last executing test programs: 10m22.950207042s ago: executing program 3 (id=3319): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) r0 = openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) pread64$auto(r0, 0x0, 0x1, 0x1ff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r2) sendmsg$auto_NL80211_CMD_SET_BSS(r2, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x20000800) socket(0x10, 0x3, 0x6) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) mknod$auto(0x0, 0xc9, 0xfffffffa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto_SNDCTL_DSP_MAPINBUF(r1, 0x80105013, 0x0) write$auto(0x3, 0x0, 0x100082) sendfile$auto(r4, r3, 0x0, 0x10000) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, 0x0, 0x4c8d0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mremap$auto(0x1ff000, 0x100008, 0x843, 0x3, 0xfffff000) 10m20.884869128s ago: executing program 3 (id=3325): unshare$auto(0x40000080) modify_ldt$auto(0x1, 0x0, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x40000, 0x0) mmap$auto(0x0, 0xf40, 0xe1, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) pread64$auto(r0, 0x0, 0x40000000f42c, 0x80202) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f00000000c0), 0x38240, 0x0) socket(0xa, 0x2, 0x73) msync$auto(0x200000, 0x2000000005, 0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) io_uring_setup$auto(0x50b, 0x0) setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9) 10m19.348780057s ago: executing program 3 (id=3329): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x1, 0x0) r2 = getsockopt$auto(0x4, 0x6, 0x1b, 0xfffffffffffffffc, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), r3) sendmsg$auto_OVS_VPORT_CMD_SET(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r4, @ANYBLOB="010025bd7000ffdbdf2504000000a60004800e1581cff30f40a3296ba72c40d037005108b1148f5596ab940a0766ae1bab4356f52efd0fcc2c569d195a5850968cbbf2698a0564727ff4e836986ff6c8813c9e028870ef6ed836f430eccd2ae04793d43e1080b59e8c6190d5f3af453061ce0d6aa9e80fb2c65cb5bd341df6dbbab9fd8a44052190c125acbf64d4d02ca35e77ea0911079b546c88e962f0655e9016310dc32dd91a7ba62b5c8d30ed9acf5b6258000008000800", @ANYRES32=0x0, @ANYBLOB="48ffe364c86482999dfb60dd9996ee4b00ccd5fd6fa22e6fabffb3d5c2d17bd7f246e602cd6212d5b793ebd5678edef5d75e6cbf501f27d471aad02ddb17aa9d8d40a4ab96ecb0d9eb45a747b3858f4c2272f5fe8da9e9b1b3554658dd53090e4e7686169a115ca2cfb021fe9b2707713b08dc36b2178491461bf532c6cfa3f2837ade872954986a250bdf4867ed55e5cc63ecb7b54b89eaa72afbf055d9b979cefd8a5f973645fce65a506ea3f717b0d277af8e6176796d40655e4b7816361decd42b3699ecaaee939bf3fae57e14b293f1136da548d939dcaddeb312499cb3ee081a19236ea9488f26751393094d99e3c72aba28395e76cc66baacc31f3c229674043bf9ce577aa3708eba8869a24533140a3c67efe3e587324ca21f6d8fc833a7c2eab5df7dcbb1d9922e971c0ddcb49532edaec0185913a52dcf8ca4d689ce5af16c5fb5fa653b90849e5b72fd2a89be8cb43ad4c79db329daddadb984867571cc50f24b8df501d028dd2d94c00aeaba083cd379d7ebcf752bbc458fff47df0387af91e6596f42c7ce918f60"], 0xc4}}, 0x10) r5 = open(&(0x7f0000000140)='./file0\x00', 0x123040, 0x1d4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000f40)={'wg1\x00'}) io_uring_register$auto(0xffffffffffffffff, 0x8, 0x0, 0x0) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r1) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYRES8, @ANYRES64=0x0, @ANYBLOB="00012abd7000901af84a65b64e9a0800070008000000060001004b000000"], 0x24}}, 0x20000000) r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_clone(0x80000980, 0x0, 0x0, 0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000001a80)={'wg2\x00'}) write$auto(r6, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xb) unshare$auto(0x40000080) r8 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r8, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000000006, 0xffffffffffffffff, r5, 0x8) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 10m17.138371453s ago: executing program 3 (id=3334): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x15, 0x5, 0x0) semget$auto(0x7, 0x8, 0x7fff) r1 = gettid() mkdir$auto(0x0, 0x8001) open(0x0, 0x0, 0x0) mremap$auto(0x5, 0x3, 0x3fda, 0x8, 0x7fffffffb000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/0000:00:03.0/subsystem_vendor\x00', 0x28200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) write$auto(r2, &(0x7f0000001380)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xfc\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\r&\xec\xb8\xb1Z\\\xc9L\xb2\t\xddbH|\xffGP\x97)\xb9:nqn\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc$\xa0\xa5\xce\xca\xe1P\xf7\xe5_\xca\xd5\xd8\xa4g_\xb1\x88\x8cAJS\x11\x8b\xd1%a\xe5DPk\x8c\xf9\xfb\xe0+\xdb\x12\x10.F\x00\xc37\xc7\xbf\x80\xbeu\xe1V\xb2\xc5\xc9\x1a\xc7\xdc}!\x10\xb1\",1%\x0e\xeb\x15\x15me\xe1a\x03\x18{\xb03+\x93*vB\xc6\xf1\xc6\xff\xbbt\x04!\xb6\v\xde2\xc9\x89#\xbaR\xee\x13jF%\xf2\x15\x9a\x82&\x89o\xa9\xd9\xbfFY\x90\x8c\xa0\xe4\x9d\xa2\xcd\x9a\xb5TC\xc4\x9d\x9ePb]\xaa\xc7f\x06N\xc5\xfa{\x02Y\xae\xf4(\xaa\x06);{?\x1e\fu\x19b\xdf$,\x01\"\x94\x00\x00\x00\x00\x003\xcfZ\xaf~<\xba\xb7\xa03\x8c\n*krS\x19Q#\x8f\xfbW\xad\xe0\xb3o\xcb\xf7\xda\x87C\x99\x1a\xa8\xc1\xe3\xc6%\xac\x01@*\xa0\xc4\xedn-lT\xe6*?\'\x9dW=\xa7\x03\x06\x83 IT\xa3\x7ff\xb6\x95\xe5\xd2\n\xaf\x87`\xce%\xf6 &\xa7M5I\x9c\x17h\x8c\xa4\x98\x16\xe0\xd9?Y\x7f\xf6\x85_{\xfd9p$B9_\xd8\xf4\x0e\xd0\xfa\xe7\xb0\xb8\xa0\xd7\a\xff.\"\x81\b\xb0\xb4\x84\xac\xad\x1b\x93~_\xea\xfe7\x03\"\xd9\x1d.\xe5{bHX\x14\xa1\bO\x03[^\x85jP\x89\t\x06GI\xb7\x99\xb2zZf\xc8\xd4\x8d\x1c\x1e\x03\xb9\xa7Nt\xae\xfff\xf9\tx\xae\xa8\x05\xb14\xc6\x9b\x1f\xd3\x01#\xc6\nb\xd4\xb4\xc8?\xa7\xe2R\xc1\xcf\xd2\xbc\xae\xd1\xc2\x88\"\xf3\xf0\xc0uQy\xec\xfab\xd6\xcd\x16)\x19*E\vm\x8d\x1bG:\x80\'pJ', 0x4100000a3d7) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000100)=""/184, 0xb8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) r4 = socket(0xa, 0x1, 0x84) close_range$auto(r4, 0xfffffffffffff000, 0xfff) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) kill$auto(r1, 0x11) getsockopt$auto(r0, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) 10m16.532025928s ago: executing program 3 (id=3337): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x41d75856, 0x200000000001, 0x2008, 0xfffffffffffffffe, 0x3ff) r0 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x220bc2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r3, 0x40086602, &(0x7f0000000100)) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) execveat$auto(r4, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x10000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000200)='5', 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, r5) mmap$auto(0x2000, 0x400008, 0xcf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (fail_nth: 8) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000080)) mbind$auto(0xffffffffffffff00, 0xff, 0x9, &(0x7f0000000040)=0x100, 0x3, 0x7) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x610401, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) r7 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/smaps\x00', 0x4a000, 0x0) read$auto_proc_pid_smaps_operations_internal(r7, 0x0, 0x0) write$auto_uhid_fops_uhid(r0, 0x0, 0xfccd) 10m13.781202366s ago: executing program 3 (id=3347): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = pipe2$auto(0x0, 0x80) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r1, 0x65, 0x5, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0xfeffffff, 0x0, 0x6f3) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x6, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x2001fffc) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x20000804) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x6}, 0x8) fcntl$auto(r0, 0x8, 0xffffffff80000000) 9m58.714240022s ago: executing program 32 (id=3347): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = pipe2$auto(0x0, 0x80) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r1, 0x65, 0x5, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0xfeffffff, 0x0, 0x6f3) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x6, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x2001fffc) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x20000804) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x6}, 0x8) fcntl$auto(r0, 0x8, 0xffffffff80000000) 9.233818337s ago: executing program 2 (id=5649): socket(0xa, 0x3, 0x3b) mmap$auto(0x4009, 0x20009, 0x4000000000df, 0x235, 0x401, 0x8000) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4044000) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/platform/dummy_hcd.3/usb4/ep_00/bLength\x00', 0x181000, 0x0) readv$auto(r0, &(0x7f00000003c0)={&(0x7f0000000440), 0x5}, 0x7) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2a) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(r2, &(0x7f0000000300)={{0x0, 0x6, &(0x7f0000000280)={0x0, 0x1ff}, 0xc, &(0x7f00000001c0), 0x40000000, 0xa}, 0x5a57}, 0xd, 0x3, 0x0) syz_genetlink_get_family_id$auto_macsec(0x0, r2) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r3, 0x8000) mprotect$auto(0x1000, 0x401000, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x7fff) close_range$auto(r3, 0x8, 0x7d) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r4 = socket(0x10, 0x80002, 0x8) close_range$auto(r4, r4, 0x0) pipe$auto(0x0) 8.08122293s ago: executing program 1 (id=5651): mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(0xffffffffffffffff, r0, 0x0, 0x1000200) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) r1 = getpid() r2 = gettid() r3 = open(&(0x7f0000000000)='./file0\x00', 0x64242, 0xe1d2b27bdc14aad4) flock$auto(r3, 0x1) r4 = open(&(0x7f0000000040)='./file0\x00', 0x4242, 0x40) flock$auto(r4, 0x2) rt_tgsigqueueinfo$auto(r1, r2, 0x21, &(0x7f0000000180)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x3000, 0xfffffffe}}}) close_range$auto(0x2, 0x8, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x200, 0x0, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x288b02, 0x0) mmap$auto(0x1, 0x8d4, 0x405, 0x6f52, 0xffffffffffffffff, 0x8000) mount$auto(0x0, 0x0, 0x0, 0xf, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r6 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto_SO_TIMESTAMP_OLD(r5, 0xa8, 0x1d, &(0x7f0000000000)='))\x00', 0xfffff4bb) landlock_add_rule$auto(r6, 0x3, 0x0, 0x4) sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xa}, 0xfff}, 0x5, 0x311) ioctl$auto_BLKDISCARD(0xffffffffffffffff, 0x1277, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14) bpf$auto(0x0, 0x0, 0x10) 7.475059748s ago: executing program 1 (id=5655): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x41d75856, 0x200000000001, 0x2008, 0xfffffffffffffffe, 0x3ff) r0 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x220bc2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r3, 0x40086602, &(0x7f0000000100)) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) execveat$auto(r4, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x10000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000200)='5', 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, r5) mmap$auto(0x2000, 0x400008, 0xcf, 0x9b72, 0x2, 0x8000) mbind$auto(0x700000000000000, 0x2091d2, 0x4, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000080)) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x610401, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) r7 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/smaps\x00', 0x4a000, 0x0) read$auto_proc_pid_smaps_operations_internal(r7, 0x0, 0x0) write$auto_uhid_fops_uhid(r0, 0x0, 0xfccd) 7.247185004s ago: executing program 2 (id=5656): mmap$auto(0x0, 0x20009, 0xe2, 0xeb2, 0xffffffffffffffff, 0x8000) setresuid$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x28, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'syzkaller0\x00', 0x0}) connect$auto(0x3, &(0x7f00000000c0)=@can={0x1d, r1}, 0x56) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy15/hwsim/ps\x00', 0x230000, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x3, 0xff) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "0000c11effffff00"}, 0x55) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x8}, 0x4000007}, 0x4000003, 0x0) setsockopt$auto(0x3, 0x6, 0x5, 0x0, 0x8) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/thread-self/net/stat/rt_cache\x00', 0x0, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/irq/7/effective_affinity\x00', 0x28000, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000180)=""/250, 0xfa) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) prctl$auto(0x35, 0x0, 0x4, 0x0, 0x0) io_uring_setup$auto(0x59, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfs\x00', 0x181000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000040)=""/94, 0x5e) sysinfo$auto(&(0x7f0000000000)={0x6, [0x3, 0xccc9, 0x5], 0x1, 0x5, 0x6, 0x1ff, 0x3, 0x5, 0x81, 0x0, 0x31, 0xfffffffffffffffa, 0xb}) socket(0xf, 0x3, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@link_create={@prog_fd=0x1, @target_fd=0xa, 0x3, 0x8, @tracing={0x4, 0xffffffff}}, 0xfbf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) 6.757957281s ago: executing program 2 (id=5657): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysinfo$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xf, 0x2, 0x200) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r0, &(0x7f0000000080)='MJC802154_HWSIM\x00\xcb\x0fX\xc7\xfdx!\xf7\xb5T\x04\xad\x96\xf4\xbc\xca\xa52UWT1\a\x00\x00\x00\x00\x00\x007\xc9\xa6\x8a', 0x1060) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x1009, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0) writev$auto(r1, &(0x7f0000000340)={0x0, 0x18}, 0x8) ioctl$auto_UI_SET_FFBIT(r1, 0x4004556b, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0xc2f02, 0x0) mmap$auto(0xffffffffffffffff, 0x810000, 0xff8, 0x8000000008011, 0x3, 0x8000) r3 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x123002, 0x0) preadv2$auto(r2, &(0x7f0000000180)={0x0, 0x80000003}, 0x7, 0xfffffffffffffffc, 0x7fffffffffffd, 0x6) r4 = getpid() process_vm_readv$auto(r4, 0x0, 0x4, 0x0, 0x6, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r0) ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f0000000380)={0x80000001, @raw=0xa0bd, @raw=0xa72c, 0x1fe, 0xd86, '\x00', {0xd, 0x9, 0x8, 0xee01, 0xffffffffffffffff, 0xae05, 0x6, 0xdcd, {0xfffffffffffffff4, 0x9}, {0x1, 0x1ff}, {0x0, 0x18c}, 0x0, 0x9, 0xffffffff, 0x8001, 0x9, 0x886e, 0x3ff, 0x2, 0x0, 0x7fff, '\x00', 0x9, 0x6, 0x401, 0xfd5}}) sendmsg$auto_NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000440)={0x174, r5, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_KEY={0x15f, 0x50, 0x0, 0x1, [@typed={0x8, 0x26, 0x0, 0x0, @u32=0x3}, @generic="a084b1c5f6f785abf3a257a35e2fc65dd27b14abbf68f53365c1cb04c022303ae1323c270a6b3eeeacbe12e25d967e53e912faa35c012e7eacb0da3272470b29945b919a089a1d06d35863592632f739f0e480", @nested={0x4b, 0x98, 0x0, 0x1, [@typed={0x8, 0x80, 0x0, 0x0, @pid=r4}, @nested={0x4, 0xc0}, @generic="979ed04a915fcb7e6c6b68454ec175c47adc46405d8a62db95f73a0bf2783c7433793c6fb200bdd389841837dbe224994fe8c78d0a5af2", @nested={0x4, 0xd2}]}, @typed={0x8, 0x16a, 0x0, 0x0, @uid=r6}, @typed={0x8, 0x6c, 0x0, 0x0, @fd=r3}, @nested={0x5a, 0x127, 0x0, 0x1, [@typed={0x8, 0x10b, 0x0, 0x0, @pid=r4}, @nested={0x4, 0x57}, @generic="f3611d3c171edf7cde24240998eaad08b4951095ff777f818347bb4b71f3816583470b1525d8e0b2679e0b83142007ed4bafc4aba4bbf5594d764b55cf79073ca5ba", @typed={0x8, 0x139, 0x0, 0x0, @pid=r4}]}, @generic="20fadeb857881395c8e1a2f6aa1af378d5733963eb2f45bf53db1d57059f3e89f57696f7e34f8c8f83ef5b2dfcf1815fbe69b9f2d9a5ed2743f1d26d9a124b1f6bcb66fb727bae75"]}]}, 0x174}}, 0x8044080) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\x0e\xfb\xff\x05OL\xc8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) mprotect$auto(0xfffff000, 0xa588, 0x6) 5.134159153s ago: executing program 4 (id=5660): setxattrat$auto(0xffffffffffffffff, 0x0, 0x1000, 0x0, 0x0, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/ax88179_178a/remove_id\x00', 0x488081, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) (async) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x82001, 0x0) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5", 0x2f8) (async) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5", 0x2f8) ioctl$auto_SNDCTL_SEQ_SYNC(r0, 0x5101, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x1d, 0x3, 0x1) close_range$auto(0x2, 0x8, 0xff) r2 = socket(0x1e, 0x3, 0x5) setsockopt$auto(r2, 0x65, 0x1, 0x0, 0x800) (async) setsockopt$auto(r2, 0x65, 0x1, 0x0, 0x800) setsockopt$auto(r1, 0x65, 0x1, 0x0, 0x800) (async) setsockopt$auto(r1, 0x65, 0x1, 0x0, 0x800) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) (async) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) (async) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x7, 0x6, 0x1f2, 0x9, 0xe8, 0x400000000ff, 0xa, 0x4, 0xaab, 0x5, 0x7]}, 0x0, 0x0) (async) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x7, 0x6, 0x1f2, 0x9, 0xe8, 0x400000000ff, 0xa, 0x4, 0xaab, 0x5, 0x7]}, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x3, 0x0) bind$auto(0xffffffffffffffff, 0x0, 0x20000003) select$auto(0x10, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) 4.835257002s ago: executing program 4 (id=5661): syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000680), 0xffffffffffffffff) ioctl$auto_TIOCGDEV2(0xffffffffffffffff, 0x80045432, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3) recvfrom$auto(r0, &(0x7f0000000600), 0x4, 0x4, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="28f3c03e8b0ed358c8b4a21432dc000800", @ANYRES16=r1, @ANYBLOB="01032cbd7000fedbdf251f000000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5) sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x4040) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x362db1b6, 0x810004, 0xffb, 0x8000000048011, 0x3, 0x8000) preadv2$auto(r2, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) 4.829832689s ago: executing program 2 (id=5662): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0) r2 = socketpair$auto(0x1f, 0x4, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = open(&(0x7f0000000080)='./bus\x00', 0x40bc2, 0x1c0) close_range$auto(r1, r1, 0x5) write$auto(r3, &(0x7f0000000100)='\xea\x85\x92\x06(#\xc4\xb6(\x9e\xfcKG\xc2\xd4\xc0\v\x02\x9f%C\x00\x01\x00@!\xa9\xce\x10Y\xd0\xeb\xed\x7f\xc8\xdc(\xd3\xe9\xf3\xddT\x18\x16#\xfdQ5\xaeA\xc3\xeay\x7f\xa2TR|js\xfd\n\xa3\x98\xc8\x91\xdd\x9e\x99}s\xe0x\a\x00\x00\x00\x00\x00\x00\x00.