last executing test programs: 27.76513603s ago: executing program 2 (id=385): openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) timer_create$auto(0x0, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) r2 = epoll_create$auto(0x2) epoll_pwait2$auto(r2, 0x0, 0x9, 0x0, 0x0, 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r3, 0x0) epoll_ctl$auto_EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)={0x7cc4, 0x7f}) socket(0x2, 0x2, 0x88) setsockopt$auto(r0, 0x0, 0x23, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x140, 0x0) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fchmod$auto(r4, 0xa) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) 24.290492712s ago: executing program 3 (id=390): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\x15\x02l@\xf3\xc8F$\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x00'/97, 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x100003, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x800, 0x0) fcntl$auto_F_GET_RW_HINT(r1, 0x40b, 0x8b4) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) io_uring_register$auto(0x2, 0x1d, 0x0, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) flock$auto(0xffffffffffffffff, 0x3) 23.130318371s ago: executing program 2 (id=391): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) connect$auto(0x3, 0x0, 0x58) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vidtv.0/i2c-0/dvb/dvb0.dvr0/uevent\x00', 0x183800, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) listen$auto(0x3, 0x83) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) select$auto(0x3ff, &(0x7f00000000c0)={[0xe9, 0x3, 0x0, 0x7fffffffffffffff, 0x9, 0x7, 0xaf, 0x0, 0x5, 0x9, 0x9, 0xaa, 0x5, 0x2, 0x7]}, &(0x7f00000002c0)={[0x1d, 0x4, 0x6, 0x7b0, 0x6, 0xa, 0x4000, 0x3, 0x5, 0xffffffff7fffffff, 0x5, 0xfffffffffffffffd, 0x1002, 0x100, 0x8db, 0x7]}, &(0x7f0000000340)={[0x3, 0x2, 0xa6d6, 0xda3, 0x4, 0x6, 0x8, 0xffffffff, 0x1ff, 0x800, 0x7, 0xd4f, 0x0, 0x6, 0x4, 0x6]}, &(0x7f0000000040)={0x1, 0x3}) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40383d0c, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x200000000000001, 0x0) r1 = socket(0x10, 0x2, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_JOIN_MESH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3b1ce6edb55d7f4a1bcb01002bbd7000fedbdf254400000005002f01"], 0x28}, 0x1, 0x0, 0x0, 0x840}, 0x20000800) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/bonding/slaves\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f0000000180)="895ca7", 0x3) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r4, &(0x7f0000000180)=""/178, 0xb2) unshare$auto(0x40000080) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0x1, 0x9b72, 0xffffffffffffffff, 0x8000) read$auto(0x3, 0x0, 0x7fffffff) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080) 21.765653672s ago: executing program 3 (id=392): r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) mmap$auto(0x100000000, 0x2000d, 0x1, 0xeb1, 0xffffffffffffffff, 0x100000000) sysfs$auto(0x2, 0x5, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x1, 0x0) semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) mmap$auto(0x20000, 0x20009, 0x4000000000df, 0xeb1, r1, 0x8000) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r2, 0x80045105, 0x0) socket(0x28, 0x801, 0x0) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(r4, r3, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4) write$auto_tty_fops_tty_io(r1, 0x0, 0x0) io_uring_setup$auto(0x4bf15e08, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) read$auto(r0, 0x0, 0x23) 14.930445819s ago: executing program 2 (id=400): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x6, 0x0, 0x0, 0x0, 0x1001, 0x8, 0x80000008000000a, 0x40000402, 0x9, 0x8, 0xffffffff80000000, 0x800000000000d, 0x6}) r0 = socket(0xa, 0x3, 0x3c) connect$auto(0x3, 0x0, 0x55) write$auto(r0, &(0x7f0000000080)='<&\x00I\xaar\x1c\xbb\xde\ah\x15,\xeb|\x85\xe8\x97Z\xc30\xae}\xa1\x17K(\x80]]\x8d\xb5\xeb-\x9d\xc1\xceU\xbb_\xcf\xe8#U\xd0_|\x15f\x92\xaa\x9f\xa0l}7z#u\xf6\xd1\xe1\x8d\x05=w\xf1\xb9K\xf4\\\a\xdf\x87\xbb\x03d6\xe1\x14\xb1|\x98\x82$\xf3\xb2\xcf\xb7\x7f\xf8f*/\xc2\x82\x8c2\x8d^\x10\xc6\x1cs', 0x263f) mmap$auto(0x0, 0xc, 0x4000000000df, 0x100000044eb2, 0x10006, 0x300000000000) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) ioctl$auto_MON_IOCQ_RING_SIZE(r1, 0x9205, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/032/001\x00', 0x8202, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) io_uring_enter$auto(0x3, 0x80a84, 0x80000001, 0xa, 0x0, 0x21b15ab0) io_uring_enter$auto(0x3, 0x5, 0x5f3, 0x3, 0x0, 0x2) fcntl$auto(0xff80000000000000, 0x409, 0x3f) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002740), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x50) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) madvise$auto(0x1000, 0x400050, 0x9) write$auto(0x1, 0x0, 0x80000000) 14.779290742s ago: executing program 3 (id=401): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000540)={0xfff, &(0x7f0000000180)="f2e37aa851f172bd24308737938225756749a2cd058f981d81224e731c1514b4fd0290f2fb02e666a68c1d72ad5615b16c73b5c0cedf17801dfece4a243f6e3a47ecc1c5db92b3500cefe0e7c269c25cd32701679442d287388dedeedd83d20b9d079d0a971a993bfa4a4499f8631caa1722a7a93bf39c2535ea752a9b05e21efeebdeaa71269153bdd6ba4fac9b230a6653e8cbaf66e11ea7c105"}) rseq$auto(0x0, 0x80000002, 0x8, 0xfd) socket(0x15, 0x5, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0xca, 0x0, 0x2d9) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) semctl$auto_SETVAL(0x2, 0x5, 0x10, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x112) rt_sigsuspend$auto(0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105}) ioctl$auto(0x3, 0x80004509, 0x10000000000402) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x50a81, 0x0) io_uring_setup$auto(0x0, 0x0) 12.254438846s ago: executing program 1 (id=404): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto(0x3, 0x541b, 0x38) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4) dup3$auto(0x8000000000000001, 0x5, 0x800080000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0x4068aea3, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000000240)={{@raw=0x81, 0x6, 0x8000, 0x4, "b132ce14b9040000000000000000dab2591457de9c4db5868dcff7e9cc1994ed0a00", @raw=0x8ef}, 0x2, 0x8, 0x1895, @inferred, @integer={0x0, 0xf, 0x9}, "f82d0516c633863c5281ae962fd8c811792ad96298c95d5a9da1400adb4ee0bc170d51ef637d9927912407406936d9cbf46ddadb7820b40766245026a272cd3a"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) memfd_secret$auto(0x5) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x20100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptytf\x00', 0x20440, 0x0) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82400, 0x0) ioctl$auto_SG_SCSI_RESET(r3, 0x2284, &(0x7f00000001c0)) write$auto(0x3, 0x0, 0xfffffdef) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x4, 0x6, 0x0, 0x9b72, r0, 0xa8000) socket(0x2, 0x5, 0x0) io_uring_setup$auto(0x406, 0x0) 10.542294839s ago: executing program 1 (id=405): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x88000, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) sysfs$auto(0x2, 0x5, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x3810251}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x24, r2, 0x1, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, "a60acb901ff0de06700019b2"}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040080}, 0x140) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) r3 = fsopen$auto(0x0, 0x1) sendmsg$auto_NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r2, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x4}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0xfffd}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x10}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x8040) fsconfig$auto(r3, 0x6, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) close_range$auto(0x2, 0x8000, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) fcntl$auto(0x3, 0x4, 0xa553) write$auto(0x3, 0x0, 0xfdef) 10.345004732s ago: executing program 2 (id=406): process_mrelease$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0x101) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socket(0xa, 0x2, 0x73) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) set_mempolicy$auto(0x1, 0x0, 0x803) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) msync$auto(0x0, 0xe0, 0x6) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) pkey_free$auto(0xfffffffd) mmap$auto(0x0, 0x8001, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, 0x0, 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x5, 0x3, 0x17, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0x203, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x49, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) 9.690384368s ago: executing program 0 (id=407): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', 0x0}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mremap$auto(0x1ff000, 0x8, 0x843, 0x3, 0xfffff000) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000140), 0x200001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_CONFIG(r5, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x1c, r6, 0x1, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffff7fff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x20040804) sendmsg$auto_IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r6, 0x1, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7fff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x801) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, r3, 0x8000) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r7) ioctl$auto_KVM_GET_MSRS(r4, 0xc080aebe, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0005"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x4000) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r8) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r8, &(0x7f0000001600)={0x0, 0x12, &(0x7f00000015c0)={&(0x7f0000000600)={0x38, r9, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x3}]}, @NET_SHAPER_A_LEAVES={0x10, 0xa, 0x0, 0x1, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x2}]}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r10}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x14) sendmsg$auto_NET_SHAPER_CMD_GET(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="000129bd7000fedbdf25010000004400018008000200040000000800020001010000080001000400000008000100ff00ff010000000000000000080002000700000008000200060000000800010002000000"], 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x51) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYRES64=r1, @ANYRES16=r1, @ANYRES8, @ANYRESDEC=r4, @ANYRESOCT=r4], 0x1ac}}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4040044}, 0x40000) 9.426474907s ago: executing program 1 (id=408): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000200)={0x34, r1, 0x1, 0x703d25, 0x25dfdbfd, {}, [@NBD_ATTR_SOCKETS={0x14, 0x7, 0x0, 0x1, [@nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}]}, @nested={0x4, 0x89}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x8880) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x2a742, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0xffffffffffffffff, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x8000001, 0x0, 0x2000000000000003, 0x0, 0x24, 0x1}, 0x401}, 0x800, 0xa0000000) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000001100), 0xa8000, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_READ(r3, 0xc0085504, &(0x7f0000000040)={0x9, 0x1, 0x5}) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000003d40), 0xffffffffffffffff) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x4, 0x6, 0x12a0) madvise$auto(0x0, 0x200007, 0x19) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video7\x00', 0x8200, 0x0) read$auto_v4l2_fops_v4l2_dev(r4, &(0x7f0000000000)=""/133, 0x85) msgrcv$auto(0x0, 0x0, 0x4, 0x9, 0x3) msgctl$auto(0x0, 0x1, 0x0) 9.151787113s ago: executing program 0 (id=409): write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x1, 0x202000a, 0xfffffffc, 0xdc, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000000280)="23316e876ab62d1448fb9583eb92ae84806798ad3db8d1cfb515896a29c57c5043a575d42623f7b9c77bb9a72e18100057b14daf0a97fda7d2f25f74bb0a3b4e7aade5f45bd4d553780f82d990e3ca99cca6ab9a2f89b102dbe90cdc42083b6095e74bb3cf2fe188cf5469b58388a72bba45fde683fdadf3", 0x78) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f00000000c0)={"58f99464", 0x8, 0x6, 0x1, 0x3, 0x5, "4bb69ec4b3f4c14539898e4c5682f5", "347f00", "a630df9d", "a0ed9959", ["cd9196b8fe1a8a7eb90401a9", "2f9c30017721de33c560b95a", "d3fe6c55a78d6932211c9b69", "ea334f1f1e5e27a1320d6edb"]}) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto_SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000180)="6da6b940dfe114cacac8b7cca871a393aaf922f69708e077a3ff54d760f973198c7f36202c9afdaf7bc2eb57e0") close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\b', @ANYRES16=0x0, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100003800c000a000700000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 7.832076044s ago: executing program 3 (id=410): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty1\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r1 = socket(0x2b, 0x80000, 0x2) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24084005) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000180)) unshare$auto(0x8000000) shmget$auto(0x0, 0xfffffffffeffffff, 0x69c2) r2 = socket(0xa, 0x1, 0x100) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x20000, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) setns$auto(r4, 0x80000000) ioctl$auto(r4, 0x541c, 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, &(0x7f0000000300)="2b7956fa8a2881e7e40a2bbd5923d08ecba68e0cc973513066e1f12c849d8a5a8d98e05b2da6ff33e182e61373f62e5249730c597c1d30b390d27ef401c297923ffcafde40c1a6904abe8e66e74ee1918062b00defc2ad9aea0d59e9c0d4f866b1fb125deada7cd6268074e08359d171cb1954b6b53012445e70ce9f3fc1c0c96b526b517b6cd909e6b825a5fac48603b066673d4d90fd7bd7ae9de4cb25623ce2967f94cd415dd4c70566068c848546359dd205c010dfe0ca8751bc3924195105ab5d9f6b86232b1e7cf5da7e9d6db9468e") r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r2) sendmsg$auto_NL80211_CMD_CONNECT(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="02002c060000000000000000000004001601"], 0x18}, 0x1, 0x0, 0x0, 0x854}, 0x4) sendmsg$auto_NL80211_CMD_SET_STATION(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000001) ioctl$auto(r3, 0xab00, r2) unshare$auto(0xd) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x9, 0x2020009, 0x3, 0x7fffffff, 0xfffffffffffffffa, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) acct$auto(&(0x7f00000000c0)='/dev/vhost-vsock\x00') ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f00000002c0)="174c8bb6c072729f03df8840b4c076d067f5aaeb966aa8a92a384754af18bb886776d7fc041df70974dc3ee9dc9175a5867b94e6e799d584d831e32b7a6adf381bd38cd9540cf7578673bad4cd43320cf62447165389e3b44d8a044f09416207998b11de7fd4ecdb08bc5953bca342a3c7b1c4ba73c77e03c604b8807ee0bd5ac504e345bf671a14da852037048484561477b39785d66bef6751eae5403062295f502fb626c958cddb6a88cb09f3378c7186dedd6323ceb93eda6a0d705ac0be7d9ae27c04795e82ea5baae338da210eef8c64855d42bcd39a986fa3eab556bf009d2d9fb813126735c530559fe239251a45919e0a8f96677a3e7cbaddd17fb4c6d512dc88ddd3b0fb847d23bc61ff577727e0d6a249e32bbf7be902b9ec976af16b2653fffbc2464dda4114879a28bef18880c9ddd17f7c8d408c95dd4842c323169d9810acbc8a3490e4bf7dd62159be09e896170de1de") 6.075082091s ago: executing program 3 (id=411): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900), 0x0) mmap$auto(0x0, 0x853, 0x2000000000000002, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x2) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffff00, 0x8000}, "290000000000000000000000008000"}) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS32(r1, 0x80585414, &(0x7f0000000040)={0x7, 0x1, 0x1c0, 0x6, 0xfffffff6, 0x2, "90577a425e214e1730ea2bab411a38e8857053c022bf12795a87e69f1bb7f01ffd02fe3d475a9b4644cf75f39f724fbed78ab016e711635563cbdd0aa81fb9cb"}) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x40800, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) setrlimit$auto(0x0, &(0x7f0000000000)={0x1, 0xfb3}) clone$auto(0x2, 0x5feb, 0x0, 0x0, 0x2000000000003) ioperm$auto(0x7, 0x6, 0x80) wait4$auto(0x0, 0xfffffffffffffffc, 0x60000003, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)={0x3, 0x0, [{0x587, 0x3}]}) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) 5.589338803s ago: executing program 0 (id=412): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20200, 0x0) ioctl$auto_SNDCTL_DSP_NONBLOCK(0xffffffffffffffff, 0x500e, &(0x7f0000000100)="7a9fd040a9dd2d6fd2a2c99b1fb6171c64e8f8b48b6fa1820a0629526a418bdc1b376c67a95da5308ad8ffa4f832f6d3ad849257818fd4c25cb1ac6397f3d53ad11219da2f6c4da21a0706742f79ae631080f2c63cd040ac200a7c1613ee754a0153d257dedc0f00d8a325ee91c96f11c4af7f00a801f33195a56fc1daab952fa8337fe95d21a6b8f4145c13bb3e1a3de8064535d7b8a879eb767e5e92c9d48db4d6e95974713c4ce5174aa7a838") mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x287) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) read$auto(r0, 0x0, 0x1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000001}, 0x6, 0xffffffffffffffff, 0x7ffffffffffffffb, 0x30) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000280)='/dev/cuse\x00', 0x680402, 0x0) read$auto(r1, 0x0, 0x7fff) writev$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x710f}, 0x5) rseq$auto(&(0x7f00000001c0)={0x0, 0x9, 0x8, 0x40, 0xffffffff, 0x9, "a9eed30cbb2c0849b3157ba08888c3532e0dbf956402dc8dd9dccd220b1fb1fcb36ff6173cf33067700dc3eb1080682265a526d30fad7da27dce3d089fa1355feb736ff7172207c37add21d90a42dbb6fe006b5d23f9d4719b20b59183bbdccee121f275b50ac4fad3b3291bdf5db06cb73d067f728bc6c12ecbdac81b36b3a18535f8e20ae47a2ef6e39524926d9568641fd03ae1cf8d48fcdf548bc1f604"}, 0x9, 0x3, 0x2af3) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0x4000e6e) open(0x0, 0x41a001, 0x409) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto_PR_SET_MM_ENV_END(0xfffffffa, 0xb, 0xffffffffffffffff, 0x79, 0x5) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xa, 0x0) 5.132005412s ago: executing program 0 (id=413): socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40851}, 0x24008845) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/pagemap\x00', 0x309801, 0x0) r2 = getpid() waitid$auto_P_PID(0x1, r2, &(0x7f0000000200)={@siginfo_0_0={0x87b, 0xff, 0x8, @_sigsys={&(0x7f0000000180)="a066b8e840c6311618ee915dcba2b561883f43193d2a5631fe8489c54c2e58e828919abdaea9ede3515e3e06ef5d9e26a356338ed2792d285c9166f052064c40c858589a8fc08743324746bfd929a8d9ab975df177246f1824ee62a621dc9c9b00fe", 0xffffffff, 0x7}}}, 0x1, &(0x7f0000000340)={{0x1, 0x8}, {0x8000000, 0x9}, 0x8, 0x6, 0x8, 0x1, 0x9, 0x6, 0x69, 0x3, 