last executing test programs: 3.930363501s ago: executing program 0 (id=669): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x40000) recvmmsg$auto(r0, 0x0, 0x10a, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) ioctl$auto(0x3, 0x800005411, 0x38) 3.574238463s ago: executing program 2 (id=671): close_range$auto(0x0, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.6/usb7/7-0:1.0/ep_81/interval\x00', 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfs\x00', 0x20000, 0x0) r0 = socket(0x10, 0x2, 0xc) close_range$auto(r0, 0xfffffffffffff000, 0x0) r1 = fanotify_init$auto(0x200, 0x1) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="010027bd7000fcdbdf2535493a2c040002"], 0x18}, 0x1, 0x0, 0x0, 0x801}, 0x4044) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000", @ANYRES8=r0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) 3.521690417s ago: executing program 2 (id=672): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x19, 0x4cbd5f) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) socket(0x2, 0x1, 0x106) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xc0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4010ae42, 0x38) syz_genetlink_get_family_id$auto_tcp_metrics(0x0, r1) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/tcp6\x00', 0x20100, 0x0) pread64$auto(r3, 0x0, 0x8, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r4 = clone$auto(0x0, 0x4, 0x0, 0x0, 0x42) syz_clone3(&(0x7f0000000180)={0xa7102000, 0x0, 0x0, 0x0, {0x2a}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r4], 0x1}, 0x58) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) 2.991469546s ago: executing program 0 (id=675): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) bind$auto(0x3, 0x0, 0x2) 2.921108828s ago: executing program 3 (id=676): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x406a) io_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0xb, 0x0, 0x8) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) 2.665705189s ago: executing program 1 (id=677): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x9c0302, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0xffffffffffffffff, 0x10008000) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) socket(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(0x100000006, 0x1, 0x28, 0xfffffffffffffffc, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(0x3, 0x0, 0x1000005) 2.554900406s ago: executing program 0 (id=678): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2080008000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) open(0x0, 0x261c2, 0x84) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008011, 0x4, 0x0) 2.217436592s ago: executing program 2 (id=679): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8f3b7a51b80ebd01, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) 1.978466784s ago: executing program 1 (id=680): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x5, 0x147, 0x0, 0xfffffffffffffffd) 1.820764193s ago: executing program 0 (id=681): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) r0 = eventfd$auto(0x80) readv$auto(r0, &(0x7f0000000380)={0x0, 0x8}, 0x8) read$auto(r0, 0x0, 0xcc9c) write$auto(r0, &(0x7f0000000400)='\'\x00', 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0x2000f, 0x101, &(0x7f0000000000)=@in={0x2, 0x4e22, @loopback}, 0x1c) shutdown$auto(0x200000003, 0x2) 1.724439763s ago: executing program 1 (id=682): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0) getpid() r1 = socket(0x1d, 0x2, 0x6) getsockopt$auto(r1, 0x6a, 0x4, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_tid_address$auto(&(0x7f0000000040)=0x14) r3 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000140), 0x43c185a34992875a, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r3, 0x40087543, &(0x7f0000000080)={0x5, 0x2e9, [{0xffffffffffffffff, 0x0, 0x5, 0xd}, {r2, 0x0, 0xfffb, 0x4}, {0xffffffffffffffff, 0x0, 0x100c43, 0x3}]}) pwrite64$auto(0xffffffffffffffff, 0x0, 0x8001, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x7ff, 0x810004, 0xffb, 0x8800000008011, 0x3, 0x7) ioctl$auto(0xc8, 0x800454e1, 0x5c8d) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r4, 0x40285881, &(0x7f00000001c0)={r3, 0x0, 0x80000001, 0x6, 0x0, 0x80}) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) mmap$auto(0x0, 0x12020009, 0x3, 0x800000080000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x49402, 0x0) read$auto(r0, 0x0, 0x100000000) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r7 = socket(0x18, 0x5, 0x1) connect$auto(r7, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) 1.642953709s ago: executing program 3 (id=683): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\b', @ANYRES16=0x0, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100003800c000a"], 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 1.562898105s ago: executing program 0 (id=684): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x3, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x11001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}}) io_uring_enter$auto(r1, 0x9, 0x820e, 0x6, 0x0, 0x18) ioctl$auto_EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x0, r0, 0x2, 0x2, 0x1, 0x2}) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) r4 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) ioctl$auto_RNDGETENTCNT(r2, 0x80045200, &(0x7f0000000240)=0x5) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), r4) sendmsg$auto_NL80211_CMD_SET_STATION(r1, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x110000}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={0x5c, r5, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_PREV_BSSID={0x27, 0x4f, "83525630bf34d4ac4064fc0816a384d376b2f1a1684ff38f52c034365a9c41d7f939ee"}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x8}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x3}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x9}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20d5}, 0x40180c0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) sendmmsg$auto(0x3, 0x0, 0x9ae, 0x4) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) landlock_create_ruleset$auto(&(0x7f00000000c0)={0xd1d, 0x3, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(0xffffffffffffffff, 0x0) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r6, 0x4, 0x7ff) keyctl$auto_KEYCTL_PKEY_ENCRYPT(0x19, 0xa, 0x100020, 0x4, 0x80) getsockopt$auto_SO_RCVMARK(r3, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', 0x0) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mlockall$auto(0x7) 1.479116391s ago: executing program 3 (id=685): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x19, 0x4cbd5f) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) socket(0x2, 0x1, 0x106) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xc0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4010ae42, 0x38) syz_genetlink_get_family_id$auto_tcp_metrics(0x0, r1) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/tcp6\x00', 0x20100, 0x0) pread64$auto(r3, 0x0, 0x8, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r4 = clone$auto(0x0, 0x4, 0x0, 0x0, 0x42) syz_clone3(&(0x7f0000000180)={0xa7102000, 0x0, 0x0, 0x0, {0x2a}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r4], 0x1}, 0x58) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) 1.276590718s ago: executing program 2 (id=686): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) keyctl$auto(0x7, 0xfffffffb, 0x0, 0x3e, 0x8) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) mlockall$auto(0x7) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) mmap$auto(0x0, 0x20009, 0x4000000000cf, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x2b, 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000002500)={0x0}, 0x1, 0x0, 0x0, 0xc000}, 0x20000080) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) 713.857612ms ago: executing program 1 (id=687): mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bdi/250:0/read_ahead_kb\x00', 0x5e30523b26a2a748, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty19\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b62, r0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xc00caee0, r0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x4, 0x100000) 683.069472ms ago: executing program 0 (id=688): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x19, 0x4cbd5f) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) socket(0x2, 0x1, 0x106) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xc0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4010ae42, 0x38) syz_genetlink_get_family_id$auto_tcp_metrics(0x0, r1) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/tcp6\x00', 0x20100, 0x0) pread64$auto(r3, 0x0, 0x8, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r4 = clone$auto(0x0, 0x4, 0x0, 0x0, 0x42) syz_clone3(&(0x7f0000000180)={0xa7102000, 0x0, 0x0, 0x0, {0x2a}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r4], 0x1}, 0x58) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) 626.768294ms ago: executing program 3 (id=689): openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x88202, 0x0) socket(0x21, 0x2, 0x2) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/reboot/cpu\x00', 0x4, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) socket(0x18, 0x3, 0x0) socket(0xf, 0x3, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003f00)=""/46, 0x2e) 439.812222ms ago: executing program 3 (id=690): move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x170) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) r0 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0xc8) r1 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$auto_UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000000c0)={r0, 0x8, 0x2000000, 0x8000}) 424.174906ms ago: executing program 1 (id=691): mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000040)="03", 0x1) close_range$auto(0x0, 0x5, 0x0) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000d40)='/sys/devices/pci0000:00/0000:00:00.0/driver_override\x00', 0x4a401, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/usb_storage/parameters/delay_use\x00', 0x181942, 0x0) read$auto(0x3, 0x0, 0x7fffffff) 270.412758ms ago: executing program 1 (id=692): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) write$auto_snd_seq_f_ops_seq_clientmgr(r1, &(0x7f0000000000)="632d1bfe595046ab5c40bd7563307acb6d16baef6176e669a216aae183cccafdd80500ffffffff0600"/56, 0x38) 82.233511ms ago: executing program 2 (id=693): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000100)={{@inferred, 0x85, 0x3, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x8}, 0x0, @enumerated=@item=[0x2, 0xffff, 0x56, 0x8000, 0xd5ec, 0x4, 0xc, 0x7, 0x229e, 0x0, 0x8, 0x4, 0x4, 0x3, 0x4, 0x9, 0x2, 0x8, 0x2, 0x60, 0x0, 0x7, 0x5, 0x1, 0xe2, 0x6, 0x9, 0x2, 0x4f, 0x8, 0x8, 0x0, 0x8000, 0x7, 0xff, 0x7bf, 0x6f, 0x7, 0x6, 0x1, 0x80000001, 0xb, 0x5, 0x6, 0x400, 0x7, 0x40f3, 0x4, 0x5, 0xffff, 0xfffffffa, 0x180, 0x8, 0x0, 0xa, 0x6, 0x8, 0x2, 0x8, 0x8, 0x4, 0x806c, 0x3, 0xffffffff, 0x61c, 0x4c, 0x7, 0x6, 0x50272f99, 0x5, 0x0, 0x8, 0x9, 0xfffffffd, 0x6, 0xff, 0x7f, 0x7, 0x40, 0x3, 0xffff, 0x0, 0x2, 0xfd, 0x7ff, 0x6, 0x5, 0x7, 0xfffffffd, 0xff, 0x0, 0x0, 0x0, 0x66fe3242, 0x5, 0x5, 0x0, 0x4, 0x1ff, 0x400, 0x40, 0x4, 0x3, 0x9, 0x0, 0x0, 0x1, 0x0, 0x8, 0x6, 0x3ff, 0x8, 0x8, 0x8, 0x0, 0xa3, 0x81, 0xbd, 0xffffffff, 0x3, 0x81, 0x9, 0x7, 0x1, 0x8000, 0x71, 0x6, 0x1], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40100, 0x0) pread64$auto(r1, 0x0, 0x10001, 0x830) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) 64.27067ms ago: executing program 3 (id=694): sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000804}, 0x4080) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000007c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057\x1c&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\x7f\x00\x00\x00AN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81.f\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00\x00\x00\xec\xbd_r\xf16\xec\xf3\xbb[.\xf3\xef\xf8\x16x\x9e\xb3*:/L\xa0Kg\xf0\xa2\x84\xa3o\xcc\x9e\xd3\xeb\xd3(\xaa\x93g~\x01\x81\x1eV\xf1L\xfc\xad\xa9#O\xe4\x12\xd3\xbda\xbc\x9a\x9f+9\'\xc4\x13\xf0\xc88\x1d80?\xc2\a\af\xdc?-&\xedAd\x9c\xe5&\xb9\x14\xe1\x85 \xbf\x18\xfc:#\xcf\x7ffT\xefPb\xe1\xfa]\xcc\x8a\xe3\x99\x98u\x9bj>\x9d\xc2\x1fk\x87\x92\xfb(U\xa8\xcd4+\xf6e5],\xec\x84 \x1b\x10d\x1b@\x84X\xa1\xa8\xd7\xccO\xb0Qq\x1a\xa4<\\\x0e\xa4\x7f^\x1a|\xfd\xe6#\x00\x9e\x1d\x00k\x84\x1b\xa3\xb1O\xe0IzJRO\xf4,\xe5\xdb\x03CA\x13Q\x84\xbb\x88\xb4\xe3\xba\xf0/\xd0\x04\ny\a\x8d\x12h\xe22\xcb\"\xce\x00\x00', 0x5) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000340)='/dev/mtd0\x00', 0x2, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 0s ago: executing program 2 (id=695): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x2a) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5) read$auto_proc_single_file_operations_base(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0xffd8) kernel console output (not intermixed with test programs): to 1532 would solve the problem. [ 77.399018][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.410940][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.418197][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.444192][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.471584][ T5826] hsr_slave_0: entered promiscuous mode [ 77.478358][ T5826] hsr_slave_1: entered promiscuous mode [ 77.522088][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.529442][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.555374][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.567806][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.574764][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 77.600980][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.629815][ T5831] hsr_slave_0: entered promiscuous mode [ 77.636399][ T5831] hsr_slave_1: entered promiscuous mode [ 77.637409][ T5145] Bluetooth: hci2: command tx timeout [ 77.643307][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 77.647976][ T5825] Bluetooth: hci0: command tx timeout [ 77.653617][ T5831] Cannot create hsr debugfs directory [ 77.659189][ T5832] Bluetooth: hci1: command tx timeout [ 77.717401][ T5832] Bluetooth: hci3: command tx timeout [ 77.738310][ T5835] hsr_slave_0: entered promiscuous mode [ 77.744554][ T5835] hsr_slave_1: entered promiscuous mode [ 77.750912][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 77.756643][ T5835] Cannot create hsr debugfs directory [ 77.876680][ T5822] hsr_slave_0: entered promiscuous mode [ 77.883007][ T5822] hsr_slave_1: entered promiscuous mode [ 77.889237][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 77.894968][ T5822] Cannot create hsr debugfs directory [ 78.246058][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 78.260282][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 78.273835][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 78.293681][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 78.366816][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 78.387805][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 78.410937][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 78.429860][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 78.484339][ T5826] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 78.510086][ T5826] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 78.521321][ T5826] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 78.544025][ T5826] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 78.633877][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.651313][ T5822] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 78.672896][ T5822] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 78.693176][ T5822] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 78.713506][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.721829][ T5822] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 78.745448][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.764656][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.771908][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.795423][ T83] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.802623][ T83] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.842080][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.862500][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.869711][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.922213][ T83] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.929354][ T83] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.951009][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.986176][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 79.062121][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.102957][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.110171][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.139879][ T83] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.147102][ T83] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.282725][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.360655][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.370763][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.401542][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.408738][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.431740][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.439030][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.489885][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.586512][ T5831] veth0_vlan: entered promiscuous mode [ 79.603468][ T5822] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 79.646624][ T5831] veth1_vlan: entered promiscuous mode [ 79.691028][ T5835] veth0_vlan: entered promiscuous mode [ 79.707716][ T5832] Bluetooth: hci1: command tx timeout [ 79.707735][ T5145] Bluetooth: hci0: command tx timeout [ 79.713146][ T5832] Bluetooth: hci2: command tx timeout [ 79.773735][ T5835] veth1_vlan: entered promiscuous mode [ 79.789834][ T5832] Bluetooth: hci3: command tx timeout [ 79.790956][ T5831] veth0_macvtap: entered promiscuous mode [ 79.806646][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.821611][ T5831] veth1_macvtap: entered promiscuous mode [ 79.862757][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 79.886190][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.922258][ T179] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.953361][ T179] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.964548][ T5835] veth0_macvtap: entered promiscuous mode [ 79.982172][ T179] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.992575][ T179] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.003088][ T5835] veth1_macvtap: entered promiscuous mode [ 80.065741][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.079780][ T5826] veth0_vlan: entered promiscuous mode [ 80.096444][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.116188][ T5826] veth1_vlan: entered promiscuous mode [ 80.134202][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.167639][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.175622][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.201793][ T5826] veth0_macvtap: entered promiscuous mode [ 80.209746][ T163] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.230927][ T5826] veth1_macvtap: entered promiscuous mode [ 80.240164][ T163] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.251206][ T163] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.281490][ T163] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.325576][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.334385][ T149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.339972][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.349942][ T149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.383165][ T149] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.395916][ T149] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.421367][ T5822] veth0_vlan: entered promiscuous mode [ 80.469289][ T149] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.477876][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 80.493690][ T149] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.515427][ T5822] veth1_vlan: entered promiscuous mode [ 80.541987][ T149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.556571][ T149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.681822][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.693408][ T5822] veth0_macvtap: entered promiscuous mode [ 80.702492][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.731181][ T163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.755268][ T163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.779652][ T5822] veth1_macvtap: entered promiscuous mode [ 80.834048][ T163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.862571][ T163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.880965][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.905819][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.016255][ T179] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.072428][ T179] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.087562][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 81.139480][ T179] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.299461][ T179] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.435087][ T5927] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6'. [ 81.698267][ T5931] netlink: zone id is out of range [ 81.730121][ T5931] netlink: zone id is out of range [ 81.815672][ T5832] Bluetooth: hci2: command tx timeout [ 81.824980][ T5825] Bluetooth: hci0: command tx timeout [ 81.824989][ T5145] Bluetooth: hci1: command tx timeout [ 81.855954][ T5931] netlink: zone id is out of range [ 81.867392][ T5832] Bluetooth: hci3: command tx timeout [ 81.908104][ T5931] netlink: zone id is out of range [ 81.913264][ T5931] netlink: zone id is out of range [ 81.921369][ T179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.952620][ T179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.030681][ T5931] netlink: zone id is out of range [ 82.097253][ T5931] netlink: zone id is out of range [ 82.102413][ T5931] netlink: zone id is out of range [ 82.163104][ T5931] netlink: zone id is out of range [ 82.177828][ T5931] netlink: zone id is out of range [ 82.314641][ T163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.337205][ T163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.264507][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 83.657560][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 83.807863][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 83.867423][ T5832] Bluetooth: hci1: command tx timeout [ 83.877513][ T5832] Bluetooth: hci2: command tx timeout [ 83.884088][ T5825] Bluetooth: hci0: command tx timeout [ 83.907630][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 83.916154][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 83.924742][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 83.948196][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 83.960550][ T5832] Bluetooth: hci3: command tx timeout [ 84.026671][ T5942] futex_wake_op: syz.0.1 tries to shift op by -2048; fix this program [ 84.313900][ T5937] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 84.380409][ T30] audit: type=1804 audit(1772868870.220:2): pid=5972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.9" name="/newroot/2/file0" dev="tmpfs" ino=30 res=1 errno=0 [ 84.512306][ T30] audit: type=1804 audit(1772868870.260:3): pid=5973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.9" name="/newroot/2/file0" dev="tmpfs" ino=30 res=1 errno=0 [ 85.276134][ T6000] bond0: invalid ARP target specified [ 86.759030][ T799] cfg80211: failed to load regulatory.db [ 86.817419][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.903288][ T6015] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 86.967902][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 88.340835][ T6064] netlink: 28 bytes leftover after parsing attributes in process `syz.0.41'. [ 88.840003][ T6064] Zero length message leads to an empty skb [ 89.328317][ T6082] netlink: 28 bytes leftover after parsing attributes in process `syz.1.45'. [ 89.367256][ T6081] bond0: invalid ARP target specified [ 89.442206][ T6082] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.454716][ T6082] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 89.471459][ T6082] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 89.478965][ T6082] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 90.071784][ T6093] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 90.555464][ T6108] syz.1.56 uses obsolete (PF_INET,SOCK_PACKET) [ 90.862919][ T6119] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 90.918575][ T6119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.58'. [ 91.047092][ T6115] zswap: compressor not available [ 91.088340][ T30] audit: type=1800 audit(4294967299.530:4): pid=6112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=9402 res=0 errno=0 [ 91.355734][ T6112] could not allocate digest TFM handle [ 91.692586][ T6138] netlink: 28 bytes leftover after parsing attributes in process `syz.2.63'. [ 93.613136][ T6163] netlink: 8 bytes leftover after parsing attributes in process `syz.0.69'. [ 93.893060][ T6170] net_ratelimit: 4 callbacks suppressed [ 93.893075][ T6170] netlink: NAT attribute type 6 has unexpected length (4 != 2) [ 94.241822][ T6175] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 94.919024][ T6189] FAULT_INJECTION: forcing a failure. [ 94.919024][ T6189] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 94.932381][ T6189] CPU: 0 UID: 0 PID: 6189 Comm: syz.2.79 Not tainted syzkaller #0 PREEMPT(full) [ 94.932403][ T6189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 94.932417][ T6189] Call Trace: [ 94.932423][ T6189] [ 94.932431][ T6189] dump_stack_lvl+0x100/0x190 [ 94.932462][ T6189] should_fail_ex.cold+0x5/0xa [ 94.932481][ T6189] _copy_to_user+0x32/0xd0 [ 94.932498][ T6189] poll_select_finish+0x32f/0x670 [ 94.932521][ T6189] ? __pfx_poll_select_finish+0x10/0x10 [ 94.932546][ T6189] ? ktime_get_ts64+0x2d2/0x3f0 [ 94.932562][ T6189] ? read_tsc+0x9/0x20 [ 94.932577][ T6189] ? ktime_get_ts64+0x256/0x3f0 [ 94.932594][ T6189] kern_select+0x21b/0x270 [ 94.932617][ T6189] ? __pfx_kern_select+0x10/0x10 [ 94.932645][ T6189] __x64_sys_select+0xbd/0x160 [ 94.932666][ T6189] ? do_syscall_64+0x95/0xf80 [ 94.932683][ T6189] ? lockdep_hardirqs_on+0x78/0x100 [ 94.932700][ T6189] do_syscall_64+0x106/0xf80 [ 94.932716][ T6189] ? clear_bhb_loop+0x40/0x90 [ 94.932733][ T6189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.932748][ T6189] RIP: 0033:0x7fe3a5b9c799 [ 94.932765][ T6189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 94.932779][ T6189] RSP: 002b:00007fe3a6980028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 94.932793][ T6189] RAX: ffffffffffffffda RBX: 00007fe3a5e15fa0 RCX: 00007fe3a5b9c799 [ 94.932802][ T6189] RDX: 0000200000000180 RSI: 0000000000000000 RDI: 0000000000000003 [ 94.932811][ T6189] RBP: 00007fe3a5c32bd9 R08: 00002000000000c0 R09: 0000000000000000 [ 94.932820][ T6189] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 94.932829][ T6189] R13: 00007fe3a5e16038 R14: 00007fe3a5e15fa0 R15: 00007ffc89969328 [ 94.932849][ T6189] [ 95.148691][ T5832] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 97.073689][ T6226] netlink: 350 bytes leftover after parsing attributes in process `syz.1.94'. [ 97.155018][ T6191] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 97.179178][ T6191] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 97.289993][ T6191] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 97.320264][ T6191] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 97.326448][ T6191] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 97.360001][ T6191] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 97.419539][ T6191] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 97.447347][ T6191] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 97.467935][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 97.478234][ T6191] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 97.569482][ T6191] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 97.592887][ T6191] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 97.666293][ T6191] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 98.043785][ T6261] vivid-001: ================= START STATUS ================= [ 98.057738][ T6261] vivid-001: Radio HW Seek Mode: Bounded [ 98.064483][ T6261] vivid-001: Radio Programmable HW Seek: false [ 98.164774][ T6261] vivid-001: RDS Rx I/O Mode: Block I/O [ 98.180121][ T6261] vivid-001: Generate RBDS Instead of RDS: false [ 98.191220][ T6261] vivid-001: RDS Reception: true [ 98.196447][ T6261] vivid-001: RDS Program Type: 0 inactive [ 98.203806][ T6261] vivid-001: RDS PS Name: inactive [ 98.210055][ T6261] vivid-001: RDS Radio Text: inactive [ 98.217098][ T6261] vivid-001: RDS Traffic Announcement: false inactive [ 98.225195][ T6261] vivid-001: RDS Traffic Program: false inactive [ 98.237610][ T6261] vivid-001: RDS Music: false inactive [ 98.243479][ T6261] vivid-001: ================== END STATUS ================== [ 98.408947][ T6265] netlink: 350 bytes leftover after parsing attributes in process `syz.2.109'. [ 99.051641][ T6294] FAULT_INJECTION: forcing a failure. [ 99.051641][ T6294] name failslab, interval 1, probability 0, space 0, times 0 [ 99.096962][ T6294] CPU: 1 UID: 0 PID: 6294 Comm: syz.3.120 Not tainted syzkaller #0 PREEMPT(full) [ 99.097002][ T6294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 99.097018][ T6294] Call Trace: [ 99.097027][ T6294] [ 99.097038][ T6294] dump_stack_lvl+0x100/0x190 [ 99.097086][ T6294] should_fail_ex.cold+0x5/0xa [ 99.097120][ T6294] should_failslab+0xc2/0x120 [ 99.097150][ T6294] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 99.097187][ T6294] ? alloc_empty_file+0x55/0x1c0 [ 99.097227][ T6294] alloc_empty_file+0x55/0x1c0 [ 99.097263][ T6294] dentry_open+0x46/0xd0 [ 99.097303][ T6294] pidfs_alloc_file+0x18f/0x290 [ 99.097346][ T6294] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 99.097395][ T6294] pidfd_prepare+0x123/0x200 [ 99.097429][ T6294] __x64_sys_pidfd_open+0x105/0x1a0 [ 99.097468][ T6294] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 99.097516][ T6294] do_syscall_64+0x106/0xf80 [ 99.097548][ T6294] ? clear_bhb_loop+0x40/0x90 [ 99.097582][ T6294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.097610][ T6294] RIP: 0033:0x7faed999c799 [ 99.097634][ T6294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 99.097661][ T6294] RSP: 002b:00007faeda7c2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 99.097688][ T6294] RAX: ffffffffffffffda RBX: 00007faed9c15fa0 RCX: 00007faed999c799 [ 99.097707][ T6294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 99.097724][ T6294] RBP: 00007faed9a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 99.097741][ T6294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.097757][ T6294] R13: 00007faed9c16038 R14: 00007faed9c15fa0 R15: 00007fffd39a7788 [ 99.097794][ T6294] [ 99.387678][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 99.470471][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 99.571119][ T6306] netlink: 8 bytes leftover after parsing attributes in process `syz.3.121'. [ 99.629773][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 100.043736][ T6315] netlink: 350 bytes leftover after parsing attributes in process `syz.0.122'. [ 100.368126][ T6291] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 100.383511][ T6291] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 100.399479][ T6291] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 100.436349][ T6291] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 100.793837][ T6331] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 100.901300][ T6333] netlink: 28 bytes leftover after parsing attributes in process `syz.0.128'. [ 101.070149][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 101.351671][ T6348] futex_wake_op: syz.3.134 tries to shift op by -2048; fix this program [ 101.368235][ T6348] 0x000000000001-0x000000020000 : "" [ 101.398154][ T6348] ftl_cs: FTL header corrupt! [ 101.981736][ T6371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.141'. [ 102.026004][ T6374] FAULT_INJECTION: forcing a failure. [ 102.026004][ T6374] name failslab, interval 1, probability 0, space 0, times 0 [ 102.057847][ T6374] CPU: 1 UID: 0 PID: 6374 Comm: syz.1.143 Tainted: G L syzkaller #0 PREEMPT(full) [ 102.057891][ T6374] Tainted: [L]=SOFTLOCKUP [ 102.057901][ T6374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 102.057916][ T6374] Call Trace: [ 102.057925][ T6374] [ 102.057935][ T6374] dump_stack_lvl+0x100/0x190 [ 102.057981][ T6374] should_fail_ex.cold+0x5/0xa [ 102.058014][ T6374] should_failslab+0xc2/0x120 [ 102.058042][ T6374] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 102.058085][ T6374] ? kstrdup_const+0x63/0x80 [ 102.058133][ T6374] kstrdup+0x51/0xe0 [ 102.058176][ T6374] kstrdup_const+0x63/0x80 [ 102.058226][ T6374] alloc_vfsmnt+0xe5/0x6a0 [ 102.058258][ T6374] ? __pfx___might_resched+0x10/0x10 [ 102.058298][ T6374] clone_mnt+0x4b/0x930 [ 102.058340][ T6374] copy_tree+0xfc/0xbf0 [ 102.058365][ T6374] ? __pfx_down_write+0x10/0x10 [ 102.058410][ T6374] copy_mnt_ns+0x2bd/0xc30 [ 102.058442][ T6374] ? create_new_namespaces+0x30/0xac0 [ 102.058471][ T6374] ? rcu_is_watching+0x12/0xc0 [ 102.058517][ T6374] create_new_namespaces+0xd3/0xac0 [ 102.058542][ T6374] ? bpf_lsm_capable+0x9/0x10 [ 102.058568][ T6374] ? security_capable+0x80/0x260 [ 102.058613][ T6374] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 102.058646][ T6374] ksys_unshare+0x473/0xad0 [ 102.058684][ T6374] ? __pfx_ksys_unshare+0x10/0x10 [ 102.058730][ T6374] __x64_sys_unshare+0x31/0x40 [ 102.058763][ T6374] do_syscall_64+0x106/0xf80 [ 102.058794][ T6374] ? clear_bhb_loop+0x40/0x90 [ 102.058826][ T6374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.058853][ T6374] RIP: 0033:0x7f3a8c39c799 [ 102.058876][ T6374] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 102.058901][ T6374] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 102.058928][ T6374] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 102.058946][ T6374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 102.058962][ T6374] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 102.058978][ T6374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.058993][ T6374] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 102.059031][ T6374] [ 102.427947][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 102.429097][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout [ 102.507917][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout [ 103.200455][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout [ 103.499265][ T6400] futex_wake_op: syz.3.149 tries to shift op by -2048; fix this program [ 103.508887][ T6400] 0x000000000001-0x000000020000 : "" [ 103.805677][ T6400] ftl_cs: FTL header corrupt! [ 103.980032][ T6412] capability: warning: `syz.2.152' uses 32-bit capabilities (legacy support in use) [ 104.492453][ T6431] netlink: 504 bytes leftover after parsing attributes in process `syz.2.156'. [ 104.503375][ T6431] netlink: 350 bytes leftover after parsing attributes in process `syz.2.156'. [ 104.516885][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout [ 104.523014][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 104.587253][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout [ 105.061596][ T6442] netlink: 350 bytes leftover after parsing attributes in process `syz.1.161'. [ 105.413476][ T6454] futex_wake_op: syz.1.163 tries to shift op by -2048; fix this program [ 105.430764][ T6454] 0x000000000001-0x000000020000 : "" [ 105.520174][ T6454] ftl_cs: FTL header corrupt! [ 106.413404][ T6438] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 106.420296][ T6438] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 106.426344][ T6438] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 106.438272][ T6438] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 106.779697][ T6472] FAULT_INJECTION: forcing a failure. [ 106.779697][ T6472] name failslab, interval 1, probability 0, space 0, times 0 [ 106.821984][ T6472] CPU: 0 UID: 0 PID: 6472 Comm: syz.2.167 Tainted: G L syzkaller #0 PREEMPT(full) [ 106.822012][ T6472] Tainted: [L]=SOFTLOCKUP [ 106.822017][ T6472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 106.822029][ T6472] Call Trace: [ 106.822035][ T6472] [ 106.822041][ T6472] dump_stack_lvl+0x100/0x190 [ 106.822068][ T6472] should_fail_ex.cold+0x5/0xa [ 106.822086][ T6472] should_failslab+0xc2/0x120 [ 106.822101][ T6472] __kmalloc_node_noprof+0xe6/0x850 [ 106.822122][ T6472] ? alloc_slab_obj_exts+0x4e/0x190 [ 106.822145][ T6472] alloc_slab_obj_exts+0x4e/0x190 [ 106.822165][ T6472] __memcg_slab_post_alloc_hook+0x246/0x990 [ 106.822185][ T6472] ? kasan_save_track+0x14/0x30 [ 106.822208][ T6472] kmem_cache_alloc_noprof+0x58a/0x6e0 [ 106.822228][ T6472] ? prepare_creds+0x2c/0x950 [ 