last executing test programs: 2.110288359s ago: executing program 0 (id=384): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) setreuid$auto(0x0, 0x0) futex$auto(0x0, 0x5, 0x2, 0x0, 0x0, 0x1ffffffd) 1.998538654s ago: executing program 3 (id=385): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0x1, 0x1, 0x81, "3112d5850053614d19f82af9ffb683dbede3d0bf828b3fba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x401, 0x5, 0x4, @inferred, @integer={0xdbe, 0x255, 0x8}, "7a9fc199a16a2311eacf2fc7ae1d8778dc618090334fdd73340238d21000debe0eda71bdd709254592b67f9cb5adb17884a16f7ce8cbce0bb32791702b8d7c2d"}) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000640)={0x0, 0x1d, 0x3800, 0x2, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7b, 0x0, 0x5, 0xfffffffffffffffd}, {0x100, 0x20001, 0x52, 0x85, 0x2, 0x0, 0x2072c2, 0xc, 0x100000000}}) io_uring_register$auto(0x2, 0x20, &(0x7f0000000240), 0x1) 1.967152166s ago: executing program 2 (id=387): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) lseek$auto(0x3, 0x8, 0x3) write$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) 1.962496605s ago: executing program 0 (id=395): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x73) setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9) 1.822994338s ago: executing program 1 (id=388): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mincore$auto(0x1000, 0x8001, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev1\x00', 0xe0800, 0x0) ioctl$auto(r0, 0xc0205648, r0) 1.807092836s ago: executing program 3 (id=389): mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100000, 0x0) splice$auto(r1, 0x0, r0, &(0x7f0000000080)=0x6, 0x8000000000000001, 0x5) 1.773763342s ago: executing program 0 (id=390): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) write$auto(0x3, 0x0, 0xfdef) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x4b70, r1) 1.726477465s ago: executing program 2 (id=391): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x2, 0x801, 0x106) shmctl$auto(0x4, 0xe, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) setsockopt$auto(0x1, 0x1, 0x43, &(0x7f0000000000)='\x00', 0xbb) 1.617595502s ago: executing program 3 (id=392): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x2000a, 0x7e, 0xeb2, 0x401, 0x8000) mkdir$auto(0x0, 0x8001) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) 1.592932137s ago: executing program 1 (id=393): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x4604, 0x0) 1.487101633s ago: executing program 0 (id=394): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/bdi/43:352/strict_limit\x00', 0x100b02, 0x0) fsopen$auto(&(0x7f00000001c0)='nfsd\x00', 0x1) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x8}, 0x400) sendfile$auto(r0, r0, 0x0, 0x80000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x800) mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000029, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x16240, 0x0) execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000600)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\xbe\xb2\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x2) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) read$auto_proc_sessionid_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/4073, 0xfe9) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) pwrite64$auto(0xc8, 0x0, 0xfdef, 0x3) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/pid_for_children\x00') fremovexattr$auto(r3, &(0x7f0000000000)='system.posix_acl_access\x00') socket$nl_generic(0x10, 0x3, 0x10) 1.476888311s ago: executing program 2 (id=396): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000d40), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_QSTATS_GET(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x1c, r1, 0x305, 0x70bd2a, 0x25dfdbfc, {}, [@NETDEV_A_QSTATS_IFINDEX={0x8, 0x1, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x10) 1.443989987s ago: executing program 1 (id=397): mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) socket(0xa, 0x2, 0x88) socketpair$auto(0x1, 0x803, 0x8000000000000000, 0x0) poll$auto(0x0, 0x8, 0x1) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x84, 0x73, 0x0, &(0x7f0000000100)=0x99) 1.34696883s ago: executing program 2 (id=398): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) r0 = fcntl$auto(0x8000000000000001, 0x26, 0x8) setsockopt$auto(r0, 0x94f3, 0x6, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0x2) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_ENABLE_SEID(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xf4, r1, 0x400, 0x70bd29, 0x25dfdbfd, {}, "4d8783e39d322ae5460b7e44ac9ffe953f0c96fb335fc4c489860100a36951eafccb2f6ab40b1e6177ff8094e1e6f4686140e7d408e4f38efde67dfda4ab68133f08137f5eb1e4a634878905eac2212ff05c145bf8cd9e8454a9a797175a5351f4ba9ba5ca1d0c54818a04931d97b37934898c50b4fd0462e5f3897fd58c616a025b6821532665025098cf9765fc410e12ed0f3615fa3177c5b7dc7417ea611ed21698c8fadceef067a91128c273128623bab00145d831010ae568f37f7f66cf00258911f7ec06616c18c5f69260ec1faf9c3a4483d2b1fdcd092b69231229"}, 0xf4}, 0x1, 0x0, 0x0, 0x80}, 0x2000c000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) setreuid$auto(0xffffffffffffffff, 0x8) prctl$auto_PR_SET_VMA_ANON_NAME(0x401, 0x0, 0x0, 0x30000001, 0x3) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.stat\x00', 0x280, 0x0) r4 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) write$auto(r4, 0x0, 0x7) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000003c0)=""/20, 0xfffffcc4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000200)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) ioctl$auto(0x3, 0x5420, 0x38) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0x402c542c, 0x38) ioctl$auto(0x3, 0x402c542b, 0x38) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 1.305216431s ago: executing program 1 (id=399): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/security/tomoyo/manager\x00', 0x40002, 0x0) read$auto(r0, 0x0, 0xb4d3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x2) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x1) 1.194413763s ago: executing program 1 (id=400): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb2, 0xffffffffffffffff, 0x100000000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f00000000c0)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k]_\\\xf5\xc15\xe3-H\xff\xb1K\xd5)\xc5\x1e\xf9 \x8a\x7f^\x01\xcc', 0x4009) r1 = ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS64(r1, 0xc0385720, 0x0) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) 1.091809959s ago: executing program 2 (id=401): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) getrlimit$auto(0x3, 0x0) ioctl$auto(r0, 0x40104d01, r0) 661.369069ms ago: executing program 3 (id=402): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x7) writev$auto(r0, &(0x7f0000000200)={0x0, 0xb}, 0x200000003) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) 278.795417ms ago: executing program 3 (id=403): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000002f, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x1, 0x7ff) ptrace$auto(0x2, r0, 0xa1d, 0x887) 268.18445ms ago: executing program 0 (id=404): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x207f93, 0xfffffffe, 0x7ffffffd, 0x3, 0x7, 0x5}) clone$auto(0x2000020003b4a, 0x6, 0x0, 0x0, 0x103) 198.073723ms ago: executing program 1 (id=405): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 152.564908ms ago: executing program 2 (id=406): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/bdi/43:352/strict_limit\x00', 0x100b02, 0x0) fsopen$auto(&(0x7f00000001c0)='nfsd\x00', 0x1) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x8}, 0x400) sendfile$auto(r0, r0, 0x0, 0x80000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x800) mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000029, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x16240, 0x0) execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000600)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\xbe\xb2\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x2) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) read$auto_proc_sessionid_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/4073, 0xfe9) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5\x85\x91p\xe6\x1eRN8\x90\x86\xdde\x1cJ\x99\x00\x11\x89\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/pid_for_children\x00') fremovexattr$auto(r3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 6.781085ms ago: executing program 3 (id=407): read$auto(0xffffffffffffffff, 0x0, 0x8) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) write$auto(r0, &(0x7f0000000340)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x0e\xfa{\x15\x1d\x11\x85o\xf1g\xb7\xb3\xdd\\\xfdG\xa9\x16R\xa4\xe9\xd1\xf4S\x94\xe1\x9c\x88\x1b\xe6.\x11\xa3\xe1\xddi\xb66\xaa\xa3\xc7iB\xc84\x11\xac\xfd\x1a*\xd4a\xfe\x05\x96\x0ec\x12\xea\xd5K\xea\xda\xa3\xfa\xc3\xedr\x17\xa5\x1c\x88{v\xb8\bj\x84\xd8g\x05r\xe7n\x7f^\x9d\xc7V\x92\xb9Z.Uc*K', 0x81) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) bpf$auto(0x12, &(0x7f0000000040)=@link_detach, 0x26) 0s ago: executing program 0 (id=408): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) r0 = fcntl$auto(0x8000000000000001, 0x26, 0x8) setsockopt$auto(r0, 0x94f3, 0x6, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0x2) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_ENABLE_SEID(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xf4, r1, 0x400, 0x70bd29, 0x25dfdbfd, {}, "4d8783e39d322ae5460b7e44ac9ffe953f0c96fb335fc4c489860100a36951eafccb2f6ab40b1e6177ff8094e1e6f4686140e7d408e4f38efde67dfda4ab68133f08137f5eb1e4a634878905eac2212ff05c145bf8cd9e8454a9a797175a5351f4ba9ba5ca1d0c54818a04931d97b37934898c50b4fd0462e5f3897fd58c616a025b6821532665025098cf9765fc410e12ed0f3615fa3177c5b7dc7417ea611ed21698c8fadceef067a91128c273128623bab00145d831010ae568f37f7f66cf00258911f7ec06616c18c5f69260ec1faf9c3a4483d2b1fdcd092b69231229"}, 0xf4}, 0x1, 0x0, 0x0, 0x80}, 0x2000c000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) setreuid$auto(0xffffffffffffffff, 0x8) prctl$auto_PR_SET_VMA_ANON_NAME(0x401, 0x0, 0x0, 0x30000001, 0x3) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) setresuid$auto(0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.stat\x00', 0x280, 0x0) r4 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) write$auto(r4, 0x0, 0x7) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000003c0)=""/20, 0xfffffcc4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000200)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) ioctl$auto(0x3, 0x5420, 0x38) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0x402c542c, 0x38) ioctl$auto(0x3, 0x402c542b, 0x38) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts. syzkaller login: [ 80.801766][ T5809] cgroup: Unknown subsys name 'net' [ 80.937957][ T5809] cgroup: Unknown subsys name 'cpuset' [ 80.946776][ T5809] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.374347][ T5809] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.169816][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.178687][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.187259][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.194260][ T5833] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.195147][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.204053][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.215506][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.216631][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.223052][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.230497][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.239501][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.245237][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.252920][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.258851][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.273314][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.275291][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.281039][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.289287][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.302570][ T5834] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.315324][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.803885][ T5820] chnl_net:caif_netlink_parms(): no params data found [ 84.910876][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 84.991149][ T5822] chnl_net:caif_netlink_parms(): no params data found [ 85.048742][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.056025][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.064888][ T5820] bridge_slave_0: entered allmulticast mode [ 85.071951][ T5820] bridge_slave_0: entered promiscuous mode [ 85.108323][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.115542][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.122795][ T5820] bridge_slave_1: entered allmulticast mode [ 85.130109][ T5820] bridge_slave_1: entered promiscuous mode [ 85.137545][ T5821] chnl_net:caif_netlink_parms(): no params data found [ 85.223516][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.238592][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.245823][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.252936][ T5823] bridge_slave_0: entered allmulticast mode [ 85.260614][ T5823] bridge_slave_0: entered