\xa8\xc5\xdbKx\x14l\xe6\x868\xb3\xd2\x00\xea\xf9\xd1z\x8f\xd9\x877J\"\xab\xf9\xdf\xbf\xa1\xa1ms\xaf\xd9&R\x03\x00\xc0u \xc3\xc2\xd61\x97V\xcah\r\x97M\xdb\xf9\x06\x95Z\xdfK\xbeY#/\xf5g\n\x10#\x10@Ft\x9c\xd9\xd3s\x94\x8aV\xeb\xee`e9(\xe0\x88\x06\xa6-;ZM\x9b\xe1-', 0x9) sendfile$auto(r3, r3, &(0x7f0000000000)=0x27, 0x2226) mmap$auto(0x1, 0x2, 0x7, 0xeb1, r0, 0x8002) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x80000000000006, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) clock_getres$auto(0x2, 0x0) alarm$auto(0x2) connect$auto(0x3, 0x0, 0x54) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x101, 0x103) close_range$auto(0x2, r2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x40000000000eb1, 0x401, 0x7ffd) socket(0x2, 0x2, 0x0) socket(0x23, 0x2, 0x0) unshare$auto(0xb) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv6/fib_multipath_hash_policy\x00', 0x141041, 0x0) write$auto(r4, &(0x7f0000001340)='\x04\"\x8e U\x00\x00\x00\xb8\n08\xc6\xb05>ha9\x89|e\x00\x00\x00\xa8%\xdc~kD\xa1\x1b\xc3\xe4\xc7\x89\x0e\xd4\x88\xac\x95\xacS\xe9$\xe7*\xcd\x8b\x9b\xd0o\xc7\xd8\xf7\x8a@%\x1d\xf8b\x14[H\xa2` \xb2\xef\xd7\xac\xfak\xb7\x02\x00}\xbcv\xfc\xe6\xbf\x14\x82jO\xde\xda\xda\x929\xd3\x04\xd0\xa2\xa0\xa6\xcb\x86\x15\xac\xcc\xf8\xa2\x01Z\x83`\xa1d\xedj8\x1e\xcc\x0fD\xa4\xe3\xa5\xba\xf9\xbe\x85\f\xbbrY\xb9\xc77\xd9d\xb5\x16\xc1\xe9\xe5\xc8X_\xefPG\x86=\x17>3\xb2\xdd\xbd\xa9\xe4R\x9c\xb0j[\"\f\xfb\tNz\xf4X]\xb90\x1c\xc3\x91jd\xe9\xb9\x87I\x19\xe4\x16\xa4\xad\xdcJ\xe4\x00\xd03/\x13,3\x87K\xd0J\xbb\xb9B\xff\xd9\xf1\xed\x04\xeb\x8d\x92\xa7-\x91\x8ai\xc6j\xeb\x90#1\x1d\xfd\xa3\xfeO\xcc\xe0\xe5\x1d\x8e\xedd\f,\t\xd8\x10Ho.z4\'\xe2\xad`\x94\xa6\xa2\xb2\xd6zMB\xf5\xcd\r7MO\x8f\xbc7%\xf1\xbbxB\xb4q\xa0\xe1-\x1c\xa2\xeb\xc0C\x04\x00\xfcG\xb6\x1e\x82\xaao\x1a\xa7\xbdw\x8b\xe6\bI\xfc\xa1\a\"\xe6\xc7z\xac\xe6\xce\xe34\x16\x9bdp\xb9\x02R\b\x83\x95\xde\x93\x12hP\xcbr6F\x84\xa7sf\xea\x8a\x1aee\xa4\xd0~\x00IC\xefT\xdc_G=]\xa3\xcb\xe0\x9f\n\xc5%\xe8PT\x87\xa4\xf3?f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) execveat$auto(r4, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x10000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000200)='5', 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, r5) mmap$auto(0x2000, 0x400008, 0xcf, 0x9b72, 0x2, 0x8000) mbind$auto(0xa02000000000000, 0x2091d2, 0x4, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000080)) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x610401, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) r7 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/smaps\x00', 0x4a000, 0x0) read$auto_proc_pid_smaps_operations_internal(r7, 0x0, 0x0) write$auto_uhid_fops_uhid(r0, 0x0, 0xfccd) 3.48145127s ago: executing program 0 (id=5667): madvise$auto(0xfffffffffffffffe, 0xffffffffffff4005, 0x3) socket(0x2b, 0x2, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, 0x0, 0x1, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x7) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10003, 0x0) mount$auto(0x0, &(0x7f0000000080)='}[,&*}\x00', 0x0, 0x7ffffffc, 0x0) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x18b202, 0x0) pread64$auto(r0, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x801, 0x106) open_tree_attr$auto(0xffffffffffffffff, 0x0, 0xfffffffa, 0x0, 0xfff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x141143, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) gettid() socket(0x11, 0x3, 0x0) r1 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$auto_RTC_SET_TIME(r1, 0x4024700a, &(0x7f00000001c0)={0x1, 0x7, 0x17, 0x8, 0x1, 0x64, 0x10, 0x3, 0x3}) mmap$auto(0x0, 0x202020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000040)={0x23, 0x9, 0x18, 0x6, 0x7fa, 0xa, &(0x7f0000000280)}) openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, 0x0, 0x0, 0x0) rt_sigqueueinfo$auto(0x0, 0x20000009, 0x0) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) 3.298076967s ago: executing program 1 (id=5668): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x4a7) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/001/001\x00', 0xa9202, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x12da40, 0x121) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000140), r1) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="01032c030000000000000000000006000120180000007f9ad478d00417fe097baac3041649ed894c0f39de15aa1a6f6ea94e48bfbca9"], 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x40040) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_SNDRV_PCM_IOCTL_HW_FREE2(r0, 0x4112, 0x0) 3.275274605s ago: executing program 2 (id=5669): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_madvise$auto_MADV_POPULATE_READ(r0, 0x0, 0x1, 0x16, 0x0) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getsockopt$auto_SO_NO_CHECK(0xffffffffffffffff, 0x8, 0xb, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r2, 0x40087543, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) r3 = socket(0x2a, 0x5, 0x800) sendmmsg$auto(r3, 0x0, 0x7, 0x4008) madvise$auto(0x0, 0x200007, 0x19) sendmsg$auto_SMC_NETLINK_REMOVE_UEID(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040}, 0x10) mprotect$auto(0x0, 0x806121, 0x6) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x181881, 0x0) mprotect$auto(0x10001, 0x2, 0x8) ioctl$auto_XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000680)="9935da82938555fd6164b97079eaf7f9ad3f51c673405ee003ba9ab299ec7c89dca09c411a0fc78be7424acfb9e94be18441c4e730ea780f80aa9125be78e56fb43bd4bbe22f37c6c95ba57fa923051bdd2c2a79780d4a0e0aebbf950bdda4b0d97c10bb669b8c60bd2fd1b0dbfee2e7786a038d2607cad869732d6e214b2a0d2c1ac6d091c93decaed0fc6dc841670ac309eb5d846124460643d91f0cce6067a48c39d838e4ec8bcbbb3a9e9dc2c9cf6be289a6c5e3144ecb4967c8de1db06ad6cb6d92ef76b3f1772bdf7bc61d4d5a087b92b83b6366fc6cb24b8b4c1f529c9c1a985b64a692ae5c60bfd045a20e6bf3fb340c3d7a", 0xfffffffd, 0x0, 0x9, &(0x7f00000003c0)="2f7a0ffc98dfacf338f3f02276f398216db9a8a12e51c01eeab37f6145f6480dbb5d50ec57ac2ff1", &(0x7f0000000480)=0x1}) socket(0x10, 0x2, 0x0) mq_timedsend$auto(0xffffffffffffffff, &(0x7f0000000040)='@*!:}\xc1-.!\\#[./\',-\x00', 0x80, 0x9, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 2.091244566s ago: executing program 0 (id=5670): unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) close_range$auto(0x2, 0xa, 0x0) (async) r0 = socket(0x2, 0xa, 0x106) setsockopt$auto(r0, 0x6, 0xd, 0x0, 0x4) (async, rerun: 64) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x8000, 0x0) (async, rerun: 64) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram10\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r1, 0x8000) (async) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) (async) ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0x7980, 0x6}, 0x2, 0x0, 0x0, 0x8) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x880, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f00000001c0)=""/70, 0x46) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x1, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xe, 0x5}, 0x7) r4 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r4, 0x29, 0x1b, &(0x7f0000000040)='!\x00', 0x1ff) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x100, 0x0) (async, rerun: 64) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), r2) (rerun: 64) sendmsg$auto_OVS_DP_CMD_NEW(r2, 0x0, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0x200007, 0x8) (async) sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) (async) process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f0000000140)={0x0, 0x55}, 0x6, 0x2, 0x0) (async, rerun: 32) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0) (async, rerun: 32) unshare$auto(0x40000080) 1.865185692s ago: executing program 4 (id=5671): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async, rerun: 32) r1 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) (async, rerun: 32) r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getdents$auto(r2, 0x0, 0x400018) (async, rerun: 32) ioctl$auto_FIOASYNC(r0, 0x5452, 0x7c4) (async, rerun: 32) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/etherd/flush\x00', 0x400400, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32) close_range$auto(0x2, 0x8, 0x0) (rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x28, 0x801, 0x0) (async) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x80802, 0x0) (async) r3 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) (async) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x800001f, 0xb}, 0x800009}, 0x7, 0x20000000) (async, rerun: 32) shutdown$auto(0x200000003, 0x0) (async, rerun: 32) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x8, 0x0) (async) close_range$auto(0x0, r1, 0x2) (async, rerun: 64) landlock_create_ruleset$auto(&(0x7f0000000000)={0x81, 0x8000000000001, 0xa}, 0xb, 0x0) (async, rerun: 64) landlock_restrict_self$auto(r4, 0x8) (async) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon28\x00', 0x18002, 0x0) (async) rename$auto(&(0x7f0000000180)='.\x00', &(0x7f0000000300)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)') (async, rerun: 64) socket(0x2b, 0x1, 0x0) (rerun: 64) 1.665198053s ago: executing program 1 (id=5672): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002c80)='/dev/audio1\x00', 0x101800, 0x0) r0 = socket(0x2, 0x2, 0x1) r1 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x0, 0x0) readv$auto(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xd}, 0x8) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0xffd8) r3 = socket(0x1e, 0x1, 0x0) bind$auto(r3, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x108e04d83b06a5a3, {0x43, 0x0, 0x3}}, 0x66) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r3) write$auto_ppp_device_fops_ppp_generic(r2, &(0x7f0000000340)="15b34905fa0fb665c450c52e692dfce1b4f94c51618bd836423a866ce7688e58069b7ae0c19bf956906c920aa6f595ecf01ae444c6223367285113eee068c3cd798a4189bc62a820f3b5972737b02aeed21729752136d4f0f073cc9fddfb4bdcf8fb668ccaa2522163c500b7cb3ec39f1698433031fc61a2290e1c051fa2ecdebe1b64592f71786acb9c1488b6c8", 0x8e) socket(0xa, 0x1, 0x84) getpid() sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2900000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="48040000a98172d417dcf359b73b4dac3ad9c0c8865bd0df1aa01d5b091619f1cbe0e763c2d8c3d25f4bdd4b12f6f5105c9760b850809d21de2c61994f259990775ce8ec25ca72b66663b99c9176b85582e568", @ANYBLOB="000225bd7000fcdbdf257e000000060066004e2000000400d1000500e40003000000050039017f00000008004d0103000000060065000200000005002f012c000000"], 0x48}}, 0x20040810) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000000000000001) setsockopt$auto(0xffffffffffffffff, 0x1e2, 0x31, 0x0, 0x37) 1.513162049s ago: executing program 4 (id=5673): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) writev$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xd6}, 0xe50) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x1, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x20f1, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000140)={0x1045100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) lseek$auto(r0, 0x4, 0x0) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r1, 0x0, 0x39b8) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) epoll_create$auto(0x3e) getrandom$auto(0x0, 0x6000000, 0x3) r2 = socket(0x2b, 0x4, 0x1) getsockopt$auto(r2, 0x11e, 0xea3, 0xfffffffffffffffe, 0x0) r3 = openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim1/psample/enable\x00', 0x169a02, 0x0) write$auto_nsim_psample_enable_fops_psample(r3, &(0x7f00000005c0)='Y', 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 1.106364021s ago: executing program 0 (id=5674): r0 = socket(0xa, 0x5, 0x84) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda\x00', 0x14fa02, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r1, 0x0, 0x6, 0xfffffffffffffffb, 0x4, 0x5) mmap$auto(0x3, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000) bpf$auto_BPF_PROG_QUERY(0x10, &(0x7f00000002c0)=@bpf_attr_7={@link_id=0xc387, 0xfffffffa, 0x401, r0}, 0x6) open$dir(0x0, 0x10000, 0x6) close_range$auto(0x2, 0xa, 0x0) socket(0x2, 0x5, 0x0) pwritev$auto(r2, &(0x7f0000000400)={&(0x7f0000000380)="57af88e2727fd1cfa2d2c0e5b0c60c895d2f4ef457e57f0ddd6e90ac877da1c91853efabfc3c386f80557f4a0053d65c83c932c00e67ae2679369fd3c330b86cadfe0434038bc3c4ce9b738cc690498fff7dcddf51e42392aac5c0a706061183c0972463973cb503b871100366c0809da6591d23e9", 0x7}, 0x36, 0x6, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x80082, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto_MON_IOCQ_RING_SIZE(r5, 0x9205, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/jbd2/sda1-8/info\x00', 0x240, 0x0) ioctl$auto(0x3, 0xae41, r4) arch_prctl$auto_ARCH_MAP_VDSO_64(0x2003, 0x15) ioctl$auto_KVM_GET_MSRS(r3, 0xaead, 0x0) close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20008800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x80}, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r6 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/trace_marker_raw\x00', 0x1, 0x0) write$auto_tracing_mark_raw_fops_trace(r6, &(0x7f0000000140)="b9d40054dada8b64ccb67b54416e270e39e6d4aa69f27b4018ffde16b7c93cfa3cc8638d29ae6d766eb99e16ed5e4a0e7f1cf2827e507ec7d99bbb472a22c23b978bec6aa7da01682690116f8a8f0f27c8864c05b72ef15a08aed03c2d4420294f40adc2047c3fc697966302", 0x6c) r7 = socket(0x1f, 0x9, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x80302, 0x0) sendfile$auto(r8, r8, 0x0, 0x2001) sendmmsg$auto(r7, &(0x7f0000000200)={{0x0, 0xfffffffc, &(0x7f0000000100)={0x0, 0xfc0}, 0x8, 0x0, 0x8, 0x3}, 0x3}, 0xc, 0x4008) 738.412805ms ago: executing program 0 (id=5675): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0xa, 0x3, 0xef1, 0xfffffffffffffffa, 0x8) socket(0x2b, 0x1, 0x1) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) nanosleep$auto(&(0x7f0000000180)={0x3, 0x100000000044d4}, 0x0) ioctl$auto_FS_IOC_GETFLAGS(r1, 0x80086601, 0x7fffffffbfffffff) ioctl$auto_TIOCMGET(r0, 0x5415, &(0x7f0000000180)="4cc1f6bcff7ed3449524f40be72daf62fab57078ed612a279925cdcf1749c224646988c97f7f33ef3bba3c7cb1cf73af2689bd1324cee99fc01aff87c4f85b4119cefe85d58391384a5a680acd902d85ffab9a1287f7173265f2680e340808ca62b155966d10989181b9ad8d9a6f19b098cccebe6e521dc46a60cc4893501b36192aa4875123f451f951544f00107f03cc1ae5f381a051c7306ce7beb9153e3c23f98fbf482126e52108783523a1e97d90d3709f73ffc999f89f836efc35fd12a67434f6e5be26be060ba0a27e7bac42580fe526e9bdf9ea8be294c1fea0f7b06b97f8b913532bbb1479e7ac0f134560fe") r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0xa2382, 0x0) landlock_create_ruleset$auto(0x0, 0x0, 0x1) sendfile$auto(r2, r2, 0x0, 0x1) 461.585859ms ago: executing program 0 (id=5676): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x446a02, 0x0) sendfile$auto(r0, r0, 0x0, 0x1) r1 = socket(0x2, 0x1, 0x106) setfsuid$auto(0xee00) mmap$auto(0xfff, 0x5, 0xffffffffffffffc0, 0x100000000000017, 0x7, 0x28000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)={0x20, r3, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_KEY_DEFAULT={0x4}]}, 0x20}}, 0x4000000) sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x30, r3, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS={0x6, 0x151, 0x6}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, "067f072473e39853062cd2d0"}, @NL80211_ATTR_WIPHY_RTS_THRESHOLD={0x8, 0x40, 0x5}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x91}]}, 0x44}, 0x1, 0x0, 0x0, 0x2400d840}, 0xde39903dc4d8688f) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/usb/drivers/usbip-host/rebind\x00', 0x121681, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r6, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES64=r4, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) mincore$auto(0xf7, 0x6, &(0x7f0000000040)='+%\x00') socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 222.939537ms ago: executing program 0 (id=5677): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/net/can/stats\x00', 0x121040, 0x0) unshare$auto(0x4000007e) modify_ldt$auto(0x807ff0000000000, 0x0, 0x40100000000aa) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x20000000, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x2ffffffffffe) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x24040000}, 0x4000080) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) mprotect$auto(0x1ffffffff000, 0x100004, 0x6) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/devices/platform/dummy_hcd.5/usb6/bMaxPower\x00', 0x80, 0x0) socket(0x2a, 0x2, 0x6) openat$auto_ht40allow_map_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy2/ht40allow_map\x00', 0x100, 0x0) r3 = accept$auto(r2, 0x0, 0x0) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) mq_getsetattr$auto(0x3, 0x0, &(0x7f0000000100)={0x8, 0x8, 0x2, 0x1}) mmap$auto(0x0, 0x3, 0xdf, 0x9093, 0x2, 0x8000) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r5 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r5, 0x403c6f2b, 0x0) pread64$auto(r0, 0x0, 0x100006, 0xc982) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x1, 0x0, 0x0, 0x0, 0x42) unshare$auto(0x40000080) acct$auto(0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) write$auto_tracing_fops_trace(r3, &(0x7f00000002c0)="12238d644cc9df5128ce086f1a16f3d7ebf851a80cca031c28f875a72b9ae13b3dbc222e6b8dff7028efb8814ed4d9c600ff74d0b1e2b8dcdd4a78b6cece05657e908c2d3a10", 0x46) mmap$auto(0x0, 0x128008, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) shmget$auto(0x0, 0x7b, 0x100) 0s ago: executing program 4 (id=5678): r0 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x201d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x4, 0x29c, 0x1, 0x4, 0x1, 0x7, 0x1}, {0x10100, 0x1, 0x52, 0x88, 0x2, 0x8, 0x76c5, 0x8, 0x100000000}}) fsconfig$auto_SHMEM_HUGE_DENY(r0, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptycd\x00', 0x40000, 0x0) sendmsg$auto_NBD_CMD_STATUS(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000440)=ANY=[@ANYBLOB="98050000", @ANYRES16=0x0, @ANYBLOB="000126bd7000ffdbdf25050000000c000600b100000000000000040207805dc987531dd54cca3f5aaf767b67ed93de5bf541de73c1301a846771563f42b3b4aa1af8a33a1db5ea61dfb86894139a6af0abad567bea473f96db2b0f6504facb33b4497c3973fbb29b258f51e6158346f82e9a606c388c65f1bd3e91bf5292382a5790aa0bccdac72afcd0a76dce82e4091fb671598ffaaa341144b9cc549f8f515f0040b9fc65ce9d6d581a11dae7b47aa11a9c7c58e764bbf0f6a1bcbcf93286fdd62e34a5eab2b0831c3d49ce280f6cc5a45dfd76d3730ba94c34c654a53793e137d9ea064e6f5b15ac3c7da4fc646b7e73c42c23fe0b38e7ab673dde47fc9ddff0ef224bb9c1df76384822131ff4d2c2c1470e22e92509420c007d0008000000000000000800eb008ef5000008001900", @ANYRES32=0x0, @ANYBLOB="f7f822f83d9095a148cc90f861769adf05dc7bc266d3cad2ba244ff1f053a1445a89d22f16cac1aeb3b27813126f323c01db623c227d171ec8985a12eb1bd80afd8348d801d768e5514ada8e5e6b2ff00a063ba768589a8a080de2e60427db307273a90937c9bf622ecd123caa5f5b172a8b32208baaf839e32f7a1b55df59d995bb1e0346e0c1b6ad1bacc2e507301879cc7015c15cf906b0bc709cad2e0235d2489de777b239599c05b8623872ce5aad77bc03bc1667178b0c81eb934cb280bd1416414f891586ce048a4ede9e2cc1f2a9c09c5bf4c26e6bfc5e7c42a2935a09fa8bec3b7236885349030980280073800800d400ac1e01010400978004000e8014002b00ff010000000000000000000000000001413c15a145576e08b011afc20b7cc18aee6e5d0a4c0fbd06147b441b383239e190d17964e5457f0919856bf44d7b3d4384aaf00c07ad1ab971586ae56e5ba45c59104943505934d8fabb836217971248e989f836c1b345ac6f03e46196e52e43b169237b9e91cc04bda27108c61b4ad3a0b2d3055cffee0c94c5a10c098f9e9505536b76ed6dddda8c6bd6065e21beac0d09d44706b3719022e0b563ffc9f1d2a652d09c2d99baa4438abe687c33a80540f634c0a2960f23d96d441049fb48501e7305f8bd06009d007d0000000c008100090000000000000042020d8014007600fe8000000000000000000000000000aa2259ec8215447450ac34bc33b4f8e1bcdb61922348e81c5b58f5618b69e73f4b3b4f2b72fcf4a10733f00b74671375c3ce82d89e0a5c46bb19e91e62e6b7b44e08163ece40fef800bbfecce23d148526650b0cc2c15763c86715fb96e69f3a152a66b1225248adce1db66d862c3a98bd972802b3fe0afcfcfbf4c7a9adaf2e73e55ea8bfb5eb6127ca3d06384a1640595df734217db397cd38f1b6f60827e9ccb7e6f1384f625b93ca69b79cd36746aab389536e7c5f12a0ebbdbc562f7e3e8fa10cf1b3a45c4fc41158acb5e2f7c0ad81aabb1400370000000000000000000000ffff00000000190006002f6465762f646d615f686561702f73797374656d00000000080005000700000004006480c7fdea010aaaadadcb61ebc0b7c99820e498277b43ac73582ddfa36ebb66b7ba7613fee72aabf13fe64092a2184d53ea6dec42ba5177b7e04c7606214c8cc08b2d98e651a688d779eeedb970a77a1873364f9e4b68a121ae0818c66c78a26361c40498c4bb6e6206b4e298fa88bf5f73794d68a26799438905158160bcf628ed72f88f4eb5c762051a9922a8eca7a5ba9db26e417872d6e770c7f475190da03932b541de27fa03a80702cd4e1833b996895b1cadcf0c0d2c175e8d2fc51d4ac9113054dff60fa44b5c58d7f9b9be719656b3d51532662b37d0adf1557202284acbe28c031801434d3075c8cf6364114134dcf2e44b5ab5beb64bcde01e7d1bca2a54481469070d1d20cd282612a7c2453b1f7db0a56a7919107fe300000000000c0006007b030000000000000f000a002f6465762f707479636400000c0005000400000000000000"], 0x598}}, 0x40000c0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, 0x0) r4 = epoll_create$auto(0x8800001) epoll_ctl$auto(r4, 0x1, r2, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x5, 0xd9c, 0xeb2, 0xfffffffffffffffb, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x10080, 0x0) r5 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000001a00), 0x801, 0x0) write$auto_nvmf_dev_fops_fabrics(r5, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x9, 0x2, 0xfffffffc, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) ioctl$auto_BLKSECDISCARD(r6, 0x127d, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r7 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) syz_clone3(&(0x7f00000003c0)={0x383201180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r7}}, 0x58) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r1) kernel console output (not intermixed with test programs): t_locked+0x14d/0x580 [ 1387.915742][T30742] drm_client_modeset_commit+0x4f/0x80 [ 1387.915763][T30742] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1387.915787][T30742] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1387.915809][T30742] drm_fbdev_client_restore+0x1b/0x30 [ 1387.915824][T30742] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1387.915840][T30742] drm_client_dev_restore+0x205/0x2a0 [ 1387.915863][T30742] drm_release+0x2c6/0x360 [ 1387.915883][T30742] ? __pfx_drm_release+0x10/0x10 [ 1387.915901][T30742] __fput+0x3ff/0xb50 [ 1387.915927][T30742] task_work_run+0x150/0x240 [ 1387.915942][T30742] ? __pfx_task_work_run+0x10/0x10 [ 1387.915958][T30742] ? rcu_is_watching+0x12/0xc0 [ 1387.915977][T30742] exit_to_user_mode_loop+0x157/0x670 [ 1387.915999][T30742] ? rcu_is_watching+0x12/0xc0 [ 1387.916017][T30742] do_syscall_64+0x652/0x840 [ 1387.916037][T30742] ? clear_bhb_loop+0x40/0x90 [ 1387.916055][T30742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1387.916070][T30742] RIP: 0033:0x7f7674d9ce59 [ 1387.916085][T30742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1387.916099][T30742] RSP: 002b:00007f7675c54028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1387.916114][T30742] RAX: 