verify_area+0xce/0x6d0 [ 156.380431][ T6702] vfs_write+0x6ac/0x1070 [ 156.380484][ T6702] ? __pfx_sock_write_iter+0x10/0x10 [ 156.380540][ T6702] ? __pfx_vfs_write+0x10/0x10 [ 156.380589][ T6702] ? find_held_lock+0x2b/0x80 [ 156.380646][ T6702] ksys_write+0x1f8/0x250 [ 156.380676][ T6702] ? __pfx_ksys_write+0x10/0x10 [ 156.380716][ T6702] do_syscall_64+0x106/0xf80 [ 156.380756][ T6702] ? clear_bhb_loop+0x40/0x90 [ 156.380797][ T6702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.380831][ T6702] RIP: 0033:0x7f020f39c799 [ 156.380859][ T6702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 156.380890][ T6702] RSP: 002b:00007f02101ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 156.380921][ T6702] RAX: ffffffffffffffda RBX: 00007f020f616090 RCX: 00007f020f39c799 [ 156.380942][ T6702] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 156.380962][ T6702] RBP: 00007f020f432c99 R08: 0000000000000000 R09: 0000000000000000 [ 156.380982][ T6702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.381002][ T6702] R13: 00007f020f616128 R14: 00007f020f616090 R15: 00007ffcdde4cc08 [ 156.381045][ T6702] [ 160.405461][ T6735] netlink: 'syz.3.177': attribute type 1 has an invalid length. [ 160.478190][ T6735] netlink: 9 bytes leftover after parsing attributes in process `syz.3.177'. [ 160.738130][ T6734] binder: 6732:6734 ioctl c018620c 0 returned -1 [ 161.131074][ T6743] netlink: 4 bytes leftover after parsing attributes in process `syz.3.180'. [ 161.210570][ T6743] netlink: 25 bytes leftover after parsing attributes in process `syz.3.180'. [ 163.401706][ T6762] netlink: 4 bytes leftover after parsing attributes in process `syz.3.185'. [ 163.474061][ T6762] netlink: 'syz.3.185': attribute type 1 has an invalid length. [ 163.548664][ T6762] netlink: 51505 bytes leftover after parsing attributes in process `syz.3.185'. [ 165.695172][ T6786] netlink: 4 bytes leftover after parsing attributes in process `syz.3.190'. [ 165.704957][ T6786] netlink: 25 bytes leftover after parsing attributes in process `syz.3.190'. [ 171.553290][ T6844] netlink: 4 bytes leftover after parsing attributes in process `syz.1.202'. [ 171.620056][ T6844] netlink: 25 bytes leftover after parsing attributes in process `syz.1.202'. [ 172.199582][ T6858] blktrace: Concurrent blktraces are not allowed on loop2 [ 174.289577][ T6882] netlink: 25 bytes leftover after parsing attributes in process `syz.3.211'. [ 175.254244][ T6896] random: crng reseeded on system resumption [ 175.563473][ T6896] hub 1-0:1.0: USB hub found [ 175.730460][ T6896] hub 1-0:1.0: 1 port detected [ 176.896172][ T6916] netlink: 4 bytes leftover after parsing attributes in process `syz.0.220'. [ 177.878742][ T6933] netlink: 28 bytes leftover after parsing attributes in process `syz.2.225'. [ 179.015856][ T6953] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 179.475990][ T6959] FAULT_INJECTION: forcing a failure. [ 179.475990][ T6959] name failslab, interval 1, probability 0, space 0, times 0 [ 179.505618][ T6959] CPU: 0 UID: 0 PID: 6959 Comm: syz.0.233 Not tainted syzkaller #0 PREEMPT(full) [ 179.505664][ T6959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 179.505689][ T6959] Call Trace: [ 179.505699][ T6959] [ 179.505711][ T6959] dump_stack_lvl+0x100/0x190 [ 179.505768][ T6959] should_fail_ex.cold+0x5/0xa [ 179.505808][ T6959] ? lsm_blob_alloc+0x68/0x90 [ 179.505847][ T6959] should_failslab+0xc2/0x120 [ 179.505883][ T6959] __kmalloc_noprof+0xe0/0x850 [ 179.505944][ T6959] ? down_write_nested+0x14f/0x200 [ 179.506001][ T6959] lsm_blob_alloc+0x68/0x90 [ 179.506042][ T6959] security_sb_alloc+0x25/0x240 [ 179.506089][ T6959] alloc_super+0x24c/0xd20 [ 179.506151][ T6959] ? __pfx_mqueue_fill_super+0x10/0x10 [ 179.506194][ T6959] sget_fc+0x117/0xc70 [ 179.506243][ T6959] ? __pfx_set_anon_super_fc+0x10/0x10 [ 179.506291][ T6959] ? __pfx_mqueue_fill_super+0x10/0x10 [ 179.506333][ T6959] get_tree_nodev+0x28/0x190 [ 179.506385][ T6959] mqueue_get_tree+0xf1/0x130 [ 179.506428][ T6959] vfs_get_tree+0x92/0x320 [ 179.506473][ T6959] fc_mount_longterm+0x1a/0x270 [ 179.506522][ T6959] mq_init_ns+0x482/0x820 [ 179.506574][ T6959] copy_ipcs+0x3dd/0x7e0 [ 179.506627][ T6959] create_new_namespaces+0x20a/0xac0 [ 179.506661][ T6959] ? security_capable+0x80/0x260 [ 179.506711][ T6959] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 179.506749][ T6959] ksys_unshare+0x473/0xad0 [ 179.506793][ T6959] ? __pfx_ksys_unshare+0x10/0x10 [ 179.506850][ T6959] __x64_sys_unshare+0x31/0x40 [ 179.506891][ T6959] do_syscall_64+0x106/0xf80 [ 179.506930][ T6959] ? clear_bhb_loop+0x40/0x90 [ 179.506970][ T6959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.507003][ T6959] RIP: 0033:0x7f020f39c799 [ 179.507029][ T6959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 179.507060][ T6959] RSP: 002b:00007f02101cf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 179.507090][ T6959] RAX: ffffffffffffffda RBX: 00007f020f615fa0 RCX: 00007f020f39c799 [ 179.507111][ T6959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 179.507137][ T6959] RBP: 00007f020f432c99 R08: 0000000000000000 R09: 0000000000000000 [ 179.507156][ T6959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.507175][ T6959] R13: 00007f020f616038 R14: 00007f020f615fa0 R15: 00007ffcdde4cc08 [ 179.507218][ T6959] [ 179.800482][ T6959] FAULT_INJECTION: forcing a failure. [ 179.800482][ T6959] name failslab, interval 1, probability 0, space 0, times 0 [ 179.847338][ T6959] CPU: 1 UID: 0 PID: 6959 Comm: syz.0.233 Not tainted syzkaller #0 PREEMPT(full) [ 179.847371][ T6959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 179.847385][ T6959] Call Trace: [ 179.847392][ T6959] [ 179.847401][ T6959] dump_stack_lvl+0x100/0x190 [ 179.847442][ T6959] should_fail_ex.cold+0x5/0xa [ 179.847470][ T6959] should_failslab+0xc2/0x120 [ 179.847495][ T6959] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 179.847534][ T6959] ? skb_clone+0x190/0x400 [ 179.847568][ T6959] skb_clone+0x190/0x400 [ 179.847598][ T6959] netlink_deliver_tap+0xaed/0xcc0 [ 179.847636][ T6959] netlink_unicast+0x650/0x870 [ 179.847674][ T6959] ? __pfx_netlink_unicast+0x10/0x10 [ 179.847719][ T6959] netlink_sendmsg+0x8b0/0xda0 [ 179.847756][ T6959] ? __pfx_netlink_sendmsg+0x10/0x10 [ 179.847800][ T6959] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 179.847840][ T6959] __sys_sendto+0x468/0x4b0 [ 179.847894][ T6959] ? __pfx_netlink_sendmsg+0x10/0x10 [ 179.847947][ T6959] ? __pfx___sys_sendto+0x10/0x10 [ 179.847983][ T6959] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 179.848025][ T6959] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 179.848107][ T6959] __x64_sys_sendto+0xe0/0x1c0 [ 179.848143][ T6959] ? do_syscall_64+0x95/0xf80 [ 179.848199][ T6959] ? lockdep_hardirqs_on+0x78/0x100 [ 179.848248][ T6959] do_syscall_64+0x106/0xf80 [ 179.848289][ T6959] ? clear_bhb_loop+0x40/0x90 [ 179.848332][ T6959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.848366][ T6959] RIP: 0033:0x7f020f35cfce [ 179.848386][ T6959] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 179.848408][ T6959] RSP: 002b:00007f02101cde88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 179.848430][ T6959] RAX: ffffffffffffffda RBX: 00007f02101cf6c0 RCX: 00007f020f35cfce [ 179.848446][ T6959] RDX: 000000000000001c RSI: 00007f02101ce000 RDI: 0000000000000005 [ 179.848460][ T6959] RBP: 0000000000000000 R08: 00007f02101cdf04 R09: 000000000000000c [ 179.848474][ T6959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 179.848488][ T6959] R13: 00007f02101cdf58 R14: 00007f02101ce000 R15: 0000000000000000 [ 179.848518][ T6959] [ 180.224401][ T6953] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 181.958834][ T6996] FAULT_INJECTION: forcing a failure. [ 181.958834][ T6996] name failslab, interval 1, probability 0, space 0, times 0 [ 182.176207][ T6996] CPU: 1 UID: 0 PID: 6996 Comm: syz.0.240 Not tainted syzkaller #0 PREEMPT(full) [ 182.176274][ T6996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 182.176293][ T6996] Call Trace: [ 182.176304][ T6996] [ 182.176316][ T6996] dump_stack_lvl+0x100/0x190 [ 182.176371][ T6996] should_fail_ex.cold+0x5/0xa [ 182.176409][ T6996] ? tomoyo_encode2+0xfb/0x3c0 [ 182.176444][ T6996] should_failslab+0xc2/0x120 [ 182.176487][ T6996] __kmalloc_noprof+0xe0/0x850 [ 182.176536][ T6996] ? rcu_is_watching+0x12/0xc0 [ 182.176594][ T6996] tomoyo_encode2+0xfb/0x3c0 [ 182.176636][ T6996] tomoyo_encode+0x29/0x50 [ 182.176670][ T6996] tomoyo_realpath_from_path+0x18c/0x690 [ 182.176719][ T6996] tomoyo_check_open_permission+0x2af/0x3c0 [ 182.176775][ T6996] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 182.176869][ T6996] ? do_raw_spin_lock+0x128/0x260 [ 182.176920][ T6996] ? path_get+0x61/0x80 [ 182.176960][ T6996] tomoyo_file_open+0x6b/0x90 [ 182.177005][ T6996] security_file_open+0xb5/0x1e0 [ 182.177041][ T6996] do_dentry_open+0x5aa/0x1660 [ 182.177076][ T6996] ? security_inode_permission+0xbf/0x250 [ 182.177141][ T6996] vfs_open+0x82/0x3f0 [ 182.177186][ T6996] path_openat+0x208c/0x31a0 [ 182.177234][ T6996] ? __pfx_path_openat+0x10/0x10 [ 182.177281][ T6996] do_file_open+0x20e/0x430 [ 182.177317][ T6996] ? __pfx_do_file_open+0x10/0x10 [ 182.177380][ T6996] ? alloc_fd+0x476/0x790 [ 182.177416][ T6996] ? do_getname+0x191/0x390 [ 182.177461][ T6996] do_sys_openat2+0x10d/0x1e0 [ 182.177510][ T6996] ? __pfx_do_sys_openat2+0x10/0x10 [ 182.177572][ T6996] __x64_sys_openat+0x12d/0x210 [ 182.177618][ T6996] ? __pfx___x64_sys_openat+0x10/0x10 [ 182.177678][ T6996] do_syscall_64+0x106/0xf80 [ 182.177718][ T6996] ? clear_bhb_loop+0x40/0x90 [ 182.177758][ T6996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.177791][ T6996] RIP: 0033:0x7f020f39c799 [ 182.177817][ T6996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 182.177849][ T6996] RSP: 002b:00007f02101ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 182.177882][ T6996] RAX: ffffffffffffffda RBX: 00007f020f616090 RCX: 00007f020f39c799 [ 182.177902][ T6996] RDX: 0000000000000400 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 182.177923][ T6996] RBP: 00007f020f432c99 R08: 0000000000000000 R09: 0000000000000000 [ 182.177941][ T6996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.177960][ T6996] R13: 00007f020f616128 R14: 00007f020f616090 R15: 00007ffcdde4cc08 [ 182.178001][ T6996] [ 182.715819][ T6996] ERROR: Out of memory at tomoyo_realpath_from_path. [ 183.927498][ T7022] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 184.259054][ T7029] netlink: 4 bytes leftover after parsing attributes in process `syz.2.248'. [ 184.653546][ T7023] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 184.760992][ T6849] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 185.725747][ T29] audit: type=1326 audit(1773312900.998:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7047 comm="syz.0.252" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f020f39c799 code=0x0 [ 185.907632][ T7059] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 188.193761][ T7089] FAULT_INJECTION: forcing a failure. [ 188.193761][ T7089] name failslab, interval 1, probability 0, space 0, times 0 [ 188.193808][ T7089] CPU: 1 UID: 0 PID: 7089 