106.822248][ T6472] ? from_kgid_munged+0xab/0x130 [ 106.822265][ T6472] prepare_creds+0x2c/0x950 [ 106.822287][ T6472] __sys_setfsgid+0xe3/0x3b0 [ 106.822305][ T6472] do_syscall_64+0x106/0xf80 [ 106.822321][ T6472] ? clear_bhb_loop+0x40/0x90 [ 106.822339][ T6472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.822354][ T6472] RIP: 0033:0x7fe3a5b9c799 [ 106.822367][ T6472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 106.822381][ T6472] RSP: 002b:00007fe3a6980028 EFLAGS: 00000246 ORIG_RAX: 000000000000007b [ 106.822395][ T6472] RAX: ffffffffffffffda RBX: 00007fe3a5e15fa0 RCX: 00007fe3a5b9c799 [ 106.822404][ T6472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01 [ 106.822417][ T6472] RBP: 00007fe3a5c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 106.822426][ T6472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.822434][ T6472] R13: 00007fe3a5e16038 R14: 00007fe3a5e15fa0 R15: 00007ffc89969328 [ 106.822453][ T6472] [ 107.073627][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 107.379948][ T6477] netlink: 504 bytes leftover after parsing attributes in process `syz.2.169'. [ 107.418720][ T6477] netlink: 350 bytes leftover after parsing attributes in process `syz.2.169'. [ 107.656465][ T6490] input: jJǸ-9%vJ86 as /devices/virtual/input/input5 syzkaller syzkaller login: [ 108.335632][ T30] audit: type=1806 audit(4294967316.780:5): res=-14 [ 108.430542][ T6511] FAULT_INJECTION: forcing a failure. [ 108.430542][ T6511] name failslab, interval 1, probability 0, space 0, times 0 [ 108.483291][ T6508] netlink: 504 bytes leftover after parsing attributes in process `syz.2.183'. [ 108.511066][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 108.511109][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 108.523617][ T6511] CPU: 0 UID: 0 PID: 6511 Comm: syz.0.180 Tainted: G L syzkaller #0 PREEMPT(full) [ 108.523661][ T6511] Tainted: [L]=SOFTLOCKUP [ 108.523671][ T6511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 108.523686][ T6511] Call Trace: [ 108.523695][ T6511] [ 108.523706][ T6511] dump_stack_lvl+0x100/0x190 [ 108.523757][ T6511] should_fail_ex.cold+0x5/0xa [ 108.523788][ T6511] should_failslab+0xc2/0x120 [ 108.523816][ T6511] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 108.523855][ T6511] ? sk_prot_alloc+0x60/0x2a0 [ 108.523892][ T6511] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 108.523940][ T6511] ? security_inode_alloc+0x3b/0x2c0 [ 108.523987][ T6511] sk_prot_alloc+0x60/0x2a0 [ 108.524025][ T6511] sk_alloc+0x36/0xe80 [ 108.524054][ T6511] __vsock_create.constprop.0+0x3c/0xba0 [ 108.524082][ T6511] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 108.524130][ T6511] vsock_create+0x126/0x510 [ 108.524163][ T6511] __sock_create+0x339/0x860 [ 108.524210][ T6511] __sys_socket+0x14d/0x260 [ 108.524236][ T6511] ? __pfx___sys_socket+0x10/0x10 [ 108.524287][ T6511] __x64_sys_socket+0x72/0xb0 [ 108.524311][ T6511] ? lockdep_hardirqs_on+0x78/0x100 [ 108.524344][ T6511] do_syscall_64+0x106/0xf80 [ 108.524384][ T6511] ? clear_bhb_loop+0x40/0x90 [ 108.524418][ T6511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.524444][ T6511] RIP: 0033:0x7fa537b9c799 [ 108.524466][ T6511] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 108.524491][ T6511] RSP: 002b:00007fa538ae1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 108.524515][ T6511] RAX: ffffffffffffffda RBX: 00007fa537e15fa0 RCX: 00007fa537b9c799 [ 108.524532][ T6511] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000028 [ 108.524548][ T6511] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 108.524560][ T6511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 108.524574][ T6511] R13: 00007fa537e16038 R14: 00007fa537e15fa0 R15: 00007ffffe37a608 [ 108.524609][ T6511] [ 108.525502][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 108.618354][ T6508] netlink: 350 bytes leftover after parsing attributes in process `syz.2.183'. [ 109.031064][ T6521] FAULT_INJECTION: forcing a failure. [ 109.031064][ T6521] name failslab, interval 1, probability 0, space 0, times 0 [ 109.057300][ T6521] CPU: 1 UID: 0 PID: 6521 Comm: syz.3.187 Tainted: G L syzkaller #0 PREEMPT(full) [ 109.057348][ T6521] Tainted: [L]=SOFTLOCKUP [ 109.057358][ T6521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 109.057375][ T6521] Call Trace: [ 109.057385][ T6521] [ 109.057395][ T6521] dump_stack_lvl+0x100/0x190 [ 109.057443][ T6521] should_fail_ex.cold+0x5/0xa [ 109.057478][ T6521] should_failslab+0xc2/0x120 [ 109.057507][ T6521] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 109.057547][ T6521] ? sk_prot_alloc+0x60/0x2a0 [ 109.057594][ T6521] sk_prot_alloc+0x60/0x2a0 [ 109.057635][ T6521] sk_alloc+0x36/0xe80 [ 109.057667][ T6521] qrtr_create+0x84/0x1d0 [ 109.057702][ T6521] __sock_create+0x339/0x860 [ 109.057751][ T6521] __sys_socket+0x14d/0x260 [ 109.057778][ T6521] ? __pfx___sys_socket+0x10/0x10 [ 109.057831][ T6521] __x64_sys_socket+0x72/0xb0 [ 109.057866][ T6521] ? lockdep_hardirqs_on+0x78/0x100 [ 109.057900][ T6521] do_syscall_64+0x106/0xf80 [ 109.057933][ T6521] ? clear_bhb_loop+0x40/0x90 [ 109.057968][ T6521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.057997][ T6521] RIP: 0033:0x7faed999c799 [ 109.058020][ T6521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 109.058044][ T6521] RSP: 002b:00007faeda7c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 109.058068][ T6521] RAX: ffffffffffffffda RBX: 00007faed9c15fa0 RCX: 00007faed999c799 [ 109.058085][ T6521] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 000000000000002a [ 109.058101][ T6521] RBP: 00007faed9a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 109.058117][ T6521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 109.058133][ T6521] R13: 00007faed9c16038 R14: 00007faed9c15fa0 R15: 00007fffd39a7788 [ 109.058169][ T6521] [ 109.632987][ T6529] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 109.761886][ T6534] FAULT_INJECTION: forcing a failure. [ 109.761886][ T6534] name failslab, interval 1, probability 0, space 0, times 0 [ 109.787044][ T6534] CPU: 1 UID: 0 PID: 6534 Comm: syz.1.192 Tainted: G L syzkaller #0 PREEMPT(full) [ 109.787094][ T6534] Tainted: [L]=SOFTLOCKUP [ 109.787103][ T6534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 109.787122][ T6534] Call Trace: [ 109.787134][ T6534] [ 109.787144][ T6534] dump_stack_lvl+0x100/0x190 [ 109.787186][ T6534] should_fail_ex.cold+0x5/0xa [ 109.787218][ T6534] ? lsm_blob_alloc+0x68/0x90 [ 109.787248][ T6534] should_failslab+0xc2/0x120 [ 109.787276][ T6534] __kmalloc_noprof+0xe0/0x850 [ 109.787317][ T6534] ? trace_kmem_cache_alloc+0xf3/0x120 [ 109.787354][ T6534] lsm_blob_alloc+0x68/0x90 [ 109.787384][ T6534] security_prepare_creds+0x2d/0x290 [ 109.787421][ T6534] prepare_creds+0x5d6/0x950 [ 109.787462][ T6534] lookup_user_key+0x8e9/0x1300 [ 109.787509][ T6534] ? __pfx_lookup_user_key+0x10/0x10 [ 109.787550][ T6534] ? find_held_lock+0x2b/0x80 [ 109.787574][ T6534] ? setid_policy_lookup+0x10c/0x350 [ 109.787611][ T6534] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 109.787662][ T6534] ? bpf_lsm_capable+0x9/0x10 [ 109.787689][ T6534] ? security_capable+0x80/0x260 [ 109.787729][ T6534] keyctl_get_persistent+0x197/0x8b0 [ 109.787761][ T6534] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 109.787797][ T6534] ? __x64_sys_futex+0x34f/0x4d0 [ 109.787830][ T6534] ? __x64_sys_futex+0x358/0x4d0 [ 109.787868][ T6534] ? xfd_validate_state+0x129/0x190 [ 109.787914][ T6534] __do_sys_keyctl+0x3b2/0x5a0 [ 109.787955][ T6534] do_syscall_64+0x106/0xf80 [ 109.787986][ T6534] ? clear_bhb_loop+0x40/0x90 [ 109.788021][ T6534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.788050][ T6534] RIP: 0033:0x7f3a8c39c799 [ 109.788074][ T6534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 109.788099][ T6534] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 109.788126][ T6534] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 109.788144][ T6534] RDX: 7fffffffffffffff RSI: 000000000000ee00 RDI: 0000000000000016 [ 109.788161][ T6534] RBP: 00007f3a8c432bd9 R08: 000000000000000c R09: 0000000000000000 [ 109.788177][ T6534] R10: 00000000000099a7 R11: 0000000000000246 R12: 0000000000000000 [ 109.788193][ T6534] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 109.788230][ T6534] [ 110.182856][ T6543] mmap: syz.2.196 (6543) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 110.576014][ T6553] binder: 6552:6553 unknown command 0 [ 110.608978][ T6553] binder: 6552:6553 ioctl c0306201 200000000040 returned -22 [ 110.694693][ T6554] futex_wake_op: syz.1.199 tries to shift op by -2048; fix this program [ 110.726557][ T6554] 0x000000000001-0x000000020000 : "" [ 110.756831][ T6554] ftl_cs: FTL header corrupt! [ 111.175798][ T6565] could not allocate digest TFM handle  [ 111.450370][ T6580] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 111.675799][ T6587] FAULT_INJECTION: forcing a failure. [ 111.675799][ T6587] name failslab, interval 1, probability 0, space 0, times 0 [ 111.725740][ T6587] CPU: 0 UID: 0 PID: 6587 Comm: syz.1.210 Tainted: G L syzkaller #0 PREEMPT(full) [ 111.725777][ T6587] Tainted: [L]=SOFTLOCKUP [ 111.725786][ T6587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 111.725800][ T6587] Call Trace: [ 111.725809][ T6587] [ 111.725820][ T6587] dump_stack_lvl+0x100/0x190 [ 111.725866][ T6587] should_fail_ex.cold+0x5/0xa [ 111.725894][ T6587] should_failslab+0xc2/0x120 [ 111.725924][ T6587] __kmalloc_cache_noprof+0x7a/0x6f0 [ 111.725959][ T6587] ? io_uring_setup.cold+0x6c/0x1d09 [ 111.726002][ T6587] io_uring_setup.cold+0x6c/0x1d09 [ 111.726047][ T6587] ? __pfx_io_uring_setup+0x10/0x10 [ 111.726081][ T6587] ? do_futex+0x192/0x350 [ 111.726117][ T6587] ? __pfx_do_futex+0x10/0x10 [ 111.726168][ T6587] ? __pfx_task_work_run+0x10/0x10 [ 111.726204][ T6587] ? __pfx___x64_sys_futex+0x10/0x10 [ 111.726241][ T6587] ? exit_to_user_mode_loop+0xdd/0x4a0 [ 111.726283][ T6587] __x64_sys_io_uring_setup+0xc2/0x170 [ 111.726317][ T6587] do_syscall_64+0x106/0xf80 [ 111.726341][ T6587] ? clear_bhb_loop+0x40/0x90 [ 111.726367][ T6587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.726382][ T6587] RIP: 0033:0x7f3a8c39c799 [ 111.726395][ T6587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.726410][ T6587] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 111.726424][ T6587] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 111.726434][ T6587] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000059 [ 111.726442][ T6587] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 111.726450][ T6587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.726459][ T6587] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 111.726477][ T6587] [ 112.733135][ T6584] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 112.739261][ T6584] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 112.745306][ T6584] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 112.751596][ T6584] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 112.933693][ T6619] Invalid ELF header magic: != ELF [ 113.295195][ T6635] loop6: detected capacity change from 0 to 8 [ 113.628890][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 114.261328][ T6655] netlink: 350 bytes leftover after parsing attributes in process `syz.3.228'. [ 114.749987][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 114.827518][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout [ 114.833774][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 115.791927][ T6709] FAULT_INJECTION: forcing a failure. [ 115.791927][ T6709] name failslab, interval 1, probability 0, space 0, times 0 [ 115.844224][ T6709] CPU: 0 UID: 0 PID: 6709 Comm: syz.0.244 Tainted: G L syzkaller #0 PREEMPT(full) [ 115.844268][ T6709] Tainted: [L]=SOFTLOCKUP [ 115.844277][ T6709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 115.844291][ T6709] Call Trace: [ 115.844299][ T6709] [ 115.844310][ T6709] dump_stack_lvl+0x100/0x190 [ 115.844355][ T6709] should_fail_ex.cold+0x5/0xa [ 115.844388][ T6709] should_failslab+0xc2/0x120 [ 115.844415][ T6709] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 115.844454][ T6709] ? prepare_creds+0x2c/0x950 [ 115.844490][ T6709] ? __x64_sys_futex+0x34f/0x4d0 [ 115.844522][ T6709] ? __x64_sys_futex+0x358/0x4d0 [ 115.844560][ T6709] prepare_creds+0x2c/0x950 [ 115.844599][ T6709] __sys_setreuid+0x109/0xb00 [ 115.844631][ T6709] do_syscall_64+0x106/0xf80 [ 115.844661][ T6709] ? clear_bhb_loop+0x40/0x90 [ 115.844692][ T6709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.844717][ T6709] RIP: 0033:0x7fa537b9c799 [ 115.844738][ T6709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 115.844762][ T6709] RSP: 002b:00007fa538ae1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 115.844787][ T6709] RAX: ffffffffffffffda RBX: 00007fa537e15fa0 RCX: 00007fa537b9c799 [ 115.844806][ T6709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 115.844823][ T6709] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 115.844840][ T6709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.844856][ T6709] R13: 00007fa537e16038 R14: 00007fa537e15fa0 R15: 00007ffffe37a608 [ 115.844890][ T6709] [ 116.216825][ T6715] futex_wake_op: syz.3.247 tries to shift op by -2048; fix this program [ 116.266434][ T6715] 0x000000000001-0x000000020000 : "" [ 116.271060][ T6715] ftl_cs: FTL header corrupt! [ 116.847442][ T6736] FAULT_INJECTION: forcing a failure. [ 116.847442][ T6736] name failslab, interval 1, probability 0, space 0, times 0 [ 116.882626][ T6736] CPU: 1 UID: 0 PID: 6736 Comm: syz.3.252 Tainted: G L syzkaller #0 PREEMPT(full) [ 116.882653][ T6736] Tainted: [L]=SOFTLOCKUP [ 116.882658][ T6736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 116.882669][ T6736] Call Trace: [ 116.882675][ T6736] [ 116.882681][ T6736] dump_stack_lvl+0x100/0x190 [ 116.882708][ T6736] should_fail_ex.cold+0x5/0xa [ 116.882726][ T6736] should_failslab+0xc2/0x120 [ 116.882742][ T6736] __kmalloc_cache_noprof+0x7a/0x6f0 [ 116.882761][ T6736] ? alloc_ldt_struct+0x5d/0x1b0 [ 116.882784][ T6736] ? __pfx_down_write_killable+0x10/0x10 [ 116.882808][ T6736] alloc_ldt_struct+0x5d/0x1b0 [ 116.882830][ T6736] write_ldt+0x62b/0xd40 [ 116.882848][ T6736] ? __pfx_write_ldt+0x10/0x10 [ 116.882863][ T6736] ? xfd_validate_state+0x129/0x190 [ 116.882889][ T6736] __x64_sys_modify_ldt+0xb1/0x170 [ 116.882904][ T6736] do_syscall_64+0x106/0xf80 [ 116.882921][ T6736] ? clear_bhb_loop+0x40/0x90 [ 116.882938][ T6736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.882953][ T6736] RIP: 0033:0x7faed999c799 [ 116.882966][ T6736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 116.882979][ T6736] RSP: 002b:00007faeda7c2028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 116.882993][ T6736] RAX: ffffffffffffffda RBX: 00007faed9c15fa0 RCX: 00007faed999c799 [ 116.883003][ T6736] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 116.883011][ T6736] RBP: 00007faed9a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 116.883020][ T6736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.883027][ T6736] R13: 00007faed9c16038 R14: 00007faed9c15fa0 R15: 00007fffd39a7788 [ 116.883053][ T6736] [ 117.411917][ T6727] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 117.418711][ T6727] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 117.424764][ T6727] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 117.431557][ T6727] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 118.097615][ T6765] netlink: 350 bytes leftover after parsing attributes in process `syz.3.259'. [ 118.681023][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 119.467394][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 119.467448][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.467487][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 119.598807][ T6806] netlink: 350 bytes leftover after parsing attributes in process `syz.2.270'. [ 119.872245][ T6810] netlink: 504 bytes leftover after parsing attributes in process `syz.1.271'. [ 119.886841][ T6810] netlink: 350 bytes leftover after parsing attributes in process `syz.1.271'. [ 120.357011][ T6832] bridge0: port 3(ipvlan0) entered blocking state [ 120.392099][ T6832] bridge0: port 3(ipvlan0) entered disabled state [ 120.416943][ T6832] ipvlan0: entered allmulticast mode [ 120.436910][ T6832] veth0_vlan: entered allmulticast mode [ 120.465183][ T6832] ipvlan0: left allmulticast mode [ 120.482447][ T6832] veth0_vlan: left allmulticast mode [ 120.617653][ T6835] netlink: 350 bytes leftover after parsing attributes in process `syz.1.280'. [ 121.120362][ T6865] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 121.347131][ T6874] netlink: 350 bytes leftover after parsing attributes in process `syz.1.293'. [ 122.447398][ T6881] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 122.467475][ T6881] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 122.474688][ T6881] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 122.497976][ T6881] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 122.737808][ T6910] netlink: 350 bytes leftover after parsing attributes in process `syz.0.303'. [ 123.085192][ T6933] FAULT_INJECTION: forcing a failure. [ 123.085192][ T6933] name failslab, interval 1, probability 0, space 0, times 0 [ 123.100182][ T6933] CPU: 1 UID: 0 PID: 6933 Comm: syz.0.309 Tainted: G L syzkaller #0 PREEMPT(full) [ 123.100227][ T6933] Tainted: [L]=SOFTLOCKUP [ 123.100236][ T6933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 123.100253][ T6933] Call Trace: [ 123.100262][ T6933] [ 123.100273][ T6933] dump_stack_lvl+0x100/0x190 [ 123.100333][ T6933] should_fail_ex.cold+0x5/0xa [ 123.100365][ T6933] ? lsm_blob_alloc+0x68/0x90 [ 123.100397][ T6933] should_failslab+0xc2/0x120 [ 123.100426][ T6933] __kmalloc_noprof+0xe0/0x850 [ 123.100477][ T6933] ? trace_kmem_cache_alloc+0xf3/0x120 [ 123.100513][ T6933] lsm_blob_alloc+0x68/0x90 [ 123.100548][ T6933] security_sk_alloc+0x2d/0x290 [ 123.100589][ T6933] sk_prot_alloc+0x1d1/0x2a0 [ 123.100632][ T6933] sk_alloc+0x36/0xe80 [ 123.100662][ T6933] rxrpc_create+0x116/0x8d0 [ 123.100694][ T6933] __sock_create+0x339/0x860 [ 123.100742][ T6933] __sys_socket+0x14d/0x260 [ 123.100769][ T6933] ? __pfx___sys_socket+0x10/0x10 [ 123.100823][ T6933] __x64_sys_socket+0x72/0xb0 [ 123.100847][ T6933] ? lockdep_hardirqs_on+0x78/0x100 [ 123.100881][ T6933] do_syscall_64+0x106/0xf80 [ 123.100912][ T6933] ? clear_bhb_loop+0x40/0x90 [ 123.100945][ T6933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.100972][ T6933] RIP: 0033:0x7fa537b9c799 [ 123.101004][ T6933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 123.101031][ T6933] RSP: 