promiscuous mode [ 85.280349][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.299829][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.307278][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.314511][ T5823] bridge_slave_1: entered allmulticast mode [ 85.321527][ T5823] bridge_slave_1: entered promiscuous mode [ 85.379263][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.386582][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.394609][ T5822] bridge_slave_0: entered allmulticast mode [ 85.401536][ T5822] bridge_slave_0: entered promiscuous mode [ 85.426961][ T5820] team0: Port device team_slave_0 added [ 85.432822][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.440133][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.447824][ T5822] bridge_slave_1: entered allmulticast mode [ 85.455072][ T5822] bridge_slave_1: entered promiscuous mode [ 85.465333][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.486065][ T5820] team0: Port device team_slave_1 added [ 85.502780][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.564465][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.571631][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.579146][ T5821] bridge_slave_0: entered allmulticast mode [ 85.586325][ T5821] bridge_slave_0: entered promiscuous mode [ 85.609127][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.622983][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.635141][ T5823] team0: Port device team_slave_0 added [ 85.640983][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.648856][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.656228][ T5821] bridge_slave_1: entered allmulticast mode [ 85.663171][ T5821] bridge_slave_1: entered promiscuous mode [ 85.686545][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.693525][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.719668][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.745404][ T5823] team0: Port device team_slave_1 added [ 85.767264][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.775793][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.802260][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.842436][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.861376][ T5822] team0: Port device team_slave_0 added [ 85.880008][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.920841][ T5822] team0: Port device team_slave_1 added [ 85.927256][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.934441][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.960444][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.981981][ T5821] team0: Port device team_slave_0 added [ 85.998820][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.006044][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.032030][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.053046][ T5821] team0: Port device team_slave_1 added [ 86.084730][ T5820] hsr_slave_0: entered promiscuous mode [ 86.091095][ T5820] hsr_slave_1: entered promiscuous mode [ 86.108000][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.115190][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.141500][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.163529][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.170686][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.196980][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.229557][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.236600][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.262563][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.298920][ T5823] hsr_slave_0: entered promiscuous mode [ 86.305278][ T5823] hsr_slave_1: entered promiscuous mode [ 86.311301][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 86.317361][ T5823] Cannot create hsr debugfs directory [ 86.323481][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.330529][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.356575][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.385078][ T5834] Bluetooth: hci3: command tx timeout [ 86.390791][ T5834] Bluetooth: hci1: command tx timeout [ 86.396985][ T51] Bluetooth: hci2: command tx timeout [ 86.402828][ T51] Bluetooth: hci0: command tx timeout [ 86.440054][ T5821] hsr_slave_0: entered promiscuous mode [ 86.446287][ T5821] hsr_slave_1: entered promiscuous mode [ 86.452254][ T5821] debugfs: 'hsr0' already exists in 'hsr' [ 86.458010][ T5821] Cannot create hsr debugfs directory [ 86.504065][ T5822] hsr_slave_0: entered promiscuous mode [ 86.511033][ T5822] hsr_slave_1: entered promiscuous mode [ 86.517355][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 86.523083][ T5822] Cannot create hsr debugfs directory [ 87.043945][ T5820] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.055882][ T5820] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.067665][ T5820] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.087152][ T5820] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.156023][ T5823] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.169412][ T5823] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.186570][ T5823] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.209318][ T5823] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.278875][ T5822] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.292040][ T5822] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.319159][ T5822] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.330481][ T5822] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.413523][ T5821] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.433498][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.445355][ T5821] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.458467][ T5821] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.481886][ T5821] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.527438][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.571162][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.578476][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.608378][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.620475][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.627608][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.670193][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.704401][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.720714][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.750895][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.758076][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.768055][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.775183][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.788515][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.795780][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.820204][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.827386][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.940696][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.015926][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.052424][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.059623][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.101605][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.108808][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.319299][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.440088][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.453506][ T5820] veth0_vlan: entered promiscuous mode [ 88.465128][ T5834] Bluetooth: hci1: command tx timeout [ 88.470566][ T5834] Bluetooth: hci0: command tx timeout [ 88.476062][ T51] Bluetooth: hci3: command tx timeout [ 88.476436][ T5832] Bluetooth: hci2: command tx timeout [ 88.496650][ T5820] veth1_vlan: entered promiscuous mode [ 88.522708][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.558869][ T5820] veth0_macvtap: entered promiscuous mode [ 88.594165][ T5820] veth1_macvtap: entered promiscuous mode [ 88.626831][ T5823] veth0_vlan: entered promiscuous mode [ 88.641773][ T5823] veth1_vlan: entered promiscuous mode [ 88.668436][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.695688][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.721027][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.745571][ T1160] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.755921][ T1160] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.765941][ T1160] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.775232][ T1160] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.790291][ T5822] veth0_vlan: entered promiscuous mode [ 88.806284][ T5823] veth0_macvtap: entered promiscuous mode [ 88.828911][ T5823] veth1_macvtap: entered promiscuous mode [ 88.844998][ T5822] veth1_vlan: entered promiscuous mode [ 88.913118][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.941458][ T5822] veth0_macvtap: entered promiscuous mode [ 88.951991][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.983108][ T5822] veth1_macvtap: entered promiscuous mode [ 89.006599][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.016568][ T144] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.032921][ T144] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.042839][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.050348][ T5821] veth0_vlan: entered promiscuous mode [ 89.070750][ T144] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.083697][ T144] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.135116][ T5821] veth1_vlan: entered promiscuous mode [ 89.147805][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.160494][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.162835][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.179445][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.207345][ T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.218974][ T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.241449][ T1160] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.263843][ T5820] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.290295][ T1160] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.338888][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.372085][ T5821] veth0_macvtap: entered promiscuous mode [ 89.386560][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.456011][ T5821] veth1_macvtap: entered promiscuous mode [ 89.497510][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.512075][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.518862][ T3019] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.533103][ T3019] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.550699][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.578395][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.628458][ T144] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.665238][ T144] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.700641][ T144] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.720047][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.728852][ T144] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.740152][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.975857][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.996649][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.148198][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.158096][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.544655][ T5832] Bluetooth: hci2: command tx timeout [ 90.544846][ T5834] Bluetooth: hci0: command tx timeout [ 90.550160][ T5832] Bluetooth: hci3: command tx timeout [ 90.555615][ T5830] Bluetooth: hci1: command tx timeout [ 90.595791][ T5834] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 90.711281][ T5934] FAULT_INJECTION: forcing a failure. [ 90.711281][ T5934] name failslab, interval 1, probability 0, space 0, times 1 [ 90.806593][ T5934] CPU: 1 UID: 0 PID: 5934 Comm: syz.1.2 Not tainted syzkaller #0 PREEMPT(full) [ 90.806631][ T5934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 90.806651][ T5934] Call Trace: [ 90.806660][ T5934] [ 90.806670][ T5934] dump_stack_lvl+0x100/0x190 [ 90.806721][ T5934] should_fail_ex.cold+0x5/0xa [ 90.806751][ T5934] should_failslab+0xc2/0x120 [ 90.806786][ T5934] __kmalloc_node_track_caller_noprof+0xf9/0x9d0 [ 90.806819][ T5934] ? vidtv_psi_short_event_desc_init+0x429/0x5f0 [ 90.806863][ T5934] ? kstrdup+0x51/0xe0 [ 90.806892][ T5934] kstrdup+0x51/0xe0 [ 90.806922][ T5934] vidtv_psi_short_event_desc_init+0x429/0x5f0 [ 90.806963][ T5934] vidtv_psi_desc_clone+0x33f/0x5d0 [ 90.807001][ T5934] vidtv_channel_si_init+0x764/0x18d0 [ 90.807055][ T5934] vidtv_mux_init+0x526/0xbf0 [ 90.807103][ T5934] vidtv_start_feed+0x33e/0x4c0 [ 90.807135][ T5934] ? __pfx_vidtv_start_feed+0x10/0x10 [ 90.807168][ T5934] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 90.807208][ T5934] ? mark_held_locks+0x40/0x70 [ 90.807242][ T5934] ? __pfx_vidtv_start_feed+0x10/0x10 [ 90.807274][ T5934] dmx_ts_feed_start_filtering+0xf6/0x220 [ 90.807316][ T5934] dvb_dmxdev_start_feed+0x273/0x3f0 [ 90.807350][ T5934] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 90.807386][ T5934] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 90.807425][ T5934] dvb_demux_do_ioctl+0xe64/0x1200 [ 90.807470][ T5934] dvb_usercopy+0x167/0x340 [ 90.807500][ T5934] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 90.807542][ T5934] ? __pfx_dvb_usercopy+0x10/0x10 [ 90.807586][ T5934] ? __fget_files+0x21f/0x3d0 [ 90.807622][ T5934] dvb_demux_ioctl+0x29/0x40 [ 90.807646][ T5934] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 90.807671][ T5934] __x64_sys_ioctl+0x18e/0x210 [ 90.807711][ T5934] do_syscall_64+0x106/0xf80 [ 90.807736][ T5934] ? clear_bhb_loop+0x40/0x90 [ 90.807767][ T5934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.807796][ T5934] RIP: 0033:0x7f9e7e59bf79 [ 90.807818][ T5934] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 90.807845][ T5934] RSP: 002b:00007f9e7f42e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 90.807878][ T5934] RAX: ffffffffffffffda RBX: 00007f9e7e816090 RCX: 00007f9e7e59bf79 [ 90.807897][ T5934] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 90.807914][ T5934] RBP: 00007f9e7e6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 90.807931][ T5934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 90.807948][ T5934] R13: 00007f9e7e816128 R14: 00007f9e7e816090 R15: 00007ffc96db8798 [ 90.807987][ T5934] [ 91.564344][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 91.664613][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 91.872140][ T5947] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6'. [ 91.882425][ T29] cfg80211: failed to load regulatory.db [ 92.017411][ T5945] HfR: entered promiscuous mode [ 92.214748][ T5947] HfR: left promiscuous mode [ 92.617871][ T0] NOHZ tick-stop error: local softirq work is pending, handler #308!!! [ 92.624785][ T5834] Bluetooth: hci0: command tx timeout [ 92.631765][ T51] Bluetooth: hci1: command tx timeout [ 92.637245][ T5830] Bluetooth: hci3: command tx timeout [ 92.642647][ T5830] Bluetooth: hci2: command tx timeout [ 93.106056][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 93.158833][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 93.358133][ T5945] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 93.378714][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.387620][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.394364][ T0] NOHZ tick-stop error: local softirq work is pending, handler #288!!! [ 93.484850][ T0] NOHZ tick-stop error: local softirq work is pending, handler #308!!! [ 93.579921][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 94.773653][ T5992] FAULT_INJECTION: forcing a failure. [ 94.773653][ T5992] name failslab, interval 1, probability 0, space 0, times 0 [ 94.805648][ T5992] CPU: 1 UID: 0 PID: 5992 Comm: syz.1.12 Not tainted syzkaller #0 PREEMPT(full) [ 94.805686][ T5992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 94.805702][ T5992] Call Trace: [ 94.805712][ T5992] [ 94.805722][ T5992] dump_stack_lvl+0x100/0x190 [ 94.805768][ T5992] should_fail_ex.cold+0x5/0xa [ 94.805800][ T5992] should_failslab+0xc2/0x120 [ 94.805834][ T5992] __kmalloc_cache_noprof+0x80/0x810 [ 94.805877][ T5992] ? drm_atomic_state_alloc+0xb8/0x120 [ 94.805932][ T5992] ? drm_atomic_state_alloc+0xb8/0x120 [ 94.805978][ T5992] drm_atomic_state_alloc+0xb8/0x120 [ 94.806026][ T5992] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 94.806057][ T5992] ? rcu_is_watching+0x12/0xc0 [ 94.806092][ T5992] ? trace_contention_end+0xd6/0x110 [ 94.806121][ T5992] ? __mutex_lock+0x26a/0x1b90 [ 94.806151][ T5992] ? __mutex_lock+0x26a/0x1b90 [ 94.806178][ T5992] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 94.806210][ T5992] ? trace_contention_end+0xd6/0x110 [ 94.806239][ T5992] ? drm_master_internal_acquire+0x21/0x80 [ 94.806304][ T5992] drm_client_modeset_commit_locked+0x14d/0x580 [ 94.806343][ T5992] drm_client_modeset_commit+0x4f/0x80 [ 94.806383][ T5992] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 94.806419][ T5992] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 94.806455][ T5992] drm_fbdev_client_restore+0x1b/0x30 [ 94.806496][ T5992] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 94.806536][ T5992] drm_client_dev_restore+0x205/0x2a0 [ 94.806574][ T5992] drm_release+0x2c6/0x360 [ 94.806601][ T5992] ? __pfx_drm_release+0x10/0x10 [ 94.806628][ T5992] __fput+0x3ff/0xb40 [ 94.806673][ T5992] task_work_run+0x150/0x240 [ 94.806707][ T5992] ? __pfx_task_work_run+0x10/0x10 [ 94.806751][ T5992] exit_to_user_mode_loop+0x100/0x4a0 [ 94.806778][ T5992] ? rcu_is_watching+0x12/0xc0 [ 94.806815][ T5992] do_syscall_64+0x668/0xf80 [ 94.806841][ T5992] ? clear_bhb_loop+0x40/0x90 [ 94.806875][ T5992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.806903][ T5992] RIP: 0033:0x7f9e7e59bf79 [ 94.806925][ T5992] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 94.806951][ T5992] RSP: 002b:00007f9e7f44f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 94.806979][ T5992] RAX: 0000000000000000 RBX: 00007f9e7e815fa0 RCX: 00007f9e7e59bf79 [ 94.806996][ T5992] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 94.807013][ T5992] RBP: 00007f9e7e6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 94.807029][ T5992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 94.807045][ T5992] R13: 00007f9e7e816038 R14: 00007f9e7e815fa0 R15: 00007ffc96db8798 [ 94.807085][ T5992] [ 95.194458][ T5992] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 95.211681][ T5992] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 96.253197][ T6014] FAULT_INJECTION: forcing a failure. [ 96.253197][ T6014] name failslab, interval 1, probability 0, space 0, times 0 [ 96.266271][ T6014] CPU: 1 UID: 0 PID: 6014 Comm: syz.0.16 Not tainted syzkaller #0 PREEMPT(full) [ 96.266292][ T6014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 96.266301][ T6014] Call Trace: [ 96.266306][ T6014] [ 96.266312][ T6014] dump_stack_lvl+0x100/0x190 [ 96.266338][ T6014] should_fail_ex.cold+0x5/0xa [ 96.266356][ T6014] should_failslab+0xc2/0x120 [ 96.266374][ T6014] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 96.266391][ T6014] ? __pfx_tcp_current_mss+0x10/0x10 [ 96.266406][ T6014] ? __alloc_skb+0x156/0x410 [ 96.266426][ T6014] ? __alloc_skb+0x156/0x410 [ 96.266440][ T6014] __alloc_skb+0x156/0x410 [ 96.266455][ T6014] ? __pfx___alloc_skb+0x10/0x10 [ 96.266472][ T6014] ? trace_sched_set_need_resched_tp+0xe0/0x120 [ 96.266496][ T6014] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 96.266511][ T6014] ? __resched_curr+0x315/0x3b0 [ 96.266532][ T6014] tcp_stream_alloc_skb+0x34/0x660 [ 96.266555][ T6014] tcp_sendmsg_locked+0x1299/0x4780 [ 96.266589][ T6014] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 96.266612][ T6014] ? do_raw_spin_lock+0x128/0x260 [ 96.266629][ T6014] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 96.266650][ T6014] ? __local_bh_enable_ip+0x9e/0x120 [ 96.266675][ T6014] tcp_sendmsg+0x2e/0x50 [ 96.266694][ T6014] ? __pfx_tcp_sendmsg+0x10/0x10 [ 96.266714][ T6014] inet_sendmsg+0xb9/0x140 [ 96.266728][ T6014] ____sys_sendmsg+0x9ad/0xc30 [ 96.266752][ T6014] ? __pfx_____sys_sendmsg+0x10/0x10 [ 96.266776][ T6014] ? futex_unqueue+0x133/0x2c0 [ 96.266802][ T6014] ___sys_sendmsg+0x190/0x1e0 [ 96.266817][ T6014] ? __pfx____sys_sendmsg+0x10/0x10 [ 96.266831][ T6014] ? __pfx___futex_wait+0x10/0x10 [ 96.266846][ T6014] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 96.266876][ T6014] ? find_held_lock+0x2b/0x80 [ 96.266906][ T6014] __sys_sendmmsg+0x205/0x430 [ 96.266926][ T6014] ? __pfx___sys_sendmmsg+0x10/0x10 [ 96.266943][ T6014] ? __local_bh_enable_ip+0x9e/0x120 [ 96.266974][ T6014] ? __pfx_do_futex+0x10/0x10 [ 96.266997][ T6014] ? xfd_validate_state+0x129/0x190 [ 96.267019][ T6014] __x64_sys_sendmmsg+0x9c/0x100 [ 96.267037][ T6014] ? lockdep_hardirqs_on+0x78/0x100 [ 96.267051][ T6014] do_syscall_64+0x106/0xf80 [ 96.267064][ T6014] ? clear_bhb_loop+0x40/0x90 [ 96.267082][ T6014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.267096][ T6014] RIP: 0033:0x7f509659bf79 [ 96.267109][ T6014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 96.267123][ T6014] RSP: 002b:00007f50973c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 96.267137][ T6014] RAX: ffffffffffffffda RBX: 00007f5096815fa0 RCX: 00007f509659bf79 [ 96.267146][ T6014] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 96.267155][ T6014] RBP: 00007f50966327e0 R08: 0000000000000000 R09: 0000000000000000 [ 96.267163][ T6014] R10: 000000000000cad7 R11: 0000000000000246 R12: 0000000000000000 [ 96.267171][ T6014] R13: 00007f5096816038 R14: 00007f5096815fa0 R15: 00007ffc1ea89108 [ 96.267190][ T6014] [ 98.231036][ T6038] Zero length message leads to an empty skb [ 98.582885][ T6046] Invalid ELF header magic: != ELF [ 99.205321][ T6054] input: 9%vJ,6 as /devices/virtual/input/input5 [ 100.191456][ T6064] usb usb15: usbfs: interface 0 claimed by hub while 'syz.3.25' sets config #0 [ 103.014331][ T6093] XFS: Clearing xfsstats [ 103.047416][ T6093] futex_wake_op: syz.2.29 tries to shift op by -2048; fix this program [ 103.076742][ T6093] futex_wake_op: syz.2.29 tries to shift op by -2048; fix this program [ 103.147691][ T6093] 0x000000000001-0x000000020000 : "" [ 103.246509][ T6093] ftl_cs: FTL header corrupt! [ 103.585373][ T6108] nbd: failed to add new device [ 104.219742][ T6118] mmap: syz.2.34 (6118) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 105.216740][ T6127] Invalid ELF header magic: != ELF [ 106.880827][ T6141] FAULT_INJECTION: forcing a failure. [ 106.880827][ T6141] name failslab, interval 1, probability 0, space 0, times 0 [ 106.900259][ T6141] CPU: 1 UID: 0 PID: 6141 Comm: syz.3.37 Not tainted syzkaller #0 PREEMPT(full) [ 106.900298][ T6141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 106.900314][ T6141] Call Trace: [ 106.900323][ T6141] [ 106.900333][ T6141] dump_stack_lvl+0x100/0x190 [ 106.900379][ T6141] should_fail_ex.cold+0x5/0xa [ 106.900410][ T6141] should_failslab+0xc2/0x120 [ 106.900445][ T6141] __kmalloc_cache_noprof+0x80/0x810 [ 106.900486][ T6141] ? __debugfs_file_get+0x1fc/0x860 [ 106.900527][ T6141] ? sc_common_open+0x46/0x200 [ 106.900571][ T6141] ? __pfx_stats_fop_open+0x10/0x10 [ 106.900608][ T6141] ? sc_common_open+0x46/0x200 [ 106.900646][ T6141] sc_common_open+0x46/0x200 [ 106.900684][ T6141] full_proxy_open_regular+0x1b6/0x370 [ 106.900717][ T6141] do_dentry_open+0x6d8/0x1660 [ 106.900746][ T6141] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 106.900785][ T6141] vfs_open+0x82/0x3f0 [ 106.900827][ T6141] path_openat+0x208c/0x31a0 [ 106.900872][ T6141] ? __pfx_path_openat+0x10/0x10 [ 106.900917][ T6141] do_file_open+0x20e/0x430 [ 106.900951][ T6141] ? __pfx_do_file_open+0x10/0x10 [ 106.901017][ T6141] ? alloc_fd+0x476/0x790 [ 106.901051][ T6141] ? do_getname+0x191/0x390 [ 106.901091][ T6141] do_sys_openat2+0x10d/0x1e0 [ 106.901130][ T6141] ? __pfx_do_sys_openat2+0x10/0x10 [ 106.901170][ T6141] ? __fget_files+0x21f/0x3d0 [ 106.901206][ T6141] __x64_sys_openat+0x12d/0x210 [ 106.901246][ T6141] ? __pfx___x64_sys_openat+0x10/0x10 [ 106.901283][ T6141] ? xfd_validate_state+0x129/0x190 [ 106.901330][ T6141] do_syscall_64+0x106/0xf80 [ 106.901356][ T6141] ? clear_bhb_loop+0x40/0x90 [ 106.901390][ T6141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.901419][ T6141] RIP: 0033:0x7f6f7c39bf79 [ 106.901441][ T6141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 106.901468][ T6141] RSP: 002b:00007f6f7d190028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 106.901495][ T6141] RAX: ffffffffffffffda RBX: 00007f6f7c615fa0 RCX: 00007f6f7c39bf79 [ 106.901513][ T6141] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 106.901530][ T6141] RBP: 00007f6f7c4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 106.901546][ T6141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.901562][ T6141] R13: 00007f6f7c616038 R14: 00007f6f7c615fa0 R15: 00007fff17fb8448 [ 106.901600][ T6141] [ 107.629254][ T6149] process 'syz.0.38' launched './file0' with NULL argv: empty string added [ 108.337467][ T5832] Bluetooth: hci2: Malformed LE Event: 0x0b [ 108.655883][ T6158] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 108.873861][ T6157] netlink: 12 bytes leftover after parsing attributes in process `syz.2.41'. [ 108.912427][ T6157] i: entered promiscuous mode [ 108.941745][ T6159] HfR: entered promiscuous mode [ 109.236015][ T6165] FAULT_INJECTION: forcing a failure. [ 109.236015][ T6165] name failslab, interval 1, probability 0, space 0, times 0 [ 109.272537][ T6165] CPU: 1 UID: 0 PID: 6165 Comm: syz.3.43 Not tainted syzkaller #0 PREEMPT(full) [ 109.272575][ T6165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 109.272586][ T6165] Call Trace: [ 109.272594][ T6165] [ 109.272602][ T6165] dump_stack_lvl+0x100/0x190 [ 109.272647][ T6165] should_fail_ex.cold+0x5/0xa [ 109.272677][ T6165] should_failslab+0xc2/0x120 [ 109.272711][ T6165] ? copy_splice_read+0x1a3/0xb90 [ 109.272736][ T6165] __kmalloc_noprof+0xf6/0x9c0 [ 109.272766][ T6165] ? copy_splice_read+0x1a3/0xb90 [ 109.272779][ T6165] copy_splice_read+0x1a3/0xb90 [ 109.272793][ T6165] ? __pfx_pipe_to_null+0x10/0x10 [ 109.272814][ T6165] ? rcu_is_watching+0x12/0xc0 [ 109.272832][ T6165] ? __pfx_copy_splice_read+0x10/0x10 [ 109.272849][ T6165] ? __pfx_splice_from_pipe+0x10/0x10 [ 109.272869][ T6165] ? copy_splice_read+0x739/0xb90 [ 109.272883][ T6165] ? __pfx_copy_splice_read+0x10/0x10 [ 109.272897][ T6165] do_splice_read+0x285/0x370 [ 109.272912][ T6165] splice_direct_to_actor+0x2a1/0xa30 [ 109.272928][ T6165] ? __pfx_direct_splice_actor+0x10/0x10 [ 109.272947][ T6165] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 109.272967][ T6165] do_splice_direct+0x174/0x240 [ 109.272981][ T6165] ? __pfx_do_splice_direct+0x10/0x10 [ 109.272994][ T6165] ? common_file_perm+0x1ab/0x4f0 [ 109.273017][ T6165] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 109.273032][ T6165] ? bpf_lsm_file_permission+0x9/0x10 [ 109.273048][ T6165] ? security_file_permission+0x76/0x210 [ 109.273065][ T6165] ? rw_verify_area+0xce/0x6d0 [ 109.273087][ T6165] do_sendfile+0xadc/0xe20 [ 109.273104][ T6165] ? __pfx_do_sendfile+0x10/0x10 [ 109.273120][ T6165] ? __x64_sys_futex+0x34f/0x4d0 [ 109.273133][ T6165] ? __x64_sys_futex+0x358/0x4d0 [ 109.273149][ T6165] __x64_sys_sendfile64+0x1d8/0x220 [ 109.273166][ T6165] ? xfd_validate_state+0x129/0x190 [ 109.273182][ T6165] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 109.273199][ T6165] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 109.273216][ T6165] ? syscall_user_dispatch+0x76/0x130 [ 109.273234][ T6165] do_syscall_64+0x106/0xf80 [ 109.273248][ T6165] ? clear_bhb_loop+0x40/0x90 [ 109.273265][ T6165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.273279][ T6165] RIP: 0033:0x7f6f7c39bf79 [ 109.273292][ T6165] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 109.273306][ T6165] RSP: 002b:00007f6f7d190028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 109.273320][ T6165] RAX: ffffffffffffffda RBX: 00007f6f7c615fa0 RCX: 00007f6f7c39bf79 [ 109.273330][ T6165] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 109.273338][ T6165] RBP: 00007f6f7c4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 109.273346][ T6165] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 109.273355][ T6165] R13: 00007f6f7c616038 R14: 00007f6f7c615fa0 R15: 00007fff17fb8448 [ 109.273373][ T6165] [ 110.350698][ T6180] FAULT_INJECTION: forcing a failure. [ 110.350698][ T6180] name failslab, interval 1, probability 0, space 0, times 0 [ 110.365009][ T6180] CPU: 1 UID: 0 PID: 6180 Comm: syz.0.46 Not tainted syzkaller #0 PREEMPT(full) [ 110.365046][ T6180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 110.365062][ T6180] Call Trace: [ 110.365070][ T6180] [ 110.365081][ T6180] dump_stack_lvl+0x100/0x190 [ 110.365126][ T6180] should_fail_ex.cold+0x5/0xa [ 110.365157][ T6180] should_failslab+0xc2/0x120 [ 110.365190][ T6180] ? constrain_params_by_rules+0x175/0xcc0 [ 110.365221][ T6180] __kmalloc_noprof+0xf6/0x9c0 [ 110.365263][ T6180] ? trace_sched_exit_tp+0xcd/0x100 [ 110.365318][ T6180] ? constrain_params_by_rules+0x175/0xcc0 [ 110.365350][ T6180] constrain_params_by_rules+0x175/0xcc0 [ 110.365381][ T6180] ? lockdep_hardirqs_on+0x78/0x100 [ 110.365416][ T6180] ? __bfs+0x150/0x2a0 [ 110.365461][ T6180] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 110.365496][ T6180] ? check_irq_usage+0xe5/0x810 [ 110.365541][ T6180] ? snd_interval_refine+0x2d0/0x580 [ 110.365581][ T6180] snd_pcm_hw_refine+0x7e7/0xad0 [ 110.365619][ T6180] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 110.365658][ T6180] ? do_raw_spin_lock+0x128/0x260 [ 110.365694][ T6180] ? mark_held_locks+0x40/0x70 [ 110.365724][ T6180] snd_pcm_hw_params+0x3f1/0x1cb0 [ 110.365755][ T6180] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850 [ 110.365814][ T6180] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 110.365847][ T6180] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850 [ 110.365892][ T6180] ? snd_pcm_hw_param_near.constprop.0+0x578/0x850 [ 110.365945][ T6180] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 110.365999][ T6180] snd_pcm_kernel_ioctl+0x167/0x2e0 [ 110.366034][ T6180] snd_pcm_oss_change_params_locked+0x1973/0x39f0 [ 110.366081][ T6180] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 110.366116][ T6180] ? __pfx___mutex_lock+0x10/0x10 [ 110.366168][ T6180] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 110.366201][ T6180] snd_pcm_oss_sync+0x265/0x840 [ 110.366237][ T6180] snd_pcm_oss_release+0x238/0x300 [ 110.366267][ T6180] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 110.366297][ T6180] __fput+0x3ff/0xb40 [ 110.366342][ T6180] task_work_run+0x150/0x240 [ 110.366377][ T6180] ? __pfx_task_work_run+0x10/0x10 [ 110.366421][ T6180] exit_to_user_mode_loop+0x100/0x4a0 [ 110.366449][ T6180] ? rcu_is_watching+0x12/0xc0 [ 110.366487][ T6180] do_syscall_64+0x668/0xf80 [ 110.366514][ T6180] ? clear_bhb_loop+0x40/0x90 [ 110.366548][ T6180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.366575][ T6180] RIP: 0033:0x7f509659bf79 [ 110.366596][ T6180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 110.366620][ T6180] RSP: 002b:00007f50973c3028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 110.366645][ T6180] RAX: 0000000000000000 RBX: 00007f5096815fa0 RCX: 00007f509659bf79 [ 110.366660][ T6180] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 110.366674][ T6180] RBP: 00007f50966327e0 R08: 0000000000000000 R09: 0000000000000000 [ 110.366690][ T6180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.366704][ T6180] R13: 00007f5096816038 R14: 00007f5096815fa0 R15: 00007ffc1ea89108 [ 110.366740][ T6180] [ 110.772135][ T6175] Invalid ELF header magic: != ELF [ 111.184773][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 111.190947][ T6163] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 111.310063][ T6186] binder: 6177:6186 ioctl c018620c 0 returned -1 [ 111.962212][ T6163] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 111.975209][ T6163] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 112.000730][ T6163] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 112.044557][ T6163] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 112.091797][ T6163] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 112.120942][ T6163] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 112.134755][ T6163] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 112.149028][ T6163] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 112.175786][ T6163] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 112.181834][ T6163] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 112.234724][ T6163] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 113.267164][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 113.714714][ T6211] sd 0:0:1:0: PR command failed: 1026 [ 113.720163][ T6211] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 113.739852][ T6211] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 114.064475][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 114.158212][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 114.224813][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 115.344251][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 115.644104][ T6224] rtc_cmos 00:00: Alarms can be up to one day in the future [ 115.954713][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 115.962405][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 115.970708][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 115.978737][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 115.988566][ T24] rtc rtc0: __rtc_set_alarm: err=-22 [ 116.147931][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 116.224732][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 116.312950][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 116.524820][ T6245] nbd: failed to add new device [ 116.617168][ T6243] tipc: Started in network mode [ 116.622222][ T6243] tipc: Node identity ee00, cluster identity 4711 [ 116.684230][ T6243] tipc: Node number set to 60928 [ 117.128965][ T6262] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 117.150224][ T6263] FAULT_INJECTION: forcing a failure. [ 117.150224][ T6263] name failslab, interval 1, probability 0, space 0, times 0 [ 117.169026][ T6263] CPU: 1 UID: 0 PID: 6263 Comm: syz.2.62 Not tainted syzkaller #0 PREEMPT(full) [ 117.169064][ T6263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 117.169081][ T6263] Call Trace: [ 117.169097][ T6263] [ 117.169108][ T6263] dump_stack_lvl+0x100/0x190 [ 117.169154][ T6263] should_fail_ex.cold+0x5/0xa [ 117.169186][ T6263] should_failslab+0xc2/0x120 [ 117.169220][ T6263] kmem_cache_alloc_noprof+0x83/0x780 [ 117.169249][ T6263] ? acpi_ut_create_generic_state+0x61/0xc0 [ 117.169284][ T6263] ? acpi_ut_create_generic_state+0x61/0xc0 [ 117.169307][ T6263] acpi_ut_create_generic_state+0x61/0xc0 [ 117.169329][ T6263] acpi_ds_scope_stack_push+0x70/0x790 [ 117.169355][ T6263] acpi_ds_init_aml_walk+0x2d8/0x680 [ 117.169371][ T6263] acpi_ps_execute_method+0x39d/0xe90 [ 117.169391][ T6263] acpi_ns_evaluate+0x640/0x1670 [ 117.169412][ T6263] acpi_evaluate_object+0x420/0xe00 [ 117.169432][ T6263] ? seq_read_iter+0x819/0x1270 [ 117.169444][ T6263] ? kernfs_fop_read_iter+0x46c/0x610 [ 117.169463][ T6263] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 117.169485][ T6263] ? __pfx___might_resched+0x10/0x10 [ 117.169505][ T6263] acpi_evaluate_integer+0xdf/0x220 [ 117.169524][ T6263] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 117.169550][ T6263] ? __pfx_status_show+0x10/0x10 [ 117.169570][ T6263] status_show+0xa0/0x120 [ 117.169590][ T6263] ? __pfx_status_show+0x10/0x10 [ 117.169615][ T6263] dev_attr_show+0x52/0xa0 [ 117.169637][ T6263] ? __pfx_dev_attr_show+0x10/0x10 [ 117.169658][ T6263] sysfs_kf_seq_show+0x217/0x3a0 [ 117.169679][ T6263] seq_read_iter+0x32f/0x1270 [ 117.169700][ T6263] kernfs_fop_read_iter+0x46c/0x610 [ 117.169715][ T6263] ? rw_verify_area+0xce/0x6d0 [ 117.169736][ T6263] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 117.169751][ T6263] vfs_read+0x825/0xb30 [ 117.169768][ T6263] ? __pfx_vfs_read+0x10/0x10 [ 117.169794][ T6263] ksys_read+0x12a/0x250 [ 117.169807][ T6263] ? __pfx_ksys_read+0x10/0x10 [ 117.169827][ T6263] do_syscall_64+0x106/0xf80 [ 117.169841][ T6263] ? clear_bhb_loop+0x40/0x90 [ 117.169858][ T6263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.169872][ T6263] RIP: 0033:0x7f06b8f9bf79 [ 117.169885][ T6263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 117.169899][ T6263] RSP: 002b:00007f06b6df4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 117.169914][ T6263] RAX: ffffffffffffffda RBX: 00007f06b9216270 RCX: 00007f06b8f9bf79 [ 117.169924][ T6263] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000007 [ 117.169932][ T6263] RBP: 00007f06b90327e0 R08: 0000000000000000 R09: 0000000000000000 [ 117.169940][ T6263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 117.169949][ T6263] R13: 00007f06b9216308 R14: 00007f06b9216270 R15: 00007fff6c6bb9b8 [ 117.169970][ T6263] [ 117.288520][ T6263] ACPI Error: ffff88801f2a0000 walk still has a scope list (20251212/dswstate-694) [ 117.656486][ T6255] zswap: compressor not available [ 118.224320][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 118.304403][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 118.386493][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 118.985031][ T30] audit: type=1800 audit(1770865570.975:2): pid=6276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.63" name="features" dev="configfs" ino=9880 res=0 errno=0 [ 121.638358][ T6309] random: crng reseeded on system resumption [ 121.668732][ T6309] hub 1-0:1.0: USB hub found [ 121.691161][ T6309] hub 1-0:1.0: 1 port detected [ 123.300970][ T6321] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 124.045034][ T6322] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 125.430338][ T30] audit: type=1800 audit(1770865577.425:3): pid=6338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.73" name="dbroot" dev="configfs" ino=10026 res=0 errno=0 [ 125.615035][ T6341] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 126.631503][ T6351] Invalid ELF header magic: != ELF [ 127.073366][ T6361] input: jJǸ-9%vJ86 as /devices/virtual/input/input9 [ 127.549087][ T6368] FAULT_INJECTION: forcing a failure. [ 127.549087][ T6368] name failslab, interval 1, probability 0, space 0, times 0 [ 127.561782][ T6368] CPU: 1 UID: 0 PID: 6368 Comm: syz.0.78 Not tainted syzkaller #0 PREEMPT(full) [ 127.561803][ T6368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 127.561813][ T6368] Call Trace: [ 127.561819][ T6368] [ 127.561825][ T6368] dump_stack_lvl+0x100/0x190 [ 127.561871][ T6368] should_fail_ex.cold+0x5/0xa [ 127.561888][ T6368] should_failslab+0xc2/0x120 [ 127.561906][ T6368] ? __seq_open_private+0x22/0xd0 [ 127.561928][ T6368] __kmalloc_noprof+0xf6/0x9c0 [ 127.561954][ T6368] ? __pfx_stats_fop_open+0x10/0x10 [ 127.561973][ T6368] ? __seq_open_private+0x22/0xd0 [ 127.561993][ T6368] ? __kasan_kmalloc+0xaa/0xb0 [ 127.562006][ T6368] __seq_open_private+0x22/0xd0 [ 127.562029][ T6368] sc_common_open+0x6b/0x200 [ 127.562049][ T6368] full_proxy_open_regular+0x1b6/0x370 [ 127.562067][ T6368] do_dentry_open+0x6d8/0x1660 [ 127.562082][ T6368] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 127.562102][ T6368] vfs_open+0x82/0x3f0 [ 127.562123][ T6368] path_openat+0x208c/0x31a0 [ 127.562147][ T6368] ? __pfx_path_openat+0x10/0x10 [ 127.562169][ T6368] do_file_open+0x20e/0x430 [ 127.562186][ T6368] ? __pfx_do_file_open+0x10/0x10 [ 127.562215][ T6368] ? alloc_fd+0x476/0x790 [ 127.562232][ T6368] ? do_getname+0x191/0x390 [ 127.562252][ T6368] do_sys_openat2+0x10d/0x1e0 [ 127.562271][ T6368] ? __pfx_do_sys_openat2+0x10/0x10 [ 127.562292][ T6368] ? __fget_files+0x21f/0x3d0 [ 127.562310][ T6368] __x64_sys_openat+0x12d/0x210 [ 127.562330][ T6368] ? __pfx___x64_sys_openat+0x10/0x10 [ 127.562349][ T6368] ? xfd_validate_state+0x129/0x190 [ 127.562379][ T6368] do_syscall_64+0x106/0xf80 [ 127.562394][ T6368] ? clear_bhb_loop+0x40/0x90 [ 127.562411][ T6368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.562427][ T6368] RIP: 0033:0x7f509659bf79 [ 127.562442][ T6368] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 127.562456][ T6368] RSP: 002b:00007f50973c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 127.562474][ T6368] RAX: ffffffffffffffda RBX: 00007f5096815fa0 RCX: 00007f509659bf79 [ 127.562484][ T6368] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 127.562494][ T6368] RBP: 00007f50966327e0 R08: 0000000000000000 R09: 0000000000000000 [ 127.562503][ T6368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 127.562511][ T6368] R13: 00007f5096816038 R14: 00007f5096815fa0 R15: 00007ffc1ea89108 [ 127.562531][ T6368] [ 128.673971][ T5832] Bluetooth: hci0: Malformed LE Event: 0x0b [ 130.788730][ T6396] input: jJǸ-9%vJ86 as /devices/virtual/input/input10 [ 131.788004][ T6402] input: jJǸ-9%vJ86 as /devices/virtual/input/input11 [ 133.080952][ T6422] input: jJǸ-9%vJ86 as /devices/virtual/input/input13 [ 133.616582][ T6430] input: jJǸ-9%vJ86 as /devices/virtual/input/input14 [ 135.189538][ T30] audit: type=1800 audit(1770865587.185:4): pid=6444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.91" name="dbroot" dev="configfs" ino=11773 res=0 errno=0 [ 135.366682][ T6451] FAULT_INJECTION: forcing a failure. [ 135.366682][ T6451] name failslab, interval 1, probability 0, space 0, times 0 [ 135.438519][ T6451] CPU: 1 UID: 0 PID: 6451 Comm: syz.1.93 Not tainted syzkaller #0 PREEMPT(full) [ 135.438557][ T6451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 135.438574][ T6451] Call Trace: [ 135.438583][ T6451] [ 135.438593][ T6451] dump_stack_lvl+0x100/0x190 [ 135.438638][ T6451] should_fail_ex.cold+0x5/0xa [ 135.438670][ T6451] should_failslab+0xc2/0x120 [ 135.438703][ T6451] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 135.438738][ T6451] ? _raw_spin_unlock+0x28/0x50 [ 135.438779][ T6451] ? alloc_inode+0x183/0x250 [ 135.438822][ T6451] ? alloc_inode+0x183/0x250 [ 135.438858][ T6451] alloc_inode+0x183/0x250 [ 135.438897][ T6451] new_inode+0x22/0x1c0 [ 135.438931][ T6451] ? dput.part.0+0xdd/0x570 [ 135.438970][ T6451] simple_fill_super+0x2d9/0x680 [ 135.439005][ T6451] ? __pfx_nfsd_fill_super+0x10/0x10 [ 135.439047][ T6451] nfsd_fill_super+0x98/0x560 [ 135.439089][ T6451] ? __pfx_set_anon_super_fc+0x10/0x10 [ 135.439131][ T6451] ? __pfx_nfsd_fill_super+0x10/0x10 [ 135.439172][ T6451] get_tree_keyed+0x10e/0x1d0 [ 135.439200][ T6451] vfs_get_tree+0x92/0x320 [ 135.439241][ T6451] path_mount+0x7d0/0x23d0 [ 135.439281][ T6451] ? __pfx_path_mount+0x10/0x10 [ 135.439317][ T6451] ? kmem_cache_free+0x143/0x720 [ 135.439356][ T6451] ? strncpy_from_user+0x19d/0x2d0 [ 135.439383][ T6451] ? putname+0xb1/0x110 [ 135.439424][ T6451] ? __x64_sys_mount+0x293/0x310 [ 135.439463][ T6451] __x64_sys_mount+0x293/0x310 [ 135.439494][ T6451] ? __pfx___x64_sys_mount+0x10/0x10 [ 135.439541][ T6451] do_syscall_64+0x106/0xf80 [ 135.439568][ T6451] ? clear_bhb_loop+0x40/0x90 [ 135.439605][ T6451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.439633][ T6451] RIP: 0033:0x7f9e7e59bf79 [ 135.439656][ T6451] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 135.439683][ T6451] RSP: 002b:00007f9e7f40d028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 135.439711][ T6451] RAX: ffffffffffffffda RBX: 00007f9e7e816180 RCX: 00007f9e7e59bf79 [ 135.439730][ T6451] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000 [ 135.439748][ T6451] RBP: 00007f9e7e6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 135.439764][ T6451] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 135.439781][ T6451] R13: 00007f9e7e816218 R14: 00007f9e7e816180 R15: 00007ffc96db8798 [ 135.439818][ T6451] [ 136.135945][ T6462] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 136.907875][ T6473] FAULT_INJECTION: forcing a failure. [ 136.907875][ T6473] name failslab, interval 1, probability 0, space 0, times 0 [ 136.980672][ T6473] CPU: 0 UID: 0 PID: 6473 Comm: syz.1.97 Not tainted syzkaller #0 PREEMPT(full) [ 136.980694][ T6473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 136.980703][ T6473] Call Trace: [ 136.980708][ T6473] [ 136.980714][ T6473] dump_stack_lvl+0x100/0x190 [ 136.980740][ T6473] should_fail_ex.cold+0x5/0xa [ 136.980757][ T6473] should_failslab+0xc2/0x120 [ 136.980775][ T6473] ? constrain_params_by_rules+0x175/0xcc0 [ 136.980792][ T6473] __kmalloc_noprof+0xf6/0x9c0 [ 136.980813][ T6473] ? __kernel_text_address+0xd/0x30 [ 136.980831][ T6473] ? look_up_lock_class+0x55/0x120 [ 136.980849][ T6473] ? constrain_params_by_rules+0x175/0xcc0 [ 136.980864][ T6473] constrain_params_by_rules+0x175/0xcc0 [ 136.980883][ T6473] ? __lock_acquire+0x4a5/0x2630 [ 136.980899][ T6473] ? __pfx_stack_trace_save+0x10/0x10 [ 136.980919][ T6473] ? stack_depot_save_flags+0x27/0x9d0 [ 136.980938][ T6473] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 136.980957][ T6473] ? lock_acquire+0x17c/0x330 [ 136.980972][ T6473] ? __pfx___might_resched+0x10/0x10 [ 136.980993][ T6473] ? __mutex_lock+0x26a/0x1b90 [ 136.981009][ T6473] ? snd_interval_refine+0x2d0/0x580 [ 136.981030][ T6473] snd_pcm_hw_refine+0x7e7/0xad0 [ 136.981050][ T6473] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 136.981072][ T6473] ? do_raw_spin_lock+0x128/0x260 [ 136.981092][ T6473] ? mark_held_locks+0x40/0x70 [ 136.981108][ T6473] snd_pcm_hw_params+0x3f1/0x1cb0 [ 136.981130][ T6473] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850 [ 136.981156][ T6473] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 136.981173][ T6473] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850 [ 136.981196][ T6473] ? snd_pcm_hw_param_near.constprop.0+0x578/0x850 [ 136.981222][ T6473] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 136.981249][ T6473] snd_pcm_kernel_ioctl+0x167/0x2e0 [ 136.981268][ T6473] snd_pcm_oss_change_params_locked+0x1973/0x39f0 [ 136.981292][ T6473] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 136.981310][ T6473] ? __pfx___mutex_lock+0x10/0x10 [ 136.981337][ T6473] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 136.981354][ T6473] snd_pcm_oss_sync+0x265/0x840 [ 136.981372][ T6473] snd_pcm_oss_release+0x238/0x300 [ 136.981387][ T6473] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 136.981401][ T6473] __fput+0x3ff/0xb40 [ 136.981423][ T6473] task_work_run+0x150/0x240 [ 136.981442][ T6473] ? __pfx_task_work_run+0x10/0x10 [ 136.981480][ T6473] exit_to_user_mode_loop+0x100/0x4a0 [ 136.981506][ T6473] ? rcu_is_watching+0x12/0xc0 [ 136.981540][ T6473] do_syscall_64+0x668/0xf80 [ 136.981565][ T6473] ? clear_bhb_loop+0x40/0x90 [ 136.981598][ T6473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.981613][ T6473] RIP: 0033:0x7f9e7e59bf79 [ 136.981626][ T6473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 136.981641][ T6473] RSP: 002b:00007f9e7f44f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 136.981655][ T6473] RAX: 0000000000000000 RBX: 00007f9e7e815fa0 RCX: 00007f9e7e59bf79 [ 136.981664][ T6473] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 136.981672][ T6473] RBP: 00007f9e7e6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 136.981681][ T6473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.981689][ T6473] R13: 00007f9e7e816038 R14: 00007f9e7e815fa0 R15: 00007ffc96db8798 [ 136.981709][ T6473] [ 137.406216][ T6473] binder: 6470:6473 ioctl c018620c 0 returned -1 [ 137.429875][ T6479] FAULT_INJECTION: forcing a failure. [ 137.429875][ T6479] name failslab, interval 1, probability 0, space 0, times 0 [ 137.462212][ T6479] CPU: 1 UID: 0 PID: 6479 Comm: syz.2.98 Not tainted syzkaller #0 PREEMPT(full) [ 137.462254][ T6479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 137.462271][ T6479] Call Trace: [ 137.462281][ T6479] [ 137.462292][ T6479] dump_stack_lvl+0x100/0x190 [ 137.462339][ T6479] should_fail_ex.cold+0x5/0xa [ 137.462372][ T6479] should_failslab+0xc2/0x120 [ 137.462407][ T6479] __kmalloc_cache_node_noprof+0x83/0x840 [ 137.462442][ T6479] ? __alloc_disk_node+0x5a/0x6b0 [ 137.462502][ T6479] ? __alloc_disk_node+0x5a/0x6b0 [ 137.462545][ T6479] __alloc_disk_node+0x5a/0x6b0 [ 137.462598][ T6479] __blk_mq_alloc_disk+0x89/0x120 [ 137.462642][ T6479] nbd_dev_add+0x492/0xb10 [ 137.462679][ T6479] ? find_held_lock+0x2b/0x80 [ 137.462717][ T6479] ? __pfx_nbd_dev_add+0x10/0x10 [ 137.462753][ T6479] ? nbd_genl_connect+0x131a/0x1a40 [ 137.462815][ T6479] ? bpf_lsm_capable+0x9/0x10 [ 137.462855][ T6479] ? __radix_tree_lookup+0x217/0x2b0 [ 137.462905][ T6479] nbd_genl_connect+0xb8d/0x1a40 [ 137.462944][ T6479] ? rcu_is_watching+0x12/0xc0 [ 137.462981][ T6479] ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 137.463033][ T6479] ? __pfx_nbd_genl_connect+0x10/0x10 [ 137.463075][ T6479] ? __nla_parse+0x40/0x60 [ 137.463118][ T6479] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 137.463162][ T6479] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 137.463214][ T6479] genl_family_rcv_msg_doit+0x214/0x300 [ 137.463262][ T6479] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 137.463305][ T6479] ? genl_get_cmd+0x3ef/0x720 [ 137.463358][ T6479] ? __dev_queue_xmit+0x7fd/0x46f0 [ 137.463385][ T6479] ? __radix_tree_lookup+0x217/0x2b0 [ 137.463434][ T6479] genl_rcv_msg+0x560/0x800 [ 137.463486][ T6479] ? __pfx_genl_rcv_msg+0x10/0x10 [ 137.463529][ T6479] ? __pfx_nbd_genl_connect+0x10/0x10 [ 137.463585][ T6479] netlink_rcv_skb+0x159/0x420 [ 137.463625][ T6479] ? __pfx_genl_rcv_msg+0x10/0x10 [ 137.463671][ T6479] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 137.463726][ T6479] ? netlink_deliver_tap+0x1ae/0xcc0 [ 137.463770][ T6479] genl_rcv+0x28/0x40 [ 137.463807][ T6479] netlink_unicast+0x5aa/0x870 [ 137.463852][ T6479] ? __pfx_netlink_unicast+0x10/0x10 [ 137.463906][ T6479] netlink_sendmsg+0x8b0/0xda0 [ 137.463952][ T6479] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.463989][ T6479] ? __import_iovec+0x1d2/0x640 [ 137.464024][ T6479] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 137.464072][ T6479] ____sys_sendmsg+0xa54/0xc30 [ 137.464117][ T6479] ? __pfx_____sys_sendmsg+0x10/0x10 [ 137.464161][ T6479] ? __pfx_futex_wake_mark+0x10/0x10 [ 137.464202][ T6479] ___sys_sendmsg+0x190/0x1e0 [ 137.464231][ T6479] ? __pfx____sys_sendmsg+0x10/0x10 [ 137.464307][ T6479] __sys_sendmsg+0x170/0x220 [ 137.464344][ T6479] ? __pfx___sys_sendmsg+0x10/0x10 [ 137.464378][ T6479] ? __x64_sys_futex+0x34f/0x4d0 [ 137.464428][ T6479] do_syscall_64+0x106/0xf80 [ 137.464455][ T6479] ? clear_bhb_loop+0x40/0x90 [ 137.464495][ T6479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.464524][ T6479] RIP: 0033:0x7f06b8f9bf79 [ 137.464548][ T6479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 137.464575][ T6479] RSP: 002b:00007f06b9db3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 137.464603][ T6479] RAX: ffffffffffffffda RBX: 00007f06b9215fa0 RCX: 00007f06b8f9bf79 [ 137.464622][ T6479] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000002 [ 137.464639][ T6479] RBP: 00007f06b90327e0 R08: 0000000000000000 R09: 0000000000000000 [ 137.464657][ T6479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.464674][ T6479] R13: 00007f06b9216038 R14: 00007f06b9215fa0 R15: 00007fff6c6bb9b8 [ 137.464714][ T6479] [ 137.932455][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.020116][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.144515][ T6479] nbd: failed to add new device [ 138.702423][ T6495] vivid-007: ================= START STATUS ================= [ 138.728824][ T6495] vivid-007: Enable Output Cropping: true [ 138.792705][ T6495] vivid-007: Enable Output Composing: true [ 138.811617][ T6495] vivid-007: Enable Output Scaler: true [ 138.818873][ T6495] vivid-007: Tx RGB Quantization Range: Automatic [ 138.826473][ T6495] vivid-007: Transmit Mode: HDMI [ 138.862346][ T6495] vivid-007: Hotplug Present: 0x00000000 [ 138.904227][ T6495] vivid-007: RxSense Present: 0x00000000 [ 138.910980][ T6495] vivid-007: EDID Present: 0x00000000 [ 138.917992][ T6495] vivid-007: ================== END STATUS ================== [ 139.008768][ T6506] input: jJǸ-9%vJ86 as /devices/virtual/input/input17 [ 140.147510][ T6514] binder: 6512:6514 ioctl c018620c 0 returned -1 [ 140.254358][ T5832] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 140.346719][ T30] audit: type=1800 audit(1770865592.345:5): pid=6524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.103" name="dbroot" dev="configfs" ino=12299 res=0 errno=0 [ 140.534793][ T5832] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 140.534828][ T5832] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 140.549817][ T5832] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 140.549861][ T5832] Bluetooth: hci1: adv larger than maximum supported [ 140.558426][ T5832] Bluetooth: hci1: Unknown advertising packet type: 0x5f [ 140.565270][ T5832] Bluetooth: hci1: Malformed LE Event: 0x0d [ 140.778070][ T6519] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 140.804488][ T6519] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 140.810604][ T6519] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 140.818255][ T6519] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 141.409777][ T30] audit: type=1800 audit(1770865593.405:6): pid=6552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.111" name="dbroot" dev="configfs" ino=12366 