Comm: syz.2.261 Not tainted syzkaller #0 PREEMPT(full) [ 188.193835][ T7089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 188.193849][ T7089] Call Trace: [ 188.193856][ T7089] [ 188.193864][ T7089] dump_stack_lvl+0x100/0x190 [ 188.193913][ T7089] should_fail_ex.cold+0x5/0xa [ 188.193942][ T7089] ? lsm_blob_alloc+0x68/0x90 [ 188.193975][ T7089] should_failslab+0xc2/0x120 [ 188.194001][ T7089] __kmalloc_noprof+0xe0/0x850 [ 188.194038][ T7089] ? trace_kmem_cache_alloc+0xf3/0x120 [ 188.194069][ T7089] lsm_blob_alloc+0x68/0x90 [ 188.194098][ T7089] security_sk_alloc+0x2d/0x290 [ 188.194135][ T7089] sk_prot_alloc+0x1d1/0x2a0 [ 188.194173][ T7089] sk_alloc+0x36/0xe80 [ 188.194200][ T7089] inet_create+0x3a0/0x1060 [ 188.194238][ T7089] ? inet_create+0x94/0x1060 [ 188.194281][ T7089] __sock_create+0x339/0x860 [ 188.194324][ T7089] udp_sock_create4+0xa6/0x450 [ 188.194390][ T7089] ? __pfx_udp_sock_create4+0x10/0x10 [ 188.194438][ T7089] ? lockdep_hardirqs_on+0x78/0x100 [ 188.194479][ T7089] ? crng_make_state+0x2b0/0x6c0 [ 188.194525][ T7089] rxrpc_open_socket+0x4ef/0x6b0 [ 188.194564][ T7089] ? __pfx_rxrpc_open_socket+0x10/0x10 [ 188.194615][ T7089] ? rcu_is_watching+0x12/0xc0 [ 188.194656][ T7089] rxrpc_lookup_local+0xac7/0x1220 [ 188.194698][ T7089] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 188.194738][ T7089] ? __local_bh_enable_ip+0x9e/0x120 [ 188.194767][ T7089] rxrpc_sendmsg+0x34a/0x680 [ 188.194795][ T7089] sock_write_iter+0x524/0x5a0 [ 188.194830][ T7089] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 188.194853][ T7089] ? __pfx_sock_write_iter+0x10/0x10 [ 188.194906][ T7089] ? bpf_lsm_file_permission+0x9/0x10 [ 188.194945][ T7089] ? security_file_permission+0x76/0x210 [ 188.194971][ T7089] ? rw_verify_area+0xce/0x6d0 [ 188.195010][ T7089] vfs_write+0x6ac/0x1070 [ 188.195049][ T7089] ? __pfx_sock_write_iter+0x10/0x10 [ 188.195088][ T7089] ? __pfx_vfs_write+0x10/0x10 [ 188.195124][ T7089] ? find_held_lock+0x2b/0x80 [ 188.195165][ T7089] ksys_write+0x1f8/0x250 [ 188.195186][ T7089] ? __pfx_ksys_write+0x10/0x10 [ 188.195216][ T7089] do_syscall_64+0x106/0xf80 [ 188.195244][ T7089] ? clear_bhb_loop+0x40/0x90 [ 188.195273][ T7089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.195298][ T7089] RIP: 0033:0x7f9a9d79c799 [ 188.195317][ T7089] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 188.195339][ T7089] RSP: 002b:00007f9a9e633028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 188.195361][ T7089] RAX: ffffffffffffffda RBX: 00007f9a9da16090 RCX: 00007f9a9d79c799 [ 188.195377][ T7089] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 188.195392][ T7089] RBP: 00007f9a9d832c99 R08: 0000000000000000 R09: 0000000000000000 [ 188.195408][ T7089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 188.195421][ T7089] R13: 00007f9a9da16128 R14: 00007f9a9da16090 R15: 00007ffe2a31c078 [ 188.195457][ T7089] [ 188.478563][ T7094] netlink: 25 bytes leftover after parsing attributes in process `syz.0.262'. [ 188.746836][ T7097] netlink: 25 bytes leftover after parsing attributes in process `syz.0.263'. [ 190.388941][ T7124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.272'. [ 190.429732][ T7124] netlink: 'syz.1.272': attribute type 1 has an invalid length. [ 190.473724][ T7124] netlink: 51505 bytes leftover after parsing attributes in process `syz.1.272'. [ 193.580847][ T7171] mmap: syz.3.285 (7171) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 194.458528][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.464925][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.586541][ T7183] device-mapper: ioctl: device name cannot contain '/' [ 196.007813][ T29] audit: type=1804 audit(1773312911.278:3): pid=7201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.290" name="/newroot/66/file0" dev="tmpfs" ino=359 res=1 errno=0 [ 198.730723][ T7252] FAULT_INJECTION: forcing a failure. [ 198.730723][ T7252] name failslab, interval 1, probability 0, space 0, times 0 [ 198.911236][ T7252] CPU: 1 UID: 0 PID: 7252 Comm: syz.0.305 Not tainted syzkaller #0 PREEMPT(full) [ 198.911280][ T7252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 198.911300][ T7252] Call Trace: [ 198.911311][ T7252] [ 198.911323][ T7252] dump_stack_lvl+0x100/0x190 [ 198.911379][ T7252] should_fail_ex.cold+0x5/0xa [ 198.911418][ T7252] should_failslab+0xc2/0x120 [ 198.911453][ T7252] __kmalloc_cache_noprof+0x7a/0x6f0 [ 198.911498][ T7252] ? snd_seq_pool_new+0x44/0x230 [ 198.911537][ T7252] ? __pfx_snd_seq_open+0x10/0x10 [ 198.911584][ T7252] snd_seq_pool_new+0x44/0x230 [ 198.911618][ T7252] seq_create_client1+0x66/0x640 [ 198.911669][ T7252] ? __pfx_snd_seq_open+0x10/0x10 [ 198.911715][ T7252] snd_seq_open+0x59/0x590 [ 198.911762][ T7252] ? __pfx_snd_seq_open+0x10/0x10 [ 198.911805][ T7252] snd_open+0x22d/0x4c0 [ 198.911859][ T7252] ? __pfx_snd_open+0x10/0x10 [ 198.911907][ T7252] chrdev_open+0x234/0x6a0 [ 198.911940][ T7252] ? __pfx_apparmor_file_open+0x10/0x10 [ 198.911991][ T7252] ? __pfx_chrdev_open+0x10/0x10 [ 198.912037][ T7252] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 198.912082][ T7252] do_dentry_open+0x6d8/0x1660 [ 198.912113][ T7252] ? __pfx_chrdev_open+0x10/0x10 [ 198.912157][ T7252] vfs_open+0x82/0x3f0 [ 198.912203][ T7252] path_openat+0x208c/0x31a0 [ 198.912253][ T7252] ? __pfx_path_openat+0x10/0x10 [ 198.912304][ T7252] do_file_open+0x20e/0x430 [ 198.912340][ T7252] ? __pfx_do_file_open+0x10/0x10 [ 198.912402][ T7252] ? alloc_fd+0x476/0x790 [ 198.912438][ T7252] ? do_getname+0x191/0x390 [ 198.912483][ T7252] do_sys_openat2+0x10d/0x1e0 [ 198.912526][ T7252] ? __pfx_do_sys_openat2+0x10/0x10 [ 198.912586][ T7252] __x64_sys_openat+0x12d/0x210 [ 198.912631][ T7252] ? __pfx___x64_sys_openat+0x10/0x10 [ 198.912688][ T7252] do_syscall_64+0x106/0xf80 [ 198.912727][ T7252] ? clear_bhb_loop+0x40/0x90 [ 198.912769][ T7252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.912802][ T7252] RIP: 0033:0x7f020f39c799 [ 198.912828][ T7252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 198.912859][ T7252] RSP: 002b:00007f02101cf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 198.912891][ T7252] RAX: ffffffffffffffda RBX: 00007f020f615fa0 RCX: 00007f020f39c799 [ 198.912913][ T7252] RDX: 00000000001e3800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 198.912933][ T7252] RBP: 00007f020f432c99 R08: 0000000000000000 R09: 0000000000000000 [ 198.912953][ T7252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.912972][ T7252] R13: 00007f020f616038 R14: 00007f020f615fa0 R15: 00007ffcdde4cc08 [ 198.913016][ T7252] [ 199.581983][ T6839] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.697349][ T7271] netlink: 25 bytes leftover after parsing attributes in process `syz.0.310'. [ 200.498626][ T7292] process 'syz.2.316' launched './file0' with NULL argv: empty string added [ 202.781312][ T7318] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[k<÷:1597170177 is already present [ 205.437942][ T29] audit: type=1806 audit(1773312920.708:4): xattr="." res=0 [ 205.703632][ T7361] hugetlbfs: syz.2.333 (7361): Using mlock ulimits for SHM_HUGETLB is obsolete [ 206.081451][ T7373] ima: policy update failed [ 206.091038][ T29] audit: type=1802 audit(1773312921.368:5): pid=7373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.336" res=0 errno=0 [ 206.593722][ T7393] blktrace: Concurrent blktraces are not allowed on loop2 [ 210.968072][ T7448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.350'. [ 210.993879][ T7448] netlink: 354 bytes leftover after parsing attributes in process `syz.1.350'. [ 211.474342][ T7456] blktrace: Concurrent blktraces are not allowed on loop2 [ 211.596293][ T7457] Invalid ELF header magic: != ELF [ 214.445661][ T7490] bond0: invalid ARP target specified [ 217.003502][ T7505] Bluetooth: hci1: command 0x0406 tx timeout [ 217.009831][ T7505] Bluetooth: hci3: command 0x0406 tx timeout [ 217.016199][ T7505] Bluetooth: hci2: command 0x0406 tx timeout [ 217.023307][ T7505] Bluetooth: hci0: command 0x0406 tx timeout [ 217.053466][ T7524] netlink: 28 bytes leftover after parsing attributes in process `syz.0.370'. [ 220.294494][ T7551] random: crng reseeded on system resumption [ 221.444227][ T7560] FAULT_INJECTION: forcing a failure. [ 221.444227][ T7560] name failslab, interval 1, probability 0, space 0, times 0 [ 221.581330][ T7560] CPU: 1 UID: 0 PID: 7560 Comm: syz.2.377 Not tainted syzkaller #0 PREEMPT(full) [ 221.581372][ T7560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 221.581393][ T7560] Call Trace: [ 221.581404][ T7560] [ 221.581416][ T7560] dump_stack_lvl+0x100/0x190 [ 221.581471][ T7560] should_fail_ex.cold+0x5/0xa [ 221.581510][ T7560] should_failslab+0xc2/0x120 [ 221.581545][ T7560] __kmalloc_cache_noprof+0x7a/0x6f0 [ 221.581587][ T7560] ? alloc_fs_context+0x57/0xf40 [ 221.581633][ T7560] alloc_fs_context+0x57/0xf40 [ 221.581677][ T7560] mq_init_ns+0x16e/0x820 [ 221.581729][ T7560] copy_ipcs+0x3dd/0x7e0 [ 221.581782][ T7560] create_new_namespaces+0x20a/0xac0 [ 221.581818][ T7560] ? security_capable+0x80/0x260 [ 221.581867][ T7560] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 221.581907][ T7560] ksys_unshare+0x473/0xad0 [ 221.581950][ T7560] ? __pfx_ksys_unshare+0x10/0x10 [ 221.582006][ T7560] __x64_sys_unshare+0x31/0x40 [ 221.582045][ T7560] do_syscall_64+0x106/0xf80 [ 221.582084][ T7560] ? clear_bhb_loop+0x40/0x90 [ 221.582125][ T7560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.582160][ T7560] RIP: 0033:0x7f9a9d79c799 [ 221.582187][ T7560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 221.582218][ T7560] RSP: 002b:00007f9a9e654028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 221.582250][ T7560] RAX: ffffffffffffffda RBX: 00007f9a9da15fa0 RCX: 00007f9a9d79c799 [ 221.582284][ T7560] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 221.582304][ T7560] RBP: 00007f9a9d832c99 R08: 0000000000000000 R09: 0000000000000000 [ 221.582324][ T7560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.582343][ T7560] R13: 00007f9a9da16038 R14: 00007f9a9da15fa0 R15: 00007ffe2a31c078 [ 221.582386][ T7560] [ 221.998200][ T7560] FAULT_INJECTION: forcing a failure. [ 221.998200][ T7560] name failslab, interval 1, probability 0, space 0, times 0 [ 222.028024][ T7560] CPU: 1 UID: 0 PID: 7560 Comm: syz.2.377 Not tainted syzkaller #0 PREEMPT(full) [ 222.028056][ T7560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 222.028071][ T7560] Call Trace: [ 222.028079][ T7560] [ 222.028089][ T7560] dump_stack_lvl+0x100/0x190 [ 222.028170][ T7560] should_fail_ex.cold+0x5/0xa [ 222.028215][ T7560] should_failslab+0xc2/0x120 [ 222.028242][ T7560] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 222.028279][ T7560] ? vm_area_dup+0x27/0x8e0 [ 222.028310][ T7560] ? mas_next_slot+0x1003/0x18b0 [ 222.028348][ T7560] vm_area_dup+0x27/0x8e0 [ 222.028381][ T7560] __split_vma+0x18c/0xd90 [ 222.028418][ T7560] ? __pfx___split_vma+0x10/0x10 [ 222.028449][ T7560] ? validate_mm+0x392/0x4e0 [ 222.028496][ T7560] vma_modify+0x1121/0x2250 [ 222.028537][ T7560] ? __pfx_vma_modify+0x10/0x10 [ 222.028578][ T7560] vma_modify_flags+0x257/0x3d0 [ 222.028614][ T7560] ? __pfx_vma_modify_flags+0x10/0x10 [ 222.028662][ T7560] ? rcu_is_watching+0x12/0xc0 [ 222.028697][ T7560] ? percpu_counter_add_batch+0xb9/0x230 [ 222.028746][ T7560] mprotect_fixup+0x209/0xb70 [ 222.028784][ T7560] ? __pfx_mprotect_fixup+0x10/0x10 [ 222.028832][ T7560] ? __pfx_mas_prev+0x10/0x10 [ 222.028871][ T7560] do_mprotect_pkey+0x9e1/0xe70 [ 222.028913][ T7560] ? __pfx_do_mprotect_pkey+0x10/0x10 [ 222.028947][ T7560] ? do_vmi_munmap+0x1f8/0x3e0 [ 222.028979][ T7560] ? do_vmi_munmap+0x200/0x3e0 [ 222.029021][ T7560] ? __pfx___vm_munmap+0x10/0x10 [ 222.029076][ T7560] __x64_sys_mprotect+0x78/0xc0 [ 222.029108][ T7560] ? lockdep_hardirqs_on+0x78/0x100 [ 222.029136][ T7560] do_syscall_64+0x106/0xf80 [ 222.029164][ T7560] ? clear_bhb_loop+0x40/0x90 [ 222.029193][ T7560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.029218][ T7560] RIP: 0033:0x7f9a9d79c597 [ 222.029238][ T7560] Code: 89 38 eb 84 0f 1f 80 00 00 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff e9 7a ff ff ff b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 222.029261][ T7560] RSP: 002b:00007f9a9e652d18 EFLAGS: 00000217 ORIG_RAX: 000000000000000a [ 222.029283][ T7560] RAX: ffffffffffffffda RBX: 00007f9a94000000 RCX: 00007f9a9d79c597 [ 222.029299][ T7560] RDX: 0000000000000003 RSI: 0000000000021000 RDI: 00007f9a94000000 [ 222.029315][ T7560] RBP: 0000000000021000 R08: 00000000ffffffff R09: 0000000000000000 [ 222.029330][ T7560] R10: 0000000000000022 R11: 0000000000000217 R12: 0000000004000000 [ 222.029344][ T7560] R13: 0000000000001000 R14: 00007f9a98000000 R15: 0000000000800000 [ 222.029374][ T7560] [ 226.388196][ T7610] FAULT_INJECTION: forcing a failure. [ 226.388196][ T7610] name failslab, interval 1, probability 0, space 0, times 0 [ 226.408014][ T7610] CPU: 0 UID: 0 PID: 7610 Comm: syz.0.389 Not tainted syzkaller #0 PREEMPT(full) [ 226.408058][ T7610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 226.408080][ T7610] Call Trace: [ 226.408091][ T7610] [ 226.408105][ T7610] dump_stack_lvl+0x100/0x190 [ 226.408162][ T7610] should_fail_ex.cold+0x5/0xa [ 226.408202][ T7610] should_failslab+0xc2/0x120 [ 226.408237][ T7610] __kmalloc_cache_noprof+0x7a/0x6f0 [ 226.408282][ T7610] ? snd_seq_port_connect+0x61/0x560 [ 226.408329][ T7610] ? snd_seq_port_use_ptr+0x14d/0x1b0 [ 226.408387][ T7610] ? snd_seq_port_use_ptr+0x14d/0x1b0 [ 226.408442][ T7610] snd_seq_port_connect+0x61/0x560 [ 226.408492][ T7610] ? _raw_read_unlock+0x28/0x50 [ 226.408528][ T7610] ? check_subscription_permission.isra.0+0x146/0x240 [ 226.408585][ T7610] snd_seq_ioctl_subscribe_port+0x219/0x490 [ 226.408642][ T7610] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 226.408715][ T7610] call_seq_client_ctl+0xa3/0x130 [ 226.408766][ T7610] snd_seq_kernel_client_ctl+0x77/0xd0 [ 226.408817][ T7610] snd_seq_oss_midi_open+0x5ad/0x6b0 [ 226.408859][ T7610] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 226.408924][ T7610] snd_seq_oss_synth_setup_midi+0x131/0x590 [ 226.408973][ T7610] snd_seq_oss_open+0x82e/0xa10 [ 226.409032][ T7610] odev_open+0x79/0xc0 [ 226.409076][ T7610] ? __pfx_odev_open+0x10/0x10 [ 226.409122][ T7610] soundcore_open+0x2e3/0x5a0 [ 226.409176][ T7610] ? __pfx_soundcore_open+0x10/0x10 [ 226.409226][ T7610] chrdev_open+0x234/0x6a0 [ 226.409259][ T7610] ? __pfx_apparmor_file_open+0x10/0x10 [ 226.409310][ T7610] ? __pfx_chrdev_open+0x10/0x10 [ 226.409355][ T7610] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 226.409401][ T7610] do_dentry_open+0x6d8/0x1660 [ 226.409434][ T7610] ? __pfx_chrdev_open+0x10/0x10 [ 226.409479][ T7610] vfs_open+0x82/0x3f0 [ 226.409528][ T7610] path_openat+0x208c/0x31a0 [ 226.409578][ T7610] ? __pfx_path_openat+0x10/0x10 [ 226.409630][ T7610] do_file_open+0x20e/0x430 [ 226.409668][ T7610] ? __pfx_do_file_open+0x10/0x10 [ 226.409736][ T7610] ? alloc_fd+0x476/0x790 [ 226.409773][ T7610] ? do_getname+0x191/0x390 [ 226.409820][ T7610] do_sys_openat2+0x10d/0x1e0 [ 226.409865][ T7610] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.409913][ T7610] ? find_held_lock+0x2b/0x80 [ 226.409956][ T7610] __x64_sys_openat+0x12d/0x210 [ 226.410003][ T7610] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.410065][ T7610] do_syscall_64+0x106/0xf80 [ 226.410106][ T7610] ? clear_bhb_loop+0x40/0x90 [ 226.410148][ T7610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.410183][ T7610] RIP: 0033:0x7f020f39c799 [ 226.410213][ T7610] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.410245][ T7610] RSP: 002b:00007f02101cf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.410278][ T7610] RAX: ffffffffffffffda RBX: 00007f020f615fa0 RCX: 00007f020f39c799 [ 226.410300][ T7610] RDX: 0000000000000002 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 226.410322][ T7610] RBP: 00007f020f432c99 R08: 0000000000000000 R09: 0000000000000000 [ 226.410348][ T7610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.410369][ T7610] R13: 00007f020f616038 R14: 00007f020f615fa0 R15: 00007ffcdde4cc08 [ 226.410414][ T7610] [ 229.594926][ T7642] netlink: 28 bytes leftover after parsing attributes in process `syz.3.398'. [ 234.428749][ T7705] netlink: 28 bytes leftover after parsing attributes in process `syz.1.412'. [ 236.518938][ T6849] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 237.694957][ T7744] zswap: compressor  not available [ 240.641415][ T29] audit: type=1326 audit(1773312955.918:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7769 comm="syz.3.431" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb18019c799 code=0x0 [ 242.945010][ T7801] zswap: compressor not available [ 243.750798][ T7813] zswap: compressor  not available [ 248.354503][ T7871] FAULT_INJECTION: forcing a failure. [ 248.354503][ T7871] name failslab, interval 1, probability 0, space 0, times 0 [ 248.377765][ T7871] CPU: 1 UID: 0 PID: 7871 Comm: syz.1.454 Not tainted syzkaller #0 PREEMPT(full) [ 248.377813][ T7871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 248.377852][ T7871] Call Trace: [ 248.377865][ T7871] [ 248.377885][ T7871] dump_stack_lvl+0x100/0x190 [ 248.377941][ T7871] should_fail_ex.cold+0x5/0xa [ 248.377980][ T7871] should_failslab+0xc2/0x120 [ 248.378016][ T7871] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 248.378066][ T7871] ? mempool_init_node+0x2f7/0x6e0 [ 248.378102][ T7871] ? mempool_init_noprof+0x3a/0x50 [ 248.378138][ T7871] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 248.378176][ T7871] mempool_init_node+0x2f7/0x6e0 [ 248.378221][ T7871] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 248.378254][ T7871] ? __pfx_mempool_free_slab+0x10/0x10 [ 248.378287][ T7871] mempool_init_noprof+0x3a/0x50 [ 248.378328][ T7871] bioset_init+0x37e/0x8a0 [ 248.378379][ T7871] ? __pfx_bioset_init+0x10/0x10 [ 248.378452][ T7871] __alloc_disk_node+0x83/0x6b0 [ 248.378511][ T7871] __blk_alloc_disk+0xd2/0x170 [ 248.378563][ T7871] ? __pfx___blk_alloc_disk+0x10/0x10 [ 248.378640][ T7871] ? __pfx_idr_alloc+0x10/0x10 [ 248.378680][ T7871] ? lockdep_init_map_type+0x5c/0x250 [ 248.378728][ T7871] ? __raw_spin_lock_init+0x3a/0x110 [ 248.378785][ T7871] ? __pfx_hot_add_show+0x10/0x10 [ 248.378824][ T7871] zram_add+0x1bf/0x610 [ 248.378861][ T7871] ? __pfx_zram_add+0x10/0x10 [ 248.378936][ T7871] ? find_held_lock+0x2b/0x80 [ 248.378968][ T7871] ? sysfs_file_kobj+0xe4/0x290 [ 248.379017][ T7871] ? __pfx_hot_add_show+0x10/0x10 [ 248.379056][ T7871] hot_add_show+0x21/0x80 [ 248.379094][ T7871] class_attr_show+0x72/0xa0 [ 248.379149][ T7871] ? __pfx_class_attr_show+0x10/0x10 [ 248.379201][ T7871] sysfs_kf_seq_show+0x217/0x3a0 [ 248.379254][ T7871] seq_read_iter+0x32f/0x1270 [ 248.379324][ T7871] kernfs_fop_read_iter+0x46c/0x610 [ 248.379364][ T7871] ? rw_verify_area+0xce/0x6d0 [ 248.379413][ T7871] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 248.379452][ T7871] vfs_read+0x825/0xb30 [ 248.379511][ T7871] ? __pfx_vfs_read+0x10/0x10 [ 248.379593][ T7871] ksys_read+0x12a/0x250 [ 248.379646][ T7871] ? __pfx_ksys_read+0x10/0x10 [ 248.379712][ T7871] do_syscall_64+0x106/0xf80 [ 248.379751][ T7871] ? clear_bhb_loop+0x40/0x90 [ 248.379794][ T7871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.379829][ T7871] RIP: 0033:0x7fac0499c799 [ 248.379857][ T7871] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 248.379896][ T7871] RSP: 002b:00007fac05940028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 248.379930][ T7871] RAX: ffffffffffffffda RBX: 00007fac04c15fa0 RCX: 00007fac0499c799 [ 248.379952][ T7871] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 248.379972][ T7871] RBP: 00007fac04a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 248.379993][ T7871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.380013][ T7871] R13: 00007fac04c16038 R14: 00007fac04c15fa0 R15: 00007fffd7956118 [ 248.380058][ T7871] [ 248.705825][ T7877] can0: slcan on ttyS2. [ 248.740594][ T7871] zram: Error allocating disk structure for device 1 [ 248.801970][ T7877] can0 (unregistered): slcan off ttyS2. [ 250.375698][ T7892] ima: policy update failed [ 250.381326][ T29] audit: type=1802 audit(1773312965.658:7): pid=7892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.458" res=0 errno=0 [ 250.704034][ T7905] netlink: 186 bytes leftover after parsing attributes in process `syz.0.461'. [ 250.787398][ T7901] can: request_module (can-proto-5) failed. [ 255.685757][ T7973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.475'. [ 255.728968][ T7973] netlink: 'syz.3.475': attribute type 1 has an invalid length. [ 255.736691][ T7973] netlink: 342 bytes leftover after parsing attributes in process `syz.3.475'. [ 255.840004][ T7975] FAULT_INJECTION: forcing a failure. [ 255.840004][ T7975] name failslab, interval 1, probability 0, space 0, times 0 [ 255.873251][ T7975] CPU: 1 UID: 0 PID: 7975 Comm: syz.1.476 Not tainted syzkaller #0 PREEMPT(full) [ 255.873309][ T7975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 255.873328][ T7975] Call Trace: [ 255.873338][ T7975] [ 255.873351][ T7975] dump_stack_lvl+0x100/0x190 [ 255.873407][ T7975] should_fail_ex.cold+0x5/0xa [ 255.873446][ T7975] should_failslab+0xc2/0x120 [ 255.873481][ T7975] __kmalloc_cache_noprof+0x7a/0x6f0 [ 255.873524][ T7975] ? snd_seq_fifo_new+0x42/0x270 [ 255.873562][ T7975] ? _raw_spin_unlock_irq+0x2e/0x50 [ 255.873602][ T7975] ? __pfx_snd_seq_open+0x10/0x10 [ 255.873678][ T7975] snd_seq_fifo_new+0x42/0x270 [ 255.873716][ T7975] snd_seq_open+0x3fe/0x590 [ 255.873764][ T7975] ? __pfx_snd_seq_open+0x10/0x10 [ 255.873819][ T7975] snd_open+0x22d/0x4c0 [ 255.873868][ T7975] ? __pfx_snd_open+0x10/0x10 [ 255.873925][ T7975] chrdev_open+0x234/0x6a0 [ 255.873957][ T7975] ? __pfx_apparmor_file_open+0x10/0x10 [ 255.874005][ T7975] ? __pfx_chrdev_open+0x10/0x10 [ 255.874040][ T7975] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 255.874084][ T7975] do_dentry_open+0x6d8/0x1660 [ 255.874115][ T7975] ? __pfx_chrdev_open+0x10/0x10 [ 255.874179][ T7975] vfs_open+0x82/0x3f0 [ 255.874225][ T7975] path_openat+0x208c/0x31a0 [ 255.874274][ T7975] ? __pfx_path_openat+0x10/0x10 [ 255.874324][ T7975] do_file_open+0x20e/0x430 [ 255.874362][ T7975] ? __pfx_do_file_open+0x10/0x10 [ 255.874429][ T7975] ? alloc_fd+0x476/0x790 [ 255.874464][ T7975] ? do_getname+0x191/0x390 [ 255.874508][ T7975] do_sys_openat2+0x10d/0x1e0 [ 255.874551][ T7975] ? __pfx_do_sys_openat2+0x10/0x10 [ 255.874610][ T7975] __x64_sys_openat+0x12d/0x210 [ 255.874663][ T7975] ? __pfx___x64_sys_openat+0x10/0x10 [ 255.874725][ T7975] do_syscall_64+0x106/0xf80 [ 255.874765][ T7975] ? clear_bhb_loop+0x40/0x90 [ 255.874807][ T7975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.874841][ T7975] RIP: 0033:0x7fac0499c799 [ 255.874869][ T7975] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 255.874900][ T7975] RSP: 002b:00007fac05940028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 255.874932][ T7975] RAX: ffffffffffffffda RBX: 00007fac04c15fa0 RCX: 00007fac0499c799 [ 255.874954][ T7975] RDX: 00000000001e3800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 255.874974][ T7975] RBP: 00007fac04a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 255.874993][ T7975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.875013][ T7975] R13: 00007fac04c16038 R14: 00007fac04c15fa0 R15: 00007fffd7956118 [ 255.875057][ T7975] [ 256.146598][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.153007][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.720892][ T7503] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 257.731175][ T7503] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 257.739903][ T7503] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 257.750857][ T7503] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 257.761580][ T7503] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 258.083712][ T8005] random: crng reseeded on system resumption [ 258.434271][ T8009] chnl_net:caif_netlink_parms(): no params data found [ 258.598762][ T8009] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.606074][ T8009] bridge0: port 1(bridge_slave_0) entered disabled state [ 258.613696][ T8009] bridge_slave_0: entered allmulticast mode [ 258.621989][ T8009] bridge_slave_0: entered promiscuous mode [ 258.632933][ T8009] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.648178][ T8009] bridge0: port 2(bridge_slave_1) entered disabled state [ 258.655842][ T8009] bridge_slave_1: entered allmulticast mode [ 258.670357][ T8009] bridge_slave_1: entered promiscuous mode [ 258.718494][ T8009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 258.732639][ T8009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 258.785983][ T8009] team0: Port device team_slave_0 added [ 258.795863][ T8009] team0: Port device team_slave_1 added [ 258.843580][ T8009] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 258.850959][ T8009] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 258.880342][ T8009] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 258.895088][ T8009] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 258.902209][ T8009] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 258.929923][ T8009] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 259.007525][ T8009] hsr_slave_0: entered promiscuous mode [ 259.014994][ T8009] hsr_slave_1: entered promiscuous mode [ 259.021771][ T8009] debugfs: 'hsr0' already exists in 'hsr' [ 259.027553][ T8009] Cannot create hsr debugfs directory [ 259.309875][ T8009] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 259.340297][ T8009] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 259.355481][ T8009] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 259.371492][ T8009] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 259.553896][ T8009] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.594039][ T8009] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.614014][ T6839] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.621294][ T6839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.652881][ T6839] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.660184][ T6839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.798225][ T7503] Bluetooth: hci0: command tx timeout [ 260.019249][ T8009] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 260.401905][ T8009] veth0_vlan: entered promiscuous mode [ 260.415797][ T8009] veth1_vlan: entered promiscuous mode [ 260.449727][ T8009] veth0_macvtap: entered promiscuous mode [ 260.461436][ T8009] veth1_macvtap: entered promiscuous mode [ 260.485271][ T8009] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 260.502176][ T8009] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 260.517554][ T6846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.530299][ T6846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.540679][ T6846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.551841][ T6846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.623430][ T6846] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.639377][ T6846] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.669636][ T6839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.677597][ T6839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 261.882134][ T7503] Bluetooth: hci0: command tx timeout [ 263.959708][ T7503] Bluetooth: hci0: command tx timeout [ 264.056454][ T8059] zswap: compressor  not available [ 265.053496][ T8095] blktrace: Concurrent blktraces are not allowed on loop2 [ 265.155200][ T7503] Bluetooth: hci1: unexpected event 0x32 length: 727 > 9 [ 265.416906][ T8102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.502'. [ 265.576602][ T8102] netlink: 'syz.1.502': attribute type 1 has an invalid length. [ 265.584711][ T8102] netlink: 'syz.1.502': attribute type 6 has an invalid length. [ 266.040049][ T7503] Bluetooth: hci0: command tx timeout [ 268.955031][ T8166] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 275.281422][ T8243] Console: switching to colour VGA+ 80x25 [ 276.721213][ T8259] netlink: zone id is out of range [ 276.737341][ T8259] netlink: zone id is out of range [ 276.773471][ T8259] netlink: zone id is out of range [ 276.886903][ T8259] netlink: zone id is out of range [ 276.928480][ T8259] netlink: zone id is out of range [ 276.952103][ T8259] netlink: zone id is out of range [ 276.957705][ T8259] netlink: zone id is out of range [ 276.965361][ T8259] netlink: zone id is out of range [ 276.972175][ T8259] netlink: zone id is out of range [ 276.983280][ T8259] netlink: zone id is out of range [ 277.358248][ T8264] netlink: 306 bytes leftover after parsing attributes in process `syz.0.540'. [ 278.076701][ T8279] netlink: 504 bytes leftover after parsing attributes in process `syz.0.545'. [ 278.107397][ T7503] Bluetooth: hci0: unexpected event 0x12 length: 440 > 8 [ 278.743797][ T8300] blktrace: Concurrent blktraces are not allowed on loop2 [ 283.397387][ T8376] zram: Added device: zram1 [ 286.239505][ T8413] net_ratelimit: 42 callbacks suppressed [ 286.239533][ T8413] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 286.404815][ T8415] [U] [ 286.407750][ T8415] [U] [ 286.410473][ T8415] [U] [ 286.413188][ T8415] [U] [ 286.453193][ T8415] [U] [ 286.455991][ T8415] [U] [ 286.458757][ T8415] [U] [ 286.461488][ T8415] [U] [ 286.490458][ T8415] [U] [ 286.493244][ T8415] [U] [ 286.495964][ T8415] [U] [ 286.498704][ T8415] [U] [ 286.525499][ T8415] [U] [ 288.059802][ T8443] FAULT_INJECTION: forcing a failure. [ 288.059802][ T8443] name failslab, interval 1, probability 0, space 0, times 0 [ 288.118188][ T8443] CPU: 1 UID: 0 PID: 8443 Comm: syz.3.587 Not tainted syzkaller #0 PREEMPT(full) [ 288.118231][ T8443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 288.118250][ T8443] Call Trace: [ 288.118260][ T8443] [ 288.118274][ T8443] dump_stack_lvl+0x100/0x190 [ 288.118331][ T8443] should_fail_ex.cold+0x5/0xa [ 288.118373][ T8443] should_failslab+0xc2/0x120 [ 288.118409][ T8443] __kmalloc_cache_noprof+0x7a/0x6f0 [ 288.118454][ T8443] ? vidtv_psi_service_list_desc_init+0x52/0x550 [ 288.118502][ T8443] vidtv_psi_service_list_desc_init+0x52/0x550 [ 288.118550][ T8443] vidtv_psi_nit_table_init+0x39a/0x5f0 [ 288.118591][ T8443] ? kasan_save_track+0x14/0x30 [ 288.118649][ T8443] vidtv_channel_si_init+0xcd0/0x18d0 [ 288.118706][ T8443] vidtv_mux_init+0x526/0xbf0 [ 288.118765][ T8443] vidtv_start_feed+0x33e/0x4c0 [ 288.118822][ T8443] ? __pfx_vidtv_start_feed+0x10/0x10 [ 288.118877][ T8443] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 288.118940][ T8443] ? mark_held_locks+0x40/0x70 [ 288.118989][ T8443] ? __pfx_vidtv_start_feed+0x10/0x10 [ 288.119042][ T8443] dmx_ts_feed_start_filtering+0xf6/0x220 [ 288.119084][ T8443] dvb_dmxdev_start_feed+0x273/0x3f0 [ 288.119139][ T8443] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 288.119197][ T8443] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 288.119253][ T8443] dvb_demux_do_ioctl+0xe64/0x1200 [ 288.119319][ T8443] dvb_usercopy+0x167/0x340 [ 288.119364][ T8443] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 288.119419][ T8443] ? __pfx_dvb_usercopy+0x10/0x10 [ 288.119482][ T8443] ? __fget_files+0x21f/0x3d0 [ 288.119524][ T8443] dvb_demux_ioctl+0x29/0x40 [ 288.119570][ T8443] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 288.119619][ T8443] __x64_sys_ioctl+0x18e/0x210 [ 288.119671][ T8443] do_syscall_64+0x106/0xf80 [ 288.119712][ T8443] ? clear_bhb_loop+0x40/0x90 [ 288.119770][ T8443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.119816][ T8443] RIP: 0033:0x7fb18019c799 [ 288.119844][ T8443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 288.119874][ T8443] RSP: 002b:00007fb18102c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 288.119905][ T8443] RAX: ffffffffffffffda RBX: 00007fb180415fa0 RCX: 00007fb18019c799 [ 288.119926][ T8443] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 288.119945][ T8443] RBP: 00007fb180232c99 R08: 0000000000000000 R09: 0000000000000000 [ 288.119963][ T8443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 288.119998][ T8443] R13: 00007fb180416038 R14: 00007fb180415fa0 R15: 00007fffcd8e13c8 [ 288.120045][ T8443] [ 290.283033][ T8476] FAULT_INJECTION: forcing a failure. [ 290.283033][ T8476] name failslab, interval 1, probability 0, space 0, times 0 [ 290.336746][ T8476] CPU: 0 UID: 0 PID: 8476 Comm: syz.4.596 Not tainted syzkaller #0 PREEMPT(full) [ 290.336793][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 290.336811][ T8476] Call Trace: [ 290.336832][ T8476] [ 290.336844][ T8476] dump_stack_lvl+0x100/0x190 [ 290.336900][ T8476] should_fail_ex.cold+0x5/0xa [ 290.336940][ T8476] should_failslab+0xc2/0x120 [ 290.336982][ T8476] __kmalloc_cache_node_noprof+0x7d/0x770 [ 290.337039][ T8476] ? bdi_alloc+0x44/0x140 [ 290.337083][ T8476] bdi_alloc+0x44/0x140 [ 290.337116][ T8476] __alloc_disk_node+0xac/0x6b0 [ 290.337174][ T8476] __blk_alloc_disk+0xd2/0x170 [ 290.337224][ T8476] ? __pfx___blk_alloc_disk+0x10/0x10 [ 290.337297][ T8476] ? __pfx_idr_alloc+0x10/0x10 [ 290.337335][ T8476] ? lockdep_init_map_type+0x5c/0x250 [ 290.337380][ T8476] ? __raw_spin_lock_init+0x3a/0x110 [ 290.337434][ T8476] ? __pfx_hot_add_show+0x10/0x10 [ 290.337471][ T8476] zram_add+0x1bf/0x610 [ 290.337507][ T8476] ? __pfx_zram_add+0x10/0x10 [ 290.337571][ T8476] ? find_held_lock+0x2b/0x80 [ 290.337602][ T8476] ? sysfs_file_kobj+0xe4/0x290 [ 290.337667][ T8476] ? __pfx_hot_add_show+0x10/0x10 [ 290.337706][ T8476] hot_add_show+0x21/0x80 [ 