002b:00007fa538ae1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 123.101057][ T6933] RAX: ffffffffffffffda RBX: 00007fa537e15fa0 RCX: 00007fa537b9c799 [ 123.101076][ T6933] RDX: 000000000000000a RSI: 0000000000000002 RDI: 0000000000000021 [ 123.101092][ T6933] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 123.101109][ T6933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.101126][ T6933] R13: 00007fa537e16038 R14: 00007fa537e15fa0 R15: 00007ffffe37a608 [ 123.101163][ T6933] [ 123.488636][ T30] audit: type=1800 audit(4294967331.940:6): pid=6939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.311" name="lu_gp_id" dev="configfs" ino=12734 res=0 errno=0 [ 123.631904][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.703054][ T6939] ALUA LU Group already has a valid ID, ignoring request [ 123.861286][ T6951] futex_wake_op: syz.3.316 tries to shift op by -2048; fix this program [ 123.891295][ T6951] 0x000000000001-0x000000020000 : "" [ 123.922725][ T6951] ftl_cs: FTL header corrupt! [ 124.221883][ T6956] netlink: 350 bytes leftover after parsing attributes in process `syz.0.317'. [ 124.507399][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 124.513486][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 124.519629][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 124.554495][ T6943] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 124.561218][ T6943] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 124.577508][ T6943] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 124.583613][ T6943] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 125.681909][ T7006] futex_wake_op: syz.0.328 tries to shift op by -2048; fix this program [ 125.724486][ T7006] 0x000000000001-0x000000020000 : "" [ 125.740146][ T7006] ftl_cs: FTL header corrupt! [ 125.787305][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 125.814089][ T7011] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 126.344536][ T7025] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 126.442204][ T7024] netlink: 504 bytes leftover after parsing attributes in process `syz.0.335'. [ 126.487626][ T7024] netlink: 350 bytes leftover after parsing attributes in process `syz.0.335'. [ 126.580017][ T7034] FAULT_INJECTION: forcing a failure. [ 126.580017][ T7034] name failslab, interval 1, probability 0, space 0, times 0 [ 126.597340][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.603436][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 126.609753][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 126.637301][ T7034] CPU: 0 UID: 0 PID: 7034 Comm: syz.3.337 Tainted: G L syzkaller #0 PREEMPT(full) [ 126.637327][ T7034] Tainted: [L]=SOFTLOCKUP [ 126.637332][ T7034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 126.637341][ T7034] Call Trace: [ 126.637347][ T7034] [ 126.637354][ T7034] dump_stack_lvl+0x100/0x190 [ 126.637381][ T7034] should_fail_ex.cold+0x5/0xa [ 126.637399][ T7034] should_failslab+0xc2/0x120 [ 126.637414][ T7034] __kmalloc_cache_noprof+0x7a/0x6f0 [ 126.637432][ T7034] ? do_inotify_init+0xa4/0x5e0 [ 126.637451][ T7034] ? mutex_init_lockep+0x110/0x150 [ 126.637472][ T7034] do_inotify_init+0xa4/0x5e0 [ 126.637492][ T7034] __x64_sys_inotify_init1+0x30/0x40 [ 126.637511][ T7034] do_syscall_64+0x106/0xf80 [ 126.637528][ T7034] ? clear_bhb_loop+0x40/0x90 [ 126.637546][ T7034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.637562][ T7034] RIP: 0033:0x7faed999c799 [ 126.637575][ T7034] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 126.637588][ T7034] RSP: 002b:00007faeda7c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000126 [ 126.637602][ T7034] RAX: ffffffffffffffda RBX: 00007faed9c15fa0 RCX: 00007faed999c799 [ 126.637612][ T7034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0003000000000000 [ 126.637620][ T7034] RBP: 00007faed9a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 126.637628][ T7034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.637636][ T7034] R13: 00007faed9c16038 R14: 00007faed9c15fa0 R15: 00007fffd39a7788 [ 126.637655][ T7034] [ 127.210902][ T7022] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 127.235085][ T7022] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 127.251488][ T7022] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 127.269664][ T7022] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 127.798498][ T7063] futex_wake_op: syz.2.344 tries to shift op by -2048; fix this program [ 127.822968][ T7063] 0x000000000001-0x000000020000 : "" [ 127.867623][ T7063] ftl_cs: FTL header corrupt! [ 128.017936][ T7069] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 128.357428][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 128.449055][ T7077] netlink: 'syz.3.348': attribute type 1 has an invalid length. [ 128.462963][ T7080] FAULT_INJECTION: forcing a failure. [ 128.462963][ T7080] name failslab, interval 1, probability 0, space 0, times 0 [ 128.532315][ T7074] netlink: 504 bytes leftover after parsing attributes in process `syz.1.347'. [ 128.579169][ T7080] CPU: 0 UID: 0 PID: 7080 Comm: syz.2.349 Tainted: G L syzkaller #0 PREEMPT(full) [ 128.579214][ T7080] Tainted: [L]=SOFTLOCKUP [ 128.579223][ T7080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 128.579239][ T7080] Call Trace: [ 128.579262][ T7080] [ 128.579273][ T7080] dump_stack_lvl+0x100/0x190 [ 128.579319][ T7080] should_fail_ex.cold+0x5/0xa [ 128.579352][ T7080] should_failslab+0xc2/0x120 [ 128.579381][ T7080] __kmalloc_cache_noprof+0x7a/0x6f0 [ 128.579416][ T7080] ? file_f_owner_allocate+0x84/0x130 [ 128.579458][ T7080] file_f_owner_allocate+0x84/0x130 [ 128.579493][ T7080] do_fcntl+0x1025/0x1670 [ 128.579529][ T7080] ? __pfx_do_fcntl+0x10/0x10 [ 128.579560][ T7080] ? __fget_files+0x215/0x3d0 [ 128.579597][ T7080] ? tomoyo_file_fcntl+0x6c/0xc0 [ 128.579639][ T7080] __x64_sys_fcntl+0x163/0x200 [ 128.579678][ T7080] do_syscall_64+0x106/0xf80 [ 128.579709][ T7080] ? clear_bhb_loop+0x40/0x90 [ 128.579743][ T7080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.579769][ T7080] RIP: 0033:0x7fe3a5b9c799 [ 128.579791][ T7080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.579817][ T7080] RSP: 002b:00007fe3a6980028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 128.579842][ T7080] RAX: ffffffffffffffda RBX: 00007fe3a5e15fa0 RCX: 00007fe3a5b9c799 [ 128.579860][ T7080] RDX: 0000000000000002 RSI: 000000000000000a RDI: 0000000000000003 [ 128.579876][ T7080] RBP: 00007fe3a5c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 128.579892][ T7080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.579907][ T7080] R13: 00007fe3a5e16038 R14: 00007fe3a5e15fa0 R15: 00007ffc89969328 [ 128.579938][ T7080] [ 128.604555][ T7074] netlink: 350 bytes leftover after parsing attributes in process `syz.1.347'. [ 129.317379][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 129.323429][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 129.329959][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 129.577764][ T7110] usb usb2: usbfs: process 7110 (syz.0.358) did not claim interface 4 before use [ 129.898812][ T7115] zswap: compressor 000 not available [ 129.921702][ T7120] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 130.619802][ T7145] vivid-007: ================= START STATUS ================= [ 130.641986][ T7145] vivid-007: Enable Output Cropping: true grabbed [ 130.671096][ T7145] vivid-007: Enable Output Composing: true grabbed [ 130.698909][ T7145] vivid-007: Enable Output Scaler: true grabbed [ 130.725698][ T7145] vivid-007: Tx RGB Quantization Range: Automatic grabbed [ 130.745754][ T7145] vivid-007: Transmit Mode: HDMI grabbed [ 130.764507][ T7145] vivid-007: Hotplug Present: 0x00000000 [ 130.779353][ T7145] vivid-007: RxSense Present: 0x00000000 [ 130.785122][ T7145] vivid-007: EDID Present: 0x00000000 [ 130.808792][ T7145] vivid-007: ================== END STATUS ================== [ 131.174374][ T7154] ima: policy update failed [ 131.188091][ T30] audit: type=1807 audit(4294967339.620:7): UNKNOWN=1 res=0 [ 131.195455][ T30] audit: type=1802 audit(4294967339.620:8): pid=7155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.372" res=0 errno=0 [ 131.296946][ T30] audit: type=1802 audit(4294967339.630:9): pid=7154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.372" res=0 errno=0 [ 131.800058][ T7148] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 131.808592][ T7148] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 131.815725][ T7148] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 131.823741][ T7148] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 131.832888][ T7173] netlink: 504 bytes leftover after parsing attributes in process `syz.0.376'. [ 131.853922][ T7173] netlink: 350 bytes leftover after parsing attributes in process `syz.0.376'. [ 131.952207][ T7175] FAULT_INJECTION: forcing a failure. [ 131.952207][ T7175] name failslab, interval 1, probability 0, space 0, times 0 [ 131.965317][ T7175] CPU: 1 UID: 0 PID: 7175 Comm: syz.1.377 Tainted: G L syzkaller #0 PREEMPT(full) [ 131.965363][ T7175] Tainted: [L]=SOFTLOCKUP [ 131.965373][ T7175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 131.965390][ T7175] Call Trace: [ 131.965400][ T7175] [ 131.965411][ T7175] dump_stack_lvl+0x100/0x190 [ 131.965461][ T7175] should_fail_ex.cold+0x5/0xa [ 131.965496][ T7175] should_failslab+0xc2/0x120 [ 131.965526][ T7175] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 131.965576][ T7175] ? prepare_creds+0x2c/0x950 [ 131.965616][ T7175] ? apparmor_capable+0x1d7/0x4d0 [ 131.965655][ T7175] ? __x64_sys_futex+0x358/0x4d0 [ 131.965698][ T7175] prepare_creds+0x2c/0x950 [ 131.965741][ T7175] __sys_setresuid+0x458/0x1280 [ 131.965776][ T7175] do_syscall_64+0x106/0xf80 [ 131.965809][ T7175] ? clear_bhb_loop+0x40/0x90 [ 131.965846][ T7175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.965875][ T7175] RIP: 0033:0x7f3a8c39c799 [ 131.965899][ T7175] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 131.965926][ T7175] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 131.965954][ T7175] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 131.965973][ T7175] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 131.965989][ T7175] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 131.966006][ T7175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.966022][ T7175] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 131.966060][ T7175] [ 132.171395][ T7177] ubi2: attaching mtd3 [ 132.177273][ T7177] ubi2: scanning is finished [ 132.181908][ T7177] ubi2 error: ubi_read_volume_table: the layout volume was not found [ 132.349315][ T7177] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd3, error -22 [ 132.657342][ T7185] netlink: 350 bytes leftover after parsing attributes in process `syz.1.382'. [ 132.832552][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.847377][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.160883][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 133.363648][ T7218] block2mtd: error: cannot open device i [ 133.868219][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 133.874729][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 133.881210][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.584898][ T7275] netlink: 504 bytes leftover after parsing attributes in process `syz.0.405'. [ 135.641667][ T7275] netlink: 350 bytes leftover after parsing attributes in process `syz.0.405'. [ 135.669517][ T7278] vivid-007: ================= START STATUS ================= [ 135.726179][ T7278] vivid-007: Generate PTS: true [ 135.762015][ T7278] vivid-007: Generate SCR: true [ 135.781947][ T7278] tpg source WxH: 320x240 (Y'CbCr) [ 135.816336][ T7278] tpg field: 1 [ 135.827756][ T7278] tpg crop: (0,0)/320x240 [ 135.832446][ T7278] tpg compose: (0,0)/320x240 [ 135.857339][ T7278] tpg colorspace: 8 [ 135.874643][ T7278] tpg transfer function: 0/0 [ 135.884869][ T7278] tpg Y'CbCr encoding: 0/0 [ 135.913012][ T7284] MTRR 1 not used [ 135.945972][ T7278] tpg quantization: 0/0 [ 135.970890][ T7278] tpg RGB range: 0/2 [ 135.992671][ T7278] vivid-007: ================== END STATUS ================== [ 136.477674][ T7295] netlink: 350 bytes leftover after parsing attributes in process `syz.2.412'. [ 136.903707][ T7288] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 136.918051][ T7288] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 136.934978][ T7288] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 136.947510][ T7288] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 138.276626][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout [ 138.987365][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout [ 138.987497][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 138.993650][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout [ 139.313178][ T7339] netlink: 350 bytes leftover after parsing attributes in process `syz.2.423'. [ 139.937375][ T7350] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 140.128066][ T30] audit: type=1807 audit(4294967348.570:10): UNKNOWN=1 res=0 [ 140.135524][ T30] audit: type=1802 audit(4294967348.570:11): pid=7357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.428" res=0 errno=0 [ 140.153594][ T7356] ima: policy update failed [ 140.257269][ T30] audit: type=1802 audit(4294967348.670:12): pid=7356 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.428" res=0 errno=0 [ 140.366613][ T7362] FAULT_INJECTION: forcing a failure. [ 140.366613][ T7362] name failslab, interval 1, probability 0, space 0, times 0 [ 140.399184][ T7362] CPU: 1 UID: 0 PID: 7362 Comm: syz.3.430 Tainted: G L syzkaller #0 PREEMPT(full) [ 140.399230][ T7362] Tainted: [L]=SOFTLOCKUP [ 140.399240][ T7362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 140.399256][ T7362] Call Trace: [ 140.399265][ T7362] [ 140.399276][ T7362] dump_stack_lvl+0x100/0x190 [ 140.399324][ T7362] should_fail_ex.cold+0x5/0xa [ 140.399356][ T7362] ? inotify_handle_inode_event+0x1a5/0x6a0 [ 140.399392][ T7362] should_failslab+0xc2/0x120 [ 140.399421][ T7362] __kmalloc_noprof+0xe0/0x850 [ 140.399470][ T7362] inotify_handle_inode_event+0x1a5/0x6a0 [ 140.399515][ T7362] ? __pfx_inotify_handle_inode_event+0x10/0x10 [ 140.399552][ T7362] fsnotify_handle_inode_event.isra.0+0x1e3/0x410 [ 140.399587][ T7362] fsnotify+0x187d/0x3550 [ 140.399624][ T7362] ? __pfx_fsnotify+0x10/0x10 [ 140.399647][ T7362] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 140.399699][ T7362] ? __pfx_task_work_add+0x10/0x10 [ 140.399745][ T7362] __fsnotify_parent+0x704/0xca0 [ 140.399781][ T7362] ? __pfx___fsnotify_parent+0x10/0x10 [ 140.399818][ T7362] ? __pfx___might_resched+0x10/0x10 [ 140.399864][ T7362] ? __fput+0x30d/0xb40 [ 140.399892][ T7362] __fput+0x30d/0xb40 [ 140.399941][ T7362] task_work_run+0x150/0x240 [ 140.399982][ T7362] ? __pfx_task_work_run+0x10/0x10 [ 140.400032][ T7362] exit_to_user_mode_loop+0x100/0x4a0 [ 140.400070][ T7362] do_syscall_64+0x668/0xf80 [ 140.400103][ T7362] ? clear_bhb_loop+0x40/0x90 [ 140.400138][ T7362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.400166][ T7362] RIP: 0033:0x7faed999c799 [ 140.400190][ T7362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 140.400216][ T7362] RSP: 002b:00007faeda7c2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 140.400242][ T7362] RAX: 0000000000000000 RBX: 00007faed9c15fa0 RCX: 00007faed999c799 [ 140.400260][ T7362] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 140.400276][ T7362] RBP: 00007faed9a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 140.400293][ T7362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 140.400309][ T7362] R13: 00007faed9c16038 R14: 00007faed9c15fa0 R15: 00007fffd39a7788 [ 140.400348][ T7362] [ 141.358690][ T7384] futex_wake_op: syz.3.436 tries to shift op by -2048; fix this program [ 141.368284][ T7384] 0x000000000001-0x000000020000 : "" [ 141.495939][ T7384] ftl_cs: FTL header corrupt! [ 142.355250][ T7405] FAULT_INJECTION: forcing a failure. [ 142.355250][ T7405] name failslab, interval 1, probability 0, space 0, times 0 [ 142.422909][ T7405] CPU: 0 UID: 0 PID: 7405 Comm: syz.2.440 Tainted: G L syzkaller #0 PREEMPT(full) [ 142.422936][ T7405] Tainted: [L]=SOFTLOCKUP [ 142.422942][ T7405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 142.422950][ T7405] Call Trace: [ 142.422957][ T7405] [ 142.422964][ T7405] dump_stack_lvl+0x100/0x190 [ 142.422992][ T7405] should_fail_ex.cold+0x5/0xa [ 142.423010][ T7405] should_failslab+0xc2/0x120 [ 142.423026][ T7405] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 142.423050][ T7405] ? __anon_vma_prepare+0x344/0x5e0 [ 142.423073][ T7405] __anon_vma_prepare+0x344/0x5e0 [ 142.423092][ T7405] ? __filemap_get_folio_mpol+0x3ba/0xe70 [ 142.423116][ T7405] __vmf_anon_prepare+0x11f/0x250 [ 142.423134][ T7405] hugetlb_no_page+0xe28/0x1970 [ 142.423159][ T7405] hugetlb_fault+0x5df/0x1450 [ 142.423179][ T7405] ? __pfx_hugetlb_fault+0x10/0x10 [ 142.423223][ T7405] ? find_vma+0xbf/0x140 [ 142.423242][ T7405] ? __pfx_find_vma+0x10/0x10 [ 142.423259][ T7405] handle_mm_fault+0x5f1/0xa20 [ 142.423351][ T7405] do_user_addr_fault+0x74c/0x12f0 [ 142.423389][ T7405] exc_page_fault+0x6f/0xd0 [ 142.423409][ T7405] asm_exc_page_fault+0x26/0x30 [ 142.423424][ T7405] RIP: 0010:__put_user_4+0xd/0x20 [ 142.423441][ T7405] Code: 66 89 01 31 c9 0f 01 ca e9 c0 d0 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 97 d0 03 00 0f 1f 80 00 00 00 00 90 90 90 [ 142.423455][ T7405] RSP: 0018:ffffc90004ab7e58 EFLAGS: 00050202 [ 142.423468][ T7405] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000007 [ 142.423477][ T7405] RDX: 0000000000000000 RSI: ffffffff8255f691 RDI: ffff88803865245c [ 142.423485][ T7405] RBP: 0000000000000002 R08: 0000000000000001 R09: 00000000000001c5 [ 142.423493][ T7405] R10: 0000000000000200 R11: 0000000000000000 R12: 1ffff92000956fce [ 142.423502][ T7405] R13: 0000000000000007 R14: 0000000000000000 R15: dffffc0000000000 [ 142.423517][ T7405] ? __might_fault+0x111/0x140 [ 142.423541][ T7405] __do_sys_prctl+0xd67/0x2330 [ 142.423563][ T7405] ? __pfx___do_sys_prctl+0x10/0x10 [ 142.423589][ T7405] do_syscall_64+0x106/0xf80 [ 142.423605][ T7405] ? clear_bhb_loop+0x40/0x90 [ 142.423623][ T7405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.423637][ T7405] RIP: 0033:0x7fe3a5b9c799 [ 142.423650][ T7405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 142.423663][ T7405] RSP: 002b:00007fe3a6980028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 142.423676][ T7405] RAX: ffffffffffffffda RBX: 00007fe3a5e15fa0 RCX: 00007fe3a5b9c799 [ 142.423685][ T7405] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000002 [ 142.423693][ T7405] RBP: 00007fe3a5c32bd9 R08: 0000000000000001 R09: 0000000000000000 [ 142.423701][ T7405] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 142.423709][ T7405] R13: 00007fe3a5e16038 R14: 00007fe3a5e15fa0 R15: 00007ffc89969328 [ 142.423734][ T7405] [ 144.232170][ T7427] FAULT_INJECTION: forcing a failure. [ 144.232170][ T7427] name fail_futex, interval 1, probability 0, space 0, times 1 [ 144.245170][ T7427] CPU: 1 UID: 0 PID: 7427 Comm: syz.0.445 Tainted: G L syzkaller #0 PREEMPT(full) [ 144.245195][ T7427] Tainted: [L]=SOFTLOCKUP [ 144.245200][ T7427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 144.245210][ T7427] Call Trace: [ 144.245215][ T7427] [ 144.245221][ T7427] dump_stack_lvl+0x100/0x190 [ 144.245248][ T7427] should_fail_ex.cold+0x5/0xa [ 144.245267][ T7427] should_fail_futex+0x4c/0x60 [ 144.245284][ T7427] futex_lock_pi_atomic+0x12d/0xaf0 [ 144.245309][ T7427] futex_lock_pi+0x246/0x7b0 [ 144.245332][ T7427] ? __pfx_futex_lock_pi+0x10/0x10 [ 144.245351][ T7427] ? preempt_schedule_common+0x42/0xc0 [ 144.245369][ T7427] ? preempt_schedule_thunk+0x16/0x30 [ 144.245394][ T7427] ? __pfx_try_to_wake_up+0x10/0x10 [ 144.245413][ T7427] ? futex_private_hash_put+0x107/0x1c0 [ 144.245433][ T7427] ? __pfx_futex_wake_mark+0x10/0x10 [ 144.245459][ T7427] ? ksys_write+0x190/0x250 [ 144.245471][ T7427] ? ksys_write+0x190/0x250 [ 144.245487][ T7427] do_futex+0x18a/0x350 [ 144.245506][ T7427] ? __pfx_do_futex+0x10/0x10 [ 144.245529][ T7427] __x64_sys_futex+0x34f/0x4d0 [ 144.245549][ T7427] ? __pfx___x64_sys_futex+0x10/0x10 [ 144.245574][ T7427] do_syscall_64+0x106/0xf80 [ 144.245591][ T7427] ? clear_bhb_loop+0x40/0x90 [ 144.245608][ T7427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.245623][ T7427] RIP: 0033:0x7fa537b9c799 [ 144.245637][ T7427] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 144.245651][ T7427] RSP: 002b:00007fa538ae1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 144.245665][ T7427] RAX: ffffffffffffffda RBX: 00007fa537e15fa0 RCX: 00007fa537b9c799 [ 144.245674][ T7427] RDX: 000000000000001f RSI: 0000000000000006 RDI: 0000000000000000 [ 144.245682][ T7427] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 000000008000fff5 [ 144.245698][ T7427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.245707][ T7427] R13: 00007fa537e16038 R14: 00007fa537e15fa0 R15: 00007ffffe37a608 [ 144.245727][ T7427] [ 145.831115][ T7472] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 147.293750][ T7513] FAULT_INJECTION: forcing a failure. [ 147.293750][ T7513] name failslab, interval 1, probability 0, space 0, times 0 [ 147.347936][ T7513] CPU: 0 UID: 0 PID: 7513 Comm: syz.3.469 Tainted: G L syzkaller #0 PREEMPT(full) [ 147.347983][ T7513] Tainted: [L]=SOFTLOCKUP [ 147.347993][ T7513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 147.348009][ T7513] Call Trace: [ 147.348017][ T7513] [ 147.348028][ T7513] dump_stack_lvl+0x100/0x190 [ 147.348073][ T7513] should_fail_ex.cold+0x5/0xa [ 147.348106][ T7513] should_failslab+0xc2/0x120 [ 147.348134][ T7513] __kmalloc_cache_noprof+0x7a/0x6f0 [ 147.348169][ T7513] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 147.348211][ T7513] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 147.348255][ T7513] snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 147.348296][ T7513] ? rcu_is_watching+0x12/0xc0 [ 147.348336][ T7513] ? trace_contention_end+0x140/0x180 [ 147.348377][ T7513] ? snd_pcm_oss_write+0x49a/0xa30 [ 147.348402][ T7513] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 147.348442][ T7513] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 147.348471][ T7513] ? lockdep_hardirqs_on+0x78/0x100 [ 147.348504][ T7513] ? __pfx___mutex_lock+0x10/0x10 [ 147.348548][ T7513] ? __pfx___might_resched+0x10/0x10 [ 147.348607][ T7513] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 147.348655][ T7513] snd_pcm_oss_write+0x4bb/0xa30 [ 147.348685][ T7513] ? bpf_lsm_file_permission+0x9/0x10 [ 147.348723][ T7513] ? security_file_permission+0x76/0x210 [ 147.348758][ T7513] vfs_write+0x2aa/0x1070 [ 147.348798][ T7513] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 147.348826][ T7513] ? __pfx_vfs_write+0x10/0x10 [ 147.348860][ T7513] ? find_held_lock+0x2b/0x80 [ 147.348882][ T7513] ? __fget_files+0x215/0x3d0 [ 147.348904][ T7513] ? __fget_files+0x215/0x3d0 [ 147.348931][ T7513] ? __fget_files+0x21f/0x3d0 [ 147.348962][ T7513] ksys_write+0x12a/0x250 [ 147.348983][ T7513] ? __pfx_ksys_write+0x10/0x10 [ 147.349015][ T7513] do_syscall_64+0x106/0xf80 [ 147.349042][ T7513] ? clear_bhb_loop+0x40/0x90 [ 147.349072][ T7513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.349096][ T7513] RIP: 0033:0x7faed999c799 [ 147.349117][ T7513] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 147.349139][ T7513] RSP: 002b:00007faeda7c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 147.349163][ T7513] RAX: ffffffffffffffda RBX: 00007faed9c15fa0 RCX: 00007faed999c799 [ 147.349179][ T7513] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 147.349193][ T7513] RBP: 00007faed9a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 147.349207][ T7513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.349236][ T7513] R13: 00007faed9c16038 R14: 00007faed9c15fa0 R15: 00007fffd39a7788 [ 147.349269][ T7513] [ 148.213700][ T7524] netlink: 'syz.2.474': attribute type 11 has an invalid length. [ 148.417024][ T7528] vivid-007: ================= START STATUS ================= [ 148.425427][ T7528] vivid-007: Generate PTS: true [ 148.456258][ T7528] vivid-007: Generate SCR: true [ 148.469755][ T7528] tpg source WxH: 320x240 (Y'CbCr) [ 148.474939][ T7528] tpg field: 1 [ 148.497301][ T7528] tpg crop: (0,0)/320x240 [ 148.506536][ T7528] tpg compose: (0,0)/320x240 [ 148.517912][ T7528] tpg colorspace: 8 [ 148.531997][ T7528] tpg transfer function: 0/0 [ 148.536651][ T7528] tpg Y'CbCr encoding: 0/0 [ 148.578658][ T7528] tpg quantization: 0/0 [ 148.582927][ T7528] tpg RGB range: 0/2 [ 148.598014][ T7528] vivid-007: ================== END STATUS ================== [ 150.055891][ T7569] netlink: 504 bytes leftover after parsing attributes in process `syz.3.489'. [ 150.097761][ T7569] netlink: 350 bytes leftover after parsing attributes in process `syz.3.489'. [ 150.387384][ T7578] vivid-007: ================= START STATUS ================= [ 150.437343][ T7578] vivid-007: Generate PTS: true [ 150.455490][ T7578] vivid-007: Generate SCR: true [ 150.467477][ T7578] tpg source WxH: 320x240 (Y'CbCr) [ 150.487223][ T7578] tpg field: 1 [ 150.525243][ T7578] tpg crop: (0,0)/320x240 [ 150.538984][ T7578] tpg compose: (0,0)/320x240 [ 150.557264][ T7578] tpg colorspace: 8 [ 150.567359][ T7578] tpg transfer function: 0/0 [ 150.571974][ T7578] tpg Y'CbCr encoding: 0/0 [ 150.748111][ T7578] tpg quantization: 0/0 [ 150.752503][ T7578] tpg RGB range: 0/2 [ 150.776985][ T7578] vivid-007: ================== END STATUS ================== [ 151.063829][ T7586] FAULT_INJECTION: forcing a failure. [ 151.063829][ T7586] name failslab, interval 1, probability 0, space 0, times 0 [ 151.124849][ T7586] CPU: 1 UID: 0 PID: 7586 Comm: syz.1.492 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 151.124885][ T7586] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 151.124893][ T7586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 151.124901][ T7586] Call Trace: [ 151.124907][ T7586] [ 151.124913][ T7586] dump_stack_lvl+0x100/0x190 [ 151.124940][ T7586] should_fail_ex.cold+0x5/0xa [ 151.124959][ T7586] ? drm_atomic_state_init+0x190/0x490 [ 151.124974][ T7586] should_failslab+0xc2/0x120 [ 151.124990][ T7586] __kmalloc_noprof+0xe0/0x850 [ 151.125016][ T7586] drm_atomic_state_init+0x190/0x490 [ 151.125040][ T7586] ? kasan_save_track+0x14/0x30 [ 151.125065][ T7586] drm_atomic_state_alloc+0xd3/0x120 [ 151.125081][ T7586] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 151.125101][ T7586] ? trace_contention_end+0x140/0x180 [ 151.125122][ T7586] ? __mutex_lock+0x26a/0x1b90 [ 151.125141][ T7586] ? __mutex_lock+0x26a/0x1b90 [ 151.125159][ T7586] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 151.125177][ T7586] ? drm_master_internal_acquire+0x21/0x80 [ 151.125213][ T7586] drm_client_modeset_commit_locked+0x14d/0x580 [ 151.125236][ T7586] drm_client_modeset_commit+0x4f/0x80 [ 151.125254][ T7586] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 151.125274][ T7586] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 151.125294][ T7586] drm_fbdev_client_restore+0x1b/0x30 [ 151.125316][ T7586] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 151.125338][ T7586] drm_client_dev_restore+0x205/0x2a0 [ 151.125359][ T7586] drm_release+0x2c6/0x360 [ 151.125375][ T7586] ? __pfx_drm_release+0x10/0x10 [ 151.125390][ T7586] __fput+0x3ff/0xb40 [ 151.125412][ T7586] task_work_run+0x150/0x240 [ 151.125433][ T7586] ? __pfx_task_work_run+0x10/0x10 [ 151.125459][ T7586] exit_to_user_mode_loop+0x100/0x4a0 [ 151.125480][ T7586] do_syscall_64+0x668/0xf80 [ 151.125497][ T7586] ? clear_bhb_loop+0x40/0x90 [ 151.125515][ T7586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.125529][ T7586] RIP: 0033:0x7f3a8c39c799 [ 151.125542][ T7586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 151.125555][ T7586] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 151.125570][ T7586] RAX: 0000000000000000 RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 151.125579][ T7586] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 151.125587][ T7586] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 151.125595][ T7586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.125603][ T7586] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 151.125623][ T7586] [ 152.727385][ T7614] netlink: 504 bytes leftover after parsing attributes in process `syz.3.499'. [ 152.737487][ T7614] netlink: 350 bytes leftover after parsing attributes in process `syz.3.499'. [ 155.628313][ T7677] netlink: 350 bytes leftover after parsing attributes in process `syz.3.516'. [ 156.162659][ T7690] CIFS: VFS: Invalid SecurityFlags: [ 157.928011][ T7720] syz.2.528 (7720): /proc/7719/oom_adj is deprecated, please use /proc/7719/oom_score_adj instead. [ 158.058864][ T7723] FAULT_INJECTION: forcing a failure. [ 158.058864][ T7723] name failslab, interval 1, probability 0, space 0, times 0 [ 158.157694][ T7723] CPU: 0 UID: 0 PID: 7723 Comm: syz.1.529 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 158.157769][ T7723] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 158.157785][ T7723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 158.157802][ T7723] Call Trace: [ 158.157812][ T7723] [ 158.157823][ T7723] dump_stack_lvl+0x100/0x190 [ 158.157870][ T7723] should_fail_ex.cold+0x5/0xa [ 158.157905][ T7723] should_failslab+0xc2/0x120 [ 158.157935][ T7723] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 158.157978][ T7723] ? alloc_io_context+0x21/0x2f0 [ 158.158005][ T7723] ? set_task_ioprio+0x48f/0x670 [ 158.158040][ T7723] alloc_io_context+0x21/0x2f0 [ 158.158068][ T7723] set_task_ioprio+0x49e/0x670 [ 158.158102][ T7723] __do_sys_ioprio_set+0x55c/0xb40 [ 158.158142][ T7723] ? __do_sys_ioprio_set+0x3de/0xb40 [ 158.158193][ T7723] do_syscall_64+0x106/0xf80 [ 158.158227][ T7723] ? clear_bhb_loop+0x40/0x90 [ 158.158262][ T7723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.158291][ T7723] RIP: 0033:0x7f3a8c39c799 [ 158.158315][ T7723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 158.158342][ T7723] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fb [ 158.158368][ T7723] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 158.158387][ T7723] RDX: 0000000000004b34 RSI: 0000000000000000 RDI: 0000000000000003 [ 158.158404][ T7723] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 158.158421][ T7723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.158438][ T7723] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 158.158479][ T7723] [ 159.881244][ T7745] netlink: 350 bytes leftover after parsing attributes in process `syz.2.537'. syzkaller syzkaller login: [ 161.409047][ T7765] FAULT_INJECTION: forcing a failure. [ 161.409047][ T7765] name failslab, interval 1, probability 0, space 0, times 0 [ 161.449244][ T7765] CPU: 0 UID: 0 PID: 7765 Comm: syz.0.544 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 161.449309][ T7765] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 161.449325][ T7765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 161.449342][ T7765] Call Trace: [ 161.449351][ T7765] [ 161.449362][ T7765] dump_stack_lvl+0x100/0x190 [ 161.449412][ T7765] should_fail_ex.cold+0x5/0xa [ 161.449446][ T7765] ? constrain_params_by_rules+0x175/0xcc0 [ 161.449476][ T7765] should_failslab+0xc2/0x120 [ 161.449506][ T7765] __kmalloc_noprof+0xe0/0x850 [ 161.449556][ T7765] constrain_params_by_rules+0x175/0xcc0 [ 161.449596][ T7765] ? arch_stack_walk+0xa6/0xf0 [ 161.449638][ T7765] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 161.449668][ T7765] ? stack_trace_save+0x8e/0xc0 [ 161.449702][ T7765] ? kfree+0x1f6/0x6b0 [ 161.449733][ T7765] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850 [ 161.449787][ T7765] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 161.449829][ T7765] ? snd_pcm_oss_read+0x3d4/0x730 [ 161.449854][ T7765] ? vfs_read+0x1e4/0xb30 [ 161.449892][ T7765] ? ksys_read+0x12a/0x250 [ 161.449930][ T7765] ? do_syscall_64+0x106/0xf80 [ 161.449962][ T7765] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.449989][ T7765] ? snd_interval_refine+0x2d0/0x580 [ 161.450029][ T7765] snd_pcm_hw_refine+0x7e7/0xad0 [ 161.450067][ T7765] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 161.450120][ T7765] snd_pcm_hw_param_last+0x2b2/0x660 [ 161.450170][ T7765] snd_pcm_hw_param_near.constprop.0+0x546/0x850 [ 161.450220][ T7765] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 161.450266][ T7765] ? calc_src_frames.isra.0+0x17c/0x1c0 [ 161.450302][ T7765] snd_pcm_oss_change_params_locked+0x193a/0x39f0 [ 161.450362][ T7765] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 161.450436][ T7765] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 161.450483][ T7765] snd_pcm_oss_read+0x3d4/0x730 [ 161.450516][ T7765] ? __pfx_snd_pcm_oss_read+0x10/0x10 [ 161.450545][ T7765] vfs_read+0x1e4/0xb30 [ 161.450599][ T7765] ? __pfx_vfs_read+0x10/0x10 [ 161.450639][ T7765] ? find_held_lock+0x2b/0x80 [ 161.450664][ T7765] ? __fget_files+0x215/0x3d0 [ 161.450690][ T7765] ? __fget_files+0x215/0x3d0 [ 161.450722][ T7765] ? __fget_files+0x21f/0x3d0 [ 161.450760][ T7765] ksys_read+0x12a/0x250 [ 161.450801][ T7765] ? __pfx_ksys_read+0x10/0x10 [ 161.450854][ T7765] do_syscall_64+0x106/0xf80 [ 161.450885][ T7765] ? clear_bhb_loop+0x40/0x90 [ 161.450919][ T7765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.450947][ T7765] RIP: 0033:0x7fa537b9c799 [ 161.450969][ T7765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 161.450995][ T7765] RSP: 002b:00007fa538ae1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 161.451021][ T7765] RAX: ffffffffffffffda RBX: 00007fa537e15fa0 RCX: 00007fa537b9c799 [ 161.451040][ T7765] RDX: 0000000000008080 RSI: 0000000000000000 RDI: 0000000000000003 [ 161.451057][ T7765] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 161.451073][ T7765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 161.451088][ T7765] R13: 00007fa537e16038 R14: 00007fa537e15fa0 R15: 00007ffffe37a608 [ 161.451127][ T7765] [ 163.663588][ T7799] netlink: 218 bytes leftover after parsing attributes in process `syz.2.552'. syzkaller syzkaller login: [ 165.883691][ T7823] zswap: compressor not available [ 166.465518][ T7840] netlink: 350 bytes leftover after parsing attributes in process `syz.2.564'. [ 166.505025][ T7849] netlink: 28 bytes leftover after parsing attributes in process `syz.0.565'. [ 166.522617][ T7849] veth1_macvtap: left promiscuous mode [ 166.994543][ T7854] FAULT_INJECTION: forcing a failure. [ 166.994543][ T7854] name failslab, interval 1, probability 0, space 0, times 0 [ 167.095479][ T7854] CPU: 1 UID: 0 PID: 7854 Comm: syz.2.567 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 167.095539][ T7854] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 167.095553][ T7854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 167.095568][ T7854] Call Trace: [ 167.095577][ T7854] [ 167.095586][ T7854] dump_stack_lvl+0x100/0x190 [ 167.095631][ T7854] should_fail_ex.cold+0x5/0xa [ 167.095662][ T7854] should_failslab+0xc2/0x120 [ 167.095690][ T7854] __kmalloc_cache_noprof+0x7a/0x6f0 [ 167.095725][ T7854] ? __kthread_create_on_node+0xce/0x3f0 [ 167.095756][ T7854] ? lockdep_init_map_type+0x5c/0x250 [ 167.095795][ T7854] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 167.095833][ T7854] __kthread_create_on_node+0xce/0x3f0 [ 167.095875][ T7854] ? __pfx___kthread_create_on_node+0x10/0x10 [ 167.095923][ T7854] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 167.095964][ T7854] kthread_create_on_node+0xc7/0x100 [ 167.095997][ T7854] ? __pfx_kthread_create_on_node+0x10/0x10 [ 167.096030][ T7854] ? lockdep_hardirqs_on+0x78/0x100 [ 167.096062][ T7854] ? find_held_lock+0x2b/0x80 [ 167.096086][ T7854] ? tomoyo_notify_gc+0xc6/0x480 [ 167.096119][ T7854] tomoyo_notify_gc+0x102/0x480 [ 167.096142][ T7854] ? ima_iint_find+0xe9/0x130 [ 167.096178][ T7854] ? __pfx_tomoyo_release+0x10/0x10 [ 167.096210][ T7854] tomoyo_release+0x31/0x40 [ 167.096240][ T7854] __fput+0x3ff/0xb40 [ 167.096279][ T7854] task_work_run+0x150/0x240 [ 167.096319][ T7854] ? __pfx_task_work_run+0x10/0x10 [ 167.096363][ T7854] exit_to_user_mode_loop+0x100/0x4a0 [ 167.096400][ T7854] do_syscall_64+0x668/0xf80 [ 167.096428][ T7854] ? clear_bhb_loop+0x40/0x90 [ 167.096463][ T7854] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.096490][ T7854] RIP: 0033:0x7fe3a5b9c799 [ 167.096513][ T7854] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 167.096539][ T7854] RSP: 002b:00007fe3a6980028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 167.096566][ T7854] RAX: 0000000000000000 RBX: 00007fe3a5e15fa0 RCX: 00007fe3a5b9c799 [ 167.096584][ T7854] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 167.096600][ T7854] RBP: 00007fe3a5c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 167.096617][ T7854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.096632][ T7854] R13: 00007fe3a5e16038 R14: 00007fe3a5e15fa0 R15: 00007ffc89969328 [ 167.096669][ T7854] [ 168.208005][ T7879] random: crng reseeded on system resumption [ 169.020012][ T7905] netlink: 28 bytes leftover after parsing attributes in process `syz.0.583'. [ 169.826934][ T7902] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 169.849120][ T7902] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 