0000000000000000 RBX: 00007f7675015fa0 RCX: 00007f7674d9ce59 [ 1387.916124][T30742] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 1387.916133][T30742] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1387.916143][T30742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1387.916152][T30742] R13: 00007f7675016038 R14: 00007f7675015fa0 R15: 00007ffe895a8af8 [ 1387.916173][T30742] [ 1388.258725][T30746] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4726'. [ 1388.588841][T30748] nvme_fabrics: missing parameter 'transport=%s' [ 1388.617629][T30748] nvme_fabrics: missing parameter 'nqn=%s' [ 1390.300857][T30799] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4738'. [ 1390.532641][T30805] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4739'. [ 1391.885611][T30827] nvme_fabrics: missing parameter 'transport=%s' [ 1391.984749][T30827] nvme_fabrics: missing parameter 'nqn=%s' [ 1392.122570][T30843] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4748'. [ 1393.525973][T30881] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4759'. [ 1394.056371][T30891] nvme_fabrics: missing parameter 'transport=%s' [ 1394.068872][T30889] netlink: 'syz.4.4762': attribute type 11 has an invalid length. [ 1394.098457][T30889] netlink: 'syz.4.4762': attribute type 1 has an invalid length. [ 1394.138017][T30891] nvme_fabrics: missing parameter 'nqn=%s' [ 1394.144624][T30889] netlink: 9 bytes leftover after parsing attributes in process `syz.4.4762'. [ 1394.678256][T30909] zswap: compressor not available [ 1396.712370][T30963] FAULT_INJECTION: forcing a failure. [ 1396.712370][T30963] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.780571][T30963] CPU: 0 UID: 0 PID: 30963 Comm: syz.2.4778 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1396.780597][T30963] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1396.780603][T30963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1396.780611][T30963] Call Trace: [ 1396.780626][T30963] [ 1396.780632][T30963] dump_stack_lvl+0x100/0x190 [ 1396.780660][T30963] should_fail_ex.cold+0x5/0xa [ 1396.780679][T30963] should_failslab+0xc2/0x120 [ 1396.780699][T30963] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1396.780720][T30963] ? alloc_inode+0x68/0x250 [ 1396.780741][T30963] ? simple_start_creating+0xb0/0x110 [ 1396.780758][T30963] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 1396.780781][T30963] alloc_inode+0x68/0x250 [ 1396.780801][T30963] new_inode+0x22/0x1c0 [ 1396.780822][T30963] __debugfs_create_file+0x105/0x4f0 [ 1396.780839][T30963] debugfs_create_file_full+0x41/0x60 [ 1396.780856][T30963] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 1396.780871][T30963] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 1396.780884][T30963] ? ida_alloc_range+0x70d/0x830 [ 1396.780919][T30963] ? lockdep_init_map_type+0x5c/0x250 [ 1396.780944][T30963] preinit_net.part.0+0x252/0x920 [ 1396.780961][T30963] copy_net_ns+0x339/0x7c0 [ 1396.780979][T30963] create_new_namespaces+0x3ea/0xac0 [ 1396.781001][T30963] unshare_nsproxy_namespaces+0xf2/0x220 [ 1396.781020][T30963] ksys_unshare+0x438/0xab0 [ 1396.781040][T30963] ? __pfx_ksys_unshare+0x10/0x10 [ 1396.781058][T30963] ? xfd_validate_state+0x129/0x190 [ 1396.781071][T30963] ? ksys_write+0x1ac/0x250 [ 1396.781092][T30963] __x64_sys_unshare+0x31/0x40 [ 1396.781120][T30963] do_syscall_64+0x115/0x840 [ 1396.781139][T30963] ? clear_bhb_loop+0x40/0x90 [ 1396.781156][T30963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1396.781170][T30963] RIP: 0033:0x7f7674d9ce59 [ 1396.781182][T30963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1396.781195][T30963] RSP: 002b:00007f7675c54028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1396.781210][T30963] RAX: ffffffffffffffda RBX: 00007f7675015fa0 RCX: 00007f7674d9ce59 [ 1396.781219][T30963] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1396.781228][T30963] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1396.781236][T30963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1396.781245][T30963] R13: 00007f7675016038 R14: 00007f7675015fa0 R15: 00007ffe895a8af8 [ 1396.781263][T30963] [ 1397.062592][T30963] debugfs: out of free dentries, can not create file 'net_refcnt@ffff888077152940' [ 1397.513341][T30968] nvme_fabrics: missing parameter 'transport=%s' [ 1397.543767][T30968] nvme_fabrics: missing parameter 'nqn=%s' [ 1399.539442][T31023] random: crng reseeded on system resumption [ 1399.699354][T31027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4788'. [ 1399.740878][T31027] netlink: 28905 bytes leftover after parsing attributes in process `syz.1.4788'. [ 1400.639721][T31051] nvme_fabrics: missing parameter 'transport=%s' [ 1400.723798][T31051] nvme_fabrics: missing parameter 'nqn=%s' [ 1401.479827][T31066] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4797'. [ 1402.091015][ T29] audit: type=1800 audit(2147483669.997:50): pid=31100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4800" name="dbroot" dev="configfs" ino=174459 res=0 errno=0 [ 1403.039655][T31123] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 909 with max blocks 2 with error 117 [ 1403.137787][T31123] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1403.137787][T31123] [ 1403.149004][T31128] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4804'. [ 1403.542525][T31135] nvme_fabrics: missing parameter 'transport=%s' [ 1403.599214][T31135] nvme_fabrics: missing parameter 'nqn=%s' [ 1406.215974][T31191] nvme_fabrics: missing parameter 'transport=%s' [ 1406.287468][T31198] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 6 with max blocks 3 with error 117 [ 1406.309915][T31191] nvme_fabrics: missing parameter 'nqn=%s' [ 1406.447260][T31198] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1406.447260][T31198] [ 1406.922121][T31138] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1407.324581][T31212] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1407.345742][T31212] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1407.355176][T31212] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1407.393077][T31212] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1407.402757][T31212] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1407.590364][T31138] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1408.032318][T31138] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1408.893611][T31242] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 1408.893611][T31242] The task syz.1.4825 (31242) triggered the difference, watch for misbehavior. [ 1409.438014][T31091] Bluetooth: hci3: command tx timeout [ 1409.491767][T31138] bridge_slave_1: left allmulticast mode [ 1409.524004][T31138] bridge_slave_1: left promiscuous mode [ 1409.556785][T31138] bridge0: port 2(bridge_slave_1) entered disabled state [ 1409.628535][T31138] bridge_slave_0: left allmulticast mode [ 1409.634296][T31138] bridge_slave_0: left promiscuous mode [ 1409.693616][T31138] bridge0: port 1(bridge_slave_0) entered disabled state [ 1410.551777][T31138] bond0 (unregistering): Released all slaves [ 1410.717671][ T5294] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1410.834029][T31138] ovs_: left promiscuous mode [ 1411.029350][T31138] HfR: left promiscuous mode [ 1411.208863][T31282] nvme_fabrics: missing parameter 'transport=%s' [ 1411.344128][T31282] nvme_fabrics: missing parameter 'nqn=%s' [ 1411.523638][T31294] FAULT_INJECTION: forcing a failure. [ 1411.523638][T31294] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1411.540907][T31091] Bluetooth: hci3: command tx timeout [ 1411.620022][T31294] CPU: 0 UID: 0 PID: 31294 Comm: syz.4.4831 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1411.620052][T31294] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1411.620058][T31294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1411.620068][T31294] Call Trace: [ 1411.620074][T31294] [ 1411.620081][T31294] dump_stack_lvl+0x100/0x190 [ 1411.620111][T31294] should_fail_ex.cold+0x5/0xa [ 1411.620127][T31294] ? fs_reclaim_acquire+0x70/0x100 [ 1411.620147][T31294] should_fail_alloc_page+0xeb/0x140 [ 1411.620165][T31294] prepare_alloc_pages+0x1f0/0x5f0 [ 1411.620188][T31294] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1411.620212][T31294] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1411.620235][T31294] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1411.620257][T31294] ? stack_trace_save+0x8e/0xc0 [ 1411.620276][T31294] ? __pfx_stack_trace_save+0x10/0x10 [ 1411.620294][T31294] ? stack_depot_save_flags+0x27/0x9d0 [ 1411.620322][T31294] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1411.620344][T31294] ? __lock_acquire+0x4a5/0x2630 [ 1411.620366][T31294] ? blk_trace_setup_prepare+0x35c/0x6c0 [ 1411.620382][T31294] ? blk_trace_ioctl+0x245/0x320 [ 1411.620398][T31294] ? blkdev_ioctl+0x17c/0x6f0 [ 1411.620418][T31294] ? __x64_sys_ioctl+0x18e/0x210 [ 1411.620432][T31294] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1411.620457][T31294] ? find_held_lock+0x2b/0x80 [ 1411.620473][T31294] ? rcu_read_unlock+0x17/0x60 [ 1411.620491][T31294] ? rcu_read_unlock+0x17/0x60 [ 1411.620508][T31294] ? rcu_read_unlock+0x17/0x60 [ 1411.620526][T31294] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1411.620546][T31294] ? policy_nodemask+0xed/0x4f0 [ 1411.620565][T31294] alloc_pages_mpol+0x1fb/0x540 [ 1411.620583][T31294] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1411.620600][T31294] ? __kvmalloc_node_noprof+0x6af/0xa00 [ 1411.620614][T31294] ? relay_open_buf.part.0+0x199/0xb70 [ 1411.620638][T31294] alloc_pages_noprof+0x1a/0x160 [ 1411.620658][T31294] relay_open_buf.part.0+0x261/0xb70 [ 1411.620691][T31294] relay_open+0x7b9/0xa00 [ 1411.620711][T31294] blk_trace_setup_prepare+0x35c/0x6c0 [ 1411.620731][T31294] blk_trace_setup+0x217/0x440 [ 1411.620751][T31294] ? __pfx_blk_trace_setup+0x10/0x10 [ 1411.620768][T31294] ? lockdep_hardirqs_on+0x36/0x100 [ 1411.620793][T31294] ? __pfx_vsnprintf+0x10/0x10 [ 1411.620823][T31294] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1411.620843][T31294] ? do_vfs_ioctl+0x226/0x13e0 [ 1411.620860][T31294] blk_trace_ioctl+0x245/0x320 [ 1411.620878][T31294] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 1411.620898][T31294] ? find_held_lock+0x2b/0x80 [ 1411.620915][T31294] ? __fget_files+0x215/0x3d0 [ 1411.620930][T31294] ? hook_file_ioctl_common+0x149/0x410 [ 1411.620950][T31294] blkdev_ioctl+0x17c/0x6f0 [ 1411.620972][T31294] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1411.620996][T31294] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1411.621018][T31294] __x64_sys_ioctl+0x18e/0x210 [ 1411.621034][T31294] do_syscall_64+0x115/0x840 [ 1411.621053][T31294] ? clear_bhb_loop+0x40/0x90 [ 1411.621071][T31294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1411.621086][T31294] RIP: 0033:0x7f9eef79ce59 [ 1411.621101][T31294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1411.621115][T31294] RSP: 002b:00007f9ef071f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1411.621130][T31294] RAX: ffffffffffffffda RBX: 00007f9eefa16090 RCX: 00007f9eef79ce59 [ 1411.621140][T31294] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000007 [ 1411.621150][T31294] RBP: 00007f9eef832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1411.621159][T31294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1411.621168][T31294] R13: 00007f9eefa16128 R14: 00007f9eefa16090 R15: 00007ffda8013e28 [ 1411.621188][T31294] [ 1413.584404][T31091] Bluetooth: hci3: command tx timeout [ 1413.908979][ T5294] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1413.979390][T31210] bridge0: port 1(bridge_slave_0) entered blocking state [ 1414.010561][T31210] bridge0: port 1(bridge_slave_0) entered disabled state [ 1414.066913][T31210] bridge_slave_0: entered allmulticast mode [ 1414.090761][T31210] bridge_slave_0: entered promiscuous mode [ 1414.127557][T31210] bridge0: port 2(bridge_slave_1) entered blocking state [ 1414.179850][T31210] bridge0: port 2(bridge_slave_1) entered disabled state [ 1414.233565][T31210] bridge_slave_1: entered allmulticast mode [ 1414.296896][T31210] bridge_slave_1: entered promiscuous mode [ 1414.542458][T31210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1414.662672][T31210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1414.761173][T31340] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4835'. [ 1415.085499][T31210] team0: Port device team_slave_0 added [ 1415.236239][T31210] team0: Port device team_slave_1 added [ 1415.281821][T31344] can: request_module (can-proto-0) failed. [ 1415.648784][T31091] Bluetooth: hci3: command tx timeout [ 1415.703933][T31210] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1415.751144][T31210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1415.850271][T31307] Process accounting paused [ 1415.866933][T31210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1415.991098][T31210] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1416.037008][T31210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1416.098028][T31210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1416.132421][ T5294] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1416.342738][T31360] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4837'. [ 1416.483672][T31210] hsr_slave_0: entered promiscuous mode [ 1416.513791][T31210] hsr_slave_1: entered promiscuous mode [ 1416.546822][T31210] debugfs: 'hsr0' already exists in 'hsr' [ 1416.580915][T31210] Cannot create hsr debugfs directory [ 1416.607383][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1416.652202][T31370] random: crng reseeded on system resumption [ 1416.685063][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1416.691489][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1416.715171][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1416.755715][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1416.819140][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1416.857762][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1416.894171][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1416.935110][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1416.997711][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1417.046409][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1417.078129][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1417.130055][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1417.195343][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1417.261213][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1417.291954][T31365] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12 [ 1418.926655][T31138] hsr_slave_0: left promiscuous mode [ 1418.941288][T31138] hsr_slave_1: left promiscuous mode [ 1418.959051][T31138] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1418.978817][T31138] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1418.997033][T31138] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1419.017120][T31138] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1419.259556][T31138] team0 (unregistering): Port device team_slave_1 removed [ 1419.295209][T31138] team0 (unregistering): Port device team_slave_0 removed [ 1420.509667][T31444] nvme_fabrics: missing parameter 'transport=%s' [ 1420.610373][T31444] nvme_fabrics: missing parameter 'nqn=%s' [ 1420.994856][T31091] Bluetooth: hci2: Unable to find connection for big 0xe0 [ 1421.426751][T31210] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1421.476356][T31210] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1421.527410][T31210] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1421.580156][T31210] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1421.609041][T31469] random: crng reseeded on system resumption [ 1421.627214][T31210] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1421.693295][T31210] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1421.741326][T31210] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1421.801614][T31210] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1422.201785][T31210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1422.328529][T31210] 8021q: adding VLAN 0 to HW filter on device team0 [ 1422.405519][T31073] bridge0: port 1(bridge_slave_0) entered blocking state [ 1422.412812][T31073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1422.511765][T31073] bridge0: port 2(bridge_slave_1) entered blocking state [ 1422.518957][T31073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1424.474842][T31210] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1424.675485][T31549] nvme_fabrics: missing parameter 'transport=%s' [ 1424.715390][T31210] veth0_vlan: entered promiscuous mode [ 1424.788362][T31210] veth1_vlan: entered promiscuous mode [ 1424.797771][T31549] nvme_fabrics: missing parameter 'nqn=%s' [ 1425.095593][T31210] veth0_macvtap: entered promiscuous mode [ 1425.195839][T31210] veth1_macvtap: entered promiscuous mode [ 1425.282900][T31210] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1425.354676][T31210] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1425.427205][T31073] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1425.478400][T31073] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1425.720229][T31073] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1425.793194][T31073] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1426.328096][T31347] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1426.380019][T31347] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1426.563489][T31601] FAULT_INJECTION: forcing a failure. [ 1426.563489][T31601] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.662684][T31601] CPU: 0 UID: 0 PID: 31601 Comm: syz.1.4866 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1426.662712][T31601] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1426.662718][T31601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1426.662727][T31601] Call Trace: [ 1426.662733][T31601] [ 1426.662740][T31601] dump_stack_lvl+0x100/0x190 [ 1426.662774][T31601] should_fail_ex.cold+0x5/0xa [ 1426.662795][T31601] should_failslab+0xc2/0x120 [ 1426.662814][T31601] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1426.662835][T31601] ? trace_pid_list_alloc+0x2fe/0x480 [ 1426.662859][T31601] trace_pid_list_alloc+0x2fe/0x480 [ 1426.662881][T31601] trace_pid_write+0x110/0x460 [ 1426.662901][T31601] ? __pfx_trace_pid_write+0x10/0x10 [ 1426.662931][T31601] event_pid_write.isra.0+0x1e4/0x7d0 [ 1426.662952][T31601] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 1426.662978][T31601] vfs_write+0x2aa/0x1070 [ 1426.662996][T31601] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 1426.663018][T31601] ? __pfx_vfs_write+0x10/0x10 [ 1426.663033][T31601] ? do_futex+0x192/0x350 [ 1426.663048][T31601] ? __pfx_do_futex+0x10/0x10 [ 1426.663061][T31601] ? __pfx_do_sys_openat2+0x10/0x10 [ 1426.663087][T31601] ? __x64_sys_futex+0x34f/0x4d0 [ 1426.663101][T31601] ? __x64_sys_futex+0x358/0x4d0 [ 1426.663118][T31601] ksys_write+0x12a/0x250 [ 1426.663135][T31601] ? __pfx_ksys_write+0x10/0x10 [ 1426.663152][T31601] ? rcu_is_watching+0x12/0xc0 [ 1426.663172][T31601] do_syscall_64+0x115/0x840 [ 1426.663210][T31601] ? clear_bhb_loop+0x40/0x90 [ 1426.663229][T31601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1426.663246][T31601] RIP: 0033:0x7f124f79ce59 [ 1426.663260][T31601] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1426.663276][T31601] RSP: 002b:00007f125068b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1426.663291][T31601] RAX: ffffffffffffffda RBX: 00007f124fa15fa0 RCX: 00007f124f79ce59 [ 1426.663301][T31601] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1426.663310][T31601] RBP: 00007f124f832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1426.663319][T31601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1426.663328][T31601] R13: 00007f124fa16038 R14: 00007f124fa15fa0 R15: 00007ffe8ac23248 [ 1426.663348][T31601] [ 1427.190719][T31266] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1427.215841][T31266] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1427.667777][T31614] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4820'. [ 1427.790370][T31614] nbd: must specify a size in bytes for the device [ 1428.386473][T31629] FAULT_INJECTION: forcing a failure. [ 1428.386473][T31629] name failslab, interval 1, probability 0, space 0, times 0 [ 1428.521980][T31635] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4871'. [ 