290.337743][ T8476] class_attr_show+0x72/0xa0 [ 290.337798][ T8476] ? __pfx_class_attr_show+0x10/0x10 [ 290.337852][ T8476] sysfs_kf_seq_show+0x217/0x3a0 [ 290.337900][ T8476] seq_read_iter+0x32f/0x1270 [ 290.337971][ T8476] kernfs_fop_read_iter+0x46c/0x610 [ 290.338019][ T8476] ? rw_verify_area+0xce/0x6d0 [ 290.338068][ T8476] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 290.338108][ T8476] vfs_read+0x825/0xb30 [ 290.338165][ T8476] ? __pfx_vfs_read+0x10/0x10 [ 290.338245][ T8476] ksys_read+0x12a/0x250 [ 290.338297][ T8476] ? __pfx_ksys_read+0x10/0x10 [ 290.338363][ T8476] do_syscall_64+0x106/0xf80 [ 290.338402][ T8476] ? clear_bhb_loop+0x40/0x90 [ 290.338444][ T8476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.338478][ T8476] RIP: 0033:0x7f1d4b39c799 [ 290.338506][ T8476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 290.338538][ T8476] RSP: 002b:00007f1d4c33b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 290.338571][ T8476] RAX: ffffffffffffffda RBX: 00007f1d4b615fa0 RCX: 00007f1d4b39c799 [ 290.338593][ T8476] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 290.338613][ T8476] RBP: 00007f1d4b432c99 R08: 0000000000000000 R09: 0000000000000000 [ 290.338633][ T8476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 290.338652][ T8476] R13: 00007f1d4b616038 R14: 00007f1d4b615fa0 R15: 00007ffe22753728 [ 290.338697][ T8476] [ 290.744112][ T8476] zram: Error allocating disk structure for device 2 [ 293.604967][ T8525] FAULT_INJECTION: forcing a failure. [ 293.604967][ T8525] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 293.621860][ T8525] CPU: 0 UID: 0 PID: 8525 Comm: syz.0.607 Not tainted syzkaller #0 PREEMPT(full) [ 293.621892][ T8525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 293.621906][ T8525] Call Trace: [ 293.621914][ T8525] [ 293.621923][ T8525] dump_stack_lvl+0x100/0x190 [ 293.621964][ T8525] should_fail_ex.cold+0x5/0xa [ 293.621988][ T8525] ? prepare_alloc_pages+0x16d/0x5f0 [ 293.622018][ T8525] should_fail_alloc_page+0xeb/0x140 [ 293.622045][ T8525] prepare_alloc_pages+0x1f0/0x5f0 [ 293.622077][ T8525] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 293.622120][ T8525] ? __lock_acquire+0x4a5/0x2630 [ 293.622160][ T8525] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 293.622203][ T8525] ? do_raw_spin_lock+0x128/0x260 [ 293.622239][ T8525] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 293.622274][ T8525] ? find_held_lock+0x2b/0x80 [ 293.622304][ T8525] ? __lock_acquire+0x4a5/0x2630 [ 293.622334][ T8525] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 293.622375][ T8525] ? policy_nodemask+0xed/0x4f0 [ 293.622403][ T8525] alloc_pages_mpol+0x1fb/0x550 [ 293.622428][ T8525] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 293.622454][ T8525] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 293.622492][ T8525] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 293.622534][ T8525] folio_alloc_mpol_noprof+0x36/0x340 [ 293.622566][ T8525] shmem_alloc_folio+0x135/0x160 [ 293.622597][ T8525] shmem_alloc_and_add_folio+0x371/0xd40 [ 293.622642][ T8525] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 293.622699][ T8525] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 293.622762][ T8525] shmem_get_folio_gfp+0x6ab/0x1900 [ 293.622805][ T8525] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 293.622844][ T8525] ? filemap_map_pages+0xe69/0x2020 [ 293.622889][ T8525] shmem_fault+0x1f9/0xa20 [ 293.622924][ T8525] ? __lock_acquire+0x4a5/0x2630 [ 293.622954][ T8525] ? __pfx_shmem_fault+0x10/0x10 [ 293.622996][ T8525] ? __pfx_filemap_map_pages+0x10/0x10 [ 293.623039][ T8525] __do_fault+0x10d/0x550 [ 293.623065][ T8525] do_fault+0xabb/0x1990 [ 293.623097][ T8525] __handle_mm_fault+0x180f/0x2b60 [ 293.623133][ T8525] ? mt_find+0x45e/0x8e0 [ 293.623166][ T8525] ? __pfx___handle_mm_fault+0x10/0x10 [ 293.623197][ T8525] ? __pfx_mt_find+0x10/0x10 [ 293.623244][ T8525] ? find_vma+0xbf/0x140 [ 293.623265][ T8525] ? __pfx_find_vma+0x10/0x10 [ 293.623291][ T8525] handle_mm_fault+0x36d/0xa20 [ 293.623329][ T8525] do_user_addr_fault+0x74c/0x12f0 [ 293.623376][ T8525] exc_page_fault+0x6f/0xd0 [ 293.623406][ T8525] asm_exc_page_fault+0x26/0x30 [ 293.623429][ T8525] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 293.623468][ T8525] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 293.623491][ T8525] RSP: 0018:ffffc900047ffd30 EFLAGS: 00050206 [ 293.623510][ T8525] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000005b84 [ 293.623524][ T8525] RDX: 0000000000000001 RSI: 0000000000004000 RDI: ffffc90004a0207c [ 293.623538][ T8525] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff52000940f7f [ 293.623553][ T8525] R10: ffffc90004a07bff R11: 0000000000000000 R12: 0000000000000000 [ 293.623567][ T8525] R13: ffffc90004a00060 R14: 0000000000007ba0 R15: ffffc90004a00060 [ 293.623596][ T8525] _copy_from_user+0x98/0xd0 [ 293.623620][ T8525] bpf_prog_create_from_user+0x109/0x2f0 [ 293.623655][ T8525] ? __pfx_seccomp_check_filter+0x10/0x10 [ 293.623688][ T8525] do_seccomp+0x7f7/0x2740 [ 293.623731][ T8525] ? __pfx_do_seccomp+0x10/0x10 [ 293.623762][ T8525] ? __x64_sys_openat+0x12d/0x210 [ 293.623795][ T8525] ? xfd_validate_state+0x129/0x190 [ 293.623840][ T8525] do_syscall_64+0x106/0xf80 [ 293.623868][ T8525] ? clear_bhb_loop+0x40/0x90 [ 293.623897][ T8525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.623930][ T8525] RIP: 0033:0x7f020f39c799 [ 293.623949][ T8525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 293.623971][ T8525] RSP: 002b:00007f02101cf028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 293.623992][ T8525] RAX: ffffffffffffffda RBX: 00007f020f615fa0 RCX: 00007f020f39c799 [ 293.624007][ T8525] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 293.624022][ T8525] RBP: 00007f020f432c99 R08: 0000000000000000 R09: 0000000000000000 [ 293.624036][ T8525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.624049][ T8525] R13: 00007f020f616038 R14: 00007f020f615fa0 R15: 00007ffcdde4cc08 [ 293.624080][ T8525] [ 294.133230][ T8529] FAULT_INJECTION: forcing a failure. [ 294.133230][ T8529] name failslab, interval 1, probability 0, space 0, times 0 [ 294.146039][ T8529] CPU: 0 UID: 0 PID: 8529 Comm: syz.3.608 Not tainted syzkaller #0 PREEMPT(full) [ 294.146084][ T8529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 294.146104][ T8529] Call Trace: [ 294.146116][ T8529] [ 294.146128][ T8529] dump_stack_lvl+0x100/0x190 [ 294.146186][ T8529] should_fail_ex.cold+0x5/0xa [ 294.146228][ T8529] should_failslab+0xc2/0x120 [ 294.146264][ T8529] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 294.146317][ T8529] ? security_inode_alloc+0x3b/0x2c0 [ 294.146371][ T8529] ? lockdep_init_map_type+0x5c/0x250 [ 294.146422][ T8529] security_inode_alloc+0x3b/0x2c0 [ 294.146476][ T8529] inode_init_always_gfp+0xced/0x1040 [ 294.146518][ T8529] alloc_inode+0x8e/0x250 [ 294.146563][ T8529] new_inode+0x22/0x1c0 [ 294.146611][ T8529] bdev_alloc+0x2b/0x420 [ 294.146653][ T8529] ? bdi_init+0x3f4/0x5b0 [ 294.146685][ T8529] ? bdi_init+0x49f/0x5b0 [ 294.146722][ T8529] __alloc_disk_node+0x116/0x6b0 [ 294.146781][ T8529] __blk_alloc_disk+0xd2/0x170 [ 294.146834][ T8529] ? __pfx___blk_alloc_disk+0x10/0x10 [ 294.146911][ T8529] ? __pfx_idr_alloc+0x10/0x10 [ 294.146951][ T8529] ? lockdep_init_map_type+0x5c/0x250 [ 294.146998][ T8529] ? __raw_spin_lock_init+0x3a/0x110 [ 294.147054][ T8529] ? __pfx_hot_add_show+0x10/0x10 [ 294.147093][ T8529] zram_add+0x1bf/0x610 [ 294.147131][ T8529] ? __pfx_zram_add+0x10/0x10 [ 294.147196][ T8529] ? find_held_lock+0x2b/0x80 [ 294.147227][ T8529] ? sysfs_file_kobj+0xe4/0x290 [ 294.147275][ T8529] ? __pfx_hot_add_show+0x10/0x10 [ 294.147313][ T8529] hot_add_show+0x21/0x80 [ 294.147351][ T8529] class_attr_show+0x72/0xa0 [ 294.147408][ T8529] ? __pfx_class_attr_show+0x10/0x10 [ 294.147459][ T8529] sysfs_kf_seq_show+0x217/0x3a0 [ 294.147511][ T8529] seq_read_iter+0x32f/0x1270 [ 294.147583][ T8529] kernfs_fop_read_iter+0x46c/0x610 [ 294.147630][ T8529] ? rw_verify_area+0xce/0x6d0 [ 294.147680][ T8529] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 294.147722][ T8529] vfs_read+0x825/0xb30 [ 294.147781][ T8529] ? __pfx_vfs_read+0x10/0x10 [ 294.147864][ T8529] ksys_read+0x12a/0x250 [ 294.147918][ T8529] ? __pfx_ksys_read+0x10/0x10 [ 294.147985][ T8529] do_syscall_64+0x106/0xf80 [ 294.148027][ T8529] ? clear_bhb_loop+0x40/0x90 [ 294.148069][ T8529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.148105][ T8529] RIP: 0033:0x7fb18019c799 [ 294.148134][ T8529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 294.148167][ T8529] RSP: 002b:00007fb18102c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 294.148199][ T8529] RAX: ffffffffffffffda RBX: 00007fb180415fa0 RCX: 00007fb18019c799 [ 294.148221][ T8529] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 294.148242][ T8529] RBP: 00007fb180232c99 R08: 0000000000000000 R09: 0000000000000000 [ 294.148262][ T8529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 294.148281][ T8529] R13: 00007fb180416038 R14: 00007fb180415fa0 R15: 00007fffcd8e13c8 [ 294.148327][ T8529] [ 294.587713][ T8529] zram: Error allocating disk structure for device 2 [ 296.333922][ T8551] Invalid ELF header magic: != ELF [ 296.393917][ T8566] FAULT_INJECTION: forcing a failure. [ 296.393917][ T8566] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 296.407776][ T8566] CPU: 1 UID: 0 PID: 8566 Comm: syz.3.620 Not tainted syzkaller #0 PREEMPT(full) [ 296.407823][ T8566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 296.407843][ T8566] Call Trace: [ 296.407853][ T8566] [ 296.407865][ T8566] dump_stack_lvl+0x100/0x190 [ 296.407926][ T8566] should_fail_ex.cold+0x5/0xa [ 296.407964][ T8566] ? prepare_alloc_pages+0x16d/0x5f0 [ 296.408009][ T8566] should_fail_alloc_page+0xeb/0x140 [ 296.408036][ T8566] prepare_alloc_pages+0x1f0/0x5f0 [ 296.408068][ T8566] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 296.408112][ T8566] ? __lock_acquire+0x4a5/0x2630 [ 296.408151][ T8566] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 296.408191][ T8566] ? do_raw_spin_lock+0x128/0x260 [ 296.408226][ T8566] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 296.408262][ T8566] ? find_held_lock+0x2b/0x80 [ 296.408331][ T8566] ? __lock_acquire+0x4a5/0x2630 [ 296.408373][ T8566] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 296.408451][ T8566] ? policy_nodemask+0xed/0x4f0 [ 296.408488][ T8566] alloc_pages_mpol+0x1fb/0x550 [ 296.408526][ T8566] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 296.408562][ T8566] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 296.408617][ T8566] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 296.408677][ T8566] folio_alloc_mpol_noprof+0x36/0x340 [ 296.408721][ T8566] shmem_alloc_folio+0x135/0x160 [ 296.408766][ T8566] shmem_alloc_and_add_folio+0x371/0xd40 [ 296.408829][ T8566] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 296.408885][ T8566] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 296.408946][ T8566] shmem_get_folio_gfp+0x6ab/0x1900 [ 296.409018][ T8566] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 296.409074][ T8566] ? filemap_map_pages+0xe69/0x2020 [ 296.409132][ T8566] shmem_fault+0x1f9/0xa20 [ 296.409184][ T8566] ? __lock_acquire+0x4a5/0x2630 [ 296.409227][ T8566] ? __pfx_shmem_fault+0x10/0x10 [ 296.409286][ T8566] ? __pfx_filemap_map_pages+0x10/0x10 [ 296.409350][ T8566] __do_fault+0x10d/0x550 [ 296.409387][ T8566] do_fault+0xabb/0x1990 [ 296.409432][ T8566] __handle_mm_fault+0x180f/0x2b60 [ 296.409486][ T8566] ? mt_find+0x45e/0x8e0 [ 296.409533][ T8566] ? __pfx___handle_mm_fault+0x10/0x10 [ 296.409577][ T8566] ? __pfx_mt_find+0x10/0x10 [ 296.409645][ T8566] ? find_vma+0xbf/0x140 [ 296.409676][ T8566] ? __pfx_find_vma+0x10/0x10 [ 296.409713][ T8566] handle_mm_fault+0x36d/0xa20 [ 296.409767][ T8566] do_user_addr_fault+0x74c/0x12f0 [ 296.409835][ T8566] exc_page_fault+0x6f/0xd0 [ 296.409876][ T8566] asm_exc_page_fault+0x26/0x30 [ 296.409910][ T8566] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 296.409964][ T8566] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 296.409996][ T8566] RSP: 0018:ffffc90004a27d30 EFLAGS: 00050206 [ 296.410031][ T8566] RAX: 0000000000000001 RBX: 0000000000001fe4 RCX: 0000000000005b84 [ 296.410051][ T8566] RDX: 0000000000000001 RSI: 0000000000004000 RDI: ffffc90004b8a07c [ 296.410071][ T8566] RBP: 0000000000007ba0 R08: 0000000000000001 R09: fffff52000971f7f [ 296.410091][ T8566] R10: ffffc90004b8fbff R11: 0000000000000000 R12: 0000000000000000 [ 296.410111][ T8566] R13: ffffc90004b88060 R14: 0000000000007ba0 R15: ffffc90004b88060 [ 296.410153][ T8566] _copy_from_user+0x98/0xd0 [ 296.410195][ T8566] bpf_prog_create_from_user+0x109/0x2f0 [ 296.410245][ T8566] ? __pfx_seccomp_check_filter+0x10/0x10 [ 296.410293][ T8566] do_seccomp+0x7f7/0x2740 [ 296.410351][ T8566] ? __pfx_do_seccomp+0x10/0x10 [ 296.410395][ T8566] ? __x64_sys_openat+0x12d/0x210 [ 296.410441][ T8566] ? xfd_validate_state+0x129/0x190 [ 296.410504][ T8566] do_syscall_64+0x106/0xf80 [ 296.410544][ T8566] ? clear_bhb_loop+0x40/0x90 [ 296.410585][ T8566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.410620][ T8566] RIP: 0033:0x7fb18019c799 [ 296.410647][ T8566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 296.410679][ T8566] RSP: 002b:00007fb18102c028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 296.410709][ T8566] RAX: ffffffffffffffda RBX: 00007fb180415fa0 RCX: 00007fb18019c799 [ 296.410731][ T8566] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 296.410750][ T8566] RBP: 00007fb180232c99 R08: 0000000000000000 R09: 0000000000000000 [ 296.410770][ T8566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.410789][ T8566] R13: 00007fb180416038 R14: 00007fb180415fa0 R15: 00007fffcd8e13c8 [ 296.410834][ T8566] [ 300.752245][ T8615] NFSD: Failed to start, no listeners configured. [ 302.643162][ T7503] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 302.974931][ T7503] Bluetooth: hci2: unexpected event 0x32 length: 727 > 9 [ 303.661030][ T8662] netlink: 4 bytes leftover after parsing attributes in process `syz.4.642'. [ 304.678092][ T6849] Bluetooth: hci0: command 0x2016 tx timeout [ 306.125034][ T8707] netlink: 4 bytes leftover after parsing attributes in process `syz.3.656'. [ 306.840944][ T7503] Bluetooth: hci0: command 0x2016 tx timeout [ 308.487601][ T8748] FAULT_INJECTION: forcing a failure. [ 308.487601][ T8748] name failslab, interval 1, probability 0, space 0, times 0 [ 308.518306][ T8748] CPU: 1 UID: 0 PID: 8748 Comm: syz.4.666 Not tainted syzkaller #0 PREEMPT(full) [ 308.518349][ T8748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 308.518374][ T8748] Call Trace: [ 308.518385][ T8748] [ 308.518397][ T8748] dump_stack_lvl+0x100/0x190 [ 308.518462][ T8748] should_fail_ex.cold+0x5/0xa [ 308.518503][ T8748] ? memcg_list_lru_alloc+0x4ec/0x740 [ 308.518554][ T8748] should_failslab+0xc2/0x120 [ 308.518588][ T8748] __kmalloc_noprof+0xe0/0x850 [ 308.518638][ T8748] ? zram_add+0x1bf/0x610 [ 308.518680][ T8748] memcg_list_lru_alloc+0x4ec/0x740 [ 308.518743][ T8748] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 308.518793][ T8748] ? rcu_read_unlock+0x17/0x60 [ 308.518840][ T8748] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 308.518897][ T8748] __memcg_slab_post_alloc_hook+0x130/0x990 [ 308.518944][ T8748] ? kasan_save_track+0x14/0x30 [ 308.519006][ T8748] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 308.519057][ T8748] ? bdev_alloc_inode+0x26/0x90 [ 308.519094][ T8748] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 308.519127][ T8748] bdev_alloc_inode+0x26/0x90 [ 308.519158][ T8748] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 308.519186][ T8748] alloc_inode+0x68/0x250 [ 308.519232][ T8748] new_inode+0x22/0x1c0 [ 308.519280][ T8748] bdev_alloc+0x2b/0x420 [ 308.519312][ T8748] ? bdi_init+0x3f4/0x5b0 [ 308.519343][ T8748] ? bdi_init+0x49f/0x5b0 [ 308.519380][ T8748] __alloc_disk_node+0x116/0x6b0 [ 308.519445][ T8748] __blk_alloc_disk+0xd2/0x170 [ 308.519497][ T8748] ? __pfx___blk_alloc_disk+0x10/0x10 [ 308.519576][ T8748] ? __pfx_idr_alloc+0x10/0x10 [ 308.519615][ T8748] ? lockdep_init_map_type+0x5c/0x250 [ 308.519662][ T8748] ? __raw_spin_lock_init+0x3a/0x110 [ 308.519717][ T8748] ? __pfx_hot_add_show+0x10/0x10 [ 308.519754][ T8748] zram_add+0x1bf/0x610 [ 308.519790][ T8748] ? __pfx_zram_add+0x10/0x10 [ 308.519853][ T8748] ? find_held_lock+0x2b/0x80 [ 308.519883][ T8748] ? sysfs_file_kobj+0xe4/0x290 [ 308.519931][ T8748] ? __pfx_hot_add_show+0x10/0x10 [ 308.519971][ T8748] hot_add_show+0x21/0x80 [ 308.520009][ T8748] class_attr_show+0x72/0xa0 [ 308.520065][ T8748] ? __pfx_class_attr_show+0x10/0x10 [ 308.520116][ T8748] sysfs_kf_seq_show+0x217/0x3a0 [ 308.520185][ T8748] seq_read_iter+0x32f/0x1270 [ 308.520277][ T8748] kernfs_fop_read_iter+0x46c/0x610 [ 308.520315][ T8748] ? rw_verify_area+0xce/0x6d0 [ 308.520362][ T8748] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 308.520403][ T8748] vfs_read+0x825/0xb30 [ 308.520469][ T8748] ? __pfx_vfs_read+0x10/0x10 [ 308.520551][ T8748] ksys_read+0x12a/0x250 [ 308.520603][ T8748] ? __pfx_ksys_read+0x10/0x10 [ 308.520670][ T8748] do_syscall_64+0x106/0xf80 [ 308.520710][ T8748] ? clear_bhb_loop+0x40/0x90 [ 308.520753][ T8748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.520787][ T8748] RIP: 0033:0x7f1d4b39c799 [ 308.520814][ T8748] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 308.520847][ T8748] RSP: 002b:00007f1d4c33b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 308.520888][ T8748] RAX: ffffffffffffffda RBX: 00007f1d4b615fa0 RCX: 00007f1d4b39c799 [ 308.520910][ T8748] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 308.520931][ T8748] RBP: 00007f1d4b432c99 R08: 0000000000000000 R09: 0000000000000000 [ 308.520951][ T8748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.520971][ T8748] R13: 00007f1d4b616038 R14: 00007f1d4b615fa0 R15: 00007ffe22753728 [ 308.521018][ T8748] [ 309.178042][ T8748] zram: Error allocating disk structure for device 2 [ 315.761647][ T8863] FAULT_INJECTION: forcing a failure. [ 315.761647][ T8863] name failslab, interval 1, probability 0, space 0, times 0 [ 315.821476][ T8863] CPU: 1 UID: 0 PID: 8863 Comm: syz.3.693 Not tainted syzkaller #0 PREEMPT(full) [ 315.821519][ T8863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 315.821539][ T8863] Call Trace: [ 315.821549][ T8863] [ 315.821562][ T8863] dump_stack_lvl+0x100/0x190 [ 315.821617][ T8863] should_fail_ex.cold+0x5/0xa [ 315.821665][ T8863] should_failslab+0xc2/0x120 [ 315.821701][ T8863] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 315.821750][ T8863] ? __proc_create+0x2cb/0x8c0 [ 315.821812][ T8863] __proc_create+0x2cb/0x8c0 [ 315.821867][ T8863] ? __pfx___proc_create+0x10/0x10 [ 315.821920][ T8863] ? lockdep_hardirqs_on+0x78/0x100 [ 315.821963][ T8863] ? __mod_timer+0x40e/0xca0 [ 315.822007][ T8863] _proc_mkdir+0xb9/0x210 [ 315.822038][ T8863] ? __pfx__proc_mkdir+0x10/0x10 [ 315.822071][ T8863] ? round_jiffies+0x10a/0x160 [ 315.822112][ T8863] can_init_proc+0x5b/0x4b0 [ 315.822154][ T8863] can_pernet_init+0x1e4/0x370 [ 315.822192][ T8863] ? __pfx_can_pernet_init+0x10/0x10 [ 315.822233][ T8863] ops_init+0x1e2/0x5f0 [ 315.822269][ T8863] setup_net+0x118/0x3a0 [ 315.822302][ T8863] ? __pfx_setup_net+0x10/0x10 [ 315.822331][ T8863] ? lockdep_init_map_type+0x5c/0x250 [ 315.822364][ T8863] ? mutex_init_lockep+0x110/0x150 [ 315.822402][ T8863] copy_net_ns+0x46f/0x7c0 [ 315.822439][ T8863] create_new_namespaces+0x3ea/0xac0 [ 315.822471][ T8863] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 315.822502][ T8863] ksys_unshare+0x473/0xad0 [ 315.822534][ T8863] ? __pfx_ksys_unshare+0x10/0x10 [ 315.822575][ T8863] __x64_sys_unshare+0x31/0x40 [ 315.822605][ T8863] do_syscall_64+0x106/0xf80 [ 315.822633][ T8863] ? clear_bhb_loop+0x40/0x90 [ 315.822669][ T8863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.822693][ T8863] RIP: 0033:0x7fb18019c799 [ 315.822713][ T8863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 315.822735][ T8863] RSP: 002b:00007fb18102c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 315.822758][ T8863] RAX: ffffffffffffffda RBX: 00007fb180415fa0 RCX: 00007fb18019c799 [ 315.822773][ T8863] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 315.822787][ T8863] RBP: 00007fb180232c99 R08: 0000000000000000 R09: 0000000000000000 [ 315.822801][ T8863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 315.822816][ T8863] R13: 00007fb180416038 R14: 00007fb180415fa0 R15: 00007fffcd8e13c8 [ 315.822846][ T8863] [ 315.822915][ T8863] can: failed to create /proc/net/can . CONFIG_PROC_FS missing? [ 317.333250][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.339802][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.750158][ T8884] netlink: 4 bytes leftover after parsing attributes in process `syz.0.697'. [ 317.760045][ T8884] netlink: 354 bytes leftover after parsing attributes in process `syz.0.697'. [ 317.941221][ T8886] FAULT_INJECTION: forcing a failure. [ 317.941221][ T8886] name failslab, interval 1, probability 0, space 0, times 0 [ 317.987932][ T8886] CPU: 1 UID: 0 PID: 8886 Comm: syz.0.699 Not tainted syzkaller #0 PREEMPT(full) [ 317.987975][ T8886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 317.987994][ T8886] Call Trace: [ 317.988005][ T8886] [ 317.988017][ T8886] dump_stack_lvl+0x100/0x190 [ 317.988071][ T8886] should_fail_ex.cold+0x5/0xa [ 317.988108][ T8886] should_failslab+0xc2/0x120 [ 317.988144][ T8886] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 317.988196][ T8886] ? bdev_alloc_inode+0x26/0x90 [ 317.988233][ T8886] ? __pfx___debug_object_init+0x10/0x10 [ 317.988286][ T8886] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 317.988319][ T8886] bdev_alloc_inode+0x26/0x90 [ 317.988349][ T8886] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 317.988394][ T8886] alloc_inode+0x68/0x250 [ 317.988438][ T8886] new_inode+0x22/0x1c0 [ 317.988484][ T8886] bdev_alloc+0x2b/0x420 [ 317.988515][ T8886] ? bdi_init+0x3f4/0x5b0 [ 317.988546][ T8886] ? bdi_init+0x49f/0x5b0 [ 317.988583][ T8886] __alloc_disk_node+0x116/0x6b0 [ 317.988643][ T8886] __blk_alloc_disk+0xd2/0x170 [ 317.988679][ T8886] ? __pfx___blk_alloc_disk+0x10/0x10 [ 317.988733][ T8886] ? __pfx_idr_alloc+0x10/0x10 [ 317.988760][ T8886] ? lockdep_init_map_type+0x5c/0x250 [ 317.988793][ T8886] ? __raw_spin_lock_init+0x3a/0x110 [ 317.988831][ T8886] ? __pfx_hot_add_show+0x10/0x10 [ 317.988858][ T8886] zram_add+0x1bf/0x610 [ 317.988883][ T8886] ? __pfx_zram_add+0x10/0x10 [ 317.988928][ T8886] ? find_held_lock+0x2b/0x80 [ 317.988950][ T8886] ? sysfs_file_kobj+0xe4/0x290 [ 317.988990][ T8886] ? __pfx_hot_add_show+0x10/0x10 [ 317.989018][ T8886] hot_add_show+0x21/0x80 [ 317.989045][ T8886] class_attr_show+0x72/0xa0 [ 317.989085][ T8886] ? __pfx_class_attr_show+0x10/0x10 [ 317.989124][ T8886] sysfs_kf_seq_show+0x217/0x3a0 [ 317.989160][ T8886] seq_read_iter+0x32f/0x1270 [ 317.989210][ T8886] kernfs_fop_read_iter+0x46c/0x610 [ 317.989237][ T8886] ? rw_verify_area+0xce/0x6d0 [ 317.989272][ T8886] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 317.989300][ T8886] vfs_read+0x825/0xb30 [ 317.989341][ T8886] ? __pfx_vfs_read+0x10/0x10 [ 317.989398][ T8886] ksys_read+0x12a/0x250 [ 317.989436][ T8886] ? __pfx_ksys_read+0x10/0x10 [ 317.989483][ T8886] do_syscall_64+0x106/0xf80 [ 317.989511][ T8886] ? clear_bhb_loop+0x40/0x90 [ 317.989540][ T8886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.989565][ T8886] RIP: 0033:0x7f020f39c799 [ 317.989584][ T8886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 317.989613][ T8886] RSP: 002b:00007f02101cf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 317.989636][ T8886] RAX: ffffffffffffffda RBX: 00007f020f615fa0 RCX: 00007f020f39c799 [ 317.989652][ T8886] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 317.989666][ T8886] RBP: 00007f020f432c99 R08: 0000000000000000 R09: 0000000000000000 [ 317.989681][ T8886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.989694][ T8886] R13: 00007f020f616038 R14: 00007f020f615fa0 R15: 00007ffcdde4cc08 [ 317.989726][ T8886] [ 318.864203][ T8886] zram: Error allocating disk structure for device 2 [ 323.181760][ T8941] FAULT_INJECTION: forcing a failure. [ 323.181760][ T8941] name failslab, interval 1, probability 0, space 0, times 0 [ 323.202992][ T8941] CPU: 1 UID: 0 PID: 8941 Comm: syz.1.710 Not tainted syzkaller #0 PREEMPT(full) [ 323.203035][ T8941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 323.203054][ T8941] Call Trace: [ 323.203063][ T8941] [ 323.203075][ T8941] dump_stack_lvl+0x100/0x190 [ 323.203142][ T8941] should_fail_ex.cold+0x5/0xa [ 323.203181][ T8941] should_failslab+0xc2/0x120 [ 323.203217][ T8941] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 323.203268][ T8941] ? security_inode_alloc+0x3b/0x2c0 [ 323.203320][ T8941] ? lockdep_init_map_type+0x5c/0x250 [ 323.203372][ T8941] security_inode_alloc+0x3b/0x2c0 [ 323.203438][ T8941] inode_init_always_gfp+0xced/0x1040 [ 323.203478][ T8941] alloc_inode+0x8e/0x250 [ 323.203522][ T8941] iget_locked+0x1d9/0x6d0 [ 323.203568][ T8941] ? __pfx_iget_locked+0x10/0x10 [ 323.203609][ T8941] ? kernfs_root+0xee/0x2a0 [ 323.203652][ T8941] ? kernfs_root+0xee/0x2a0 [ 323.203707][ T8941] kernfs_get_inode+0x46/0x470 [ 323.203755][ T8941] kernfs_iop_lookup+0x1a7/0x2d0 [ 323.203809][ T8941] __lookup_slow+0x251/0x460 [ 323.203853][ T8941] ? __pfx___lookup_slow+0x10/0x10 [ 323.203917][ T8941] ? __d_lookup+0x266/0x4a0 [ 323.203974][ T8941] lookup_slow+0x50/0x70 [ 323.204018][ T8941] link_path_walk+0x1377/0x1cc0 [ 323.204082][ T8941] path_openat+0x1be/0x31a0 [ 323.204123][ T8941] ? kasan_save_stack+0x3f/0x50 [ 323.204193][ T8941] ? kasan_save_stack+0x30/0x50 [ 323.204245][ T8941] ? kasan_save_track+0x14/0x30 [ 323.204297][ T8941] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 323.204360][ T8941] ? __pfx_path_openat+0x10/0x10 [ 323.204412][ T8941] do_file_open+0x20e/0x430 [ 323.204451][ T8941] ? __pfx_do_file_open+0x10/0x10 [ 323.204526][ T8941] ? alloc_fd+0x476/0x790 [ 323.204562][ T8941] ? do_getname+0x191/0x390 [ 323.204606][ T8941] do_sys_openat2+0x10d/0x1e0 [ 323.204648][ T8941] ? __pfx_do_sys_openat2+0x10/0x10 [ 323.204707][ T8941] __x64_sys_openat+0x12d/0x210 [ 323.204753][ T8941] ? __pfx___x64_sys_openat+0x10/0x10 [ 323.204815][ T8941] do_syscall_64+0x106/0xf80 [ 323.204856][ T8941] ? clear_bhb_loop+0x40/0x90 [ 323.204896][ T8941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.204930][ T8941] RIP: 0033:0x7fac0499c799 [ 323.204957][ T8941] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 323.204987][ T8941] RSP: 002b:00007fac05940028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 323.205018][ T8941] RAX: ffffffffffffffda RBX: 00007fac04c15fa0 RCX: 00007fac0499c799 [ 323.205039][ T8941] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 323.205059][ T8941] RBP: 00007fac04a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 323.205078][ T8941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.205105][ T8941] R13: 00007fac04c16038 R14: 00007fac04c15fa0 R15: 00007fffd7956118 [ 323.205154][ T8941] [ 325.176750][ T8962] FAULT_INJECTION: forcing a failure. [ 325.176750][ T8962] name failslab, interval 1, probability 0, space 0, times 0 [ 325.238116][ T8962] CPU: 1 UID: 0 PID: 8962 Comm: syz.0.723 Not tainted syzkaller #0 PREEMPT(full) [ 325.238159][ T8962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 325.238179][ T8962] Call Trace: [ 325.238189][ T8962] [ 325.238201][ T8962] dump_stack_lvl+0x100/0x190 [ 325.238258][ T8962] should_fail_ex.cold+0x5/0xa [ 325.238307][ T8962] ? __netlink_kernel_create+0x181/0x750 [ 325.238352][ T8962] should_failslab+0xc2/0x120 [ 325.238387][ T8962] __kmalloc_noprof+0xe0/0x850 [ 325.238447][ T8962] __netlink_kernel_create+0x181/0x750 [ 325.238495][ T8962] ? __pfx___netlink_kernel_create+0x10/0x10 [ 325.238552][ T8962] uevent_net_init+0xf8/0x330 [ 325.238605][ T8962] ? __pfx_uevent_net_init+0x10/0x10 [ 325.238659][ T8962] ? __pfx_uevent_net_rcv+0x10/0x10 [ 325.238711][ T8962] ? __kmalloc_noprof+0x320/0x850 [ 325.238769][ T8962] ? __pfx_uevent_net_init+0x10/0x10 [ 325.238818][ T8962] ops_init+0x1e2/0x5f0 [ 325.238866][ T8962] setup_net+0x118/0x3a0 [ 325.238911][ T8962] ? __pfx_setup_net+0x10/0x10 [ 325.238952][ T8962] ? lockdep_init_map_type+0x5c/0x250 [ 325.238998][ T8962] ? mutex_init_lockep+0x110/0x150 [ 325.239050][ T8962] copy_net_ns+0x46f/0x7c0 [ 325.239101][ T8962] create_new_namespaces+0x3ea/0xac0 [ 325.239148][ T8962] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 325.239187][ T8962] ksys_unshare+0x473/0xad0 [ 325.239232][ T8962] ? __pfx_ksys_unshare+0x10/0x10 [ 325.239290][ T8962] __x64_sys_unshare+0x31/0x40 [ 325.239341][ T8962] do_syscall_64+0x106/0xf80 [ 325.239382][ T8962] ? clear_bhb_loop+0x40/0x90 [ 325.239424][ T8962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.239458][ T8962] RIP: 0033:0x7f020f39c799 [ 325.239485][ T8962] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 325.239517][ T8962] RSP: 002b:00007f02101cf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 325.239549][ T8962] RAX: ffffffffffffffda RBX: 00007f020f615fa0 RCX: 00007f020f39c799 [ 325.239570][ T8962] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 325.239590][ T8962] RBP: 00007f020f432c99 R08: 0000000000000000 R09: 0000000000000000 [ 325.239621][ T8962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.239640][ T8962] R13: 00007f020f616038 R14: 00007f020f615fa0 R15: 00007ffcdde4cc08 [ 325.239682][ T8962] [ 325.239786][ T8962] kobject_uevent: unable to create netlink socket! [ 331.113355][ T7503] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 331.121817][ T7503] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 331.130805][ T7503] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 331.140745][ T7503] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 331.149747][ T7503] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 331.338963][ T8969] chnl_net:caif_netlink_parms(): no params data found [ 331.663955][ T8969] bridge0: port 1(bridge_slave_0) entered blocking state [ 331.688047][ T8969] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.695370][ T8969] bridge_slave_0: entered allmulticast mode [ 331.752775][ T8969] bridge_slave_0: entered promiscuous mode [ 331.780582][ T8969] bridge0: port 2(bridge_slave_1) entered blocking state [ 331.794571][ T8969] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.808227][ T8969] bridge_slave_1: entered allmulticast mode [ 331.830708][ T8969] bridge_slave_1: entered promiscuous mode [ 331.938917][ T8969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 331.951953][ T8969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 332.060304][ T8969] team0: Port device team_slave_0 added [ 332.069772][ T8969] team0: Port device team_slave_1 added [ 332.130684][ T8969] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 332.137685][ T8969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 332.171702][ T8969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 332.198669][ T8969] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 332.205698][ T8969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 332.258008][ T8969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 332.428484][ T8969] hsr_slave_0: entered promiscuous mode [ 332.435282][ T8969] hsr_slave_1: entered promiscuous mode [ 332.443829][ T8969] debugfs: 'hsr0' already exists in 'hsr' [ 332.452852][ T8969] Cannot create hsr debugfs directory [ 332.637687][ T8969] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 332.649904][ T8969] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 332.660847][ T8969] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 332.674796][ T8969] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 332.801286][ T8969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 332.828982][ T8969] 8021q: adding VLAN 0 to HW filter on device team0 [ 332.843327][ T6875] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.850533][ T6875] bridge0: port 1(bridge_slave_0) entered forwarding state [ 332.885955][ T6846] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.893210][ T6846] bridge0: port 2(bridge_slave_1) entered forwarding state [ 332.983574][ T8969] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 333.240203][ T6849] Bluetooth: hci3: command tx timeout [ 333.293861][ T8969] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 333.319362][ T30] INFO: task kworker/u10:4:6857 blocked for more than 143 seconds. [ 333.327349][ T30] Not tainted syzkaller #0 [ 333.332644][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 333.341938][ T30] task:kworker/u10:4 state:D stack:26888 pid:6857 tgid:6857 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 333.368059][ T30] Workqueue: netns cleanup_net [ 333.372944][ T30] Call Trace: [ 333.376262][ T30] [ 333.389371][ T30] __schedule+0xfee/0x6120 [ 333.393881][ T30] ? __lock_acquire+0x4a5/0x2630 [ 333.408330][ T30] ? __pfx___schedule+0x10/0x10 [ 333.418120][ T30] ? find_held_lock+0x2b/0x80 [ 333.422897][ T30] ? schedule+0x2bf/0x390 [ 333.427311][ T30] schedule+0xdd/0x390 [ 333.447964][ T30] schedule_timeout+0x1b2/0x280 [ 333.452936][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 333.468037][ T30] ? mark_held_locks+0x40/0x70 [ 333.472915][ T30] __wait_for_common+0x2e7/0x4c0 [ 333.487972][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 333.494525][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 