169.855230][ T7902] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 169.878430][ T7902] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 170.213586][ T7921] FAULT_INJECTION: forcing a failure. [ 170.213586][ T7921] name failslab, interval 1, probability 0, space 0, times 0 [ 170.227069][ T7921] CPU: 1 UID: 0 PID: 7921 Comm: syz.1.585 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 170.227111][ T7921] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 170.227120][ T7921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 170.227161][ T7921] Call Trace: [ 170.227171][ T7921] [ 170.227188][ T7921] dump_stack_lvl+0x100/0x190 [ 170.227269][ T7921] should_fail_ex.cold+0x5/0xa [ 170.227289][ T7921] should_failslab+0xc2/0x120 [ 170.227310][ T7921] __kmalloc_cache_node_noprof+0x7d/0x770 [ 170.227334][ T7921] ? __get_vm_area_node+0x101/0x330 [ 170.227354][ T7921] __get_vm_area_node+0x101/0x330 [ 170.227400][ T7921] __vmalloc_node_range_noprof+0x213/0x1530 [ 170.227423][ T7921] ? kernel_clone+0xfc/0x9a0 [ 170.227439][ T7921] ? local_lock_release+0x99/0x130 [ 170.227460][ T7921] ? kernel_clone+0xfc/0x9a0 [ 170.227477][ T7921] ? find_held_lock+0x2b/0x80 [ 170.227490][ T7921] ? rcu_read_unlock+0x17/0x60 [ 170.227505][ T7921] ? rcu_read_unlock+0x17/0x60 [ 170.227520][ T7921] ? obj_cgroup_charge_account+0x46d/0x640 [ 170.227536][ T7921] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 170.227555][ T7921] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 170.227573][ T7921] ? rcu_is_watching+0x12/0xc0 [ 170.227594][ T7921] ? trace_kmem_cache_alloc+0xf3/0x120 [ 170.227610][ T7921] ? kernel_clone+0xfc/0x9a0 [ 170.227631][ T7921] __vmalloc_node_noprof+0xad/0xf0 [ 170.227648][ T7921] ? kernel_clone+0xfc/0x9a0 [ 170.227665][ T7921] copy_process+0x5ec/0x7a10 [ 170.227682][ T7921] ? __pfx___futex_wait+0x10/0x10 [ 170.227702][ T7921] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 170.227718][ T7921] ? lockdep_hardirqs_on+0x78/0x100 [ 170.227741][ T7921] ? __pfx_copy_process+0x10/0x10 [ 170.227760][ T7921] ? find_held_lock+0x2b/0x80 [ 170.227781][ T7921] kernel_clone+0xfc/0x9a0 [ 170.227795][ T7921] ? __pfx_futex_wait+0x10/0x10 [ 170.227817][ T7921] ? __pfx_kernel_clone+0x10/0x10 [ 170.227843][ T7921] __do_sys_clone+0xd9/0x120 [ 170.227860][ T7921] ? __pfx___do_sys_clone+0x10/0x10 [ 170.227876][ T7921] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 170.227903][ T7921] ? exit_to_user_mode_loop+0xdd/0x4a0 [ 170.227932][ T7921] do_syscall_64+0x106/0xf80 [ 170.227949][ T7921] ? clear_bhb_loop+0x40/0x90 [ 170.227968][ T7921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.227984][ T7921] RIP: 0033:0x7f3a8c39c799 [ 170.227998][ T7921] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 170.228011][ T7921] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 170.228025][ T7921] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 170.228035][ T7921] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 170.228044][ T7921] RBP: 00007f3a8c432bd9 R08: 0000000000000002 R09: 0000000000000000 [ 170.228052][ T7921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.228061][ T7921] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 170.228081][ T7921] [ 170.677485][ T7921] syz.1.585: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 170.907877][ T7921] CPU: 1 UID: 0 PID: 7921 Comm: syz.1.585 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 170.907938][ T7921] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 170.907954][ T7921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 170.907969][ T7921] Call Trace: [ 170.907978][ T7921] [ 170.907989][ T7921] dump_stack_lvl+0x100/0x190 [ 170.908037][ T7921] warn_alloc.cold+0x95/0x1c1 [ 170.908086][ T7921] ? __pfx_warn_alloc+0x10/0x10 [ 170.908124][ T7921] ? trace_kmalloc+0x101/0x130 [ 170.908166][ T7921] ? __kmalloc_cache_node_noprof+0x2d9/0x770 [ 170.908214][ T7921] ? __kasan_kmalloc+0x8a/0xb0 [ 170.908255][ T7921] ? __get_vm_area_node+0x208/0x330 [ 170.908294][ T7921] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 170.908329][ T7921] ? local_lock_release+0x99/0x130 [ 170.908368][ T7921] ? kernel_clone+0xfc/0x9a0 [ 170.908426][ T7921] ? find_held_lock+0x2b/0x80 [ 170.908452][ T7921] ? rcu_read_unlock+0x17/0x60 [ 170.908481][ T7921] ? rcu_read_unlock+0x17/0x60 [ 170.908512][ T7921] ? obj_cgroup_charge_account+0x46d/0x640 [ 170.908544][ T7921] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 170.908582][ T7921] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 170.908619][ T7921] ? rcu_is_watching+0x12/0xc0 [ 170.908659][ T7921] ? trace_kmem_cache_alloc+0xf3/0x120 [ 170.908691][ T7921] ? kernel_clone+0xfc/0x9a0 [ 170.908720][ T7921] __vmalloc_node_noprof+0xad/0xf0 [ 170.908754][ T7921] ? kernel_clone+0xfc/0x9a0 [ 170.908788][ T7921] copy_process+0x5ec/0x7a10 [ 170.908821][ T7921] ? __pfx___futex_wait+0x10/0x10 [ 170.908866][ T7921] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 170.908898][ T7921] ? lockdep_hardirqs_on+0x78/0x100 [ 170.908942][ T7921] ? __pfx_copy_process+0x10/0x10 [ 170.908973][ T7921] ? find_held_lock+0x2b/0x80 [ 170.909012][ T7921] kernel_clone+0xfc/0x9a0 [ 170.909041][ T7921] ? __pfx_futex_wait+0x10/0x10 [ 170.909083][ T7921] ? __pfx_kernel_clone+0x10/0x10 [ 170.909141][ T7921] __do_sys_clone+0xd9/0x120 [ 170.909175][ T7921] ? __pfx___do_sys_clone+0x10/0x10 [ 170.909208][ T7921] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 170.909260][ T7921] ? exit_to_user_mode_loop+0xdd/0x4a0 [ 170.909307][ T7921] do_syscall_64+0x106/0xf80 [ 170.909339][ T7921] ? clear_bhb_loop+0x40/0x90 [ 170.909380][ T7921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.909409][ T7921] RIP: 0033:0x7f3a8c39c799 [ 170.909432][ T7921] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 170.909464][ T7921] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 170.909491][ T7921] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 170.909510][ T7921] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 170.909527][ T7921] RBP: 00007f3a8c432bd9 R08: 0000000000000002 R09: 0000000000000000 [ 170.909543][ T7921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.909559][ T7921] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 170.909597][ T7921] [ 170.909717][ T7921] Mem-Info: [ 171.237308][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout [ 171.269533][ T7921] active_anon:30031 inactive_anon:0 isolated_anon:0 [ 171.269533][ T7921] active_file:17046 inactive_file:40795 isolated_file:0 [ 171.269533][ T7921] unevictable:768 dirty:564 writeback:0 [ 171.269533][ T7921] slab_reclaimable:11606 slab_unreclaimable:92199 [ 171.269533][ T7921] mapped:37170 shmem:21431 pagetables:2231 [ 171.269533][ T7921] sec_pagetables:0 bounce:0 [ 171.269533][ T7921] kernel_misc_reclaimable:0 [ 171.269533][ T7921] free:1284072 free_pcp:27782 free_cma:0 [ 171.387345][ T7921] Node 0 active_anon:119152kB inactive_anon:0kB active_file:68184kB inactive_file:162980kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:148376kB dirty:2252kB writeback:0kB shmem:83292kB shmem_thp:8192kB shmem_pmdmapped:8192kB anon_thp:0kB kernel_stack:12572kB pagetables:8456kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 171.467632][ T7921] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:168kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 171.527763][ T7921] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 171.642395][ T7921] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 171.651861][ T7921] Node 0 DMA32 free:1197248kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:106752kB inactive_anon:0kB active_file:68184kB inactive_file:162980kB unevictable:1536kB writepending:2252kB zspages:52kB present:3129332kB managed:2537420kB mlocked:0kB bounce:0kB free_pcp:106484kB local_pcp:31640kB free_cma:0kB [ 171.702586][ T7933] FAULT_INJECTION: forcing a failure. [ 171.702586][ T7933] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 171.737840][ T7933] CPU: 1 UID: 0 PID: 7933 Comm: syz.0.589 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 171.737897][ T7933] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 171.737910][ T7933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 171.737924][ T7933] Call Trace: [ 171.737932][ T7933] [ 171.737942][ T7933] dump_stack_lvl+0x100/0x190 [ 171.737989][ T7933] should_fail_ex.cold+0x5/0xa [ 171.738014][ T7933] ? prepare_alloc_pages+0x16d/0x5f0 [ 171.738049][ T7933] should_fail_alloc_page+0xeb/0x140 [ 171.738081][ T7933] prepare_alloc_pages+0x1f0/0x5f0 [ 171.738118][ T7933] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 171.738168][ T7933] ? __lock_acquire+0x4a5/0x2630 [ 171.738210][ T7933] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 171.738252][ T7933] ? do_raw_spin_lock+0x128/0x260 [ 171.738290][ T7933] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 171.738329][ T7933] ? find_held_lock+0x2b/0x80 [ 171.738365][ T7933] ? __lock_acquire+0x4a5/0x2630 [ 171.738398][ T7933] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 171.738446][ T7933] ? policy_nodemask+0xed/0x4f0 [ 171.738477][ T7933] alloc_pages_mpol+0x1fb/0x550 [ 171.738508][ T7933] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 171.738537][ T7933] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 171.738580][ T7933] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 171.738628][ T7933] folio_alloc_mpol_noprof+0x36/0x340 [ 171.738665][ T7933] shmem_alloc_folio+0x135/0x160 [ 171.738712][ T7933] shmem_alloc_and_add_folio+0x371/0xd40 [ 171.738765][ T7933] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 171.738807][ T7933] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 171.738842][ T7933] ? __lock_acquire+0x440/0x2630 [ 171.738881][ T7933] shmem_get_folio_gfp+0x6ab/0x1900 [ 171.738923][ T7933] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 171.738946][ T7933] ? __pfx___might_resched+0x10/0x10 [ 171.738966][ T7933] ? noop_dirty_folio+0xfd/0x160 [ 171.738982][ T7933] shmem_fallocate+0x6d7/0x1060 [ 171.739012][ T7933] ? __pfx_shmem_fallocate+0x10/0x10 [ 171.739032][ T7933] ? aa_file_perm+0x7f3/0x14d0 [ 171.739054][ T7933] ? __lock_acquire+0x4a5/0x2630 [ 171.739087][ T7933] ? __pfx_shmem_fallocate+0x10/0x10 [ 171.739108][ T7933] vfs_fallocate+0x576/0x10d0 [ 171.739126][ T7933] ? __pfx_vfs_fallocate+0x10/0x10 [ 171.739145][ T7933] __x64_sys_fallocate+0xd5/0x140 [ 171.739163][ T7933] do_syscall_64+0x106/0xf80 [ 171.739179][ T7933] ? clear_bhb_loop+0x40/0x90 [ 171.739197][ T7933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.739212][ T7933] RIP: 0033:0x7fa537b9c799 [ 171.739226][ T7933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 171.739240][ T7933] RSP: 002b:00007fa538ae1028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 171.739254][ T7933] RAX: ffffffffffffffda RBX: 00007fa537e15fa0 RCX: 00007fa537b9c799 [ 171.739263][ T7933] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 171.739271][ T7933] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 171.739280][ T7933] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000 [ 171.739289][ T7933] R13: 00007fa537e16038 R14: 00007fa537e15fa0 R15: 00007ffffe37a608 [ 171.739309][ T7933] [ 172.064695][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.064841][ T5145] Bluetooth: hci1: command 0x0c1a tx timeout [ 172.077104][ T5145] Bluetooth: hci3: command 0x0c1a tx timeout [ 172.200087][ T7921] lowmem_reserve[]: 0 0 1 1 1 [ 172.204886][ T7921] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:12kB free_cma:0kB [ 172.371415][ T7921] lowmem_reserve[]: 0 0 0 0 0 [ 172.398412][ T7921] Node 1 Normal free:3923772kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17632kB local_pcp:14444kB free_cma:0kB [ 172.447273][ T7921] lowmem_reserve[]: 0 0 0 0 0 [ 172.452015][ T7921] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 172.502971][ T7921] Node 0 DMA32: 8169*4kB (UME) 2889*8kB (UM) 1315*16kB (UM) 950*32kB (UME) 542*64kB (UME) 288*128kB (UME) 160*256kB (UME) 81*512kB (UME) 45*1024kB (UM) 21*2048kB (UM) 222*4096kB (M) = 1259612kB [ 172.589295][ T7921] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 172.632597][ T7921] Node 1 Normal: 5*4kB (UM) 5*8kB (UM) 6*16kB (UM) 9*32kB (UM) 6*64kB (UM) 2*128kB (U) 1*256kB (M) 3*512kB (UM) 5*1024kB (UM) 2*2048kB (M) 955*4096kB (M) = 3923772kB [ 172.727435][ T7921] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 172.737001][ T7921] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 172.778876][ T7921] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 172.808559][ T7921] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 172.859775][ T7921] 60256 total pagecache pages [ 172.893150][ T7921] 0 pages in swap cache [ 172.898430][ T7921] Free swap = 124996kB [ 172.907378][ T7921] Total swap = 124996kB [ 172.919534][ T7921] 2097051 pages RAM [ 172.923365][ T7921] 0 pages HighMem/MovableOnly [ 172.957217][ T7921] 430816 pages reserved [ 172.972892][ T7921] 0 pages cma reserved [ 173.751752][ T7970] netlink: 350 bytes leftover after parsing attributes in process `syz.3.599'. [ 175.110764][ T8000] futex_wake_op: syz.0.607 tries to shift op by -2048; fix this program [ 175.293327][ T8008] FAULT_INJECTION: forcing a failure. [ 175.293327][ T8008] name failslab, interval 1, probability 0, space 0, times 0 [ 175.339579][ T8008] CPU: 1 UID: 0 PID: 8008 Comm: syz.1.610 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 175.339615][ T8008] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 175.339623][ T8008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 175.339632][ T8008] Call Trace: [ 175.339637][ T8008] [ 175.339643][ T8008] dump_stack_lvl+0x100/0x190 [ 175.339677][ T8008] should_fail_ex.cold+0x5/0xa [ 175.339696][ T8008] should_failslab+0xc2/0x120 [ 175.339712][ T8008] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 175.339733][ T8008] ? security_file_alloc+0x34/0x2c0 [ 175.339749][ T8008] ? trace_kmem_cache_alloc+0xf3/0x120 [ 175.339767][ T8008] security_file_alloc+0x34/0x2c0 [ 175.339782][ T8008] init_file+0x95/0x480 [ 175.339801][ T8008] alloc_empty_file+0x73/0x1c0 [ 175.339819][ T8008] alloc_file_pseudo+0x13a/0x230 [ 175.339837][ T8008] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 175.339855][ T8008] ? tipc_sk_finish_conn+0x600/0x7a0 [ 175.339878][ T8008] sock_alloc_file+0x50/0x210 [ 175.339898][ T8008] __sys_socketpair+0x321/0x5b0 [ 175.339913][ T8008] ? __pfx___sys_socketpair+0x10/0x10 [ 175.339927][ T8008] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 175.339942][ T8008] ? xfd_validate_state+0x129/0x190 [ 175.339967][ T8008] __x64_sys_socketpair+0x96/0x100 [ 175.339980][ T8008] ? lockdep_hardirqs_on+0x78/0x100 [ 175.339997][ T8008] do_syscall_64+0x106/0xf80 [ 175.340013][ T8008] ? clear_bhb_loop+0x40/0x90 [ 175.340031][ T8008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.340045][ T8008] RIP: 0033:0x7f3a8c39c799 [ 175.340058][ T8008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 175.340072][ T8008] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 175.340087][ T8008] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 175.340097][ T8008] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 175.340107][ T8008] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 175.340116][ T8008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 175.340124][ T8008] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 175.340142][ T8008] [ 177.012441][ T8048] netlink: 'syz.1.618': attribute type 1 has an invalid length. [ 178.072374][ T8073] netlink: 28 bytes leftover after parsing attributes in process `syz.1.625'. [ 178.111797][ T8073] veth1_macvtap: left promiscuous mode [ 178.463288][ T8083] netlink: 338 bytes leftover after parsing attributes in process `syz.2.627'. [ 178.490215][ T8083] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.498899][ T8083] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.286708][ T8104] netlink: 28 bytes leftover after parsing attributes in process `syz.3.634'. [ 179.385133][ T8104] veth1_macvtap: entered allmulticast mode [ 179.503004][ T8105] netlink: 350 bytes leftover after parsing attributes in process `syz.0.633'. [ 179.844205][ T8123] netlink: 350 bytes leftover after parsing attributes in process `syz.3.638'. [ 181.802741][ T8168] netlink: 350 bytes leftover after parsing attributes in process `syz.2.647'. [ 182.294664][ T8180] FAULT_INJECTION: forcing a failure. [ 182.294664][ T8180] name failslab, interval 1, probability 0, space 0, times 0 [ 182.320428][ T8180] CPU: 0 UID: 0 PID: 8180 Comm: syz.1.651 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 182.320489][ T8180] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 182.320504][ T8180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 182.320524][ T8180] Call Trace: [ 182.320533][ T8180] [ 182.320552][ T8180] dump_stack_lvl+0x100/0x190 [ 182.320598][ T8180] should_fail_ex.cold+0x5/0xa [ 182.320626][ T8180] should_failslab+0xc2/0x120 [ 182.320655][ T8180] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 182.320696][ T8180] ? vm_area_dup+0x27/0x8e0 [ 182.320736][ T8180] vm_area_dup+0x27/0x8e0 [ 182.320782][ T8180] __split_vma+0x18c/0xd90 [ 182.320824][ T8180] ? __pfx___split_vma+0x10/0x10 [ 182.320859][ T8180] ? finish_task_switch.isra.0+0x200/0xb80 [ 182.320898][ T8180] ? lockdep_hardirqs_on+0x78/0x100 [ 182.320938][ T8180] vma_modify+0x1121/0x2250 [ 182.320984][ T8180] ? __pfx_vma_modify+0x10/0x10 [ 182.321027][ T8180] vma_modify_flags+0x257/0x3d0 [ 182.321070][ T8180] ? __pfx_vma_modify_flags+0x10/0x10 [ 182.321122][ T8180] ? mtree_range_walk+0x6ce/0xcd0 [ 182.321159][ T8180] mlock_fixup+0x302/0xf00 [ 182.321196][ T8180] ? __pfx_mlock_fixup+0x10/0x10 [ 182.321236][ T8180] apply_vma_lock_flags+0x256/0x370 [ 182.321278][ T8180] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 182.321313][ T8180] ? __pfx___might_resched+0x10/0x10 [ 182.321358][ T8180] ? __pfx_down_write_killable+0x10/0x10 [ 182.321395][ T8180] ? do_futex+0x192/0x350 [ 182.321433][ T8180] do_mlock+0x261/0x7f0 [ 182.321476][ T8180] ? __pfx_do_mlock+0x10/0x10 [ 182.321507][ T8180] ? __x64_sys_futex+0x34f/0x4d0 [ 182.321537][ T8180] ? __x64_sys_futex+0x358/0x4d0 [ 182.321568][ T8180] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 182.321597][ T8180] ? xfd_validate_state+0x129/0x190 [ 182.321646][ T8180] __x64_sys_mlock+0x59/0x80 [ 182.321685][ T8180] do_syscall_64+0x106/0xf80 [ 182.321718][ T8180] ? clear_bhb_loop+0x40/0x90 [ 182.321764][ T8180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.321791][ T8180] RIP: 0033:0x7f3a8c39c799 [ 182.321814][ T8180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 182.321839][ T8180] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 182.321866][ T8180] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 182.321884][ T8180] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000fbe8 [ 182.321901][ T8180] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 182.321919][ T8180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.321933][ T8180] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 182.321966][ T8180] [ 182.680016][ T8185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.653'. [ 182.702478][ T8185] netlink: 25 bytes leftover after parsing attributes in process `syz.1.653'. [ 182.757608][ T8189] netlink: 'syz.3.654': attribute type 1 has an invalid length. [ 182.765298][ T8189] netlink: 306 bytes leftover after parsing attributes in process `syz.3.654'. [ 182.808130][ T8189] netlink: 'syz.3.654': attribute type 1 has an invalid length. [ 182.815864][ T8189] netlink: 306 bytes leftover after parsing attributes in process `syz.3.654'. [ 183.127684][ T8200] FAULT_INJECTION: forcing a failure. [ 183.127684][ T8200] name failslab, interval 1, probability 0, space 0, times 0 [ 183.160749][ T8200] CPU: 1 UID: 0 PID: 8200 Comm: syz.1.659 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 183.160808][ T8200] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 183.160832][ T8200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 183.160848][ T8200] Call Trace: [ 183.160857][ T8200] [ 183.160867][ T8200] dump_stack_lvl+0x100/0x190 [ 183.160914][ T8200] should_fail_ex.cold+0x5/0xa [ 183.160946][ T8200] should_failslab+0xc2/0x120 [ 183.160972][ T8200] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 183.161006][ T8200] ? sk_prot_alloc+0x60/0x2a0 [ 183.161053][ T8200] sk_prot_alloc+0x60/0x2a0 [ 183.161091][ T8200] sk_alloc+0x36/0xe80 [ 183.161125][ T8200] kcm_create+0xfc/0x6a0 [ 183.161157][ T8200] __sock_create+0x339/0x860 [ 183.161203][ T8200] __sys_socket+0x14d/0x260 [ 183.161230][ T8200] ? __pfx___sys_socket+0x10/0x10 [ 183.161282][ T8200] __x64_sys_socket+0x72/0xb0 [ 183.161306][ T8200] ? lockdep_hardirqs_on+0x78/0x100 [ 183.161337][ T8200] do_syscall_64+0x106/0xf80 [ 183.161368][ T8200] ? clear_bhb_loop+0x40/0x90 [ 183.161397][ T8200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.161423][ T8200] RIP: 0033:0x7f3a8c39c799 [ 183.161444][ T8200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 183.161469][ T8200] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 183.161495][ T8200] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 183.161513][ T8200] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 183.161529][ T8200] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 183.161545][ T8200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.161561][ T8200] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 183.161610][ T8200] [ 183.630026][ T8204] netlink: 146 bytes leftover after parsing attributes in process `syz.3.660'. [ 183.735411][ T8208] FAULT_INJECTION: forcing a failure. [ 183.735411][ T8208] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 183.750114][ T8208] CPU: 0 UID: 0 PID: 8208 Comm: syz.0.662 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 183.750179][ T8208] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 183.750194][ T8208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 183.750209][ T8208] Call Trace: [ 183.750218][ T8208] [ 183.750229][ T8208] dump_stack_lvl+0x100/0x190 [ 183.750301][ T8208] should_fail_ex.cold+0x5/0xa [ 183.750329][ T8208] ? prepare_alloc_pages+0x16d/0x5f0 [ 183.750365][ T8208] should_fail_alloc_page+0xeb/0x140 [ 183.750397][ T8208] prepare_alloc_pages+0x1f0/0x5f0 [ 183.750435][ T8208] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 183.750481][ T8208] ? __pfx_stack_trace_save+0x10/0x10 [ 183.750510][ T8208] ? stack_depot_save_flags+0x27/0x9d0 [ 183.750539][ T8208] ? kasan_save_stack+0x3f/0x50 [ 183.750579][ T8208] ? kasan_save_stack+0x30/0x50 [ 183.750618][ T8208] ? kasan_save_track+0x14/0x30 [ 183.750657][ T8208] ? __kasan_slab_alloc+0x89/0x90 [ 183.750688][ T8208] ? kasan_save_stack+0x3f/0x50 [ 183.750733][ T8208] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 183.750780][ T8208] ? __lock_acquire+0x4a5/0x2630 [ 183.750813][ T8208] ? look_up_lock_class+0x64/0x120 [ 183.750857][ T8208] ? lock_acquire+0x1cf/0x380 [ 183.750892][ T8208] ? find_held_lock+0x2b/0x80 [ 183.750917][ T8208] ? page_table_check_set+0x49a/0xa10 [ 183.750961][ T8208] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 183.751011][ T8208] ? policy_nodemask+0xed/0x4f0 [ 183.751047][ T8208] alloc_pages_mpol+0x1fb/0x550 [ 183.751079][ T8208] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 183.751119][ T8208] folio_alloc_mpol_noprof+0x36/0x340 [ 183.751156][ T8208] vma_alloc_folio_noprof+0xed/0x1d0 [ 183.751191][ T8208] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 183.751238][ T8208] do_anonymous_page+0xb3a/0x1fb0 [ 183.751294][ T8208] __handle_mm_fault+0x1d42/0x2b60 [ 183.751343][ T8208] ? __pfx___handle_mm_fault+0x10/0x10 [ 183.751385][ T8208] ? pte_offset_map_lock+0x174/0x320 [ 183.751414][ T8208] ? find_held_lock+0x2b/0x80 [ 183.751453][ T8208] ? follow_page_pte+0x5b3/0x1400 [ 183.751494][ T8208] handle_mm_fault+0x36d/0xa20 [ 183.751540][ T8208] __get_user_pages+0xf9c/0x34d0 [ 183.751586][ T8208] ? __pfx___get_user_pages+0x10/0x10 [ 183.751629][ T8208] populate_vma_page_range+0x267/0x3f0 [ 183.751664][ T8208] ? __pfx_populate_vma_page_range+0x10/0x10 [ 183.751697][ T8208] ? __pfx_find_vma_intersection+0x10/0x10 [ 183.751728][ T8208] ? do_mmap+0x93f/0x12f0 [ 183.751763][ T8208] __mm_populate+0x107/0x3a0 [ 183.751797][ T8208] ? __pfx___mm_populate+0x10/0x10 [ 183.751833][ T8208] ? up_write+0x290/0x4f0 [ 183.751875][ T8208] vm_mmap_pgoff+0x37f/0x470 [ 183.751912][ T8208] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 183.751946][ T8208] ? do_futex+0x192/0x350 [ 183.751982][ T8208] ? __pfx_do_futex+0x10/0x10 [ 183.752017][ T8208] ? fput+0x79/0x100 [ 183.752052][ T8208] ksys_mmap_pgoff+0xe1/0x650 [ 183.752082][ T8208] ? __x64_sys_futex+0x34f/0x4d0 [ 183.752115][ T8208] ? __x64_sys_futex+0x358/0x4d0 [ 183.752152][ T8208] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 183.752182][ T8208] ? xfd_validate_state+0x129/0x190 [ 183.752230][ T8208] __x64_sys_mmap+0x125/0x190 [ 183.752274][ T8208] do_syscall_64+0x106/0xf80 [ 183.752314][ T8208] ? clear_bhb_loop+0x40/0x90 [ 183.752351][ T8208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.752380][ T8208] RIP: 0033:0x7fa537b9c799 [ 183.752404][ T8208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 183.752431][ T8208] RSP: 002b:00007fa538ae1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 183.752458][ T8208] RAX: ffffffffffffffda RBX: 00007fa537e15fa0 RCX: 00007fa537b9c799 [ 183.752477][ T8208] RDX: 00000000000000e3 RSI: 0000000000400008 RDI: 0000000000000000 [ 183.752494][ T8208] RBP: 00007fa537c32bd9 R08: 0000000000000002 R09: 0000000000008000 [ 183.752511][ T8208] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 183.752527][ T8208] R13: 00007fa537e16038 R14: 00007fa537e15fa0 R15: 00007ffffe37a608 [ 183.752564][ T8208] [ 183.888176][ T8209] netlink: 350 bytes leftover after parsing attributes in process `syz.1.661'. [ 184.414720][ T8221] FAULT_INJECTION: forcing a failure. [ 184.414720][ T8221] name failslab, interval 1, probability 0, space 0, times 0 [ 184.447258][ T8221] CPU: 1 UID: 0 PID: 8221 Comm: syz.1.665 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 184.447317][ T8221] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 184.447331][ T8221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 184.447346][ T8221] Call Trace: [ 184.447355][ T8221] [ 184.447365][ T8221] dump_stack_lvl+0x100/0x190 [ 184.447411][ T8221] should_fail_ex.cold+0x5/0xa [ 184.447444][ T8221] should_failslab+0xc2/0x120 [ 184.447473][ T8221] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 184.447514][ T8221] ? alloc_empty_file+0x55/0x1c0 [ 184.447554][ T8221] alloc_empty_file+0x55/0x1c0 [ 184.447589][ T8221] alloc_file_pseudo+0x13a/0x230 [ 184.447625][ T8221] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 184.447661][ T8221] ? __raw_spin_lock_init+0x3a/0x110 [ 184.447707][ T8221] create_pipe_files+0x360/0x970 [ 184.447740][ T8221] do_pipe2+0xbd/0x1e0 [ 184.447768][ T8221] ? __pfx_do_pipe2+0x10/0x10 [ 184.447795][ T8221] ? xfd_validate_state+0x129/0x190 [ 184.447854][ T8221] __x64_sys_pipe2+0x54/0x80 [ 184.447884][ T8221] do_syscall_64+0x106/0xf80 [ 184.447934][ T8221] ? clear_bhb_loop+0x40/0x90 [ 184.447969][ T8221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.447998][ T8221] RIP: 0033:0x7f3a8c39c799 [ 184.448021][ T8221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.448047][ T8221] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 [ 184.448073][ T8221] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 184.448091][ T8221] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000000 [ 184.448108][ T8221] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 184.448124][ T8221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.448140][ T8221] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 184.448178][ T8221] [ 184.904195][ T8228] process 'syz.1.667' launched ':,' with NULL argv: empty string added [ 184.933246][ T8224] FAULT_INJECTION: forcing a failure. [ 184.933246][ T8224] name failslab, interval 1, probability 0, space 0, times 0 [ 184.946335][ T8224] CPU: 1 UID: 0 PID: 8224 Comm: syz.0.666 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 184.946397][ T8224] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 184.946412][ T8224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 184.946427][ T8224] Call Trace: [ 184.946436][ T8224] [ 184.946446][ T8224] dump_stack_lvl+0x100/0x190 [ 184.946495][ T8224] should_fail_ex.cold+0x5/0xa [ 184.946529][ T8224] should_failslab+0xc2/0x120 [ 184.946558][ T8224] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 184.946600][ T8224] ? mas_alloc_nodes+0x280/0x390 [ 184.946638][ T8224] mas_alloc_nodes+0x280/0x390 [ 184.946670][ T8224] mas_preallocate+0x39c/0xf10 [ 184.946706][ T8224] ? __memcg_slab_post_alloc_hook+0x4e0/0x990 [ 184.946753][ T8224] ? __pfx_mas_preallocate+0x10/0x10 [ 184.946797][ T8224] ? anon_vma_name+0x5a/0x250 [ 184.946833][ T8224] __split_vma+0x33d/0xd90 [ 184.946875][ T8224] ? __pfx___split_vma+0x10/0x10 [ 184.946920][ T8224] ? __pfx_mas_prev+0x10/0x10 [ 184.946964][ T8224] vms_gather_munmap_vmas+0x39f/0x1500 [ 184.947012][ T8224] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 184.947056][ T8224] ? mas_walk+0x6ef/0x9b0 [ 184.947098][ T8224] __mmap_region+0x492/0x29e0 [ 184.947141][ T8224] ? __pfx___mmap_region+0x10/0x10 [ 184.947173][ T8224] ? process_measurement+0x1f4/0x2350 [ 184.947214][ T8224] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 184.947257][ T8224] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 184.947322][ T8224] ? __lock_acquire+0x4a5/0x2630 [ 184.947363][ T8224] ? kvm_sched_clock_read+0x11/0x20 [ 184.947394][ T8224] ? sched_clock+0x38/0x60 [ 184.947444][ T8224] ? lockdep_hardirqs_on+0x78/0x100 [ 184.947472][ T8224] ? finish_task_switch.isra.0+0x205/0xb80 [ 184.947499][ T8224] ? rcu_is_watching+0x12/0xc0 [ 184.947588][ T8224] mmap_region+0x180/0x3e0 [ 184.947631][ T8224] do_mmap+0xc63/0x12f0 [ 184.947669][ T8224] ? __pfx_do_mmap+0x10/0x10 [ 184.947698][ T8224] ? __pfx_down_write_killable+0x10/0x10 [ 184.947752][ T8224] vm_mmap_pgoff+0x29e/0x470 [ 184.947792][ T8224] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 184.947826][ T8224] ? do_futex+0x192/0x350 [ 184.947862][ T8224] ? __pfx_do_futex+0x10/0x10 [ 184.947918][ T8224] ksys_mmap_pgoff+0xe1/0x650 [ 184.947942][ T8224] ? __x64_sys_futex+0x34f/0x4d0 [ 184.947972][ T8224] ? __x64_sys_futex+0x358/0x4d0 [ 184.948003][ T8224] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 184.948029][ T8224] ? xfd_validate_state+0x129/0x190 [ 184.948070][ T8224] __x64_sys_mmap+0x125/0x190 [ 184.948107][ T8224] do_syscall_64+0x106/0xf80 [ 184.948135][ T8224] ? clear_bhb_loop+0x40/0x90 [ 184.948164][ T8224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.948188][ T8224] RIP: 0033:0x7fa537b9c799 [ 184.948211][ T8224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.948238][ T8224] RSP: 002b:00007fa538ae1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 184.948264][ T8224] RAX: ffffffffffffffda RBX: 00007fa537e15fa0 RCX: 00007fa537b9c799 [ 184.948283][ T8224] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000002000 [ 184.948300][ T8224] RBP: 00007fa537c32bd9 R08: 0000000000000002 R09: 0000000000008000 [ 184.948317][ T8224] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 184.948331][ T8224] R13: 00007fa537e16038 R14: 00007fa537e15fa0 R15: 00007ffffe37a608 [ 184.948369][ T8224] [ 185.666975][ T8213] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 185.694017][ T8213] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 185.711360][ T8213] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 185.726906][ T8213] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 186.119609][ T8252] futex_wake_op: syz.3.674 tries to shift op by -2048; fix this program [ 186.268661][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 186.791947][ T8266] FAULT_INJECTION: forcing a failure. [ 186.791947][ T8266] name failslab, interval 1, probability 0, space 0, times 0 [ 186.810848][ T8266] CPU: 1 UID: 0 PID: 8266 Comm: syz.1.677 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 186.810911][ T8266] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 186.810927][ T8266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 186.810944][ T8266] Call Trace: [ 186.810953][ T8266] [ 186.810964][ T8266] dump_stack_lvl+0x100/0x190 [ 186.811014][ T8266] should_fail_ex.cold+0x5/0xa [ 186.811049][ T8266] should_failslab+0xc2/0x120 [ 186.811079][ T8266] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 186.811124][ T8266] ? alloc_unbound_pwq+0x3ff/0xdd0 [ 186.811160][ T8266] alloc_unbound_pwq+0x3ff/0xdd0 [ 186.811199][ T8266] apply_wqattrs_prepare+0x3aa/0xbb0 [ 186.811235][ T8266] ? kasan_save_track+0x14/0x30 [ 186.811279][ T8266] ? __pfx_wq_cpumask_store+0x10/0x10 [ 186.811306][ T8266] apply_workqueue_attrs_locked+0x64/0xe0 [ 186.811338][ T8266] wq_cpumask_store+0xf7/0x190 [ 186.811367][ T8266] dev_attr_store+0x58/0x80 [ 186.811412][ T8266] ? __pfx_dev_attr_store+0x10/0x10 [ 186.811456][ T8266] sysfs_kf_write+0xf2/0x150 [ 186.811495][ T8266] kernfs_fop_write_iter+0x3e0/0x5f0 [ 186.811524][ T8266] ? __pfx_sysfs_kf_write+0x10/0x10 [ 186.811563][ T8266] vfs_write+0x6ac/0x1070 [ 186.811608][ T8266] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 186.811642][ T8266] ? __pfx_vfs_write+0x10/0x10 [ 186.811721][ T8266] ksys_write+0x12a/0x250 [ 186.811749][ T8266] ? __pfx_ksys_write+0x10/0x10 [ 186.811788][ T8266] do_syscall_64+0x106/0xf80 [ 186.811822][ T8266] ? clear_bhb_loop+0x40/0x90 [ 186.811861][ T8266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.811890][ T8266] RIP: 0033:0x7f3a8c39c799 [ 186.811915][ T8266] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.811943][ T8266] RSP: 002b:00007f3a8d2f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 186.811971][ T8266] RAX: ffffffffffffffda RBX: 00007f3a8c615fa0 RCX: 00007f3a8c39c799 [ 186.811991][ T8266] RDX: 0000000001000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 186.812008][ T8266] RBP: 00007f3a8c432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 186.812025][ T8266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.812042][ T8266] R13: 00007f3a8c616038 R14: 00007f3a8c615fa0 R15: 00007fff68703d28 [ 186.812083][ T8266] [ 187.436673][ T30] audit: type=1800 audit(4294967395.880:13): pid=8273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.678" name=02 dev="tmpfs" ino=999 res=0 errno=0 [ 187.715889][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 187.739824][ T8282] netlink: 'syz.3.683': attribute type 10 has an invalid length. [ 187.767457][ T8282] netlink: 330 bytes leftover after parsing attributes in process `syz.3.683'. [ 187.787367][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout [ 187.793953][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 188.478390][ T8279] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 188.485546][ T8279] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 188.491723][ T8279] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 188.506885][ T8279] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 189.642575][ T8333] smpboot: CPU 1 is now offline [ 189.708574][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 189.766711][ T8336] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 189.791858][ T8314] ------------[ cut here ]------------ [ 189.792374][ T8314] [ 189.792383][ T8314] ====================================================== [ 189.792392][ T8314] WARNING: possible circular locking dependency detected [ 189.792407][ T8314] syzkaller #0 Tainted: G U W L XTNJ [ 189.792422][ T8314] ------------------------------------------------------ [ 189.792431][ T8314] syz.0.688/8314 is trying to acquire lock: [ 189.792444][ T8314] ffffffff8e6f53c0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80 [ 189.792523][ T8314] [ 189.792523][ T8314] but task is already holding lock: [ 189.792531][ T8314] ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 189.792584][ T8314] [ 189.792584][ T8314] which lock already depends on the new lock. [ 189.792584][ T8314] [ 189.792592][ T8314] [ 189.792592][ T8314] the existing dependency chain (in reverse order) is: [ 189.792601][ T8314] [ 189.792601][ T8314] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 189.792639][ T8314] _raw_spin_lock_nested+0x31/0x40 [ 189.792666][ T8314] raw_spin_rq_lock_nested+0x2c/0x140 [ 189.792690][ T8314] _task_rq_lock+0xcf/0x490 [ 189.792714][ T8314] cgroup_move_task+0x81/0x2b0 [ 189.792742][ T8314] css_set_move_task+0x285/0x600 [ 189.792766][ T8314] cgroup_post_fork+0x202/0x9b0 [ 189.792790][ T8314] copy_process+0x5f26/0x7a10 [ 189.792818][ T8314] kernel_clone+0xfc/0x9a0 [ 189.792844][ T8314] user_mode_thread+0xcc/0x110 [ 189.792873][ T8314] rest_init+0x21/0x260 [ 189.792908][ T8314] start_kernel+0x47f/0x480 [ 189.792942][ T8314] x86_64_start_reservations+0x24/0x30 [ 189.792978][ T8314] x86_64_start_kernel+0x12b/0x130 [ 189.793014][ T8314] common_startup_64+0x13e/0x148 [ 189.793039][ T8314] [ 189.793039][ T8314] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 189.793098][ T8314] _raw_spin_lock_irqsave+0x3a/0x60 [ 189.793124][ T8314] try_to_wake_up+0xb2/0x1a80 [ 189.793147][ T8314] __wake_up_common+0x135/0x1f0 [ 189.793179][ T8314] __wake_up+0x31/0x60 [ 189.793205][ T8314] tty_port_default_wakeup+0x47/0x60 [ 189.793240][ T8314] serial8250_tx_chars+0x68f/0x860 [ 189.793273][ T8314] serial8250_handle_irq+0x73e/0xcb0 [ 189.793305][ T8314] serial8250_default_handle_irq+0x9e/0x270 [ 189.793342][ T8314] serial8250_interrupt+0xf8/0x1d0 [ 189.793381][ T8314] __handle_irq_event_percpu+0x232/0x8e0 [ 189.793421][ T8314] handle_irq_event+0xab/0x1e0 [ 189.793459][ T8314] handle_edge_irq+0x375/0x970 [ 189.793496][ T8314] __common_interrupt+0xd8/0x2f0 [ 189.793528][ T8314] common_interrupt+0xb9/0xe0 [ 189.793566][ T8314] asm_common_interrupt+0x26/0x40 [ 189.793591][ T8314] __sanitizer_cov_trace_const_cmp1+0x0/0x20 [ 189.793632][ T8314] tomoyo_encode2+0xca/0x3c0 [ 189.793660][ T8314] tomoyo_encode+0x29/0x50 [ 189.793686][ T8314] tomoyo_realpath_from_path+0x18c/0x690 [ 189.793716][ T8314] tomoyo_check_open_permission+0x2af/0x3c0 [ 189.793757][ T8314] tomoyo_file_open+0x6b/0x90 [ 189.793788][ T8314] security_file_open+0xb5/0x1e0 [ 189.793815][ T8314] do_dentry_open+0x5aa/0x1660 [ 189.793838][ T8314] vfs_open+0x82/0x3f0 [ 189.793866][ T8314] path_openat+0x208c/0x31a0 [ 189.793891][ T8314] do_file_open+0x20e/0x430 [ 189.793915][ T8314] do_sys_openat2+0x10d/0x1e0 [ 189.793946][ T8314] __x64_sys_openat+0x12d/0x210 [ 189.793978][ T8314] do_syscall_64+0x106/0xf80 [ 189.794007][ T8314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.794033][ T8314] [ 189.794033][ T8314] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 189.794068][ T8314] _raw_spin_lock_irqsave+0x3a/0x60 [ 189.794101][ T8314] __wake_up+0x1c/0x60 [ 189.794126][ T8314] tty_port_default_wakeup+0x47/0x60 [ 189.794162][ T8314] serial8250_tx_chars+0x68f/0x860 [ 189.794196][ T8314] serial8250_handle_irq+0x73e/0xcb0 [ 189.794233][ T8314] serial8250_default_handle_irq+0x9e/0x270 [ 189.794272][ T8314] serial8250_interrupt+0xf8/0x1d0 [ 189.794313][ T8314] __handle_irq_event_percpu+0x232/0x8e0 [ 189.794354][ T8314] handle_irq_event+0xab/0x1e0 [ 189.794392][ T8314] handle_edge_irq+0x375/0x970 [ 189.794429][ T8314] __common_interrupt+0xd8/0x2f0 [ 189.794460][ T8314] common_interrupt+0xb9/0xe0 [ 189.794496][ T8314] asm_common_interrupt+0x26/0x40 [ 189.794522][ T8314] _raw_spin_unlock_irqrestore+0x31/0x80 [ 189.794549][ T8314] uart_write+0x29d/0xb20 [ 189.794578][ T8314] n_tty_write+0x44f/0x12d0 [ 189.794615][ T8314] file_tty_write.isra.0+0x4d2/0x890 [ 189.794646][ T8314] redirected_tty_write+0xd4/0x120 [ 189.794677][ T8314] vfs_write+0x6ac/0x1070 [ 189.794714][ T8314] ksys_write+0x12a/0x250 [ 189.794734][ T8314] do_syscall_64+0x106/0xf80 [ 189.794764][ T8314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.794789][ T8314] [ 189.794789][ T8314] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 189.794824][ T8314] _raw_spin_lock_irqsave+0x3a/0x60 [ 189.794850][ T8314] serial8250_console_write+0x17e/0x1900 [ 189.794887][ T8314] console_flush_one_record+0x790/0xe50 [ 189.794927][ T8314] console_unlock+0x103/0x260 [ 189.794964][ T8314] vprintk_emit+0x407/0x6b0 [ 189.794985][ T8314] _printk+0xcf/0x110 [ 189.795007][ T8314] register_console.cold+0xc0/0x248 [ 189.795033][ T8314] univ8250_console_init+0x6f/0x80 [ 189.795061][ T8314] console_init+0x423/0x620 [ 189.795088][ T8314] start_kernel+0x305/0x480 [ 189.795122][ T8314] x86_64_start_reservations+0x24/0x30 [ 189.795158][ T8314] x86_64_start_kernel+0x12b/0x130 [ 189.795194][ T8314] common_startup_64+0x13e/0x148 [ 189.795219][ T8314] [ 189.795219][ T8314] -> #0 (console_owner){-.-.}-{0:0}: [ 189.795252][ T8314] __lock_acquire+0x14b8/0x2630 [ 189.795283][ T8314] lock_acquire+0x1cf/0x380 [ 189.795312][ T8314] console_lock_spinning_enable+0x72/0x80 [ 189.795351][ T8314] console_flush_one_record+0x739/0xe50 [ 189.795390][ T8314] console_unlock+0x103/0x260 [ 189.795426][ T8314] vprintk_emit+0x407/0x6b0 [ 189.795448][ T8314] _printk+0xcf/0x110 [ 189.795470][ T8314] __report_bug.cold+0x15/0x137 [ 189.795503][ T8314] report_bug+0xb2/0x220 [ 189.795529][ T8314] handle_bug+0x16a/0x2a0 [ 189.795561][ T8314] exc_invalid_op+0x17/0x50 [ 189.795594][ T8314] asm_exc_invalid_op+0x1a/0x20 [ 189.795618][ T8314] update_rq_clock+0x40a/0xd20 [ 189.795643][ T8314] __schedule+0x1b7d/0x6120 [ 189.795669][ T8314] preempt_schedule_common+0x42/0xc0 [ 189.795697][ T8314] preempt_schedule_thunk+0x16/0x30 [ 189.795728][ T8314] _raw_spin_unlock_irq+0x44/0x50 [ 189.795754][ T8314] snd_rawmidi_write+0x488/0xc60 [ 189.795781][ T8314] vfs_write+0x2aa/0x1070 [ 189.795818][ T8314] ksys_write+0x1f8/0x250 [ 189.795839][ T8314] do_syscall_64+0x106/0xf80 [ 189.795868][ T8314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.795894][ T8314] [ 189.795894][ T8314] other info that might help us debug this: [ 189.795894][ T8314] [ 189.795902][ T8314] Chain exists of: [ 189.795902][ T8314] console_owner --> &p->pi_lock --> &rq->__lock [ 189.795902][ T8314] [ 189.795941][ T8314] Possible unsafe locking scenario: [ 189.795941][ T8314] [ 189.795948][ T8314] CPU0 CPU1 [ 189.795955][ T8314] ---- ---- [ 189.795962][ T8314] lock(&rq->__lock); [ 189.795979][ T8314] lock(&p->pi_lock); [ 189.795997][ T8314] lock(&rq->__lock); [ 189.796014][ T8314] lock(console_owner); [ 189.796030][ T8314] [ 189.796030][ T8314] *** DEADLOCK *** [ 189.796030][ T8314] [ 189.796036][ T8314] 3 locks held by syz.0.688/8314: [ 189.796051][ T8314] #0: ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 189.796118][ T8314] #1: ffffffff8e7d5800 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x110 [ 189.796177][ T8314] #2: ffffffff8e7d5878 (console_srcu){....}-{0:0}, at: console_flush_one_record+0xfd/0xe50 [ 189.796252][ T8314] [ 189.796252][ T8314] stack backtrace: [ 189.796268][ T8314] CPU: 0 UID: 0 PID: 8314 Comm: syz.0.688 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 189.796324][ T8314] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 189.796340][ T8314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 189.796356][ T8314] Call Trace: [ 189.796365][ T8314] [ 189.796375][ T8314] dump_stack_lvl+0x100/0x190 [ 189.796413][ T8314] print_circular_bug.cold+0x178/0x1c7 [ 189.796456][ T8314] check_noncircular+0x146/0x160 [ 189.796491][ T8314] __lock_acquire+0x14b8/0x2630 [ 189.796531][ T8314] lock_acquire+0x1cf/0x380 [ 189.796562][ T8314] ? console_lock_spinning_enable+0x61/0x80 [ 189.796603][ T8314] ? console_lock_spinning_enable+0x4a/0x80 [ 189.796647][ T8314] console_lock_spinning_enable+0x72/0x80 [ 189.796687][ T8314] ? console_lock_spinning_enable+0x61/0x80 [ 189.796727][ T8314] console_flush_one_record+0x739/0xe50 [ 189.796772][ T8314] ? __pfx_console_flush_one_record+0x10/0x10 [ 189.796818][ T8314] ? is_printk_cpu_sync_owner+0x32/0x40 [ 189.796848][ T8314] console_unlock+0x103/0x260 [ 189.796888][ T8314] ? __pfx_console_unlock+0x10/0x10 [ 189.796929][ T8314] ? do_raw_spin_unlock+0x145/0x1e0 [ 189.796968][ T8314] ? _printk+0xcf/0x110 [ 189.796995][ T8314] vprintk_emit+0x407/0x6b0 [ 189.797020][ T8314] ? __pfx_vprintk_emit+0x10/0x10 [ 189.797062][ T8314] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 189.797098][ T8314] _printk+0xcf/0x110 [ 189.797123][ T8314] ? __pfx__printk+0x10/0x10 [ 189.797153][ T8314] ? __report_bug.cold+0x5/0x137 [ 189.797189][ T8314] __report_bug.cold+0x15/0x137 [ 189.797223][ T8314] ? update_rq_clock+0x40a/0xd20 [ 189.797251][ T8314] ? __pfx___report_bug+0x10/0x10 [ 189.797280][ T8314] ? rcu_is_watching+0x12/0xc0 [ 189.797319][ T8314] ? trace_contention_end.constprop.0+0x15b/0x1b0 [ 189.797360][ T8314] ? __pv_queued_spin_lock_slowpath+0x284/0xc00 [ 189.797397][ T8314] ? update_rq_clock+0x40a/0xd20 [ 189.797424][ T8314] report_bug+0xb2/0x220 [ 189.797451][ T8314] ? update_rq_clock+0x40a/0xd20 [ 189.797478][ T8314] handle_bug+0x16a/0x2a0 [ 189.797513][ T8314] exc_invalid_op+0x17/0x50 [ 189.797549][ T8314] asm_exc_invalid_op+0x1a/0x20 [ 189.797575][ T8314] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 189.797604][ T8314] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 189.797632][ T8314] RSP: 0018:ffffc90003877998 EFLAGS: 00010046 [ 189.797653][ T8314] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 189.797671][ T8314] RDX: 0000000000000046 RSI: ffffffff8de57650 RDI: ffffffff8c1af920 [ 189.797690][ T8314] RBP: ffffc90003877b40 R08: 0000000000000001 R09: 0000000000000001 [ 189.797707][ T8314] R10: ffffffff90d9cc17 R11: 0000000000000000 R12: ffffffff90d9ffe4 [ 189.797725][ T8314] R13: ffff8880b853c0c0 R14: ffff88801e6d1e80 R15: ffff8880b853b280 [ 189.797752][ T8314] ? update_rq_clock+0x9c/0xd20 [ 189.797782][ T8314] __schedule+0x1b7d/0x6120 [ 189.797809][ T8314] ? __queue_work+0x436/0x1150 [ 189.797855][ T8314] ? __pfx___schedule+0x10/0x10 [ 189.797882][ T8314] ? do_raw_spin_lock+0x128/0x260 [ 189.797920][ T8314] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 189.797959][ T8314] ? preempt_schedule_thunk+0x16/0x30 [ 189.797991][ T8314] ? snd_rawmidi_write+0x44d/0xc60 [ 189.798019][ T8314] preempt_schedule_common+0x42/0xc0 [ 189.798050][ T8314] preempt_schedule_thunk+0x16/0x30 [ 189.798093][ T8314] _raw_spin_unlock_irq+0x44/0x50 [ 189.798121][ T8314] snd_rawmidi_write+0x488/0xc60 [ 189.798153][ T8314] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 189.798182][ T8314] ? __pfx_default_wake_function+0x10/0x10 [ 189.798211][ T8314] ? bpf_lsm_file_permission+0x9/0x10 [ 189.798253][ T8314] ? security_file_permission+0x76/0x210 [ 189.798282][ T8314] ? rw_verify_area+0xce/0x6d0 [ 189.798320][ T8314] vfs_write+0x2aa/0x1070 [ 189.798361][ T8314] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 189.798391][ T8314] ? __pfx_vfs_write+0x10/0x10 [ 189.798430][ T8314] ? find_held_lock+0x2b/0x80 [ 189.798454][ T8314] ? __fget_files+0x215/0x3d0 [ 189.798478][ T8314] ? __fget_files+0x215/0x3d0 [ 189.798504][ T8314] ? __fget_files+0x21f/0x3d0 [ 189.798533][ T8314] ksys_write+0x1f8/0x250 [ 189.798556][ T8314] ? __pfx_ksys_write+0x10/0x10 [ 189.798584][ T8314] do_syscall_64+0x106/0xf80 [ 189.798615][ T8314] ? clear_bhb_loop+0x40/0x90 [ 189.798646][ T8314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.798672][ T8314] RIP: 0033:0x7fa537b9c799 [ 189.798694][ T8314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 189.798721][ T8314] RSP: 002b:00007fa538ac0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 189.798745][ T8314] RAX: ffffffffffffffda RBX: 00007fa537e16090 RCX: 00007fa537b9c799 [ 189.798764][ T8314] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000006 [ 189.798781][ T8314] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 189.798798][ T8314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.798815][ T8314] R13: 00007fa537e16128 R14: 00007fa537e16090 R15: 00007ffffe37a608 [ 189.798842][ T8314] [ 191.084409][ T8314] debug_locks && !(lock_is_held(&(__rq_lockp(rq))->dep_map) != 0) [ 191.084429][ T8314] WARNING: kernel/sched/sched.h:1600 at update_rq_clock+0x40a/0xd20, CPU#0: syz.0.688/8314 [ 191.102300][ T8314] Modules linked in: [ 191.106206][ T8314] CPU: 0 UID: 0 PID: 8314 Comm: syz.0.688 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 191.116997][ T8314] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 191.127136][ T8314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 191.137192][ T8314] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 191.142761][ T8314] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 191.162379][ T8314] RSP: 0018:ffffc90003877998 EFLAGS: 00010046 [ 191.168468][ T8314] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 191.176444][ T8314] RDX: 0000000000000046 RSI: ffffffff8de57650 RDI: ffffffff8c1af920 [ 191.184429][ T8314] RBP: ffffc90003877b40 R08: 0000000000000001 R09: 0000000000000001 [ 191.192492][ T8314] R10: ffffffff90d9cc17 R11: 0000000000000000 R12: ffffffff90d9ffe4 [ 191.200468][ T8314] R13: ffff8880b853c0c0 R14: ffff88801e6d1e80 R15: ffff8880b853b280 [ 191.208445][ T8314] FS: 00007fa538ac06c0(0000) GS:ffff88812434b000(0000) knlGS:0000000000000000 [ 191.217381][ T8314] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 191.223966][ T8314] CR2: 000020000029d000 CR3: 000000005a010000 CR4: 00000000003526f0 [ 191.231942][ T8314] Call Trace: [ 191.235222][ T8314] [ 191.238154][ T8314] __schedule+0x1b7d/0x6120 [ 191.242670][ T8314] ? __queue_work+0x436/0x1150 [ 191.247459][ T8314] ? __pfx___schedule+0x10/0x10 [ 191.252319][ T8314] ? do_raw_spin_lock+0x128/0x260 [ 191.257363][ T8314] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 191.262752][ T8314] ? preempt_schedule_thunk+0x16/0x30 [ 191.268138][ T8314] ? snd_rawmidi_write+0x44d/0xc60 [ 191.273261][ T8314] preempt_schedule_common+0x42/0xc0 [ 191.278559][ T8314] preempt_schedule_thunk+0x16/0x30 [ 191.283773][ T8314] _raw_spin_unlock_irq+0x44/0x50 [ 191.288804][ T8314] snd_rawmidi_write+0x488/0xc60 [ 191.293755][ T8314] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 191.299223][ T8314] ? __pfx_default_wake_function+0x10/0x10 [ 191.305057][ T8314] ? bpf_lsm_file_permission+0x9/0x10 [ 191.310470][ T8314] ? security_file_permission+0x76/0x210 [ 191.316214][ T8314] ? rw_verify_area+0xce/0x6d0 [ 191.321010][ T8314] vfs_write+0x2aa/0x1070 [ 191.325373][ T8314] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 191.330848][ T8314] ? __pfx_vfs_write+0x10/0x10 [ 191.335634][ T8314] ? find_held_lock+0x2b/0x80 [ 191.340321][ T8314] ? __fget_files+0x215/0x3d0 [ 191.345007][ T8314] ? __fget_files+0x215/0x3d0 [ 191.349701][ T8314] ? __fget_files+0x21f/0x3d0 [ 191.354387][ T8314] ksys_write+0x1f8/0x250 [ 191.358720][ T8314] ? __pfx_ksys_write+0x10/0x10 [ 191.363580][ T8314] do_syscall_64+0x106/0xf80 [ 191.368182][ T8314] ? clear_bhb_loop+0x40/0x90 [ 191.372885][ T8314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.378812][ T8314] RIP: 0033:0x7fa537b9c799 [ 191.383241][ T8314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 191.402865][ T8314] RSP: 002b:00007fa538ac0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 191.411288][ T8314] RAX: ffffffffffffffda RBX: 00007fa537e16090 RCX: 00007fa537b9c799 [ 191.419263][ T8314] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000006 [ 191.427234][ T8314] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 191.435219][ T8314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.443221][ T8314] R13: 00007fa537e16128 R14: 00007fa537e16090 R15: 00007ffffe37a608 [ 191.451229][ T8314] [ 191.454255][ T8314] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 191.461541][ T8314] CPU: 0 UID: 0 PID: 8314 Comm: syz.0.688 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 191.472517][ T8314] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 191.482574][ T8314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 191.492632][ T8314] Call Trace: [ 191.495913][ T8314] [ 191.498941][ T8314] dump_stack_lvl+0x100/0x190 [ 191.503644][ T8314] vpanic+0x552/0x970 [ 191.507638][ T8314] ? __pfx_vpanic+0x10/0x10 [ 191.512157][ T8314] ? lock_release+0x263/0x320 [ 191.516852][ T8314] panic+0xd1/0xe0 [ 191.520576][ T8314] ? __pfx_panic+0x10/0x10 [ 191.525005][ T8314] check_panic_on_warn.cold+0x19/0x34 [ 191.530388][ T8314] ? update_rq_clock+0x40a/0xd20 [ 191.535332][ T8314] __warn.cold+0x191/0x348 [ 191.539756][ T8314] __report_bug+0x296/0x3d0 [ 191.544268][ T8314] ? update_rq_clock+0x40a/0xd20 [ 191.549214][ T8314] ? __pfx___report_bug+0x10/0x10 [ 191.554248][ T8314] ? rcu_is_watching+0x12/0xc0 [ 191.559036][ T8314] ? trace_contention_end.constprop.0+0x15b/0x1b0 [ 191.565567][ T8314] ? __pv_queued_spin_lock_slowpath+0x284/0xc00 [ 191.571916][ T8314] ? update_rq_clock+0x40a/0xd20 [ 191.576861][ T8314] report_bug+0xb2/0x220 [ 191.581125][ T8314] ? update_rq_clock+0x40a/0xd20 [ 191.586074][ T8314] handle_bug+0x16a/0x2a0 [ 191.590856][ T8314] exc_invalid_op+0x17/0x50 [ 191.595374][ T8314] asm_exc_invalid_op+0x1a/0x20 [ 191.600234][ T8314] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 191.605790][ T8314] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 191.625494][ T8314] RSP: 0018:ffffc90003877998 EFLAGS: 00010046 [ 191.631571][ T8314] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 191.639546][ T8314] RDX: 0000000000000046 RSI: ffffffff8de57650 RDI: ffffffff8c1af920 [ 191.647522][ T8314] RBP: ffffc90003877b40 R08: 0000000000000001 R09: 0000000000000001 [ 191.655496][ T8314] R10: ffffffff90d9cc17 R11: 0000000000000000 R12: ffffffff90d9ffe4 [ 191.663471][ T8314] R13: ffff8880b853c0c0 R14: ffff88801e6d1e80 R15: ffff8880b853b280 [ 191.671455][ T8314] ? update_rq_clock+0x9c/0xd20 [ 191.676324][ T8314] __schedule+0x1b7d/0x6120 [ 191.680837][ T8314] ? __queue_work+0x436/0x1150 [ 191.685628][ T8314] ? __pfx___schedule+0x10/0x10 [ 191.690484][ T8314] ? do_raw_spin_lock+0x128/0x260 [ 191.695528][ T8314] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 191.701283][ T8314] ? preempt_schedule_thunk+0x16/0x30 [ 191.706686][ T8314] ? snd_rawmidi_write+0x44d/0xc60 [ 191.711820][ T8314] preempt_schedule_common+0x42/0xc0 [ 191.717139][ T8314] preempt_schedule_thunk+0x16/0x30 [ 191.722359][ T8314] _raw_spin_unlock_irq+0x44/0x50 [ 191.727397][ T8314] snd_rawmidi_write+0x488/0xc60 [ 191.732373][ T8314] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 191.737847][ T8314] ? __pfx_default_wake_function+0x10/0x10 [ 191.743664][ T8314] ? bpf_lsm_file_permission+0x9/0x10 [ 191.749056][ T8314] ? security_file_permission+0x76/0x210 [ 191.754702][ T8314] ? rw_verify_area+0xce/0x6d0 [ 191.759485][ T8314] vfs_write+0x2aa/0x1070 [ 191.763834][ T8314] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 191.769304][ T8314] ? __pfx_vfs_write+0x10/0x10 [ 191.774087][ T8314] ? find_held_lock+0x2b/0x80 [ 191.778770][ T8314] ? __fget_files+0x215/0x3d0 [ 191.783451][ T8314] ? __fget_files+0x215/0x3d0 [ 191.788138][ T8314] ? __fget_files+0x21f/0x3d0 [ 191.792821][ T8314] ksys_write+0x1f8/0x250 [ 191.797239][ T8314] ? __pfx_ksys_write+0x10/0x10 [ 191.802099][ T8314] do_syscall_64+0x106/0xf80 [ 191.806709][ T8314] ? clear_bhb_loop+0x40/0x90 [ 191.811399][ T8314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.817310][ T8314] RIP: 0033:0x7fa537b9c799 [ 191.821729][ T8314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 191.841364][ T8314] RSP: 002b:00007fa538ac0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 191.849807][ T8314] RAX: ffffffffffffffda RBX: 00007fa537e16090 RCX: 00007fa537b9c799 [ 191.857797][ T8314] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000006 [ 191.865774][ T8314] RBP: 00007fa537c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 191.873748][ T8314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.881733][ T8314] R13: 00007fa537e16128 R14: 00007fa537e16090 R15: 00007ffffe37a608 [ 191.889726][ T8314] [ 191.892953][ T8314] Kernel Offset: disabled [ 191.897378][ T8314] Rebooting in 86400 seconds..