0x6, 0x0, 0x2, 0x37, 0x4, 0x6}) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nbd2/mq/0/nr_reserved_tags\x00', 0x8200, 0x0) read$auto(r3, 0x0, 0x20) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, &(0x7f0000001480)=@enable_stats={0x8}, 0x2) r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r4, &(0x7f0000000480)=""/4083, 0xff3) 4.895653878s ago: executing program 1 (id=414): r0 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000054c0)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x20a01, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(r0, &(0x7f0000000240)='/dev/vhost-net\x00', 0x4) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) sendmsg$auto_NL80211_CMD_PROBE_CLIENT(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x20000000) read$auto(r1, 0x0, 0x1) writev$auto(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x2080}, 0xe) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) socket(0x3, 0x800, 0x4) r3 = io_uring_setup$auto(0x2, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_TUNSETVNETBE(0xffffffffffffffff, 0x400454de, 0x0) sendmsg$auto_TASKSTATS_CMD_GET(r3, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000000}, 0xa8, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) getsockopt$auto_SO_TXREHASH(r4, 0xffffff00, 0x4a, &(0x7f00000001c0)='\x00', &(0x7f0000000200)=0x4) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x2, 0x20000003, 0x1005, 0x80000001, 0x40, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0xe, 0x0, 0x948f, 0xc, 0x206, 0x4, 0x0, 0x7, 0x9, 0xfffffffffffffff4, 0x6, 0x100000000000000, 0xfff, 0xf]}, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x100) r6 = socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r7 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r7, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r7, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r7, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x2c, 0xf3, 0x7, @inferred=r7}}) ioctl$auto_PPPIOCSPASS(r7, 0x40107447, 0x0) ioctl$auto(r6, 0x89a0, 0x4) syz_clone(0x60000, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, r2, 0x19) 3.603326738s ago: executing program 3 (id=415): statmount$auto(0x0, 0x0, 0x200, 0x81) setfsuid$auto(0xee00) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) statmount$auto(&(0x7f0000000000)={0x154, @inferred=r0, 0x2, 0xfffffffffffffffd, 0x4}, &(0x7f0000000700)={0x8000, 0x456f, 0x0, 0x8001, 0x7, 0x400000000000002, 0x80100000, 0x0, 0x1, 0x1, 0x8, 0x4, 0x1a32, 0x5, 0x4, 0x4, 0xe3, 0x4, 0x1000, 0x80000001, 0x10000000, 0x1ff, 0x0, 0x8000, 0xe, 0x7, 0x7b, 0x5, 0x7, 0x3, 0x9, [0x100000000, 0x1000, 0xfff, 0x6, 0x10000, 0x7, 0x3ff, 0x1, 0x9, 0x10, 0x9, 0x8, 0x5, 0x100, 0x765, 0x6, 0x2, 0x7, 0x2, 0xeec, 0x10, 0xf, 0x0, 0x4, 0x7fff, 0x0, 0x3, 0x3, 0x8f37, 0x7fff, 0x6, 0x7ff, 0x2, 0x45a3, 0xbf2, 0xd53d, 0x8, 0xa, 0x9, 0x1, 0xf, 0x9, 0x134b], "0c7562bdc8d7ead5b2c895979e7a167086f637a07622caebb9e66be11625e1fd60fd821d0a21e17ad32faff93f70c9387778c92de6b1319d6f36c07369b427fcce9e68be603ca7bcf2eb"}, 0x9, 0x80) r2 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000300), 0x40800, 0x0) ioctl$auto_FIONREAD(r2, 0x541b, 0x0) r3 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto_ftrace_subsystem_filter_fops_trace_events(r3, &(0x7f0000000140)="8f0447fef2afea7e35a0274f508a7311a1bb4baa95f757cf9e57a14e04358236f4a2bb9f473ce2a531c678ed7d6d28d43aaea2a69abe3e93453388adf35653f5875227ce319330afe5e4cc7601a8eccbb3729f9869ca35edaf6343e41fe91304ef53273ed0cc2dfe7bfe60f2c9fa95fc93cc906a80c2c437a39cd0672a169c151570a062a76e472626", 0x89) unshare$auto(0x40000080) mmap$auto(0x3dbcb68f, 0x7ff, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1, 0x1, 0x0, 0x402, 0xdd16) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa142, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000140)={{@inferred, 0x0, 0x4, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x3, 0x5, 0x4, @inferred, @enumerated={0x3, 0x800, "c832bcbae48ab01ec23457b7fd2dd3547c4e2eeba79edd0d1599ded9cbfaf517162fbe6a6f50f1aaa18fb20cabb4f176263bb0e781e3d0a2f992e8fcdcec86d9", 0x400, 0xc278}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd73340238d212b6debe0ada55bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) r5 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec10\x00', 0x101901, 0x0) tee$auto(r1, 0xffffffffffffffff, 0x7, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) ioctl$auto_CEC_TRANSMIT(r5, 0xc0386105, &(0x7f0000000000)={0x6, 0x3, 0x7, 0x2, 0x2, 0x7fffffff, "9b2189084142725dff0d933475a77466", 0xb, 0x5, 0x9, 0x5, 0x2, 0x4, 0x2}) 3.051025505s ago: executing program 2 (id=416): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) ioctl$auto(0x4000000000000c8, 0x400454cc, 0x6f) write$auto(0x3, 0x0, 0x1) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100000000) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socketpair$auto(0x800019, 0xf, 0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000300)="dd") close_range$auto(0x2, 0x8, 0x0) r2 = socketpair$auto(0x3, 0x12000000, 0xfffffffa, 0x0) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x9) r3 = socket(0xa, 0x3, 0x3b) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setsockopt$auto_SO_CNX_ADVICE(r3, 0xfff, 0x35, &(0x7f0000001500)='\x00', 0x9) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001180), r4) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f00000014c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000011c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b9effc6a4f747d5f75db0ad20000", @ANYRES16=r5, @ANYBLOB="000226bd7000fbdbdf25660000000400fd0004003c00"], 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x40011) sendmsg$auto_NL80211_CMD_UPDATE_OWE_INFO(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0xc8, r5, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_CNTDWN_OFFS_PRESP={0x91, 0xbb, "1b0c49885df0cdc5032655af6b505fb0313c74062f35b5798c2f608f38ddff194c2e5c5a4c8d02725a6e1f0a16f04305cc84798bd372c87b741a11040c67a2736fefd76b59db342714b1a0c31a16c5e95f0b34f5a40430d567b398c02195a3152433514de3b465e733f6d98e884b97420c8062dae35647c4e1f3a4e22220fe89409a1e35622b66a933eaefa330"}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "121324831f3129cebe475836e06aa4c37cf72cc535dd075d7a40"}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4000000}, 0x8041) ioctl$auto(0xc8, 0x400454ce, 0x5c8d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/rpc/use-gss-proxy\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r6, 0x0, 0x20) socket(0x22, 0x6, 0x84) 2.064328959s ago: executing program 1 (id=417): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty1\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r1 = socket(0x2b, 0x80000, 0x2) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24084005) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000180)) unshare$auto(0x8000000) shmget$auto(0x0, 0xfffffffffeffffff, 0x69c2) r2 = socket(0xa, 0x1, 0x100) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x20000, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) setns$auto(r4, 0x80000000) ioctl$auto(r4, 0x541c, 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, &(0x7f0000000300)="2b7956fa8a2881e7e40a2bbd5923d08ecba68e0cc973513066e1f12c849d8a5a8d98e05b2da6ff33e182e61373f62e5249730c597c1d30b390d27ef401c297923ffcafde40c1a6904abe8e66e74ee1918062b00defc2ad9aea0d59e9c0d4f866b1fb125deada7cd6268074e08359d171cb1954b6b53012445e70ce9f3fc1c0c96b526b517b6cd909e6b825a5fac48603b066673d4d90fd7bd7ae9de4cb25623ce2967f94cd415dd4c70566068c848546359dd205c010dfe0ca8751bc3924195105ab5d9f6b86232b1e7cf5da7e9d6db9468ea21cddfe80e645d3ba55ac5ab117") r5 = syz_genetlink_get_family_id$auto_nl80211(0x0, r2) sendmsg$auto_NL80211_CMD_CONNECT(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="02002c060000000000000000000004001601"], 0x18}, 0x1, 0x0, 0x0, 0x854}, 0x4) sendmsg$auto_NL80211_CMD_SET_STATION(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000001) ioctl$auto(r3, 0xab00, r2) unshare$auto(0xd) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x9, 0x2020009, 0x3, 0x7fffffff, 0xfffffffffffffffa, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) acct$auto(&(0x7f00000000c0)='/dev/vhost-vsock\x00') ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f00000002c0)="174c8bb6c072729f03df8840b4c076d067f5aaeb966aa8a92a384754af18bb886776d7fc041df70974dc3ee9dc9175a5867b94e6e799d584d831e32b7a6adf381bd38cd9540cf7578673bad4cd43320cf62447165389e3b44d8a044f09416207998b11de7fd4ecdb08bc5953bca342a3c7b1c4ba73c77e03c604b8807ee0bd5ac504e345bf671a14da852037048484561477b39785d66bef6751eae5403062295f502fb626c958cddb6a88cb09f3378c7186dedd6323ceb93eda6a0d705ac0be7d9ae27c04795e82ea5baae338da210eef8c64855d42bcd39a986fa3eab556bf009d2d9fb813126735c530559fe239251a45919e0a8f96677a3e7cbaddd17fb4c6d512dc88ddd3b0fb847d23bc61ff577727e0d6a249e32bbf7be902b9ec976af16b2653fffbc2464dda4114879a28bef18880c9ddd17f7c8d408c95dd4842c323169d9810acbc8a3490e4bf7dd62159be09e896170de1de") 968.50673ms ago: executing program 2 (id=418): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000840)='./cgroup.cpu/memory.stat\x00', 0x111100, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = prctl$auto(0xac6, 0xf2, 0xffffffffffffffff, 0x100000001, 0x7e37) getdents64$auto(r0, 0x0, 0x1) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) kexec_load$auto(0x5, 0x2, &(0x7f0000000100)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x6) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x7f) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto(r1, 0x5427, 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4000804) lstat$auto(0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_VENDOR(r2, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)={0x14, r3, 0x705, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r4, &(0x7f0000000340)=',02.15.4 ]\x98\x0f7V\xd4l\xf2AC\x04\xecQ=\xa2\xce\nO}\x1d\xd7\xb5\x92\xf7\xb2\xc2\xddm\xfbR\xfb\x92x\xd8\xb2\x8a&\xda\\\xa1}&^\x03\x02\xf28\xfd|\xed~\a\xaf\x14\xb5.\x92\"-6.\xb2$\x88\xeb\xdc\x0f\xba$?c\x8b\xcb\xf4q\r\xf5>}4\x99(\xb8D\x15\xb8\xc9U\x14\xd6r\xc9\x81\xbbI\xc9+^\x00\xf6\xb5\xd9\x1e\x89G?/\xc5\x86\xd0\xab\xb3\xfd\xc9?\xa7B\x1b\xdc\xff\xab\xb6~\x96\xd6\x9f\x1d\xfb\xa1dg\x9d\x8d]\xdek\x9c0\xea\xb3\nV\x1d\x10g\xaa\xf9\xf0\xc9\n\x8c\xf25G\x9c\x19\xe5\xd8\xa3\xee\x11\x12f\xd5o\x00\xeaY\n\xe0\x9f\r\xd4\x8e9G\x01\x04\xb2j\xbfYX\x9a)OQ\xedk\xb9\x85\x03c\xf3\x80\x10eG(\x94m81PL\x8d\xa47\x1a\x16\x11\xcd\xcdf\x15\r\x19\xc3\x90\xbe\x12\x85V\xeb\x8d\x97\xf0\x9c!\x86:\xe8\x8b\xa7@l', 0x3) getpid() r5 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0xc1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r5, 0x0) r6 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x364f9cefc8a0a83, 0x0) ioctl$auto_tracing_buffers_fops_trace(r6, 0x5220, 0x0) socket(0x2, 0x3, 0x1) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) 739.293232ms ago: executing program 0 (id=419): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x40, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r1 = socket(0xa, 0x2, 0x88) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x6) r2 = fanotify_init$auto(0x5, 0x0) fanotify_mark$auto(r2, 0x209, 0xa, r2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) prctl$auto(0x23, 0x4, 0x7fffffffefff, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r5 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto_fuse_dev_operations_fuse_i(r2, &(0x7f0000000280)="d96a0b13b66586f50e4a46b985f5e8fd5e618b981332ff54770ac764ce0fc26ed6bbd19caadc5ff9c1a636c02f10a104bac7ef9111b4070c2898d0635d30cbb5f67dc7a10674318fd4b04f06c496398e7e60616fe0df07af157aea25fdcd889a54b807429544bfa84560c47e845328c4af09cd986844d2fa1ed7efb65caba028107eb32514b7216bab13cec3a5f68f6f8083b4ea0ec6aea5b6e98d3417daa551bbd8911e8bfbcb37386eeaa35abea996e6f5949886c8ba5ecce82cdcbaf17f5a7df127d153c37270c51a044b48cfa1fb54e100080d0106be7be791", 0xdb) linkat$auto(r5, 0x0, 0xffffffffffffff9c, &(0x7f0000000040)='&&\x00', 0x1400) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x8000000000002, 0x0, 0x10000000, 0x3) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x4) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10001}, 0x80) clock_gettime$auto(0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r6, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f0000000000)={0x0, 0x400000000000004}, 0x4) 704.649729ms ago: executing program 1 (id=420): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) r2 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r2, 0x8000) r3 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r3, 0x5509, 0x1000000) fcntl$auto_F_NOTIFY(r2, 0x402, 0x9000) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) fsopen$auto(0x0, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) shutdown$auto(0x200000003, 0x2) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) mmap$auto(0x2, 0xffffffbffffffffd, 0x4000000000df, 0x1c, r1, 0x300000000000) socket(0x1d, 0x3, 0x1) r5 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r5, &(0x7f0000000440)="1100000007000000000000000000000001", 0x11) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r6, r6, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 0 (id=421): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x101001, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/eql/ifalias\x00', 0xb02, 0x0) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000280), 0x94001, 0x0) ioctl$auto_UI_SET_ABSBIT(r1, 0x40045567, &(0x7f0000000300)=0x81) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000440)=""/240, 0xf0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250af4"], 0x1c}}, 0x20008810) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) open(&(0x7f0000001bc0)='./file0\x00', 0x4142, 0x1) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty57\x00', 0x40741, 0x0) ioctl$auto(0x3, 0x402c542d, r3) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0x3, 0x541b, 0x74) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) r6 = openat$auto_ext4_dir_operations_ext4(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/bluetooth/hci4/power\x00', 0x8a040, 0x0) fcntl$auto_F_DUPFD_QUERY(r6, 0x403, r2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r4, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@ETHTOOL_A_TUNNEL_INFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x4000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.154' (ED25519) to the list of known hosts. [ 70.977596][ T5809] cgroup: Unknown subsys name 'net' [ 71.043052][ T5809] cgroup: Unknown subsys name 'cpuset' [ 71.051669][ T5809] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 71.373565][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.380108][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.483966][ T5809] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 74.374848][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 74.382955][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 74.390097][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.391692][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.398547][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 74.405605][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.412412][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.419113][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 74.427921][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.434735][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 74.443055][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.448083][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 74.454574][ T5834] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.463431][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 74.468867][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 74.483443][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.483623][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 74.491031][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.507122][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 74.515416][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.087893][ T5821] chnl_net:caif_netlink_parms(): no params data found [ 75.111813][ T5822] chnl_net:caif_netlink_parms(): no params data found [ 75.222959][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 75.293202][ T5820] chnl_net:caif_netlink_parms(): no params data found [ 75.379830][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.387711][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.394980][ T5822] bridge_slave_0: entered allmulticast mode [ 75.402225][ T5822] bridge_slave_0: entered promiscuous mode [ 75.425131][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.432496][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.439771][ T5821] bridge_slave_0: entered allmulticast mode [ 75.446731][ T5821] bridge_slave_0: entered promiscuous mode [ 75.454854][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.462176][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.469300][ T5821] bridge_slave_1: entered allmulticast mode [ 75.476605][ T5821] bridge_slave_1: entered promiscuous mode [ 75.484839][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.492055][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.499178][ T5822] bridge_slave_1: entered allmulticast mode [ 75.506978][ T5822] bridge_slave_1: entered promiscuous mode [ 75.580389][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.600432][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.607636][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.615131][ T5823] bridge_slave_0: entered allmulticast mode [ 75.622247][ T5823] bridge_slave_0: entered promiscuous mode [ 75.638271][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.650619][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.660196][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.667357][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.674613][ T5823] bridge_slave_1: entered allmulticast mode [ 75.681734][ T5823] bridge_slave_1: entered promiscuous mode [ 75.708521][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.761070][ T5821] team0: Port device team_slave_0 added [ 75.776011][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.783457][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.790852][ T5820] bridge_slave_0: entered allmulticast mode [ 75.797916][ T5820] bridge_slave_0: entered promiscuous mode [ 75.817992][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.825148][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.832401][ T5820] bridge_slave_1: entered allmulticast mode [ 75.839858][ T5820] bridge_slave_1: entered promiscuous mode [ 75.848658][ T5821] team0: Port device team_slave_1 added [ 75.856875][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.868385][ T5822] team0: Port device team_slave_0 added [ 75.896553][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.907444][ T5822] team0: Port device team_slave_1 added [ 75.957300][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.968564][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.975660][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.001843][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.038848][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.049020][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.056060][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.082127][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.095113][ T5823] team0: Port device team_slave_0 added [ 76.101620][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.108602][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.135054][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.178594][ T5823] team0: Port device team_slave_1 added [ 76.185947][ T5820] team0: Port device team_slave_0 added [ 76.192833][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.199973][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.226217][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.266488][ T5820] team0: Port device team_slave_1 added [ 76.341379][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.348357][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.375038][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.386877][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.394036][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.420200][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.437994][ T5821] hsr_slave_0: entered promiscuous mode [ 76.444707][ T5821] hsr_slave_1: entered promiscuous mode [ 76.457458][ T5822] hsr_slave_0: entered promiscuous mode [ 76.464070][ T5822] hsr_slave_1: entered promiscuous mode [ 76.470332][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 76.476109][ T5822] Cannot create hsr debugfs directory [ 76.482732][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.489752][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.516134][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.527700][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.534819][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.560774][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.570497][ T5837] Bluetooth: hci1: command tx timeout [ 76.571593][ T51] Bluetooth: hci2: command tx timeout [ 76.576902][ T5837] Bluetooth: hci3: command tx timeout [ 76.588362][ T5838] Bluetooth: hci0: command tx timeout [ 76.677433][ T5820] hsr_slave_0: entered promiscuous mode [ 76.683776][ T5820] hsr_slave_1: entered promiscuous mode [ 76.690239][ T5820] debugfs: 'hsr0' already exists in 'hsr' [ 76.695970][ T5820] Cannot create hsr debugfs directory [ 76.775561][ T5823] hsr_slave_0: entered promiscuous mode [ 76.782016][ T5823] hsr_slave_1: entered promiscuous mode [ 76.788012][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 76.793887][ T5823] Cannot create hsr debugfs directory [ 77.166602][ T5821] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 77.178153][ T5821] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 77.190596][ T5821] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 77.210927][ T5821] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 77.256435][ T5820] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 77.271858][ T5820] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 77.294390][ T5820] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 77.316437][ T5820] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 77.397450][ T5822] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 77.409135][ T5822] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 77.428781][ T5822] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 77.438910][ T5822] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 77.554960][ T5823] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 77.566763][ T5823] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 77.586842][ T5823] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 77.604832][ T5823] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 77.641527][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.680687][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.703694][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.711026][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.725137][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.746029][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.753248][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.811829][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.835020][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.850466][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.857693][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.882399][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.889536][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.938531][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.973756][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.980974][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.005869][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.013009][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.082252][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.152856][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.187323][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.194540][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.222920][ T1317] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.230136][ T1317] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.365962][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.466860][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.523699][ T5821] veth0_vlan: entered promiscuous mode [ 78.559180][ T5821] veth1_vlan: entered promiscuous mode [ 78.614219][ T5820] veth0_vlan: entered promiscuous mode [ 78.651122][ T5838] Bluetooth: hci2: command tx timeout [ 78.656726][ T5838] Bluetooth: hci1: command tx timeout [ 78.662545][ T51] Bluetooth: hci3: command tx timeout [ 78.662685][ T5837] Bluetooth: hci0: command tx timeout [ 78.678252][ T5820] veth1_vlan: entered promiscuous mode [ 78.691720][ T5821] veth0_macvtap: entered promiscuous mode [ 78.722276][ T5821] veth1_macvtap: entered promiscuous mode [ 78.743098][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.781967][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.815209][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.840528][ T5820] veth0_macvtap: entered promiscuous mode [ 78.849149][ T55] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.860879][ T55] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.876425][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.887037][ T55] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.896433][ T55] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.907494][ T5820] veth1_macvtap: entered promiscuous mode [ 78.942462][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.987984][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.019249][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.045594][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.055089][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.085011][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.110558][ T5822] veth0_vlan: entered promiscuous mode [ 79.122058][ T5823] veth0_vlan: entered promiscuous mode [ 79.127843][ T1005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.141929][ T1005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.188822][ T5823] veth1_vlan: entered promiscuous mode [ 79.206048][ T1005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.223677][ T1005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.225262][ T5822] veth1_vlan: entered promiscuous mode [ 79.282794][ T5823] veth0_macvtap: entered promiscuous mode [ 79.293599][ T1005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.308286][ T1005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.341922][ T5823] veth1_macvtap: entered promiscuous mode [ 79.365958][ T5821] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 79.372762][ T5822] veth0_macvtap: entered promiscuous mode [ 79.403208][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.422932][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.425356][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.439744][ T5822] veth1_macvtap: entered promiscuous mode [ 79.445526][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.496972][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.507330][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.518271][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.552412][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.573042][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.615006][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.678272][ T49] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.703034][ T49] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.760705][ T49] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.803372][ T49] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.843812][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.855399][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.955514][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.980650][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.053477][ T5917] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 80.103119][ T1317] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.150790][ T1317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.182917][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.229034][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.276601][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 80.279657][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 80.492851][ T5909] block nbd8: shutting down sockets [ 80.730332][ T5838] Bluetooth: hci1: command tx timeout [ 80.732813][ T5829] Bluetooth: hci3: command tx timeout [ 80.735767][ T5838] Bluetooth: hci2: command tx timeout [ 80.741832][ T5837] Bluetooth: hci0: command tx timeout [ 80.869832][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 80.897868][ T5932] Zero length message leads to an empty skb [ 81.096188][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 81.170566][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.179266][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.187902][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.198562][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 81.210183][ T5935] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 81.799922][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.170946][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.709166][ T5951] mmap: syz.0.6 (5951) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 82.812128][ T5837] Bluetooth: hci2: command tx timeout [ 82.826203][ T5829] Bluetooth: hci0: command tx timeout [ 82.833318][ T5838] Bluetooth: hci3: command tx timeout [ 82.833350][ T5837] Bluetooth: hci1: command tx timeout [ 84.530203][ T5976] input: jJǸ-9%vJ86 as /devices/virtual/input/input5 [ 84.866161][ T5961] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 85.204411][ T5988] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12'. [ 85.968871][ T5988] ipvlan0: entered promiscuous mode [ 86.010000][ T5988] ipvlan0: entered allmulticast mode [ 86.063583][ T5988] veth0_vlan: entered allmulticast mode [ 86.069882][ T5990] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 86.733451][ T9] cfg80211: failed to load regulatory.db [ 87.031288][ T5996] misc userio: Invalid payload size [ 87.094296][ T6002] rtc_cmos 00:00: Alarms can be up to one day in the future [ 87.342588][ T29] rtc_cmos 00:00: Alarms can be up to one day in the future [ 87.352572][ T29] rtc_cmos 00:00: Alarms can be up to one day in the future [ 87.381283][ T29] rtc_cmos 00:00: Alarms can be up to one day in the future [ 87.427931][ T29] rtc_cmos 00:00: Alarms can be up to one day in the future [ 87.445775][ T29] rtc rtc0: __rtc_set_alarm: err=-22 [ 88.669917][ T6030] zswap: compressor not available [ 89.112357][ T6037] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 89.119812][ T6037] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 89.157349][ T6037] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 89.210918][ T6039] futex_wake_op: syz.0.21 tries to shift op by -2048; fix this program [ 89.227009][ T6039] futex_wake_op: syz.0.21 tries to shift op by -2048; fix this program [ 89.280647][ T6037] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 89.323684][ T6037] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 89.398021][ T6037] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 89.421301][ T6037] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 89.453335][ T6037] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 89.610213][ T6037] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 89.629694][ T6037] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 89.640709][ T6037] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 89.699534][ T6037] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 91.141194][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 91.178896][ T6028] program syz.2.17 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 91.197312][ T6052] process 'syz.3.24' launched ':,' with NULL argv: empty string added [ 91.221124][ T6055] netlink: 28 bytes leftover after parsing attributes in process `syz.1.23'. [ 91.295361][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 91.449517][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 91.689465][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 91.706189][ T6061] netlink: 330 bytes leftover after parsing attributes in process `syz.1.25'. [ 92.057785][ T6069] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 92.984300][ T6066] Invalid ELF header magic: != ELF [ 93.228620][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 93.374826][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 93.530021][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 93.671036][ T6080] FAULT_INJECTION: forcing a failure. [ 93.671036][ T6080] name failslab, interval 1, probability 0, space 0, times 1 [ 93.719498][ T6080] CPU: 1 UID: 0 PID: 6080 Comm: syz.2.29 Not tainted syzkaller #0 PREEMPT(full) [ 93.719540][ T6080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 93.719560][ T6080] Call Trace: [ 93.719570][ T6080] [ 93.719580][ T6080] dump_stack_lvl+0x100/0x190 [ 93.719640][ T6080] should_fail_ex.cold+0x5/0xa [ 93.719676][ T6080] should_failslab+0xc2/0x120 [ 93.719707][ T6080] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 93.719748][ T6080] ? acpi_ut_create_control_state+0x6a/0x100 [ 93.719789][ T6080] acpi_ut_create_control_state+0x6a/0x100 [ 93.719820][ T6080] acpi_ds_exec_begin_control_op+0x21f/0x530 [ 93.719860][ T6080] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 93.719908][ T6080] acpi_ds_exec_begin_op+0x20a/0x9c0 [ 93.719942][ T6080] acpi_ps_create_op+0x7bb/0xd10 [ 93.719976][ T6080] ? __pfx_acpi_ps_create_op+0x10/0x10 [ 93.720007][ T6080] ? __pfx_acpi_ut_trace_ptr+0x10/0x10 [ 93.720040][ T6080] ? acpi_ut_value_exit+0x10d/0x190 [ 93.720082][ T6080] acpi_ps_parse_loop+0xa65/0x24a0 [ 93.720115][ T6080] ? __kmalloc_noprof+0x320/0x850 [ 93.720162][ T6080] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 93.720192][ T6080] ? acpi_ut_status_exit+0x111/0x1c0 [ 93.720229][ T6080] ? acpi_ds_call_control_method+0x435/0xab0 [ 93.720278][ T6080] acpi_ps_parse_aml+0x81e/0x1120 [ 93.720317][ T6080] acpi_ps_execute_method+0x5c4/0xe90 [ 93.720360][ T6080] acpi_ns_evaluate+0x640/0x1670 [ 93.720406][ T6080] acpi_evaluate_object+0x420/0xe00 [ 93.720432][ T6080] ? kasan_save_stack+0x30/0x50 [ 93.720472][ T6080] ? kasan_save_track+0x14/0x30 [ 93.720520][ T6080] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 93.720561][ T6080] acpi_evaluate_integer+0xdf/0x220 [ 93.720601][ T6080] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 93.720664][ T6080] ? __pfx_status_show+0x10/0x10 [ 93.720691][ T6080] status_show+0xa0/0x120 [ 93.720718][ T6080] ? __pfx_status_show+0x10/0x10 [ 93.720756][ T6080] dev_attr_show+0x52/0xa0 [ 93.720789][ T6080] ? __pfx_dev_attr_show+0x10/0x10 [ 93.720820][ T6080] sysfs_kf_seq_show+0x217/0x3a0 [ 93.720861][ T6080] seq_read_iter+0x32f/0x1270 [ 93.720921][ T6080] kernfs_fop_read_iter+0x46c/0x610 [ 93.720953][ T6080] ? rw_verify_area+0xce/0x6d0 [ 93.720991][ T6080] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 93.721025][ T6080] vfs_read+0x825/0xb30 [ 93.721073][ T6080] ? __pfx_vfs_read+0x10/0x10 [ 93.721140][ T6080] ksys_read+0x12a/0x250 [ 93.721181][ T6080] ? __pfx_ksys_read+0x10/0x10 [ 93.721235][ T6080] do_syscall_64+0x106/0xf80 [ 93.721272][ T6080] ? clear_bhb_loop+0x40/0x90 [ 93.721307][ T6080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.721336][ T6080] RIP: 0033:0x7fc14859c799 [ 93.721360][ T6080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 93.721395][ T6080] RSP: 002b:00007fc149375028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 93.721422][ T6080] RAX: ffffffffffffffda RBX: 00007fc148816090 RCX: 00007fc14859c799 [ 93.721442][ T6080] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000009 [ 93.721459][ T6080] RBP: 00007fc148632c99 R08: 0000000000000000 R09: 0000000000000000 [ 93.721476][ T6080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 93.721493][ T6080] R13: 00007fc148816128 R14: 00007fc148816090 R15: 00007fffe2d31428 [ 93.721534][ T6080] [ 93.722866][ T6080] ACPI Error: [ 93.831594][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 94.204136][ T6080] Aborting method \_SB.IQST due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 94.227259][ T6080] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 95.299581][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 95.449631][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 95.622594][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 95.850112][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 96.629577][ T6122] NFSD: Failed to start, no listeners configured. [ 97.641712][ T6126] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 98.119488][ T6134] netlink: 'syz.1.38': attribute type 1 has an invalid length. [ 98.531993][ T6110] program syz.2.34 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 100.503995][ T6160] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 100.792476][ T6171] netlink: 330 bytes leftover after parsing attributes in process `syz.2.45'. [ 100.948895][ T6176] netlink: 28 bytes leftover after parsing attributes in process `syz.1.46'. [ 101.324591][ T6160] tipc: Withdrawal distribution failure [ 101.613195][ T6186] FAULT_INJECTION: forcing a failure. [ 101.613195][ T6186] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 101.689491][ T6186] CPU: 1 UID: 0 PID: 6186 Comm: syz.2.47 Not tainted syzkaller #0 PREEMPT(full) [ 101.689529][ T6186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 101.689540][ T6186] Call Trace: [ 101.689546][ T6186] [ 101.689552][ T6186] dump_stack_lvl+0x100/0x190 [ 101.689580][ T6186] should_fail_ex.cold+0x5/0xa [ 101.689595][ T6186] ? prepare_alloc_pages+0x16d/0x5f0 [ 101.689613][ T6186] should_fail_alloc_page+0xeb/0x140 [ 101.689630][ T6186] prepare_alloc_pages+0x1f0/0x5f0 [ 101.689649][ T6186] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 101.689672][ T6186] ? __rb_reserve_next.constprop.0+0x6f7/0x1650 [ 101.689700][ T6186] ? ring_buffer_lock_reserve+0x48b/0x11c0 [ 101.689718][ T6186] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 101.689742][ T6186] ? rb_commit+0x129/0x9d0 [ 101.689757][ T6186] ? kernel_text_address+0x8d/0x100 [ 101.689783][ T6186] ? ring_buffer_unlock_commit+0x2e6/0x6f0 [ 101.689805][ T6186] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 101.689829][ T6186] ? policy_nodemask+0xed/0x4f0 [ 101.689845][ T6186] alloc_pages_mpol+0x1fb/0x550 [ 101.689861][ T6186] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 101.689879][ T6186] ? trace_event_raw_event_alloc_vmap_area+0x21f/0x300 [ 101.689906][ T6186] alloc_pages_noprof+0x131/0x390 [ 101.689922][ T6186] get_free_pages_noprof+0x10/0xb0 [ 101.689936][ T6186] __kasan_populate_vmalloc+0xa0/0x210 [ 101.689961][ T6186] alloc_vmap_area+0x95d/0x2bd0 [ 101.689986][ T6186] ? __pfx_alloc_vmap_area+0x10/0x10 [ 101.690007][ T6186] __get_vm_area_node+0x1ca/0x330 [ 101.690026][ T6186] __vmalloc_node_range_noprof+0x213/0x1530 [ 101.690044][ T6186] ? kernel_clone+0xfc/0x9a0 [ 101.690059][ T6186] ? find_held_lock+0x2b/0x80 [ 101.690072][ T6186] ? local_lock_release+0x99/0x130 [ 101.690088][ T6186] ? local_lock_release+0x99/0x130 [ 101.690107][ T6186] ? kernel_clone+0xfc/0x9a0 [ 101.690123][ T6186] ? find_held_lock+0x2b/0x80 [ 101.690135][ T6186] ? rcu_read_unlock+0x17/0x60 [ 101.690150][ T6186] ? rcu_read_unlock+0x17/0x60 [ 101.690165][ T6186] ? obj_cgroup_charge_account+0x46d/0x640 [ 101.690181][ T6186] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 101.690200][ T6186] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 101.690219][ T6186] ? rcu_is_watching+0x12/0xc0 [ 101.690239][ T6186] ? trace_kmem_cache_alloc+0xf3/0x120 [ 101.690255][ T6186] ? kernel_clone+0xfc/0x9a0 [ 101.690270][ T6186] __vmalloc_node_noprof+0xad/0xf0 [ 101.690288][ T6186] ? kernel_clone+0xfc/0x9a0 [ 101.690305][ T6186] copy_process+0x5ec/0x7a10 [ 101.690320][ T6186] ? futex_unqueue+0x133/0x2c0 [ 101.690346][ T6186] ? __pfx_copy_process+0x10/0x10 [ 101.690366][ T6186] ? _copy_from_user+0x59/0xd0 [ 101.690400][ T6186] kernel_clone+0xfc/0x9a0 [ 101.690417][ T6186] ? __pfx_kernel_clone+0x10/0x10 [ 101.690438][ T6186] ? __pfx_futex_wait+0x10/0x10 [ 101.690464][ T6186] __do_sys_clone3+0x214/0x290 [ 101.690485][ T6186] ? __pfx___do_sys_clone3+0x10/0x10 [ 101.690525][ T6186] do_syscall_64+0x106/0xf80 [ 101.690545][ T6186] ? clear_bhb_loop+0x40/0x90 [ 101.690563][ T6186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.690578][ T6186] RIP: 0033:0x7fc14859c799 [ 101.690591][ T6186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 101.690605][ T6186] RSP: 002b:00007fc149395ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 101.690619][ T6186] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fc14859c799 [ 101.690629][ T6186] RDX: 00007fc149395f10 RSI: 0000000000000058 RDI: 00007fc149395f10 [ 101.690638][ T6186] RBP: 00007fc148632c99 R08: 0000000000000000 R09: 0000000000000058 [ 101.690647][ T6186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 101.690655][ T6186] R13: 00007fc148816038 R14: 00007fc148815fa0 R15: 00007fffe2d31428 [ 101.690675][ T6186] [ 101.690847][ T6186] syz.2.47: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 102.289569][ T6188] syz.0.49 (6188) used greatest stack depth: 19672 bytes left [ 102.423200][ T6186] ,cpuset=/,mems_allowed=0-1 [ 102.428054][ T6186] CPU: 1 UID: 0 PID: 6186 Comm: syz.2.47 Not tainted syzkaller #0 PREEMPT(full) [ 102.428073][ T6186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 102.428081][ T6186] Call Trace: [ 102.428087][ T6186] [ 102.428092][ T6186] dump_stack_lvl+0x100/0x190 [ 102.428117][ T6186] warn_alloc.cold+0x95/0x1c1 [ 102.428141][ T6186] ? __pfx_warn_alloc+0x10/0x10 [ 102.428161][ T6186] ? lockdep_hardirqs_on+0x78/0x100 [ 102.428183][ T6186] ? __get_vm_area_node+0x2c5/0x330 [ 102.428203][ T6186] ? __get_vm_area_node+0x208/0x330 [ 102.428222][ T6186] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 102.428239][ T6186] ? find_held_lock+0x2b/0x80 [ 102.428252][ T6186] ? local_lock_release+0x99/0x130 [ 102.428272][ T6186] ? local_lock_release+0x99/0x130 [ 102.428290][ T6186] ? kernel_clone+0xfc/0x9a0 [ 102.428307][ T6186] ? find_held_lock+0x2b/0x80 [ 102.428319][ T6186] ? rcu_read_unlock+0x17/0x60 [ 102.428334][ T6186] ? rcu_read_unlock+0x17/0x60 [ 102.428348][ T6186] ? obj_cgroup_charge_account+0x46d/0x640 [ 102.428364][ T6186] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 102.428383][ T6186] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 102.428402][ T6186] ? rcu_is_watching+0x12/0xc0 [ 102.428422][ T6186] ? trace_kmem_cache_alloc+0xf3/0x120 [ 102.428439][ T6186] ? kernel_clone+0xfc/0x9a0 [ 102.428454][ T6186] __vmalloc_node_noprof+0xad/0xf0 [ 102.428471][ T6186] ? kernel_clone+0xfc/0x9a0 [ 102.428488][ T6186] copy_process+0x5ec/0x7a10 [ 102.428502][ T6186] ? futex_unqueue+0x133/0x2c0 [ 102.428528][ T6186] ? __pfx_copy_process+0x10/0x10 [ 102.428549][ T6186] ? _copy_from_user+0x59/0xd0 [ 102.428567][ T6186] kernel_clone+0xfc/0x9a0 [ 102.428584][ T6186] ? __pfx_kernel_clone+0x10/0x10 [ 102.428604][ T6186] ? __pfx_futex_wait+0x10/0x10 [ 102.428630][ T6186] __do_sys_clone3+0x214/0x290 [ 102.428646][ T6186] ? __pfx___do_sys_clone3+0x10/0x10 [ 102.428685][ T6186] do_syscall_64+0x106/0xf80 [ 102.428704][ T6186] ? clear_bhb_loop+0x40/0x90 [ 102.428721][ T6186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.428735][ T6186] RIP: 0033:0x7fc14859c799 [ 102.428749][ T6186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 102.428770][ T6186] RSP: 002b:00007fc149395ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 102.428783][ T6186] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fc14859c799 [ 102.428793][ T6186] RDX: 00007fc149395f10 RSI: 0000000000000058 RDI: 00007fc149395f10 [ 102.428802][ T6186] RBP: 00007fc148632c99 R08: 0000000000000000 R09: 0000000000000058 [ 102.428810][ T6186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.428818][ T6186] R13: 00007fc148816038 R14: 00007fc148815fa0 R15: 00007fffe2d31428 [ 102.428837][ T6186] [ 102.428852][ T6186] Mem-Info: [ 102.788054][ T6186] active_anon:14631 inactive_anon:0 isolated_anon:0 [ 102.788054][ T6186] active_file:11720 inactive_file:40546 isolated_file:0 [ 102.788054][ T6186] unevictable:768 dirty:382 writeback:0 [ 102.788054][ T6186] slab_reclaimable:11121 slab_unreclaimable:91324 [ 102.788054][ T6186] mapped:33016 shmem:7681 pagetables:1199 [ 102.788054][ T6186] sec_pagetables:0 bounce:0 [ 102.788054][ T6186] kernel_misc_reclaimable:0 [ 102.788054][ T6186] free:1321591 free_pcp:12561 free_cma:0 [ 102.958276][ T6186] Node 0 active_anon:60768kB inactive_anon:0kB active_file:46880kB inactive_file:162000kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:130168kB dirty:1592kB writeback:0kB shmem:31596kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11284kB pagetables:4588kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 103.054769][ T6199] FAULT_INJECTION: forcing a failure. [ 103.054769][ T6199] name failslab, interval 1, probability 0, space 0, times 0 [ 103.089568][ T6186] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 103.133077][ T6199] CPU: 0 UID: 0 PID: 6199 Comm: syz.2.47 Not tainted syzkaller #0 PREEMPT(full) [ 103.133112][ T6199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 103.133127][ T6199] Call Trace: [ 103.133136][ T6199] [ 103.133145][ T6199] dump_stack_lvl+0x100/0x190 [ 103.133197][ T6199] should_fail_ex.cold+0x5/0xa [ 103.133230][ T6199] should_failslab+0xc2/0x120 [ 103.133259][ T6199] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 103.133300][ T6199] ? __kernfs_new_node+0xd2/0x960 [ 103.133344][ T6199] __kernfs_new_node+0xd2/0x960 [ 103.133379][ T6199] ? kernfs_add_one+0x583/0x850 [ 103.133421][ T6199] ? __pfx___kernfs_new_node+0x10/0x10 [ 103.133462][ T6199] ? find_held_lock+0x2b/0x80 [ 103.133487][ T6199] ? kernfs_root+0xee/0x2a0 [ 103.133520][ T6199] ? kernfs_root+0xee/0x2a0 [ 103.133561][ T6199] kernfs_new_node+0x11b/0x1a0 [ 103.133606][ T6199] kernfs_create_dir_ns+0x4c/0x1a0 [ 103.133647][ T6199] internal_create_group+0x36f/0xf40 [ 103.133687][ T6199] ? __pfx_internal_create_group+0x10/0x10 [ 103.133719][ T6199] ? __pfx_internal_create_group+0x10/0x10 [ 103.133756][ T6199] ? __pfx_dev_add_physical_location+0x10/0x10 [ 103.133782][ T6199] ? bus_to_subsys+0x114/0x150 [ 103.133814][ T6199] dpm_sysfs_add+0x80/0x280 [ 103.133838][ T6199] device_add+0x9ef/0x1950 [ 103.133867][ T6199] ? __pfx_device_add+0x10/0x10 [ 103.133894][ T6199] ? lockdep_init_map_type+0x5c/0x250 [ 103.133924][ T6199] ? __init_waitqueue_head+0xca/0x150 [ 103.133962][ T6199] netdev_register_kobject+0x1a9/0x3d0 [ 103.134005][ T6199] register_netdevice+0x12e0/0x2210 [ 103.134046][ T6199] ? __pfx_register_netdevice+0x10/0x10 [ 103.134089][ T6199] ip6_mroute_setsockopt+0x683/0x36d0 [ 103.134124][ T6199] ? lock_acquire+0x1cf/0x380 [ 103.134163][ T6199] ? __pfx_ip6_mroute_setsockopt+0x10/0x10 [ 103.134204][ T6199] ? perf_trace_sched_stat_runtime+0x560/0x600 [ 103.134234][ T6199] ? lockdep_hardirqs_on+0x78/0x100 [ 103.134270][ T6199] ? rcu_is_watching+0x12/0xc0 [ 103.134309][ T6199] ? trace_sched_exit_tp+0x13a/0x180 [ 103.134344][ T6199] ? __schedule+0x1000/0x6120 [ 103.134381][ T6199] ? __lock_acquire+0x4a5/0x2630 [ 103.134442][ T6199] ? do_ipv6_setsockopt+0x551/0x4400 [ 103.134484][ T6199] do_ipv6_setsockopt+0x551/0x4400 [ 103.134530][ T6199] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 103.134567][ T6199] ? aa_label_sk_perm+0x194/0x5f0 [ 103.134599][ T6199] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 103.134633][ T6199] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 103.134662][ T6199] ? __pfx_futex_wake_mark+0x10/0x10 [ 103.134709][ T6199] ? find_held_lock+0x2b/0x80 [ 103.134727][ T6199] ? futex_wake+0x456/0x530 [ 103.134754][ T6199] ? __pfx___might_resched+0x10/0x10 [ 103.134775][ T6199] ? __lock_acquire+0x4a5/0x2630 [ 103.134795][ T6199] ? aa_sk_perm+0x309/0xaa0 [ 103.134813][ T6199] ? ipv6_setsockopt+0xcb/0x170 [ 103.134833][ T6199] ipv6_setsockopt+0xcb/0x170 [ 103.134857][ T6199] rawv6_setsockopt+0xee/0x5a0 [ 103.134878][ T6199] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 103.134898][ T6199] ? aa_sock_opt_perm+0xfe/0x1b0 [ 103.134918][ T6199] ? sock_common_setsockopt+0x2e/0xf0 [ 103.134941][ T6199] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 103.134964][ T6199] do_sock_setsockopt+0xf3/0x1d0 [ 103.134989][ T6199] __sys_setsockopt+0x119/0x190 [ 103.135013][ T6199] __x64_sys_setsockopt+0xbd/0x160 [ 103.135031][ T6199] ? do_syscall_64+0x95/0xf80 [ 103.135050][ T6199] ? lockdep_hardirqs_on+0x78/0x100 [ 103.135069][ T6199] do_syscall_64+0x106/0xf80 [ 103.135087][ T6199] ? clear_bhb_loop+0x40/0x90 [ 103.135104][ T6199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.135119][ T6199] RIP: 0033:0x7fc14859c799 [ 103.135132][ T6199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 103.135146][ T6199] RSP: 002b:00007fc149375028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 103.135161][ T6199] RAX: ffffffffffffffda RBX: 00007fc148816090 RCX: 00007fc14859c799 [ 103.135170][ T6199] RDX: 00000000000000ca RSI: 0000000000000029 RDI: 0400000000000003 [ 103.135179][ T6199] RBP: 00007fc148632c99 R08: 0000000000000567 R09: 0000000000000000 [ 103.135197][ T6199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.135206][ T6199] R13: 00007fc148816128 R14: 00007fc148816090 R15: 00007fffe2d31428 [ 103.135226][ T6199] [ 104.014128][ T6186] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 104.333749][ T6186] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 104.349808][ T6186] Node 0 DMA32 free:1286728kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:94876kB inactive_anon:0kB active_file:46880kB inactive_file:162000kB unevictable:1536kB writepending:1704kB zspages:0kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:49696kB local_pcp:21592kB free_cma:0kB [ 104.432883][ T6186] lowmem_reserve[]: 0 0 1 1 1 [ 104.451051][ T6186] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 104.582715][ T6186] lowmem_reserve[]: 0 0 0 0 0 [ 104.587455][ T6186] Node 1 Normal free:3946568kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 104.619200][ T6186] lowmem_reserve[]: 0 0 0 0 0 [ 104.624531][ T6186] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 104.642225][ T6186] Node 0 DMA32: 918*4kB (U) 562*8kB (U) 201*16kB (U) 95*32kB (UE) 25*64kB (UE) 63*128kB (UME) 100*256kB (UME) 49*512kB (UM) 23*1024kB (UME) 4*2048kB (UME) 288*4096kB (UM) = 1286168kB [ 104.677377][ T6186] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 104.704709][ T6186] Node 1 Normal: 8*4kB (UM) 11*8kB (UM) 11*16kB (UM) 11*32kB (UM) 5*64kB (UM) 5*128kB (UM) 2*256kB (M) 4*512kB (UM) 2*1024kB (UM) 2*2048kB (U) 961*4096kB (M) = 3946568kB [ 104.738401][ T6186] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 104.829461][ T6186] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 104.838812][ T6186] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 104.869823][ T6186] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 104.889739][ T6186] 70049 total pagecache pages [ 104.894450][ T6186] 3 pages in swap cache [ 104.898607][ T6186] Free swap = 121648kB [ 104.913105][ T6186] Total swap = 124996kB [ 104.955660][ T6186] 2097051 pages RAM [ 104.978583][ T6186] 0 pages HighMem/MovableOnly [ 105.009434][ T6186] 430825 pages reserved [ 105.028397][ T6186] 0 pages cma reserved [ 106.647308][ T6234] NFSD: Failed to start, no listeners configured. [ 108.222504][ T6254] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 108.247248][ T6198] Bluetooth: hci2: unexpected event 0x33 length: 124 > 10 [ 108.644726][ T6254] bond0: option miimon: invalid value () [ 108.720251][ T6254] bond0: option miimon: allowed values 0 - 2147483647 [ 109.672579][ T6198] Bluetooth: hci2: unexpected event 0x04 length: 64 > 10 [ 109.672871][ T6198] Bluetooth: hci2: connection err: -111 [ 111.578272][ T6308] random: crng reseeded on system resumption [ 111.796269][ T6333] FAULT_INJECTION: forcing a failure. [ 111.796269][ T6333] name failslab, interval 1, probability 0, space 0, times 0 [ 111.851247][ T6333] CPU: 0 UID: 0 PID: 6333 Comm: syz.0.69 Not tainted syzkaller #0 PREEMPT(full) [ 111.851270][ T6333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 111.851279][ T6333] Call Trace: [ 111.851284][ T6333] [ 111.851291][ T6333] dump_stack_lvl+0x100/0x190 [ 111.851317][ T6333] should_fail_ex.cold+0x5/0xa [ 111.851335][ T6333] should_failslab+0xc2/0x120 [ 111.851351][ T6333] __kmalloc_cache_noprof+0x7a/0x6f0 [ 111.851370][ T6333] ? kstrdup_quotable_cmdline+0x52/0x210 [ 111.851389][ T6333] ? get_cmdline+0x86/0x360 [ 111.851408][ T6333] kstrdup_quotable_cmdline+0x52/0x210 [ 111.851430][ T6333] __report_access+0x77/0x230 [ 111.851447][ T6333] ? _raw_spin_unlock_irq+0x23/0x50 [ 111.851467][ T6333] task_work_run+0x150/0x240 [ 111.851490][ T6333] ? __pfx_task_work_run+0x10/0x10 [ 111.851509][ T6333] ? xfd_validate_state+0x129/0x190 [ 111.851533][ T6333] exit_to_user_mode_loop+0x100/0x4a0 [ 111.851553][ T6333] do_syscall_64+0x668/0xf80 [ 111.851572][ T6333] ? clear_bhb_loop+0x40/0x90 [ 111.851589][ T6333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.851604][ T6333] RIP: 0033:0x7f268b39c799 [ 111.851616][ T6333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.851630][ T6333] RSP: 002b:00007f268c2d0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 111.851644][ T6333] RAX: ffffffffffffffff RBX: 00007f268b615fa0 RCX: 00007f268b39c799 [ 111.851654][ T6333] RDX: 0000000000000012 RSI: 0000200000002980 RDI: 0000000000000001 [ 111.851662][ T6333] RBP: 00007f268b432c99 R08: 0000000000000004 R09: 0000000000000000 [ 111.851671][ T6333] R10: 0000200000002a40 R11: 0000000000000246 R12: 0000000000000000 [ 111.851679][ T6333] R13: 00007f268b616038 R14: 00007f268b615fa0 R15: 00007ffef3e37838 [ 111.851697][ T6333] [ 111.851832][ T6333] ptrace attach of "./syz-executor exec"[5820] was attempted by "(null)"[6333] [ 112.608823][ T6340] FAULT_INJECTION: forcing a failure. [ 112.608823][ T6340] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 112.628771][ T6340] CPU: 0 UID: 0 PID: 6340 Comm: syz.3.70 Not tainted syzkaller #0 PREEMPT(full) [ 112.628805][ T6340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 112.628819][ T6340] Call Trace: [ 112.628828][ T6340] [ 112.628838][ T6340] dump_stack_lvl+0x100/0x190 [ 112.628892][ T6340] should_fail_ex.cold+0x5/0xa [ 112.628916][ T6340] ? prepare_alloc_pages+0x16d/0x5f0 [ 112.628945][ T6340] should_fail_alloc_page+0xeb/0x140 [ 112.628972][ T6340] prepare_alloc_pages+0x1f0/0x5f0 [ 112.629003][ T6340] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 112.629052][ T6340] ? find_held_lock+0x2b/0x80 [ 112.629075][ T6340] ? is_bpf_text_address+0x8a/0x1a0 [ 112.629109][ T6340] ? is_bpf_text_address+0x8a/0x1a0 [ 112.629142][ T6340] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 112.629177][ T6340] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 112.629200][ T6340] ? is_bpf_text_address+0x94/0x1a0 [ 112.629234][ T6340] ? kernel_text_address+0x8d/0x100 [ 112.629269][ T6340] ? __kernel_text_address+0xd/0x30 [ 112.629311][ T6340] ? unwind_get_return_address+0x59/0xa0 [ 112.629349][ T6340] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 112.629388][ T6340] ? policy_nodemask+0xed/0x4f0 [ 112.629417][ T6340] alloc_pages_mpol+0x1fb/0x550 [ 112.629447][ T6340] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 112.629474][ T6340] ? kasan_save_stack+0x30/0x50 [ 112.629517][ T6340] ? kasan_save_track+0x14/0x30 [ 112.629553][ T6340] ? __kasan_kmalloc+0xaa/0xb0 [ 112.629591][ T6340] ? __get_vm_area_node+0x101/0x330 [ 112.629619][ T6340] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 112.629654][ T6340] alloc_pages_noprof+0x131/0x390 [ 112.629682][ T6340] get_free_pages_noprof+0x10/0xb0 [ 112.629710][ T6340] __kasan_populate_vmalloc+0xa0/0x210 [ 112.629758][ T6340] alloc_vmap_area+0x95d/0x2bd0 [ 112.629799][ T6340] ? __pfx_alloc_vmap_area+0x10/0x10 [ 112.629837][ T6340] __get_vm_area_node+0x1ca/0x330 [ 112.629886][ T6340] __vmalloc_node_range_noprof+0x213/0x1530 [ 112.629923][ T6340] ? kernel_clone+0xfc/0x9a0 [ 112.629952][ T6340] ? find_held_lock+0x2b/0x80 [ 112.629977][ T6340] ? local_lock_release+0x99/0x130 [ 112.630007][ T6340] ? local_lock_release+0x99/0x130 [ 112.630043][ T6340] ? kernel_clone+0xfc/0x9a0 [ 112.630072][ T6340] ? find_held_lock+0x2b/0x80 [ 112.630093][ T6340] ? rcu_read_unlock+0x17/0x60 [ 112.630121][ T6340] ? rcu_read_unlock+0x17/0x60 [ 112.630150][ T6340] ? obj_cgroup_charge_account+0x46d/0x640 [ 112.630182][ T6340] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 112.630219][ T6340] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 112.630255][ T6340] ? rcu_is_watching+0x12/0xc0 [ 112.630293][ T6340] ? trace_kmem_cache_alloc+0xf3/0x120 [ 112.630326][ T6340] ? kernel_clone+0xfc/0x9a0 [ 112.630351][ T6340] __vmalloc_node_noprof+0xad/0xf0 [ 112.630380][ T6340] ? kernel_clone+0xfc/0x9a0 [ 112.630412][ T6340] copy_process+0x5ec/0x7a10 [ 112.630441][ T6340] ? futex_unqueue+0x133/0x2c0 [ 112.630490][ T6340] ? __pfx_copy_process+0x10/0x10 [ 112.630531][ T6340] ? _copy_from_user+0x59/0xd0 [ 112.630563][ T6340] kernel_clone+0xfc/0x9a0 [ 112.630599][ T6340] ? __pfx_kernel_clone+0x10/0x10 [ 112.630640][ T6340] ? __pfx_futex_wait+0x10/0x10 [ 112.630692][ T6340] __do_sys_clone3+0x214/0x290 [ 112.630725][ T6340] ? __pfx___do_sys_clone3+0x10/0x10 [ 112.630796][ T6340] do_syscall_64+0x106/0xf80 [ 112.630833][ T6340] ? clear_bhb_loop+0x40/0x90 [ 112.630867][ T6340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.630905][ T6340] RIP: 0033:0x7fe6d019c799 [ 112.630929][ T6340] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 112.630955][ T6340] RSP: 002b:00007fe6d10ecef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 112.630982][ T6340] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fe6d019c799 [ 112.631001][ T6340] RDX: 00007fe6d10ecf10 RSI: 0000000000000058 RDI: 00007fe6d10ecf10 [ 112.631019][ T6340] RBP: 00007fe6d0232c99 R08: 0000000000000000 R09: 0000000000000058 [ 112.631037][ T6340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.631054][ T6340] R13: 00007fe6d0416038 R14: 00007fe6d0415fa0 R15: 00007ffdac053a88 [ 112.631092][ T6340] [ 113.099995][ T6340] syz.3.70: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 113.179391][ T6340] CPU: 1 UID: 0 PID: 6340 Comm: syz.3.70 Not tainted syzkaller #0 PREEMPT(full) [ 113.179432][ T6340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 113.179449][ T6340] Call Trace: [ 113.179459][ T6340] [ 113.179470][ T6340] dump_stack_lvl+0x100/0x190 [ 113.179518][ T6340] warn_alloc.cold+0x95/0x1c1 [ 113.179564][ T6340] ? __pfx_warn_alloc+0x10/0x10 [ 113.179600][ T6340] ? lockdep_hardirqs_on+0x78/0x100 [ 113.179643][ T6340] ? __get_vm_area_node+0x2c5/0x330 [ 113.179682][ T6340] ? __get_vm_area_node+0x208/0x330 [ 113.179722][ T6340] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 113.179755][ T6340] ? find_held_lock+0x2b/0x80 [ 113.179781][ T6340] ? local_lock_release+0x99/0x130 [ 113.179810][ T6340] ? local_lock_release+0x99/0x130 [ 113.179845][ T6340] ? kernel_clone+0xfc/0x9a0 [ 113.179877][ T6340] ? find_held_lock+0x2b/0x80 [ 113.179902][ T6340] ? rcu_read_unlock+0x17/0x60 [ 113.179930][ T6340] ? rcu_read_unlock+0x17/0x60 [ 113.179960][ T6340] ? obj_cgroup_charge_account+0x46d/0x640 [ 113.179991][ T6340] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 113.180029][ T6340] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 113.180065][ T6340] ? rcu_is_watching+0x12/0xc0 [ 113.180105][ T6340] ? trace_kmem_cache_alloc+0xf3/0x120 [ 113.180138][ T6340] ? kernel_clone+0xfc/0x9a0 [ 113.180166][ T6340] __vmalloc_node_noprof+0xad/0xf0 [ 113.180199][ T6340] ? kernel_clone+0xfc/0x9a0 [ 113.180234][ T6340] copy_process+0x5ec/0x7a10 [ 113.180262][ T6340] ? futex_unqueue+0x133/0x2c0 [ 113.180310][ T6340] ? __pfx_copy_process+0x10/0x10 [ 113.180359][ T6340] ? _copy_from_user+0x59/0xd0 [ 113.180396][ T6340] kernel_clone+0xfc/0x9a0 [ 113.180429][ T6340] ? __pfx_kernel_clone+0x10/0x10 [ 113.180467][ T6340] ? __pfx_futex_wait+0x10/0x10 [ 113.180518][ T6340] __do_sys_clone3+0x214/0x290 [ 113.180549][ T6340] ? __pfx___do_sys_clone3+0x10/0x10 [ 113.180624][ T6340] do_syscall_64+0x106/0xf80 [ 113.180660][ T6340] ? clear_bhb_loop+0x40/0x90 [ 113.180693][ T6340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.180727][ T6340] RIP: 0033:0x7fe6d019c799 [ 113.180751][ T6340] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 113.180779][ T6340] RSP: 002b:00007fe6d10ecef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 113.180805][ T6340] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fe6d019c799 [ 113.180823][ T6340] RDX: 00007fe6d10ecf10 RSI: 0000000000000058 RDI: 00007fe6d10ecf10 [ 113.180840][ T6340] RBP: 00007fe6d0232c99 R08: 0000000000000000 R09: 0000000000000058 [ 113.180856][ T6340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.180872][ T6340] R13: 00007fe6d0416038 R14: 00007fe6d0415fa0 R15: 00007ffdac053a88 [ 113.180910][ T6340] [ 113.180919][ T6340] Mem-Info: [ 113.567031][ T6344] FAULT_INJECTION: forcing a failure. [ 113.567031][ T6344] name failslab, interval 1, probability 0, space 0, times 0 [ 113.599736][ T6340] active_anon:13649 inactive_anon:7438 isolated_anon:0 [ 113.599736][ T6340] active_file:1815 inactive_file:50375 isolated_file:0 [ 113.599736][ T6340] unevictable:768 dirty:128 writeback:275 [ 113.599736][ T6340] slab_reclaimable:10838 slab_unreclaimable:92282 [ 113.599736][ T6340] mapped:33702 shmem:10208 pagetables:1211 [ 113.599736][ T6340] sec_pagetables:0 bounce:0 [ 113.599736][ T6340] kernel_misc_reclaimable:0 [ 113.599736][ T6340] free:1321714 free_pcp:5272 free_cma:0 [ 113.679484][ T6344] CPU: 1 UID: 0 PID: 6344 Comm: syz.3.70 Not tainted syzkaller #0 PREEMPT(full) [ 113.679523][ T6344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 113.679540][ T6344] Call Trace: [ 113.679550][ T6344] [ 113.679561][ T6344] dump_stack_lvl+0x100/0x190 [ 113.679608][ T6344] should_fail_ex.cold+0x5/0xa [ 113.679641][ T6344] should_failslab+0xc2/0x120 [ 113.679671][ T6344] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 113.679711][ T6344] ? __kernfs_new_node+0xd2/0x960 [ 113.679757][ T6344] __kernfs_new_node+0xd2/0x960 [ 113.679833][ T6344] ? __pfx___kernfs_new_node+0x10/0x10 [ 113.679863][ T6344] ? find_held_lock+0x2b/0x80 [ 113.679877][ T6344] ? kernfs_root+0xee/0x2a0 [ 113.679896][ T6344] ? kernfs_root+0xee/0x2a0 [ 113.679919][ T6344] kernfs_new_node+0x11b/0x1a0 [ 113.679944][ T6344] __kernfs_create_file+0x53/0x350 [ 113.679963][ T6344] sysfs_add_file_mode_ns+0x207/0x3c0 [ 113.679986][ T6344] sysfs_merge_group+0x194/0x340 [ 113.680007][ T6344] ? __pfx_sysfs_merge_group+0x10/0x10 [ 113.680029][ T6344] ? __pfx_dev_add_physical_location+0x10/0x10 [ 113.680046][ T6344] ? bus_to_subsys+0x114/0x150 [ 113.680066][ T6344] dpm_sysfs_add+0x237/0x280 [ 113.680082][ T6344] device_add+0x9ef/0x1950 [ 113.680101][ T6344] ? __pfx_device_add+0x10/0x10 [ 113.680117][ T6344] ? lockdep_init_map_type+0x5c/0x250 [ 113.680136][ T6344] ? __init_waitqueue_head+0xca/0x150 [ 113.680161][ T6344] netdev_register_kobject+0x1a9/0x3d0 [ 113.680186][ T6344] register_netdevice+0x12e0/0x2210 [ 113.680211][ T6344] ? __pfx_register_netdevice+0x10/0x10 [ 113.680238][ T6344] ip6_mroute_setsockopt+0x683/0x36d0 [ 113.680258][ T6344] ? lock_acquire+0x1cf/0x380 [ 113.680279][ T6344] ? __pfx_ip6_mroute_setsockopt+0x10/0x10 [ 113.680302][ T6344] ? perf_trace_sched_stat_runtime+0x560/0x600 [ 113.680322][ T6344] ? lockdep_hardirqs_on+0x78/0x100 [ 113.680344][ T6344] ? rcu_is_watching+0x12/0xc0 [ 113.680364][ T6344] ? trace_sched_exit_tp+0x13a/0x180 [ 113.680381][ T6344] ? __schedule+0x1000/0x6120 [ 113.680399][ T6344] ? __lock_acquire+0x4a5/0x2630 [ 113.680429][ T6344] ? do_ipv6_setsockopt+0x551/0x4400 [ 113.680450][ T6344] do_ipv6_setsockopt+0x551/0x4400 [ 113.680477][ T6344] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 113.680497][ T6344] ? aa_label_sk_perm+0x194/0x5f0 [ 113.680515][ T6344] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 113.680534][ T6344] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 113.680551][ T6344] ? __pfx_futex_wake_mark+0x10/0x10 [ 113.680576][ T6344] ? find_held_lock+0x2b/0x80 [ 113.680589][ T6344] ? futex_wake+0x456/0x530 [ 113.680615][ T6344] ? __pfx___might_resched+0x10/0x10 [ 113.680636][ T6344] ? __lock_acquire+0x4a5/0x2630 [ 113.680655][ T6344] ? aa_sk_perm+0x309/0xaa0 [ 113.680672][ T6344] ? ipv6_setsockopt+0xcb/0x170 [ 113.680692][ T6344] ipv6_setsockopt+0xcb/0x170 [ 113.680716][ T6344] rawv6_setsockopt+0xee/0x5a0 [ 113.680737][ T6344] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 113.680757][ T6344] ? aa_sock_opt_perm+0xfe/0x1b0 [ 113.680777][ T6344] ? sock_common_setsockopt+0x2e/0xf0 [ 113.680808][ T6344] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 113.680832][ T6344] do_sock_setsockopt+0xf3/0x1d0 [ 113.680858][ T6344] __sys_setsockopt+0x119/0x190 [ 113.680881][ T6344] __x64_sys_setsockopt+0xbd/0x160 [ 113.680899][ T6344] ? do_syscall_64+0x95/0xf80 [ 113.680918][ T6344] ? lockdep_hardirqs_on+0x78/0x100 [ 113.680937][ T6344] do_syscall_64+0x106/0xf80 [ 113.680955][ T6344] ? clear_bhb_loop+0x40/0x90 [ 113.680973][ T6344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.680988][ T6344] RIP: 0033:0x7fe6d019c799 [ 113.681002][ T6344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 113.681016][ T6344] RSP: 002b:00007fe6d10cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 113.681031][ T6344] RAX: ffffffffffffffda RBX: 00007fe6d0416090 RCX: 00007fe6d019c799 [ 113.681041][ T6344] RDX: 00000000000000ca RSI: 0000000000000029 RDI: 0400000000000003 [ 113.681051][ T6344] RBP: 00007fe6d0232c99 R08: 0000000000000567 R09: 0000000000000000 [ 113.681060][ T6344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.681068][ T6344] R13: 00007fe6d0416128 R14: 00007fe6d0416090 R15: 00007ffdac053a88 [ 113.681088][ T6344] [ 114.386237][ T6340] Node 0 active_anon:71944kB inactive_anon:33940kB active_file:7112kB inactive_file:200524kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:124716kB dirty:404kB writeback:12kB shmem:60804kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11320kB pagetables:4640kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 114.570273][ T6340] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 114.657362][ T6340] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 114.699420][ T6340] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 114.705251][ T6340] Node 0 DMA32 free:1286828kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:87744kB inactive_anon:32440kB active_file:8312kB inactive_file:199524kB unevictable:1536kB writepending:16kB zspages:0kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:25896kB local_pcp:7944kB free_cma:0kB [ 114.769692][ T6340] lowmem_reserve[]: 0 0 1 1 1 [ 114.786202][ T6340] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 114.829595][ T6340] lowmem_reserve[]: 0 0 0 0 0 [ 114.834385][ T6340] Node 1 Normal free:3946568kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 114.866461][ T6340] lowmem_reserve[]: 0 0 0 0 0 [ 114.871397][ T6340] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 114.912811][ T6340] Node 0 DMA32: 1322*4kB (UE) 620*8kB (UM) 225*16kB (U) 13*32kB (UME) 35*64kB (UE) 16*128kB (UME) 86*256kB (UME) 54*512kB (UM) 26*1024kB (UME) 6*2048kB (UME) 288*4096kB (M) = 1286776kB [ 114.981097][ T6340] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 115.047489][ T6340] Node 1 Normal: 8*4kB (UM) 11*8kB (UM) 11*16kB (UM) 11*32kB (UM) 5*64kB (UM) 5*128kB (UM) 2*256kB (M) 4*512kB (UM) 2*1024kB (UM) 2*2048kB (U) 961*4096kB (M) = 3946568kB [ 115.093087][ T6340] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 115.149122][ T6340] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 115.162757][ T6340] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 115.226757][ T6340] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 115.280677][ T6340] 73813 total pagecache pages [ 115.303179][ T6340] 0 pages in swap cache [ 115.307355][ T6340] Free swap = 124996kB [ 115.358211][ T6340] Total swap = 124996kB [ 115.366371][ T6340] 2097051 pages RAM [ 115.373933][ T6340] 0 pages HighMem/MovableOnly [ 115.381434][ T6340] 430825 pages reserved [ 115.388033][ T6340] 0 pages cma reserved [ 115.616461][ T6354] [U]  [ 115.995363][ T6359] block nbd8: shutting down sockets [ 116.778416][ T6376] zswap: compressor not available [ 117.170641][ T6390] Invalid ELF header magic: != ELF [ 118.188372][ T6198] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 118.395952][ T6394] block nbd8: shutting down sockets [ 119.107369][ T6415] netlink: 'syz.0.82': attribute type 1 has an invalid length. [ 119.458830][ T6414] nfs4: Unknown parameter '' [ 120.511210][ T6436] zram: Added device: zram1 [ 120.607536][ T6426] block nbd8: shutting down sockets [ 122.445234][ T6450] block nbd8: shutting down sockets [ 122.710035][ T6463] block nbd8: Device being setup by another task [ 123.271955][ T6468] [U]  [ 123.510417][ T6462] block nbd8: shutting down sockets [ 125.530139][ T6489] program syz.1.96 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 125.852137][ T6198] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 127.453151][ T6504] Invalid ELF header magic: != ELF [ 128.399632][ T6515] netlink: 'syz.3.101': attribute type 1 has an invalid length. [ 128.617944][ T6520] netlink: 28 bytes leftover after parsing attributes in process `syz.0.102'. [ 128.825362][ T6520] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 128.879994][ T6520] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 128.910310][ T6520] bond0 (unregistering): Released all slaves [ 129.663541][ T6524] block nbd8: shutting down sockets [ 129.734274][ T6537] netlink: 28 bytes leftover after parsing attributes in process `syz.0.106'. [ 132.568891][ T6549] input: jJǸ-9%vJ86 as /devices/virtual/input/input8 [ 132.686337][ T6548] Invalid ELF header magic: != ELF [ 132.831372][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.838492][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.405489][ T6589] zram: Added device: zram2 [ 135.684967][ T6579] block nbd8: shutting down sockets [ 139.041540][ T6615] block nbd8: shutting down sockets [ 140.009038][ T6631] input: jJǸ-9%vJ86 as /devices/virtual/input/input9 [ 141.071507][ T6641] zram: Added device: zram3 [ 141.705589][ T6639] block nbd8: shutting down sockets [ 142.561897][ T6654] Invalid ELF header magic: != ELF [ 142.810049][ T6650] block nbd8: shutting down sockets [ 143.878354][ T6669] block nbd8: shutting down sockets [ 144.705291][ T6682] NFSD: Failed to start, no listeners configured. [ 146.803717][ T6710] Invalid ELF header magic: != ELF [ 146.873395][ T6714] input: jJǸ-9%vJ86 as /devices/virtual/input/input10 [ 147.046139][ T6713] Invalid ELF header magic: != ELF [ 147.417360][ T6727] NFSD: Failed to start, no listeners configured. [ 148.778610][ T6747] netlink: 28 bytes leftover after parsing attributes in process `syz.3.143'. [ 148.977731][ T6738] Invalid ELF header magic: != ELF [ 149.040213][ T6747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 149.049168][ T6735] block nbd8: shutting down sockets [ 149.074066][ T6747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 149.176541][ T6747] bond0 (unregistering): Released all slaves [ 149.977049][ T6757] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 149.997239][ T6750] block nbd8: shutting down sockets [ 150.122360][ T6762] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 150.459723][ T6758] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 151.267259][ T6780] FAULT_INJECTION: forcing a failure. [ 151.267259][ T6780] name failslab, interval 1, probability 0, space 0, times 0 [ 151.290902][ T6780] CPU: 0 UID: 0 PID: 6780 Comm: syz.0.148 Tainted: G L syzkaller #0 PREEMPT(full) [ 151.290945][ T6780] Tainted: [L]=SOFTLOCKUP [ 151.290955][ T6780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 151.290971][ T6780] Call Trace: [ 151.290981][ T6780] [ 151.290990][ T6780] dump_stack_lvl+0x100/0x190 [ 151.291042][ T6780] should_fail_ex.cold+0x5/0xa [ 151.291072][ T6780] should_failslab+0xc2/0x120 [ 151.291099][ T6780] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 151.291136][ T6780] ? alloc_inode+0x183/0x250 [ 151.291181][ T6780] ? find_inode_fast+0x1fa/0x910 [ 151.291221][ T6780] alloc_inode+0x183/0x250 [ 151.291256][ T6780] iget_locked+0x1d9/0x6d0 [ 151.291291][ T6780] ? __pfx_iget_locked+0x10/0x10 [ 151.291321][ T6780] ? kernfs_root+0xee/0x2a0 [ 151.291355][ T6780] ? kernfs_root+0xee/0x2a0 [ 151.291401][ T6780] kernfs_get_inode+0x46/0x470 [ 151.291436][ T6780] kernfs_iop_lookup+0x1a7/0x2d0 [ 151.291475][ T6780] lookup_open.isra.0+0x631/0x11b0 [ 151.291518][ T6780] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 151.291575][ T6780] ? lookup_fast+0x2da/0x600 [ 151.291615][ T6780] path_openat+0xa98/0x31a0 [ 151.291654][ T6780] ? __pfx_path_openat+0x10/0x10 [ 151.291695][ T6780] do_file_open+0x20e/0x430 [ 151.291725][ T6780] ? __pfx_do_file_open+0x10/0x10 [ 151.291779][ T6780] ? alloc_fd+0x476/0x790 [ 151.291810][ T6780] ? do_getname+0x191/0x390 [ 151.291847][ T6780] do_sys_openat2+0x10d/0x1e0 [ 151.291880][ T6780] ? __pfx_do_sys_openat2+0x10/0x10 [ 151.291929][ T6780] __x64_sys_openat+0x12d/0x210 [ 151.291966][ T6780] ? __pfx___x64_sys_openat+0x10/0x10 [ 151.292017][ T6780] do_syscall_64+0x106/0xf80 [ 151.292053][ T6780] ? clear_bhb_loop+0x40/0x90 [ 151.292088][ T6780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.292117][ T6780] RIP: 0033:0x7f268b39c799 [ 151.292148][ T6780] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 151.292182][ T6780] RSP: 002b:00007f268c2d0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 151.292207][ T6780] RAX: ffffffffffffffda RBX: 00007f268b615fa0 RCX: 00007f268b39c799 [ 151.292227][ T6780] RDX: 0000000000141400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 151.292245][ T6780] RBP: 00007f268b432c99 R08: 0000000000000000 R09: 0000000000000000 [ 151.292262][ T6780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.292278][ T6780] R13: 00007f268b616038 R14: 00007f268b615fa0 R15: 00007ffef3e37838 [ 151.292315][ T6780] [ 151.825941][ T6780] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 152.128356][ T6789] input: jJǸ-9%vJ86 as /devices/virtual/input/input14 [ 152.200530][ T6777] block nbd8: shutting down sockets [ 153.400011][ T6802] netlink: 28 bytes leftover after parsing attributes in process `syz.0.154'. [ 154.079023][ T6814] netlink: 330 bytes leftover after parsing attributes in process `syz.0.158'. [ 156.788854][ T6857] netlink: 28 bytes leftover after parsing attributes in process `syz.1.165'. [ 156.934219][ T6857] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 157.047921][ T6857] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 157.109924][ T6857] bond0 (unregistering): Released