res=0 errno=0 [ 142.517096][ T6532] rtc_cmos 00:00: Alarms can be up to one day in the future [ 142.784509][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 142.865000][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 142.866511][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 142.871104][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 142.951278][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 142.976686][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 143.013163][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 143.021449][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 143.030639][ T24] rtc rtc0: __rtc_set_alarm: err=-22 [ 143.382169][ T30] audit: type=1800 audit(1770865595.375:7): pid=6571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.117" name="dbroot" dev="configfs" ino=12556 res=0 errno=0 [ 144.397349][ T5830] Bluetooth: hci1: unexpected event 0x01 length: 124 > 1 [ 144.657838][ T6587] FAULT_INJECTION: forcing a failure. [ 144.657838][ T6587] name failslab, interval 1, probability 0, space 0, times 0 [ 144.696411][ T6587] CPU: 0 UID: 0 PID: 6587 Comm: syz.0.121 Not tainted syzkaller #0 PREEMPT(full) [ 144.696435][ T6587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 144.696444][ T6587] Call Trace: [ 144.696450][ T6587] [ 144.696456][ T6587] dump_stack_lvl+0x100/0x190 [ 144.696482][ T6587] should_fail_ex.cold+0x5/0xa [ 144.696499][ T6587] should_failslab+0xc2/0x120 [ 144.696518][ T6587] kmem_cache_alloc_noprof+0x83/0x780 [ 144.696535][ T6587] ? mempool_init_node+0x2f7/0x6e0 [ 144.696557][ T6587] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 144.696575][ T6587] ? mempool_init_node+0x2f7/0x6e0 [ 144.696599][ T6587] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 144.696617][ T6587] mempool_init_node+0x2f7/0x6e0 [ 144.696639][ T6587] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 144.696657][ T6587] ? __pfx_mempool_free_slab+0x10/0x10 [ 144.696676][ T6587] mempool_init_noprof+0x3a/0x50 [ 144.696697][ T6587] bioset_init+0x37e/0x8a0 [ 144.696712][ T6587] ? __pfx_bioset_init+0x10/0x10 [ 144.696734][ T6587] __alloc_disk_node+0x83/0x6b0 [ 144.696760][ T6587] __blk_mq_alloc_disk+0x89/0x120 [ 144.696782][ T6587] nbd_dev_add+0x492/0xb10 [ 144.696801][ T6587] ? find_held_lock+0x2b/0x80 [ 144.696820][ T6587] ? __pfx_nbd_dev_add+0x10/0x10 [ 144.696838][ T6587] ? nbd_genl_connect+0x131a/0x1a40 [ 144.696871][ T6587] ? bpf_lsm_capable+0x9/0x10 [ 144.696890][ T6587] ? __radix_tree_lookup+0x217/0x2b0 [ 144.696915][ T6587] nbd_genl_connect+0xb8d/0x1a40 [ 144.696933][ T6587] ? rcu_is_watching+0x12/0xc0 [ 144.696950][ T6587] ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 144.696976][ T6587] ? __pfx_nbd_genl_connect+0x10/0x10 [ 144.696996][ T6587] ? __nla_parse+0x40/0x60 [ 144.697017][ T6587] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 144.697039][ T6587] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 144.697064][ T6587] genl_family_rcv_msg_doit+0x214/0x300 [ 144.697089][ T6587] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 144.697110][ T6587] ? genl_get_cmd+0x3ef/0x720 [ 144.697135][ T6587] ? __dev_queue_xmit+0x7fd/0x46f0 [ 144.697149][ T6587] ? __radix_tree_lookup+0x217/0x2b0 [ 144.697172][ T6587] genl_rcv_msg+0x560/0x800 [ 144.697195][ T6587] ? __pfx_genl_rcv_msg+0x10/0x10 [ 144.697217][ T6587] ? __pfx_nbd_genl_connect+0x10/0x10 [ 144.697244][ T6587] netlink_rcv_skb+0x159/0x420 [ 144.697263][ T6587] ? __pfx_genl_rcv_msg+0x10/0x10 [ 144.697285][ T6587] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 144.697312][ T6587] ? netlink_deliver_tap+0x1ae/0xcc0 [ 144.697333][ T6587] genl_rcv+0x28/0x40 [ 144.697351][ T6587] netlink_unicast+0x5aa/0x870 [ 144.697374][ T6587] ? __pfx_netlink_unicast+0x10/0x10 [ 144.697400][ T6587] netlink_sendmsg+0x8b0/0xda0 [ 144.697422][ T6587] ? __pfx_netlink_sendmsg+0x10/0x10 [ 144.697443][ T6587] ? __import_iovec+0x1d2/0x640 [ 144.697461][ T6587] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 144.697486][ T6587] ____sys_sendmsg+0xa54/0xc30 [ 144.697510][ T6587] ? __pfx_____sys_sendmsg+0x10/0x10 [ 144.697540][ T6587] ___sys_sendmsg+0x190/0x1e0 [ 144.697555][ T6587] ? __pfx____sys_sendmsg+0x10/0x10 [ 144.697597][ T6587] __sys_sendmsg+0x170/0x220 [ 144.697617][ T6587] ? __pfx___sys_sendmsg+0x10/0x10 [ 144.697634][ T6587] ? irqentry_exit+0x180/0x670 [ 144.697660][ T6587] do_syscall_64+0x106/0xf80 [ 144.697673][ T6587] ? clear_bhb_loop+0x40/0x90 [ 144.697691][ T6587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.697705][ T6587] RIP: 0033:0x7f509659bf79 [ 144.697718][ T6587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 144.697731][ T6587] RSP: 002b:00007f50973c3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 144.697746][ T6587] RAX: ffffffffffffffda RBX: 00007f5096815fa0 RCX: 00007f509659bf79 [ 144.697756][ T6587] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000002 [ 144.697765][ T6587] RBP: 00007f50966327e0 R08: 0000000000000000 R09: 0000000000000000 [ 144.697773][ T6587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.697782][ T6587] R13: 00007f5096816038 R14: 00007f5096815fa0 R15: 00007ffc1ea89108 [ 144.697802][ T6587] [ 145.224514][ T6587] nbd: failed to add new device [ 146.575500][ T6622] input: jJǸ-9%vJ86 as /devices/virtual/input/input20 [ 146.660835][ T6607] rtc_cmos 00:00: Alarms can be up to one day in the future [ 146.950898][ T5912] rtc_cmos 00:00: Alarms can be up to one day in the future [ 146.972700][ T5912] rtc_cmos 00:00: Alarms can be up to one day in the future [ 146.988789][ T5912] rtc_cmos 00:00: Alarms can be up to one day in the future [ 147.006533][ T5912] rtc_cmos 00:00: Alarms can be up to one day in the future [ 147.027586][ T5912] rtc rtc0: __rtc_set_alarm: err=-22 [ 150.389325][ T6669] binder: 6668:6669 ioctl c0306201 0 returned -14 [ 150.455724][ T30] audit: type=1806 audit(1770865602.455:8): res=-14 [ 151.722072][ T6657] rtc_cmos 00:00: Alarms can be up to one day in the future [ 151.954613][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 152.005540][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 152.038053][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 152.048369][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 152.058361][ T24] rtc rtc0: __rtc_set_alarm: err=-22 [ 153.245742][ T6726] input: jJǸ-9%vJ86 as /devices/virtual/input/input23 [ 153.823241][ T6730] input: jJǸ-9%vJ86 as /devices/virtual/input/input24 [ 154.012865][ T30] audit: type=1800 audit(1770865606.005:9): pid=6740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.163" name="dbroot" dev="configfs" ino=13307 res=0 errno=0 [ 154.833487][ T6754] synth uevent: /devices/virtual/tty/ptyue: unknown uevent action string [ 154.846914][ T6754] tty ptyue: uevent: failed to send synthetic uevent: -22 [ 155.910592][ T30] audit: type=1800 audit(1770865607.905:10): pid=6778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.176" name="dbroot" dev="configfs" ino=13886 res=0 errno=0 [ 156.093758][ T6781] input: jJǸ-9%vJ86 as /devices/virtual/input/input25 [ 158.334296][ T6821] input: jJǸ-9%vJ86 as /devices/virtual/input/input27 [ 159.103894][ T6835] zram0: detected capacity change from 0 to 16 [ 159.657309][ T6845] FAULT_INJECTION: forcing a failure. [ 159.657309][ T6845] name failslab, interval 1, probability 0, space 0, times 0 [ 159.677861][ T6845] CPU: 0 UID: 0 PID: 6845 Comm: syz.3.193 Not tainted syzkaller #0 PREEMPT(full) [ 159.677900][ T6845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 159.677916][ T6845] Call Trace: [ 159.677926][ T6845] [ 159.677937][ T6845] dump_stack_lvl+0x100/0x190 [ 159.677983][ T6845] should_fail_ex.cold+0x5/0xa [ 159.678015][ T6845] should_failslab+0xc2/0x120 [ 159.678051][ T6845] kmem_cache_alloc_noprof+0x83/0x780 [ 159.678083][ T6845] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 159.678113][ T6845] ? acpi_ps_alloc_op+0xf4/0x360 [ 159.678148][ T6845] ? acpi_ps_alloc_op+0xf4/0x360 [ 159.678173][ T6845] acpi_ps_alloc_op+0xf4/0x360 [ 159.678205][ T6845] acpi_ps_create_scope_op+0x1a/0x70 [ 159.678233][ T6845] acpi_ps_execute_method+0x223/0xe90 [ 159.678273][ T6845] acpi_ns_evaluate+0x640/0x1670 [ 159.678314][ T6845] acpi_evaluate_object+0x420/0xe00 [ 159.678356][ T6845] ? seq_read_iter+0x819/0x1270 [ 159.678380][ T6845] ? kernfs_fop_read_iter+0x46c/0x610 [ 159.678417][ T6845] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 159.678471][ T6845] ? __pfx___might_resched+0x10/0x10 [ 159.678512][ T6845] acpi_evaluate_integer+0xdf/0x220 [ 159.678550][ T6845] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 159.678602][ T6845] ? __pfx_status_show+0x10/0x10 [ 159.678642][ T6845] status_show+0xa0/0x120 [ 159.678685][ T6845] ? __pfx_status_show+0x10/0x10 [ 159.678737][ T6845] dev_attr_show+0x52/0xa0 [ 159.678783][ T6845] ? __pfx_dev_attr_show+0x10/0x10 [ 159.678826][ T6845] sysfs_kf_seq_show+0x217/0x3a0 [ 159.678867][ T6845] seq_read_iter+0x32f/0x1270 [ 159.678911][ T6845] kernfs_fop_read_iter+0x46c/0x610 [ 159.678941][ T6845] ? rw_verify_area+0xce/0x6d0 [ 159.678983][ T6845] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 159.679015][ T6845] vfs_read+0x825/0xb30 [ 159.679048][ T6845] ? __pfx_vfs_read+0x10/0x10 [ 159.679101][ T6845] ksys_read+0x12a/0x250 [ 159.679129][ T6845] ? __pfx_ksys_read+0x10/0x10 [ 159.679169][ T6845] do_syscall_64+0x106/0xf80 [ 159.679196][ T6845] ? clear_bhb_loop+0x40/0x90 [ 159.679231][ T6845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.679261][ T6845] RIP: 0033:0x7f6f7c39bf79 [ 159.679283][ T6845] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.679311][ T6845] RSP: 002b:00007f6f7a1d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 159.679338][ T6845] RAX: ffffffffffffffda RBX: 00007f6f7c616270 RCX: 00007f6f7c39bf79 [ 159.679357][ T6845] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000007 [ 159.679375][ T6845] RBP: 00007f6f7c4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 159.679392][ T6845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.679409][ T6845] R13: 00007f6f7c616308 R14: 00007f6f7c616270 R15: 00007fff17fb8448 [ 159.679455][ T6845] [ 160.273776][ T6841] zswap: compressor not available [ 161.716602][ T6873] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 161.734568][ T6873] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 161.754294][ T6873] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 161.823467][ T6873] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 162.073486][ T6878] HfR: entered promiscuous mode [ 162.812668][ T30] audit: type=1800 audit(1770865614.805:11): pid=6901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.211" name="dbroot" dev="configfs" ino=14157 res=0 errno=0 [ 163.276050][ T6907] FAULT_INJECTION: forcing a failure. [ 163.276050][ T6907] name failslab, interval 1, probability 0, space 0, times 0 [ 163.375473][ T6910] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 163.394287][ T6907] CPU: 1 UID: 0 PID: 6907 Comm: syz.2.212 Not tainted syzkaller #0 PREEMPT(full) [ 163.394318][ T6907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 163.394327][ T6907] Call Trace: [ 163.394333][ T6907] [ 163.394340][ T6907] dump_stack_lvl+0x100/0x190 [ 163.394366][ T6907] should_fail_ex.cold+0x5/0xa [ 163.394383][ T6907] should_failslab+0xc2/0x120 [ 163.394402][ T6907] __kmalloc_cache_noprof+0x80/0x810 [ 163.394426][ T6907] ? drm_atomic_state_alloc+0xb8/0x120 [ 163.394452][ T6907] ? drm_atomic_state_alloc+0xb8/0x120 [ 163.394474][ T6907] drm_atomic_state_alloc+0xb8/0x120 [ 163.394497][ T6907] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 163.394513][ T6907] ? rcu_is_watching+0x12/0xc0 [ 163.394531][ T6907] ? trace_contention_end+0xd6/0x110 [ 163.394547][ T6907] ? __mutex_lock+0x26a/0x1b90 [ 163.394563][ T6907] ? __mutex_lock+0x26a/0x1b90 [ 163.394577][ T6907] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 163.394593][ T6907] ? trace_contention_end+0xd6/0x110 [ 163.394608][ T6907] ? drm_master_internal_acquire+0x21/0x80 [ 163.394641][ T6907] drm_client_modeset_commit_locked+0x14d/0x580 [ 163.394661][ T6907] drm_client_modeset_commit+0x4f/0x80 [ 163.394678][ T6907] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 163.394697][ T6907] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 163.394715][ T6907] drm_fbdev_client_restore+0x1b/0x30 [ 163.394736][ T6907] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 163.394756][ T6907] drm_client_dev_restore+0x205/0x2a0 [ 163.394775][ T6907] drm_release+0x2c6/0x360 [ 163.394790][ T6907] ? __pfx_drm_release+0x10/0x10 [ 163.394804][ T6907] __fput+0x3ff/0xb40 [ 163.394826][ T6907] task_work_run+0x150/0x240 [ 163.394844][ T6907] ? __pfx_task_work_run+0x10/0x10 [ 163.394874][ T6907] exit_to_user_mode_loop+0x100/0x4a0 [ 163.394890][ T6907] ? rcu_is_watching+0x12/0xc0 [ 163.394910][ T6907] do_syscall_64+0x668/0xf80 [ 163.394924][ T6907] ? clear_bhb_loop+0x40/0x90 [ 163.394942][ T6907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.394956][ T6907] RIP: 0033:0x7f06b8f9bf79 [ 163.394969][ T6907] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 163.394982][ T6907] RSP: 002b:00007f06b9db3028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 163.394997][ T6907] RAX: 0000000000000000 RBX: 00007f06b9215fa0 RCX: 00007f06b8f9bf79 [ 163.395006][ T6907] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 