1428.653030][T31212] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1428.671830][T31212] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1428.685477][T31212] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1428.699384][T31629] CPU: 0 UID: 0 PID: 31629 Comm: syz.2.4869 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1428.699413][T31629] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1428.699419][T31629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1428.699429][T31629] Call Trace: [ 1428.699435][T31629] [ 1428.699442][T31629] dump_stack_lvl+0x100/0x190 [ 1428.699473][T31629] should_fail_ex.cold+0x5/0xa [ 1428.699493][T31629] ? mpi_alloc_limb_space+0x31/0x60 [ 1428.699584][T31629] should_failslab+0xc2/0x120 [ 1428.699604][T31629] __kmalloc_noprof+0xe0/0x850 [ 1428.699631][T31629] mpi_alloc_limb_space+0x31/0x60 [ 1428.699651][T31629] mpi_powm+0x436/0x1e50 [ 1428.699678][T31629] ? __pfx_mpi_powm+0x10/0x10 [ 1428.699697][T31629] ? mpi_free+0xe0/0x150 [ 1428.699714][T31629] ? mpi_free+0xe1/0x150 [ 1428.699731][T31629] ? kfree+0x223/0x6c0 [ 1428.699753][T31629] ? mpi_free+0xe6/0x150 [ 1428.699774][T31629] rsa_enc+0x1fe/0x3b0 [ 1428.699824][T31629] ? __pfx_rsa_enc+0x10/0x10 [ 1428.699840][T31629] ? __virt_addr_valid+0x239/0x430 [ 1428.699864][T31629] ? sg_init_one+0xf5/0x1b0 [ 1428.699883][T31629] rsassa_pkcs1_verify+0x4eb/0xc20 [ 1428.699906][T31629] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 1428.699932][T31629] ? rsa_max_size+0xd/0x70 [ 1428.699946][T31629] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 1428.699966][T31629] public_key_verify_signature+0x5ee/0x910 [ 1428.699990][T31629] ? __pfx_public_key_verify_signature+0x10/0x10 [ 1428.700019][T31629] ? __kmalloc_noprof+0x320/0x850 [ 1428.700045][T31629] x509_check_for_self_signed+0x325/0x510 [ 1428.700070][T31629] x509_cert_parse+0x60c/0x910 [ 1428.700089][T31629] ? kasan_save_stack+0x3f/0x50 [ 1428.700102][T31629] ? kasan_save_stack+0x30/0x50 [ 1428.700116][T31629] ? kasan_save_track+0x14/0x30 [ 1428.700131][T31629] pkcs7_extract_cert+0xa4/0x380 [ 1428.700156][T31629] asn1_ber_decoder+0x12b3/0x2170 [ 1428.700180][T31629] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 1428.700211][T31629] pkcs7_parse_message+0x289/0x870 [ 1428.700235][T31629] verify_pkcs7_signature+0x30/0xa0 [ 1428.700254][T31629] valid_regdb+0x211/0x590 [ 1428.700274][T31629] ? __pfx_valid_regdb+0x10/0x10 [ 1428.700294][T31629] reg_reload_regdb+0x11a/0x460 [ 1428.700313][T31629] ? __pfx_reg_reload_regdb+0x10/0x10 [ 1428.700333][T31629] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1428.700363][T31629] ? nl80211_pre_doit+0x19a/0xae0 [ 1428.700389][T31629] genl_family_rcv_msg_doit+0x214/0x300 [ 1428.700416][T31629] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1428.700438][T31629] ? genl_get_cmd+0x3e7/0x760 [ 1428.700464][T31629] ? bpf_lsm_capable+0x9/0x10 [ 1428.700480][T31629] ? security_capable+0x80/0x260 [ 1428.700499][T31629] genl_rcv_msg+0x560/0x800 [ 1428.700522][T31629] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1428.700543][T31629] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1428.700563][T31629] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 1428.700580][T31629] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1428.700608][T31629] netlink_rcv_skb+0x159/0x420 [ 1428.700626][T31629] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1428.700648][T31629] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1428.700674][T31629] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1428.700695][T31629] genl_rcv+0x28/0x40 [ 1428.700713][T31629] netlink_unicast+0x585/0x850 [ 1428.700734][T31629] ? __pfx_netlink_unicast+0x10/0x10 [ 1428.700757][T31629] netlink_sendmsg+0x8b0/0xda0 [ 1428.700779][T31629] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1428.700796][T31629] ? __import_iovec+0x1d2/0x640 [ 1428.700819][T31629] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1428.700837][T31629] ____sys_sendmsg+0x9e1/0xb70 [ 1428.700857][T31629] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1428.700877][T31629] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1428.700894][T31629] ? preempt_schedule_thunk+0x16/0x30 [ 1428.700919][T31629] ? try_to_wake_up+0x5f6/0x1900 [ 1428.700941][T31629] ___sys_sendmsg+0x190/0x1e0 [ 1428.700962][T31629] ? __pfx____sys_sendmsg+0x10/0x10 [ 1428.700981][T31629] ? futex_private_hash_put+0x107/0x1c0 [ 1428.701024][T31629] __sys_sendmsg+0x170/0x220 [ 1428.701039][T31629] ? __pfx___sys_sendmsg+0x10/0x10 [ 1428.701054][T31629] ? __x64_sys_futex+0x34f/0x4d0 [ 1428.701076][T31629] ? rcu_is_watching+0x12/0xc0 [ 1428.701095][T31629] do_syscall_64+0x115/0x840 [ 1428.701114][T31629] ? clear_bhb_loop+0x40/0x90 [ 1428.701132][T31629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1428.701148][T31629] RIP: 0033:0x7f7674d9ce59 [ 1428.701163][T31629] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1428.701178][T31629] RSP: 002b:00007f7675c33028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1428.701195][T31629] RAX: ffffffffffffffda RBX: 00007f7675016090 RCX: 00007f7674d9ce59 [ 1428.701205][T31629] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 000000000000000a [ 1428.701215][T31629] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1428.701225][T31629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1428.701234][T31629] R13: 00007f7675016128 R14: 00007f7675016090 R15: 00007ffe895a8af8 [ 1428.701253][T31629] [ 1428.701957][T31212] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1429.278628][T31212] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1431.335523][T31212] Bluetooth: hci4: command tx timeout [ 1432.690947][T31724] nvme_fabrics: missing parameter 'transport=%s' [ 1432.781994][T31724] nvme_fabrics: missing parameter 'nqn=%s' [ 1433.036041][T31638] bridge0: port 1(bridge_slave_0) entered blocking state [ 1433.062488][T31638] bridge0: port 1(bridge_slave_0) entered disabled state [ 1433.100456][T31638] bridge_slave_0: entered allmulticast mode [ 1433.134675][T31638] bridge_slave_0: entered promiscuous mode [ 1433.193449][T31638] bridge0: port 2(bridge_slave_1) entered blocking state [ 1433.229951][T31638] bridge0: port 2(bridge_slave_1) entered disabled state [ 1433.259667][T31638] bridge_slave_1: entered allmulticast mode [ 1433.284072][T31638] bridge_slave_1: entered promiscuous mode [ 1433.405590][T31212] Bluetooth: hci4: command tx timeout [ 1433.548211][T31638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1433.628060][T31638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1433.931168][T31754] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1433.995322][T31638] team0: Port device team_slave_0 added [ 1434.044203][T31638] team0: Port device team_slave_1 added [ 1434.236782][T31761] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 1434.347926][T31638] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1434.398478][T31638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1434.534226][T31638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1434.776162][T31638] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1434.837604][T31638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1434.957395][T31638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1435.404074][T31638] hsr_slave_0: entered promiscuous mode [ 1435.430961][T31638] hsr_slave_1: entered promiscuous mode [ 1435.465257][T31638] debugfs: 'hsr0' already exists in 'hsr' [ 1435.475404][T31212] Bluetooth: hci4: command tx timeout [ 1435.508419][T31638] Cannot create hsr debugfs directory [ 1437.546087][T31212] Bluetooth: hci4: command tx timeout [ 1437.661808][T31638] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1438.060653][T31638] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1438.329221][T31638] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1438.593342][T31638] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1439.094195][T31838] nvme_fabrics: missing parameter 'transport=%s' [ 1439.149585][T31212] Bluetooth: hci2: command 0x0406 tx timeout [ 1439.209255][T31838] nvme_fabrics: missing parameter 'nqn=%s' [ 1440.282355][T31638] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1440.314793][T31638] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1440.329484][T31858] Setting dangerous option i915.mitigations - tainting kernel [ 1440.359740][T31638] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1440.413820][T31638] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1440.527113][T31638] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1440.569652][T31638] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1440.668647][T31638] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1440.699614][T31863] nvme_fabrics: missing parameter 'transport=%s' [ 1440.709346][T31638] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1440.752000][T31863] nvme_fabrics: missing parameter 'nqn=%s' [ 1441.632455][T31638] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1441.653447][T31876] nvme_fabrics: missing parameter 'transport=%s' [ 1441.754412][T31876] nvme_fabrics: missing parameter 'nqn=%s' [ 1442.004014][T31638] 8021q: adding VLAN 0 to HW filter on device team0 [ 1442.155879][T31085] bridge0: port 1(bridge_slave_0) entered blocking state [ 1442.163061][T31085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1442.315651][T31085] bridge0: port 2(bridge_slave_1) entered blocking state [ 1442.324613][T31085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1444.213842][T31927] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 6 with max blocks 1 with error 117 [ 1444.289975][T31927] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1444.289975][T31927] [ 1444.415496][T31638] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1444.452511][T31936] netlink: 350 bytes leftover after parsing attributes in process `syz.0.4915'. [ 1444.654902][T31638] veth0_vlan: entered promiscuous mode [ 1444.723707][T31638] veth1_vlan: entered promiscuous mode [ 1445.044733][T31638] veth0_macvtap: entered promiscuous mode [ 1445.106691][T31638] veth1_macvtap: entered promiscuous mode [ 1445.206472][T31638] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1445.273166][T31638] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1445.328355][T31087] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1445.414307][T31952] random: crng reseeded on system resumption [ 1445.467793][T31087] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1445.530755][T31087] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1445.562844][T31087] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1446.048386][T31119] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1446.098194][T31119] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1446.450818][T31119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1446.492450][T31119] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1448.118084][T31996] nvme_fabrics: missing parameter 'transport=%s' [ 1448.203142][T31996] nvme_fabrics: missing parameter 'nqn=%s' [ 1449.086622][T32019] FAULT_INJECTION: forcing a failure. [ 1449.086622][T32019] name failslab, interval 1, probability 0, space 0, times 0 [ 1449.421250][T32019] CPU: 0 UID: 8 PID: 32019 Comm: syz.1.4931 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1449.421283][T32019] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1449.421289][T32019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1449.421299][T32019] Call Trace: [ 1449.421305][T32019] [ 1449.421312][T32019] dump_stack_lvl+0x100/0x190 [ 1449.421343][T32019] should_fail_ex.cold+0x5/0xa [ 1449.421364][T32019] should_failslab+0xc2/0x120 [ 1449.421382][T32019] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1449.421402][T32019] ? key_user_lookup+0x1a3/0x5a0 [ 1449.421514][T32019] key_user_lookup+0x1a3/0x5a0 [ 1449.421534][T32019] ? __pfx_key_user_lookup+0x10/0x10 [ 1449.421554][T32019] ? security_key_permission+0x7b/0x230 [ 1449.421576][T32019] key_alloc+0x18b/0x1310 [ 1449.421598][T32019] ? __pfx_keyring_search+0x10/0x10 [ 1449.421637][T32019] ? __pfx_key_alloc+0x10/0x10 [ 1449.421662][T32019] ? __pfx_key_default_cmp+0x10/0x10 [ 1449.421683][T32019] ? __pfx_keyring_search_iterator+0x10/0x10 [ 1449.421709][T32019] keyring_alloc+0x44/0xc0 [ 1449.421733][T32019] look_up_user_keyrings+0x465/0x790 [ 1449.421754][T32019] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 1449.421770][T32019] ? futex_wait+0x11e/0x370 [ 1449.421788][T32019] ? __pfx_futex_wait+0x10/0x10 [ 1449.421810][T32019] lookup_user_key+0xbb1/0x1300 [ 1449.421829][T32019] ? __pfx_lookup_user_key+0x10/0x10 [ 1449.421851][T32019] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1449.421871][T32019] ? __x64_sys_futex+0x34f/0x4d0 [ 1449.421885][T32019] ? __x64_sys_futex+0x358/0x4d0 [ 1449.421904][T32019] keyctl_session_to_parent+0x28/0xae0 [ 1449.421924][T32019] __do_sys_keyctl+0x2b1/0x5a0 [ 1449.421941][T32019] do_syscall_64+0x115/0x840 [ 1449.421961][T32019] ? clear_bhb_loop+0x40/0x90 [ 1449.421979][T32019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1449.421998][T32019] RIP: 0033:0x7fe03879ce59 [ 1449.422012][T32019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1449.422026][T32019] RSP: 002b:00007fe039661028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1449.422041][T32019] RAX: ffffffffffffffda RBX: 00007fe038a15fa0 RCX: 00007fe03879ce59 [ 1449.422051][T32019] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 1449.422068][T32019] RBP: 00007fe038832d6f R08: 0000000000000001 R09: 0000000000000000 [ 1449.422078][T32019] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 1449.422088][T32019] R13: 00007fe038a16038 R14: 00007fe038a15fa0 R15: 00007ffd6bcc7c48 [ 1449.422108][T32019] [ 1451.522510][T32042] [U] ^\ [ 1453.038180][T32068] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1453.426438][T32070] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4944'. [ 1454.499444][ T29] audit: type=1804 audit(2147483722.643:51): pid=32090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4948" name="/newroot/130/file0" dev="tmpfs" ino=692 res=1 errno=0 [ 1455.917769][T32114] sysfs_service_op_store: Client not running :-5: [ 1461.617203][T32227] nvme_fabrics: missing parameter 'transport=%s' [ 1461.735767][T32227] nvme_fabrics: missing parameter 'nqn=%s' [ 1464.908941][T32276] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 1465.124405][T32279] smpboot: CPU 1 is now offline [ 1465.280595][ T29] audit: type=1804 audit(2147483733.484:52): pid=32283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4987" name="/newroot/139/file0" dev="tmpfs" ino=741 res=1 errno=0 [ 1466.543628][T32299] netlink: 'syz.1.4991': attribute type 1 has an invalid length. [ 1466.580911][T32299] netlink: 33 bytes leftover after parsing attributes in process `syz.1.4991'. [ 1470.483854][T31091] Bluetooth: hci3: unexpected subevent 0x0c length: 118 > 5 [ 1470.627062][T32351] vhci_hcd vhci_hcd.1: invalid port number 16 [ 1470.662944][T32351] vhci_hcd vhci_hcd.1: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 1472.070147][T31138] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1472.530484][T32378] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1472.537253][T32378] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1472.545134][T32378] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1472.553935][T32378] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1472.560069][T32378] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1472.570291][T32378] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1472.586192][T32378] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1472.594682][T32378] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1472.604208][T32378] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1472.874001][ T29] audit: type=1804 audit(2147483741.100:53): pid=32398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5012" name="/newroot/145/file0" dev="tmpfs" ino=772 res=1 errno=0 [ 1473.307153][T32408] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5015'. [ 1473.465485][T32408] team0 (unregistering): Port device team_slave_0 removed [ 1473.517547][T32408] team0 (unregistering): Port device team_slave_1 removed [ 1473.576688][T32423] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5017'. [ 1473.939660][T32423] ipvlan1: entered promiscuous mode [ 1473.984219][T32423] ipvlan1: entered allmulticast mode [ 1474.018519][T32423] veth0_vlan: entered allmulticast mode [ 1474.093934][T31091] Bluetooth: hci0: command 0x0c1a tx timeout [ 1474.571521][T31091] Bluetooth: hci3: command 0x0c1a tx timeout [ 1474.579072][T31212] Bluetooth: hci2: command 0x0406 tx timeout [ 1474.653786][T31091] Bluetooth: hci4: command 0x0c1a tx timeout [ 1476.076174][ T29] audit: type=1804 audit(2147483744.325:54): pid=32469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5024" name="/newroot/418/file0" dev="tmpfs" ino=2189 res=1 errno=0 [ 1476.441186][T32473] can: request_module (can-proto-0) failed. [ 1476.647532][T31091] Bluetooth: hci3: command 0x0c1a tx timeout [ 1476.655891][T31091] Bluetooth: hci2: command 0x0406 tx timeout [ 1476.721455][T31091] Bluetooth: hci4: command 0x0c1a tx timeout [ 1477.680552][T32501] nvme_fabrics: missing parameter 'transport=%s' [ 1477.803458][T32501] nvme_fabrics: missing parameter 'nqn=%s' [ 1477.842690][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1477.849191][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1478.712250][T31091] Bluetooth: hci3: command 0x0c1a tx timeout [ 1478.793663][T31091] Bluetooth: hci4: command 0x0c1a tx timeout [ 1480.609876][T32553] nvme_fabrics: missing parameter 'transport=%s' [ 1480.704067][T32553] nvme_fabrics: missing parameter 'nqn=%s' [ 1480.808709][T32567] FAULT_INJECTION: forcing a failure. [ 1480.808709][T32567] name failslab, interval 1, probability 0, space 0, times 0 [ 1480.901655][T32567] CPU: 0 UID: 0 PID: 32567 Comm: syz.1.5041 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1480.901684][T32567] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1480.901690][T32567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1480.901700][T32567] Call Trace: [ 1480.901705][T32567] [ 1480.901712][T32567] dump_stack_lvl+0x100/0x190 [ 1480.901743][T32567] should_fail_ex.cold+0x5/0xa [ 1480.901764][T32567] should_failslab+0xc2/0x120 [ 1480.901782][T32567] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1480.901804][T32567] ? alloc_inode+0x183/0x250 [ 1480.901831][T32567] alloc_inode+0x183/0x250 [ 1480.901852][T32567] new_inode+0x22/0x1c0 [ 1480.901875][T32567] nfsd_mkdir+0x78/0x460 [ 1480.901935][T32567] nfsd_fill_super+0x3f9/0x560 [ 1480.901959][T32567] ? __pfx_nfsd_fill_super+0x10/0x10 [ 1480.901982][T32567] get_tree_keyed+0x10e/0x1d0 [ 1480.902000][T32567] vfs_get_tree+0x92/0x320 [ 1480.902014][T32567] path_mount+0x7d0/0x23d0 [ 1480.902036][T32567] ? __pfx_path_mount+0x10/0x10 [ 1480.902054][T32567] ? lockdep_hardirqs_on+0x78/0x100 [ 1480.902076][T32567] ? putname+0xb1/0x110 [ 1480.902093][T32567] ? kmem_cache_free+0x127/0x6c0 [ 1480.902120][T32567] ? __x64_sys_mount+0x293/0x310 [ 1480.902138][T32567] __x64_sys_mount+0x293/0x310 [ 1480.902158][T32567] ? __pfx___x64_sys_mount+0x10/0x10 [ 1480.902179][T32567] ? rcu_is_watching+0x12/0xc0 [ 1480.902198][T32567] do_syscall_64+0x115/0x840 [ 1480.902217][T32567] ? clear_bhb_loop+0x40/0x90 [ 1480.902235][T32567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1480.902250][T32567] RIP: 0033:0x7fe03879ce59 [ 1480.902263][T32567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1480.902278][T32567] RSP: 002b:00007fe03961f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1480.902293][T32567] RAX: ffffffffffffffda RBX: 00007fe038a16180 RCX: 00007fe03879ce59 [ 1480.902303][T32567] RDX: 0000200000000200 RSI: 00002000000000c0 RDI: 0000000000000000 [ 1480.902312][T32567] RBP: 00007fe038832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1480.902321][T32567] R10: 000000000000000f R11: 0000000000000246 R12: 0000000000000000 [ 1480.902330][T32567] R13: 00007fe038a16218 R14: 00007fe038a16180 R15: 00007ffd6bcc7c48 [ 1480.902349][T32567] [ 1482.703796][T32587] nvme_fabrics: missing parameter 'transport=%s' [ 1482.799258][T32587] nvme_fabrics: missing parameter 'nqn=%s' [ 1484.292735][T32632] FAULT_INJECTION: forcing a failure. [ 1484.292735][T32632] name failslab, interval 1, probability 0, space 0, times 0 [ 1484.402969][T32632] CPU: 0 UID: 0 PID: 32632 Comm: syz.0.5054 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1484.402995][T32632] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1484.403000][T32632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1484.403009][T32632] Call Trace: [ 1484.403014][T32632] [ 1484.403020][T32632] dump_stack_lvl+0x100/0x190 [ 1484.403048][T32632] should_fail_ex.cold+0x5/0xa [ 1484.403067][T32632] should_failslab+0xc2/0x120 [ 1484.403084][T32632] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1484.403105][T32632] ? mpol_new+0x11b/0x2d0 [ 1484.403118][T32632] ? find_held_lock+0x2b/0x80 [ 1484.403135][T32632] ? get_pid_task+0xfc/0x250 [ 1484.403157][T32632] mpol_new+0x11b/0x2d0 [ 1484.403173][T32632] do_mbind+0x210/0xfd0 [ 1484.403196][T32632] ? __pfx_do_mbind+0x10/0x10 [ 1484.403214][T32632] ? ksys_write+0x190/0x250 [ 1484.403238][T32632] ? __pfx_get_nodes+0x10/0x10 [ 1484.403251][T32632] ? __fget_files+0x21f/0x3d0 [ 1484.403270][T32632] kernel_mbind+0x1b7/0x200 [ 1484.403290][T32632] ? __pfx_kernel_mbind+0x10/0x10 [ 1484.403309][T32632] ? rcu_is_watching+0x12/0xc0 [ 1484.403327][T32632] do_syscall_64+0x115/0x840 [ 1484.403346][T32632] ? clear_bhb_loop+0x40/0x90 [ 1484.403363][T32632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1484.403378][T32632] RIP: 0033:0x7faf62f9ce59 [ 1484.403390][T32632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1484.403403][T32632] RSP: 002b:00007faf63da5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1484.403418][T32632] RAX: ffffffffffffffda RBX: 00007faf63216270 RCX: 00007faf62f9ce59 [ 1484.403427][T32632] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 1484.403435][T32632] RBP: 00007faf63da5090 R08: 0000000000000006 R09: 0000000000000002 [ 1484.403444][T32632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1484.403452][T32632] R13: 00007faf63216308 R14: 00007faf63216270 R15: 00007ffdf3b95fc8 [ 1484.403473][T32632] [ 1485.005781][T32627] Process accounting resumed [ 1486.284983][T32666] nvme_fabrics: missing parameter 'transport=%s' [ 1486.384669][T32666] nvme_fabrics: missing parameter 'nqn=%s' [ 1486.857581][T32669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5062'. [ 1488.331512][T32704] FAULT_INJECTION: forcing a failure. [ 1488.331512][T32704] name failslab, interval 1, probability 0, space 0, times 0 [ 1488.401183][T32704] CPU: 0 UID: 0 PID: 32704 Comm: syz.1.5066 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1488.401208][T32704] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1488.401213][T32704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1488.401222][T32704] Call Trace: [ 1488.401228][T32704] [ 1488.401234][T32704] dump_stack_lvl+0x100/0x190 [ 1488.401263][T32704] should_fail_ex.cold+0x5/0xa [ 1488.401282][T32704] should_failslab+0xc2/0x120 [ 1488.401308][T32704] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1488.401330][T32704] ? vm_area_dup+0x27/0x8e0 [ 1488.401353][T32704] vm_area_dup+0x27/0x8e0 [ 1488.401373][T32704] __split_vma+0x18c/0xda0 [ 1488.401393][T32704] ? walk_pgd_range+0x1133/0x1dd0 [ 1488.401408][T32704] ? __pfx___split_vma+0x10/0x10 [ 1488.401437][T32704] vma_modify+0x12ad/0x25c0 [ 1488.401458][T32704] ? find_vma+0x51/0x140 [ 1488.401477][T32704] ? __pfx_vma_modify+0x10/0x10 [ 1488.401496][T32704] ? queue_pages_test_walk+0x258/0x420 [ 1488.401513][T32704] ? __pfx_find_vma+0x10/0x10 [ 1488.401527][T32704] ? __pfx_queue_pages_test_walk+0x10/0x10 [ 1488.401545][T32704] ? walk_page_test+0x78/0x180 [ 1488.401565][T32704] vma_modify_policy+0x238/0x300 [ 1488.401587][T32704] ? __pfx_vma_modify_policy+0x10/0x10 [ 1488.401619][T32704] ? mas_walk+0x6ef/0x9b0 [ 1488.401641][T32704] mbind_range+0x175/0x550 [ 1488.401661][T32704] do_mbind+0x7dc/0xfd0 [ 1488.401685][T32704] ? __pfx_do_mbind+0x10/0x10 [ 1488.401703][T32704] ? ksys_write+0x190/0x250 [ 1488.401727][T32704] ? __pfx_get_nodes+0x10/0x10 [ 1488.401741][T32704] ? __fget_files+0x21f/0x3d0 [ 1488.401761][T32704] kernel_mbind+0x1b7/0x200 [ 1488.401780][T32704] ? __pfx_kernel_mbind+0x10/0x10 [ 1488.401800][T32704] ? rcu_is_watching+0x12/0xc0 [ 1488.401819][T32704] do_syscall_64+0x115/0x840 [ 1488.401837][T32704] ? clear_bhb_loop+0x40/0x90 [ 1488.401854][T32704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1488.401869][T32704] RIP: 0033:0x7fe03879ce59 [ 1488.401881][T32704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1488.401894][T32704] RSP: 002b:00007fe0395fe028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1488.401909][T32704] RAX: ffffffffffffffda RBX: 00007fe038a16270 RCX: 00007fe03879ce59 [ 1488.401919][T32704] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 1488.401927][T32704] RBP: 00007fe0395fe090 R08: 0000000000000006 R09: 0000000000000002 [ 1488.401935][T32704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1488.401944][T32704] R13: 00007fe038a16308 R14: 00007fe038a16270 R15: 00007ffd6bcc7c48 [ 1488.401962][T32704] [ 1489.241276][T32710] nvme_fabrics: missing parameter 'transport=%s' [ 1489.277359][T32710] nvme_fabrics: missing parameter 'nqn=%s' [ 1490.112713][T32720] ima: policy update failed [ 1490.132384][T32730] nvme_fabrics: missing parameter 'transport=%s' [ 1490.163304][ T29] audit: type=1802 audit(2147483758.471:55): pid=32720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.5071" res=0 errno=0 [ 1490.206172][T32730] nvme_fabrics: missing parameter 'nqn=%s' [ 1491.132450][T32749] nvme_fabrics: missing parameter 'transport=%s' [ 1491.217360][T32749] nvme_fabrics: missing parameter 'nqn=%s' [ 1492.272941][T31091] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1494.954652][ T353] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5090'. [ 1495.857342][ T374] FAULT_INJECTION: forcing a failure. [ 1495.857342][ T374] name failslab, interval 1, probability 0, space 0, times 0 [ 1495.857392][ T374] CPU: 0 UID: 0 PID: 374 Comm: syz.2.5092 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1495.857417][ T374] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1495.857423][ T374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1495.857434][ T374] Call Trace: [ 1495.857439][ T374] [ 1495.857445][ T374] dump_stack_lvl+0x100/0x190 [ 1495.857477][ T374] should_fail_ex.cold+0x5/0xa [ 1495.857497][ T374] ? vc_allocate+0x4c3/0x880 [ 1495.857585][ T374] should_failslab+0xc2/0x120 [ 1495.857604][ T374] __kmalloc_noprof+0xe0/0x850 [ 1495.857631][ T374] vc_allocate+0x4c3/0x880 [ 1495.857650][ T374] ? __pfx_vc_allocate+0x10/0x10 [ 1495.857684][ T374] con_install+0xa1/0x620 [ 1495.857704][ T374] ? __pfx_con_install+0x10/0x10 [ 1495.857726][ T374] ? __pfx_con_install+0x10/0x10 [ 1495.857746][ T374] tty_init_dev.part.0+0x9e/0x470 [ 1495.857802][ T374] tty_open+0xa63/0xfa0 [ 1495.857827][ T374] ? __pfx_tty_open+0x10/0x10 [ 1495.857845][ T374] ? chrdev_open+0x589/0x6a0 [ 1495.857863][ T374] ? chrdev_open+0x589/0x6a0 [ 1495.857884][ T374] ? __pfx_tty_open+0x10/0x10 [ 1495.857903][ T374] chrdev_open+0x234/0x6a0 [ 1495.857921][ T374] ? __pfx_chrdev_open+0x10/0x10 [ 1495.857940][ T374] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1495.857964][ T374] do_dentry_open+0x6ab/0x14d0 [ 1495.857981][ T374] ? __pfx_chrdev_open+0x10/0x10 [ 1495.858003][ T374] vfs_open+0x82/0x3f0 [ 1495.858026][ T374] path_openat+0x208c/0x31a0 [ 1495.858051][ T374] ? __pfx_path_openat+0x10/0x10 [ 1495.858076][ T374] do_file_open+0x20e/0x430 [ 1495.858096][ T374] ? __pfx_do_file_open+0x10/0x10 [ 1495.858127][ T374] ? alloc_fd+0x476/0x790 [ 1495.858147][ T374] ? do_getname+0x191/0x390 [ 1495.858169][ T374] do_sys_openat2+0x10d/0x1e0 [ 1495.858190][ T374] ? __pfx_do_sys_openat2+0x10/0x10 [ 1495.858213][ T374] ? __fget_files+0x21f/0x3d0 [ 1495.858234][ T374] __x64_sys_openat+0x12d/0x210 [ 1495.858256][ T374] ? __pfx___x64_sys_openat+0x10/0x10 [ 1495.858281][ T374] ? rcu_is_watching+0x12/0xc0 [ 1495.858300][ T374] do_syscall_64+0x115/0x840 [ 1495.858327][ T374] ? clear_bhb_loop+0x40/0x90 [ 1495.858346][ T374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1495.858362][ T374] RIP: 0033:0x7f7674d9ce59 [ 1495.858377][ T374] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1495.858391][ T374] RSP: 002b:00007f7675c12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1495.858424][ T374] RAX: ffffffffffffffda RBX: 00007f7675016180 RCX: 00007f7674d9ce59 [ 1495.858435][ T374] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1495.858444][ T374] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1495.858454][ T374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1495.858464][ T374] R13: 00007f7675016218 R14: 00007f7675016180 R15: 00007ffe895a8af8 [ 1495.858484][ T374] [ 1496.273237][ T385] FAULT_INJECTION: forcing a failure. [ 1496.273237][ T385] name failslab, interval 1, probability 0, space 0, times 0 [ 1496.273361][ T385] CPU: 0 UID: 0 PID: 385 Comm: syz.1.5094 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1496.273383][ T385] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1496.273389][ T385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1496.273398][ T385] Call Trace: [ 1496.273403][ T385] [ 1496.273409][ T385] dump_stack_lvl+0x100/0x190 [ 1496.273437][ T385] should_fail_ex.cold+0x5/0xa [ 1496.273456][ T385] should_failslab+0xc2/0x120 [ 1496.273473][ T385] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1496.273494][ T385] ? anon_vma_clone+0x2ba/0xcd0 [ 1496.273516][ T385] anon_vma_clone+0x2ba/0xcd0 [ 1496.273539][ T385] __split_vma+0x51f/0xda0 [ 1496.273561][ T385] ? __pfx___split_vma+0x10/0x10 [ 1496.273590][ T385] vma_modify+0x12ad/0x25c0 [ 1496.273611][ T385] ? find_vma+0x51/0x140 [ 1496.273630][ T385] ? __pfx_vma_modify+0x10/0x10 [ 1496.273648][ T385] ? queue_pages_test_walk+0x258/0x420 [ 1496.273666][ T385] ? __pfx_find_vma+0x10/0x10 [ 1496.273688][ T385] ? __pfx_queue_pages_test_walk+0x10/0x10 [ 1496.273710][ T385] ? walk_page_test+0x78/0x180 [ 1496.273740][ T385] vma_modify_policy+0x238/0x300 [ 1496.273762][ T385] ? __pfx_vma_modify_policy+0x10/0x10 [ 1496.273794][ T385] ? mas_walk+0x6ef/0x9b0 [ 1496.273815][ T385] mbind_range+0x175/0x550 [ 1496.273835][ T385] do_mbind+0x7dc/0xfd0 [ 1496.273858][ T385] ? __pfx_do_mbind+0x10/0x10 [ 1496.273875][ T385] ? ksys_write+0x190/0x250 [ 1496.273900][ T385] ? __pfx_get_nodes+0x10/0x10 [ 1496.273914][ T385] ? __fget_files+0x21f/0x3d0 [ 1496.273934][ T385] kernel_mbind+0x1b7/0x200 [ 1496.273953][ T385] ? __pfx_kernel_mbind+0x10/0x10 [ 1496.273972][ T385] ? rcu_is_watching+0x12/0xc0 [ 1496.273991][ T385] do_syscall_64+0x115/0x840 [ 1496.274009][ T385] ? clear_bhb_loop+0x40/0x90 [ 1496.274026][ T385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1496.274040][ T385] RIP: 0033:0x7fe03879ce59 [ 1496.274053][ T385] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1496.274067][ T385] RSP: 002b:00007fe0395fe028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1496.274080][ T385] RAX: ffffffffffffffda RBX: 00007fe038a16270 RCX: 00007fe03879ce59 [ 1496.274089][ T385] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 1496.274098][ T385] RBP: 00007fe0395fe090 R08: 0000000000000006 R09: 0000000000000002 [ 1496.274106][ T385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1496.274114][ T385] R13: 00007fe038a16308 R14: 00007fe038a16270 R15: 00007ffd6bcc7c48 [ 1496.274132][ T385] [ 1498.603921][T31091] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 1498.732900][ T426] netlink: 146 bytes leftover after parsing attributes in process `syz.1.5102'. [ 1503.157851][ T496] FAULT_INJECTION: forcing a failure. [ 1503.157851][ T496] name failslab, interval 1, probability 0, space 0, times 0 [ 1503.250728][ T496] CPU: 0 UID: 0 PID: 496 Comm: syz.2.5115 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1503.250757][ T496] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1503.250763][ T496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1503.250773][ T496] Call Trace: [ 1503.250778][ T496] [ 1503.250785][ T496] dump_stack_lvl+0x100/0x190 [ 1503.250814][ T496] should_fail_ex.cold+0x5/0xa [ 1503.250834][ T496] should_failslab+0xc2/0x120 [ 1503.250853][ T496] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1503.250874][ T496] ? security_inode_alloc+0x3b/0x2c0 [ 1503.250892][ T496] ? lockdep_init_map_type+0x5c/0x250 [ 1503.250916][ T496] security_inode_alloc+0x3b/0x2c0 [ 1503.250933][ T496] inode_init_always_gfp+0xc77/0xfb0 [ 1503.250954][ T496] alloc_inode+0x8e/0x250 [ 1503.250975][ T496] path_from_stashed+0x25b/0x750 [ 1503.250999][ T496] pidfs_alloc_file+0xf8/0x290 [ 1503.251016][ T496] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 1503.251038][ T496] pidfd_prepare+0x10c/0x1b0 [ 1503.251058][ T496] __x64_sys_pidfd_open+0x105/0x1a0 [ 1503.251081][ T496] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 1503.251104][ T496] ? rcu_is_watching+0x12/0xc0 [ 1503.251124][ T496] do_syscall_64+0x115/0x840 [ 1503.251144][ T496] ? clear_bhb_loop+0x40/0x90 [ 1503.251162][ T496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1503.251177][ T496] RIP: 0033:0x7f7674d9ce59 [ 1503.251192][ T496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1503.251207][ T496] RSP: 002b:00007f7675c54028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 1503.251222][ T496] RAX: ffffffffffffffda RBX: 00007f7675015fa0 RCX: 00007f7674d9ce59 [ 1503.251242][ T496] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 1503.251251][ T496] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1503.251260][ T496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1503.251272][ T496] R13: 00007f7675016038 R14: 00007f7675015fa0 R15: 00007ffe895a8af8 [ 1503.251294][ T496] [ 1503.882380][ T514] sd 0:0:1:0: PR command failed: 1026 [ 1503.888463][ T514] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1503.900746][ T514] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1503.913185][ T514] sd 0:0:1:0: PR command failed: 1026 [ 1503.920165][ T514] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1503.930669][ T514] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1504.138166][T31138] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 1340 with max blocks 11 with error 117 [ 1504.246563][T31138] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1504.246563][T31138] [ 1504.690673][ T524] nvme_fabrics: missing parameter 'transport=%s' [ 1504.779218][ T524] nvme_fabrics: missing parameter 'nqn=%s' [ 1506.244798][ T546] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5124'. [ 1508.304484][ T582] nvme_fabrics: missing parameter 'transport=%s' [ 1508.390985][ T582] nvme_fabrics: missing parameter 'nqn=%s' [ 1509.128463][ T605] netlink: 'syz.4.5134': attribute type 3 has an invalid length. [ 1510.977429][ T640] ima: policy update failed [ 1511.008096][ T29] audit: type=1802 audit(2147483779.419:56): pid=640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.5142" res=0 errno=0 [ 1511.026718][ T640] FAULT_INJECTION: forcing a failure. [ 1511.026718][ T640] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1511.139789][ T640] CPU: 0 UID: 0 PID: 640 Comm: syz.1.5142 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1511.139815][ T640] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1511.139821][ T640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1511.139831][ T640] Call Trace: [ 1511.139836][ T640] [ 1511.139842][ T640] dump_stack_lvl+0x100/0x190 [ 1511.139873][ T640] should_fail_ex.cold+0x5/0xa [ 1511.139893][ T640] get_futex_key+0x1d2/0x1510 [ 1511.139919][ T640] ? __pfx_get_futex_key+0x10/0x10 [ 1511.139947][ T640] futex_wake+0xea/0x530 [ 1511.139967][ T640] ? __pfx_futex_wake+0x10/0x10 [ 1511.139993][ T640] ? __sys_sendmmsg+0x367/0x430 [ 1511.140011][ T640] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1511.140029][ T640] do_futex+0x32b/0x350 [ 1511.140044][ T640] ? __pfx_do_futex+0x10/0x10 [ 1511.140063][ T640] __x64_sys_futex+0x34f/0x4d0 [ 1511.140081][ T640] ? __pfx___x64_sys_futex+0x10/0x10 [ 1511.140100][ T640] ? rcu_is_watching+0x12/0xc0 [ 1511.140119][ T640] do_syscall_64+0x115/0x840 [ 1511.140139][ T640] ? clear_bhb_loop+0x40/0x90 [ 1511.140156][ T640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1511.140172][ T640] RIP: 0033:0x7fe03879ce59 [ 1511.140186][ T640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1511.140200][ T640] RSP: 002b:00007fe0396610e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1511.140215][ T640] RAX: ffffffffffffffda RBX: 00007fe038a15fa8 RCX: 00007fe03879ce59 [ 1511.140227][ T640] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe038a15fac [ 1511.140237][ T640] RBP: 00007fe038a15fa0 R08: 0000000000000001 R09: 0000000000000000 [ 1511.140246][ T640] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1511.140255][ T640] R13: 00007fe038a16038 R14: 00007ffd6bcc7b60 R15: 00007ffd6bcc7c48 [ 1511.140274][ T640] [ 1511.668896][ T642] nvme_fabrics: missing parameter 'transport=%s' [ 1511.689401][ T642] nvme_fabrics: missing parameter 'nqn=%s' [ 1512.180488][ T29] audit: type=1804 audit(2147483780.605:57): pid=658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5145" name="/newroot/178/file0" dev="tmpfs" ino=944 res=1 errno=0 [ 1513.285805][ T695] netlink: 186 bytes leftover after parsing attributes in process `syz.1.5155'. [ 1513.929550][ T700] nvme_fabrics: missing parameter 'transport=%s' [ 1514.052378][ T700] nvme_fabrics: missing parameter 'nqn=%s' [ 1514.181247][ T29] audit: type=1804 audit(2147483782.614:58): pid=710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.5158" name="/newroot/77/file0" dev="tmpfs" ino=417 res=1 errno=0 [ 1514.506286][ T715] ubi0: attaching mtd0 [ 1514.547331][ T715] ubi0: scanning is finished [ 1514.573449][ T715] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1514.818686][ T715] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1514.997976][ T727] Process accounting paused [ 1516.329018][ T747] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5165'. [ 1516.381851][ T681] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1517.130663][ T746] ima: policy update failed [ 1517.140616][ T29] audit: type=1802 audit(2147483785.588:59): pid=746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.5165" res=0 errno=0 [ 1517.747525][ T29] audit: type=1804 audit(2147483786.191:60): pid=757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5167" name="/newroot/180/file0" dev="tmpfs" ino=955 res=1 errno=0 [ 1519.267203][ T790] random: crng reseeded on system resumption [ 1519.373732][ T790] Unrecognized hibernate image header format! [ 1519.407520][ T790] PM: hibernation: Image mismatch: architecture specific data [ 1519.598331][ T795] Invalid ELF header magic: != ELF [ 1520.029169][ T5365] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 1520.525840][ T804] FAULT_INJECTION: forcing a failure. [ 1520.525840][ T804] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1520.670979][ T804] CPU: 0 UID: 0 PID: 804 Comm: syz.0.5178 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1520.671014][ T804] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1520.671020][ T804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1520.671028][ T804] Call Trace: [ 1520.671034][ T804] [ 1520.671039][ T804] dump_stack_lvl+0x100/0x190 [ 1520.671068][ T804] should_fail_ex.cold+0x5/0xa [ 1520.671086][ T804] get_futex_key+0xf78/0x1510 [ 1520.671110][ T804] ? __pfx_get_futex_key+0x10/0x10 [ 1520.671130][ T804] ? lock_acquire+0x1b1/0x370 [ 1520.671156][ T804] futex_wake+0xea/0x530 [ 1520.671174][ T804] ? __pfx_futex_wake+0x10/0x10 [ 1520.671191][ T804] ? exit_mm_release+0x19/0x30 [ 1520.671215][ T804] do_futex+0x32b/0x350 [ 1520.671230][ T804] ? __pfx_do_futex+0x10/0x10 [ 1520.671242][ T804] ? __might_fault+0xc5/0x140 [ 1520.671267][ T804] mm_release+0x24a/0x2f0 [ 1520.671284][ T804] do_exit+0x707/0x2af0 [ 1520.671306][ T804] ? __pfx_do_exit+0x10/0x10 [ 1520.671325][ T804] ? do_raw_spin_lock+0x128/0x260 [ 1520.671339][ T804] ? find_held_lock+0x2b/0x80 [ 1520.671355][ T804] ? get_signal+0x7e5/0x2210 [ 1520.671373][ T804] do_group_exit+0xd5/0x2a0 [ 1520.671394][ T804] get_signal+0x20ff/0x2210 [ 1520.671414][ T804] ? __fget_files+0x215/0x3d0 [ 1520.671431][ T804] ? __pfx_get_signal+0x10/0x10 [ 1520.671449][ T804] ? do_futex+0x192/0x350 [ 1520.671466][ T804] arch_do_signal_or_restart+0x91/0x7a0 [ 1520.671512][ T804] ? fdget+0x18b/0x210 [ 1520.671527][ T804] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1520.671552][ T804] ? rcu_is_watching+0x12/0xc0 [ 1520.671570][ T804] exit_to_user_mode_loop+0x98/0x670 [ 1520.671591][ T804] ? rcu_is_watching+0x12/0xc0 [ 1520.671608][ T804] do_syscall_64+0x652/0x840 [ 1520.671627][ T804] ? clear_bhb_loop+0x40/0x90 [ 1520.671644][ T804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1520.671659][ T804] RIP: 0033:0x7faf62f9ce59 [ 1520.671672][ T804] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1520.671685][ T804] RSP: 002b:00007faf63de70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1520.671700][ T804] RAX: fffffffffffffe00 RBX: 00007faf63216098 RCX: 00007faf62f9ce59 [ 1520.671710][ T804] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007faf63216098 [ 1520.671718][ T804] RBP: 00007faf63216090 R08: 0000000000000000 R09: 0000000000000000 [ 1520.671726][ T804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1520.671734][ T804] R13: 00007faf63216128 R14: 00007ffdf3b95ee0 R15: 00007ffdf3b95fc8 [ 1520.671752][ T804] [ 1521.061479][ T826] IPVS: length: 131 != 8 [ 1521.705213][ T825] zswap: compressor Zuf.