333.518258][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 333.523562][ T30] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 333.585763][ T30] __flush_workqueue+0x3f7/0x1200 [ 333.618048][ T30] ? __lock_acquire+0x4a5/0x2630 [ 333.623115][ T30] ? __lock_acquire+0x4a5/0x2630 [ 333.658062][ T30] ? __pfx___flush_workqueue+0x10/0x10 [ 333.663640][ T30] ? reacquire_held_locks+0xce/0x1e0 [ 333.707967][ T30] ? __pfx_sock_def_readable+0x10/0x10 [ 333.713549][ T30] ? __pfx_sock_def_readable+0x10/0x10 [ 333.738049][ T30] rds_tcp_listen_stop+0x104/0x160 [ 333.743312][ T30] rds_tcp_exit_net+0xe0/0x870 [ 333.773519][ T30] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 333.788235][ T30] ? __pfx___might_resched+0x10/0x10 [ 333.793632][ T30] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 333.807929][ T30] ops_undo_list+0x2ee/0xab0 [ 333.812626][ T30] ? __pfx_ops_undo_list+0x10/0x10 [ 333.828295][ T30] ? cleanup_net+0x332/0x920 [ 333.832990][ T30] ? idr_destroy+0x62/0x2e0 [ 333.837586][ T30] cleanup_net+0x499/0x920 [ 333.869718][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 333.874786][ T30] ? rcu_is_watching+0x12/0xc0 [ 333.907867][ T30] process_one_work+0x9d7/0x1920 [ 333.912938][ T30] ? __pfx_process_one_work+0x10/0x10 [ 333.937958][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 333.943009][ T30] worker_thread+0x5da/0xe40 [ 333.947685][ T30] ? __pfx_worker_thread+0x10/0x10 [ 333.977907][ T30] ? kthread+0x13a/0x450 [ 333.982260][ T30] ? __pfx_worker_thread+0x10/0x10 [ 333.987445][ T30] kthread+0x370/0x450 [ 334.017871][ T30] ? __pfx_kthread+0x10/0x10 [ 334.022576][ T30] ret_from_fork+0x754/0xd80 [ 334.027247][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 334.047950][ T30] ? rcu_is_watching+0x12/0xc0 [ 334.052869][ T30] ? __switch_to+0x7b4/0x1120 [ 334.057603][ T30] ? __pfx_kthread+0x10/0x10 [ 334.087968][ T30] ret_from_fork_asm+0x1a/0x30 [ 334.092868][ T30] [ 334.097918][ T30] [ 334.097918][ T30] Showing all locks held in the system: [ 334.107171][ T30] 1 lock held by khungtaskd/30: [ 334.147876][ T30] #0: ffffffff8e7e7460 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 334.177960][ T30] 3 locks held by kworker/0:2/1209: [ 334.183241][ T30] #0: ffff88813fe63148 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 334.227972][ T30] #1: ffffc90004ddfd08 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 334.257848][ T30] #2: ffffffff8e7f3078 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 334.278304][ T30] 2 locks held by getty/5583: [ 334.283057][ T30] #0: ffff8880377db0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 334.309211][ T30] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 334.337944][ T30] 1 lock held by syz-executor/5818: [ 334.343231][ T30] 1 lock held by syz-executor/5823: [ 334.358036][ T30] #0: ffffffff8e7f3078 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 334.377904][ T30] 3 locks held by kworker/1:4/5875: [ 334.383193][ T30] #0: ffff88813fe63148 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 334.407966][ T30] #1: ffffc900041a7d08 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 334.439093][ T30] #2: ffff888021b8f240 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x1b8/0x63b0 [ 334.456577][ T30] 3 locks held by kworker/u10:4/6857: [ 334.468151][ T30] #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 334.488139][ T30] #1: ffffc9000483fd08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 334.510942][ T30] #2: ffffffff905fac50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 [ 334.521935][ T30] 3 locks held by kworker/u10:5/6875: [ 334.527412][ T30] 1 lock held by syz.2.435/7796: [ 334.532885][ T30] #0: ffffffff905fac50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 334.543817][ T30] 4 locks held by syz-executor/8009: [ 334.549489][ T30] #0: ffff88802928cec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0 [ 334.559648][ T30] #1: ffff88802928c0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240 [ 334.569820][ T30] #2: ffffffff908ab708 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280 [ 334.580165][ T30] #3: ffff88803e8f6af8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x770 [ 334.589726][ T30] 1 lock held by syz.3.693/8863: [ 334.594709][ T30] #0: ffffffff905fac50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 334.604494][ T30] [ 334.626642][ T30] ============================================= [ 334.626642][ T30] [ 334.686718][ T30] NMI backtrace for cpu 1 [ 334.686742][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 334.686777][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 334.686795][ T30] Call Trace: [ 334.686805][ T30] [ 334.686816][ T30] dump_stack_lvl+0x100/0x190 [ 334.686868][ T30] nmi_cpu_backtrace.cold+0x12d/0x151 [ 334.686919][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 334.686966][ T30] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 334.687022][ T30] sys_info+0x141/0x190 [ 334.687066][ T30] watchdog+0xd25/0x1050 [ 334.687106][ T30] ? __pfx_watchdog+0x10/0x10 [ 334.687137][ T30] ? __kthread_parkme+0x18c/0x230 [ 334.687176][ T30] ? kthread+0x13a/0x450 [ 334.687215][ T30] ? __pfx_watchdog+0x10/0x10 [ 334.687243][ T30] kthread+0x370/0x450 [ 334.687282][ T30] ? __pfx_kthread+0x10/0x10 [ 334.687326][ T30] ret_from_fork+0x754/0xd80 [ 334.687376][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 334.687432][ T30] ? __switch_to+0x7b4/0x1120 [ 334.687479][ T30] ? __pfx_kthread+0x10/0x10 [ 334.687523][ T30] ret_from_fork_asm+0x1a/0x30 [ 334.687577][ T30] [ 334.687588][ T30] Sending NMI from CPU 1 to CPUs 0: [ 334.812786][ C0] NMI backtrace for cpu 0 [ 334.812806][ C0] CPU: 0 UID: 0 PID: 8969 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 334.812837][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 334.812852][ C0] RIP: 0010:rcu_is_watching+0x0/0xc0 [ 334.812897][ C0] Code: 3a ff ff ff 48 89 df e8 9e e5 86 00 eb 81 e8 c7 e5 86 00 e9 49 ff ff ff 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 53 65 ff 05 13 76 20 12 e8 be 4a a0 09 48 c7 c3 a8 [ 334.812921][ C0] RSP: 0018:ffffc900031d7660 EFLAGS: 00000202 [ 334.812941][ C0] RAX: 0000000000000001 RBX: ffffc900031d7a80 RCX: ffffffff917f3101 [ 334.812964][ C0] RDX: ffffc900031d7a88 RSI: 0000000000000001 RDI: ffffc900031d76e8 [ 334.812980][ C0] RBP: 0000000000000001 R08: ffffffff917f31d2 R09: 0000000000000007 [ 334.812995][ C0] R10: 0000000000000200 R11: 0000000000010816 R12: ffffc900031d7728 [ 334.813011][ C0] R13: ffffc900031d76d8 R14: ffffc900031d7a80 R15: ffffc900031d770c [ 334.813029][ C0] FS: 0000000000000000(0000) GS:ffff88812434d000(0000) knlGS:0000000000000000 [ 334.813052][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 334.813069][ C0] CR2: 0000556cb2cc2040 CR3: 000000000e598000 CR4: 00000000003526f0 [ 334.813085][ C0] Call Trace: [ 334.813092][ C0] [ 334.813100][ C0] unwind_next_frame+0x745/0x1ea0 [ 334.813127][ C0] ? kcov_close+0x34/0x60 [ 334.813169][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 334.813195][ C0] arch_stack_walk+0x94/0xf0 [ 334.813222][ C0] ? __fput+0x3ff/0xb40 [ 334.813253][ C0] stack_trace_save+0x8e/0xc0 [ 334.813276][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 334.813301][ C0] ? __lock_acquire+0x4a5/0x2630 [ 334.813335][ C0] save_stack+0x162/0x1e0 [ 334.813373][ C0] ? __pfx_save_stack+0x10/0x10 [ 334.813411][ C0] ? __free_frozen_pages+0x7e1/0x10d0 [ 334.813443][ C0] ? vfree.part.0+0x12b/0x9d0 [ 334.813471][ C0] ? vfree+0x55/0x80 [ 334.813496][ C0] ? kcov_close+0x34/0x60 [ 334.813538][ C0] ? page_ext_put+0x3e/0xd0 [ 334.813581][ C0] __reset_page_owner+0x84/0x190 [ 334.813606][ C0] __free_frozen_pages+0x7e1/0x10d0 [ 334.813643][ C0] vfree.part.0+0x12b/0x9d0 [ 334.813670][ C0] ? __pfx___might_resched+0x10/0x10 [ 334.813708][ C0] ? __pfx_kcov_close+0x10/0x10 [ 334.813746][ C0] ? rcu_is_watching+0x12/0xc0 [ 334.813783][ C0] ? __pfx_kcov_close+0x10/0x10 [ 334.813823][ C0] vfree+0x55/0x80 [ 334.813848][ C0] kcov_close+0x34/0x60 [ 334.813886][ C0] __fput+0x3ff/0xb40 [ 334.813915][ C0] ? cleanup_mnt+0x263/0x450 [ 334.813962][ C0] task_work_run+0x150/0x240 [ 334.813998][ C0] ? __pfx_task_work_run+0x10/0x10 [ 334.814039][ C0] do_exit+0x8b8/0x2b60 [ 334.814073][ C0] ? __pfx_do_exit+0x10/0x10 [ 334.814105][ C0] ? do_raw_spin_lock+0x128/0x260 [ 334.814141][ C0] ? find_held_lock+0x2b/0x80 [ 334.814163][ C0] ? get_signal+0x7e0/0x21e0 [ 334.814190][ C0] do_group_exit+0xd5/0x2a0 [ 334.814224][ C0] get_signal+0x1ec7/0x21e0 [ 334.814247][ C0] ? sock_do_ioctl+0x1d4/0x280 [ 334.814289][ C0] ? __pfx_get_signal+0x10/0x10 [ 334.814312][ C0] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 334.814353][ C0] arch_do_signal_or_restart+0x91/0x770 [ 334.814385][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 334.814421][ C0] ? __pfx___sys_socket+0x10/0x10 [ 334.814448][ C0] exit_to_user_mode_loop+0x86/0x4a0 [ 334.814484][ C0] do_syscall_64+0x668/0xf80 [ 334.814514][ C0] ? clear_bhb_loop+0x40/0x90 [ 334.814544][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.814569][ C0] RIP: 0033:0x7f4bfa99c42b [ 334.814587][ C0] Code: Unable to access opcode bytes at 0x7f4bfa99c401. [ 334.814598][ C0] RSP: 002b:00007ffde09d7c60 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 334.814620][ C0] RAX: ffffffffffffffed RBX: 0000000000000005 RCX: 00007f4bfa99c42b [ 334.814636][ C0] RDX: 00007ffde09d7cc0 RSI: 0000000000008933 RDI: 0000000000000005 [ 334.814652][ C0] RBP: 0000000000000003 R08: 0000000000000000 R09: 00000000fffffff9 [ 334.814666][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffde09d7d40 [ 334.814681][ C0] R13: 00007ffde09d7e30 R14: 00007f4bfb744620 R15: 00007ffde09d7e30 [ 334.814707][ C0] [ 335.236823][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 335.243756][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 335.252929][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 335.263047][ T30] Call Trace: [ 335.266370][ T30] [ 335.269358][ T30] dump_stack_lvl+0x100/0x190 [ 335.274121][ T30] vpanic+0x552/0x970 [ 335.278185][ T30] ? __pfx_vpanic+0x10/0x10 [ 335.282736][ T30] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 335.288962][ T30] panic+0xd1/0xe0 [ 335.292735][ T30] ? __pfx_panic+0x10/0x10 [ 335.297192][ T30] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 335.303403][ T30] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 335.309615][ T30] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 335.315817][ T30] ? watchdog.cold+0x198/0x1ca [ 335.320617][ T30] ? watchdog+0xd35/0x1050 [ 335.325070][ T30] watchdog.cold+0x1a9/0x1ca [ 335.329706][ T30] ? __pfx_watchdog+0x10/0x10 [ 335.334443][ T30] ? __kthread_parkme+0x18c/0x230 [ 335.339523][ T30] ? kthread+0x13a/0x450 [ 335.343822][ T30] ? __pfx_watchdog+0x10/0x10 [ 335.348531][ T30] kthread+0x370/0x450 [ 335.352653][ T30] ? __pfx_kthread+0x10/0x10 [ 335.357299][ T30] ret_from_fork+0x754/0xd80 [ 335.361948][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 335.367113][ T30] ? __switch_to+0x7b4/0x1120 [ 335.371833][ T30] ? __pfx_kthread+0x10/0x10 [ 335.376478][ T30] ret_from_fork_asm+0x1a/0x30 [ 335.381297][ T30] [ 335.384948][ T30] Kernel Offset: disabled [ 335.389295][ T30] Rebooting in 86400 seconds..