163.395014][ T6907] RBP: 00007f06b90327e0 R08: 0000000000000000 R09: 0000000000000000 [ 163.395023][ T6907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.395031][ T6907] R13: 00007f06b9216038 R14: 00007f06b9215fa0 R15: 00007fff6c6bb9b8 [ 163.395052][ T6907] [ 163.753524][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 163.755677][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout [ 163.824248][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 163.908777][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 164.257550][ T6921] input: jJǸ-9%vJ86 as /devices/virtual/input/input30 [ 164.678464][ T6928] FAULT_INJECTION: forcing a failure. [ 164.678464][ T6928] name failslab, interval 1, probability 0, space 0, times 0 [ 164.698174][ T6928] CPU: 1 UID: 0 PID: 6928 Comm: syz.2.215 Not tainted syzkaller #0 PREEMPT(full) [ 164.698210][ T6928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 164.698225][ T6928] Call Trace: [ 164.698234][ T6928] [ 164.698245][ T6928] dump_stack_lvl+0x100/0x190 [ 164.698289][ T6928] should_fail_ex.cold+0x5/0xa [ 164.698320][ T6928] should_failslab+0xc2/0x120 [ 164.698354][ T6928] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 164.698387][ T6928] ? _raw_spin_unlock+0x28/0x50 [ 164.698428][ T6928] ? alloc_inode+0x183/0x250 [ 164.698475][ T6928] ? alloc_inode+0x183/0x250 [ 164.698511][ T6928] alloc_inode+0x183/0x250 [ 164.698549][ T6928] new_inode+0x22/0x1c0 [ 164.698584][ T6928] ? dput.part.0+0xdd/0x570 [ 164.698624][ T6928] simple_fill_super+0x2d9/0x680 [ 164.698659][ T6928] ? __pfx_nfsd_fill_super+0x10/0x10 [ 164.698701][ T6928] nfsd_fill_super+0x98/0x560 [ 164.698741][ T6928] ? __pfx_set_anon_super_fc+0x10/0x10 [ 164.698792][ T6928] ? __pfx_nfsd_fill_super+0x10/0x10 [ 164.698835][ T6928] get_tree_keyed+0x10e/0x1d0 [ 164.698864][ T6928] vfs_get_tree+0x92/0x320 [ 164.698904][ T6928] path_mount+0x7d0/0x23d0 [ 164.698944][ T6928] ? __pfx_path_mount+0x10/0x10 [ 164.698981][ T6928] ? kmem_cache_free+0x143/0x720 [ 164.699021][ T6928] ? strncpy_from_user+0x19d/0x2d0 [ 164.699048][ T6928] ? putname+0xb1/0x110 [ 164.699092][ T6928] ? __x64_sys_mount+0x293/0x310 [ 164.699124][ T6928] __x64_sys_mount+0x293/0x310 [ 164.699160][ T6928] ? __pfx___x64_sys_mount+0x10/0x10 [ 164.699206][ T6928] do_syscall_64+0x106/0xf80 [ 164.699231][ T6928] ? clear_bhb_loop+0x40/0x90 [ 164.699264][ T6928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.699292][ T6928] RIP: 0033:0x7f06b8f9bf79 [ 164.699314][ T6928] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 164.699340][ T6928] RSP: 002b:00007f06b9d71028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 164.699366][ T6928] RAX: ffffffffffffffda RBX: 00007f06b9216180 RCX: 00007f06b8f9bf79 [ 164.699384][ T6928] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000 [ 164.699401][ T6928] RBP: 00007f06b90327e0 R08: 0000000000000000 R09: 0000000000000000 [ 164.699418][ T6928] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 164.699434][ T6928] R13: 00007f06b9216218 R14: 00007f06b9216180 R15: 00007fff6c6bb9b8 [ 164.699472][ T6928] [ 165.707569][ T5834] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 165.770402][ T5834] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 165.770435][ T5834] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 165.785249][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 165.785285][ T5834] Bluetooth: hci3: adv larger than maximum supported [ 165.792604][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x5f [ 165.799356][ T5834] Bluetooth: hci3: Malformed LE Event: 0x0d [ 165.874575][ T6934] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 165.880625][ T6934] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 165.886847][ T6934] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 165.893158][ T6934] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 166.192401][ T5834] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 166.544020][ T30] audit: type=1800 audit(1770865618.535:12): pid=6960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.226" name="dbroot" dev="configfs" ino=15412 res=0 errno=0 [ 167.105423][ T6968] input: jJǸ-9%vJ86 as /devices/virtual/input/input33 [ 167.904492][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 167.910528][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 167.916592][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 168.203106][ T5834] Bluetooth: hci2: unexpected event for opcode 0x7c89 [ 168.375481][ T30] audit: type=1800 audit(1770865620.375:13): pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.231" name="dbroot" dev="configfs" ino=15544 res=0 errno=0 [ 169.361658][ T6996] random: crng reseeded on system resumption [ 169.622904][ T7000] input: jJǸ-9%vJ86 as /devices/virtual/input/input34 [ 169.877806][ T6998] hub 1-0:1.0: USB hub found [ 169.923243][ T6998] hub 1-0:1.0: 1 port detected [ 170.002747][ T5834] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 170.749738][ T30] audit: type=1800 audit(1770865622.735:14): pid=7020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.241" name="dbroot" dev="configfs" ino=16609 res=0 errno=0 [ 171.977330][ T5834] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 172.348766][ T30] audit: type=1800 audit(1770865624.345:15): pid=7061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.253" name="dbroot" dev="configfs" ino=15915 res=0 errno=0 [ 172.442786][ T7060] random: crng reseeded on system resumption [ 172.820240][ T7065] hub 1-0:1.0: USB hub found [ 172.876828][ T7065] hub 1-0:1.0: 1 port detected [ 173.242964][ T7072] FAULT_INJECTION: forcing a failure. [ 173.242964][ T7072] name failslab, interval 1, probability 0, space 0, times 0 [ 173.255923][ T7072] CPU: 0 UID: 0 PID: 7072 Comm: syz.3.254 Not tainted syzkaller #0 PREEMPT(full) [ 173.255959][ T7072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 173.255975][ T7072] Call Trace: [ 173.255983][ T7072] [ 173.255994][ T7072] dump_stack_lvl+0x100/0x190 [ 173.256039][ T7072] should_fail_ex.cold+0x5/0xa [ 173.256071][ T7072] should_failslab+0xc2/0x120 [ 173.256105][ T7072] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 173.256139][ T7072] ? _raw_spin_unlock+0x28/0x50 [ 173.256179][ T7072] ? alloc_inode+0x183/0x250 [ 173.256222][ T7072] ? alloc_inode+0x183/0x250 [ 173.256270][ T7072] alloc_inode+0x183/0x250 [ 173.256309][ T7072] new_inode+0x22/0x1c0 [ 173.256343][ T7072] ? dput.part.0+0xdd/0x570 [ 173.256384][ T7072] simple_fill_super+0x2d9/0x680 [ 173.256419][ T7072] ? __pfx_nfsd_fill_super+0x10/0x10 [ 173.256461][ T7072] nfsd_fill_super+0x98/0x560 [ 173.256501][ T7072] ? __pfx_set_anon_super_fc+0x10/0x10 [ 173.256541][ T7072] ? __pfx_nfsd_fill_super+0x10/0x10 [ 173.256582][ T7072] get_tree_keyed+0x10e/0x1d0 [ 173.256611][ T7072] vfs_get_tree+0x92/0x320 [ 173.256650][ T7072] path_mount+0x7d0/0x23d0 [ 173.256690][ T7072] ? __pfx_path_mount+0x10/0x10 [ 173.256727][ T7072] ? kmem_cache_free+0x143/0x720 [ 173.256766][ T7072] ? strncpy_from_user+0x19d/0x2d0 [ 173.256793][ T7072] ? putname+0xb1/0x110 [ 173.256835][ T7072] ? __x64_sys_mount+0x293/0x310 [ 173.256867][ T7072] __x64_sys_mount+0x293/0x310 [ 173.256901][ T7072] ? __pfx___x64_sys_mount+0x10/0x10 [ 173.256947][ T7072] do_syscall_64+0x106/0xf80 [ 173.256973][ T7072] ? clear_bhb_loop+0x40/0x90 [ 173.257083][ T7072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.257112][ T7072] RIP: 0033:0x7f6f7c39bf79 [ 173.257135][ T7072] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 173.257161][ T7072] RSP: 002b:00007f6f7a5f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 173.257185][ T7072] RAX: ffffffffffffffda RBX: 00007f6f7c616180 RCX: 00007f6f7c39bf79 [ 173.257200][ T7072] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000 [ 173.257217][ T7072] RBP: 00007f6f7c4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 173.257232][ T7072] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 173.257247][ T7072] R13: 00007f6f7c616218 R14: 00007f6f7c616180 R15: 00007fff17fb8448 [ 173.257282][ T7072] [ 173.832144][ T5834] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 173.992939][ T5834] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 173.992975][ T5834] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 174.014152][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 174.014190][ T5834] Bluetooth: hci3: adv larger than maximum supported [ 174.021296][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x5f [ 174.028011][ T5834] Bluetooth: hci3: Malformed LE Event: 0x0d [ 174.701894][ T30] audit: type=1800 audit(1770865626.695:16): pid=7090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.259" name="dbroot" dev="configfs" ino=15978 res=0 errno=0 [ 174.853331][ T7089] input: jJǸ-9%vJ86 as /devices/virtual/input/input36 [ 175.433861][ T7102] input: 9%vJ,6 as /devices/virtual/input/input37 [ 175.442838][ T7104] FAULT_INJECTION: forcing a failure. [ 175.442838][ T7104] name failslab, interval 1, probability 0, space 0, times 0 [ 175.457544][ T7104] CPU: 1 UID: 0 PID: 7104 Comm: syz.1.263 Not tainted syzkaller #0 PREEMPT(full) [ 175.457578][ T7104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 175.457593][ T7104] Call Trace: [ 175.457601][ T7104] [ 175.457611][ T7104] dump_stack_lvl+0x100/0x190 [ 175.457656][ T7104] should_fail_ex.cold+0x5/0xa [ 175.457715][ T7104] should_failslab+0xc2/0x120 [ 175.457753][ T7104] __kmalloc_node_noprof+0xfb/0x9e0 [ 175.457784][ T7104] ? alloc_slab_obj_exts+0x46/0x110 [ 175.457827][ T7104] ? alloc_slab_obj_exts+0x46/0x110 [ 175.457861][ T7104] alloc_slab_obj_exts+0x46/0x110 [ 175.457897][ T7104] new_slab+0x354/0x440 [ 175.457936][ T7104] ___slab_alloc+0xdb3/0x1cb0 [ 175.457976][ T7104] ? sk_prot_alloc+0x60/0x2a0 [ 175.458026][ T7104] ? sk_prot_alloc+0x60/0x2a0 [ 175.458068][ T7104] ? __slab_alloc.isra.0+0x63/0x110 [ 175.458107][ T7104] __slab_alloc.isra.0+0x63/0x110 [ 175.458152][ T7104] kmem_cache_alloc_noprof+0x4ec/0x780 [ 175.458182][ T7104] ? sk_prot_alloc+0x60/0x2a0 [ 175.458227][ T7104] ? sk_prot_alloc+0x60/0x2a0 [ 175.458264][ T7104] ? find_held_lock+0x2b/0x80 [ 175.458294][ T7104] sk_prot_alloc+0x60/0x2a0 [ 175.458333][ T7104] sk_alloc+0x36/0xe80 [ 175.458365][ T7104] inet_create+0x3a0/0x1060 [ 175.458391][ T7104] ? inet_create+0x94/0x1060 [ 175.458421][ T7104] __sock_create+0x339/0x860 [ 175.458471][ T7104] __sys_socket+0x14d/0x260 [ 175.458495][ T7104] ? fput+0x79/0x100 [ 175.458525][ T7104] ? __pfx___sys_socket+0x10/0x10 [ 175.458548][ T7104] ? xfd_validate_state+0x129/0x190 [ 175.458589][ T7104] __x64_sys_socket+0x72/0xb0 [ 175.458614][ T7104] ? lockdep_hardirqs_on+0x78/0x100 [ 175.458640][ T7104] do_syscall_64+0x106/0xf80 [ 175.458665][ T7104] ? clear_bhb_loop+0x40/0x90 [ 175.458698][ T7104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.458722][ T7104] RIP: 0033:0x7f9e7e59bf79 [ 175.458743][ T7104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 175.458769][ T7104] RSP: 002b:00007f9e7f44f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 175.458795][ T7104] RAX: ffffffffffffffda RBX: 00007f9e7e815fa0 RCX: 00007f9e7e59bf79 [ 175.458812][ T7104] RDX: 0000000000000100 RSI: 0000000000000801 RDI: 0000000000000002 [ 175.458827][ T7104] RBP: 00007f9e7e6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 175.458842][ T7104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 175.458858][ T7104] R13: 00007f9e7e816038 R14: 00007f9e7e815fa0 R15: 00007ffc96db8798 [ 175.458895][ T7104] [ 177.083280][ T5834] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 177.219913][ T5834] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 177.219936][ T5834] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 177.235685][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 177.235704][ T5834] Bluetooth: hci3: adv larger than maximum supported [ 177.242740][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x5f [ 177.249497][ T5834] Bluetooth: hci3: Malformed LE Event: 0x0d [ 178.715452][ T5834] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 178.865276][ T5834] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 178.865313][ T5834] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 178.880740][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 178.880774][ T5834] Bluetooth: hci3: adv larger than maximum supported [ 178.893441][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x5f [ 178.900470][ T5834] Bluetooth: hci3: Malformed LE Event: 0x0d [ 179.480973][ T30] audit: type=1800 audit(1770865631.445:17): pid=7203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.294" name="dbroot" dev="configfs" ino=16971 res=0 errno=0 [ 179.937184][ T30] audit: type=1800 audit(1770865631.935:18): pid=7214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.295" name="dbroot" dev="configfs" ino=17496 res=0 errno=0 [ 180.767716][ T5834] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 180.903653][ T5834] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 180.903691][ T5834] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 180.918584][ T5834] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 180.918604][ T5834] Bluetooth: hci1: adv larger than maximum supported [ 180.925669][ T5834] Bluetooth: hci1: Unknown advertising packet type: 0x5f [ 180.932333][ T5834] Bluetooth: hci1: Malformed LE Event: 0x0d [ 181.469458][ T7240] binder: 7239:7240 unknown command 3356463 [ 