[(9k~^8acu5| not available [ 1522.947327][ T879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5190'. [ 1523.063210][ T874] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5188'. [ 1523.745584][ T29] audit: type=1800 audit(2147504184.223:61): pid=885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5191" name="dbroot" dev="configfs" ino=187587 res=0 errno=0 [ 1524.097398][T31138] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1525.216020][ T907] ubi0: attaching mtd0 [ 1525.242296][ T907] ubi0: scanning is finished [ 1525.261975][ T907] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1525.636708][ T907] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1526.226113][ T938] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5198'. [ 1526.464606][ T940] sg_write: data in/out 124/2 bytes for SCSI command 0x61-- guessing data in; [ 1526.464606][ T940] program syz.2.5198 not setting count and/or reply_len properly [ 1527.330911][ T972] nvme_fabrics: missing parameter 'transport=%s' [ 1527.397218][ T972] nvme_fabrics: missing parameter 'nqn=%s' [ 1528.779662][ T1004] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 6 with max blocks 21 with error 117 [ 1528.873070][ T1004] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1528.873070][ T1004] [ 1530.698000][ T29] audit: type=1804 audit(2147504191.216:62): pid=1036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5210" name="/newroot/70/file0" dev="tmpfs" ino=392 res=1 errno=0 [ 1531.757709][ T1066] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5211'. [ 1533.273329][ T29] audit: type=1804 audit(2147504193.788:63): pid=1091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5223" name="/newroot/196/file0" dev="tmpfs" ino=1041 res=1 errno=0 [ 1534.431987][ T29] audit: type=1804 audit(2147504194.963:64): pid=1122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.5228" name="/newroot/89/file0" dev="tmpfs" ino=481 res=1 errno=0 [ 1534.897284][ T1128] NFSD: Failed to start, no listeners configured. [ 1534.974804][ T1114] kexec: Could not allocate control_code_buffer [ 1535.572016][ T29] audit: type=1804 audit(2147504196.099:65): pid=1149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5234" name="/newroot/482/file0" dev="tmpfs" ino=2534 res=1 errno=0 [ 1536.659393][ T1173] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5237'. [ 1537.465930][ T1186] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5241'. [ 1538.036341][ T1193] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5243'. [ 1538.996565][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1539.005165][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1540.930884][T18725] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 1541.638631][ T1258] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5254'. [ 1541.963742][ T1272] random: crng reseeded on system resumption [ 1543.872779][ T1301] block2mtd: error: cannot open device 3QIIVMIMj6DpBfdÑ IKek3 [ 1545.292043][ T1294] Process accounting resumed [ 1545.408199][ T1340] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5270'. [ 1545.527560][ T1347] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5272'. [ 1545.623602][ T1351] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5270'. [ 1545.690803][ T1343] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5271'. [ 1545.742737][ T1346] ovs_: entered promiscuous mode [ 1549.501398][ T29] audit: type=1804 audit(2147506258.105:66): pid=1442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5289" name="/newroot/87/file0" dev="tmpfs" ino=483 res=1 errno=0 [ 1551.222951][ T1465] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5295'. [ 1551.321606][ T1465] hsr_slave_0 (unregistering): left promiscuous mode [ 1551.581338][ T1475] bond0: option arp_validate: invalid value (/proc/self/net/bonding/bond0) [ 1551.722683][ T1478] NFSD: Failed to start, no listeners configured. [ 1552.441363][ T1495] FAULT_INJECTION: forcing a failure. [ 1552.441363][ T1495] name failslab, interval 1, probability 0, space 0, times 0 [ 1552.523041][ T1495] CPU: 0 UID: 0 PID: 1495 Comm: syz.1.5300 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1552.523070][ T1495] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1552.523078][ T1495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1552.523088][ T1495] Call Trace: [ 1552.523094][ T1495] [ 1552.523100][ T1495] dump_stack_lvl+0x100/0x190 [ 1552.523134][ T1495] should_fail_ex.cold+0x5/0xa [ 1552.523156][ T1495] should_failslab+0xc2/0x120 [ 1552.523176][ T1495] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1552.523198][ T1495] ? ptlock_alloc+0x1f/0x70 [ 1552.523223][ T1495] ptlock_alloc+0x1f/0x70 [ 1552.523250][ T1495] pte_alloc_one+0x82/0x3d0 [ 1552.523272][ T1495] __pte_alloc+0x6d/0x380 [ 1552.523289][ T1495] ? __pfx___pte_alloc+0x10/0x10 [ 1552.523305][ T1495] ? _raw_spin_unlock+0x28/0x50 [ 1552.523323][ T1495] ? __pmd_alloc+0x3fb/0x950 [ 1552.523343][ T1495] move_page_tables+0x2ec4/0x4610 [ 1552.523366][ T1495] ? __pfx_copy_vma+0x10/0x10 [ 1552.523395][ T1495] ? __pfx_move_page_tables+0x10/0x10 [ 1552.523431][ T1495] copy_vma_and_data+0x25c/0x7c0 [ 1552.523460][ T1495] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1552.523490][ T1495] ? __vma_start_write+0x17f/0x280 [ 1552.523510][ T1495] ? __pfx___vma_start_write+0x10/0x10 [ 1552.523534][ T1495] move_vma+0x574/0x1920 [ 1552.523559][ T1495] ? __pfx_move_vma+0x10/0x10 [ 1552.523582][ T1495] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 1552.523601][ T1495] ? cap_mmap_addr+0x4b/0x120 [ 1552.523617][ T1495] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1552.523631][ T1495] ? security_mmap_addr+0x71/0x1e0 [ 1552.523650][ T1495] ? __get_unmapped_area+0x255/0x3e0 [ 1552.523670][ T1495] ? vrm_set_new_addr+0x204/0x290 [ 1552.523694][ T1495] mremap_to+0x234/0x4c0 [ 1552.523716][ T1495] ? mas_walk+0x6ef/0x9b0 [ 1552.523735][ T1495] ? __pfx_mremap_to+0x10/0x10 [ 1552.523764][ T1495] __do_sys_mremap+0x88c/0x1850 [ 1552.523792][ T1495] ? __pfx___do_sys_mremap+0x10/0x10 [ 1552.523817][ T1495] ? do_futex+0x192/0x350 [ 1552.523833][ T1495] ? __pfx_do_futex+0x10/0x10 [ 1552.523852][ T1495] ? __x64_sys_futex+0x34f/0x4d0 [ 1552.523874][ T1495] ? rcu_is_watching+0x12/0xc0 [ 1552.523894][ T1495] do_syscall_64+0x115/0x840 [ 1552.523914][ T1495] ? clear_bhb_loop+0x40/0x90 [ 1552.523931][ T1495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1552.523946][ T1495] RIP: 0033:0x7fe03879ce59 [ 1552.523960][ T1495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1552.523975][ T1495] RSP: 002b:00007fe039640028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1552.523990][ T1495] RAX: ffffffffffffffda RBX: 00007fe038a16090 RCX: 00007fe03879ce59 [ 1552.524001][ T1495] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000000 [ 1552.524010][ T1495] RBP: 00007fe038832d6f R08: 0000000100000000 R09: 0000000000000000 [ 1552.524020][ T1495] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 1552.524029][ T1495] R13: 00007fe038a16128 R14: 00007fe038a16090 R15: 00007ffd6bcc7c48 [ 1552.524049][ T1495] [ 1554.014764][ T29] audit: type=1804 audit(2147506262.636:67): pid=1521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5306" name="/newroot/502/file0" dev="tmpfs" ino=2640 res=1 errno=0 [ 1554.549084][ T1538] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5309'. [ 1554.783583][ T1538] nvme_fcloop: unknown parameter or missing value '' [ 1555.304054][ T1550] nvme_fabrics: missing parameter 'transport=%s' [ 1555.418409][ T1550] nvme_fabrics: missing parameter 'nqn=%s' [ 1556.144805][ T29] audit: type=1804 audit(2147506264.776:68): pid=1566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5317" name="/newroot/214/file0" dev="tmpfs" ino=1134 res=1 errno=0 [ 1558.112062][ T1599] nvme_fabrics: missing parameter 'transport=%s' [ 1558.163404][ T1599] nvme_fabrics: missing parameter 'nqn=%s' [ 1558.511094][ T1609] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5324'. [ 1558.794863][ T29] audit: type=1804 audit(2147506267.429:69): pid=1617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5326" name="/newroot/217/file0" dev="tmpfs" ino=1150 res=1 errno=0 [ 1560.734721][ T1659] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5333'. [ 1561.936043][ T1663] Process accounting resumed [ 1562.119686][ T29] audit: type=1804 audit(2147506270.774:70): pid=1683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5336" name="/newroot/221/file0" dev="tmpfs" ino=1171 res=1 errno=0 [ 1562.355716][ T1684] nvme_fabrics: missing parameter 'transport=%s' [ 1562.416072][ T1684] nvme_fabrics: missing parameter 'nqn=%s' [ 1562.621033][ T1689] nvme_fabrics: missing parameter 'transport=%s' [ 1562.707741][ T1689] nvme_fabrics: missing parameter 'nqn=%s' [ 1564.077769][ T1716] FAULT_INJECTION: forcing a failure. [ 1564.077769][ T1716] name failslab, interval 1, probability 0, space 0, times 0 [ 1564.136902][ T1716] CPU: 0 UID: 0 PID: 1716 Comm: syz.2.5345 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1564.136932][ T1716] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1564.136938][ T1716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1564.136946][ T1716] Call Trace: [ 1564.136953][ T1716] [ 1564.136960][ T1716] dump_stack_lvl+0x100/0x190 [ 1564.136991][ T1716] should_fail_ex.cold+0x5/0xa [ 1564.137010][ T1716] should_failslab+0xc2/0x120 [ 1564.137029][ T1716] __kvmalloc_node_noprof+0xfa/0xa00 [ 1564.137044][ T1716] ? sbitmap_init_node+0x1cc/0x720 [ 1564.137136][ T1716] sbitmap_init_node+0x1cc/0x720 [ 1564.137158][ T1716] sbitmap_queue_init_node+0x40/0x4a0 [ 1564.137178][ T1716] blk_mq_init_tags+0x184/0x300 [ 1564.137198][ T1716] blk_mq_alloc_map_and_rqs+0x218/0xeb0 [ 1564.137217][ T1716] ? blk_mq_update_queue_map+0x227/0x3a0 [ 1564.137238][ T1716] blk_mq_alloc_tag_set+0x848/0x1330 [ 1564.137259][ T1716] loop_add+0x3b7/0xb60 [ 1564.137281][ T1716] ? __pfx_loop_add+0x10/0x10 [ 1564.137311][ T1716] ? find_held_lock+0x2b/0x80 [ 1564.137328][ T1716] ? __fget_files+0x215/0x3d0 [ 1564.137347][ T1716] loop_control_ioctl+0xae/0x620 [ 1564.137368][ T1716] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1564.137389][ T1716] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1564.137410][ T1716] __x64_sys_ioctl+0x18e/0x210 [ 1564.137426][ T1716] do_syscall_64+0x115/0x840 [ 1564.137446][ T1716] ? clear_bhb_loop+0x40/0x90 [ 1564.137464][ T1716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1564.137480][ T1716] RIP: 0033:0x7f7674d9ce59 [ 1564.137494][ T1716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1564.137509][ T1716] RSP: 002b:00007f7675c54028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1564.137524][ T1716] RAX: ffffffffffffffda RBX: 00007f7675015fa0 RCX: 00007f7674d9ce59 [ 1564.137534][ T1716] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 1564.137544][ T1716] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1564.137553][ T1716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1564.137563][ T1716] R13: 00007f7675016038 R14: 00007f7675015fa0 R15: 00007ffe895a8af8 [ 1564.137582][ T1716] [ 1564.137695][ T1716] blk-mq: reduced tag depth (128 -> 64) [ 1567.661901][ T1765] nvme_fabrics: missing parameter 'transport=%s' [ 1567.762609][ T1765] nvme_fabrics: missing parameter 'nqn=%s' [ 1568.833080][ T1793] FAULT_INJECTION: forcing a failure. [ 1568.833080][ T1793] name failslab, interval 1, probability 0, space 0, times 0 [ 1568.923764][ T1793] CPU: 0 UID: 0 PID: 1793 Comm: syz.1.5361 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1568.923793][ T1793] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1568.923799][ T1793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1568.923809][ T1793] Call Trace: [ 1568.923815][ T1793] [ 1568.923822][ T1793] dump_stack_lvl+0x100/0x190 [ 1568.923851][ T1793] should_fail_ex.cold+0x5/0xa [ 1568.923870][ T1793] ? process_preds+0x4a2/0x1d90 [ 1568.923889][ T1793] should_failslab+0xc2/0x120 [ 1568.923908][ T1793] __kmalloc_noprof+0xe0/0x850 [ 1568.923934][ T1793] process_preds+0x4a2/0x1d90 [ 1568.923960][ T1793] apply_subsystem_event_filter+0x4b6/0x17b0 [ 1568.923986][ T1793] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 1568.924010][ T1793] ? _copy_from_user+0x59/0xd0 [ 1568.924033][ T1793] subsystem_filter_write+0x95/0x120 [ 1568.924063][ T1793] vfs_write+0x2aa/0x1070 [ 1568.924081][ T1793] ? __pfx_subsystem_filter_write+0x10/0x10 [ 1568.924103][ T1793] ? __pfx_vfs_write+0x10/0x10 [ 1568.924119][ T1793] ? __fget_files+0x215/0x3d0 [ 1568.924140][ T1793] ? __fget_files+0x21f/0x3d0 [ 1568.924164][ T1793] ksys_write+0x12a/0x250 [ 1568.924180][ T1793] ? __pfx_ksys_write+0x10/0x10 [ 1568.924198][ T1793] ? rcu_is_watching+0x12/0xc0 [ 1568.924218][ T1793] do_syscall_64+0x115/0x840 [ 1568.924238][ T1793] ? clear_bhb_loop+0x40/0x90 [ 1568.924256][ T1793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1568.924271][ T1793] RIP: 0033:0x7fe03879ce59 [ 1568.924285][ T1793] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1568.924299][ T1793] RSP: 002b:00007fe039661028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1568.924314][ T1793] RAX: ffffffffffffffda RBX: 00007fe038a15fa0 RCX: 00007fe03879ce59 [ 1568.924324][ T1793] RDX: 0000000000000028 RSI: 0000200000000040 RDI: 000000000000000a [ 1568.924334][ T1793] RBP: 00007fe038832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1568.924344][ T1793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1568.924353][ T1793] R13: 00007fe038a16038 R14: 00007fe038a15fa0 R15: 00007ffd6bcc7c48 [ 1568.924373][ T1793] [ 1571.588953][ T1843] zram: Removed device: zram0 [ 1572.036718][ T1851] random: crng reseeded on system resumption [ 1572.081227][ T1851] Unrecognized hibernate image header format! [ 1572.102507][ T1851] PM: hibernation: Image mismatch: architecture specific data [ 1572.470488][ T1862] random: crng reseeded on system resumption [ 1574.434710][ T1886] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5378'. [ 1575.540337][ T1883] Process accounting paused [ 1575.635911][ T1913] usb usb35: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1575.676041][ T1913] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0 [ 1575.921555][ T1914] nvme_fabrics: missing parameter 'transport=%s' [ 1576.034836][ T1914] nvme_fabrics: missing parameter 'nqn=%s' [ 1577.332256][ T1949] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5390'. [ 1577.471406][ T1949] veth1_macvtap: left promiscuous mode [ 1578.397432][ T1976] nvme_fabrics: missing parameter 'transport=%s' [ 1578.464249][ T1976] nvme_fabrics: missing parameter 'nqn=%s' [ 1580.195407][ T2002] FAULT_INJECTION: forcing a failure. [ 1580.195407][ T2002] name failslab, interval 1, probability 0, space 0, times 0 [ 1580.412060][ T2002] CPU: 0 UID: 0 PID: 2002 Comm: syz.2.5400 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1580.412089][ T2002] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1580.412095][ T2002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1580.412104][ T2002] Call Trace: [ 1580.412110][ T2002] [ 1580.412116][ T2002] dump_stack_lvl+0x100/0x190 [ 1580.412148][ T2002] should_fail_ex.cold+0x5/0xa [ 1580.412167][ T2002] ? apply_wqattrs_prepare+0xfe/0xbb0 [ 1580.412184][ T2002] should_failslab+0xc2/0x120 [ 1580.412203][ T2002] __kmalloc_noprof+0xe0/0x850 [ 1580.412228][ T2002] apply_wqattrs_prepare+0xfe/0xbb0 [ 1580.412245][ T2002] ? __alloc_workqueue+0x8fd/0x1980 [ 1580.412269][ T2002] apply_workqueue_attrs_locked+0x64/0xe0 [ 1580.412287][ T2002] __alloc_workqueue+0xe04/0x1980 [ 1580.412313][ T2002] alloc_workqueue_noprof+0xc7/0x130 [ 1580.412343][ T2002] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 1580.412367][ T2002] ? __pfx___debug_object_init+0x10/0x10 [ 1580.412394][ T2002] nci_register_device+0x21e/0xb80 [ 1580.412482][ T2002] ? __pfx_nci_register_device+0x10/0x10 [ 1580.412503][ T2002] ? lockdep_init_map_type+0x5c/0x250 [ 1580.412531][ T2002] virtual_ncidev_open+0x141/0x220 [ 1580.412598][ T2002] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1580.412614][ T2002] misc_open+0x26d/0x450 [ 1580.412631][ T2002] ? __pfx_misc_open+0x10/0x10 [ 1580.412646][ T2002] chrdev_open+0x234/0x6a0 [ 1580.412665][ T2002] ? __pfx_apparmor_file_open+0x10/0x10 [ 1580.412682][ T2002] ? __pfx_chrdev_open+0x10/0x10 [ 1580.412701][ T2002] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1580.412725][ T2002] do_dentry_open+0x6ab/0x14d0 [ 1580.412742][ T2002] ? __pfx_chrdev_open+0x10/0x10 [ 1580.412764][ T2002] vfs_open+0x82/0x3f0 [ 1580.412787][ T2002] path_openat+0x208c/0x31a0 [ 1580.412811][ T2002] ? __pfx_path_openat+0x10/0x10 [ 1580.412836][ T2002] do_file_open+0x20e/0x430 [ 1580.412856][ T2002] ? __pfx_do_file_open+0x10/0x10 [ 1580.412886][ T2002] ? alloc_fd+0x476/0x790 [ 1580.412906][ T2002] ? do_getname+0x191/0x390 [ 1580.412928][ T2002] do_sys_openat2+0x10d/0x1e0 [ 1580.412949][ T2002] ? __pfx_do_sys_openat2+0x10/0x10 [ 1580.412972][ T2002] ? __sys_sendmsg+0x18f/0x220 [ 1580.412993][ T2002] __x64_sys_openat+0x12d/0x210 [ 1580.413015][ T2002] ? __pfx___x64_sys_openat+0x10/0x10 [ 1580.413041][ T2002] ? rcu_is_watching+0x12/0xc0 [ 1580.413060][ T2002] do_syscall_64+0x115/0x840 [ 1580.413082][ T2002] ? clear_bhb_loop+0x40/0x90 [ 1580.413100][ T2002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1580.413115][ T2002] RIP: 0033:0x7f7674d9ce59 [ 1580.413130][ T2002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1580.413145][ T2002] RSP: 002b:00007f7675c33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1580.413161][ T2002] RAX: ffffffffffffffda RBX: 00007f7675016090 RCX: 00007f7674d9ce59 [ 1580.413171][ T2002] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 1580.413184][ T2002] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1580.413193][ T2002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1580.413201][ T2002] R13: 00007f7675016128 R14: 00007f7675016090 R15: 00007ffe895a8af8 [ 1580.413221][ T2002] [ 1581.421184][ T2042] ALSA: mixer_oss: invalid OSS volume '\' [ 1581.973940][ T29] audit: type=1804 audit(2147506290.627:71): pid=2054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5409" name="/newroot/241/file0" dev="tmpfs" ino=1277 res=1 errno=0 [ 1582.962093][ T2071] nvme_fabrics: missing parameter 'transport=%s' [ 1583.101477][ T2071] nvme_fabrics: missing parameter 'nqn=%s' [ 1583.574225][ T29] audit: type=1804 audit(2147506292.335:72): pid=2086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5416" name="/newroot/521/file0" dev="tmpfs" ino=2747 res=1 errno=0 [ 1584.211953][ T2104] netlink: 334 bytes leftover after parsing attributes in process `syz.0.5419'. [ 1588.285811][ T2175] FAULT_INJECTION: forcing a failure. [ 1588.285811][ T2175] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1588.362436][ T2175] CPU: 0 UID: 0 PID: 2175 Comm: syz.1.5434 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1588.362466][ T2175] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1588.362472][ T2175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1588.362482][ T2175] Call Trace: [ 1588.362488][ T2175] [ 1588.362495][ T2175] dump_stack_lvl+0x100/0x190 [ 1588.362534][ T2175] should_fail_ex.cold+0x5/0xa [ 1588.362552][ T2175] ? prepare_alloc_pages+0x16d/0x5f0 [ 1588.362572][ T2175] should_fail_alloc_page+0xeb/0x140 [ 1588.362591][ T2175] prepare_alloc_pages+0x1f0/0x5f0 [ 1588.362613][ T2175] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1588.362639][ T2175] ? __lock_acquire+0x4a5/0x2630 [ 1588.362669][ T2175] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1588.362694][ T2175] ? is_bpf_text_address+0x8a/0x1a0 [ 1588.362714][ T2175] ? bpf_ksym_find+0x124/0x1c0 [ 1588.362729][ T2175] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1588.362750][ T2175] ? kernel_text_address+0x8d/0x100 [ 1588.362765][ T2175] ? is_bpf_text_address+0x8a/0x1a0 [ 1588.362783][ T2175] ? __kernel_text_address+0xd/0x30 [ 1588.362797][ T2175] ? unwind_get_return_address+0x59/0xa0 [ 1588.362816][ T2175] ? arch_stack_walk+0xa6/0xf0 [ 1588.362834][ T2175] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1588.362856][ T2175] ? policy_nodemask+0xed/0x4f0 [ 1588.362875][ T2175] alloc_pages_mpol+0x1fb/0x540 [ 1588.362893][ T2175] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1588.362915][ T2175] alloc_pages_noprof+0x1a/0x160 [ 1588.362935][ T2175] __pud_alloc+0x3b/0x690 [ 1588.362955][ T2175] copy_page_range+0x364b/0x5b20 [ 1588.362981][ T2175] ? __lock_acquire+0x4a5/0x2630 [ 1588.363003][ T2175] ? find_held_lock+0x2b/0x80 [ 1588.363028][ T2175] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1588.363048][ T2175] ? mas_wr_store_entry+0xa1/0x1e80 [ 1588.363071][ T2175] ? __pfx_copy_page_range+0x10/0x10 [ 1588.363096][ T2175] ? mas_store+0x666/0xac0 [ 1588.363118][ T2175] ? __pfx_mas_store+0x10/0x10 [ 1588.363144][ T2175] ? __pfx___vma_start_write+0x10/0x10 [ 1588.363168][ T2175] dup_mmap+0xd44/0x21b0 [ 1588.363195][ T2175] ? __pfx_dup_mmap+0x10/0x10 [ 1588.363212][ T2175] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1588.363234][ T2175] ? __lock_acquire+0x4a5/0x2630 [ 1588.363256][ T2175] ? find_held_lock+0x2b/0x80 [ 1588.363273][ T2175] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 1588.363309][ T2175] copy_process+0x6c78/0x7ed0 [ 1588.363328][ T2175] ? __futex_wait+0x256/0x300 [ 1588.363357][ T2175] ? __pfx_copy_process+0x10/0x10 [ 1588.363387][ T2175] ? futex_hash+0x141/0x370 [ 1588.363415][ T2175] kernel_clone+0x176/0x9e0 [ 1588.363434][ T2175] ? __pfx_futex_wait+0x10/0x10 [ 1588.363453][ T2175] ? __pfx_kernel_clone+0x10/0x10 [ 1588.363483][ T2175] __do_sys_clone+0xd9/0x120 [ 1588.363503][ T2175] ? __pfx___do_sys_clone+0x10/0x10 [ 1588.363521][ T2175] ? __sys_sendmsg+0x18f/0x220 [ 1588.363547][ T2175] ? rcu_is_watching+0x12/0xc0 [ 1588.363566][ T2175] do_syscall_64+0x115/0x840 [ 1588.363585][ T2175] ? clear_bhb_loop+0x40/0x90 [ 1588.363603][ T2175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1588.363618][ T2175] RIP: 0033:0x7fe03879ce59 [ 1588.363638][ T2175] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1588.363657][ T2175] RSP: 002b:00007fe039660fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1588.363676][ T2175] RAX: ffffffffffffffda RBX: 00007fe038a15fa0 RCX: 00007fe03879ce59 [ 1588.363686][ T2175] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1588.363695][ T2175] RBP: 00007fe038832d6f R08: 0000000000000000 R09: 0000000000000000 [ 1588.363704][ T2175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1588.363713][ T2175] R13: 00007fe038a16038 R14: 00007fe038a15fa0 R15: 00007ffd6bcc7c48 [ 1588.363734][ T2175] [ 1590.276268][ T2199] nvme_fabrics: missing parameter 'transport=%s' [ 1590.409677][ T2199] nvme_fabrics: missing parameter 'nqn=%s' [ 1590.496255][ T2213] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1590.504910][ T2213] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1591.435660][ T2233] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5446'. [ 1591.532290][ T2239] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5446'. [ 1592.129283][ T2247] misc userio: Invalid payload size [ 1593.224203][ T2220] Process accounting paused [ 1593.377452][ T2259] netlink: 21 bytes leftover after parsing attributes in process `syz.1.5451'. [ 1593.412512][ T2260] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5452'. [ 1593.477961][ T2260] bridge0: entered promiscuous mode [ 1593.531182][ T2260] bridge0: entered allmulticast mode [ 1593.779652][ T2267] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[29238] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[2267] [ 1593.981728][ T2262] FAULT_INJECTION: forcing a failure. [ 1593.981728][ T2262] name failslab, interval 1, probability 0, space 0, times 0 [ 1594.039480][ T2262] CPU: 0 UID: 0 PID: 2262 Comm: syz.4.5453 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1594.039508][ T2262] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1594.039515][ T2262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1594.039525][ T2262] Call Trace: [ 1594.039532][ T2262] [ 1594.039538][ T2262] dump_stack_lvl+0x100/0x190 [ 1594.039569][ T2262] should_fail_ex.cold+0x5/0xa [ 1594.039589][ T2262] should_failslab+0xc2/0x120 [ 1594.039606][ T2262] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1594.039628][ T2262] ? vm_area_alloc+0x1f/0x160 [ 1594.039653][ T2262] vm_area_alloc+0x1f/0x160 [ 1594.039673][ T2262] __mmap_region+0x104d/0x2dd0 [ 1594.039701][ T2262] ? __pfx___mmap_region+0x10/0x10 [ 1594.039727][ T2262] ? __lock_acquire+0x4a5/0x2630 [ 1594.039755][ T2262] ? lock_acquire+0x1b1/0x370 [ 1594.039777][ T2262] ? find_held_lock+0x2b/0x80 [ 1594.039795][ T2262] ? clockevents_program_event+0x23e/0x820 [ 1594.039832][ T2262] ? rcu_is_watching+0x12/0xc0 [ 1594.039849][ T2262] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 1594.039867][ T2262] ? lockdep_hardirqs_on+0x78/0x100 [ 1594.039909][ T2262] ? futex_unqueue+0x133/0x2c0 [ 1594.039929][ T2262] mmap_region+0x35d/0x620 [ 1594.039943][ T2262] ? rcu_is_watching+0x12/0xc0 [ 1594.039960][ T2262] ? __pfx_mmap_region+0x10/0x10 [ 1594.039976][ T2262] ? cap_mmap_addr+0x4b/0x120 [ 1594.039991][ T2262] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1594.040004][ T2262] ? security_mmap_addr+0x71/0x1e0 [ 1594.040044][ T2262] ? __get_unmapped_area+0x255/0x3e0 [ 1594.040068][ T2262] do_mmap+0xc63/0x12f0 [ 1594.040090][ T2262] ? __pfx_do_mmap+0x10/0x10 [ 1594.040109][ T2262] ? __pfx_down_write_killable+0x10/0x10 [ 1594.040135][ T2262] vm_mmap_pgoff+0x29e/0x470 [ 1594.040157][ T2262] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1594.040176][ T2262] ? do_futex+0x192/0x350 [ 1594.040194][ T2262] ? __pfx_do_futex+0x10/0x10 [ 1594.040212][ T2262] ksys_mmap_pgoff+0xe4/0x610 [ 1594.040230][ T2262] ? __x64_sys_futex+0x358/0x4d0 [ 1594.040245][ T2262] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1594.040262][ T2262] ? xfd_validate_state+0x129/0x190 [ 1594.040276][ T2262] ? ksys_write+0x1ac/0x250 [ 1594.040295][ T2262] __x64_sys_mmap+0x125/0x190 [ 1594.040312][ T2262] do_syscall_64+0x115/0x840 [ 1594.040333][ T2262] ? clear_bhb_loop+0x40/0x90 [ 1594.040351][ T2262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1594.040366][ T2262] RIP: 0033:0x7f9eef79ce59 [ 1594.040380][ T2262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1594.040394][ T2262] RSP: 002b:00007f9ef0740028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1594.040410][ T2262] RAX: ffffffffffffffda RBX: 00007f9eefa15fa0 RCX: 00007f9eef79ce59 [ 1594.040420][ T2262] RDX: 00000000000000df RSI: 0000000000400006 RDI: 0000000000000000 [ 1594.040430][ T2262] RBP: 00007f9eef832d6f R08: 0000000000000002 R09: 0000000000008000 [ 1594.040440][ T2262] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1594.040449][ T2262] R13: 00007f9eefa16038 R14: 00007f9eefa15fa0 R15: 00007ffda8013e28 [ 1594.040469][ T2262] [ 1595.003934][ T2281] zswap: compressor not available [ 1595.207963][T31091] Bluetooth: hci2: unexpected event 0x18 length: 726 > 23 [ 1595.827806][ T2301] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5461'. [ 1596.212702][ T2313] netlink: 172 bytes leftover after parsing attributes in process `syz.4.5463'. [ 1596.375547][ T2289] kexec: Could not allocate control_code_buffer [ 1596.559648][T31091] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1597.487284][ T2337] FAULT_INJECTION: forcing a failure. [ 1597.487284][ T2337] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1597.545710][ T2337] CPU: 0 UID: 0 PID: 2337 Comm: syz.0.5468 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1597.545740][ T2337] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1597.545746][ T2337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1597.545757][ T2337] Call Trace: [ 1597.545763][ T2337] [ 1597.545769][ T2337] dump_stack_lvl+0x100/0x190 [ 1597.545799][ T2337] should_fail_ex.cold+0x5/0xa [ 1597.545816][ T2337] ? prepare_alloc_pages+0x16d/0x5f0 [ 1597.545836][ T2337] should_fail_alloc_page+0xeb/0x140 [ 1597.545856][ T2337] prepare_alloc_pages+0x1f0/0x5f0 [ 1597.545874][ T2337] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1597.545896][ T2337] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1597.545920][ T2337] ? unwind_get_return_address+0x59/0xa0 [ 1597.545941][ T2337] ? arch_stack_walk+0xa6/0xf0 [ 1597.545966][ T2337] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1597.545988][ T2337] ? __pfx_stack_trace_save+0x10/0x10 [ 1597.546006][ T2337] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1597.546034][ T2337] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1597.546056][ T2337] ? __pmd_alloc+0xbf/0x950 [ 1597.546073][ T2337] ? __handle_mm_fault+0xa9c/0x2a00 [ 1597.546092][ T2337] ? handle_mm_fault+0x37b/0xa30 [ 1597.546110][ T2337] ? __get_user_pages+0x1178/0x32a0 [ 1597.546127][ T2337] ? populate_vma_page_range+0x267/0x3f0 [ 1597.546152][ T2337] ? __mm_populate+0x107/0x3a0 [ 1597.546170][ T2337] ? vm_mmap_pgoff+0x37f/0x470 [ 1597.546188][ T2337] ? ksys_mmap_pgoff+0xe4/0x610 [ 1597.546204][ T2337] ? __x64_sys_mmap+0x125/0x190 [ 1597.546220][ T2337] ? do_syscall_64+0x115/0x840 [ 1597.546239][ T2337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1597.546254][ T2337] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1597.546276][ T2337] ? policy_nodemask+0xed/0x4f0 [ 1597.546296][ T2337] alloc_pages_mpol+0x1fb/0x540 [ 1597.546314][ T2337] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1597.546333][ T2337] ? __lock_acquire+0x4a5/0x2630 [ 1597.546357][ T2337] alloc_pages_noprof+0x1a/0x160 [ 1597.546376][ T2337] pte_alloc_one+0x1c/0x3d0 [ 1597.546395][ T2337] __pte_alloc+0x6d/0x380 [ 1597.546411][ T2337] ? __pfx___pte_alloc+0x10/0x10 [ 1597.546428][ T2337] ? do_raw_spin_lock+0x128/0x260 [ 1597.546443][ T2337] ? find_held_lock+0x2b/0x80 [ 1597.546462][ T2337] do_anonymous_page+0x13c6/0x2050 [ 1597.546486][ T2337] ? __pmd_alloc+0x3fb/0x950 [ 1597.546505][ T2337] __handle_mm_fault+0x1d2c/0x2a00 [ 1597.546530][ T2337] ? mt_find+0x45e/0x8e0 [ 1597.546551][ T2337] ? __pfx___handle_mm_fault+0x10/0x10 [ 1597.546571][ T2337] ? __pfx_mt_find+0x10/0x10 [ 1597.546605][ T2337] handle_mm_fault+0x37b/0xa30 [ 1597.546630][ T2337] __get_user_pages+0x1178/0x32a0 [ 1597.546654][ T2337] ? __pfx___get_user_pages+0x10/0x10 [ 1597.546677][ T2337] populate_vma_page_range+0x267/0x3f0 [ 1597.546697][ T2337] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1597.546715][ T2337] ? __pfx_find_vma_intersection+0x10/0x10 [ 1597.546733][ T2337] ? do_mmap+0x93f/0x12f0 [ 1597.546752][ T2337] __mm_populate+0x107/0x3a0 [ 1597.546771][ T2337] ? __pfx___mm_populate+0x10/0x10 [ 1597.546790][ T2337] ? up_write+0x28c/0x4f0 [ 1597.546807][ T2337] vm_mmap_pgoff+0x37f/0x470 [ 1597.546828][ T2337] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1597.546847][ T2337] ? do_futex+0x192/0x350 [ 1597.546862][ T2337] ? __pfx_do_futex+0x10/0x10 [ 1597.546880][ T2337] ksys_mmap_pgoff+0xe4/0x610 [ 1597.546898][ T2337] ? __x64_sys_futex+0x358/0x4d0 [ 1597.546914][ T2337] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1597.546930][ T2337] ? xfd_validate_state+0x129/0x190 [ 1597.546945][ T2337] ? ksys_write+0x1ac/0x250 [ 1597.546964][ T2337] __x64_sys_mmap+0x125/0x190 [ 1597.546981][ T2337] do_syscall_64+0x115/0x840 [ 1597.547001][ T2337] ? clear_bhb_loop+0x40/0x90 [ 1597.547019][ T2337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1597.547034][ T2337] RIP: 0033:0x7faf62f9ce59 [ 1597.547048][ T2337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1597.547062][ T2337] RSP: 002b:00007faf63de7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1597.547077][ T2337] RAX: ffffffffffffffda RBX: 00007faf63216090 RCX: 00007faf62f9ce59 [ 1597.547091][ T2337] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 1597.547100][ T2337] RBP: 00007faf63032d6f R08: 0000000000000002 R09: 0000000000008000 [ 1597.547109][ T2337] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1597.547118][ T2337] R13: 00007faf63216128 R14: 00007faf63216090 R15: 00007ffdf3b95fc8 [ 1597.547144][ T2337] [ 1599.147284][ T2341] nvme_fabrics: missing parameter 'transport=%s' [ 1599.219741][ T2341] nvme_fabrics: missing parameter 'nqn=%s' [ 1600.115624][ T2356] synth uevent: /devices/virtual/bdi/43:480: unknown uevent action string [ 1600.142442][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1600.149111][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1600.230943][ T2359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1600.295348][ T2356] bdi 43:480: uevent: failed to send synthetic uevent: -22 [ 1600.429207][ T2359] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1602.812795][ T2440] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5489'. [ 1605.144559][ T2492] FAULT_INJECTION: forcing a failure. [ 1605.144559][ T2492] name failslab, interval 1, probability 0, space 0, times 0 [ 1605.234076][ T2492] CPU: 0 UID: 0 PID: 2492 Comm: syz.0.5498 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1605.234104][ T2492] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1605.234110][ T2492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1605.234119][ T2492] Call Trace: [ 1605.234125][ T2492] [ 1605.234131][ T2492] dump_stack_lvl+0x100/0x190 [ 1605.234162][ T2492] should_fail_ex.cold+0x5/0xa [ 1605.234182][ T2492] should_failslab+0xc2/0x120 [ 1605.234202][ T2492] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1605.234222][ T2492] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 1605.234245][ T2492] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 1605.234266][ T2492] snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 1605.234294][ T2492] ? trace_contention_end+0x122/0x170 [ 1605.234309][ T2492] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1605.234329][ T2492] ? __pfx___mutex_lock+0x10/0x10 [ 1605.234352][ T2492] ? __mutex_lock+0x26d/0x1b10 [ 1605.234372][ T2492] ? find_held_lock+0x2b/0x80 [ 1605.234390][ T2492] ? snd_pcm_oss_poll+0x3ba/0xb00 [ 1605.234408][ T2492] ? snd_pcm_oss_poll+0x3ba/0xb00 [ 1605.234439][ T2492] snd_pcm_oss_make_ready+0xeb/0x1b0 [ 1605.234461][ T2492] snd_pcm_oss_set_trigger.isra.0+0x331/0x6c0 [ 1605.234485][ T2492] snd_pcm_oss_poll+0x417/0xb00 [ 1605.234504][ T2492] ? __pfx___pollwait+0x10/0x10 [ 1605.234522][ T2492] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1605.234540][ T2492] ? __fget_files+0x21f/0x3d0 [ 1605.234560][ T2492] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1605.234581][ T2492] do_select+0xd54/0x1850 [ 1605.234610][ T2492] ? __pfx_do_select+0x10/0x10 [ 1605.234628][ T2492] ? __pfx___pollwait+0x10/0x10 [ 1605.234645][ T2492] ? __pfx_pollwake+0x10/0x10 [ 1605.234662][ T2492] ? __pfx_pollwake+0x10/0x10 [ 1605.234702][ T2492] ? find_held_lock+0x2b/0x80 [ 1605.234718][ T2492] ? __might_fault+0xc5/0x140 [ 1605.234739][ T2492] ? __might_fault+0xc5/0x140 [ 1605.234767][ T2492] ? core_sys_select+0x55b/0xbb0 [ 1605.234793][ T2492] core_sys_select+0x55b/0xbb0 [ 1605.234817][ T2492] ? __pfx_core_sys_select+0x10/0x10 [ 1605.234854][ T2492] ? futex_hash_put+0x43/0x50 [ 1605.234891][ T2492] ? do_futex+0x192/0x350 [ 1605.234906][ T2492] ? __pfx_do_futex+0x10/0x10 [ 1605.234925][ T2492] kern_select+0x1d0/0x280 [ 1605.234943][ T2492] ? __pfx_kern_select+0x10/0x10 [ 1605.234960][ T2492] ? xfd_validate_state+0x129/0x190 [ 1605.234979][ T2492] __x64_sys_select+0xbd/0x160 [ 1605.234995][ T2492] ? do_syscall_64+0x90/0x840 [ 1605.235014][ T2492] ? lockdep_hardirqs_on+0x78/0x100 [ 1605.235034][ T2492] do_syscall_64+0x115/0x840 [ 1605.235052][ T2492] ? clear_bhb_loop+0x40/0x90 [ 1605.235070][ T2492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1605.235085][ T2492] RIP: 0033:0x7faf62f9ce59 [ 1605.235098][ T2492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1605.235112][ T2492] RSP: 002b:00007faf63de7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1605.235127][ T2492] RAX: ffffffffffffffda RBX: 00007faf63216090 RCX: 00007faf62f9ce59 [ 1605.235137][ T2492] RDX: 0000200000000080 RSI: 0000000000000000 RDI: 0000000000000007 [ 1605.235147][ T2492] RBP: 00007faf63032d6f R08: 0000000000000000 R09: 0000000000000000 [ 1605.235156][ T2492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1605.235165][ T2492] R13: 00007faf63216128 R14: 00007faf63216090 R15: 00007ffdf3b95fc8 [ 1605.235184][ T2492] [ 1606.219438][ T2479] Process accounting resumed [ 1606.413390][ T2494] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5499'. [ 1606.509776][ T2519] program syz.0.5502 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1607.556039][ T2549] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5507'. [ 1607.696817][ T2551] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5507'. [ 1609.115945][ T2576] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 6 with max blocks 15 with error 117 [ 1609.208569][ T2576] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1609.208569][ T2576] [ 1609.532749][ T2585] gre0: entered allmulticast mode [ 1610.387218][ T2613] FAULT_INJECTION: forcing a failure. [ 1610.387218][ T2613] name failslab, interval 1, probability 0, space 0, times 0 [ 1610.482312][ T2613] CPU: 0 UID: 0 PID: 2613 Comm: syz.2.5517 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1610.482341][ T2613] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1610.482348][ T2613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1610.482358][ T2613] Call Trace: [ 1610.482364][ T2613] [ 1610.482370][ T2613] dump_stack_lvl+0x100/0x190 [ 1610.482401][ T2613] should_fail_ex.cold+0x5/0xa [ 1610.482420][ T2613] should_failslab+0xc2/0x120 [ 1610.482443][ T2613] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1610.482467][ T2613] ? sock_alloc_inode+0x26/0x290 [ 1610.482487][ T2613] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1610.482505][ T2613] sock_alloc_inode+0x26/0x290 [ 1610.482522][ T2613] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1610.482539][ T2613] alloc_inode+0x68/0x250 [ 1610.482561][ T2613] sock_alloc+0x44/0x280 [ 1610.482575][ T2613] ? security_socket_create+0x7f/0x250 [ 1610.482592][ T2613] __sock_create+0xc2/0x860 [ 1610.482614][ T2613] __sys_socket+0x14d/0x260 [ 1610.482634][ T2613] ? __pfx___sys_socket+0x10/0x10 [ 1610.482652][ T2613] ? ksys_write+0x1ac/0x250 [ 1610.482674][ T2613] __x64_sys_socket+0x72/0xb0 [ 1610.482693][ T2613] ? lockdep_hardirqs_on+0x78/0x100 [ 1610.482716][ T2613] do_syscall_64+0x115/0x840 [ 1610.482735][ T2613] ? clear_bhb_loop+0x40/0x90 [ 1610.482753][ T2613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1610.482768][ T2613] RIP: 0033:0x7f7674d9ce59 [ 1610.482781][ T2613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1610.482795][ T2613] RSP: 002b:00007f7675c54028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1610.482809][ T2613] RAX: ffffffffffffffda RBX: 00007f7675015fa0 RCX: 00007f7674d9ce59 [ 1610.482861][ T2613] RDX: 0000000000000106 RSI: 0000000000000001 RDI: 0000000000000002 [ 1610.482870][ T2613] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1610.482879][ T2613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1610.482888][ T2613] R13: 00007f7675016038 R14: 00007f7675015fa0 R15: 00007ffe895a8af8 [ 1610.482910][ T2613] [ 1610.482935][ T2613] socket: no more sockets [ 1611.407304][ T2624] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 1611.591278][ T2624] File: /dev/nullb0 PID: 2624 Comm: syz.4.5519 [ 1612.258983][ T29] audit: type=1807 audit(46134.123:73): UNKNOWN= res=0 [ 1612.341528][ T29] audit: type=1802 audit(46134.213:74): pid=2650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.4.5522" res=0 errno=0 [ 1612.434287][ T2650] ima: policy update failed [ 1612.467794][ T29] audit: type=1802 audit(46134.324:75): pid=2650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.5522" res=0 errno=0 [ 1612.628512][ T2662] binder: 2655:2662 ioctl c018620c 200000000040 returned -22 [ 1616.003429][ T2702] FAULT_INJECTION: forcing a failure. [ 1616.003429][ T2702] name failslab, interval 1, probability 0, space 0, times 0 [ 1616.094945][ T959] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 6 with max blocks 1 with error 117 [ 1616.157821][ T2702] CPU: 0 UID: 0 PID: 2702 Comm: syz.0.5530 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1616.157851][ T2702] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1616.157857][ T2702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1616.157871][ T2702] Call Trace: [ 1616.157877][ T2702] [ 1616.157883][ T2702] dump_stack_lvl+0x100/0x190 [ 1616.157914][ T2702] should_fail_ex.cold+0x5/0xa [ 1616.157934][ T2702] should_failslab+0xc2/0x120 [ 1616.157955][ T2702] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1616.157978][ T2702] ? alloc_empty_file+0x5b/0x1c0 [ 1616.158003][ T2702] alloc_empty_file+0x5b/0x1c0 [ 1616.158024][ T2702] alloc_file_pseudo+0x13a/0x230 [ 1616.158045][ T2702] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1616.158066][ T2702] ? alloc_fd+0x476/0x790 [ 1616.158086][ T2702] sock_alloc_file+0x50/0x210 [ 1616.158104][ T2702] __sys_socket+0x1c0/0x260 [ 1616.158123][ T2702] ? __pfx___sys_socket+0x10/0x10 [ 1616.158142][ T2702] ? exit_to_user_mode_loop+0xf3/0x670 [ 1616.158170][ T2702] __x64_sys_socket+0x72/0xb0 [ 1616.158188][ T2702] ? lockdep_hardirqs_on+0x78/0x100 [ 1616.158209][ T2702] do_syscall_64+0x115/0x840 [ 1616.158229][ T2702] ? clear_bhb_loop+0x40/0x90 [ 1616.158247][ T2702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1616.158262][ T2702] RIP: 0033:0x7faf62f9ce59 [ 1616.158275][ T2702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1616.158290][ T2702] RSP: 002b:00007faf63e08028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1616.158304][ T2702] RAX: ffffffffffffffda RBX: 00007faf63215fa0 RCX: 00007faf62f9ce59 [ 1616.158314][ T2702] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 000000000000002a [ 1616.158323][ T2702] RBP: 00007faf63032d6f R08: 0000000000000000 R09: 0000000000000000 [ 1616.158331][ T2702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1616.158340][ T2702] R13: 00007faf63216038 R14: 00007faf63215fa0 R15: 00007ffdf3b95fc8 [ 1616.158359][ T2702] [ 1616.573694][ T959] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1616.573694][ T959] [ 1617.211033][ T29] audit: type=1804 audit(46139.071:76): pid=2719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5533" name="/newroot/270/file0" dev="tmpfs" ino=1434 res=1 errno=0 [ 1618.728120][ T2743] tipc: Can't bind to reserved service type 63 [ 1618.785409][ T2743] ubi0: attaching mtd0 [ 1618.828239][ T2743] ubi0: scanning is finished [ 1618.868034][ T2743] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1618.884074][ T29] audit: type=1804 audit(46140.791:77): pid=2752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.5542" name="/newroot/167/file0" dev="tmpfs" ino=893 res=1 errno=0 [ 1619.019669][ T2760] random: crng reseeded on system resumption [ 1619.450351][ T2743] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1620.398059][ T2780] nvme_fabrics: missing parameter 'transport=%s' [ 1620.488400][ T2780] nvme_fabrics: missing parameter 'nqn=%s' [ 1621.307181][ T2797] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 1622.352994][T31091] Bluetooth: hci4: SCO packet too small [ 1623.002589][ T2830] Process accounting resumed [ 1625.478394][T31091] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 1625.486712][T31091] Bluetooth: hci4: Invalid handle: 0x3a4a > 0x0eff [ 1625.796423][ T2898] Process accounting resumed [ 1627.134159][ T2933] random: crng reseeded on system resumption [ 1628.110742][ T2893] Process accounting resumed [ 1628.149837][ T2942] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5573'. [ 1628.227097][ T2951] netlink: 'syz.1.5575': attribute type 1 has an invalid length. [ 1628.702189][ T2958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5576'. [ 1629.204968][ T2968] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5578'. [ 1629.352059][ T2971] netlink: 146 bytes leftover after parsing attributes in process `syz.2.5578'. [ 1629.809963][ T2979] nvme_fabrics: missing parameter 'transport=%s' [ 1629.943403][ T2979] nvme_fabrics: missing parameter 'nqn=%s' [ 1631.111577][ T3007] nvme_fabrics: missing parameter 'transport=%s' [ 1631.212128][ T3007] nvme_fabrics: missing parameter 'nqn=%s' [ 1631.421283][ T2990] kexec: Could not allocate control_code_buffer [ 1631.919580][ T3023] FAULT_INJECTION: forcing a failure. [ 1631.919580][ T3023] name failslab, interval 1, probability 0, space 0, times 0 [ 1631.982780][ T3023] CPU: 0 UID: 0 PID: 3023 Comm: syz.0.5590 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1631.982809][ T3023] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1631.982815][ T3023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1631.982825][ T3023] Call Trace: [ 1631.982830][ T3023] [ 1631.982837][ T3023] dump_stack_lvl+0x100/0x190 [ 1631.982869][ T3023] should_fail_ex.cold+0x5/0xa [ 1631.982887][ T3023] ? sk_prot_alloc+0x10b/0x2a0 [ 1631.982906][ T3023] should_failslab+0xc2/0x120 [ 1631.982924][ T3023] __kmalloc_noprof+0xe0/0x850 [ 1631.982957][ T3023] sk_prot_alloc+0x10b/0x2a0 [ 1631.982978][ T3023] sk_alloc+0x36/0xe80 [ 1631.983002][ T3023] __netlink_create+0x5e/0x2c0 [ 1631.983019][ T3023] ? __wake_up+0x3f/0x60 [ 1631.983040][ T3023] netlink_create+0x29b/0x610 [ 1631.983056][ T3023] ? __pfx_genl_bind+0x10/0x10 [ 1631.983076][ T3023] ? __pfx_genl_unbind+0x10/0x10 [ 1631.983094][ T3023] ? __pfx_genl_release+0x10/0x10 [ 1631.983115][ T3023] __sock_create+0x339/0x860 [ 1631.983137][ T3023] __sys_socket+0x14d/0x260 [ 1631.983157][ T3023] ? __pfx___sys_socket+0x10/0x10 [ 1631.983181][ T3023] __x64_sys_socket+0x72/0xb0 [ 1631.983199][ T3023] ? lockdep_hardirqs_on+0x78/0x100 [ 1631.983220][ T3023] do_syscall_64+0x115/0x840 [ 1631.983238][ T3023] ? clear_bhb_loop+0x40/0x90 [ 1631.983256][ T3023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1631.983271][ T3023] RIP: 0033:0x7faf62f9ce59 [ 1631.983284][ T3023] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1631.983299][ T3023] RSP: 002b:00007faf63e08028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1631.983313][ T3023] RAX: ffffffffffffffda RBX: 00007faf63215fa0 RCX: 00007faf62f9ce59 [ 1631.983324][ T3023] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1631.983333][ T3023] RBP: 00007faf63032d6f R08: 0000000000000000 R09: 0000000000000000 [ 1631.983342][ T3023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1631.983351][ T3023] R13: 00007faf63216038 R14: 00007faf63215fa0 R15: 00007ffdf3b95fc8 [ 1631.983370][ T3023] [ 1632.916527][ T3042] FAULT_INJECTION: forcing a failure. [ 1632.916527][ T3042] name failslab, interval 1, probability 0, space 0, times 0 [ 1632.929262][ T3042] CPU: 0 UID: 0 PID: 3042 Comm: syz.2.5596 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1632.929290][ T3042] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1632.929296][ T3042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1632.929305][ T3042] Call Trace: [ 1632.929313][ T3042] [ 1632.929320][ T3042] dump_stack_lvl+0x100/0x190 [ 1632.929351][ T3042] should_fail_ex.cold+0x5/0xa [ 1632.929368][ T3042] ? pcpu_alloc_noprof+0x960/0x1cc0 [ 1632.929385][ T3042] should_failslab+0xc2/0x120 [ 1632.929402][ T3042] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1632.929427][ T3042] ? radix_tree_node_alloc.constprop.0+0x66/0x340 [ 1632.929446][ T3042] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 1632.929470][ T3042] radix_tree_node_alloc.constprop.0+0x66/0x340 [ 1632.929491][ T3042] idr_get_free+0x52e/0xa00 [ 1632.929516][ T3042] idr_alloc_u32+0x1ac/0x320 [ 1632.929538][ T3042] ? __pfx_idr_alloc_u32+0x10/0x10 [ 1632.929559][ T3042] ? lock_acquire+0x1b1/0x370 [ 1632.929584][ T3042] idr_alloc_cyclic+0x10b/0x230 [ 1632.929605][ T3042] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 1632.929624][ T3042] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1632.929645][ T3042] map_create+0x14d8/0x2bc0 [ 1632.929664][ T3042] ? __pfx_event_filter_pid_sched_wakeup_probe_post+0x10/0x10 [ 1632.929687][ T3042] ? preempt_schedule_thunk+0x16/0x30 [ 1632.929713][ T3042] ? __pfx_map_create+0x10/0x10 [ 1632.929732][ T3042] ? __might_fault+0xc5/0x140 [ 1632.929753][ T3042] ? __might_fault+0xc5/0x140 [ 1632.929780][ T3042] __sys_bpf+0x2091/0x4b90 [ 1632.929793][ T3042] ? futex_private_hash_put+0x107/0x1c0 [ 1632.929818][ T3042] ? __pfx___sys_bpf+0x10/0x10 [ 1632.929833][ T3042] ? __pfx_futex_wake+0x10/0x10 [ 1632.929852][ T3042] ? ksys_write+0x190/0x250 [ 1632.929876][ T3042] ? ksys_write+0x190/0x250 [ 1632.929897][ T3042] ? do_futex+0x192/0x350 [ 1632.929922][ T3042] ? xfd_validate_state+0x129/0x190 [ 1632.929938][ T3042] ? ksys_write+0x1ac/0x250 [ 1632.929958][ T3042] __x64_sys_bpf+0x7b/0xc0 [ 1632.929972][ T3042] ? lockdep_hardirqs_on+0x78/0x100 [ 1632.929993][ T3042] do_syscall_64+0x115/0x840 [ 1632.930012][ T3042] ? clear_bhb_loop+0x40/0x90 [ 1632.930029][ T3042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1632.930044][ T3042] RIP: 0033:0x7f7674d9ce59 [ 1632.930058][ T3042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1632.930072][ T3042] RSP: 002b:00007f7675c54028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1632.930087][ T3042] RAX: ffffffffffffffda RBX: 00007f7675015fa0 RCX: 00007f7674d9ce59 [ 1632.930097][ T3042] RDX: 000000000000000f RSI: 00002000000001c0 RDI: 0000000000000000 [ 1632.930107][ T3042] RBP: 00007f7674e32d6f R08: 0000000000000000 R09: 0000000000000000 [ 1632.930116][ T3042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1632.930125][ T3042] R13: 00007f7675016038 R14: 00007f7675015fa0 R15: 00007ffe895a8af8 [ 1632.930144][ T3042] [ 1633.550837][ T3052] random: crng reseeded on system resumption [ 1633.564370][ T3052] Restarting kernel threads ... [ 1633.573515][ T3052] Done restarting kernel threads. [ 1635.127934][ T3066] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5601'. [ 1635.878363][ T29] audit: type=1804 audit(46157.878:78): pid=3084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5607" name="/newroot/569/file0" dev="tmpfs" ino=2998 res=1 errno=0 [ 1636.315173][ T3098] kAFS: Invalid Command on /proc/fs/afs/cells file [ 1637.047548][ T3110] nvme_fabrics: missing parameter 'transport=%s' [ 1637.152571][ T3110] nvme_fabrics: missing parameter 'nqn=%s' [ 1638.032358][ T29] audit: type=1804 audit(46160.050:79): pid=3135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5616" name="/newroot/179/file0" dev="tmpfs" ino=967 res=1 errno=0 [ 1638.406936][ T3145] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5619'. [ 1639.643133][ T3158] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5621'. [ 1640.716985][ T29] audit: type=1804 audit(46162.725:80): pid=3179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.5627" name="/newroot/191/file0" dev="tmpfs" ino=1021 res=1 errno=0 [ 1642.991135][ T29] audit: type=1804 audit(46165.028:81): pid=3236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5636" name="/newroot/183/file0" dev="tmpfs" ino=989 res=1 errno=0 [ 1644.011747][ T3244] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5637'. [ 1644.086069][ T3244] bridge_slave_1: left allmulticast mode [ 1644.141047][ T3244] bridge_slave_1: left promiscuous mode [ 1644.199470][ T3244] bridge0: port 2(bridge_slave_1) entered disabled state [ 1644.334799][ T3244] bridge_slave_0: left allmulticast mode [ 1644.379243][ T3244] bridge_slave_0: left promiscuous mode [ 1644.423543][ T3244] bridge0: port 1(bridge_slave_0) entered disabled state [ 1645.121049][ T3266] netlink: 'syz.0.5642': attribute type 22 has an invalid length. [ 1645.121070][ T3266] netlink: 330 bytes leftover after parsing attributes in process `syz.0.5642'. [ 1645.328946][ T3266] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5642'. [ 1645.329056][ T3266] macvlan0: entered promiscuous mode [ 1645.330807][ T3266] macvlan0: entered allmulticast mode [ 1645.330823][ T3266] veth1_vlan: entered allmulticast mode [ 1645.401748][ T3257] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 6 with max blocks 3 with error 117 [ 1645.401876][ T3257] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1645.401876][ T3257] [ 1645.630897][ T3280] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5644'. [ 1646.178273][ T3280] netlink: 276 bytes leftover after parsing attributes in process `syz.0.5644'. [ 1646.299570][ T3280] nbd: illegal input index 1606273120 [ 1646.530307][ T29] audit: type=1804 audit(46168.588:82): pid=3287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5646" name="/newroot/300/file0" dev="tmpfs" ino=1594 res=1 errno=0 [ 1646.925383][ T3290] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5647'. [ 1648.698884][ T3323] random: crng reseeded on system resumption [ 1650.157153][ T3344] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input128 [ 1650.882815][T31091] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1650.882841][T31091] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 1650.899372][T31091] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1652.221084][ T29] audit: type=1804 audit(46174.321:83): pid=3377 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5664" name="/newroot/189/file0" dev="tmpfs" ino=1022 res=1 errno=0 [ 1652.976651][ T3374] Process accounting paused [ 1653.186532][T18725] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243) [ 1653.216598][ T29] audit: type=1800 audit(46175.306:84): pid=3394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5667" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 1655.842778][ T3432] Process accounting paused [ 1656.236700][ T3443] FAULT_INJECTION: forcing a failure. [ 1656.236700][ T3443] name failslab, interval 1, probability 0, space 0, times 0 [ 1656.340507][ T3443] CPU: 0 UID: 0 PID: 3443 Comm: syz.0.5677 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1656.340535][ T3443] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1656.340541][ T3443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1656.340551][ T3443] Call Trace: [ 1656.340557][ T3443] [ 1656.340563][ T3443] dump_stack_lvl+0x100/0x190 [ 1656.340601][ T3443] should_fail_ex.cold+0x5/0xa [ 1656.340622][ T3443] should_failslab+0xc2/0x120 [ 1656.340640][ T3443] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1656.340660][ T3443] ? vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 1656.340792][ T3443] vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 1656.340819][ T3443] vidtv_mux_init+0x8a6/0xbf0 [ 1656.340842][ T3443] vidtv_start_feed+0x34e/0x500 [ 1656.340860][ T3443] ? __pfx_vidtv_start_feed+0x10/0x10 [ 1656.340876][ T3443] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 1656.340902][ T3443] dmx_section_feed_start_filtering+0x3a8/0x660 [ 1656.340927][ T3443] dvb_dmxdev_filter_start+0x767/0xdd0 [ 1656.340949][ T3443] dvb_demux_do_ioctl+0xe64/0x1200 [ 1656.340970][ T3443] dvb_usercopy+0x167/0x340 [ 1656.341013][ T3443] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 1656.341030][ T3443] ? __pfx_dvb_usercopy+0x10/0x10 [ 1656.341060][ T3443] ? __fget_files+0x21f/0x3d0 [ 1656.341081][ T3443] dvb_demux_ioctl+0x29/0x40 [ 1656.341094][ T3443] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 1656.341108][ T3443] __x64_sys_ioctl+0x18e/0x210 [ 1656.341124][ T3443] do_syscall_64+0x115/0x840 [ 1656.341144][ T3443] ? clear_bhb_loop+0x40/0x90 [ 1656.341162][ T3443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1656.341178][ T3443] RIP: 0033:0x7faf62f9ce59 [ 1656.341193][ T3443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1656.341207][ T3443] RSP: 002b:00007faf63e08028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1656.341222][ T3443] RAX: ffffffffffffffda RBX: 00007faf63215fa0 RCX: 00007faf62f9ce59 [ 1656.341233][ T3443] RDX: 0000000000000000 RSI: 00000000403c6f2b RDI: 0000000000000009 [ 1656.341242][ T3443] RBP: 00007faf63032d6f R08: 0000000000000000 R09: 0000000000000000 [ 1656.341251][ T3443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1656.341260][ T3443] R13: 00007faf63216038 R14: 00007faf63215fa0 R15: 00007ffdf3b95fc8 [ 1656.341281][ T3443] [ 1656.341388][T29297] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 1656.581231][T29297] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 1656.589646][T29297] CPU: 0 UID: 0 PID: 29297 Comm: kworker/0:0 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1656.600657][T29297] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1656.605834][T29297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 1656.615873][T29297] Workqueue: events vidtv_mux_tick [ 1656.620985][T29297] RIP: 0010:vidtv_psi_ts_psi_write_into+0x4bb/0xb40 [ 1656.627565][T29297] Code: fb d4 d7 f9 4d 8d 65 20 4c 89 e0 48 c1 e8 03 80 3c 18 00 0f 85 fe 04 00 00 49 8b 45 20 48 89 c2 48 89 c1 48 c1 ea 03 83 e1 07 <0f> b6 14 1a 38 ca 7f 08 84 d2 0f 85 c6 04 00 00 0f b6 10 48 8b 7c [ 1656.647167][T29297] RSP: 0018:ffffc900034c73f0 EFLAGS: 00010202 [ 1656.653220][T29297] RAX: 0000000000000002 RBX: dffffc0000000000 RCX: 0000000000000002 [ 1656.661186][T29297] RDX: 0000000000000000 RSI: ffffffff88302865 RDI: ffff888036c59f00 [ 1656.669159][T29297] RBP: 0000000000000008 R08: 0000000000000005 R09: 0000000000000000 [ 1656.677723][T29297] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc900034c7690 [ 1656.685780][T29297] R13: ffffc900034c7670 R14: 0000000000000178 R15: 0000000000000000 [ 1656.693748][T29297] FS: 0000000000000000(0000) GS:ffff88812438e000(0000) knlGS:0000000000000000 [ 1656.702681][T29297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1656.709286][T29297] CR2: 00007ffdf3b97f3d CR3: 000000002d594000 CR4: 00000000003526f0 [ 1656.717691][T29297] Call Trace: [ 1656.720962][T29297] [ 1656.723886][T29297] ? __pfx_vidtv_psi_ts_psi_write_into+0x10/0x10 [ 1656.730237][T29297] vidtv_psi_pmt_write_into+0x3b2/0xa70 [ 1656.735897][T29297] ? __pfx_vidtv_psi_pmt_write_into+0x10/0x10 [ 1656.741973][T29297] ? vidtv_psi_pat_write_into+0x56a/0x690 [ 1656.747962][T29297] ? __pfx_vidtv_psi_pat_write_into+0x10/0x10 [ 1656.754029][T29297] ? __lock_acquire+0x4a5/0x2630 [ 1656.758985][T29297] ? find_held_lock+0x2b/0x80 [ 1656.763838][T29297] ? unwind_next_frame+0x3be/0x2090 [ 1656.769295][T29297] ? unwind_next_frame+0x3be/0x2090 [ 1656.774588][T29297] vidtv_mux_push_si+0x932/0xe80 [ 1656.779639][T29297] ? __pfx_vidtv_mux_push_si+0x10/0x10 [ 1656.785198][T29297] ? arch_stack_walk+0x94/0xf0 [ 1656.789988][T29297] ? ret_from_fork_asm+0x1a/0x30 [ 1656.794994][T29297] ? key_gc_unused_keys.constprop.0+0x136/0x510 [ 1656.801240][T29297] ? stack_trace_save+0x8e/0xc0 [ 1656.806119][T29297] ? vidtv_memset+0x50/0x90 [ 1656.810644][T29297] ? vidtv_ts_pcr_write_into+0x45b/0x650 [ 1656.816289][T29297] ? try_to_merge_one_page+0xae0/0x1a70 [ 1656.821930][T29297] ? kasan_save_stack+0x30/0x50 [ 1656.826777][T29297] ? do_raw_spin_lock+0x128/0x260 [ 1656.831792][T29297] vidtv_mux_tick+0xe93/0x1460 [ 1656.836655][T29297] ? __lock_acquire+0x4a5/0x2630 [ 1656.841629][T29297] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 1656.846846][T29297] ? __lock_acquire+0x4a5/0x2630 [ 1656.851906][T29297] ? do_raw_spin_unlock+0x145/0x1e0 [ 1656.857101][T29297] ? debug_object_deactivate+0x2e4/0x3b0 [ 1656.862729][T29297] ? rcu_is_watching+0x12/0xc0 [ 1656.867496][T29297] process_one_work+0xa0e/0x1980 [ 1656.872516][T29297] ? __pfx_process_one_work+0x10/0x10 [ 1656.877879][T29297] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 1656.883089][T29297] worker_thread+0x5ef/0xe50 [ 1656.887673][T29297] ? __pfx_worker_thread+0x10/0x10 [ 1656.893219][T29297] ? kthread+0x13a/0x450 [ 1656.897550][T29297] ? __pfx_worker_thread+0x10/0x10 [ 1656.902653][T29297] kthread+0x370/0x450 [ 1656.906719][T29297] ? __pfx_kthread+0x10/0x10 [ 1656.911310][T29297] ret_from_fork+0x72b/0xd50 [ 1656.915894][T29297] ? __pfx_ret_from_fork+0x10/0x10 [ 1656.920996][T29297] ? __switch_to+0x800/0x1100 [ 1656.925667][T29297] ? __switch_to_asm+0x39/0x70 [ 1656.930424][T29297] ? __pfx_kthread+0x10/0x10 [ 1656.935107][T29297] ret_from_fork_asm+0x1a/0x30 [ 1656.939973][T29297] [ 1656.942991][T29297] Modules linked in: [ 1656.964449][T29297] ---[ end trace 0000000000000000 ]--- [ 1657.462669][ T3448] nvme_fabrics: missing parameter 'transport=%s' [ 1657.493969][ T3448] nvme_fabrics: missing parameter 'nqn=%s' [ 1657.690486][T29297] RIP: 0010:vidtv_psi_ts_psi_write_into+0x4bb/0xb40 [ 1657.697675][T29297] Code: fb d4 d7 f9 4d 8d 65 20 4c 89 e0 48 c1 e8 03 80 3c 18 00 0f 85 fe 04 00 00 49 8b 45 20 48 89 c2 48 89 c1 48 c1 ea 03 83 e1 07 <0f> b6 14 1a 38 ca 7f 08 84 d2 0f 85 c6 04 00 00 0f b6 10 48 8b 7c [ 1657.720710][T29297] RSP: 0018:ffffc900034c73f0 EFLAGS: 00010202 [ 1657.727110][T29297] RAX: 0000000000000002 RBX: dffffc0000000000 RCX: 0000000000000002 [ 1657.735349][T29297] RDX: 0000000000000000 RSI: ffffffff88302865 RDI: ffff888036c59f00 [ 1657.747872][T29297] RBP: 0000000000000008 R08: 0000000000000005 R09: 0000000000000000 [ 1657.756394][T29297] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc900034c7690 [ 1657.765483][T29297] R13: ffffc900034c7670 R14: 0000000000000178 R15: 0000000000000000 [ 1657.773791][T29297] FS: 0000000000000000(0000) GS:ffff88812438e000(0000) knlGS:0000000000000000 [ 1657.784079][T29297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1657.792432][T29297] CR2: 00007f9eef9ec4b8 CR3: 000000007dbee000 CR4: 00000000003526f0 [ 1657.800847][T29297] Kernel panic - not syncing: Fatal exception [ 1657.807047][T29297] Kernel Offset: disabled [ 1657.811411][T29297] Rebooting in 86400 seconds..