all slaves [ 163.135921][ T6918] block nbd8: shutting down sockets [ 163.176481][ T6923] Invalid ELF header magic: != ELF [ 164.423617][ T6934] Invalid ELF header magic: != ELF [ 165.680564][ T6944] FAULT_INJECTION: forcing a failure. [ 165.680564][ T6944] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 165.831497][ T6944] CPU: 1 UID: 0 PID: 6944 Comm: syz.3.186 Tainted: G L syzkaller #0 PREEMPT(full) [ 165.831543][ T6944] Tainted: [L]=SOFTLOCKUP [ 165.831553][ T6944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 165.831569][ T6944] Call Trace: [ 165.831577][ T6944] [ 165.831588][ T6944] dump_stack_lvl+0x100/0x190 [ 165.831634][ T6944] should_fail_ex.cold+0x5/0xa [ 165.831662][ T6944] ? prepare_alloc_pages+0x16d/0x5f0 [ 165.831697][ T6944] should_fail_alloc_page+0xeb/0x140 [ 165.831729][ T6944] prepare_alloc_pages+0x1f0/0x5f0 [ 165.831766][ T6944] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 165.831817][ T6944] ? kasan_save_stack+0x3f/0x50 [ 165.831856][ T6944] ? kasan_save_stack+0x30/0x50 [ 165.831900][ T6944] ? kasan_save_track+0x14/0x30 [ 165.831939][ T6944] ? __kasan_slab_alloc+0x89/0x90 [ 165.831963][ T6944] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 165.832001][ T6944] ? ptlock_alloc+0x1f/0x70 [ 165.832033][ T6944] ? pte_alloc_one+0x82/0x3d0 [ 165.832060][ T6944] ? __pte_alloc+0x6d/0x3e0 [ 165.832085][ T6944] ? walk_pgd_range+0xb83/0x1eb0 [ 165.832121][ T6944] ? __walk_page_range+0x163/0x820 [ 165.832158][ T6944] ? walk_page_range_vma_unsafe+0x209/0x8f0 [ 165.832198][ T6944] ? madvise_guard_install+0x43f/0x7c0 [ 165.832227][ T6944] ? madvise_vma_behavior+0x11f1/0x3050 [ 165.832258][ T6944] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 165.832295][ T6944] ? __x64_sys_madvise+0xa9/0x110 [ 165.832325][ T6944] ? do_syscall_64+0x106/0xf80 [ 165.832359][ T6944] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.832391][ T6944] ? look_up_lock_class+0x64/0x120 [ 165.832427][ T6944] ? look_up_lock_class+0x55/0x120 [ 165.832459][ T6944] ? register_lock_class+0x40/0x560 [ 165.832508][ T6944] ? __lock_acquire+0x4a5/0x2630 [ 165.832537][ T6944] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 165.832580][ T6944] ? policy_nodemask+0xed/0x4f0 [ 165.832613][ T6944] alloc_pages_mpol+0x1fb/0x550 [ 165.832643][ T6944] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 165.832671][ T6944] ? do_raw_spin_lock+0x128/0x260 [ 165.832711][ T6944] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 165.832753][ T6944] alloc_pages_noprof+0x131/0x390 [ 165.832783][ T6944] pte_alloc_one+0x1c/0x3d0 [ 165.832812][ T6944] __pte_alloc+0x6d/0x3e0 [ 165.832839][ T6944] ? __pfx___pte_alloc+0x10/0x10 [ 165.832865][ T6944] ? walk_pgd_range+0x139e/0x1eb0 [ 165.832909][ T6944] ? walk_pgd_range+0x139e/0x1eb0 [ 165.832934][ T6944] walk_pgd_range+0xb83/0x1eb0 [ 165.832959][ T6944] ? __pfx_guard_install_set_pte+0x10/0x10 [ 165.832975][ T6944] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 165.832992][ T6944] ? __pfx_guard_install_set_pte+0x10/0x10 [ 165.833009][ T6944] ? __pfx_guard_install_set_pte+0x10/0x10 [ 165.833025][ T6944] ? __pfx_guard_install_set_pte+0x10/0x10 [ 165.833041][ T6944] ? __pfx_walk_pgd_range+0x10/0x10 [ 165.833067][ T6944] __walk_page_range+0x163/0x820 [ 165.833088][ T6944] ? process_measurement+0x4c8/0x2350 [ 165.833117][ T6944] walk_page_range_vma_unsafe+0x209/0x8f0 [ 165.833141][ T6944] ? css_rstat_updated+0x1ce/0x5a0 [ 165.833157][ T6944] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 165.833180][ T6944] ? __pfx_css_rstat_updated+0x10/0x10 [ 165.833205][ T6944] madvise_guard_install+0x43f/0x7c0 [ 165.833226][ T6944] ? __pfx_madvise_guard_install+0x10/0x10 [ 165.833244][ T6944] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 165.833258][ T6944] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 165.833273][ T6944] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 165.833291][ T6944] ? __pfx_guard_install_set_pte+0x10/0x10 [ 165.833307][ T6944] ? __lock_acquire+0x4a5/0x2630 [ 165.833327][ T6944] madvise_vma_behavior+0x11f1/0x3050 [ 165.833347][ T6944] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 165.833363][ T6944] ? reacquire_held_locks+0xce/0x1e0 [ 165.833381][ T6944] ? lock_vma_under_rcu+0x11d/0x590 [ 165.833407][ T6944] ? lock_vma_under_rcu+0x17c/0x590 [ 165.833427][ T6944] ? lock_vma_under_rcu+0x25/0x590 [ 165.833445][ T6944] ? lock_vma_under_rcu+0x1f9/0x590 [ 165.833463][ T6944] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 165.833486][ T6944] ? __futex_wait+0x256/0x300 [ 165.833511][ T6944] madvise_walk_vmas+0x71c/0xa90 [ 165.833531][ T6944] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 165.833548][ T6944] ? futex_hash+0x2c5/0x380 [ 165.833567][ T6944] madvise_do_behavior+0x1ea/0x510 [ 165.833585][ T6944] ? __pfx_madvise_do_behavior+0x10/0x10 [ 165.833601][ T6944] ? futex_wait+0x125/0x380 [ 165.833626][ T6944] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 165.833652][ T6944] do_madvise+0x195/0x240 [ 165.833668][ T6944] ? __pfx_do_madvise+0x10/0x10 [ 165.833684][ T6944] ? do_futex+0x192/0x350 [ 165.833719][ T6944] __x64_sys_madvise+0xa9/0x110 [ 165.833735][ T6944] ? lockdep_hardirqs_on+0x78/0x100 [ 165.833755][ T6944] do_syscall_64+0x106/0xf80 [ 165.833773][ T6944] ? clear_bhb_loop+0x40/0x90 [ 165.833791][ T6944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.833806][ T6944] RIP: 0033:0x7fe6d019c799 [ 165.833820][ T6944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 165.833833][ T6944] RSP: 002b:00007fe6d10cc028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 165.833848][ T6944] RAX: ffffffffffffffda RBX: 00007fe6d0416090 RCX: 00007fe6d019c799 [ 165.833860][ T6944] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 165.833873][ T6944] RBP: 00007fe6d0232c99 R08: 0000000000000000 R09: 0000000000000000 [ 165.833887][ T6944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.833910][ T6944] R13: 00007fe6d0416128 R14: 00007fe6d0416090 R15: 00007ffdac053a88 [ 165.833945][ T6944] [ 167.121005][ T6942] block nbd8: shutting down sockets [ 170.104941][ T6966] NFSD: Failed to start, no listeners configured. [ 171.186170][ T6963] hub 1-0:1.0: USB hub found [ 171.380262][ T6963] hub 1-0:1.0: 1 port detected [ 172.597833][ T6989] Invalid ELF header magic: != ELF [ 174.212377][ T7001] block nbd8: shutting down sockets [ 175.728701][ T7021] block nbd8: shutting down sockets [ 176.010356][ T7016] Invalid ELF header magic: != ELF [ 177.243036][ T30] audit: type=1800 audit(1773568739.757:2): pid=7039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=31261 res=0 errno=0 [ 177.967485][ T7039] could not allocate digest TFM handle [ 178.750521][ T7048] Invalid ELF header magic: != ELF [ 179.089341][ T7061] FAULT_INJECTION: forcing a failure. [ 179.089341][ T7061] name failslab, interval 1, probability 0, space 0, times 0 [ 179.132351][ T7061] CPU: 1 UID: 0 PID: 7061 Comm: syz.2.203 Tainted: G L syzkaller #0 PREEMPT(full) [ 179.132396][ T7061] Tainted: [L]=SOFTLOCKUP [ 179.132406][ T7061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 179.132421][ T7061] Call Trace: [ 179.132430][ T7061] [ 179.132440][ T7061] dump_stack_lvl+0x100/0x190 [ 179.132486][ T7061] should_fail_ex.cold+0x5/0xa [ 179.132518][ T7061] should_failslab+0xc2/0x120 [ 179.132548][ T7061] __kmalloc_cache_noprof+0x7a/0x6f0 [ 179.132581][ T7061] ? trace_pid_list_alloc+0x232/0x480 [ 179.132630][ T7061] trace_pid_list_alloc+0x232/0x480 [ 179.132675][ T7061] trace_pid_write+0x110/0x460 [ 179.132716][ T7061] ? __pfx_trace_pid_write+0x10/0x10 [ 179.132780][ T7061] event_pid_write.isra.0+0x1e4/0x800 [ 179.132827][ T7061] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 179.132882][ T7061] vfs_write+0x2aa/0x1070 [ 179.132923][ T7061] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 179.132971][ T7061] ? __pfx_vfs_write+0x10/0x10 [ 179.133011][ T7061] ? __fget_files+0x215/0x3d0 [ 179.133045][ T7061] ? __fget_files+0x21f/0x3d0 [ 179.133096][ T7061] ksys_write+0x12a/0x250 [ 179.133122][ T7061] ? __pfx_ksys_write+0x10/0x10 [ 179.133160][ T7061] do_syscall_64+0x106/0xf80 [ 179.133197][ T7061] ? clear_bhb_loop+0x40/0x90 [ 179.133231][ T7061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.133261][ T7061] RIP: 0033:0x7fc14859c799 [ 179.133283][ T7061] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 179.133309][ T7061] RSP: 002b:00007fc149396028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 179.133335][ T7061] RAX: ffffffffffffffda RBX: 00007fc148815fa0 RCX: 00007fc14859c799 [ 179.133354][ T7061] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 179.133371][ T7061] RBP: 00007fc148632c99 R08: 0000000000000000 R09: 0000000000000000 [ 179.133388][ T7061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.133404][ T7061] R13: 00007fc148816038 R14: 00007fc148815fa0 R15: 00007fffe2d31428 [ 179.133443][ T7061] [ 181.164491][ T30] audit: type=1800 audit(1773568743.755:3): pid=7070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.204" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 181.809755][ T7076] block nbd8: shutting down sockets [ 182.666501][ T7095] netlink: 28 bytes leftover after parsing attributes in process `syz.0.211'. [ 182.978434][ T7088] Invalid ELF header magic: != ELF [ 187.298043][ T30] audit: type=1800 audit(1773568749.882:4): pid=7136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.217" name="lu_gp_id" dev="configfs" ino=37082 res=0 errno=0 [ 189.500100][ T7151] netlink: 28 bytes leftover after parsing attributes in process `syz.0.221'. [ 190.415797][ T7161] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 190.710008][ T6198] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 191.409511][ T6198] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 191.420160][ T6198] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 191.436862][ T6198] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 191.436881][ T6198] Bluetooth: hci2: Unknown advertising packet type: 0x36 [ 191.443992][ T6198] Bluetooth: hci2: Unknown advertising packet type: 0x39 [ 191.451975][ T6198] Bluetooth: hci2: adv larger than maximum supported [ 191.459085][ T6198] Bluetooth: hci2: Malformed LE Event: 0x0d [ 192.523226][ T7179] Invalid ELF header magic: != ELF [ 194.274790][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.281140][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.452629][ T7208] netlink: 330 bytes leftover after parsing attributes in process `syz.1.230'. [ 195.159628][ T7214] netlink: 28 bytes leftover after parsing attributes in process `syz.0.233'. [ 195.382331][ T7218] netlink: 28 bytes leftover after parsing attributes in process `syz.3.232'. [ 196.888117][ T7226] bond0: invalid ARP target specified [ 196.957588][ T7226] netlink: 28 bytes leftover after parsing attributes in process `syz.2.236'. [ 197.075516][ T7232] FAULT_INJECTION: forcing a failure. [ 197.075516][ T7232] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 197.190606][ T7232] CPU: 1 UID: 0 PID: 7232 Comm: syz.2.236 Tainted: G L syzkaller #0 PREEMPT(full) [ 197.190649][ T7232] Tainted: [L]=SOFTLOCKUP [ 197.190659][ T7232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 197.190686][ T7232] Call Trace: [ 197.190694][ T7232] [ 197.190704][ T7232] dump_stack_lvl+0x100/0x190 [ 197.190751][ T7232] should_fail_ex.cold+0x5/0xa [ 197.190784][ T7232] _copy_from_user+0x2e/0xd0 [ 197.190818][ T7232] bpf_prog_create_from_user+0x109/0x2f0 [ 197.190860][ T7232] ? __pfx_seccomp_check_filter+0x10/0x10 [ 197.190897][ T7232] do_seccomp+0x7f7/0x2740 [ 197.190949][ T7232] ? __pfx_do_seccomp+0x10/0x10 [ 197.190982][ T7232] ? __x64_sys_openat+0x12d/0x210 [ 197.191017][ T7232] ? xfd_validate_state+0x129/0x190 [ 197.191067][ T7232] do_syscall_64+0x106/0xf80 [ 197.191102][ T7232] ? clear_bhb_loop+0x40/0x90 [ 197.191136][ T7232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.191163][ T7232] RIP: 0033:0x7fc14859c799 [ 197.191185][ T7232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 197.191211][ T7232] RSP: 002b:00007fc149375028 EFLAGS: 00000246 ORIG_RAX: 000000000000013d [ 197.191238][ T7232] RAX: ffffffffffffffda RBX: 00007fc148816090 RCX: 00007fc14859c799 [ 197.191256][ T7232] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 197.191273][ T7232] RBP: 00007fc148632c99 R08: 0000000000000000 R09: 0000000000000000 [ 197.191289][ T7232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 197.191305][ T7232] R13: 00007fc148816128 R14: 00007fc148816090 R15: 00007fffe2d31428 [ 197.191345][ T7232] [ 197.593505][ T7226] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 197.709242][ T7226] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 197.875324][ T7224] block nbd8: shutting down sockets [ 197.916049][ T7226] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.045545][ T7226] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.763908][ T7250] netlink: 12 bytes leftover after parsing attributes in process `syz.3.238'. [ 199.466410][ T7249] Invalid ELF header magic: != ELF [ 202.636111][ T7266] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 203.579200][ T7268] block nbd8: shutting down sockets [ 203.869717][ T7283] netlink: 28 bytes leftover after parsing attributes in process `syz.0.243'. [ 204.670555][ T7279] block nbd8: shutting down sockets [ 205.362965][ T7294] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 208.678755][ T6198] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 213.075241][ T6198] Bluetooth: hci1: command 0x0c1a tx timeout [ 213.113534][ T7320] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 214.775942][ T7320] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 214.814248][ T7320] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 214.841917][ T7320] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 215.152034][ T6198] Bluetooth: hci3: command 0x0c1a tx timeout [ 215.447747][ T7343] netlink: 28 bytes leftover after parsing attributes in process `syz.3.254'. [ 216.066207][ T7338] block nbd8: shutting down sockets [ 216.832823][ T6198] Bluetooth: hci2: command 0x0c1a tx timeout [ 216.839545][ T6370] Bluetooth: hci0: command 0x0c1a tx timeout [ 218.680351][ T7346] Invalid ELF header magic: != ELF [ 220.801287][ T7384] Invalid ELF header magic: != ELF [ 221.517161][ T7391] vivid-007: ================= START STATUS ================= [ 221.558004][ T7391] vivid-007: Generate PTS: true [ 221.563525][ T7391] vivid-007: Generate SCR: true [ 221.593225][ T7391] tpg source WxH: 320x240 (Y'CbCr) [ 221.605725][ T7391] tpg field: 1 [ 221.609143][ T7391] tpg crop: (0,0)/320x240 [ 221.613507][ T7391] tpg compose: (0,0)/320x240 [ 221.885116][ T7391] tpg colorspace: 8 [ 222.025405][ T7391] tpg transfer function: 0/0 [ 222.058810][ T7391] tpg Y'CbCr encoding: 0/0 [ 222.070487][ T7391] tpg quantization: 0/0 [ 222.078441][ T7391] tpg RGB range: 0/2 [ 222.260627][ T7391] vivid-007: ================== END STATUS ================== [ 223.317259][ T6198] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 224.826942][ T7413] netlink: 28 bytes leftover after parsing attributes in process `syz.2.266'. [ 225.348592][ T7413] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 225.816075][ T7413] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 226.016963][ T7413] bond0 (unregistering): Released all slaves [ 226.590843][ T7419] Invalid ELF header magic: != ELF [ 226.929128][ T7432] random: crng reseeded on system resumption [ 227.204790][ T7431] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 227.378199][ T7431] pci 0000:00:01.3: PCI INT A: no GSI [ 227.716423][ T30] audit: type=1800 audit(1773568790.272:5): pid=7435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.278" name="trace_pipe" dev="tracefs" ino=1905 res=0 errno=0 [ 229.425093][ T7449] vivid-007: ================= START STATUS ================= [ 229.465294][ T7449] vivid-007: Generate PTS: true [ 229.489213][ T7449] vivid-007: Generate SCR: true [ 229.494145][ T7449] tpg source WxH: 320x240 (Y'CbCr) [ 229.529458][ T7440] syz.0.271 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 229.570100][ T7449] tpg field: 1 [ 229.605687][ T7445] can: request_module (can-proto-0) failed. [ 229.606058][ T7449] tpg crop: (0,0)/320x240 [ 229.639295][ T6198] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 229.660175][ T7449] tpg compose: (0,0)/320x240 [ 229.664790][ T7449] tpg colorspace: 8 [ 229.699324][ T7449] tpg transfer function: 0/0 [ 229.703966][ T7449] tpg Y'CbCr encoding: 0/0 [ 229.721459][ T7449] tpg quantization: 0/0 [ 229.725892][ T7449] tpg RGB range: 0/2 [ 229.729878][ T7449] vivid-007: ================== END STATUS ================== [ 230.768893][ T7460] futex_wake_op: syz.2.273 tries to shift op by -2048; fix this program [ 230.787697][ T7460] futex_wake_op: syz.2.273 tries to shift op by -2048; fix this program [ 230.990532][ T7467] 0x000000000001-0x000000020000 : "" [ 231.113181][ T7467] ftl_cs: FTL header corrupt! [ 231.927067][ T7480] netlink: 12 bytes leftover after parsing attributes in process `syz.0.276'. [ 233.997678][ T7501] netlink: 12 bytes leftover after parsing attributes in process `syz.2.277'. [ 234.591946][ T7499] block nbd8: shutting down sockets [ 235.245786][ T7484] Invalid ELF header magic: != ELF [ 235.585564][ T7514] can: request_module (can-proto-4) failed. [ 236.262696][ T7523] vivid-007: ================= START STATUS ================= [ 236.392945][ T7523] vivid-007: Generate PTS: true [ 236.555568][ T7523] vivid-007: Generate SCR: true [ 236.560504][ T7523] tpg source WxH: 320x240 (Y'CbCr) [ 236.703124][ T7523] tpg field: 1 [ 236.751914][ T7523] tpg crop: (0,0)/320x240 [ 236.817844][ T7523] tpg compose: (0,0)/320x240 [ 236.822463][ T7523] tpg colorspace: 8 [ 236.938664][ T7523] tpg transfer function: 0/0 [ 237.120625][ T7523] tpg Y'CbCr encoding: 0/0 [ 237.369177][ T7523] tpg quantization: 0/0 [ 237.390451][ T7523] tpg RGB range: 0/2 [ 237.465256][ T7523] vivid-007: ================== END STATUS ================== [ 237.663008][ T7536] NFSD: Failed to start, no listeners configured. [ 240.609071][ T7563] netlink: 28 bytes leftover after parsing attributes in process `syz.1.290'. [ 240.630751][ T7563] ipvlan0: entered promiscuous mode [ 240.638561][ T7563] ipvlan0: entered allmulticast mode [ 240.643886][ T7563] veth0_vlan: entered allmulticast mode [ 241.523642][ T7555] zswap: compressor  not available [ 244.440024][ T7590] netlink: 24 bytes leftover after parsing attributes in process `syz.2.293'. [ 245.007013][ T6198] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 250.365020][ T7610] Invalid ELF header magic: != ELF [ 250.689770][ T6198] Bluetooth: hci1: command 0x0c1a tx timeout [ 250.695929][ T7606] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 250.832051][ T7623] FAULT_INJECTION: forcing a failure. [ 250.832051][ T7623] name failslab, interval 1, probability 0, space 0, times 0 [ 