181.490549][ T7240] binder: 7239:7240 ioctl c0306201 0 returned -22 [ 182.104685][ T30] audit: type=1800 audit(4294967298.110:19): pid=7255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.310" name="dbroot" dev="configfs" ino=17066 res=0 errno=0 [ 182.616372][ T7263] vivid-007: ================= START STATUS ================= [ 182.624905][ T7263] vivid-007: Enable Output Cropping: true [ 182.630747][ T7263] vivid-007: Enable Output Composing: true [ 182.652148][ T7263] vivid-007: Enable Output Scaler: true [ 182.684727][ T7263] vivid-007: Tx RGB Quantization Range: Automatic [ 182.737415][ T7263] vivid-007: Transmit Mode: HDMI [ 182.743868][ T7263] vivid-007: Hotplug Present: 0x00000000 [ 182.750384][ T7263] vivid-007: RxSense Present: 0x00000000 [ 182.759499][ T7263] vivid-007: EDID Present: 0x00000000 [ 182.786613][ T7275] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0 [ 182.885091][ T7263] vivid-007: ================== END STATUS ================== [ 183.144393][ T7287] binder: 7286:7287 ioctl 4018620d 0 returned -22 [ 183.632673][ T30] audit: type=1800 audit(4294967299.631:20): pid=7302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.324" name="dbroot" dev="configfs" ino=17700 res=0 errno=0 [ 183.859249][ T7307] input: 9%vJ,6 as /devices/virtual/input/input38 [ 184.379986][ T30] audit: type=1800 audit(4294967300.381:21): pid=7314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.327" name="dbroot" dev="configfs" ino=17716 res=0 errno=0 [ 184.511278][ T30] audit: type=1800 audit(4294967300.511:22): pid=7283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.318" name="features" dev="configfs" ino=17725 res=0 errno=0 [ 185.041987][ T5834] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 185.193623][ T5834] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 185.193662][ T5834] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 185.209788][ T5834] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 185.209822][ T5834] Bluetooth: hci1: adv larger than maximum supported [ 185.216983][ T5834] Bluetooth: hci1: Unknown advertising packet type: 0x5f [ 185.223748][ T5834] Bluetooth: hci1: Malformed LE Event: 0x0d [ 185.307942][ T5834] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 185.505433][ T5834] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 185.505456][ T5834] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 185.520181][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 185.520198][ T5834] Bluetooth: hci3: adv larger than maximum supported [ 185.527319][ T5834] Bluetooth: hci3: Unknown advertising packet type: 0x5f [ 185.534081][ T5834] Bluetooth: hci3: Malformed LE Event: 0x0d [ 185.916781][ T7343] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 186.210839][ T7349] sctp: [Deprecated]: syz.1.339 (pid 7349) Use of struct sctp_assoc_value in delayed_ack socket option. [ 186.210839][ T7349] Use struct sctp_sack_info instead [ 186.448850][ T5834] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 186.581482][ T5834] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 186.581518][ T5834] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 186.601076][ T5834] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 186.601106][ T5834] Bluetooth: hci1: adv larger than maximum supported [ 186.608861][ T5834] Bluetooth: hci1: Unknown advertising packet type: 0x5f [ 186.615898][ T5834] Bluetooth: hci1: Malformed LE Event: 0x0d [ 186.691627][ T5834] Bluetooth: hci2: unexpected event for opcode 0x7c89 [ 186.882822][ T5834] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 186.882857][ T5834] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 186.897806][ T5834] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 186.897853][ T5834] Bluetooth: hci2: adv larger than maximum supported [ 186.905473][ T5834] Bluetooth: hci2: Unknown advertising packet type: 0x5f [ 186.913223][ T5834] Bluetooth: hci2: Malformed LE Event: 0x0d [ 187.035443][ T7353] binder: 7352:7353 ioctl c018620c 0 returned -1 [ 188.623749][ T30] audit: type=1800 audit(4294967298.500:23): pid=7400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.355" name="dbroot" dev="configfs" ino=18460 res=0 errno=0 [ 188.677573][ T7401] vivid-009: ================= START STATUS ================= [ 188.737620][ T7401] vivid-009: Radio HW Seek Mode: Bounded [ 188.771220][ T7401] vivid-009: Radio Programmable HW Seek: false [ 188.788910][ T7401] vivid-009: RDS Rx I/O Mode: Block I/O [ 188.811707][ T7401] vivid-009: Generate RBDS Instead of RDS: false [ 188.883709][ T7401] vivid-009: RDS Reception: true [ 188.916916][ T7401] vivid-009: RDS Program Type: 0 inactive [ 188.937756][ T7401] vivid-009: RDS PS Name: inactive [ 188.953885][ T7401] vivid-009: RDS Radio Text: inactive [ 188.981296][ T7401] vivid-009: RDS Traffic Announcement: false inactive [ 189.039387][ T7401] vivid-009: RDS Traffic Program: false inactive [ 189.080461][ T7401] vivid-009: RDS Music: false inactive [ 189.091252][ T7401] vivid-009: ================== END STATUS ================== [ 190.400503][ T5834] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 190.534106][ T5834] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 190.534141][ T5834] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 190.552561][ T5834] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 190.552610][ T5834] Bluetooth: hci0: adv larger than maximum supported [ 190.559841][ T5834] Bluetooth: hci0: Unknown advertising packet type: 0x5f [ 190.567363][ T5834] Bluetooth: hci0: Malformed LE Event: 0x0d [ 193.854702][ T7517] FAULT_INJECTION: forcing a failure. [ 193.854702][ T7517] name failslab, interval 1, probability 0, space 0, times 0 [ 193.889846][ T7517] CPU: 1 UID: 0 PID: 7517 Comm: syz.1.400 Not tainted syzkaller #0 PREEMPT(full) [ 193.889884][ T7517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 193.889911][ T7517] Call Trace: [ 193.889921][ T7517] [ 193.889931][ T7517] dump_stack_lvl+0x100/0x190 [ 193.889978][ T7517] should_fail_ex.cold+0x5/0xa [ 193.890010][ T7517] should_failslab+0xc2/0x120 [ 193.890044][ T7517] kmem_cache_alloc_noprof+0x83/0x780 [ 193.890077][ T7517] ? __anon_vma_prepare+0x344/0x5e0 [ 193.890134][ T7517] ? __anon_vma_prepare+0x344/0x5e0 [ 193.890174][ T7517] __anon_vma_prepare+0x344/0x5e0 [ 193.890211][ T7517] ? update_cfs_rq_load_avg+0x51/0x550 [ 193.890249][ T7517] ? look_up_lock_class+0x55/0x120 [ 193.890280][ T7517] madvise_guard_install+0x658/0x830 [ 193.890324][ T7517] ? __pfx_madvise_guard_install+0x10/0x10 [ 193.890358][ T7517] ? finish_task_switch.isra.0+0x200/0xb80 [ 193.890398][ T7517] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 193.890430][ T7517] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 193.890463][ T7517] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 193.890501][ T7517] ? __pfx_guard_install_set_pte+0x10/0x10 [ 193.890543][ T7517] ? mtree_range_walk+0x6ce/0xcd0 [ 193.890588][ T7517] madvise_vma_behavior+0x1006/0x2a40 [ 193.890628][ T7517] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 193.890658][ T7517] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 193.890695][ T7517] ? mas_prev+0x9b/0xf0 [ 193.890723][ T7517] ? __pfx_mas_prev+0x10/0x10 [ 193.890762][ T7517] ? find_vma_prev+0xd8/0x150 [ 193.890795][ T7517] ? lock_vma_under_rcu+0x1f9/0x5a0 [ 193.890837][ T7517] ? __pfx_find_vma_prev+0x10/0x10 [ 193.890881][ T7517] ? find_held_lock+0x2b/0x80 [ 193.890917][ T7517] ? madvise_do_behavior+0x1ea/0x510 [ 193.890953][ T7517] ? madvise_do_behavior+0x1ea/0x510 [ 193.890996][ T7517] madvise_walk_vmas+0x2fe/0xa90 [ 193.891035][ T7517] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 193.891077][ T7517] ? futex_hash+0x2c5/0x380 [ 193.891119][ T7517] madvise_do_behavior+0x1ea/0x510 [ 193.891156][ T7517] ? __pfx_madvise_do_behavior+0x10/0x10 [ 193.891175][ T7517] ? futex_wait+0x125/0x380 [ 193.891199][ T7517] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 193.891221][ T7517] do_madvise+0x195/0x240 [ 193.891240][ T7517] ? __pfx_do_madvise+0x10/0x10 [ 193.891258][ T7517] ? do_futex+0x192/0x350 [ 193.891274][ T7517] ? find_held_lock+0x2b/0x80 [ 193.891300][ T7517] ? xfd_validate_state+0x129/0x190 [ 193.891322][ T7517] __x64_sys_madvise+0xa9/0x110 [ 193.891341][ T7517] ? lockdep_hardirqs_on+0x78/0x100 [ 193.891355][ T7517] do_syscall_64+0x106/0xf80 [ 193.891368][ T7517] ? clear_bhb_loop+0x40/0x90 [ 193.891386][ T7517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.891400][ T7517] RIP: 0033:0x7f9e7e59bf79 [ 193.891413][ T7517] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 193.891426][ T7517] RSP: 002b:00007f9e7f44f028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 193.891446][ T7517] RAX: ffffffffffffffda RBX: 00007f9e7e815fa0 RCX: 00007f9e7e59bf79 [ 193.891456][ T7517] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 193.891465][ T7517] RBP: 00007f9e7e6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 193.891475][ T7517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.891483][ T7517] R13: 00007f9e7e816038 R14: 00007f9e7e815fa0 R15: 00007ffc96db8798 [ 193.891503][ T7517] [ 194.223517][ T7501] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 194.229558][ T7501] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 194.235559][ T7501] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 194.241572][ T7501] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 194.291970][ T7521] FAULT_INJECTION: forcing a failure. [ 194.291970][ T7521] name failslab, interval 1, probability 0, space 0, times 0 [ 194.304808][ T7521] CPU: 1 UID: 0 PID: 7521 Comm: syz.3.402 Not tainted syzkaller #0 PREEMPT(full) [ 194.304828][ T7521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 194.304837][ T7521] Call Trace: [ 194.304843][ T7521] [ 194.304849][ T7521] dump_stack_lvl+0x100/0x190 [ 194.304874][ T7521] should_fail_ex.cold+0x5/0xa [ 194.304892][ T7521] should_failslab+0xc2/0x120 [ 194.304909][ T7521] __kvmalloc_node_noprof+0x101/0xac0 [ 194.304926][ T7521] ? v4l2_ctrl_new+0x4a6/0x23a0 [ 194.304940][ T7521] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 194.304967][ T7521] ? v4l2_ctrl_new+0x4a6/0x23a0 [ 194.304981][ T7521] v4l2_ctrl_new+0x4a6/0x23a0 [ 194.305001][ T7521] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 194.305013][ T7521] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 194.305035][ T7521] v4l2_ctrl_new_std+0x1bb/0x290 [ 194.305058][ T7521] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 194.305071][ T7521] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 194.305087][ T7521] ? trace_kmalloc+0x83/0xb0 [ 194.305112][ T7521] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 194.305139][ T7521] ? media_request_object_init+0x105/0x180 [ 194.305163][ T7521] vim2m_open+0x164/0x830 [ 194.305186][ T7521] v4l2_open+0x1d2/0x490 [ 194.305200][ T7521] ? __pfx_v4l2_open+0x10/0x10 [ 194.305213][ T7521] chrdev_open+0x234/0x6a0 [ 194.305228][ T7521] ? __pfx_apparmor_file_open+0x10/0x10 [ 194.305250][ T7521] ? __pfx_chrdev_open+0x10/0x10 [ 194.305267][ T7521] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 194.305287][ T7521] do_dentry_open+0x6d8/0x1660 [ 194.305301][ T7521] ? __pfx_chrdev_open+0x10/0x10 [ 194.305322][ T7521] vfs_open+0x82/0x3f0 [ 194.305343][ T7521] path_openat+0x208c/0x31a0 [ 194.305365][ T7521] ? __pfx_path_openat+0x10/0x10 [ 194.305387][ T7521] do_file_open+0x20e/0x430 [ 194.305404][ T7521] ? __pfx_do_file_open+0x10/0x10 [ 194.305433][ T7521] ? alloc_fd+0x476/0x790 [ 194.305450][ T7521] ? do_getname+0x191/0x390 [ 194.305470][ T7521] do_sys_openat2+0x10d/0x1e0 [ 194.305490][ T7521] ? __pfx_do_sys_openat2+0x10/0x10 [ 194.305510][ T7521] ? __fget_files+0x21f/0x3d0 [ 194.305529][ T7521] __x64_sys_openat+0x12d/0x210 [ 194.305548][ T7521] ? __pfx___x64_sys_openat+0x10/0x10 [ 194.305567][ T7521] ? xfd_validate_state+0x129/0x190 [ 194.305592][ T7521] do_syscall_64+0x106/0xf80 [ 194.305606][ T7521] ? clear_bhb_loop+0x40/0x90 [ 194.305623][ T7521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.305637][ T7521] RIP: 0033:0x7f6f7c39bf79 [ 194.305650][ T7521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 194.305664][ T7521] RSP: 002b:00007f6f7d190028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 194.305678][ T7521] RAX: ffffffffffffffda RBX: 00007f6f7c615fa0 RCX: 00007f6f7c39bf79 [ 194.305689][ T7521] RDX: 000000000002aa01 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 194.305698][ T7521] RBP: 00007f6f7c4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 194.305706][ T7521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.305715][ T7521] R13: 00007f6f7c616038 R14: 00007f6f7c615fa0 R15: 00007fff17fb8448 [ 194.305735][ T7521] [ 195.007152][ T5823] BUG: Bad rss-counter state mm:ffff888029114980 type:MM_FILEPAGES val:1696 Comm:syz-executor Pid:5823 [ 195.229141][ T30] audit: type=1800 audit(4294967305.120:24): pid=7540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.408" name="dbroot" dev="configfs" ino=18721 res=0 errno=0 [ 195.581106][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 196.301217][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 196.301237][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 196.301253][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 199.344526][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.350850][ T1302] ieee802154 phy1 wpan1: encryption failed: -22