250.909480][ T7623] CPU: 1 UID: 0 PID: 7623 Comm: syz.3.299 Tainted: G L syzkaller #0 PREEMPT(full) [ 250.909525][ T7623] Tainted: [L]=SOFTLOCKUP [ 250.909535][ T7623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 250.909555][ T7623] Call Trace: [ 250.909564][ T7623] [ 250.909575][ T7623] dump_stack_lvl+0x100/0x190 [ 250.909621][ T7623] should_fail_ex.cold+0x5/0xa [ 250.909653][ T7623] should_failslab+0xc2/0x120 [ 250.909682][ T7623] __kmalloc_cache_noprof+0x7a/0x6f0 [ 250.909720][ T7623] ? vidtv_psi_service_list_desc_init+0x52/0x550 [ 250.909760][ T7623] vidtv_psi_service_list_desc_init+0x52/0x550 [ 250.909810][ T7623] vidtv_psi_nit_table_init+0x39a/0x5f0 [ 250.909846][ T7623] ? kasan_save_track+0x14/0x30 [ 250.909889][ T7623] vidtv_channel_si_init+0xcd0/0x18d0 [ 250.909939][ T7623] vidtv_mux_init+0x526/0xbf0 [ 250.909981][ T7623] vidtv_start_feed+0x33e/0x4c0 [ 250.910010][ T7623] ? __pfx_vidtv_start_feed+0x10/0x10 [ 250.910041][ T7623] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 250.910079][ T7623] ? mark_held_locks+0x40/0x70 [ 250.910120][ T7623] ? __pfx_vidtv_start_feed+0x10/0x10 [ 250.910149][ T7623] dmx_ts_feed_start_filtering+0xf6/0x220 [ 250.910185][ T7623] dvb_dmxdev_start_feed+0x273/0x3f0 [ 250.910233][ T7623] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 250.910266][ T7623] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 250.910299][ T7623] dvb_demux_do_ioctl+0xe64/0x1200 [ 250.910339][ T7623] dvb_usercopy+0x167/0x340 [ 250.910379][ T7623] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 250.910410][ T7623] ? __pfx_dvb_usercopy+0x10/0x10 [ 250.910466][ T7623] ? __fget_files+0x21f/0x3d0 [ 250.910500][ T7623] dvb_demux_ioctl+0x29/0x40 [ 250.910524][ T7623] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 250.910550][ T7623] __x64_sys_ioctl+0x18e/0x210 [ 250.910591][ T7623] do_syscall_64+0x106/0xf80 [ 250.910626][ T7623] ? clear_bhb_loop+0x40/0x90 [ 250.910661][ T7623] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.910689][ T7623] RIP: 0033:0x7fe6d019c799 [ 250.910712][ T7623] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 250.910738][ T7623] RSP: 002b:00007fe6d10ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.910772][ T7623] RAX: ffffffffffffffda RBX: 00007fe6d0415fa0 RCX: 00007fe6d019c799 [ 250.910791][ T7623] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 250.910814][ T7623] RBP: 00007fe6d0232c99 R08: 0000000000000000 R09: 0000000000000000 [ 250.910831][ T7623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.910847][ T7623] R13: 00007fe6d0416038 R14: 00007fe6d0415fa0 R15: 00007ffdac053a88 [ 250.910886][ T7623] [ 251.398617][ T7606] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 251.405652][ T7606] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 251.411866][ T7606] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 252.770735][ T6370] Bluetooth: hci3: command 0x0c1a tx timeout [ 252.804346][ T7634] block nbd8: shutting down sockets [ 253.571598][ T6370] Bluetooth: hci2: command 0x0c1a tx timeout [ 253.577732][ T6198] Bluetooth: hci0: command 0x0c1a tx timeout [ 253.637537][ T6370] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 255.737252][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.744071][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.918607][ T7659] zswap: compressor not available [ 257.242442][ T7672] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 257.900209][ T30] audit: type=1800 audit(1773568820.457:6): pid=7689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=116485 res=0 errno=0 [ 257.986373][ T7694] can: request_module (can-proto-0) failed. [ 258.288899][ T7689] could not allocate digest TFM handle [ 260.362929][ T7717] netlink: 4 bytes leftover after parsing attributes in process `syz.2.315'. [ 260.394027][ T7717] netlink: 354 bytes leftover after parsing attributes in process `syz.2.315'. [ 262.035716][ T7723] block nbd8: shutting down sockets [ 262.616622][ T6370] Bluetooth: hci1: command 0x0c1a tx timeout [ 262.624085][ T7719] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 264.370462][ T7719] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 264.435373][ T7719] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 264.446197][ T7719] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 264.465208][ T7719] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 264.808216][ T7757] input: f as /devices/virtual/input/input16 [ 264.856772][ T6370] Bluetooth: hci1: command 0x0c1a tx timeout [ 265.108117][ T7757] zram: Removed device: zram0 [ 265.589461][ T7766] Invalid ELF header magic: != ELF [ 265.610460][ T7774] FAULT_INJECTION: forcing a failure. [ 265.610460][ T7774] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 265.802632][ T7774] CPU: 0 UID: 0 PID: 7774 Comm: syz.0.324 Tainted: G L syzkaller #0 PREEMPT(full) [ 265.802677][ T7774] Tainted: [L]=SOFTLOCKUP [ 265.802688][ T7774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 265.802703][ T7774] Call Trace: [ 265.802712][ T7774] [ 265.802722][ T7774] dump_stack_lvl+0x100/0x190 [ 265.802769][ T7774] should_fail_ex.cold+0x5/0xa [ 265.802796][ T7774] ? prepare_alloc_pages+0x16d/0x5f0 [ 265.802841][ T7774] should_fail_alloc_page+0xeb/0x140 [ 265.802874][ T7774] prepare_alloc_pages+0x1f0/0x5f0 [ 265.802905][ T7774] ? arch_stack_walk+0xa6/0xf0 [ 265.802937][ T7774] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 265.802986][ T7774] ? stack_trace_save+0x8e/0xc0 [ 265.803014][ T7774] ? __pfx_stack_trace_save+0x10/0x10 [ 265.803042][ T7774] ? stack_depot_save_flags+0x27/0x9d0 [ 265.803082][ T7774] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 265.803122][ T7774] ? kasan_save_stack+0x3f/0x50 [ 265.803161][ T7774] ? kasan_save_stack+0x30/0x50 [ 265.803199][ T7774] ? kasan_save_track+0x14/0x30 [ 265.803238][ T7774] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 265.803277][ T7774] ? walk_pgd_range+0x896/0x1eb0 [ 265.803314][ T7774] ? __walk_page_range+0x163/0x820 [ 265.803352][ T7774] ? walk_page_range_vma_unsafe+0x209/0x8f0 [ 265.803393][ T7774] ? madvise_guard_install+0x43f/0x7c0 [ 265.803423][ T7774] ? madvise_vma_behavior+0x11f1/0x3050 [ 265.803453][ T7774] ? madvise_walk_vmas+0x71c/0xa90 [ 265.803482][ T7774] ? madvise_do_behavior+0x1ea/0x510 [ 265.803511][ T7774] ? do_madvise+0x195/0x240 [ 265.803538][ T7774] ? __x64_sys_madvise+0xa9/0x110 [ 265.803583][ T7774] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 265.803629][ T7774] ? policy_nodemask+0xed/0x4f0 [ 265.803661][ T7774] alloc_pages_mpol+0x1fb/0x550 [ 265.803692][ T7774] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 265.803731][ T7774] alloc_pages_noprof+0x131/0x390 [ 265.803763][ T7774] pte_alloc_one+0x1c/0x3d0 [ 265.803793][ T7774] __pte_alloc+0x6d/0x3e0 [ 265.803830][ T7774] ? __pfx___pte_alloc+0x10/0x10 [ 265.803859][ T7774] ? _raw_spin_unlock+0x28/0x50 [ 265.803894][ T7774] ? __pmd_alloc+0x3fb/0x950 [ 265.803930][ T7774] walk_pgd_range+0xb83/0x1eb0 [ 265.803975][ T7774] ? __pfx_guard_install_set_pte+0x10/0x10 [ 265.804003][ T7774] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 265.804040][ T7774] ? __pfx_guard_install_set_pte+0x10/0x10 [ 265.804073][ T7774] ? __pfx_guard_install_set_pte+0x10/0x10 [ 265.804101][ T7774] ? __pfx_guard_install_set_pte+0x10/0x10 [ 265.804128][ T7774] ? __pfx_walk_pgd_range+0x10/0x10 [ 265.804173][ T7774] __walk_page_range+0x163/0x820 [ 265.804209][ T7774] ? process_measurement+0x4c8/0x2350 [ 265.804262][ T7774] walk_page_range_vma_unsafe+0x209/0x8f0 [ 265.804308][ T7774] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 265.804349][ T7774] ? __pfx_css_rstat_updated+0x10/0x10 [ 265.804376][ T7774] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 265.804421][ T7774] madvise_guard_install+0x43f/0x7c0 [ 265.804458][ T7774] ? __pfx_madvise_guard_install+0x10/0x10 [ 265.804492][ T7774] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 265.804520][ T7774] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 265.804548][ T7774] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 265.804582][ T7774] ? __pfx_guard_install_set_pte+0x10/0x10 [ 265.804621][ T7774] ? __lock_acquire+0x4a5/0x2630 [ 265.804660][ T7774] madvise_vma_behavior+0x11f1/0x3050 [ 265.804698][ T7774] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 265.804730][ T7774] ? reacquire_held_locks+0xce/0x1e0 [ 265.804764][ T7774] ? lock_vma_under_rcu+0x11d/0x590 [ 265.804816][ T7774] ? lock_vma_under_rcu+0x17c/0x590 [ 265.804859][ T7774] ? lock_vma_under_rcu+0x25/0x590 [ 265.804893][ T7774] ? lock_vma_under_rcu+0x1f9/0x590 [ 265.804927][ T7774] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 265.804972][ T7774] ? __futex_wait+0x256/0x300 [ 265.805017][ T7774] madvise_walk_vmas+0x71c/0xa90 [ 265.805054][ T7774] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 265.805085][ T7774] ? find_held_lock+0x2b/0x80 [ 265.805116][ T7774] madvise_do_behavior+0x1ea/0x510 [ 265.805151][ T7774] ? __pfx_madvise_do_behavior+0x10/0x10 [ 265.805182][ T7774] ? futex_wait+0x125/0x380 [ 265.805231][ T7774] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 265.805280][ T7774] do_madvise+0x195/0x240 [ 265.805309][ T7774] ? __pfx_do_madvise+0x10/0x10 [ 265.805340][ T7774] ? do_futex+0x192/0x350 [ 265.805380][ T7774] ? find_held_lock+0x2b/0x80 [ 265.805432][ T7774] __x64_sys_madvise+0xa9/0x110 [ 265.805464][ T7774] ? lockdep_hardirqs_on+0x78/0x100 [ 265.805501][ T7774] do_syscall_64+0x106/0xf80 [ 265.805537][ T7774] ? clear_bhb_loop+0x40/0x90 [ 265.805571][ T7774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.805599][ T7774] RIP: 0033:0x7f268b39c799 [ 265.805623][ T7774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 265.805648][ T7774] RSP: 002b:00007f268c2af028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 265.805674][ T7774] RAX: ffffffffffffffda RBX: 00007f268b616090 RCX: 00007f268b39c799 [ 265.805692][ T7774] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 265.805708][ T7774] RBP: 00007f268b432c99 R08: 0000000000000000 R09: 0000000000000000 [ 265.805724][ T7774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.805740][ T7774] R13: 00007f268b616128 R14: 00007f268b616090 R15: 00007ffef3e37838 [ 265.805778][ T7774] [ 267.678718][ T7758] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 267.686062][ T6370] Bluetooth: hci0: command 0x0c1a tx timeout [ 267.692126][ T6370] Bluetooth: hci2: command 0x0c1a tx timeout [ 267.698362][ T6370] Bluetooth: hci1: command 0x0c1a tx timeout [ 267.884196][ T7758] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 267.896205][ T7758] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 267.908941][ T7758] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 269.744126][ T6370] Bluetooth: hci3: command 0x0c1a tx timeout [ 269.981794][ T6370] Bluetooth: hci2: command 0x0c1a tx timeout [ 269.987857][ T6370] Bluetooth: hci0: command 0x0c1a tx timeout [ 272.988205][ T7824] block nbd8: shutting down sockets [ 273.381704][ T7833] netlink: 28 bytes leftover after parsing attributes in process `syz.1.333'. [ 273.880887][ T7833] team0: Port device team_slave_0 removed [ 275.043818][ T7842] block nbd8: shutting down sockets [ 277.505274][ T6370] Bluetooth: hci1: command 0x0c1a tx timeout [ 277.505356][ T7852] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 278.912422][ T7852] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 278.912566][ T7852] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 278.912679][ T7852] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 279.584463][ T6370] Bluetooth: hci3: command 0x0c1a tx timeout [ 280.080880][ T7872] zswap: compressor not available [ 280.406323][ T7876] block nbd8: shutting down sockets [ 280.782676][ T7888] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input17 [ 281.025085][ T6370] Bluetooth: hci0: command 0x0c1a tx timeout [ 281.031145][ T6370] Bluetooth: hci2: command 0x0c1a tx timeout [ 281.095546][ T7896] ptrace attach of "./syz-executor exec"[5822] was attempted by ""[7896] [ 281.805450][ T7905] block nbd8: Device being setup by another task [ 282.491439][ T7903] block nbd8: shutting down sockets [ 285.444537][ T7930] block nbd8: shutting down sockets [ 288.049582][ T7965] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input18 [ 288.295681][ T7965] FAULT_INJECTION: forcing a failure. [ 288.295681][ T7965] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 288.319861][ T7958] GUP no longer grows the stack in syz.1.355 (7958): 14000-401000 (4000) [ 288.366148][ T7965] CPU: 1 UID: 0 PID: 7965 Comm: syz.0.357 Tainted: G L syzkaller #0 PREEMPT(full) [ 288.366200][ T7965] Tainted: [L]=SOFTLOCKUP [ 288.366209][ T7965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 288.366225][ T7965] Call Trace: [ 288.366234][ T7965] [ 288.366244][ T7965] dump_stack_lvl+0x100/0x190 [ 288.366290][ T7965] should_fail_ex.cold+0x5/0xa [ 288.366316][ T7965] ? prepare_alloc_pages+0x16d/0x5f0 [ 288.366350][ T7965] should_fail_alloc_page+0xeb/0x140 [ 288.366382][ T7965] prepare_alloc_pages+0x1f0/0x5f0 [ 288.366419][ T7965] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 288.366464][ T7965] ? rcu_is_watching+0x12/0xc0 [ 288.366504][ T7965] ? trace_mm_page_alloc+0x17a/0x1d0 [ 288.366536][ T7965] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 288.366582][ T7965] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 288.366629][ T7965] ? find_held_lock+0x2b/0x80 [ 288.366653][ T7965] ? is_bpf_text_address+0x8a/0x1a0 [ 288.366691][ T7965] ? is_bpf_text_address+0x8a/0x1a0 [ 288.366734][ T7965] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 288.366764][ T7965] ? is_bpf_text_address+0x94/0x1a0 [ 288.366803][ T7965] ? kernel_text_address+0x8d/0x100 [ 288.366841][ T7965] ? __kernel_text_address+0xd/0x30 [ 288.366878][ T7965] ? unwind_get_return_address+0x59/0xa0 [ 288.366921][ T7965] alloc_pages_bulk_noprof+0x782/0x1490 [ 288.366976][ T7965] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 288.367019][ T7965] ? kasan_save_stack+0x30/0x50 [ 288.367068][ T7965] ? alloc_pages_noprof+0x233/0x390 [ 288.367100][ T7965] __kasan_populate_vmalloc+0xf0/0x210 [ 288.367147][ T7965] alloc_vmap_area+0x95d/0x2bd0 [ 288.367197][ T7965] ? __pfx_alloc_vmap_area+0x10/0x10 [ 288.367237][ T7965] __get_vm_area_node+0x1ca/0x330 [ 288.367275][ T7965] __vmalloc_node_range_noprof+0x213/0x1530 [ 288.367311][ T7965] ? kernel_clone+0xfc/0x9a0 [ 288.367351][ T7965] ? kernel_clone+0xfc/0x9a0 [ 288.367392][ T7965] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 288.367436][ T7965] ? rcu_is_watching+0x12/0xc0 [ 288.367475][ T7965] ? trace_kmem_cache_alloc+0xf3/0x120 [ 288.367506][ T7965] ? kernel_clone+0xfc/0x9a0 [ 288.367535][ T7965] __vmalloc_node_noprof+0xad/0xf0 [ 288.367568][ T7965] ? kernel_clone+0xfc/0x9a0 [ 288.367601][ T7965] copy_process+0x5ec/0x7a10 [ 288.367634][ T7965] ? __pfx___futex_wait+0x10/0x10 [ 288.367672][ T7965] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 288.367707][ T7965] ? lockdep_hardirqs_on+0x78/0x100 [ 288.367755][ T7965] ? __pfx_copy_process+0x10/0x10 [ 288.367787][ T7965] ? find_held_lock+0x2b/0x80 [ 288.367827][ T7965] kernel_clone+0xfc/0x9a0 [ 288.367855][ T7965] ? __pfx_futex_wait+0x10/0x10 [ 288.367896][ T7965] ? __pfx_kernel_clone+0x10/0x10 [ 288.367946][ T7965] __do_sys_clone+0xd9/0x120 [ 288.367977][ T7965] ? __pfx___do_sys_clone+0x10/0x10 [ 288.368027][ T7965] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 288.368060][ T7965] ? syscall_user_dispatch+0x76/0x130 [ 288.368101][ T7965] do_syscall_64+0x106/0xf80 [ 288.368137][ T7965] ? clear_bhb_loop+0x40/0x90 [ 288.368171][ T7965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.368205][ T7965] RIP: 0033:0x7f268b39c799 [ 288.368228][ T7965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 288.368254][ T7965] RSP: 002b:00007f268c2af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 288.368280][ T7965] RAX: ffffffffffffffda RBX: 00007f268b616090 RCX: 00007f268b39c799 [ 288.368298][ T7965] RDX: 0000200000000080 RSI: 000000000000000b RDI: 0000000000000008 [ 288.368314][ T7965] RBP: 00007f268b432c99 R08: 0000000000000002 R09: 0000000000000000 [ 288.368331][ T7965] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 288.368347][ T7965] R13: 00007f268b616128 R14: 00007f268b616090 R15: 00007ffef3e37838 [ 288.368380][ T7965] [ 288.749086][ T7958] CPU: 1 UID: 0 PID: 7958 Comm: syz.1.355 Tainted: G L syzkaller #0 PREEMPT(full) [ 288.749131][ T7958] Tainted: [L]=SOFTLOCKUP [ 288.749141][ T7958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 288.749157][ T7958] Call Trace: [ 288.749166][ T7958] [ 288.749176][ T7958] dump_stack_lvl+0x100/0x190 [ 288.749222][ T7958] gup_vma_lookup.cold+0x83/0x96 [ 288.749262][ T7958] __get_user_pages+0x241/0x34d0 [ 288.749304][ T7958] ? down_read_killable+0x30e/0x4c0 [ 288.749347][ T7958] ? __lock_acquire+0x4a5/0x2630 [ 288.749381][ T7958] ? __pfx___get_user_pages+0x10/0x10 [ 288.749422][ T7958] __gup_longterm_locked+0x87d/0x16f0 [ 288.749467][ T7958] ? __pfx___gup_longterm_locked+0x10/0x10 [ 288.749503][ T7958] ? try_get_folio+0x262/0x750 [ 288.749530][ T7958] ? find_held_lock+0x2b/0x80 [ 288.749556][ T7958] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 288.749593][ T7958] gup_fast_fallback+0x18c6/0x2460 [ 288.749659][ T7958] ? __pfx_gup_fast_fallback+0x10/0x10 [ 288.749693][ T7958] ? __lock_acquire+0x4a5/0x2630 [ 288.749726][ T7958] ? bio_associate_blkg_from_css+0xe33/0x13f0 [ 288.749761][ T7958] ? bio_associate_blkg+0x10c/0x2a0 [ 288.749797][ T7958] ? pcpu_block_update+0x20b/0x690 [ 288.749838][ T7958] pin_user_pages_fast+0xa7/0xf0 [ 288.749869][ T7958] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 288.749899][ T7958] ? find_held_lock+0x2b/0x80 [ 288.749923][ T7958] ? __debug_object_init+0x2de/0x3d0 [ 288.749962][ T7958] ? __debug_object_init+0x2de/0x3d0 [ 288.750005][ T7958] iov_iter_extract_pages+0xa0d/0x1ef0 [ 288.750048][ T7958] ? __lock_acquire+0x4a5/0x2630 [ 288.750081][ T7958] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 288.750118][ T7958] ? __lock_acquire+0x4a5/0x2630 [ 288.750157][ T7958] iov_iter_extract_bvecs+0x10e/0xf40 [ 288.750193][ T7958] ? find_held_lock+0x2b/0x80 [ 288.750219][ T7958] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 288.750259][ T7958] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 288.750295][ T7958] ? bio_associate_blkg_from_css+0x550/0x13f0 [ 288.750340][ T7958] bio_iov_iter_get_pages+0x26a/0x970 [ 288.750384][ T7958] __blkdev_direct_IO_simple+0x3a7/0x890 [ 288.750431][ T7958] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 288.750502][ T7958] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 288.750535][ T7958] ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300 [ 288.750580][ T7958] blkdev_direct_IO+0xc76/0x1fb0 [ 288.750634][ T7958] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 288.750690][ T7958] ? rcu_is_watching+0x12/0xc0 [ 288.750731][ T7958] ? __mark_inode_dirty+0x55c/0x1790 [ 288.750767][ T7958] ? filemap_check_errors+0xa9/0x150 [ 288.750807][ T7958] blkdev_write_iter+0x703/0xd70 [ 288.750852][ T7958] vfs_write+0x6ac/0x1070 [ 288.750893][ T7958] ? __pfx_blkdev_write_iter+0x10/0x10 [ 288.750935][ T7958] ? __pfx_vfs_write+0x10/0x10 [ 288.750973][ T7958] ? find_held_lock+0x2b/0x80 [ 288.751022][ T7958] ksys_write+0x12a/0x250 [ 288.751048][ T7958] ? __pfx_ksys_write+0x10/0x10 [ 288.751083][ T7958] do_syscall_64+0x106/0xf80 [ 288.751119][ T7958] ? clear_bhb_loop+0x40/0x90 [ 288.751152][ T7958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.751181][ T7958] RIP: 0033:0x7f4a4199c799 [ 288.751204][ T7958] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 288.751231][ T7958] RSP: 002b:00007f4a428b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 288.751257][ T7958] RAX: ffffffffffffffda RBX: 00007f4a41c15fa0 RCX: 00007f4a4199c799 [ 288.751274][ T7958] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000004 [ 288.751292][ T7958] RBP: 00007f4a41a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 288.751308][ T7958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 288.751324][ T7958] R13: 00007f4a41c16038 R14: 00007f4a41c15fa0 R15: 00007ffcb3bfb078 [ 288.751362][ T7958] [ 289.653602][ T7965] syz.0.357: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 289.721182][ T7965] CPU: 1 UID: 0 PID: 7965 Comm: syz.0.357 Tainted: G L syzkaller #0 PREEMPT(full) [ 289.721230][ T7965] Tainted: [L]=SOFTLOCKUP [ 289.721240][ T7965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 289.721256][ T7965] Call Trace: [ 289.721264][ T7965] [ 289.721274][ T7965] dump_stack_lvl+0x100/0x190 [ 289.721323][ T7965] warn_alloc.cold+0x95/0x1c1 [ 289.721369][ T7965] ? __pfx_warn_alloc+0x10/0x10 [ 289.721406][ T7965] ? lockdep_hardirqs_on+0x78/0x100 [ 289.721449][ T7965] ? __get_vm_area_node+0x2c5/0x330 [ 289.721490][ T7965] ? __get_vm_area_node+0x208/0x330 [ 289.721529][ T7965] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 289.721581][ T7965] ? kernel_clone+0xfc/0x9a0 [ 289.721624][ T7965] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 289.721668][ T7965] ? rcu_is_watching+0x12/0xc0 [ 289.721710][ T7965] ? trace_kmem_cache_alloc+0xf3/0x120 [ 289.721743][ T7965] ? kernel_clone+0xfc/0x9a0 [ 289.721773][ T7965] __vmalloc_node_noprof+0xad/0xf0 [ 289.721806][ T7965] ? kernel_clone+0xfc/0x9a0 [ 289.721840][ T7965] copy_process+0x5ec/0x7a10 [ 289.721873][ T7965] ? __pfx___futex_wait+0x10/0x10 [ 289.721911][ T7965] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 289.721946][ T7965] ? lockdep_hardirqs_on+0x78/0x100 [ 289.721993][ T7965] ? __pfx_copy_process+0x10/0x10 [ 289.722025][ T7965] ? find_held_lock+0x2b/0x80 [ 289.722065][ T7965] kernel_clone+0xfc/0x9a0 [ 289.722093][ T7965] ? __pfx_futex_wait+0x10/0x10 [ 289.722134][ T7965] ? __pfx_kernel_clone+0x10/0x10 [ 289.722185][ T7965] __do_sys_clone+0xd9/0x120 [ 289.722218][ T7965] ? __pfx___do_sys_clone+0x10/0x10 [ 289.722268][ T7965] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 289.722305][ T7965] ? syscall_user_dispatch+0x76/0x130 [ 289.722348][ T7965] do_syscall_64+0x106/0xf80 [ 289.722384][ T7965] ? clear_bhb_loop+0x40/0x90 [ 289.722418][ T7965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.722446][ T7965] RIP: 0033:0x7f268b39c799 [ 289.722469][ T7965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.722496][ T7965] RSP: 002b:00007f268c2af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 289.722522][ T7965] RAX: ffffffffffffffda RBX: 00007f268b616090 RCX: 00007f268b39c799 [ 289.722541][ T7965] RDX: 0000200000000080 RSI: 000000000000000b RDI: 0000000000000008 [ 289.722558][ T7965] RBP: 00007f268b432c99 R08: 0000000000000002 R09: 0000000000000000 [ 289.722603][ T7965] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 289.722621][ T7965] R13: 00007f268b616128 R14: 00007f268b616090 R15: 00007ffef3e37838 [ 289.722659][ T7965] [ 289.722999][ T7965] Mem-Info: [ 290.088061][ T7965] active_anon:28233 inactive_anon:4 isolated_anon:0 [ 290.088061][ T7965] active_file:12616 inactive_file:40858 isolated_file:0 [ 290.088061][ T7965] unevictable:768 dirty:862 writeback:3 [ 290.088061][ T7965] slab_reclaimable:15682 slab_unreclaimable:92737 [ 290.088061][ T7965] mapped:30225 shmem:2937 pagetables:1290 [ 290.088061][ T7965] sec_pagetables:0 bounce:0 [ 290.088061][ T7965] kernel_misc_reclaimable:0 [ 290.088061][ T7965] free:1303969 free_pcp:8830 free_cma:0 [ 290.283936][ T7965] Node 0 active_anon:114332kB inactive_anon:16kB active_file:50464kB inactive_file:163232kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121700kB dirty:3448kB writeback:12kB shmem:11812kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11336kB pagetables:4924kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 290.316693][ T7965] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 290.348195][ T7965] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 290.380252][ T7965] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 290.386147][ T7965] Node 0 DMA32 free:1254864kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:114632kB inactive_anon:16kB active_file:50464kB inactive_file:163232kB unevictable:1536kB writepending:3460kB zspages:508kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:31168kB local_pcp:21084kB free_cma:0kB [ 290.422854][ T7965] lowmem_reserve[]: 0 0 1 1 1 [ 290.427625][ T7965] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:8kB free_cma:0kB [ 290.569753][ T7965] lowmem_reserve[]: 0 0 0 0 0 [ 290.574546][ T7965] Node 1 Normal free:3945648kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:2952kB local_pcp:2568kB free_cma:0kB [ 290.751230][ T7965] lowmem_reserve[]: 0 0 0 0 0 [ 290.762221][ T7965] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 290.812056][ T7965] Node 0 DMA32: 2825*4kB (UME) 1382*8kB (UME) 1208*16kB (UME) 1127*32kB (UME) 569*64kB (UME) 374*128kB (UME) 112*256kB (UME) 40*512kB (UM) 15*1024kB (UME) 11*2048kB (UM) 245*4096kB (UM) = 1252596kB [ 290.902604][ T7965] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 290.953742][ T7965] Node 1 Normal: 11*4kB (UM) 18*8kB (UM) 15*16kB (UM) 14*32kB (UM) 7*64kB (UM) 5*128kB (UM) 2*256kB (M) 6*512kB (UM) 4*1024kB (UM) 4*2048kB (UM) 959*4096kB (M) = 3945900kB [ 291.004964][ T7986] netlink: 28 bytes leftover after parsing attributes in process `syz.1.359'. [ 291.019894][ T7965] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 291.061476][ T7965] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 291.091631][ T7965] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 291.142312][ T7965] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 291.172306][ T7965] 59149 total pagecache pages [ 291.182688][ T7965] 12 pages in swap cache [ 291.202851][ T7965] Free swap = 124812kB [ 291.226544][ T7965] Total swap = 124996kB [ 291.243202][ T7965] 2097051 pages RAM [ 291.283287][ T7965] 0 pages HighMem/MovableOnly [ 291.315427][ T7965] 430825 pages reserved [ 291.361913][ T7965] 0 pages cma reserved [ 294.787283][ T8020] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 295.972103][ T7994] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 297.507933][ T8041] block nbd8: shutting down sockets [ 297.793515][ T8050] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 297.972623][ T8050] FAULT_INJECTION: forcing a failure. [ 297.972623][ T8050] name failslab, interval 1, probability 0, space 0, times 0 [ 298.038829][ T8050] CPU: 1 UID: 0 PID: 8050 Comm: syz.2.370 Tainted: G L syzkaller #0 PREEMPT(full) [ 298.038873][ T8050] Tainted: [L]=SOFTLOCKUP [ 298.038884][ T8050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 298.038899][ T8050] Call Trace: [ 298.038908][ T8050] [ 298.038918][ T8050] dump_stack_lvl+0x100/0x190 [ 298.038962][ T8050] should_fail_ex.cold+0x5/0xa [ 298.038994][ T8050] should_failslab+0xc2/0x120 [ 298.039023][ T8050] __kmalloc_node_noprof+0xe6/0x850 [ 298.039062][ T8050] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 298.039103][ T8050] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 298.039135][ T8050] ? find_held_lock+0x2b/0x80 [ 298.039159][ T8050] ? local_lock_release+0x99/0x130 [ 298.039197][ T8050] ? kernel_clone+0xfc/0x9a0 [ 298.039227][ T8050] ? find_held_lock+0x2b/0x80 [ 298.039252][ T8050] ? rcu_read_unlock+0x17/0x60 [ 298.039281][ T8050] ? obj_cgroup_charge_account+0x46d/0x640 [ 298.039311][ T8050] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 298.039345][ T8050] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 298.039381][ T8050] ? rcu_is_watching+0x12/0xc0 [ 298.039419][ T8050] ? trace_kmem_cache_alloc+0xf3/0x120 [ 298.039449][ T8050] ? kernel_clone+0xfc/0x9a0 [ 298.039477][ T8050] __vmalloc_node_noprof+0xad/0xf0 [ 298.039510][ T8050] ? kernel_clone+0xfc/0x9a0 [ 298.039541][ T8050] copy_process+0x5ec/0x7a10 [ 298.039571][ T8050] ? preempt_schedule_thunk+0x16/0x30 [ 298.039609][ T8050] ? try_to_wake_up+0x644/0x1a80 [ 298.039641][ T8050] ? __pfx_copy_process+0x10/0x10 [ 298.039670][ T8050] ? find_held_lock+0x2b/0x80 [ 298.039701][ T8050] ? futex_private_hash_put+0x107/0x1c0 [ 298.039738][ T8050] kernel_clone+0xfc/0x9a0 [ 298.039771][ T8050] ? __pfx_kernel_clone+0x10/0x10 [ 298.039830][ T8050] __do_sys_clone+0xd9/0x120 [ 298.039862][ T8050] ? __pfx___do_sys_clone+0x10/0x10 [ 298.039910][ T8050] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 298.039947][ T8050] ? syscall_user_dispatch+0x76/0x130 [ 298.039989][ T8050] do_syscall_64+0x106/0xf80 [ 298.040024][ T8050] ? clear_bhb_loop+0x40/0x90 [ 298.040057][ T8050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.040085][ T8050] RIP: 0033:0x7fc14859c799 [ 298.040108][ T8050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 298.040132][ T8050] RSP: 002b:00007fc149375028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 298.040157][ T8050] RAX: ffffffffffffffda RBX: 00007fc148816090 RCX: 00007fc14859c799 [ 298.040175][ T8050] RDX: 0000200000000080 RSI: 000000000000000b RDI: 0000000000000008 [ 298.040191][ T8050] RBP: 00007fc148632c99 R08: 0000000000000002 R09: 0000000000000000 [ 298.040207][ T8050] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 298.040223][ T8050] R13: 00007fc148816128 R14: 00007fc148816090 R15: 00007fffe2d31428 [ 298.040259][ T8050] [ 300.120199][ T8066] futex_wake_op: syz.3.373 tries to shift op by -2048; fix this program [ 300.993752][ T30] audit: type=1807 audit(1773568863.526:7): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 301.059456][ T30] audit: type=1802 audit(1773568863.526:8): pid=8074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.374" res=0 errno=0 [ 301.828772][ T8069] ima: policy update failed [ 301.865735][ T30] audit: type=1802 audit(1773568864.365:9): pid=8069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.374" res=0 errno=0 [ 303.324819][ T8085] netlink: 330 bytes leftover after parsing attributes in process `syz.1.378'. [ 308.510339][ T8124] netlink: 116 bytes leftover after parsing attributes in process `syz.3.383'. [ 308.639120][ T8133] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 309.877576][ T8152] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 310.272717][ T8146] block nbd8: shutting down sockets [ 311.331072][ T8164] ptrace attach of "./syz-executor exec"[5821] was attempted by ""[8164] [ 313.734895][ T8177] random: crng reseeded on system resumption [ 314.705958][ T8181] device-mapper: ioctl: Unable to rename non-existent device,  to [ 317.027276][ T8190] block nbd8: shutting down sockets [ 317.207850][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.214282][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.505729][ T8201] block nbd8: shutting down sockets [ 319.068719][ T8208] netlink: 28 bytes leftover after parsing attributes in process `syz.1.398'. [ 320.732268][ T30] audit: type=1807 audit(1773569906.263:10): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 320.757382][ T30] audit: type=1802 audit(1773569906.263:11): pid=8227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.402" res=0 errno=0 [ 321.536920][ T8221] ima: policy update failed [ 321.545383][ T30] audit: type=1802 audit(1773569907.073:12): pid=8221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.402" res=0 errno=0 [ 325.860142][ T8254] nbd: socks must be embedded in a SOCK_ITEM attr [ 325.992576][ T8254] block nbd0: shutting down sockets [ 328.079270][ T8263] netlink: 'syz.0.409': attribute type 10 has an invalid length. [ 328.087017][ T8263] netlink: 330 bytes leftover after parsing attributes in process `syz.0.409'. [ 328.399638][ T8267] block nbd8: shutting down sockets [ 334.060456][ T8305] block nbd8: shutting down sockets [ 334.463922][ T6370] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 335.371132][ T8321] ------------[ cut here ]------------ [ 335.377063][ T8321] !reader [ 335.377083][ T8321] WARNING: kernel/trace/ring_buffer.c:7407 at ring_buffer_map_get_reader+0x659/0x880, CPU#1: syz.2.418/8321 [ 335.391535][ T8321] Modules linked in: [ 335.396083][ T8321] CPU: 1 UID: 0 PID: 8321 Comm: syz.2.418 Tainted: G L syzkaller #0 PREEMPT(full) [ 335.406887][ T8321] Tainted: [L]=SOFTLOCKUP [ 335.411217][ T8321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 335.421282][ T8321] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 335.427821][ T8321] Code: ff e8 1b d5 fb ff 48 8d 3d b4 58 d1 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 f8 d4 fb ff 90 <0f> 0b 90 e8 ef d4 fb ff 48 89 df 31 db e8 e5 0f fe ff 48 8b 74 24 [ 335.447445][ T8321] RSP: 0018:ffffc900045c7d90 EFLAGS: 00010087 [ 335.453528][ T8321] RAX: 000000000000085f RBX: ffff88813fea5000 RCX: ffffc9000f528000 [ 335.461502][ T8321] RDX: 0000000000080000 RSI: ffffffff820c4228 RDI: ffff88802e9c0000 [ 335.469476][ T8321] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 335.477449][ T8321] R10: 0000000000000000 R11: ffff88813fea50b0 R12: ffff88813fea50b0 [ 335.485423][ T8321] R13: dffffc0000000000 R14: ffff88813fea5190 R15: ffff88813fea5018 [ 335.493398][ T8321] FS: 00007fc1467f66c0(0000) GS:ffff88812444a000(0000) knlGS:0000000000000000 [ 335.502334][ T8321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 335.508931][ T8321] CR2: 0000001b30bc5ff8 CR3: 000000004c3ca000 CR4: 00000000003526f0 [ 335.516908][ T8321] Call Trace: [ 335.520190][ T8321] [ 335.523131][ T8321] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 335.529405][ T8321] ? __fget_files+0x21f/0x3d0 [ 335.534095][ T8321] tracing_buffers_ioctl+0x30d/0x400 [ 335.539403][ T8321] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 335.545243][ T8321] __x64_sys_ioctl+0x18e/0x210 [ 335.550035][ T8321] do_syscall_64+0x106/0xf80 [ 335.554644][ T8321] ? clear_bhb_loop+0x40/0x90 [ 335.559339][ T8321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.565244][ T8321] RIP: 0033:0x7fc14859c799 [ 335.569663][ T8321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 335.589280][ T8321] RSP: 002b:00007fc1467f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 335.597704][ T8321] RAX: ffffffffffffffda RBX: 00007fc148816180 RCX: 00007fc14859c799 [ 335.605681][ T8321] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 000000000000000a [ 335.613652][ T8321] RBP: 00007fc148632c99 R08: 0000000000000000 R09: 0000000000000000 [ 335.621621][ T8321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.629593][ T8321] R13: 00007fc148816218 R14: 00007fc148816180 R15: 00007fffe2d31428 [ 335.637584][ T8321] [ 335.640615][ T8321] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 335.647942][ T8321] CPU: 1 UID: 0 PID: 8321 Comm: syz.2.418 Tainted: G L syzkaller #0 PREEMPT(full) [ 335.658714][ T8321] Tainted: [L]=SOFTLOCKUP [ 335.663033][ T8321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 335.673099][ T8321] Call Trace: [ 335.676388][ T8321] [ 335.679327][ T8321] dump_stack_lvl+0x100/0x190 [ 335.684033][ T8321] vpanic+0x552/0x970 [ 335.688046][ T8321] ? __pfx_vpanic+0x10/0x10 [ 335.692566][ T8321] panic+0xd1/0xe0 [ 335.696294][ T8321] ? __pfx_panic+0x10/0x10 [ 335.700728][ T8321] check_panic_on_warn.cold+0x19/0x34 [ 335.706109][ T8321] ? ring_buffer_map_get_reader+0x659/0x880 [ 335.712018][ T8321] __warn.cold+0x191/0x348 [ 335.716441][ T8321] __report_bug+0x296/0x3d0 [ 335.720972][ T8321] ? ring_buffer_map_get_reader+0x659/0x880 [ 335.726888][ T8321] ? __pfx___report_bug+0x10/0x10 [ 335.731927][ T8321] ? add_lock_to_list+0x99/0x110 [ 335.736875][ T8321] ? lockdep_unlock+0x5a/0xc0 [ 335.741553][ T8321] ? rb_set_head_page+0x1e6/0x2f0 [ 335.746589][ T8321] ? ring_buffer_map_get_reader+0x659/0x880 [ 335.752505][ T8321] report_bug+0xb2/0x220 [ 335.756768][ T8321] ? ring_buffer_map_get_reader+0x659/0x880 [ 335.762682][ T8321] handle_bug+0x16a/0x2a0 [ 335.767032][ T8321] exc_invalid_op+0x17/0x50 [ 335.771549][ T8321] asm_exc_invalid_op+0x1a/0x20 [ 335.776403][ T8321] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 335.782927][ T8321] Code: ff e8 1b d5 fb ff 48 8d 3d b4 58 d1 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 f8 d4 fb ff 90 <0f> 0b 90 e8 ef d4 fb ff 48 89 df 31 db e8 e5 0f fe ff 48 8b 74 24 [ 335.802543][ T8321] RSP: 0018:ffffc900045c7d90 EFLAGS: 00010087 [ 335.808618][ T8321] RAX: 000000000000085f RBX: ffff88813fea5000 RCX: ffffc9000f528000 [ 335.816590][ T8321] RDX: 0000000000080000 RSI: ffffffff820c4228 RDI: ffff88802e9c0000 [ 335.824564][ T8321] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 335.832541][ T8321] R10: 0000000000000000 R11: ffff88813fea50b0 R12: ffff88813fea50b0 [ 335.840514][ T8321] R13: dffffc0000000000 R14: ffff88813fea5190 R15: ffff88813fea5018 [ 335.848500][ T8321] ? ring_buffer_map_get_reader+0x658/0x880 [ 335.854437][ T8321] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 335.860703][ T8321] ? __fget_files+0x21f/0x3d0 [ 335.865393][ T8321] tracing_buffers_ioctl+0x30d/0x400 [ 335.870690][ T8321] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 335.876599][ T8321] __x64_sys_ioctl+0x18e/0x210 [ 335.881384][ T8321] do_syscall_64+0x106/0xf80 [ 335.885988][ T8321] ? clear_bhb_loop+0x40/0x90 [ 335.890676][ T8321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.896573][ T8321] RIP: 0033:0x7fc14859c799 [ 335.900991][ T8321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 335.920605][ T8321] RSP: 002b:00007fc1467f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 335.929045][ T8321] RAX: ffffffffffffffda RBX: 00007fc148816180 RCX: 00007fc14859c799 [ 335.937018][ T8321] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 000000000000000a [ 335.944994][ T8321] RBP: 00007fc148632c99 R08: 0000000000000000 R09: 0000000000000000 [ 335.952971][ T8321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.960941][ T8321] R13: 00007fc148816218 R14: 00007fc148816180 R15: 00007fffe2d31428 [ 335.968933][ T8321] [ 335.972230][ T8321] Kernel Offset: disabled [ 335.976553][ T8321] Rebooting in 86400 seconds..